Answer the question
In order to leave comments, you need to log in
T
T
Trotil2014-03-16 23:25:24
Trotil, 2014-03-16 23:25:24
How to find the moment of allocation and initialization of some memory area in a binary?
Given: some program, you need to find the moment of initialization of some memory area.
Initially, accessing this address in gdb causes an error:
p/x *0x1234
Cannot access memory at address 0x1234
At some point, memory is allocated and the address becomes read/write:
p/x *
0x1234
0x0
same!)
it is necessary to define this moment.
--------------------------------------
What can be done in gdb?
I tried, for example:
1) watch *0x1234 - doesn't work, the debugger freezes
2) make a macro that runs N times, which prints "p/x *0x1234" for each instruction. The macro does not work, it stops right after the error.
3 answer(s)
@Trotil
@icelaba
J
jcmvbkbc, 2014-03-16 @Trotil
I would run the application under strace and look for mmap which return a close address.
Well, or if gdb is required, then a breakpoint to return from mmap to libc.
I
Ivan Starkov, 2014-03-16 @icelaba
Hang a conditioner break on the exit from malloc (on mmap or whatever your memory allocates)
example here stackoverflow.com/questions/4498965/how-to-set-con...
pay attention to these lines there The breakpoint address may vary with libc versions
Similar questions
L
I
Igor L2021-01-07 18:20:21
Why does windows explorer crash when viewing network folder permissions?
0Reply
A
I
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question