Example not working on Debian sid

alfonsosanchezbeato / ptrace-redirect

Example code for changing syscall arguments using ptrace

BSD Zero Clause License

46 stars 21 forks source link

Example not working on Debian sid #1

Open manuels opened 6 years ago

manuels commented 6 years ago

I just want to leave a note that the example with cat TWO.txt does not work on a recent Debian sid. The reason is, that cat now uses the openat() syscall instead of open(). Anyway, great code project! Thanks @alfonsosanchezbeato!

hanwen commented 4 years ago

when adapting for openat(), you have to get the 2nd argument to the syscall (from RSI), rather than the 1st.

Alternatively,

  struct ptrace_syscall_info info =  {};
  int err = ptrace(PTRACE_GET_SYSCALL_INFO, child, sizeof(info),  &info);

will work on recent linux kernels and is architecture independent.