Actually I did get all this to work in the end thanks mostly to vart. And for anyone who's still curious, the answer produced another question:
Code:
//this produces a pid and memory address to test, and "pauses"
//sometimes the stop signal from ptrace makes ptrace think the process is gone tho
//but it can be run again on the stopped process..
#include <stdio.h>
int main () {
short int pid=getpid();
char this[]="that\n";
printf("%d %p\n", pid, this);
getc(stdin);
}
And the ptracer itself:
Code:
#include <stdio.h> // supply with a pid and a pointer address
#include <unistd.h>
#include <sys/types.h>
#include <sys/ptrace.h>
int main (int argc, char *argv[]) {
int pid=atoi(argv[1]), word, next, i, save;
unsigned int addr = strtoul(argv[2],NULL,0); // thanks again vart
if ((ptrace(PTRACE_ATTACH,pid,NULL,NULL)) != 0) {perror("ptrace fail");return -1;}
for (i=0; i<=5; i++) { // nb. a character at each address
if ((word=ptrace(PTRACE_PEEKTEXT,pid,addr+i,NULL)) == -1) perror("peektext fail");
else printf("%c", word);
if (i==0) save=word;
}
ptrace(PTRACE_DETACH,pid,NULL,NULL); //preserves process
printf("%d\n",save); // my next mystery
}
The purpose of int save is to reproduce the plain number at addr. addr may vary but this number is always 1952540788, so it can't be another address...for the life of me I can't see "t" or "that" in it, and this hung me up initially because I was looking for something with 116. Does anyone know what the number is?
ps. matsp: I would cheat at games, but I don't seem to have time to play any.