ProcessTrace Class Reference
Class to trace and modify the execution of a subprocess. More...
#include <process-trace.h>
Public Member Functions | |
| ProcessTrace () | |
| std::string | Attach (pid_t pid) |
| Attach to a running process. | |
| std::string | Detach () |
| Detach from the current process. | |
| std::string | Stop () |
| Stop the execution of the process. | |
| std::string | Continue () |
| Resume the execution of the process. | |
| std::string | SetChildMem (char *address, char *buf, size_t len) |
| Write to the process memory space. | |
| std::string | GetChildMem (char *address, char *buf, size_t len) |
| Read the process memory space. | |
| std::string | GetRegisters (struct user_regs_struct *regs) |
| Read the general process registers. | |
| std::string | SetRegisters (struct user_regs_struct *regs) |
| Modify the general process registers. | |
Protected Member Functions | |
| virtual bool | HandleSyscall (long int syscall_no, void *arg1, void *arg2, void *arg3, void *arg4, void *arg5, int &return_code) |
| Handle syscalls of a subprocess. | |
Detailed Description
Class to trace and modify the execution of a subprocess.Uses ptrace to spy or modify of a subprocess.
Definition at line 9 of file process-trace.h.
Constructor & Destructor Documentation
| ProcessTrace::ProcessTrace | ( | ) |
Definition at line 12 of file process-trace.cpp.
Member Function Documentation
| std::string ProcessTrace::Attach | ( | pid_t | pid | ) |
Attach to a running process.
- Parameters:
-
pid of the process to attach to.
- Returns:
- an empty string on success or an error string in case of error.
Definition at line 182 of file process-trace.cpp.
| std::string ProcessTrace::Continue | ( | ) |
Resume the execution of the process.
Send a SIGCONT to the subprocess.
- Returns:
- an empty string on success or an error string in case of error.
Definition at line 214 of file process-trace.cpp.
| std::string ProcessTrace::Detach | ( | ) |
Detach from the current process.
- Returns:
- an empty string on success or an error string in case of error.
Definition at line 190 of file process-trace.cpp.
| std::string ProcessTrace::GetChildMem | ( | char * | address, | |
| char * | buf, | |||
| size_t | len | |||
| ) |
Read the process memory space.
- Parameters:
-
address of the memory to read. buf pointer to the buffer where to write data. len length of the buffer.
- Returns:
- an empty string on success or an error string in case of error.
Definition at line 147 of file process-trace.cpp.
| std::string ProcessTrace::GetRegisters | ( | struct user_regs_struct * | regs | ) |
Read the general process registers.
- Parameters:
-
regs pointer that will store the registers state.
- Returns:
- an empty string on success or an error string in case of error.
Definition at line 227 of file process-trace.cpp.
| virtual bool ProcessTrace::HandleSyscall | ( | long int | syscall_no, | |
| void * | arg1, | |||
| void * | arg2, | |||
| void * | arg3, | |||
| void * | arg4, | |||
| void * | arg5, | |||
| int & | return_code | |||
| ) | [inline, protected, virtual] |
Handle syscalls of a subprocess.
This method is called when the subprocess makes a syscall. It can be used to spy or override the syscall.
- Parameters:
-
syscall_no syscall number. arg1 argument passed to the syscall. arg2 argument passed to the syscall. arg3 argument passed to the syscall. arg4 argument passed to the syscall. arg5 argument passed to the syscall. return_code is undefined when the method is called. This parameter is used to set the value returned by the overwritten syscall.
- Returns:
- true if the syscall should be oevrwritten (the subprocess won't execute it) or false if the syscall should be passed to the kernel.
Definition at line 33 of file process-trace.h.
| std::string ProcessTrace::SetChildMem | ( | char * | address, | |
| char * | buf, | |||
| size_t | len | |||
| ) |
Write to the process memory space.
- Parameters:
-
address of the memory to write. buf pointer to the buffer to write. len length of the buffer to write.
- Returns:
- an empty string on success or an error string in case of error.
Definition at line 111 of file process-trace.cpp.
| std::string ProcessTrace::SetRegisters | ( | struct user_regs_struct * | regs | ) |
Modify the general process registers.
- Parameters:
-
regs pointer to the registers state to set.
- Returns:
- an empty string on success or an error string in case of error.
Definition at line 234 of file process-trace.cpp.
| std::string ProcessTrace::Stop | ( | ) |
Stop the execution of the process.
Send a SIGSTOP to the subprocess.
- Returns:
- an empty string on success or an error string in case of error.
Definition at line 200 of file process-trace.cpp.
The documentation for this class was generated from the following files:
- src/process-trace.h
- src/process-trace.cpp
