Re: Accessing program counter registers from within C or Aseembler.

[Jan Engelhardt]

>Hello,
>
>Does anybody know how to access the address of the
>current executing instruction in C while the program
>is executing?

With the aid of a second program, yes.
For one program: not directly. It's because the EIP changes while you are
calclating it.
You could f.e.:

int main(void) {

    printf("owned\n");
mark:
    printf("pwned\n");
    printf("%p\n", &&mark);
}

GCC specific.
Or you could also poke around with __builtin_return_address, or even peek at
the stack yourself.

>Also, is there a method to load a program image from
>memory not a file (an exec that works with a memory
>address)? Mainly I am looking for a method that brings
>a program image into memory modify parts of it and
>start the in-memory modified version.

No, because that opens a wide door for trojans and stack smashers.

>Can anybody think of a method to replace a thread
>image without replacing the whole process image?

It would not be a thread then.


Jan Engelhardt
-- 
Gesellschaft fÃr Wissenschaftliche Datenverarbeitung
Am Fassberg, 37077 GÃttingen, www.gwdg.de
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/