Date: Fri, 28 Aug 2009 12:46:50 -0500 From: Dan Nelson <dnelson@allantgroup.com> To: Steve Bertrand <steve@ibctech.ca> Cc: "freebsd-questions@freebsd.org Questions -" <freebsd-questions@freebsd.org> Subject: Re: Reading raw memory Message-ID: <20090828174650.GA2855@dan.emsphone.com> In-Reply-To: <4A97D0EE.4070304@ibctech.ca> References: <4A97D0EE.4070304@ibctech.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Aug 28), Steve Bertrand said: > I'm wondering if FreeBSD allows direct access to memory. > > What I'd like to do is try to force a Perl application to leak memory by > simulating a dangling pointer that it's garbage collection system can't > clean up. > > I'd then like to look at the raw memory address to find out if the data is > in a state where it could later be retrieved. >From within the perl process itself, it's easy. Just read the memory address directly. From another process, you will need to use the ptrace() function to attach to your target process as a debugger (PT_ATTACH). Then read its memory, using either PT_READ_D if you just want to read one int, or PT_IO, which will let you copy an arbitrary block of memory. > Is accessing memory like this permitted within the OS? If so, what type of > editor would be used to do such a thing? Perhaps a snip of C code that > one could pass in the address as a parameter? /usr/src/usr.bin/truss/syscalls.c has some examples of how to do this. See the get_struct() function. -- Dan Nelson dnelson@allantgroup.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090828174650.GA2855>