[panda-users] Hook function by name

Brendan Dolan-Gavitt brendandg at nyu.edu
Fri Mar 16 19:36:13 EDT 2018 

Yes, the PANDA 1.0 version of that function should just be something like:

getReg (CPUState *env, int index) {
    return env->regs[index];
}


On Fri, Mar 16, 2018 at 7:30 PM, Giuseppe Laurenza
<laurenza at diag.uniroma1.it> wrote:
> I thought the same things, but looking to the code I see, for example:
> getReg (CPUState *cpu, int index)
> {
>     CPUArchState *env = (CPUArchState*)cpu->env_ptr;
> …..
>
> So I think they were different structures. I modify the code to use directly the CPUState object
> Thanks
>
>
>> On Mar 16, 2018, at 19:19, Brendan Dolan-Gavitt <brendandg at nyu.edu> wrote:
>>
>> In the version of QEMU used by PANDA 1.0, the fields from CPUArchState
>> should be in the main CPUState (usually named "env").
>>
>> -Brendan
>>
>> On Fri, Mar 16, 2018 at 7:11 PM, Giuseppe Laurenza
>> <laurenza at diag.uniroma1.it> wrote:
>>> Thanks for the reply.
>>> I am trying to back port this plugin (and the pri plugin related) but I have the problem of CPUArchState object that is missing into panda v1.0. Is there any easy way to substitute it? I ask this question in order to avoid to do to many un useful things, sorry if it can appear as a stupid question.
>>> Regards
>>>
>>>> On Mar 14, 2018, at 17:45, Brendan Dolan-Gavitt <brendandg at nyu.edu> wrote:
>>>>
>>>> Have a look at libfi. Unfortunately it is currently only available in
>>>> PANDA 2.0, but it should be not to hard to backport it.
>>>>
>>>> https://github.com/panda-re/panda/blob/master/panda/plugins/libfi/libfi.cpp
>>>>
>>>> I believe that implementation requires DWARF symbols, though. If you
>>>> want to do it with just (for example) the export table symbols, you
>>>> would have to write your own.
>>>>
>>>> On Wed, Mar 14, 2018 at 5:39 PM, Giuseppe Laurenza
>>>> <laurenza at diag.uniroma1.it> wrote:
>>>>> Dear panda user,
>>>>> Is it available any function or plugin to directly hook a function knowing function and process names?
>>>>> Thanks in advance
>>>>> _______________________________________________
>>>>> panda-users mailing list
>>>>> panda-users at mit.edu
>>>>> http://mailman.mit.edu/mailman/listinfo/panda-users
>>>>
>>>>
>>>>
>>>> --
>>>> Brendan Dolan-Gavitt
>>>> Assistant Professor, Department of Computer Science and Engineering
>>>> NYU Tandon School of Engineering
>>>
>>
>>
>>
>> --
>> Brendan Dolan-Gavitt
>> Assistant Professor, Department of Computer Science and Engineering
>> NYU Tandon School of Engineering
>



-- 
Brendan Dolan-Gavitt
Assistant Professor, Department of Computer Science and Engineering
NYU Tandon School of Engineering

More information about the panda-users mailing list