- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi I have a question please, I have builded a pintool with make on windows and used pin-3.13 to run the pin tool with the command :
pin -t taint.dll -- main.exe
but I did not see any results and any information about the tainted data ? Am I missing something in the pintool c++ code ? Or the functions of the pintool aren't associated with the pin-3.13 version ?
here is my source code of my pintool (taint.cpp)
And thank you so much for your response
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Thanks for reaching out to us.
We are checking your query internally, will get back to you on the updates.
Regards,
Arpita
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
You're using the pintool correctly. However I can see a number of issues with the pintool code.
First, you're using the wrong types.
For example, your analysis routine has the following signature
VOID ReadMem(UINT64 insAddr, std::string insDis, UINT64 memOp)
whereas according to your instrumentation it should be
VOID ReadMem(ADDRINT insAddr, ADDRINT insDis, ADDRINT memOp)
If you want to print insDis you should call: cout << (CHAR*)insDis << endl;
Also, there is a problem with the instrumentation:
if (INS_MemoryOperandIsRead(ins, 0) && INS_OperandIsReg(ins, 0))
else if (INS_MemoryOperandIsWritten(ins, 0)){
You are using operand index 0 without checking whether it's the operand that you want.
Moreover, it's not necessarily the same operand because INS_MemoryOperandIsRead(ins, 0) refers to the first *memory* operand,
and INS_OperandIsReg(ins, 0) refers to the first *generic* (memory or register) operand.
What happens if the instruction does not have a memory operand at all?
As for the syscall callback. I'd recommend adding some printouts inside the callback to see what syscall numbers you are getting. If you're not getting any data from your pintool it could be that you are not entering the if statement in the syscall callback.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Please let us know if your issue is resolved.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you so much for your help sir. Finaly ! It works on windows system
Thank you again !
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Glad to know that your issue is resolved. If you need any additional information, please post a new question as this thread will no longer be monitored by Intel.
Thanks!
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page