Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

ftrace

ltrace/strace but for local functions

Contents

Introduction

The basic idea behind the implementation is:

  1. Read in ELF file and identify symbols
  2. Fork and ptrace target process
  3. Add breakpoints to all symbols
  4. Catch breakpoints and log function call; additionally, add a temp. breakpoint to return pointer (for decreasing depthing and logging return value)
  5. Repeat

Some other fancy stuff happens in the background. For instance, if no header file is provided simple taint analysis is done on functions to determine the number of function arguments.

Installation

Usage

./ftrace <program> [arg 1] [arg2] ...

Optional parameters

  • -C - adds colored output
  • -H <file> - header file to use for function logging
  • -R - display function return values
  • -o <file> - specifies output file (replaces stderr)
  • -h - display this message

Example

test.c

#include <stdio.h>
#include <stdlib.h>

int fib(int n) {
	if (n == 0 || n == 1) return 1;
	else return fib(n - 1) + fib(n - 2);
}

int main(int argc, char **argv) {
	int n = atoi(argv[1]);
	printf("%d\n", fib(n));
	return 0;
}
$ gcc -o test test.c
$ ./ftrace ./test 3
_start()
__libc_csu_init(2, *0x7ffe0cb39158, *0x7ffe0cb39170)
main(2, *0x7ffe0cb39158)
fib(3)
  fib(2)
    fib(1)
    fib(0)
  fib(1)
3

Future work

Dependencies

Limitations

  • Currently only compatible with 64 bit ELF files.

About

trace local function calls like strace and ltrace

Topics

Resources

Releases

No releases published

Packages

No packages published