我写了这个pintool:
#include "pin.H"
#include <iostream>
#include <fstream>
VOID Instruction(INS ins, VOID *v)
{
cout << INS_Disassemble(ins) << endl;
}
VOID Fini(INT32 code, VOID *v)
{
cout << "Fin" << endl;
}
int main(int argc, char *argv[])
{
if( PIN_Init(argc,argv) )
{
cout << "Erreur PIN_Init" << endl;
return 0;
}
INS_AddInstrumentFunction(Instruction, 0);
PIN_AddFiniFunction(Fini, 0);
PIN_StartProgram();
return 0;
}
我正在打印所有说明。我现在要做的是显示指令地址(EIP)
我怎样才能做到这一点 ?
谢谢
#include "pin.H"
#include <iostream>
#include <fstream>
#include <string>
VOID DisplayInstruction(ADDRINT instructionAddress,string assemblyCode)
{
cout<<std::hex<<instructionAddress<<":"<<std::dec<<assemblyCode<<"\n";
}
VOID Instruction(INS ins, VOID *v)
{
INS_InsertCall(ins, IPOINT_BEFORE, (AFUNPTR)DisplayInstruction,
IARG_INST_PTR, IARG_REG_VALUE,
new string(INS_Assemble(ins)), IARG_END);
}
VOID Fini(INT32 code, VOID *v)
{
cout << "Fin" << endl;
}
int main(int argc, char *argv[])
{
if( PIN_Init(argc,argv) )
{
cout << "Erreur PIN_Init" << endl;
return 0;
}
INS_AddInstrumentFunction(Instruction, 0);
PIN_AddFiniFunction(Fini, 0);
PIN_StartProgram();
return 0;
}