On Tuesday 23 August 2005 20:05, Vitaliy Margolen wrote: > As of todays CVS Delphi 5 debugger is fixed. > > Well, ok, there are still some bugs. One is a minor bug (Module view > reports all modules as a project executable name), but all exports are > there. You can even try to disassemble them. But here is where the major > problems start. Debugger segfaults on that. This is because > NtQueryVirtualMemory and > NtProtectVirtualMemory currently don't work on other processes.
What are the problems with implementing those using SIGSTOP/SIGCONT and ptrace(2)? I imagine that for example changing memory protection for another process could be achieved as follows: 1. SIGSTOP to the process 2. inject code that invokes mprotect() and stops execution 3. change EIP, ESP, etc. then SIGCONT 4. wait(pid,&status,WUNTRACED) on the child 5. remove the injected code, restore registers, SIGCONT I have never implemented such a beast so I might be way off, nevertheless it'd be interesting to hear what the problems are. phrack might also be a useful read in that respect. Cheers, Kuba
