Implementation of a lightweight debugger for ELF binaries using ptrace. More...

#include <stdint.h>
#include <elf.h>
#include <stdio.h>
#include <ctype.h>
#include "udis86.h"
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <string.h>
#include <sys/mman.h>
#include <sys/wait.h>
#include "debugger.h"
#include <sys/ptrace.h>
#include "../bx_elf_utils/bx_elf_utils.h"

Functions
void	parse_cmd (context *ctx)
	Parse and execute a user command entered in the debugger prompt.
bool	handle_action (context ctx, void args)
	Handle actions that correspond directly to simple commands (e.g., quit, help, continue, single-step).
void	print_helpCMD ()
	Print the list of available debugger commands.
bool	set_mem_reg (context ctx, void args)
	Modify the value of a register or memory location.
bool	examin_mem (context ctx, void args)
	Examine memory at a specific address.
bool	delBP (context ctx, void args)
	Delete a breakpoint by ID.
bool	step_over (context ctx, void args)
	Step over a function call instruction.
uint64_t	find_sym (context ctx, char name)
	Find the address of a symbol in the loaded program.
bool	setBP (context ctx, void args)
	Set a breakpoint at a given address or symbol name.
void	handle_bpoint (context *ctx)
	Handle a breakpoint hit by restoring the instruction and adjusting RIP.
bool	listBP (context ctx, void args)
	List all active breakpoints.
void	restore_all_BP (context *ctx, int opt)
	Restore all breakpoints to their original values or reapply traps.
void	dis_ctx (context *ctx)
	Display process registers, flags, disassembly, and stack contents.
void	init_values (bparser target, context ctx)
	Initialize the debugger context from a parsed ELF binary.
void	destroy_bp_sym (context *ctx)
	Free all breakpoint and symbol structures in the context.
void	destroy_all (context *ctx)
	Free all allocated resources in the debugger context.
bool	b_debugger (bparser target, void arg)
	Run the debugger on a given binary.

Detailed Description

Implementation of a lightweight debugger for ELF binaries using ptrace.

This file provides functionality for:

Parsing user commands
Handling breakpoints
Inspecting and modifying memory and registers
Displaying disassembly and process state
Running a target program under debugger control

Function Documentation

◆ b_debugger()

bool b_debugger	(	bparser *	target,
		void *	arg )

Run the debugger on a given binary.

Launch and manage the debugger main loop.

Forks a child process, loads the binary via memfd_create, and sets an initial breakpoint. Then enters the main command loop for user interaction.

Parameters

target	Pointer to binary parser structure with ELF data.
arg	Arguments structure containing argc and argv.

Returns: true on success, false otherwise.

◆ delBP()

bool delBP	(	context *	ctx,
		void *	args )

Delete a breakpoint by ID.

Parameters

ctx	Pointer to debugger context.
args	Breakpoint ID.

Returns: true if deletion succeeds, false otherwise.

◆ destroy_all()

void destroy_all ( context * ctx )

Free all allocated resources in the debugger context.

Destroy all context-related memory.

Parameters

ctx	Pointer to debugger context.

◆ destroy_bp_sym()

void destroy_bp_sym ( context * ctx )

Free all breakpoint and symbol structures in the context.

Free all breakpoints and symbols in the context.

Parameters

ctx	Pointer to debugger context.

◆ dis_ctx()

void dis_ctx ( context * ctx )

Display process registers, flags, disassembly, and stack contents.

Display current registers, flags, disassembly, and stack.

Parameters

ctx	Pointer to debugger context.

◆ examin_mem()

bool examin_mem	(	context *	ctx,
		void *	args )

Examine memory at a specific address.

Examine memory at a given address.

Command format: x ADDR SIZE

Parameters

ctx	Pointer to debugger context.
args	Address and size arguments.

Returns: true on success, false otherwise.

◆ find_sym()

uint64_t find_sym	(	context *	ctx,
		char *	name )

Find the address of a symbol in the loaded program.

Parameters

ctx	Pointer to debugger context.
name	Symbol name to search for.

Returns: Symbol address if found, 0 otherwise.

◆ handle_action()

bool handle_action	(	context *	ctx,
		void *	args )

Handle actions that correspond directly to simple commands (e.g., quit, help, continue, single-step).

Execute a user command.

Parameters

ctx	Pointer to debugger context.
args	Optional arguments passed with the command.

Returns: true if the command was successfully handled, false otherwise.

◆ handle_bpoint()

void handle_bpoint ( context * ctx )

Handle a breakpoint hit by restoring the instruction and adjusting RIP.

Handle breakpoint hit logic.

Parameters

ctx	Pointer to debugger context.

◆ init_values()

void init_values	(	bparser *	target,
		context *	ctx )

Initialize the debugger context from a parsed ELF binary.

Initialize context values from target binary.

Reads ELF headers and symbol tables to populate context values.

Parameters

target	Pointer to binary parser structure with ELF data.
ctx	Pointer to debugger context to initialize.

◆ listBP()

bool listBP	(	context *	ctx,
		void *	args )

List all active breakpoints.

List all breakpoints.

Parameters

ctx	Pointer to debugger context.
args	Unused.

Returns: true always.

◆ parse_cmd()

void parse_cmd ( context * ctx )

Parse and execute a user command entered in the debugger prompt.

Parse and dispatch a command from the user.

Reads a command from stdin, splits it into operator and arguments, and executes the corresponding debugger function.

Parameters

ctx	Pointer to debugger context structure containing process state.

◆ print_helpCMD()

void print_helpCMD ( )

Print the list of available debugger commands.

Print available debugger commands.

◆ restore_all_BP()

void restore_all_BP	(	context *	ctx,
		int	opt )

Restore all breakpoints to their original values or reapply traps.

Restore all breakpoints (enable or disable).

Parameters

ctx	Pointer to debugger context.
opt	If 1, restore original instruction. If 0, reset breakpoint trap.

◆ set_mem_reg()

bool set_mem_reg	(	context *	ctx,
		void *	args )

Modify the value of a register or memory location.

Modify memory or registers.

Command format: $REG=VALUE or ADDR=VALUE

Parameters

ctx	Pointer to debugger context.
args	Command argument string.

Returns: true on success, false otherwise.

◆ setBP()

bool setBP	(	context *	ctx,
		void *	args )

Set a breakpoint at a given address or symbol name.

Set a breakpoint at an address or symbol.

Parameters

ctx	Pointer to debugger context.
args	Address or symbol name.

Returns: true if the breakpoint was successfully set, false otherwise.

◆ step_over()

bool step_over	(	context *	ctx,
		void *	args )

Step over a function call instruction.

Step over a function call.

Inserts a temporary breakpoint after the call instruction and continues execution.

Parameters

ctx	Pointer to debugger context.
args	Unused.

Returns: true on success, false otherwise.

Functions

Detailed Description

Function Documentation

◆ b_debugger()

◆ delBP()

◆ destroy_all()

◆ destroy_bp_sym()

◆ dis_ctx()

◆ examin_mem()

◆ find_sym()

◆ handle_action()

◆ handle_bpoint()

◆ init_values()

◆ listBP()

◆ parse_cmd()

◆ print_helpCMD()

◆ restore_all_BP()

◆ set_mem_reg()

◆ setBP()

◆ step_over()