Comments (7)
I respect your opinion, however I am not agree that the current build is cumbersome. Maybe you saw it on my old Youtube video from 2018, which is very obsolete. In current version it is much easier, and, if you don't change the default paths, and have Visual Studio already installed, it takes exactly 4 steps:
- Clone the directory into your Pin tools
- Open the Visual Studio Project, and compile 32 and 64 bit version
- Run the script
move_dlls.bat
- Run
add_menu.reg
Most of the users with whom I discussed also feel that the whole process is very easy at the point. Of course it could be yet easier if I was allowed to ship compiled binaries - then I would make an automated installer for the whole thing. But since the license does not allow it, the options are limited.
Compiling the helper binaries along with the tool makes just no sense, because they are not a part of the tool itself, also they don't change each release, but very rarely. Additionally, they are independent entities, used in other projects as well.
I also don't see any real benefits of compiling the projects outside of the Pin directory - I think having all the tools in one place makes it actually more handy. But of course we have different opinions in those things, as they are a matter of taste.
Maybe I can change my mind by seeing the alternative solution that you propose, so I am open to discuss it further.
from tiny_tracer.
Regarding the options -t
and -t64
- from what I see they allows to just pass the (previously selected) tool to the execution, i.e.
-t64 [default ]
Specify tool binary for Intel(R) 64 architecture
So, form what I understand, you need to know the target's architecture prior to using those options.
While pe_check
is an app that checks the bitness of the target, and is used to decide what should be a configuration variant selected, including which DLL to pass it.
How exactly do you envision replacing pe_check
with those options? Can you write an exact commandline that would have exactly the same functionality as the current one, with pe_check
? If it works better, of course I will use it instead.
from tiny_tracer.
Sorry for the late reply, I missed the email notification. I think having an automatic installer is a good idea, and I can't find where in the license that disallows doing so. I'm referring to PIN 3.21, which has some changes in licensing from 3.18, so that might be what you're referring to? I'd admit I don't have the habit of looking through licenses.
Another reason for moving it out of the pin directory is to separate this repo's code from PIN stuff, but I can see the benefits of having all your pintools in one place.
Regarding the options -t
and -t64
, I'm aware of what they stand for, though it is implied that pin would try to detect if the target is 32bit or 64bit (it has to decide which to use for -follow_execv
afterall).
I ran a few experiments on PIN 3.21
:: Uses tool64.dll and launches test64.exe (correct)
pin -t64 tool64.dll -t tool32.dll -- test64.exe
:: Uses tool32.dll and launches test32.exe (correct)
pin -t64 tool64.dll -t tool32.dll -- test32.exe
:: Uses tool32.dll and launches C:\Windows\SysWow64\notepad.exe (wrong)
pin -t64 tool64.dll -t tool32.dll -- C:\Windows\System32\notepad.exe
:: Uses tool32.dll and launches C:\Windows\SysWow64\notepad.exe (correct)
pin -t64 tool64.dll -t tool32.dll -- C:\Windows\SysWow64\notepad.exe
:: Uses tool64.dll and launches C:\Windows\System32\notepad.exe (correct)
pin -t tool64.dll -- C:\Windows\System32\notepad.exe
:: Uses tool32.dll and launches C:\Windows\SysWow64\notepad.exe (wrong)
pin -t tool32.dll -- C:\Windows\System32\notepad.exe
Which I think, means that while pin does know which tool to use, it has some trouble parsing the path of the target binary. I'm unsure if this is intended behavior on PIN's end, but it does mean that pe_check.exe
is still necessary.
My main concern with using the pe_check.exe
is that -follow_execv
would be broken in cases when the target process launches a child with different "bitness", since pin doesn't know the existence of both pintools.
from tiny_tracer.
@JuliaPoo - thank you, I actually missed that you can pass both tools to the pin. I fixed it now.
Regarding the license, I will review the updates, and in case if distribution of the compiled binaries is now permitted, I will make an installer.
from tiny_tracer.
The current fix fails for the case of System32
and SysWow64
where the target binary is 64bit but there is a 32bit binary in the paths with the same name, and this is despite providing PIN the full path to the 64bit target. E.g. pin -t64 tool64.dll -t tool32.dll -- C:\Windows\System32\notepad.exe
is expected to launch C:\Windows\System32\notepad.exe
but it instead launches C:\Windows\SysWow64\notepad.exe
.
I'm convinced this is a bug on PIN's side (tested with 3.21 and 3.18), and this would not have been encountered in the previous solution with pe_check.exe
.
So it's either:
- Have tiny_tracer fail at the
System32
andSysWow64
case (current solution) - Have tiny_tracer fail at follow_execv where the child process is a different bitness. (previous solution).
from tiny_tracer.
Thanks for checking. In such case, I would rather choose 2) and rollback the changes.
from tiny_tracer.
Nice! Since this issue is settled, I'll be closing it.
from tiny_tracer.
Related Issues (20)
- processing all instructions HOT 2
- INS_InsertCall
- Run tiny_tracer through command line instead of right click HOT 1
- Tracing seh exception HOT 1
- Problems with vmprotect HOT 8
- More Faster tracing HOT 2
- Unable to trace Nanodump syscalls HOT 2
- Found a blog post on VMP Anti Debugging, Might not be the best. HOT 1
- Failed to trace golang program HOT 3
- Antidebug detection implementation HOT 12
- Do we need function filter support? HOT 7
- INT2D HOT 2
- Specifying target arguments when using tiny_tracer.sh on Linux? HOT 1
- Crash on dumping parameters HOT 1
- Function name displayed in .pdb files HOT 7
- I suggest mentioning in the readme that my_paths.h needs to be modified HOT 2
- Please explain HOT 1
- VMProtect-AntiVM Issue HOT 3
- check that INS_IsControlFlow is true HOT 1
- You'll need a new app to open this .exe file HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tiny_tracer.