The function derefMem is dangerous.
It try to dereference a pointer without knowing if it's valid or not ?
Example:
pin.sh -t triton.so -startAnalysis check -- samples/crackmes/crackme_sample
The crackme_sample try to read argv[1] even if there is no arguments at all and so it stops
abruptly with a segment fault.
However,right now, the SIGSEV signal comes from the pintool itself and not the program. That's
why our callback that would catch this signal doesn't work.
Sound fair, Pin instruments the program and not the pintool.
Here, the crash comes from the use of the derefMem function with a NULL pointer.
How can we handle this problem ?
This invalid dereferencement must happen, we seek this kind of crash!
The program must be the one doing it. So let's it doing first!
Solution:
- Each instruction where there is a dereferecement MUST be instrumented AFTER the execution
of the instruction!
- derefMem MUST be used only in callback called after the execution of the instruction!