我在iOS 6.0.1上使用gdb(从radare.org发布1708)来调试一个未知的应用程序。出于某种原因,我想分配内存,这应该通过"call (char*)malloc(size)"来工作。我已经浏览了很多使用这种调用的示例(例如这里),但所有这些调用都失败了。
(gdb) call (char*)malloc(4)
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x00000004
0x37af2060 in strcpy ()
The program being debugged was signaled while in a function called from GDB.
GDB has restored the context to what it was before the call.
To change this behavior use "set unwindonsignal off"
Evaluation of the expression containing the function (malloc) will be abandoned.
或(gdb) print (float) fab (3.0)
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x40080000
0x37b18040 in T_CString_int64ToString ()
The program being debugged was signaled while in a function called from GDB.
GDB remains in the frame where the signal was received.
To change this behavior use "set unwindonsignal on"
Evaluation of the expression containing the function (T_CString_int64ToString) will be abandoned.
为什么malloc要在参数"size"处访问内存?有什么好主意吗?或者gdb版本还没有为iOS 6.X做好准备?实际的调用似乎可以工作,但是内部函数导致失败(T_CString_int64ToString)。
GDB似乎正在尝试访问一个未映射的内存区域,这是malloc调用返回的地址。尝试连接到一个已知的应用程序/进程,看看malloc调用是否有效。
你试过1821版吗?它可以从CrackLords Repository获得,将其添加到cydia以获得此版本或者你也可以按照下面的说明自己签名iOS上的GNU调试器>= 4.3