I am currently developing a tool in which I have to trace a program to know his system calls. For the moment, I am able to get numeric parameters of syscalls but I can't get properly address to the strings.
Here is the way I proceed :
long addr = ptrace(PTRACE_PEEKDATA, pid, regs.ebx, NULL);
printf("%s", (char *) &addr);
With that piece of code I can get the beginning of the string (3 or 4 first characters) but the end is corrupted, I don't know why.
Have you got any solution ? Thank you.
Are you sure that you don't want this instead?
printf("%lX", addr);