I have program, that has structure defined like this:
struct foo {
int magic;
int bar;
};
And when I create an object of this struct, I always do the following:
object.magic = 654321;
This program eventually will die with core dump generated.
Is it possible to make c++ program that would automatically count all find all bar values and for example sum it?
PS. so far I've investigated that I can not simply open core as binary and search for 654321 converted to hexadecimal (nothing found in hex editor). Wikipedia says that modern unix system uses ELF, but unfortunately I don't understand all header system as I'm quite unexperienced programmer.
Is there a way to get this bar without learning whole header structure?
so far I've investigated that I can not simply open core as binary and search for 654321 converted to hexadecimal (nothing found in hex editor).
I would expect that to produce some matches. Make sure you got the endianness right when you did the search.
N.B. Whatever method you use to do this, it will necessarily be an approximation. You can't expect a search like this to always locate all instances of foo and nothing else (especially after an event that caused the process to crash).