Solved

Creative use of core dump

Posted on 1998-11-16
10
270 Views
Last Modified: 2010-04-15
We ha a quota sytem on the unix machines at our school, but after getting an 8 mb core dump today I noticed that the core dump didn't affect my quota. I was thinking of making a two part program to be able to temporarily store large files on my user, not because I need it but because it would be fun to se if it's possible
Part 1 reads a file into the memory and forces a core dump
Part 2 extracts the file from the core dump
Does anyone have any pointers how to achieve this?
I've programmed c alot, but I don't know much about core dumps.
0
Comment
Question by:skyflash
10 Comments
 
LVL 10

Expert Comment

by:rbr
ID: 1254310
Strange idea but I'm quite interested too if somebody had a solution.
0
 
LVL 86

Expert Comment

by:jkr
ID: 1254311
Well, usually core dumps are read by a debugger using a certain command line switch (can't check wich one at the moment as i'm sitting at a NT box ;-)
But as the sources for e.g. gdb are available, it should be no problem to isolate the routines that read the core dump (or even better, document the format) - just see 'http://www.fsf.org/order/ftp.html' for a list of ftp servers and download gdb-4.1.6.tar.gz or gdb-4.1.7.tar.gz
0
 
LVL 1

Expert Comment

by:Staplehead
ID: 1254312
not to be a putz, but i'm assuming that you did the "obvious" (?) check to see that it's not just seeing that the file name is "core" and the permissions are set in a given way?

Larry
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 1

Author Comment

by:skyflash
ID: 1254313
Well sure I could take a look at the gdb source as well as I could take a look at some operating system sources (eg. linux) which generates a core dump but it would be rather time consuming documenting the core dump format. I mean these sources does probably do a lot more with the core dump than I need to do. There has to be some core dump specification out there already.

And regarding Larry's comment, I have tried to create a file with the name "core" and (as I expected) it affected my quota so it's not the name but how the file is created/stored that affect the quota.
0
 
LVL 1

Expert Comment

by:Staplehead
ID: 1254314
skyflash,

you've checked whether there's anything "magic" about the name, but not the permissions...

Try renaming "core" and check whether your used quota changes.  List it with "ls -l" and then create a file, maybe named "notcore" (!); use chmod, chown, and chgrp to set its permissions the same as core. finally, rename one of your files to "core", setting permissions, etc....

Larry
0
 
LVL 1

Author Comment

by:skyflash
ID: 1254315
I haven't found anything "magical" about name or permissions :(
But I found the specification below, I guess I only need to extract c_dsize bytes directly after the struct. I will probably get some other stuff in data too, but hopefully that part will look identically everytime I run my program so I can remove it easily

The core file consists of a core structure, followed by the data pages and then the stack pages of the process image.
struct core {
  int  c_magic;  /* Corefile magic number */
  int  c_len;    /* Sizeof (struct core) */
  struct regs c_regs;/* General purpose registers */
  struct exec c_aouthdr;/* A.out header */
  int  c_signo;  /* Killing signal, if any */
  int  c_tsize;  /* Text size (bytes) */
  int  c_dsize;  /* Data size (bytes) */
  int  c_ssize;  /* Stack size (bytes) */
  char c_cmdname[CORE_NAMELEN+1]; /* Command name */
  struct fpu c_fpu;/* external FPU state */
  int  c_ucode;  /* Exception no. from u_code */
};
0
 
LVL 1

Expert Comment

by:canacar
ID: 1254316
Well, how about this ...

since the core sump contains the memory image,
create a large array
fill with your data
put a signature before it (a sequence of bytes that will signify
the start of data) make sure that the sequence is not anywhere
inside the program (so you cannot hard-code the signature into
the program but have to create it on the fly.)

write rest of data
then cause a core dump

search for sýgnature on the coredump ...

note: if a dynamically allocated array wont work, you can try allocating a global array (int data[8M]) ...


0
 
LVL 1

Author Comment

by:skyflash
ID: 1254317
Yeah, that sounds reasonable. I'll add expected nymber of bytes to the signature also because it might be some trashdata in the end also
0
 
LVL 3

Accepted Solution

by:
elfie earned 200 total points
ID: 1254318
Do you want your program to make a core file?

Just program this

char *ptr = NULL;
ptr[-1] = 0;

This is the code we use to generate a 'core dump'

0
 
LVL 1

Author Comment

by:skyflash
ID: 1254319
I guess the points should have been divided between several people but that's not possible so I accept the answer to get rid of the question now.

Btw I think its nicer to just send a SIGSEGV signal instead of making the assignment ptr[-1]=0. Of course, I need more code to do it :(

0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Where is my core dump file in Ubuntu? 12 448
Pointer in one class to member in another 6 121
How to set environment variables in C 2 82
List out all word 7 288
Preface I don't like visual development tools that are supposed to write a program for me. Even if it is Xcode and I can use Interface Builder. Yes, it is a perfect tool and has helped me a lot, mainly, in the beginning, when my programs were small…
Summary: This tutorial covers some basics of pointer, pointer arithmetic and function pointer. What is a pointer: A pointer is a variable which holds an address. This address might be address of another variable/address of devices/address of fu…
The goal of this video is to provide viewers with basic examples to understand and use pointers in the C programming language.
The goal of this video is to provide viewers with basic examples to understand and use switch statements in the C programming language.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now