I decided to mess around with this blog template style sheets and use a better font and change some minor things. I added three new pages at the navigation bar – one with all available gdbinit files in this site, another for my gdb patches and a tag cloud (still have to tag old posts). I will also add a page with all source code published here.
This small gdbinit implements some fixes and a new command “rint3” (check the file header for the changelog). This command will restore a previous int3 patch issued with “int3” command. For example, you use the “int3” command to manually add a software breakpoint to a chosen memory address. When gdb reaches that point and breaks, you need to manually restore the original byte and EIP/RIP (in most cases…). The “rint3” command will fix that automatically (int3 command was modified to store the needed information). For now it only supports a single int3 command. I used this trick to analyse the loader for Armadillo since gdb can’t breakpoint on it, but it will (as expected) intercept any int3 patches we manually insert. It’s still a pain having to copy & paste the address where we want to breakpoint but it’s better than manually fixing everything 🙂
The latest version can always be found here.