Patching files with ADB is accomplished with the
write,
w or W, request (which is not like the ed editor write command).
This is often used in conjunction with the
locate,
l or L
request.
In general, the request syntax for l and w are similar as follows:
?l value
The request l is used to match on two bytes, L is used for
four bytes.
The request w is used to write two bytes, whereas
W writes four bytes.
The value field in either
locate
or
write
requests
is an expression.
Therefore, decimal and octal numbers, or character strings are supported.
In order to modify a file, ADB must be called as:
adb -w file1 file2
When called with this option,
file1
and
file2
are created if necessary and opened for both reading and writing.
For example, consider the C program shown in Figure 10.
We can change the word "This" to "The " in the executable file
for this program, ex7, by using the following requests:
adb -w ex7 -
?l 'Th'
?W 'The '
The request ?l starts at dot and stops at the first match of "Th"
having set dot to the address of the location found.
Note the use of ? to write to the
a.out
file.
The form ?* would have been used for a 411 file.
More frequently the
request will be typed as:
?l 'Th'; ?s
and locates the first occurrence of "Th" and print the entire string.
Execution of this ADB request will set dot to the address of the
"Th" characters.
As another example of the utility of the patching facility,
consider a C program that has an internal logic flag.
The flag could be set by the user through ADB and the program run.
For example:
adb a.out -
:s arg1 arg2
flag/w 1
:c
The :s request is normally used to single step through a process
or start a process in single step mode.
In this case it starts
a.out
as a subprocess
with arguments arg1 and arg2.
If there is a subprocess running ADB writes to it rather than to the file
so the w request causes flag to be changed in the memory of the subprocess.