This discussion is archived
1 Reply Latest reply: Jul 12, 2012 1:10 AM by 895623 RSS

Print beyond null / print out buffer as hex

948800 Newbie
Currently Being Moderated
Hello,

I am trying to capture send and recv system calls using dtrace. The data being sent over these systems is a mixture of ascii and non-ascii.

I would like to be able to print out all that data as hex, regardless of type; the script below does not achieve this. Also, printf terminates the string at the null byte, despite the actual data being sent/recv'd being longer!

Any thoughts? In C, I would just print the entire buffer to file as raw-binary, or iterate through the buffer char-by-char and use '%x'.

Thanks

-----

+#!/usr/sbin/dtrace -s+

syscall::send:enter
+/pid==$1/+
+{+
printf("File descriptor: %d, Data: %S, Length: %d", arg0, copyinstr(arg1,arg2), arg2)
+}+
syscall::recv:enter
+/pid==$1/+
+{+
printf("File descriptor: %d, Data: %S, Length: %d", arg0, copyinstr(arg1,arg2), arg2)
+}+

-----

root@netra-1 # ./capture.d 6654
dtrace: script './capture.d' matches 2 probes
CPU      ID                                   FUNCTION:NAME
+38 7822 send:entry File Descriptor: 260, Data:\017\001\0, Length: 32+
+38 7822 send:entry File Descriptor: 260, Data:\017\001\0, Length: 25+

-----

Edited by: 945797 on 11-Jul-2012 08:00

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points