> When I looked at the ptrace code it looked to me like it was intended for > inserting breakpoints for the most part. Are you saying that I can patch Mostly yes > into a process and have it vector off to executable code? At this point I've > identified at least three types of patches: a jump, a call, and simply > overwrite a few instructions (the easiest and common to all types). I'd love > to _not_ need a driver. Have a look at how gdb implements "call functionname"
