I am working on a project related to security testing of protocol implementations.
I would like to test the native IKE implementation of Windows XP, and Purify seems to be the perfect candidate for detecting memory access errors.
Following the procedure described in the "Using PurifyPlus to test unmanaged code running as a Windows Service" article (URL: https://www-304.ibm.com/support/docview.wss?uid=swg21410004) didn't do the job. I instrumented the windows service (c:\windows\system32\lsass.exe), then I run the service again and nothing appears in the Purify GUI window.
I would appreciate any suggestions and hits on what I might be doing wrong. Can somebody at least confirm that what I am trying to achieve is possible, otherwise it makes no sense to purchase the product. If my goal is unclear, I could provide more details.
Note that I had to disable the windows file protection service, which was automatically replacing the instrumented files with the original ones.
Thank you in advance!
This topic has been locked.
4 replies Latest Post - 2011-10-18T09:51:30Z by PAMG_Petar_Tsankov
Pinned topic Using Rational Purify to test a native windows service
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2011-10-18T09:51:30Z at 2011-10-18T09:51:30Z by PAMG_Petar_Tsankov
Re: Using Rational Purify to test a native windows service2011-10-15T13:53:18Z in response to PAMG_Petar_TsankovAnybody?
I will rephrase my question: Is it possible to instrument a native windows service, i.e. an executable from \windows\system32, and restart the service so that it appears in Purify?
SystemAdmin 110000D4XK2948 PostsACCEPTED ANSWER
Re: Using Rational Purify to test a native windows service2011-10-15T22:48:42Z in response to PAMG_Petar_TsankovHi Petar,
Yes, it IS possible to Purify a system service. Usually when I tell
people it's possible, they haven't yet found the Tech Note that you
referenced in your original email. In this case, you've found the
instructions, but it's still not working for you, so I'm not sure what
to recommend as a next step.
Perhaps you can refer to the instructions in the Purify online help
(see attached file). As you'll see, the attached instructions use a
slightly different approach than the Tech Note you found. Perhaps
these slight differences will get things working for you.
Are you starting the Purify GUI ahead of time? Or does it pop up
automatically (with no data inside)? When following those instructions,
it's critical that you allow the service to interact with the desktop.
If you skip this step, there's no way the Purify'd service can send
data to the Purify GUI --- and this would result in an empty Purify
Re: Using Rational Purify to test a native windows service2011-10-18T09:51:30Z in response to PAMG_Petar_TsankovHi Don,
your suggestion worked. I think the problem was that the Purify's cache directory was not in my Path.
Now I just need to find the exact service which I need to instrument (I will be testing the Windows XP's IKE protocol implementation), but for this I can ask the Microsoft people :)
Thanks a lot for your help!