I wrote a PIN tool that can inject some code before and after a certain function in a binary image. It is working for a single binary image.
Now , my objective is to instrument Xserver in Linux with that tool. I tried to instrument "startx" by the PIN tool and it did not work. Later, I found that startx is only a shell script that runs other commands.
What steps I need to follow if I want to instrument xserver using PIN? Is it possible to instrument a shell script somehow using PIN?
If you want to instrument a script, you'll need to instrument the script interpreter (in your case, if your script is a shell script, you'll need to instrument your shell (e.g bash)).
In your case, as the script calls onto another script or program, you can use the -follow_execv
switch which will tell pin to inject on all child processes (you can fine-tune this behavior by using one of the Follow Child Process API).
In the end it should instrument the xinit program which seems to be started by startx.