Why are there not any execve calls in my dtruss trace?












3















I have a script like this:



script.sh



#!/bin/bash



clang -v


If I do a dtruss on it then I would expect to see an execve call to clang. 



$ sudo dtruss -f -a -e ./script.sh


However, the trace does not contain an execve. Instead there is an error: 



...

 1703/0x16931:       856       4      0 sigaction(0x15, 0x7FFEE882A3B8, 0x7FFEE882A3F8)      = 0 0

 1703/0x16931:       858       4      0 sigaction(0x16, 0x7FFEE882A3C8, 0x7FFEE882A408)      = 0 0

 1703/0x16931:       874       4      0 sigaction(0x2, 0x7FFEE882A3C8, 0x7FFEE882A408)       = 0 0

 1703/0x16931:       881       4      0 sigaction(0x3, 0x7FFEE882A3C8, 0x7FFEE882A408)       = 0 0

 1703/0x16931:       883       4      0 sigaction(0x14, 0x7FFEE882A3C8, 0x7FFEE882A408)      = 0 0

dtrace: error on enabled probe ID 2149 (ID 280: syscall::execve:return): invalid address (0x7fc2b5502c30) in action #12 at DIF offset 12

 1703/0x16932:      2873:        0:       0 fork()       = 0 0

 1703/0x16932:      2879     138      5 thread_selfid(0x0, 0x0, 0x0)         = 92466 0

 1703/0x16932:      2958       8      0 issetugid(0x0, 0x0, 0x0)         = 0 0

 1703/0x16932:      2975       8      1 csrctl(0x0, 0x7FFEEE21DC3C, 0x4)         = 0 0

 1703/0x16932:      2985      12      6 csops(0x0, 0x0, 0x7FFEEE21E550)      = 0 0

 1703/0x16932:      3100      13      3 shared_region_check_np(0x7FFEEE21DA98, 0x0, 0x0)    

...



  • What is causing this error?

  • How can I get the execve command to show so that I can see the program called and its arguments?






macos dtrace dtruss







share|improve this question



























    3















    I have a script like this:



    script.sh



    #!/bin/bash
    

    
clang -v


    If I do a dtruss on it then I would expect to see an execve call to clang. 



    $ sudo dtruss -f -a -e ./script.sh


    However, the trace does not contain an execve. Instead there is an error: 



    ...
    
 1703/0x16931:       856       4      0 sigaction(0x15, 0x7FFEE882A3B8, 0x7FFEE882A3F8)      = 0 0
    
 1703/0x16931:       858       4      0 sigaction(0x16, 0x7FFEE882A3C8, 0x7FFEE882A408)      = 0 0
    
 1703/0x16931:       874       4      0 sigaction(0x2, 0x7FFEE882A3C8, 0x7FFEE882A408)       = 0 0
    
 1703/0x16931:       881       4      0 sigaction(0x3, 0x7FFEE882A3C8, 0x7FFEE882A408)       = 0 0
    
 1703/0x16931:       883       4      0 sigaction(0x14, 0x7FFEE882A3C8, 0x7FFEE882A408)      = 0 0
    
dtrace: error on enabled probe ID 2149 (ID 280: syscall::execve:return): invalid address (0x7fc2b5502c30) in action #12 at DIF offset 12
    
 1703/0x16932:      2873:        0:       0 fork()       = 0 0
    
 1703/0x16932:      2879     138      5 thread_selfid(0x0, 0x0, 0x0)         = 92466 0
    
 1703/0x16932:      2958       8      0 issetugid(0x0, 0x0, 0x0)         = 0 0
    
 1703/0x16932:      2975       8      1 csrctl(0x0, 0x7FFEEE21DC3C, 0x4)         = 0 0
    
 1703/0x16932:      2985      12      6 csops(0x0, 0x0, 0x7FFEEE21E550)      = 0 0
    
 1703/0x16932:      3100      13      3 shared_region_check_np(0x7FFEEE21DA98, 0x0, 0x0)    
    
...



    • What is causing this error?

    • How can I get the execve command to show so that I can see the program called and its arguments?






    macos dtrace dtruss







    share|improve this question

























      3












      3








      3








      I have a script like this:



      script.sh



      #!/bin/bash
      

      
clang -v


      If I do a dtruss on it then I would expect to see an execve call to clang. 



      $ sudo dtruss -f -a -e ./script.sh


      However, the trace does not contain an execve. Instead there is an error: 



      ...
      
 1703/0x16931:       856       4      0 sigaction(0x15, 0x7FFEE882A3B8, 0x7FFEE882A3F8)      = 0 0
      
 1703/0x16931:       858       4      0 sigaction(0x16, 0x7FFEE882A3C8, 0x7FFEE882A408)      = 0 0
      
 1703/0x16931:       874       4      0 sigaction(0x2, 0x7FFEE882A3C8, 0x7FFEE882A408)       = 0 0
      
 1703/0x16931:       881       4      0 sigaction(0x3, 0x7FFEE882A3C8, 0x7FFEE882A408)       = 0 0
      
 1703/0x16931:       883       4      0 sigaction(0x14, 0x7FFEE882A3C8, 0x7FFEE882A408)      = 0 0
      
dtrace: error on enabled probe ID 2149 (ID 280: syscall::execve:return): invalid address (0x7fc2b5502c30) in action #12 at DIF offset 12
      
 1703/0x16932:      2873:        0:       0 fork()       = 0 0
      
 1703/0x16932:      2879     138      5 thread_selfid(0x0, 0x0, 0x0)         = 92466 0
      
 1703/0x16932:      2958       8      0 issetugid(0x0, 0x0, 0x0)         = 0 0
      
 1703/0x16932:      2975       8      1 csrctl(0x0, 0x7FFEEE21DC3C, 0x4)         = 0 0
      
 1703/0x16932:      2985      12      6 csops(0x0, 0x0, 0x7FFEEE21E550)      = 0 0
      
 1703/0x16932:      3100      13      3 shared_region_check_np(0x7FFEEE21DA98, 0x0, 0x0)    
      
...



      • What is causing this error?

      • How can I get the execve command to show so that I can see the program called and its arguments?






      macos dtrace dtruss







      share|improve this question














      I have a script like this:



      script.sh



      #!/bin/bash
      

      
clang -v


      If I do a dtruss on it then I would expect to see an execve call to clang. 



      $ sudo dtruss -f -a -e ./script.sh


      However, the trace does not contain an execve. Instead there is an error: 



      ...
      
 1703/0x16931:       856       4      0 sigaction(0x15, 0x7FFEE882A3B8, 0x7FFEE882A3F8)      = 0 0
      
 1703/0x16931:       858       4      0 sigaction(0x16, 0x7FFEE882A3C8, 0x7FFEE882A408)      = 0 0
      
 1703/0x16931:       874       4      0 sigaction(0x2, 0x7FFEE882A3C8, 0x7FFEE882A408)       = 0 0
      
 1703/0x16931:       881       4      0 sigaction(0x3, 0x7FFEE882A3C8, 0x7FFEE882A408)       = 0 0
      
 1703/0x16931:       883       4      0 sigaction(0x14, 0x7FFEE882A3C8, 0x7FFEE882A408)      = 0 0
      
dtrace: error on enabled probe ID 2149 (ID 280: syscall::execve:return): invalid address (0x7fc2b5502c30) in action #12 at DIF offset 12
      
 1703/0x16932:      2873:        0:       0 fork()       = 0 0
      
 1703/0x16932:      2879     138      5 thread_selfid(0x0, 0x0, 0x0)         = 92466 0
      
 1703/0x16932:      2958       8      0 issetugid(0x0, 0x0, 0x0)         = 0 0
      
 1703/0x16932:      2975       8      1 csrctl(0x0, 0x7FFEEE21DC3C, 0x4)         = 0 0
      
 1703/0x16932:      2985      12      6 csops(0x0, 0x0, 0x7FFEEE21E550)      = 0 0
      
 1703/0x16932:      3100      13      3 shared_region_check_np(0x7FFEEE21DA98, 0x0, 0x0)    
      
...



      • What is causing this error?

      • How can I get the execve command to show so that I can see the program called and its arguments?






      macos dtrace dtruss




      macos dtrace dtruss






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 15 '18 at 19:49









      sdgfsdhsdgfsdh

      8,541843100




      8,541843100
























          1 Answer
          1






          active

          oldest

          votes


















          2














          This means that the DTrace script that dtruss is using internally is accessing an invalid memory address, which is happening while it's trying to trace the execve call you're curious about. So basically, dtruss (or possibly DTrace itself) appears to have a bug which is preventing you from getting the information you want. Apple hasn't been the best about keeping DTrace and the tools that depend on it working well on macOS, unfortunately :-/.



          For Bash / shell scripts in particular, you can make it print every command that it runs by adding set -x at the top of your script (more info in this other answer).



          If you want, you could also try using DTrace directly instead -- this is a pretty simple one-liner (haven't tried running this myself so apologies if there are typos):



          sudo dtrace -n 'proc:::exec-success /ppid == $target/ { trace(curpsinfo->pr_psargs); }' -c './script.sh'


          The way this works is:





          • proc:::exec-success: Trace all exec-success events in the system, which fire in the subprocess when an exec*-family syscall returns successfully.


          • /ppid == $target/: Filter which means this only fires when the parent process's PID (ppid) matches the PID returned for the process started by the -c option we passed to the dtrace command ($target).


          • { trace(curpsinfo->pr_psargs); }: This is the action to take when the event fires and it matches our filter. We simply print (trace) the arguments passed to the process, which is stored in the curpsinfo variable.


          (If that fails with a similar-looking error, it's likely that the bug is in macOS's implementation of curpsinfo somewhere.)






          share|improve this answer





















          • 2





            Good answer. The actual cause of the problem here, I believe, is that dtruss grabs execve's arg0 (the path pointer) on entry to the execve system call, then tries to print it as a string pointer on exit from the execve system call. But since execve completely replaces the process's address space, the pointer is no longer valid after the system call. Because pointers are not valid across a successful execve, dtruss needs (but lacks) a special case for the execve system call.

            – rob mayoff
            Nov 15 '18 at 21:08













          • Ah, sure enough! I always thought it was a compiled program, not a script, so I didn’t know you could read the source. For reference, I also found it online here: opensource.apple.com/source/dtrace/dtrace-147/DTTk/….

            – Dan
            Nov 15 '18 at 21:15











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53326939%2fwhy-are-there-not-any-execve-calls-in-my-dtruss-trace%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          2














          This means that the DTrace script that dtruss is using internally is accessing an invalid memory address, which is happening while it's trying to trace the execve call you're curious about. So basically, dtruss (or possibly DTrace itself) appears to have a bug which is preventing you from getting the information you want. Apple hasn't been the best about keeping DTrace and the tools that depend on it working well on macOS, unfortunately :-/.



          For Bash / shell scripts in particular, you can make it print every command that it runs by adding set -x at the top of your script (more info in this other answer).



          If you want, you could also try using DTrace directly instead -- this is a pretty simple one-liner (haven't tried running this myself so apologies if there are typos):



          sudo dtrace -n 'proc:::exec-success /ppid == $target/ { trace(curpsinfo->pr_psargs); }' -c './script.sh'


          The way this works is:





          • proc:::exec-success: Trace all exec-success events in the system, which fire in the subprocess when an exec*-family syscall returns successfully.


          • /ppid == $target/: Filter which means this only fires when the parent process's PID (ppid) matches the PID returned for the process started by the -c option we passed to the dtrace command ($target).


          • { trace(curpsinfo->pr_psargs); }: This is the action to take when the event fires and it matches our filter. We simply print (trace) the arguments passed to the process, which is stored in the curpsinfo variable.


          (If that fails with a similar-looking error, it's likely that the bug is in macOS's implementation of curpsinfo somewhere.)






          share|improve this answer





















          • 2





            Good answer. The actual cause of the problem here, I believe, is that dtruss grabs execve's arg0 (the path pointer) on entry to the execve system call, then tries to print it as a string pointer on exit from the execve system call. But since execve completely replaces the process's address space, the pointer is no longer valid after the system call. Because pointers are not valid across a successful execve, dtruss needs (but lacks) a special case for the execve system call.

            – rob mayoff
            Nov 15 '18 at 21:08













          • Ah, sure enough! I always thought it was a compiled program, not a script, so I didn’t know you could read the source. For reference, I also found it online here: opensource.apple.com/source/dtrace/dtrace-147/DTTk/….

            – Dan
            Nov 15 '18 at 21:15
















          2














          This means that the DTrace script that dtruss is using internally is accessing an invalid memory address, which is happening while it's trying to trace the execve call you're curious about. So basically, dtruss (or possibly DTrace itself) appears to have a bug which is preventing you from getting the information you want. Apple hasn't been the best about keeping DTrace and the tools that depend on it working well on macOS, unfortunately :-/.



          For Bash / shell scripts in particular, you can make it print every command that it runs by adding set -x at the top of your script (more info in this other answer).



          If you want, you could also try using DTrace directly instead -- this is a pretty simple one-liner (haven't tried running this myself so apologies if there are typos):



          sudo dtrace -n 'proc:::exec-success /ppid == $target/ { trace(curpsinfo->pr_psargs); }' -c './script.sh'


          The way this works is:





          • proc:::exec-success: Trace all exec-success events in the system, which fire in the subprocess when an exec*-family syscall returns successfully.


          • /ppid == $target/: Filter which means this only fires when the parent process's PID (ppid) matches the PID returned for the process started by the -c option we passed to the dtrace command ($target).


          • { trace(curpsinfo->pr_psargs); }: This is the action to take when the event fires and it matches our filter. We simply print (trace) the arguments passed to the process, which is stored in the curpsinfo variable.


          (If that fails with a similar-looking error, it's likely that the bug is in macOS's implementation of curpsinfo somewhere.)






          share|improve this answer





















          • 2





            Good answer. The actual cause of the problem here, I believe, is that dtruss grabs execve's arg0 (the path pointer) on entry to the execve system call, then tries to print it as a string pointer on exit from the execve system call. But since execve completely replaces the process's address space, the pointer is no longer valid after the system call. Because pointers are not valid across a successful execve, dtruss needs (but lacks) a special case for the execve system call.

            – rob mayoff
            Nov 15 '18 at 21:08













          • Ah, sure enough! I always thought it was a compiled program, not a script, so I didn’t know you could read the source. For reference, I also found it online here: opensource.apple.com/source/dtrace/dtrace-147/DTTk/….

            – Dan
            Nov 15 '18 at 21:15














          2












          2








          2







          This means that the DTrace script that dtruss is using internally is accessing an invalid memory address, which is happening while it's trying to trace the execve call you're curious about. So basically, dtruss (or possibly DTrace itself) appears to have a bug which is preventing you from getting the information you want. Apple hasn't been the best about keeping DTrace and the tools that depend on it working well on macOS, unfortunately :-/.



          For Bash / shell scripts in particular, you can make it print every command that it runs by adding set -x at the top of your script (more info in this other answer).



          If you want, you could also try using DTrace directly instead -- this is a pretty simple one-liner (haven't tried running this myself so apologies if there are typos):



          sudo dtrace -n 'proc:::exec-success /ppid == $target/ { trace(curpsinfo->pr_psargs); }' -c './script.sh'


          The way this works is:





          • proc:::exec-success: Trace all exec-success events in the system, which fire in the subprocess when an exec*-family syscall returns successfully.


          • /ppid == $target/: Filter which means this only fires when the parent process's PID (ppid) matches the PID returned for the process started by the -c option we passed to the dtrace command ($target).


          • { trace(curpsinfo->pr_psargs); }: This is the action to take when the event fires and it matches our filter. We simply print (trace) the arguments passed to the process, which is stored in the curpsinfo variable.


          (If that fails with a similar-looking error, it's likely that the bug is in macOS's implementation of curpsinfo somewhere.)






          share|improve this answer















          This means that the DTrace script that dtruss is using internally is accessing an invalid memory address, which is happening while it's trying to trace the execve call you're curious about. So basically, dtruss (or possibly DTrace itself) appears to have a bug which is preventing you from getting the information you want. Apple hasn't been the best about keeping DTrace and the tools that depend on it working well on macOS, unfortunately :-/.



          For Bash / shell scripts in particular, you can make it print every command that it runs by adding set -x at the top of your script (more info in this other answer).



          If you want, you could also try using DTrace directly instead -- this is a pretty simple one-liner (haven't tried running this myself so apologies if there are typos):



          sudo dtrace -n 'proc:::exec-success /ppid == $target/ { trace(curpsinfo->pr_psargs); }' -c './script.sh'


          The way this works is:





          • proc:::exec-success: Trace all exec-success events in the system, which fire in the subprocess when an exec*-family syscall returns successfully.


          • /ppid == $target/: Filter which means this only fires when the parent process's PID (ppid) matches the PID returned for the process started by the -c option we passed to the dtrace command ($target).


          • { trace(curpsinfo->pr_psargs); }: This is the action to take when the event fires and it matches our filter. We simply print (trace) the arguments passed to the process, which is stored in the curpsinfo variable.


          (If that fails with a similar-looking error, it's likely that the bug is in macOS's implementation of curpsinfo somewhere.)







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 30 '18 at 0:52

























          answered Nov 15 '18 at 20:31









          DanDan

          4,31521938




          4,31521938








          • 2





            Good answer. The actual cause of the problem here, I believe, is that dtruss grabs execve's arg0 (the path pointer) on entry to the execve system call, then tries to print it as a string pointer on exit from the execve system call. But since execve completely replaces the process's address space, the pointer is no longer valid after the system call. Because pointers are not valid across a successful execve, dtruss needs (but lacks) a special case for the execve system call.

            – rob mayoff
            Nov 15 '18 at 21:08













          • Ah, sure enough! I always thought it was a compiled program, not a script, so I didn’t know you could read the source. For reference, I also found it online here: opensource.apple.com/source/dtrace/dtrace-147/DTTk/….

            – Dan
            Nov 15 '18 at 21:15














          • 2





            Good answer. The actual cause of the problem here, I believe, is that dtruss grabs execve's arg0 (the path pointer) on entry to the execve system call, then tries to print it as a string pointer on exit from the execve system call. But since execve completely replaces the process's address space, the pointer is no longer valid after the system call. Because pointers are not valid across a successful execve, dtruss needs (but lacks) a special case for the execve system call.

            – rob mayoff
            Nov 15 '18 at 21:08













          • Ah, sure enough! I always thought it was a compiled program, not a script, so I didn’t know you could read the source. For reference, I also found it online here: opensource.apple.com/source/dtrace/dtrace-147/DTTk/….

            – Dan
            Nov 15 '18 at 21:15








          2




          2





          Good answer. The actual cause of the problem here, I believe, is that dtruss grabs execve's arg0 (the path pointer) on entry to the execve system call, then tries to print it as a string pointer on exit from the execve system call. But since execve completely replaces the process's address space, the pointer is no longer valid after the system call. Because pointers are not valid across a successful execve, dtruss needs (but lacks) a special case for the execve system call.

          – rob mayoff
          Nov 15 '18 at 21:08







          Good answer. The actual cause of the problem here, I believe, is that dtruss grabs execve's arg0 (the path pointer) on entry to the execve system call, then tries to print it as a string pointer on exit from the execve system call. But since execve completely replaces the process's address space, the pointer is no longer valid after the system call. Because pointers are not valid across a successful execve, dtruss needs (but lacks) a special case for the execve system call.

          – rob mayoff
          Nov 15 '18 at 21:08















          Ah, sure enough! I always thought it was a compiled program, not a script, so I didn’t know you could read the source. For reference, I also found it online here: opensource.apple.com/source/dtrace/dtrace-147/DTTk/….

          – Dan
          Nov 15 '18 at 21:15





          Ah, sure enough! I always thought it was a compiled program, not a script, so I didn’t know you could read the source. For reference, I also found it online here: opensource.apple.com/source/dtrace/dtrace-147/DTTk/….

          – Dan
          Nov 15 '18 at 21:15




















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53326939%2fwhy-are-there-not-any-execve-calls-in-my-dtruss-trace%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Florida Star v. B. J. F.

          Image
          Florida Star v. B. J. F. From Wikipedia, the free encyclopedia Jump to navigation Jump to search United States Supreme Court case Florida Star v. B. J. F. Supreme Court of the United States Argued March 21, 1989 Decided June 21, 1989 Full case name The Florida Star v. B. J. F. Citations 491 U.S. 524 ( more ) 109 S. Ct. 2603; 105 L. Ed. 2d 443; 1989 U.S. LEXIS 3120; 57 U.S.L.W. 4816; 16 Media L. Rep. 1801 Prior history The Florida Star v. B.J.F., 530 So.2d 286 (1988) Supreme Court of Florida; Florida Star v. B.J.F., 499 So.2d 883 (1986) Fla. Dist. Court of Appeals Holding Florida Stat. § 794.03 is unconstitutional to the extent it makes the truthful reporting of information that was a matter of public record unlawful, as it violates the First Amendment. Court membership Chief Justice William Rehnquist Associate Justices William J. Brennan Jr.  · Byron White Thurgood Marshall  · Harry Blac
          Read more

          Error while running script in elastic search , gateway timeout

          Image
          0 while running script in elastic search, I got 504 Gateway timeout error. { "query": { "bool": { "filter": { "script": { "script": " doc['creted_date'].date.getMonthOfYear() == 12 " } } } }, "aggs": { "test": { "date_histogram": { "field": "creted_date", "interval": "month", "format": "MMM" }, "aggs": { "cost": { "sum": { "field": "cost" } } }
          Read more

          Adding quotations to stringified JSON object values

          Image
          0 My stringified object data doesn't include quotation marks around object values, which errors when attempting JSON.parse() : '{ "affiliation": CORPORATE, "userId": 75c35d1c-5d12-4485-8fa8-b2f1551a3e6e }' I need the string to be: '{ "affiliation": "CORPORATE", "userId": "75c35d1c-5d12-4485-8fa8-b2f1551a3e6e" }' I'm using this regex to add quotes to the object keys: var newStr = str.replace(/(['"])?([a-z0-9A-Z_]+)(['"])?:/g, '"$2": '); For instance: '{ affiliation: CORPORATE }' to '{ "affiliation": CORPORATE }' There are only string values in my data, so I don't need to check value types. How can I alter my regex expression to add quotations to
          Read more