1 | /* |
---|
2 | * zzuf - general purpose fuzzer |
---|
3 | * Copyright (c) 2006-2010 Sam Hocevar <sam@hocevar.net> |
---|
4 | * 2007 Rémi Denis-Courmont <rdenis#simphalempin:com> |
---|
5 | * 2007 Clément Stenac <zorglub#diwi:org> |
---|
6 | * 2007 Dominik Kuhlen <dominik.kuhlen#gmit-gmbh:de> |
---|
7 | * 2009 Corentin Delorme <codelorme@gmail.com> |
---|
8 | * All Rights Reserved |
---|
9 | * |
---|
10 | * This program is free software. It comes without any warranty, to |
---|
11 | * the extent permitted by applicable law. You can redistribute it |
---|
12 | * and/or modify it under the terms of the Do What The Fuck You Want |
---|
13 | * To Public License, Version 2, as published by Sam Hocevar. See |
---|
14 | * http://sam.zoy.org/wtfpl/COPYING for more details. |
---|
15 | */ |
---|
16 | |
---|
17 | /* |
---|
18 | * load-fd.c: loaded file descriptor functions |
---|
19 | */ |
---|
20 | |
---|
21 | #include "config.h" |
---|
22 | |
---|
23 | /* Need this for RTLD_NEXT */ |
---|
24 | #define _GNU_SOURCE |
---|
25 | /* Use this to get lseek64() on glibc systems */ |
---|
26 | #define _LARGEFILE64_SOURCE |
---|
27 | /* Use this to get proper prototypes on HP-UX systems */ |
---|
28 | #define _XOPEN_SOURCE_EXTENDED |
---|
29 | #define _INCLUDE_POSIX_SOURCE |
---|
30 | |
---|
31 | #if defined HAVE_STDINT_H |
---|
32 | # include <stdint.h> |
---|
33 | #elif defined HAVE_INTTYPES_H |
---|
34 | # include <inttypes.h> |
---|
35 | #endif |
---|
36 | #include <stdlib.h> |
---|
37 | #include <string.h> |
---|
38 | #include <stdio.h> |
---|
39 | #include <errno.h> |
---|
40 | |
---|
41 | #if defined HAVE_WINSOCK2_H |
---|
42 | # include <winsock2.h> |
---|
43 | #endif |
---|
44 | #include <sys/types.h> |
---|
45 | #if defined HAVE_SYS_SOCKET_H |
---|
46 | # include <sys/socket.h> |
---|
47 | #endif |
---|
48 | #if defined HAVE_NETINET_IN_H |
---|
49 | # include <netinet/in.h> |
---|
50 | #endif |
---|
51 | #if defined HAVE_ARPA_INET_H |
---|
52 | # include <arpa/inet.h> |
---|
53 | #endif |
---|
54 | #if defined HAVE_SYS_UIO_H |
---|
55 | # include <sys/uio.h> |
---|
56 | #endif |
---|
57 | #if defined HAVE_UNISTD_H |
---|
58 | # include <unistd.h> |
---|
59 | #endif |
---|
60 | #include <fcntl.h> |
---|
61 | #include <stdarg.h> |
---|
62 | #if defined HAVE_AIO_H |
---|
63 | # include <aio.h> |
---|
64 | #endif |
---|
65 | |
---|
66 | #include "libzzuf.h" |
---|
67 | #include "lib-load.h" |
---|
68 | #include "debug.h" |
---|
69 | #include "network.h" |
---|
70 | #include "fuzz.h" |
---|
71 | #include "fd.h" |
---|
72 | |
---|
73 | #if defined HAVE_SOCKLEN_T |
---|
74 | # define SOCKLEN_T socklen_t |
---|
75 | #else |
---|
76 | # define SOCKLEN_T int |
---|
77 | #endif |
---|
78 | |
---|
79 | #if defined CONNECT_USES_STRUCT_SOCKADDR |
---|
80 | # define SOCKADDR_T struct sockaddr |
---|
81 | #else |
---|
82 | # define SOCKADDR_T void |
---|
83 | #endif |
---|
84 | |
---|
85 | /* Local prototypes */ |
---|
86 | #if defined HAVE_READV || defined HAVE_RECVMSG |
---|
87 | static void fuzz_iovec (int fd, const struct iovec *iov, ssize_t ret); |
---|
88 | #endif |
---|
89 | static void offset_check (int fd); |
---|
90 | |
---|
91 | /* Library functions that we divert */ |
---|
92 | static int (*ORIG(open)) (const char *file, int oflag, ...); |
---|
93 | #if defined HAVE_OPEN64 |
---|
94 | static int (*ORIG(open64)) (const char *file, int oflag, ...); |
---|
95 | #endif |
---|
96 | #if defined HAVE___OPEN64 |
---|
97 | static int (*ORIG(__open64))(const char *file, int oflag, ...); |
---|
98 | #endif |
---|
99 | #if defined HAVE_DUP |
---|
100 | static int (*ORIG(dup)) (int oldfd); |
---|
101 | #endif |
---|
102 | #if defined HAVE_DUP2 |
---|
103 | static int (*ORIG(dup2)) (int oldfd, int newfd); |
---|
104 | #endif |
---|
105 | #if defined HAVE_ACCEPT |
---|
106 | static int (*ORIG(accept)) (int sockfd, SOCKADDR_T *addr, |
---|
107 | SOCKLEN_T *addrlen); |
---|
108 | #endif |
---|
109 | #if defined HAVE_BIND |
---|
110 | static int (*ORIG(bind)) (int sockfd, const SOCKADDR_T *my_addr, |
---|
111 | SOCKLEN_T addrlen); |
---|
112 | #endif |
---|
113 | #if defined HAVE_CONNECT |
---|
114 | static int (*ORIG(connect)) (int sockfd, const SOCKADDR_T *serv_addr, |
---|
115 | SOCKLEN_T addrlen); |
---|
116 | #endif |
---|
117 | #if defined HAVE_SOCKET |
---|
118 | static int (*ORIG(socket)) (int domain, int type, int protocol); |
---|
119 | #endif |
---|
120 | #if defined HAVE_RECV |
---|
121 | static RECV_T (*ORIG(recv)) (int s, void *buf, size_t len, int flags); |
---|
122 | #endif |
---|
123 | #if defined HAVE_RECVFROM |
---|
124 | static RECV_T (*ORIG(recvfrom))(int s, void *buf, size_t len, int flags, |
---|
125 | SOCKADDR_T *from, SOCKLEN_T *fromlen); |
---|
126 | #endif |
---|
127 | #if defined HAVE_RECVMSG |
---|
128 | static RECV_T (*ORIG(recvmsg)) (int s, struct msghdr *hdr, int flags); |
---|
129 | #endif |
---|
130 | #if defined READ_USES_SSIZE_T |
---|
131 | static ssize_t (*ORIG(read)) (int fd, void *buf, size_t count); |
---|
132 | #else |
---|
133 | static int (*ORIG(read)) (int fd, void *buf, unsigned int count); |
---|
134 | #endif |
---|
135 | #if defined HAVE_READV |
---|
136 | static ssize_t (*ORIG(readv)) (int fd, const struct iovec *iov, int count); |
---|
137 | #endif |
---|
138 | #if defined HAVE_PREAD |
---|
139 | static ssize_t (*ORIG(pread)) (int fd, void *buf, size_t count, off_t offset); |
---|
140 | #endif |
---|
141 | #if defined HAVE_AIO_READ |
---|
142 | static int (*ORIG(aio_read)) (struct aiocb *aiocbp); |
---|
143 | static ssize_t (*ORIG(aio_return)) (struct aiocb *aiocbp); |
---|
144 | #endif |
---|
145 | static off_t (*ORIG(lseek)) (int fd, off_t offset, int whence); |
---|
146 | #if defined HAVE_LSEEK64 |
---|
147 | static off64_t (*ORIG(lseek64)) (int fd, off64_t offset, int whence); |
---|
148 | #endif |
---|
149 | #if defined HAVE___LSEEK64 |
---|
150 | static off64_t (*ORIG(__lseek64)) (int fd, off64_t offset, int whence); |
---|
151 | #endif |
---|
152 | static int (*ORIG(close)) (int fd); |
---|
153 | |
---|
154 | #define ZZ_OPEN(myopen) \ |
---|
155 | do \ |
---|
156 | { \ |
---|
157 | int mode = 0; \ |
---|
158 | LOADSYM(myopen); \ |
---|
159 | if(oflag & O_CREAT) \ |
---|
160 | { \ |
---|
161 | va_list va; \ |
---|
162 | va_start(va, oflag); \ |
---|
163 | mode = va_arg(va, int); \ |
---|
164 | va_end(va); \ |
---|
165 | ret = ORIG(myopen)(file, oflag, mode); \ |
---|
166 | } \ |
---|
167 | else \ |
---|
168 | { \ |
---|
169 | ret = ORIG(myopen)(file, oflag); \ |
---|
170 | } \ |
---|
171 | if(!_zz_ready || _zz_islocked(-1)) \ |
---|
172 | return ret; \ |
---|
173 | if(ret >= 0 \ |
---|
174 | && ((oflag & (O_RDONLY | O_RDWR | O_WRONLY)) != O_WRONLY) \ |
---|
175 | && _zz_mustwatch(file)) \ |
---|
176 | { \ |
---|
177 | if(oflag & O_CREAT) \ |
---|
178 | debug("%s(\"%s\", %i, %i) = %i", \ |
---|
179 | __func__, file, oflag, mode, ret); \ |
---|
180 | else \ |
---|
181 | debug("%s(\"%s\", %i) = %i", __func__, file, oflag, ret); \ |
---|
182 | _zz_register(ret); \ |
---|
183 | } \ |
---|
184 | } while(0) |
---|
185 | |
---|
186 | int NEW(open)(const char *file, int oflag, ...) |
---|
187 | { |
---|
188 | int ret; ZZ_OPEN(open); return ret; |
---|
189 | } |
---|
190 | |
---|
191 | #if defined HAVE_OPEN64 |
---|
192 | int NEW(open64)(const char *file, int oflag, ...) |
---|
193 | { |
---|
194 | int ret; ZZ_OPEN(open64); return ret; |
---|
195 | } |
---|
196 | #endif |
---|
197 | |
---|
198 | #if defined HAVE___OPEN64 |
---|
199 | int NEW(__open64)(const char *file, int oflag, ...) |
---|
200 | { |
---|
201 | int ret; ZZ_OPEN(__open64); return ret; |
---|
202 | } |
---|
203 | #endif |
---|
204 | |
---|
205 | #if defined HAVE_DUP |
---|
206 | int NEW(dup)(int oldfd) |
---|
207 | { |
---|
208 | int ret; |
---|
209 | |
---|
210 | LOADSYM(dup); |
---|
211 | ret = ORIG(dup)(oldfd); |
---|
212 | if(!_zz_ready || _zz_islocked(-1) || !_zz_iswatched(oldfd) |
---|
213 | || !_zz_isactive(oldfd)) |
---|
214 | return ret; |
---|
215 | |
---|
216 | if(ret >= 0) |
---|
217 | { |
---|
218 | debug("%s(%i) = %i", __func__, oldfd, ret); |
---|
219 | _zz_register(ret); |
---|
220 | } |
---|
221 | |
---|
222 | return ret; |
---|
223 | } |
---|
224 | #endif |
---|
225 | |
---|
226 | #if defined HAVE_DUP2 |
---|
227 | int NEW(dup2)(int oldfd, int newfd) |
---|
228 | { |
---|
229 | int ret; |
---|
230 | |
---|
231 | LOADSYM(dup2); |
---|
232 | ret = ORIG(dup2)(oldfd, newfd); |
---|
233 | if(!_zz_ready || _zz_islocked(-1) || !_zz_iswatched(oldfd) |
---|
234 | || !_zz_isactive(oldfd)) |
---|
235 | return ret; |
---|
236 | |
---|
237 | if(ret >= 0) |
---|
238 | { |
---|
239 | /* We must close newfd if it was open, but only if oldfd != newfd |
---|
240 | * and if dup2() suceeded. */ |
---|
241 | if(oldfd != newfd && _zz_iswatched(newfd) && _zz_isactive(newfd)) |
---|
242 | _zz_unregister(newfd); |
---|
243 | |
---|
244 | debug("%s(%i, %i) = %i", __func__, oldfd, newfd, ret); |
---|
245 | _zz_register(ret); |
---|
246 | } |
---|
247 | |
---|
248 | return ret; |
---|
249 | } |
---|
250 | #endif |
---|
251 | |
---|
252 | #if defined HAVE_ACCEPT |
---|
253 | int NEW(accept)(int sockfd, SOCKADDR_T *addr, SOCKLEN_T *addrlen) |
---|
254 | { |
---|
255 | int ret; |
---|
256 | |
---|
257 | LOADSYM(accept); |
---|
258 | ret = ORIG(accept)(sockfd, addr, addrlen); |
---|
259 | if(!_zz_ready || _zz_islocked(-1) || !_zz_network |
---|
260 | || !_zz_iswatched(sockfd) || !_zz_isactive(sockfd)) |
---|
261 | return ret; |
---|
262 | |
---|
263 | if(ret >= 0) |
---|
264 | { |
---|
265 | if(addrlen) |
---|
266 | debug("%s(%i, %p, &%i) = %i", __func__, |
---|
267 | sockfd, addr, (int)*addrlen, ret); |
---|
268 | else |
---|
269 | debug("%s(%i, %p, NULL) = %i", __func__, sockfd, addr, ret); |
---|
270 | _zz_register(ret); |
---|
271 | } |
---|
272 | |
---|
273 | return ret; |
---|
274 | } |
---|
275 | #endif |
---|
276 | |
---|
277 | #if defined AF_INET6 |
---|
278 | # define case_AF_INET6 case AF_INET6: |
---|
279 | #else |
---|
280 | # define case_AF_INET6 |
---|
281 | #endif |
---|
282 | |
---|
283 | #define ZZ_CONNECT(myconnect, addr) \ |
---|
284 | do \ |
---|
285 | { \ |
---|
286 | LOADSYM(myconnect); \ |
---|
287 | ret = ORIG(myconnect)(sockfd, addr, addrlen); \ |
---|
288 | if(!_zz_ready || _zz_islocked(-1) || !_zz_network) \ |
---|
289 | return ret; \ |
---|
290 | if(ret >= 0) \ |
---|
291 | { \ |
---|
292 | struct sockaddr_in in; \ |
---|
293 | long int port; \ |
---|
294 | switch(addr->sa_family) \ |
---|
295 | { \ |
---|
296 | case AF_INET: \ |
---|
297 | case_AF_INET6 \ |
---|
298 | /* We need to copy rather than cast sockaddr* to sockaddr_in* \ |
---|
299 | * because sockaddr_in* has actually _larger_ alignment on \ |
---|
300 | * eg. Linux alpha. And we only need sin_port so we only copy \ |
---|
301 | * this member. */ \ |
---|
302 | memcpy(&in.sin_port, \ |
---|
303 | (char const *)addr + ((char *)&in.sin_port - (char *)&in), \ |
---|
304 | sizeof(in.sin_port)); \ |
---|
305 | port = ntohs(in.sin_port); \ |
---|
306 | if(_zz_portwatched(port)) \ |
---|
307 | break; \ |
---|
308 | /* Fall through */ \ |
---|
309 | default: \ |
---|
310 | _zz_unregister(sockfd); \ |
---|
311 | return ret; \ |
---|
312 | } \ |
---|
313 | debug("%s(%i, %p, %i) = %i", __func__, \ |
---|
314 | sockfd, addr, (int)addrlen, ret); \ |
---|
315 | } \ |
---|
316 | } while(0); |
---|
317 | |
---|
318 | #if defined HAVE_BIND |
---|
319 | int NEW(bind)(int sockfd, const SOCKADDR_T *my_addr, SOCKLEN_T addrlen) |
---|
320 | { |
---|
321 | int ret; ZZ_CONNECT(bind, my_addr); return ret; |
---|
322 | } |
---|
323 | #endif |
---|
324 | |
---|
325 | #if defined HAVE_CONNECT |
---|
326 | int NEW(connect)(int sockfd, const SOCKADDR_T *serv_addr, |
---|
327 | SOCKLEN_T addrlen) |
---|
328 | { |
---|
329 | int ret; ZZ_CONNECT(connect, serv_addr); return ret; |
---|
330 | } |
---|
331 | #endif |
---|
332 | |
---|
333 | #if defined HAVE_SOCKET |
---|
334 | int NEW(socket)(int domain, int type, int protocol) |
---|
335 | { |
---|
336 | int ret; |
---|
337 | |
---|
338 | LOADSYM(socket); |
---|
339 | ret = ORIG(socket)(domain, type, protocol); |
---|
340 | if(!_zz_ready || _zz_islocked(-1) || !_zz_network) |
---|
341 | return ret; |
---|
342 | |
---|
343 | if(ret >= 0) |
---|
344 | { |
---|
345 | debug("%s(%i, %i, %i) = %i", __func__, domain, type, protocol, ret); |
---|
346 | _zz_register(ret); |
---|
347 | } |
---|
348 | |
---|
349 | return ret; |
---|
350 | } |
---|
351 | #endif |
---|
352 | |
---|
353 | #if defined HAVE_RECV |
---|
354 | RECV_T NEW(recv)(int s, void *buf, size_t len, int flags) |
---|
355 | { |
---|
356 | int ret; |
---|
357 | |
---|
358 | LOADSYM(recv); |
---|
359 | ret = ORIG(recv)(s, buf, len, flags); |
---|
360 | if(!_zz_ready || !_zz_iswatched(s) || !_zz_hostwatched(s) |
---|
361 | || _zz_islocked(s) || !_zz_isactive(s)) |
---|
362 | return ret; |
---|
363 | |
---|
364 | if(ret > 0) |
---|
365 | { |
---|
366 | char *b = buf; |
---|
367 | |
---|
368 | _zz_fuzz(s, buf, ret); |
---|
369 | _zz_addpos(s, ret); |
---|
370 | |
---|
371 | if(ret >= 4) |
---|
372 | debug("%s(%i, %p, %li, 0x%x) = %i \"%c%c%c%c...", __func__, |
---|
373 | s, buf, (long int)len, flags, ret, b[0], b[1], b[2], b[3]); |
---|
374 | else |
---|
375 | debug("%s(%i, %p, %li, 0x%x) = %i \"%c...", __func__, |
---|
376 | s, buf, (long int)len, flags, ret, b[0]); |
---|
377 | } |
---|
378 | else |
---|
379 | debug("%s(%i, %p, %li, 0x%x) = %i", __func__, |
---|
380 | s, buf, (long int)len, flags, ret); |
---|
381 | |
---|
382 | return ret; |
---|
383 | } |
---|
384 | #endif |
---|
385 | |
---|
386 | #if defined HAVE_RECVFROM |
---|
387 | RECV_T NEW(recvfrom)(int s, void *buf, size_t len, int flags, |
---|
388 | SOCKADDR_T *from, SOCKLEN_T *fromlen) |
---|
389 | { |
---|
390 | int ret; |
---|
391 | |
---|
392 | LOADSYM(recvfrom); |
---|
393 | ret = ORIG(recvfrom)(s, buf, len, flags, from, fromlen); |
---|
394 | if(!_zz_ready || !_zz_iswatched(s) || !_zz_hostwatched(s) |
---|
395 | || _zz_islocked(s) || !_zz_isactive(s)) |
---|
396 | return ret; |
---|
397 | |
---|
398 | if(ret > 0) |
---|
399 | { |
---|
400 | char tmp[128]; |
---|
401 | char *b = buf; |
---|
402 | |
---|
403 | _zz_fuzz(s, buf, ret); |
---|
404 | _zz_addpos(s, ret); |
---|
405 | |
---|
406 | if (fromlen) |
---|
407 | sprintf(tmp, "&%i", (int)*fromlen); |
---|
408 | else |
---|
409 | strcpy(tmp, "NULL"); |
---|
410 | |
---|
411 | if (ret >= 4) |
---|
412 | debug("%s(%i, %p, %li, 0x%x, %p, %s) = %i \"%c%c%c%c...", |
---|
413 | __func__, s, buf, (long int)len, flags, from, tmp, |
---|
414 | ret, b[0], b[1], b[2], b[3]); |
---|
415 | else |
---|
416 | debug("%s(%i, %p, %li, 0x%x, %p, %s) = %i \"%c...", |
---|
417 | __func__, s, buf, (long int)len, flags, from, tmp, |
---|
418 | ret, b[0]); |
---|
419 | } |
---|
420 | else |
---|
421 | debug("%s(%i, %p, %li, 0x%x, %p, %p) = %i", __func__, |
---|
422 | s, buf, (long int)len, flags, from, fromlen, ret); |
---|
423 | |
---|
424 | return ret; |
---|
425 | } |
---|
426 | #endif |
---|
427 | |
---|
428 | #if defined HAVE_RECVMSG |
---|
429 | RECV_T NEW(recvmsg)(int s, struct msghdr *hdr, int flags) |
---|
430 | { |
---|
431 | ssize_t ret; |
---|
432 | |
---|
433 | LOADSYM(recvmsg); |
---|
434 | ret = ORIG(recvmsg)(s, hdr, flags); |
---|
435 | if(!_zz_ready || !_zz_iswatched(s) || !_zz_hostwatched(s) |
---|
436 | || _zz_islocked(s) || !_zz_isactive(s)) |
---|
437 | return ret; |
---|
438 | |
---|
439 | fuzz_iovec(s, hdr->msg_iov, ret); |
---|
440 | debug("%s(%i, %p, %x) = %li", __func__, s, hdr, flags, (long int)ret); |
---|
441 | |
---|
442 | return ret; |
---|
443 | } |
---|
444 | #endif |
---|
445 | |
---|
446 | #if defined READ_USES_SSIZE_T |
---|
447 | ssize_t NEW(read)(int fd, void *buf, size_t count) |
---|
448 | #else |
---|
449 | int NEW(read)(int fd, void *buf, unsigned int count) |
---|
450 | #endif |
---|
451 | { |
---|
452 | int ret; |
---|
453 | |
---|
454 | LOADSYM(read); |
---|
455 | ret = ORIG(read)(fd, buf, count); |
---|
456 | if(!_zz_ready || !_zz_iswatched(fd) || !_zz_hostwatched(fd) |
---|
457 | || _zz_islocked(fd) || !_zz_isactive(fd)) |
---|
458 | return ret; |
---|
459 | |
---|
460 | if(ret > 0) |
---|
461 | { |
---|
462 | char *b = buf; |
---|
463 | |
---|
464 | _zz_fuzz(fd, buf, ret); |
---|
465 | _zz_addpos(fd, ret); |
---|
466 | |
---|
467 | if(ret >= 4) |
---|
468 | debug("%s(%i, %p, %li) = %i \"%c%c%c%c...", __func__, fd, buf, |
---|
469 | (long int)count, ret, b[0], b[1], b[2], b[3]); |
---|
470 | else |
---|
471 | debug("%s(%i, %p, %li) = %i \"%c...", __func__, fd, buf, |
---|
472 | (long int)count, ret, b[0]); |
---|
473 | } |
---|
474 | else |
---|
475 | debug("%s(%i, %p, %li) = %i", __func__, fd, buf, (long int)count, ret); |
---|
476 | |
---|
477 | offset_check(fd); |
---|
478 | return ret; |
---|
479 | } |
---|
480 | |
---|
481 | #if defined HAVE_READV |
---|
482 | ssize_t NEW(readv)(int fd, const struct iovec *iov, int count) |
---|
483 | { |
---|
484 | ssize_t ret; |
---|
485 | |
---|
486 | LOADSYM(readv); |
---|
487 | ret = ORIG(readv)(fd, iov, count); |
---|
488 | if(!_zz_ready || !_zz_iswatched(fd) || _zz_islocked(fd) |
---|
489 | || !_zz_isactive(fd)) |
---|
490 | return ret; |
---|
491 | |
---|
492 | fuzz_iovec(fd, iov, ret); |
---|
493 | debug("%s(%i, %p, %i) = %li", __func__, fd, iov, count, (long int)ret); |
---|
494 | |
---|
495 | offset_check(fd); |
---|
496 | return ret; |
---|
497 | } |
---|
498 | #endif |
---|
499 | |
---|
500 | #if defined HAVE_PREAD |
---|
501 | ssize_t NEW(pread)(int fd, void *buf, size_t count, off_t offset) |
---|
502 | { |
---|
503 | int ret; |
---|
504 | |
---|
505 | LOADSYM(pread); |
---|
506 | ret = ORIG(pread)(fd, buf, count, offset); |
---|
507 | if(!_zz_ready || !_zz_iswatched(fd) || _zz_islocked(fd) |
---|
508 | || !_zz_isactive(fd)) |
---|
509 | return ret; |
---|
510 | |
---|
511 | if(ret > 0) |
---|
512 | { |
---|
513 | long int curoff = _zz_getpos(fd); |
---|
514 | char *b = buf; |
---|
515 | |
---|
516 | _zz_setpos(fd, offset); |
---|
517 | _zz_fuzz(fd, buf, ret); |
---|
518 | _zz_setpos(fd, curoff); |
---|
519 | |
---|
520 | if(ret >= 4) |
---|
521 | debug("%s(%i, %p, %li, %li) = %i \"%c%c%c%c...", __func__, fd, buf, |
---|
522 | (long int)count, (long int)offset, ret, |
---|
523 | b[0], b[1], b[2], b[3]); |
---|
524 | else |
---|
525 | debug("%s(%i, %p, %li, %li) = %i \"%c...", __func__, fd, buf, |
---|
526 | (long int)count, (long int)offset, ret, b[0]); |
---|
527 | } |
---|
528 | else |
---|
529 | debug("%s(%i, %p, %li, %li) = %i", __func__, fd, buf, |
---|
530 | (long int)count, (long int)offset, ret); |
---|
531 | |
---|
532 | return ret; |
---|
533 | } |
---|
534 | #endif |
---|
535 | |
---|
536 | #define ZZ_LSEEK(mylseek, off_t) \ |
---|
537 | do \ |
---|
538 | { \ |
---|
539 | LOADSYM(mylseek); \ |
---|
540 | ret = ORIG(mylseek)(fd, offset, whence); \ |
---|
541 | if(!_zz_ready || !_zz_iswatched(fd) || _zz_islocked(fd) \ |
---|
542 | || !_zz_isactive(fd)) \ |
---|
543 | return ret; \ |
---|
544 | debug("%s(%i, %lli, %i) = %lli", __func__, fd, \ |
---|
545 | (long long int)offset, whence, (long long int)ret); \ |
---|
546 | if(ret != (off_t)-1) \ |
---|
547 | _zz_setpos(fd, ret); \ |
---|
548 | } while(0) |
---|
549 | |
---|
550 | off_t NEW(lseek)(int fd, off_t offset, int whence) |
---|
551 | { |
---|
552 | off_t ret; |
---|
553 | ZZ_LSEEK(lseek, off_t); |
---|
554 | return ret; |
---|
555 | } |
---|
556 | |
---|
557 | #if defined HAVE_LSEEK64 |
---|
558 | off64_t NEW(lseek64)(int fd, off64_t offset, int whence) |
---|
559 | { |
---|
560 | off64_t ret; ZZ_LSEEK(lseek64, off64_t); return ret; |
---|
561 | } |
---|
562 | #endif |
---|
563 | |
---|
564 | #if defined HAVE___LSEEK64 |
---|
565 | off64_t NEW(__lseek64)(int fd, off64_t offset, int whence) |
---|
566 | { |
---|
567 | off64_t ret; ZZ_LSEEK(__lseek64, off64_t); return ret; |
---|
568 | } |
---|
569 | #endif |
---|
570 | |
---|
571 | #if defined HAVE_AIO_READ |
---|
572 | int NEW(aio_read)(struct aiocb *aiocbp) |
---|
573 | { |
---|
574 | int ret; |
---|
575 | int fd = aiocbp->aio_fildes; |
---|
576 | |
---|
577 | LOADSYM(aio_read); |
---|
578 | if(!_zz_ready || !_zz_iswatched(fd) || !_zz_isactive(fd)) |
---|
579 | return ORIG(aio_read)(aiocbp); |
---|
580 | |
---|
581 | _zz_lock(fd); |
---|
582 | ret = ORIG(aio_read)(aiocbp); |
---|
583 | |
---|
584 | debug("%s({%i, %i, %i, %p, %li, ..., %li}) = %i", __func__, |
---|
585 | fd, aiocbp->aio_lio_opcode, aiocbp->aio_reqprio, aiocbp->aio_buf, |
---|
586 | (long int)aiocbp->aio_nbytes, (long int)aiocbp->aio_offset, ret); |
---|
587 | |
---|
588 | return ret; |
---|
589 | } |
---|
590 | |
---|
591 | ssize_t NEW(aio_return)(struct aiocb *aiocbp) |
---|
592 | { |
---|
593 | ssize_t ret; |
---|
594 | int fd = aiocbp->aio_fildes; |
---|
595 | |
---|
596 | LOADSYM(aio_return); |
---|
597 | if(!_zz_ready || !_zz_iswatched(fd) || !_zz_isactive(fd)) |
---|
598 | return ORIG(aio_return)(aiocbp); |
---|
599 | |
---|
600 | ret = ORIG(aio_return)(aiocbp); |
---|
601 | _zz_unlock(fd); |
---|
602 | |
---|
603 | /* FIXME: make sure we’re actually *reading* */ |
---|
604 | if(ret > 0) |
---|
605 | { |
---|
606 | _zz_setpos(fd, aiocbp->aio_offset); |
---|
607 | _zz_fuzz(fd, aiocbp->aio_buf, ret); |
---|
608 | _zz_addpos(fd, ret); |
---|
609 | } |
---|
610 | |
---|
611 | debug("%s({%i, %i, %i, %p, %li, ..., %li}) = %li", __func__, |
---|
612 | fd, aiocbp->aio_lio_opcode, aiocbp->aio_reqprio, aiocbp->aio_buf, |
---|
613 | (long int)aiocbp->aio_nbytes, (long int)aiocbp->aio_offset, |
---|
614 | (long int)ret); |
---|
615 | |
---|
616 | return ret; |
---|
617 | } |
---|
618 | #endif |
---|
619 | |
---|
620 | int NEW(close)(int fd) |
---|
621 | { |
---|
622 | int ret; |
---|
623 | |
---|
624 | /* Hey, it’s our debug channel! Silently pretend we closed it. */ |
---|
625 | if(fd == _zz_debugfd) |
---|
626 | return 0; |
---|
627 | |
---|
628 | LOADSYM(close); |
---|
629 | ret = ORIG(close)(fd); |
---|
630 | if(!_zz_ready || !_zz_iswatched(fd) || _zz_islocked(fd)) |
---|
631 | return ret; |
---|
632 | |
---|
633 | debug("%s(%i) = %i", __func__, fd, ret); |
---|
634 | _zz_unregister(fd); |
---|
635 | |
---|
636 | return ret; |
---|
637 | } |
---|
638 | |
---|
639 | /* XXX: the following functions are local */ |
---|
640 | |
---|
641 | #if defined HAVE_READV || defined HAVE_RECVMSG |
---|
642 | static void fuzz_iovec(int fd, const struct iovec *iov, ssize_t ret) |
---|
643 | { |
---|
644 | /* NOTE: We assume that iov countains at least <ret> bytes. */ |
---|
645 | while(ret > 0) |
---|
646 | { |
---|
647 | void *b = iov->iov_base; |
---|
648 | size_t len = iov->iov_len; |
---|
649 | |
---|
650 | if(len > (size_t)ret) |
---|
651 | len = ret; |
---|
652 | |
---|
653 | _zz_fuzz(fd, b, len); |
---|
654 | _zz_addpos(fd, len); |
---|
655 | |
---|
656 | iov++; |
---|
657 | ret -= len; |
---|
658 | } |
---|
659 | } |
---|
660 | #endif |
---|
661 | |
---|
662 | /* Sanity check, can be OK though (for instance with a character device) */ |
---|
663 | static void offset_check(int fd) |
---|
664 | { |
---|
665 | int orig_errno = errno; |
---|
666 | #if defined HAVE_LSEEK64 |
---|
667 | off64_t ret; |
---|
668 | LOADSYM(lseek64); |
---|
669 | ret = ORIG(lseek64)(fd, 0, SEEK_CUR); |
---|
670 | #else |
---|
671 | off_t ret; |
---|
672 | LOADSYM(lseek); |
---|
673 | ret = ORIG(lseek)(fd, 0, SEEK_CUR); |
---|
674 | #endif |
---|
675 | if(ret != -1 && ret != _zz_getpos(fd)) |
---|
676 | debug("warning: offset inconsistency"); |
---|
677 | errno = orig_errno; |
---|
678 | } |
---|
679 | |
---|