Changeset 2503 for neercs


Ignore:
Timestamp:
Jul 1, 2008, 1:26:21 AM (12 years ago)
Author:
Sam Hocevar
Message:
  • Ported grab code to amd64. Doesn't work yet, maybe because we are putting a stack address into RIP and the stack isn't executable.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • neercs/trunk/src/grab.c

    r2502 r2503  
    9494static int do_syscall(pid_t pid, struct user_regs_struct *regs)
    9595{
     96    /* Method for remote syscall:
     97     *  - store current register status into oregs
     98     *  - move stack pointer to the next empty element
     99     *  - store current read stack contents into oinst
     100     *  - put CD 80 (int 0x80) into the stack
     101     *  - set instruction pointer to the current stack address
     102     *  - single step: execute instruction (int 0x80)
     103     *  - get new register values
     104     *  - restore old register values from oregs
     105     *  - restore old stack contents from oinst */
    96106    struct user_regs_struct oregs;
    97107    long oinst;
     
    99109    if(ptrace(PTRACE_GETREGS, pid, NULL, &oregs) < 0)
    100110    {
    101         return errno;
    102     }
    103 
    104     regs->RSP = oregs.RSP - 4;
     111        fprintf(stderr, "PTRACE_GETREGS failed\n");
     112        return errno;
     113    }
     114
     115    regs->RSP = oregs.RSP - sizeof(long);
    105116
    106117    oinst = ptrace(PTRACE_PEEKTEXT, pid, regs->RSP, 0);
     
    111122    }
    112123
    113     if(ptrace(PTRACE_POKETEXT, pid, regs->RSP, 0x80cd) < 0) /* int 0x80 */
     124    if(ptrace(PTRACE_POKETEXT, pid, regs->RSP, (long)0x80cd) < 0) /* int 0x80 */
    114125    {
    115126        fprintf(stderr, "PTRACE_POKETEXT failed\n");
     
    118129
    119130    regs->RIP = regs->RSP;
     131
    120132    if(ptrace(PTRACE_SETREGS, pid, NULL, regs) < 0)
    121133    {
     134        fprintf(stderr, "PTRACE_SETREGS failed\n");
    122135        return errno;
    123136    }
     
    125138    if(ptrace(PTRACE_SINGLESTEP, pid, NULL, NULL) < 0)
    126139    {
     140        fprintf(stderr, "PTRACE_SINGLESTEP failed\n");
    127141        return errno;
    128142    }
     
    131145    if(ptrace(PTRACE_GETREGS, pid, NULL, regs) < 0)
    132146    {
     147        fprintf(stderr, "PTRACE_GETREGS failed\n");
    133148        return errno;
    134149    }
     
    140155    }
    141156
    142     if(ptrace(PTRACE_POKETEXT, pid, oregs.RSP - 4 , oinst) < 0)
     157    if(ptrace(PTRACE_POKETEXT, pid, oregs.RSP - sizeof(long), oinst) < 0)
    143158    {
    144159        fprintf(stderr, "PTRACE_POKETEXT failed\n");
     
    199214    }
    200215
    201     /* +4 because it's truncated on a multiple of 4 and we need 1 */
    202     memcpy_into_target(pid, target_page, path, strlen(path) + 4);
     216    /* +4 (or 8) because it's truncated on a multiple of 4 (or 8)
     217     * and we need 1 */
     218    memcpy_into_target(pid, target_page, path, strlen(path) + sizeof(long));
    203219
    204220    regs.RAX = SYS_open;
     
    239255    if((ret = do_syscall(pid, &regs)) != 0)
    240256    {
     257        fprintf(stderr, "syscall setpgid failed\n");
    241258        return ret;
    242259    }
     
    244261    if(regs.RAX != 0)
    245262    {
    246         fprintf(stderr, "setpgid failed\n");
     263        fprintf(stderr, "setpgid returned %ld\n", (long)regs.RAX);
    247264        return -regs.RAX;
    248265    }
     
    252269    if((ret = do_syscall(pid, &regs)) != 0)
    253270    {
     271        fprintf(stderr, "syscall setsid failed\n");
    254272        return ret;
    255273    }
Note: See TracChangeset for help on using the changeset viewer.