【发布时间】:2022-06-14 23:55:48
【问题描述】:
当所需的系统调用在父进程中恢复时,Ptrace 选项不会设置正确的状态。我只能使用这里看到的东西,没有 PEEKUSER、SYSGOOD 或 SYSCALL。这几天看了ptrace man,找例子,心力交瘁。
欢迎任何想法/提示,无论多么小。谢谢。
参数:/bin/bash -c "echo 'first test' | wc -c"
#include <stdlib.h>
#include <unistd.h>
#include <sys/wait.h>
#include <sys/ptrace.h>
int wait_for_syscall(pid_t child) {
int status;
while (1) {
ptrace(PTRACE_CONT, child, 0, 0);
waitpid(child, &status, 0);
if (WIFSTOPPED(status) && WSTOPSIG(status) | 0x80)
return 0;
if (WIFEXITED(status))
return 1;
}
}
int main(int argc, char *argv[]) {
int status;
int counter = 0;
pid_t pid = fork();
if (pid < 0)
exit(1);
else if (pid == 0) {
ptrace(PTRACE_TRACEME, pid, NULL, NULL);
raise(SIGSTOP);
return execve(argv[1], &argv[1], NULL);
} else {
wait(&status);
ptrace(PTRACE_SETOPTIONS, pid, 0, PTRACE_O_EXITKILL | PTRACE_O_TRACEEXEC | PTRACE_O_SECCOMP | PTRACE_O_TRACECLONE);
while (1) {
if (wait_for_syscall(pid) != 0) break;
if (status >> 8 == (SIGTRAP | (PTRACE_EVENT_EXEC << 8)))
counter++;
if (status >> 8 == (SIGTRAP | (PTRACE_EVENT_SECCOMP << 8)))
counter++;
if (status >> 8 == (SIGTRAP | (PTRACE_EVENT_CLONE << 8)))
counter++;
if (wait_for_syscall(pid) != 0) break;
}
}
return 0;
}
【问题讨论】:
-
请不要对c和c++都愤怒
标签: c++ c multiprocessing fork ptrace