Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Correctly parse offset from info proc mappings output (#1096) #1098

Merged
merged 2 commits into from
May 19, 2024
Merged

Correctly parse offset from info proc mappings output (#1096) #1098

merged 2 commits into from
May 19, 2024

Conversation

mjklbhvg
Copy link
Contributor

@mjklbhvg mjklbhvg commented May 1, 2024
edited
Loading

Description

Fix the Offset column in the vmmap command by getting the offset from the correct column in parse_gdb_info_proc_maps.

Before:

gef➤  vmmap
[ Legend:  Code | Heap | Stack ]
Start              End                Offset             Perm Path
0x0000555555554000 0x0000555555558000 0x0000000000004000 r-- /usr/bin/ls
0x0000555555558000 0x000055555556e000 0x0000000000016000 r-x /usr/bin/ls
0x000055555556e000 0x0000555555577000 0x0000000000009000 r-- /usr/bin/ls
0x0000555555577000 0x0000555555579000 0x0000000000002000 r-- /usr/bin/ls
0x0000555555579000 0x000055555557a000 0x0000000000001000 rw- /usr/bin/ls
0x000055555557a000 0x000055555557b000 0x0000000000001000 rw- [heap]

After:

gef➤  vmmap
[ Legend:  Code | Heap | Stack ]
Start              End                Offset             Perm Path
0x0000555555554000 0x0000555555558000 0x0000000000000000 r-- /usr/bin/ls
0x0000555555558000 0x000055555556e000 0x0000000000004000 r-x /usr/bin/ls
0x000055555556e000 0x0000555555577000 0x000000000001a000 r-- /usr/bin/ls
0x0000555555577000 0x0000555555579000 0x0000000000023000 r-- /usr/bin/ls
0x0000555555579000 0x000055555557a000 0x0000000000025000 rw- /usr/bin/ls
0x000055555557a000 0x000055555557b000 0x0000000000000000 rw- [heap]

info proc mappings:

gef➤  info proc mappings
process 18800
Mapped address spaces:

          Start Addr           End Addr       Size     Offset  Perms  objfile
      0x555555554000     0x555555558000     0x4000        0x0  r--p   /usr/bin/ls
      0x555555558000     0x55555556e000    0x16000     0x4000  r-xp   /usr/bin/ls
      0x55555556e000     0x555555577000     0x9000    0x1a000  r--p   /usr/bin/ls
      0x555555577000     0x555555579000     0x2000    0x23000  r--p   /usr/bin/ls
      0x555555579000     0x55555557a000     0x1000    0x25000  rw-p   /usr/bin/ls
      0x55555557a000     0x55555557b000     0x1000        0x0  rw-p   [heap]

Checklist

  • My code follows the code style of this project.
  • My change includes a change to the documentation, if required.
  • If my change adds new code, adequate tests have been added.
  • I have read and agree to the CONTRIBUTING document.

@mjklbhvg
Correctly parse offset from info proc mappings output (#1096)
b72049c 
Fix the Offset column in the `vmmap` command by getting the offset
from the correct column in `parse_gdb_info_proc_maps`.
@github-actions GitHub Actions
Copy link

github-actions bot commented May 1, 2024

🤖 Coverage update for b72049c 🟢

Old New
Commit 29fb74e b72049c
Score 71.5548% 71.5548% (0)

@Grazfather
Copy link
Collaborator

good eye. Seems we didn't test the offset. Could you please add that (in tests/gef_memory.py).

@mjklbhvg
Copy link
Contributor Author

mjklbhvg commented May 1, 2024

I'm not really sure if this is the right way to test this.
It seems like the test binaries are just built using the system
c compiler, so relying on its output by hardcoding section offsets
feels a bit wrong. Any other ideas?

@github-actions GitHub Actions
Copy link

github-actions bot commented May 1, 2024

🤖 Coverage update for 46dbc3b 🟢

Old New
Commit 29fb74e 46dbc3b
Score 71.5548% 71.5548% (0)

@Grazfather
Copy link
Collaborator

We could maybe use readelf or something to get the offsets?

@mjklbhvg
Extend the test for gef.memory.parse_gdb_info_proc_maps()
c7a19f8 
The offsets parsed are now checked against the offsets in
`/proc/PID/maps`.
@github-actions GitHub Actions
Copy link

github-actions bot commented May 2, 2024

🤖 Coverage update for c7a19f8 🟢

Old New
Commit 29fb74e c7a19f8
Score 71.5548% 71.5548% (0)

@mjklbhvg
Copy link
Contributor Author

mjklbhvg commented May 2, 2024

I had a little bit of trouble trying to get the readelf idea to work,
because readelf reports slightly different offsets than gdb:

readelf --segments /tmp/default.out

Program Headers:
  Type           Offset             VirtAddr           PhysAddr
                 FileSiz            MemSiz              Flags  Align
...
  LOAD           0x0000000000000000 0x0000000000000000 0x0000000000000000
                 0x0000000000000690 0x0000000000000690  R      0x1000
  LOAD           0x0000000000001000 0x0000000000001000 0x0000000000001000
                 0x00000000000001a1 0x00000000000001a1  R E    0x1000
  LOAD           0x0000000000002000 0x0000000000002000 0x0000000000002000
                 0x00000000000000ec 0x00000000000000ec  R      0x1000
  LOAD           0x0000000000002dd0 0x0000000000003dd0 0x0000000000003dd0
...

The offsets for the load segments are 0, 0x1000, 0x2000 and 0x2dd0,
but when loaded, the last offset will become 0x2000 (probably to
ensure page alignment?). But I am not confident I can correctly account for
this in a test.

Instead, I now open /proc/PID/maps and check that the offsets from
info proc mappings match - which is much simpler and more
robust than hardcoding the expected values.

Grazfather
Grazfather approved these changes May 4, 2024
View reviewed changes
Copy link
Collaborator

@Grazfather Grazfather left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

@hugsy hugsy merged commit 13d1de2 into hugsy:main May 19, 2024
6 checks passed
@hugsy hugsy added this to the 2024.05 milestone May 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hugsy hugsy hugsy approved these changes

@Grazfather Grazfather Grazfather approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2024.06
Development

Successfully merging this pull request may close these issues.
3 participants
@mjklbhvg @Grazfather @hugsy