static void sanitise_execve(struct syscallrecord *rec) { unsigned long **argv, **envp; /* we don't want to block if something tries to read from stdin */ fclose(stdin); /* Fabricate argv */ argvcount = rand() % 32; argv = gen_ptrs_to_crap(argvcount); /* Fabricate envp */ envpcount = rand() % 32; envp = gen_ptrs_to_crap(envpcount); if (this_syscallname("execve") == FALSE) { rec->a2 = (unsigned long) argv; rec->a3 = (unsigned long) envp; } else { rec->a3 = (unsigned long) argv; rec->a4 = (unsigned long) envp; } }
static void sanitise_sync_file_range(struct syscallrecord *rec) { long endbyte; loff_t nbytes; loff_t off; retry: off = rand64() & 0x0fffffffffffffffUL; nbytes = rand64() & 0x0fffffffffffffffUL; endbyte = off + nbytes; if (endbyte < off) goto retry; if (off >= (0x100000000LL << PAGE_SHIFT)) goto retry; if (this_syscallname("sync_file_range2") == FALSE) { rec->a2 = off; rec->a3 = nbytes; } else { rec->a3 = off; rec->a4 = nbytes; } }