Example #1
0
void *
frida_agent_auto_ignorer_get_address_of_thread_create_func (void)
{
#ifdef G_OS_WIN32
  return GUM_FUNCPTR_TO_POINTER (_beginthreadex);
#else
  return GUM_FUNCPTR_TO_POINTER (pthread_create);
#endif
}
Example #2
0
void
lowlevel_helpers_deinit (void)
{
  g_assert (clobber_test_function != NULL);

  gum_free_pages (GUM_FUNCPTR_TO_POINTER (clobber_test_function));
  clobber_test_function = NULL;
}
Example #3
0
void
_gum_duk_push_native_resource (duk_context * ctx,
                               gpointer data,
                               GDestroyNotify notify,
                               GumDukCore * core)
{
  duk_push_heapptr (ctx, core->native_resource);
  duk_push_pointer (ctx, data);
  duk_push_pointer (ctx, GUM_FUNCPTR_TO_POINTER (notify));
  duk_new (ctx, 2);
}
Example #4
0
void
frida_agent_auto_ignorer_intercept_thread_creation (FridaAgentAutoIgnorer * self,
    GumInvocationContext * ic)
{
  NativeThreadFunc thread_func;

  thread_func = GUM_POINTER_TO_FUNCPTR (NativeThreadFunc, gum_invocation_context_get_nth_argument (ic, 2));
  if (GUM_MEMORY_RANGE_INCLUDES (&self->agent_range, GUM_ADDRESS (thread_func)))
  {
    FridaAutoInterceptContext * ctx;

    ctx = g_slice_new (FridaAutoInterceptContext);
    ctx->interceptor = g_object_ref (self->interceptor);
    ctx->thread_func = thread_func;
    ctx->thread_data = gum_invocation_context_get_nth_argument (ic, 3);
    gum_invocation_context_replace_nth_argument (ic, 2, GUM_FUNCPTR_TO_POINTER (frida_agent_auto_ignorer_thread_create_proxy));
    gum_invocation_context_replace_nth_argument (ic, 3, ctx);
  }
}
Example #5
0
void
_gum_register_destructor (GumDestructorFunc destructor)
{
  gum_final_destructors = g_slist_prepend (gum_final_destructors,
      GUM_FUNCPTR_TO_POINTER (destructor));
}
Example #6
0
static void
gum_allocator_probe_apply_default_suppressions (GumAllocatorProbe * self)
{
  GumInterceptor * interceptor = self->priv->interceptor;
  GArray * ignored;
  guint i;

  G_LOCK (_gum_allocator_probe_ignored_functions);

  if (_gum_allocator_probe_ignored_functions == NULL)
  {
    static const gchar * internal_function_name[] = {
        "g_quark_new",
        "instance_real_class_set",
        "instance_real_class_remove",
        "gst_object_set_name_default"
    };

    ignored = g_array_new (FALSE, FALSE, sizeof (gpointer));

    for (i = 0; i != G_N_ELEMENTS (internal_function_name); i++)
    {
      GArray * addrs = gum_find_functions_named (internal_function_name[i]);
      if (addrs->len != 0)
        g_array_append_vals (ignored, addrs->data, addrs->len);
      g_array_free (addrs, TRUE);
    }

    gum_process_enumerate_modules (
        gum_allocator_probe_add_suppression_addresses_if_glib, ignored);

    _gum_allocator_probe_ignored_functions = ignored;
  }
  else
  {
    ignored = _gum_allocator_probe_ignored_functions;
  }

  G_UNLOCK (_gum_allocator_probe_ignored_functions);

  gum_interceptor_begin_transaction (interceptor);

  for (i = 0; i != ignored->len; i++)
    gum_allocator_probe_suppress (self, g_array_index (ignored, gpointer, i));

  gum_allocator_probe_suppress (self,
      GUM_FUNCPTR_TO_POINTER (g_quark_from_string));
  gum_allocator_probe_suppress (self,
      GUM_FUNCPTR_TO_POINTER (g_quark_from_static_string));

  gum_allocator_probe_suppress (self,
      GUM_FUNCPTR_TO_POINTER (g_signal_connect_data));
  gum_allocator_probe_suppress (self,
      GUM_FUNCPTR_TO_POINTER (g_signal_handlers_destroy));
  gum_allocator_probe_suppress (self,
      GUM_FUNCPTR_TO_POINTER (g_type_register_static));
  gum_allocator_probe_suppress (self,
      GUM_FUNCPTR_TO_POINTER (g_type_add_interface_static));
  gum_allocator_probe_suppress (self,
      GUM_FUNCPTR_TO_POINTER (g_param_spec_pool_insert));

  gum_interceptor_end_transaction (interceptor);
}