static const char *print_a2(const char *val, const rnode *r) { int machine = r->machine, syscall = r->syscall; char *out; const char *sys = audit_syscall_to_name(syscall, machine); if (sys) { if (strncmp(sys, "fcntl", 5) == 0) { int ival; errno = 0; ival = strtoul(val, NULL, 16); if (errno) { asprintf(&out, "conversion error(%s)", val); return out; } switch (r->a1) { case F_SETOWN: return print_uid(val, 16); case F_SETFD: if (ival == FD_CLOEXEC) return strdup("FD_CLOEXEC"); /* Fall thru okay. */ case F_SETFL: case F_SETLEASE: case F_GETLEASE: case F_NOTIFY: break; } } else if (strcmp(sys, "openat") == 0) return print_open_flags(val); else if (strcmp(sys, "fchmodat") == 0) return print_mode_short(val); else if (strstr(sys, "chown")) return print_gid(val, 16); else if (strcmp(sys, "setresuid") == 0) return print_uid(val, 16); else if (strcmp(sys, "setresgid") == 0) return print_gid(val, 16); else if (strcmp(sys, "tgkill") == 0) return print_signals(val, 16); else if (strcmp(sys, "mkdirat") == 0) return print_mode_short(val); else if (strcmp(sys, "mmap") == 0) return print_prot(val, 1); else if (strcmp(sys, "mprotect") == 0) return print_prot(val, 0); else if (strcmp(sys, "socket") == 0) return print_socket_proto(val); else if (strcmp(sys, "clone") == 0) return print_clone_flags(val); else if (strcmp(sys, "recvmsg") == 0) return print_recv(val); } return strdup(val); }
/* A very basic decoder for open(2) system call. */ static void decode_open(pid_t pid, pink_bitness_t bitness) { long flags; char buf[MAX_STRING_LEN]; if (!pink_decode_string(pid, bitness, 0, buf, MAX_STRING_LEN)) { perror("pink_decode_string"); return; } if (!pink_util_get_arg(pid, bitness, 1, &flags)) { perror("pink_util_get_arg"); return; } printf("open(\"%s\", ", buf); print_open_flags(flags); putchar(')'); }
static const char *print_a1(const char *val, const rnode *r) { int machine = r->machine, syscall = r->syscall; const char *sys = audit_syscall_to_name(syscall, machine); if (sys) { if (strcmp(sys, "open") == 0) return print_open_flags(val); else if (strcmp(sys, "epoll_ctl") == 0) return print_epoll_ctl(val); else if (strcmp(sys, "chmod") == 0) return print_mode_short(val); else if (strcmp(sys, "fchmod") == 0) return print_mode_short(val); else if (strstr(sys, "chown")) return print_uid(val, 16); else if (strcmp(sys, "setreuid") == 0) return print_uid(val, 16); else if (strcmp(sys, "setresuid") == 0) return print_uid(val, 16); else if (strcmp(sys, "setregid") == 0) return print_gid(val, 16); else if (strcmp(sys, "setresgid") == 0) return print_gid(val, 16); else if (strcmp(sys, "kill") == 0) return print_signals(val, 16); else if (strcmp(sys, "tkill") == 0) return print_signals(val, 16); else if (strcmp(sys, "mkdir") == 0) return print_mode_short(val); else if (strcmp(sys, "creat") == 0) return print_mode_short(val); else if (strncmp(sys, "fcntl", 5) == 0) return print_fcntl_cmd(val); else if (strcmp(sys, "mknod") == 0) return print_mode(val, 16); else if (strcmp(sys, "socket") == 0) return print_socket_type(val); } return strdup(val); }