bool XPump::Send(base::ByteBuffer *pbb) {
if (pbb == NULL)
return false;
#ifdef LOGGING
base::ByteBuffer *pbbT = pbb->Clone();
XMsg *pmsg = XMsgFromBuffer(*pbbT, pbbT->Length());
LOG() << base::Log::Format("0x%p", notify_) << ": " << pmsg->ToString()
<< ", " << pbb->Length() << " bytes";
delete pmsg;
delete pbbT;
#endif
if (log_ != NULL) {
log_->Log(*pbb, -1, logid_, (dword)(long64)notify_);
}
base::ByteBuffer **ppbbSend = &pbbSendFirst_;
while ((*ppbbSend) != NULL) {
ppbbSend = &(*ppbbSend)->pbbNext_;
}
*ppbbSend = pbb;
pbb->pbbNext_ = NULL;
return ProcessWrite();
}
void pushRegistersToStack(struct pt_regs * regs)
{
unsigned long StackPointer = regs->ARM_sp;
StackPointer -= 16 * sizeof(unsigned long); //We don't need CPSR and ORIG_R0, so we need only 16 registers
ProcessWrite(INIT_PID, (void *) StackPointer, regs->uregs, 16 * sizeof(unsigned long));
regs->ARM_sp = StackPointer;
}
Transition ConnectionHandle::ProcessWrite_SSLHandshake() {
// Flush out all the response first
if (HasResponse()) {
auto write_ret = ProcessWrite();
if (write_ret != Transition::PROCEED) {
return write_ret;
}
}
return SSLHandshake();
}
/*------------------------------------------------------------------------------
-- FUNCTION: SendDebugCtrlChar
--
-- DATE: Nov 24, 2010
--
-- REVISIONS:
--
-- DESIGNER: Dean Morin
--
-- PROGRAMMER: Dean Morin
--
-- INTERFACE: SendDebugCtrlChar(HWND hWnd, BYTE ctrlChar, LPCWSTR szEventName)
-- hWnd - a handle to the window
-- ctrlChar - the control character to send
-- szEventName - the name of the event to trigger
--
-- RETURNS: VOID.
--
-- NOTES: Writes the control character, ctrlChar, to the port and signals
-- the event szEventName.
------------------------------------------------------------------------------*/
VOID SendDebugCtrlChar(HWND hWnd, BYTE ctrlChar, LPCWSTR szEventName) {
static BYTE pCtrlFrame[CTRL_FRAME_SIZE] = {0};
HANDLE hEvent = 0;
pCtrlFrame[CTRL_CHAR_INDEX] = ctrlChar;
ProcessWrite(hWnd, pCtrlFrame, CTRL_FRAME_SIZE);
hEvent = CreateEvent(NULL, TRUE, FALSE, szEventName);
SetEvent(hEvent);
Sleep(0);
ResetEvent(hEvent);
}
int SerialThread::Run()
{
// Check signal controlling and status to open serial communication.
// enter if there is command of openning and port has be closed before.
// 先打开 COM1 端口
if (! OpenCOM1Port())
return -1;
m_dwToDo = SMS_READ;
char *mess = new char[MAX_MESSAGE];
unsigned int lenBuff;
unsigned long lenMessage;
while(ptrDlg->m_bSMSActiveProccess)
{
ProcessWrite();
// 别太急,先等等
Sleep(1888);
lenMessage = 0;
memset(mess, 0, MAX_MESSAGE);
lenBuff = MAX_MESSAGE;
// ptrDlg->AddErrorInfo("reading");
if (SCC::serialCtl().read_scc(mess,lenBuff,lenMessage))
{
if (lenMessage > 0)
{
ProcessRead(mess);
}
else // 超时
{
// ReadTimeOut(mess);
}
}
else
{
ptrDlg->m_bSMSActiveProccess = FALSE;
}
} // while(ptrDlg->activeProccess == TRUE)
delete [] mess;
return 0;
}
void XPump::OnWriteEvent(base::Socket *sock) {
Assert(sock == sock_);
ProcessWrite();
}
int main(int argc, char ** argv)
{
if(argc < 2)
{
printf("Usage: init_execve <filename> [args]\n");
return 1;
}
if (ptrace(PTRACE_ATTACH, INIT_PID, NULL, NULL))
{
printf("ERROR: Couldn't attach to /init.\n");
return 1;
}
wait(NULL); //Why do i need this?
void * initBase;
unsigned long initSize;
ProcessGetCodeSectionInfo(INIT_PID, &initBase, &initSize);
if (!initBase || initSize == 0)
{
printf("ERROR: Couldn't get the image base of /init.\n");
printf("Detaching...\n");
ptrace(PTRACE_DETACH, INIT_PID, NULL, NULL);
return 1;
}
printf("initBase: %X.\n", initBase);
printf("initSize: %X.\n", initSize);
unsigned char* initCodeSection = new unsigned char[initSize];
ProcessRead(INIT_PID, initBase, initCodeSection, initSize);
void * execvePtr = (void *) memfindpos(initCodeSection, initSize, execve_code, sizeof(execve_code));
delete [] initCodeSection;
if (((unsigned long) execvePtr) == 0xFFFFFFFF)
{
printf("ERROR: Failed locating execve.\n");
printf("Detaching...\n");
ptrace(PTRACE_DETACH, INIT_PID, NULL, NULL);
return 5;
}
execvePtr = (void *) (((unsigned long) execvePtr) + ((unsigned long) initBase));
printf("execvePtr: %X\n", execvePtr);
struct pt_regs regs;
memset(®s, 0, sizeof(regs));
ptrace(PTRACE_GETREGS, INIT_PID, NULL, ®s);
printf("R0: %X\n", regs.ARM_r0);
printf("R1: %X\n", regs.ARM_r1);
printf("R2: %X\n", regs.ARM_r2);
printf("R3: %X\n", regs.ARM_r3);
printf("R4: %X\n", regs.ARM_r4);
printf("R5: %X\n", regs.ARM_r5);
printf("R6: %X\n", regs.ARM_r6);
printf("R7: %X\n", regs.ARM_r7);
printf("R8: %X\n", regs.ARM_r8);
printf("R9: %X\n", regs.ARM_r9);
printf("R10: %X\n", regs.ARM_r10);
printf("FP: %X\n", regs.ARM_fp); // R11
printf("IP: %X\n", regs.ARM_ip); // R12
printf("SP: %X\n", regs.ARM_sp); // R13
printf("LR: %X\n", regs.ARM_lr); // R14
printf("PC: %X\n", regs.ARM_pc); // R15
printf("CPSR: %X\n", regs.ARM_cpsr); // R16
printf("ORIG_R0: %X\n", regs.ARM_ORIG_r0); // R17
pushRegistersToStack(®s);
// START - This part is wrong, awful and crap!
execvePtr = (void *) (((unsigned long) execvePtr) + sizeof(execve_code));
unsigned long POP_R0_PC = 0xE8DBFFFF; //POP {R0 - PC} - LDMFD SP!, {R0-PC}
ProcessWrite(INIT_PID, execvePtr, &POP_R0_PC, 4); //Then execve gets called in /init, it will crash, and kenel will panic.
regs.ARM_pc = ((unsigned long) execvePtr);
// END - This part is wrong, awful and crap!
printf("new PC: %X.\n", regs.ARM_pc);
ptrace(PTRACE_SETREGS, INIT_PID, NULL, ®s);
printf("Detaching...\n");
ptrace(PTRACE_DETACH, INIT_PID, NULL, NULL);
return 0;
}
