/* if the first arg was an fd, find out which one it was.
* Call with syscallrecord lock held. */
unsigned int check_if_fd(struct childdata *child, struct syscallrecord *rec)
{
struct syscallentry *entry;
unsigned int fd;
entry = get_syscall_entry(rec->nr, rec->do32bit);
if ((entry->arg1type != ARG_FD) &&
(entry->arg1type != ARG_SOCKETINFO))
return FALSE;
/* in the SOCKETINFO case, post syscall, a1 is actually the fd,
* not the socketinfo. In ARG_FD a1=fd.
*/
fd = rec->a1;
/* if it's out of range, it's not going to be valid. */
if (fd > 1024)
return FALSE;
if (logging == LOGGING_FILES) {
if (child->logfile == NULL)
return FALSE;
if (fd <= (unsigned int) fileno(child->logfile))
return FALSE;
}
return TRUE;
}
/* if the first arg was an fd, find out which one it was.
* Call with syscallrecord lock held. */
unsigned int check_if_fd(struct childdata *child, struct syscallrecord *rec)
{
struct syscallentry *entry;
unsigned int fd;
fd = rec->a1;
entry = get_syscall_entry(rec->nr, rec->do32bit);
if (entry->arg1type != ARG_FD)
return FALSE;
/* if it's out of range, it's not going to be valid. */
if (fd > 1024)
return FALSE;
if (child->logfile == NULL)
return FALSE;
if (fd <= (unsigned int) fileno(child->logfile))
return FALSE;
return TRUE;
}
/*
* Used from output_syscall_prefix, and also from postmortem dumper
*/
static unsigned int render_syscall_prefix(struct syscallrecord *rec, char *bufferstart)
{
struct syscallentry *entry;
char *sptr = bufferstart;
unsigned int i;
unsigned int syscallnr;
syscallnr = rec->nr;
entry = get_syscall_entry(syscallnr, rec->do32bit);
sptr += sprintf(sptr, "[child%u:%u] [%lu] %s", this_child->num, this_child->pid,
rec->op_nr,
rec->do32bit == TRUE ? "[32BIT] " : "");
sptr += sprintf(sptr, "%s%s(", entry->name, ANSI_RESET);
for_each_arg(i) {
sptr = render_arg(rec, sptr, i, entry);
}
sptr += sprintf(sptr, "%s) ", ANSI_RESET);
return sptr - bufferstart;
}
