void pr_signals_block(void) { if (sigs_nblocked == 0) { mask_signals(TRUE); pr_trace_msg("signal", 5, "signals blocked"); } else { pr_trace_msg("signal", 9, "signals already blocked (block count = %u)", sigs_nblocked); } sigs_nblocked++; }
void pr_signals_unblock(void) { if (sigs_nblocked == 0) { pr_trace_msg("signal", 5, "signals already unblocked"); return; } if (sigs_nblocked == 1) { mask_signals(FALSE); pr_trace_msg("signal", 5, "signals unblocked"); } else { pr_trace_msg("signal", 9, "signals already unblocked (block count = %u)", sigs_nblocked); } sigs_nblocked--; }
int main(int argc, char* argv[]) { int ret; unsigned int i; printf("Trinity v" __stringify(VERSION) " Dave Jones <*****@*****.**> 2012\n"); #ifdef __x86_64__ syscalls = syscalls_x86_64; max_nr_syscalls = NR_X86_64_SYSCALLS; #elif __i386__ syscalls = syscalls_i386; max_nr_syscalls = NR_I386_SYSCALLS; #elif __powerpc__ syscalls = syscalls_ppc; #elif __ia64__ syscalls = syscalls_ia64; #elif __sparc__ syscalls = syscalls_sparc; #else syscalls = syscalls_i386; #endif progname = argv[0]; parse_args(argc, argv); if (getuid() == 0) { if (dangerous == 1) { printf("DANGER: RUNNING AS ROOT.\n"); printf("Unless you are running in a virtual machine, this could cause serious problems such as overwriting CMOS\n"); printf("or similar which could potentially make this machine unbootable without a firmware reset.\n\n"); printf("ctrl-c now unless you really know what you are doing.\n"); for (i = 10; i > 0; i--) { printf("Continuing in %d seconds.\r", i); (void)fflush(stdout); sleep(1); } } else { printf("Don't run as root (or pass --dangerous if you know what you are doing).\n"); exit(EXIT_FAILURE); } } if (create_shm()) exit(EXIT_FAILURE); if (logging != 0) open_logfiles(); max_nr_syscalls = NR_SYSCALLS; for (i = 0; i < max_nr_syscalls; i++) syscalls[i].entry->number = i; if (desired_group == GROUP_VM) { struct syscalltable *newsyscalls; int count = 0, j = 0; for (i = 0; i < max_nr_syscalls; i++) { if (syscalls[i].entry->group == GROUP_VM) count++; } newsyscalls = malloc(count * sizeof(struct syscalltable)); if (newsyscalls == NULL) exit(EXIT_FAILURE); for (i = 0; i < max_nr_syscalls; i++) { if (syscalls[i].entry->group == GROUP_VM) newsyscalls[j++].entry = syscalls[i].entry; } max_nr_syscalls = count; syscalls = newsyscalls; } if (!do_specific_syscall) output("Fuzzing %d syscalls.\n", max_nr_syscalls); if (do_specific_syscall == 1) find_specific_syscall(); if (do_specific_proto == 1) find_specific_proto(); if (show_syscall_list == 1) { syscall_list(); exit(EXIT_SUCCESS); } page_size = getpagesize(); if (!seed) seed_from_tod(); else output("[%d] Random seed: %u (0x%x)\n", getpid(), seed, seed); init_buffers(); mask_signals(); setup_fds(); if (check_tainted() != 0) { output("Kernel was tainted on startup. Will keep running if trinity causes an oops.\n"); do_check_tainted = 1; } /* just in case we're not using the test.sh harness. */ chmod("tmp/", 0755); ret = chdir("tmp/"); if (!ret) { /* nothing right now */ } main_loop(); printf("\nRan %ld syscalls (%ld retries). Successes: %ld Failures: %ld\n", shm->execcount - 1, shm->retries, shm->successes, shm->failures); shmdt(shm); destroy_maps(); for (i = 0; i < socks; i++) close(socket_fds[i]); if (logging != 0) close_logfiles(); exit(EXIT_SUCCESS); }
/// Constructor that sets up signal masking. signals::interrupts_inhibiter::interrupts_inhibiter(void) { PRE(!interrupts_inhibiter_active); mask_signals(); interrupts_inhibiter_active = true; }
int main(int argc, char* argv[]) { int ret = EXIT_SUCCESS; unsigned int i; printf("Trinity v" __stringify(VERSION) " Dave Jones <*****@*****.**> 2012\n"); progname = argv[0]; setup_syscall_tables(); parse_args(argc, argv); /* If we didn't pass -c or -x, mark all syscalls active. */ if ((do_specific_syscall == FALSE) && (do_exclude_syscall == FALSE)) mark_all_syscalls_active(); if (getuid() == 0) { if (dangerous == TRUE) { printf("DANGER: RUNNING AS ROOT.\n"); printf("Unless you are running in a virtual machine, this could cause serious problems such as overwriting CMOS\n"); printf("or similar which could potentially make this machine unbootable without a firmware reset.\n\n"); printf("ctrl-c now unless you really know what you are doing.\n"); for (i = 10; i > 0; i--) { printf("Continuing in %d seconds.\r", i); (void)fflush(stdout); sleep(1); } } else { printf("Don't run as root (or pass --dangerous if you know what you are doing).\n"); exit(EXIT_FAILURE); } } if (create_shm()) exit(EXIT_FAILURE); /* Set seed in parent thread*/ set_seed(0); if (desired_group != GROUP_NONE) { ret = setup_syscall_group(desired_group); if (ret == FALSE) { ret = EXIT_FAILURE; goto cleanup_shm; } } if (show_syscall_list == TRUE) { dump_syscall_tables(); goto cleanup_shm; } if (validate_syscall_tables() == FALSE) { printf("No syscalls were enabled!\n"); printf("Use 32bit:%d 64bit:%d\n", use_32bit, use_64bit); goto cleanup_shm; } sanity_check_tables(); if (logging == TRUE) open_logfiles(); if (do_specific_syscall == FALSE) { if (biarch == TRUE) output(0, "Fuzzing %d 32-bit syscalls & %d 64-bit syscalls.\n", max_nr_32bit_syscalls, max_nr_64bit_syscalls); else output(0, "Fuzzing %d syscalls.\n", max_nr_syscalls); } if (do_specific_proto == TRUE) find_specific_proto(specific_proto_optarg); page_size = getpagesize(); init_buffers(); mask_signals(); if (check_tainted() != 0) { output(0, "Kernel was tainted on startup. Will keep running if trinity causes an oops.\n"); do_check_tainted = TRUE; } /* just in case we're not using the test.sh harness. */ chmod("tmp/", 0755); ret = chdir("tmp/"); if (!ret) { /* nothing right now */ } if (shm->exit_reason != STILL_RUNNING) goto cleanup_fds; init_watchdog(); do_main_loop(); printf("\nRan %ld syscalls. Successes: %ld Failures: %ld\n", shm->total_syscalls_done - 1, shm->successes, shm->failures); ret = EXIT_SUCCESS; cleanup_fds: for (i = 0; i < nr_sockets; i++) { struct linger ling; ling.l_onoff = FALSE; /* linger active */ setsockopt(shm->socket_fds[i], SOL_SOCKET, SO_LINGER, &ling, sizeof(struct linger)); shutdown(shm->socket_fds[i], SHUT_RDWR); close(shm->socket_fds[i]); } destroy_maps(); if (logging == TRUE) close_logfiles(); cleanup_shm: if (shm != NULL) munmap(shm, sizeof(struct shm_s)); exit(ret); }
int Interpret(const char *cmd, int redirect,char *target,int bg) { //解析执行一条命令 //cmd中包含两部分,一是命令执行文件本省,第二是argv[] if(strlen(cmd)==0) return 1; int argc; char **argv=ResolveCmd(cmd,&argc); if(!strcmp(argv[0],"cd")) { if(argc>1) ChangeDir(argv[1]); else //开启文件导航系统 { char finalpath[path_max]; Navigation(finalpath); ChangeDir(finalpath); } } else if(!strcmp(argv[0],"jobs")) { ShowJobs(); } else if(!strcmp(argv[0],"fg")) { //前台运行 ForeGround(argv[1]); } else if(!strcmp(argv[0],"stop")) StopPid(argv[1]); else if(!strcmp(argv[0],"continue")) ContinuePid(argv[1]); else if(!strcmp(argv[0],"bg")) //后台继续运行 ContinuePid(argv[1]); else if(!strcmp(argv[0],"history")) catHistory(); else if(!strcmp(argv[0],"echopath")) EchoPath(); else if(!strcmp(argv[0],"addpath")) AddPath(argv[1]); else if(!strcmp(argv[0],"exit")) return Exit(); else { int i=0,find=0; char filepath[PATH_MAX+1]={'\0'}; find=isEXE(argv[0]); //输入的命令是否带'/',可能指向EXEfile if(find) strcpy(filepath,argv[0]); else //从环境变量的目录中搜索 { while(!find && i<envpath_num) { //依次从各个环境变量的路径中寻找 find=SearchFile(envpath[i++],argv[0],filepath); } } if(find && bg==0) //找到命令,前台运行 { int pid=fork(); run_pid=pid; strcpy(run_cmd,cmd); if(pid>0) { waitpid(pid,NULL,WUNTRACED); run_pid=0; run_cmd[0]='\0'; } else { if(redirect==1) OutputRedirect(target); else if(redirect==0) InputRedirect(target); mask_signals(); //子进程屏蔽信号 if(execv(filepath,argv)==-1) printf("不能打开指定文件\n"); exit(0); } } else if(find && bg==1) //找到命令,后台运行 { //后台运行 int pid=fork(); if(pid>0) { //父进程把后台进程添加到job管理系统中 int pos=0; //找空位置,优先填满前面被删掉的位置 while(pos<jobmanager.jobnum && jobmanager.jobs[pos].status>0) pos++; //结果是pos占到了jobnum之前的被删位置,或者是pos==jobnum jobmanager.jobs[pos].pid=pid; int i=0; for(;i<strlen(cmd);i++) jobmanager.jobs[pos].cmd[i]=cmd[i]; //保存cmd信息 jobmanager.jobs[pos].cmd[i++]='&'; //保存cmd信息 jobmanager.jobs[pos].cmd[i]='\0'; //结尾 jobmanager.jobs[pos].status=1; //正常运行 if(pos==jobmanager.jobnum) { jobmanager.jobnum++; //只有pos开辟了新的坑位时,才占位 if(jobmanager.jobnum>jobnum_max) printf("jobs中的后台程序即将达到上限\n"); } printf("[%d] %d\n",pos+1,pid); } else { //子进程负责后台执行 if(redirect==1) OutputRedirect(target); else if(redirect==0) InputRedirect(target); mask_signals(); //信号屏蔽 if(execv(filepath,argv)==-1) printf("不能打开指定文件\n"); exit(0); //有个问题:子进程退了之后,父进程怎么查询?会出现相同pid的情况吗?貌似不会 } } else printf("Unknwon cmd.\n"); } //程序结束后要清理argv int i=0; for(;i<argc;i++) { free(argv[i]); } free(argv); return 1; }