void
init_regexp_proc(void)
{
uselib("libpcre.so");
/*
* define the structure we're going to ask the agent to register our
* information at
*/
struct variable2 extensible_proc_variables[] = {
{MIBINDEX, ASN_INTEGER, NETSNMP_OLDAPI_RONLY,
var_extensible_regexp_proc, 1, {MIBINDEX}},
{ERRORNAME, ASN_OCTET_STR, NETSNMP_OLDAPI_RONLY,
var_extensible_regexp_proc, 1, {ERRORNAME}},
{PROCMIN, ASN_INTEGER, NETSNMP_OLDAPI_RONLY,
var_extensible_regexp_proc, 1, {PROCMIN}},
{PROCMAX, ASN_INTEGER, NETSNMP_OLDAPI_RONLY,
var_extensible_regexp_proc, 1, {PROCMAX}},
{PROCCOUNT, ASN_INTEGER, NETSNMP_OLDAPI_RONLY,
var_extensible_regexp_proc, 1, {PROCCOUNT}},
{ERRORFLAG, ASN_INTEGER, NETSNMP_OLDAPI_RONLY,
var_extensible_regexp_proc, 1, {ERRORFLAG}},
{ERRORMSG, ASN_OCTET_STR, NETSNMP_OLDAPI_RONLY,
var_extensible_regexp_proc, 1, {ERRORMSG}},
{ERRORFIX, ASN_INTEGER, NETSNMP_OLDAPI_RWRITE,
var_extensible_regexp_proc, 1, {ERRORFIX}},
{ERRORFIXCMD, ASN_OCTET_STR, NETSNMP_OLDAPI_RONLY,
var_extensible_regexp_proc, 1, {ERRORFIXCMD}}
};
/*
* Define the OID pointer to the top of the mib tree that we're
* registering underneath
*/
oid proc_variables_oid[] = { 1, 3, 6, 1, 4, 1, 7142, 100, 1, 10 };
/*
* register ourselves with the agent to handle our mib tree
*/
REGISTER_MIB("ucd-snmp/regexp_proc", extensible_proc_variables, variable2,
proc_variables_oid);
snmpd_register_config_handler("regexp_proc", regexp_proc_parse_config,
regexp_proc_free_config,
"process-name [max-num] [min-num]");
snmpd_register_config_handler("regexp_procfix", regexp_procfix_parse_config, NULL,
"process-name program [arguments...]");
}
static void stage_file_test(void)
{
static int name[] = { CTL_NET, NET_IPV4, NET_IPV4_LOCAL_PORT_RANGE };
int buffer[2] = { 32768, 61000 };
size_t size = sizeof(buffer);
int pipe_fd[2] = { EOF, EOF };
int error = 0;
int fd;
char pbuffer[1024];
struct stat sbuf;
struct sockaddr_un addr;
struct ifreq ifreq;
char *filename = "";
set_profile(3, "file::execute");
set_profile(3, "file::open");
set_profile(3, "file::create");
set_profile(3, "file::unlink");
set_profile(3, "file::mkdir");
set_profile(3, "file::rmdir");
set_profile(3, "file::mkfifo");
set_profile(3, "file::mksock");
set_profile(3, "file::truncate");
set_profile(3, "file::symlink");
set_profile(3, "file::rewrite");
set_profile(3, "file::mkblock");
set_profile(3, "file::mkchar");
set_profile(3, "file::link");
set_profile(3, "file::rename");
set_profile(3, "file::chmod");
set_profile(3, "file::chown");
set_profile(3, "file::chgrp");
set_profile(3, "file::ioctl");
set_profile(3, "file::chroot");
set_profile(3, "file::mount");
set_profile(3, "file::umount");
set_profile(3, "file::pivot_root");
policy = "allow_read /proc/sys/net/ipv4/ip_local_port_range";
write_domain_policy(policy, 0);
show_result(sysctl(name, 3, buffer, &size, 0, 0), 1);
write_domain_policy(policy, 1);
show_result(sysctl(name, 3, buffer, &size, 0, 0), 0);
policy = "allow_write /proc/sys/net/ipv4/ip_local_port_range";
write_domain_policy(policy, 0);
show_result(sysctl(name, 3, 0, 0, buffer, size), 1);
write_domain_policy(policy, 1);
show_result(sysctl(name, 3, 0, 0, buffer, size), 0);
policy = "allow_read/write /proc/sys/net/ipv4/ip_local_port_range";
write_domain_policy(policy, 0);
show_result(sysctl(name, 3, buffer, &size, buffer, size), 1);
write_domain_policy(policy, 1);
show_result(sysctl(name, 3, buffer, &size, buffer, size), 0);
policy = "allow_read /bin/true";
write_domain_policy(policy, 0);
show_result(uselib("/bin/true"), 1);
write_domain_policy(policy, 1);
show_result(uselib("/bin/true"), 0);
policy = "allow_execute /bin/true";
write_domain_policy(policy, 0);
fflush(stdout);
fflush(stderr);
if (pipe(pipe_fd) == -1)
err(1, "pipe");
if (fork() == 0) {
execl("/bin/true", "/bin/true", NULL);
if (write(pipe_fd[1], &errno, sizeof(errno)) == -1)
err(1, "write");
exit(0);
}
close(pipe_fd[1]);
(void)read(pipe_fd[0], &error, sizeof(error));
close(pipe_fd[0]);
wait(NULL);
errno = error;
show_result(error ? EOF : 0, 1);
write_domain_policy(policy, 1);
fflush(stdout);
fflush(stderr);
if (pipe(pipe_fd) == -1)
err(1, "pipe");
if (fork() == 0) {
execl("/bin/true", "/bin/true", NULL);
if (write(pipe_fd[1], &errno, sizeof(errno)) == -1)
err(1, "write");
_exit(0);
}
close(pipe_fd[1]);
(void)read(pipe_fd[0], &error, sizeof(error));
close(pipe_fd[0]);
wait(NULL);
errno = error;
show_result(errno ? EOF : 0, 0);
policy = "allow_read /dev/null";
write_domain_policy(policy, 0);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_read /dev/null";
write_domain_policy(policy, 0);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_read /dev/null";
write_domain_policy(policy, 0);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_read /dev/null";
write_domain_policy(policy, 0);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 0);
if (fd != EOF)
close(fd);
set_profile(3, "file::mkfifo");
policy = "allow_mkfifo /tmp/mknod_fifo_test 0644";
write_domain_policy(policy, 0);
filename = "/tmp/mknod_fifo_test";
show_result(mknod(filename, S_IFIFO | 0644, 0), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(mknod(filename, S_IFIFO | 0644, 0), 0);
memset(pbuffer, 0, sizeof(pbuffer));
memset(&sbuf, 0, sizeof(sbuf));
filename = "/dev/null";
stat(filename, &sbuf);
snprintf(pbuffer, sizeof(pbuffer) - 1,
"allow_write %s", filename);
policy = pbuffer;
write_domain_policy(policy, 0);
fd = open(filename, O_WRONLY);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open(filename, O_WRONLY);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_read/write /tmp/fifo";
mkfifo2("/tmp/fifo");
write_domain_policy(policy, 0);
fd = open("/tmp/fifo", O_RDWR);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open("/tmp/fifo", O_RDWR);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_read /dev/null";
write_domain_policy(policy, 0);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open("/dev/null", O_RDONLY);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_write /dev/null";
write_domain_policy(policy, 0);
fd = open("/dev/null", O_WRONLY);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open("/dev/null", O_WRONLY);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_read/write /dev/null";
write_domain_policy(policy, 0);
fd = open("/dev/null", O_RDWR);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open("/dev/null", O_RDWR);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_create /tmp/open_test 0644";
write_domain_policy(policy, 0);
policy = "allow_write /tmp/open_test";
write_domain_policy(policy, 0);
fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644);
show_result(fd, 1);
if (fd != EOF)
close(fd);
unlink2("/tmp/open_test");
write_domain_policy(policy, 1);
fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644);
show_result(fd, 0);
if (fd != EOF)
close(fd);
unlink2("/tmp/open_test");
policy = "allow_create /tmp/open_test 0644";
write_domain_policy(policy, 1);
policy = "allow_write /tmp/open_test";
write_domain_policy(policy, 0);
policy = "allow_create /tmp/open_test 0644";
write_domain_policy(policy, 0);
fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644);
show_result(fd, 1);
if (fd != EOF)
close(fd);
unlink2("/tmp/open_test");
write_domain_policy(policy, 1);
fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644);
show_result(fd, 0);
if (fd != EOF)
close(fd);
unlink2("/tmp/open_test");
policy = "allow_write /tmp/open_test";
write_domain_policy(policy, 1);
filename = "/tmp/truncate_test";
create2(filename);
policy = "allow_truncate /tmp/truncate_test";
write_domain_policy(policy, 0);
policy = "allow_write /tmp/truncate_test";
write_domain_policy(policy, 0);
fd = open(filename, O_WRONLY | O_TRUNC);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open(filename, O_WRONLY | O_TRUNC);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_truncate /tmp/truncate_test";
write_domain_policy(policy, 1);
policy = "allow_write /tmp/truncate_test";
write_domain_policy(policy, 0);
policy = "allow_truncate /tmp/truncate_test";
write_domain_policy(policy, 0);
fd = open(filename, O_WRONLY | O_TRUNC);
show_result(fd, 1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
fd = open(filename, O_WRONLY | O_TRUNC);
show_result(fd, 0);
if (fd != EOF)
close(fd);
policy = "allow_write /tmp/truncate_test";
write_domain_policy(policy, 1);
policy = "allow_truncate /tmp/truncate_test";
write_domain_policy(policy, 0);
show_result(truncate(filename, 0), 1);
write_domain_policy(policy, 1);
show_result(truncate(filename, 0), 0);
policy = "allow_truncate /tmp/truncate_test";
write_domain_policy(policy, 0);
set_profile(0, "file::open");
fd = open(filename, O_WRONLY);
set_profile(3, "file::open");
show_result(ftruncate(fd, 0), 1);
write_domain_policy(policy, 1);
show_result(ftruncate(fd, 0), 0);
if (fd != EOF)
close(fd);
unlink2(filename);
policy = "allow_create /tmp/mknod_reg_test 0644";
write_domain_policy(policy, 0);
filename = "/tmp/mknod_reg_test";
show_result(mknod(filename, S_IFREG | 0644, 0), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(mknod(filename, S_IFREG | 0644, 0), 0);
policy = "allow_mkchar /tmp/mknod_chr_test 0644 1 3";
write_domain_policy(policy, 0);
filename = "/tmp/mknod_chr_test";
show_result(mknod(filename, S_IFCHR | 0644, MKDEV(1, 3)), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(mknod(filename, S_IFCHR | 0644, MKDEV(1, 3)), 0);
policy = "allow_mkblock /tmp/mknod_blk_test 0644 1 0";
write_domain_policy(policy, 0);
filename = "/tmp/mknod_blk_test";
show_result(mknod(filename, S_IFBLK | 0644, MKDEV(1, 0)), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(mknod(filename, S_IFBLK | 0644, MKDEV(1, 0)), 0);
policy = "allow_mkfifo /tmp/mknod_fifo_test 0644";
write_domain_policy(policy, 0);
filename = "/tmp/mknod_fifo_test";
show_result(mknod(filename, S_IFIFO | 0644, 0), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(mknod(filename, S_IFIFO | 0644, 0), 0);
policy = "allow_mksock /tmp/mknod_sock_test 0644";
write_domain_policy(policy, 0);
filename = "/tmp/mknod_sock_test";
show_result(mknod(filename, S_IFSOCK | 0644, 0), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(mknod(filename, S_IFSOCK | 0644, 0), 0);
policy = "allow_mkdir /tmp/mkdir_test/ 0600";
write_domain_policy(policy, 0);
filename = "/tmp/mkdir_test";
show_result(mkdir(filename, 0600), 1);
write_domain_policy(policy, 1);
rmdir2(filename);
show_result(mkdir(filename, 0600), 0);
policy = "allow_rmdir /tmp/rmdir_test/";
write_domain_policy(policy, 0);
filename = "/tmp/rmdir_test";
mkdir2(filename);
show_result(rmdir(filename), 1);
write_domain_policy(policy, 1);
mkdir2(filename);
show_result(rmdir(filename), 0);
rmdir2(filename);
policy = "allow_unlink /tmp/unlink_test";
write_domain_policy(policy, 0);
filename = "/tmp/unlink_test";
create2(filename);
show_result(unlink(filename), 1);
write_domain_policy(policy, 1);
create2(filename);
show_result(unlink(filename), 0);
unlink2(filename);
policy = "allow_symlink /tmp/symlink_source_test";
write_domain_policy(policy, 0);
filename = "/tmp/symlink_source_test";
show_result(symlink("/tmp/symlink_dest_test", filename), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(symlink("/tmp/symlink_dest_test", filename), 0);
policy = "allow_symlink /tmp/symlink_source_test";
write_domain_policy(policy, 0);
filename = "/tmp/symlink_source_test";
show_result(symlink("/tmp/symlink_dest_test", filename), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(symlink("/tmp/symlink_dest_test", filename), 0);
policy = "allow_symlink /tmp/symlink_source_test";
write_domain_policy(policy, 0);
filename = "/tmp/symlink_source_test";
show_result(symlink("/tmp/symlink_dest_test", filename), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(symlink("/tmp/symlink_dest_test", filename), 0);
policy = "allow_symlink /tmp/symlink_source_test";
write_domain_policy(policy, 0);
filename = "/tmp/symlink_source_test";
show_result(symlink("/tmp/symlink_dest_test", filename), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(symlink("/tmp/symlink_dest_test", filename), 0);
policy = "allow_symlink /tmp/symlink_source_test";
write_domain_policy(policy, 0);
filename = "/tmp/symlink_source_test";
show_result(symlink("/tmp/symlink_dest_test", filename), 1);
write_domain_policy(policy, 1);
unlink2(filename);
show_result(symlink("/tmp/symlink_dest_test", filename), 0);
policy = "allow_link /tmp/link_source_test /tmp/link_dest_test";
write_domain_policy(policy, 0);
filename = "/tmp/link_source_test";
create2(filename);
show_result(link(filename, "/tmp/link_dest_test"), 1);
write_domain_policy(policy, 1);
unlink2("/tmp/link_dest_test");
show_result(link(filename, "/tmp/link_dest_test"), 0);
unlink2(filename);
policy = "allow_rename /tmp/rename_source_test /tmp/rename_dest_test";
write_domain_policy(policy, 0);
filename = "/tmp/rename_source_test";
create2(filename);
show_result(rename(filename, "/tmp/rename_dest_test"), 1);
write_domain_policy(policy, 1);
unlink2("/tmp/rename_dest_test");
create2(filename);
show_result(rename(filename, "/tmp/rename_dest_test"), 0);
unlink2(filename);
policy = "allow_mksock /tmp/socket_test 0755";
write_domain_policy(policy, 0);
filename = "/tmp/socket_test";
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
strncpy(addr.sun_path, filename, sizeof(addr.sun_path) - 1);
fd = socket(AF_UNIX, SOCK_STREAM, 0);
show_result(bind(fd, (struct sockaddr *) &addr, sizeof(addr)),
1);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
unlink2(filename);
fd = socket(AF_UNIX, SOCK_STREAM, 0);
show_result(bind(fd, (struct sockaddr *) &addr, sizeof(addr)),
0);
if (fd != EOF)
close(fd);
filename = "/tmp/rewrite_test";
create2(filename);
policy = "allow_read/write /tmp/rewrite_test";
write_domain_policy(policy, 0);
write_exception_policy("deny_rewrite /tmp/rewrite_test", 0);
policy = "allow_truncate /tmp/rewrite_test";
write_domain_policy(policy, 0);
fd = open(filename, O_RDONLY);
show_result(fd, 1);
if (fd != EOF)
close(fd);
fd = open(filename, O_WRONLY | O_APPEND);
show_result(fd, 1);
if (fd != EOF)
close(fd);
fd = open(filename, O_WRONLY);
show_result(fd, 0);
if (fd != EOF)
close(fd);
fd = open(filename, O_WRONLY | O_TRUNC);
show_result(fd, 0);
if (fd != EOF)
close(fd);
fd = open(filename, O_WRONLY | O_TRUNC | O_APPEND);
show_result(fd, 0);
if (fd != EOF)
close(fd);
show_result(truncate(filename, 0), 0);
set_profile(0, "file::open");
fd = open(filename, O_WRONLY | O_APPEND);
set_profile(3, "file::open");
show_result(ftruncate(fd, 0), 0);
show_result(fcntl(fd, F_SETFL,
fcntl(fd, F_GETFL) & ~O_APPEND), 0);
if (fd != EOF)
close(fd);
write_domain_policy(policy, 1);
policy = "allow_read/write /tmp/rewrite_test";
write_domain_policy(policy, 1);
write_exception_policy("deny_rewrite /tmp/rewrite_test", 1);
unlink2(filename);
policy = "allow_ioctl socket:[family=2:type=2:protocol=17] "
"35122-35124";
write_domain_policy(policy, 0);
fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP);
memset(&ifreq, 0, sizeof(ifreq));
snprintf(ifreq.ifr_name, sizeof(ifreq.ifr_name) - 1,
"lo");
show_result(ioctl(fd, 35123, &ifreq), 1);
write_domain_policy(policy, 1);
policy = "allow_ioctl "
"socket:[family=2:type=2:protocol=17] 0-35122";
write_domain_policy(policy, 0);
show_result(ioctl(fd, 35123, &ifreq), 0);
write_domain_policy(policy, 1);
if (fd != EOF)
close(fd);
}
static void stage_file_test(void)
{
int fd;
{
static int name[] = { CTL_NET, NET_IPV4,
NET_IPV4_LOCAL_PORT_RANGE };
int buffer[2] = { 32768, 61000 };
size_t size = sizeof(buffer);
show_prompt("sysctl(READ)");
show_result(sysctl(name, 3, buffer, &size, 0, 0));
show_prompt("sysctl(WRITE)");
show_result(sysctl(name, 3, 0, 0, buffer, size));
}
/* QUESTION: Is there a file which can be passed to uselib()? */
show_prompt("uselib()");
show_result(uselib("/bin/true"));
{
int pipe_fd[2] = { EOF, EOF };
int error = 0;
fflush(stdout);
fflush(stderr);
if (pipe(pipe_fd) == -1)
err(1, "pipe");
if (fork() == 0) {
execl("/bin/true", "/bin/true", NULL);
if (write(pipe_fd[1], &errno, sizeof(errno)) == -1)
err(1, "write");
_exit(0);
}
close(pipe_fd[1]);
(void)read(pipe_fd[0], &error, sizeof(error));
show_prompt("execve()");
errno = error;
show_result(error ? EOF : 0);
}
show_prompt("open(O_RDONLY)");
fd = open(dev_null_path, O_RDONLY);
show_result(fd);
if (fd != EOF)
close(fd);
show_prompt("open(O_WRONLY)");
fd = open(dev_null_path, O_WRONLY);
show_result(fd);
if (fd != EOF)
close(fd);
show_prompt("open(O_RDWR)");
fd = open(dev_null_path, O_RDWR);
show_result(fd);
if (fd != EOF)
close(fd);
show_prompt("open(O_CREAT | O_EXCL)");
fd = open(open_creat_path, O_CREAT | O_EXCL, 0666);
show_result(fd);
if (fd != EOF)
close(fd);
show_prompt("open(O_TRUNC)");
fd = open(truncate_path, O_TRUNC);
show_result(fd);
if (fd != EOF)
close(fd);
show_prompt("truncate()");
show_result(truncate(truncate_path, 0));
show_prompt("ftruncate()");
show_result(ftruncate(ftruncate_fd, 0));
show_prompt("mknod(S_IFREG)");
show_result(mknod(mknod_reg_path, S_IFREG, 0));
show_prompt("mknod(S_IFCHR)");
show_result(mknod(mknod_chr_path, S_IFCHR, MKDEV(1, 3)));
show_prompt("mknod(S_IFBLK)");
show_result(mknod(mknod_blk_path, S_IFBLK, MKDEV(1, 0)));
show_prompt("mknod(S_IFIFO)");
show_result(mknod(mknod_fifo_path, S_IFIFO, 0));
show_prompt("mknod(S_IFSOCK)");
show_result(mknod(mknod_sock_path, S_IFSOCK, 0));
show_prompt("mkdir()");
show_result(mkdir(mkdir_path, 0600));
show_prompt("rmdir()");
show_result(rmdir(rmdir_path));
show_prompt("unlink()");
show_result(unlink(unlink_path));
show_prompt("symlink()");
show_result(symlink(symlink_dest_path, symlink_source_path));
show_prompt("link()");
show_result(link(link_source_path, link_dest_path));
show_prompt("rename()");
show_result(rename(rename_source_path, rename_dest_path));
{
struct sockaddr_un addr;
int fd;
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
strncpy(addr.sun_path, socket_path, sizeof(addr.sun_path) - 1);
fd = socket(AF_UNIX, SOCK_STREAM, 0);
show_prompt("unix_bind()");
show_result(bind(fd, (struct sockaddr *) &addr, sizeof(addr)));
if (fd != EOF)
close(fd);
}
printf("\n\n");
}
int main(int argc, char **argv)
{ int x = 0;
char *args[10];
setuid(2);
signal(SIGCHLD, sigchld);
do_signals();
x += getpid();
x += getppid();
x += getuid();
x += getgid();
x += setsid();
x += seteuid();
x += setegid();
lseek(0, 0, -1);
kill(0, 0);
signal(99, 0);
signal(SIGINT, int_handler);
signal(SIGSEGV, segv_handler);
// *(int *) 0 = 0;
pipe(0);
munmap(0, 0);
mincore(0, 0);
shmget(0);
shmat(0);
line = __LINE__;
poll(-1, 0, 0);
signal(SIGSEGV, SIG_IGN);
// ppoll(-1, -1, -1, 0);
signal(SIGSEGV, SIG_DFL);
sched_yield();
readv(-1, 0, 0, 0);
writev(-1, 0, 0, 0);
msync(0, 0, 0);
fsync(-1);
fdatasync(-1);
semget(0, 0, 0);
semctl(0, 0, 0);
uselib(NULL);
pivot_root(0, 0);
personality(-1);
setfsuid(-1);
flock(-1, 0);
shmdt(0, 0, 0);
times(0);
mremap(0, 0, 0, 0, 0);
madvise(0, 0, 0);
fchown(-1, 0, 0);
lchown(0, 0, 0);
setreuid();
setregid();
link("/nonexistant", "/also-nonexistant");
do_slow();
symlink("/nothing", "/");
rename("/", "/");
mkdir("/junk/stuff////0", 0777);
geteuid();
getsid();
getpgid();
getresuid();
getresgid();
getpgid();
ptrace(-1, 0, 0, 0);
semop(0, 0, 0);
capget(0, 0);
line = __LINE__;
gettimeofday(0, 0);
settimeofday(0, 0);
dup(-1);
dup2(-1, -1);
shmctl(0, 0, 0, 0);
execve("/bin/nothing", "/bin/nothing", 0);
alarm(9999);
bind(0, 0, 0);
socket(0, 0, 0);
accept(0, 0, 0);
listen(0);
shutdown(0);
getsockname(0, 0, 0);
getpeername(0, 0, 0);
truncate(0, 0);
ftruncate(0, 0);
line = __LINE__;
if (vfork() == 0)
exit(0);
line = __LINE__;
x = opendir("/", 0, 0);
line = __LINE__;
readdir(x, 0, 0);
line = __LINE__;
closedir(x);
line = __LINE__;
chroot("/");
line = __LINE__;
sigaction(0, 0, 0);
line = __LINE__;
sigprocmask(0, 0, 0);
x += open("/nothing", 0);
x += chdir("/nothing");
x += mknod("/nothing/nothing", 0);
x += ioctl();
execve("/nothing", NULL, NULL);
line = __LINE__;
x += close(-2);
line = __LINE__;
if (fork() == 0)
exit(0);
line = __LINE__;
clone(clone_func, 0, 0, 0);
line = __LINE__;
brk(0);
sbrk(0);
line = __LINE__;
mmap(0, 0, 0, 0, 0);
line = __LINE__;
uname(0);
line = __LINE__;
getcwd(0, 0);
line = __LINE__;
iopl(3);
ioperm(0, 0, 0);
mount(0, 0, 0, 0, 0);
umount(0, 0);
umount(0, 0, 0);
swapon(0, 0);
swapoff(0);
sethostname(0);
line = __LINE__;
time(NULL);
unlink("/nothing");
line = __LINE__;
rmdir("/nothing");
chmod(0, 0);
line = __LINE__;
# if defined(__i386) || defined(__amd64)
modify_ldt(0);
# endif
stat("/doing-nice", 0);
nice(0);
args[0] = "/bin/df";
args[1] = "-l";
args[2] = NULL;
close(1);
open("/dev/null", O_WRONLY);
/***********************************************/
/* Some syscalls arent available direct */
/* from libc, so get them here. We mostly */
/* care about the ones which have caused */
/* implementation difficulty and kernel */
/* crashes - eventually we can be complete. */
/***********************************************/
line = __LINE__;
open("/system-dependent-syscalls-follow", 0);
line = __LINE__;
if (fork() == 0)
exit(0);
{int status;
while (wait(&status) >= 0)
;
}
sigaltstack(0, 0);
/*vm86(0, 0);*/
/***********************************************/
/* Some syscalls arent directly accessible, */
/* e.g. legacy. */
/***********************************************/
#if defined(__x86_64__)
trace(__LINE__, "x64 syscalls");
syscall(174, 0, 0, 0); // create_module
syscall(176, 0, 0, 0); // delete_module
syscall(178, 0, 0, 0); // query_module
#else
trace(__LINE__, "x32 syscalls");
syscall(0, 0, 0, 0); // restart_syscall
syscall(34, 0, 0, 0); // nice
syscall(59, 0, 0, 0); // oldolduname
syscall(109, 0, 0, 0); // olduname
if (fork() == 0)
syscall(1, 0, 0, 0); // exit
#endif
line = __LINE__;
execve("/bin/df", args, NULL);
fprintf(stderr, "Error: should not get here -- %s\n", strerror(errno));
exit(1);
}
