/* * @implemented */ int ui64toa_s(unsigned __int64 value, char *str, size_t size, int radix) { char buffer[65], *pos; int digit; if (!(str != NULL) || !(size > 0) || !(radix>=2) || !(radix<=36)) { *__errno() = EINVAL; return EINVAL; } pos = buffer+64; *pos = '\0'; do { digit = value%radix; value /= radix; if(digit < 10) *--pos = (char)('0' + digit); else *--pos = (char)('a' + digit - 10); }while(value != 0); if((unsigned)(buffer-pos+65) > size) { //MSVCRT_INVALID_PMT("str[size] is too small"); *__errno() = EINVAL; return EINVAL; } memcpy(str, pos, buffer-pos+65); return 0; }
__int64 strtoi64(const char *nptr, char **endptr, int base) { BOOL negative = FALSE; __int64 ret = 0; while(isspace((unsigned char)*nptr)) nptr++; if(*nptr == '-') { negative = TRUE; nptr++; } else if(*nptr == '+') nptr++; if((base==0 || base==16) && *nptr=='0' && tolower(*(nptr+1))=='x') { base = 16; nptr += 2; } if(base == 0) { if(*nptr=='0') base = 8; else base = 10; } while(*nptr) { char cur = tolower(*nptr); int v; if(isdigit((unsigned char)cur)) { if(cur >= '0'+base) break; v = cur-'0'; } else { if(cur<'a' || cur>='a'+base-10) break; v = cur-'a'+10; } if(negative) v = -v; nptr++; if(!negative && (ret > _I64_MAX / base || ret * base > _I64_MAX-v)) { ret = _I64_MAX; *__errno() = ERANGE; } else if(negative && (ret < _I64_MIN / base || ret * base < _I64_MIN-v)) { ret = _I64_MIN; *__errno() = ERANGE; } else ret = ret*base + v; } if(endptr) *endptr = (char*)nptr; return ret; }
/** Get the internet name of this host. Actually this will always return a null string with TCPIP 030 and onwards because the "name" of a mobile host isn't really very meaningful - in practice the IP address is chosen dynamically once you start doing real networking, at which time the ISP can resolve the IP address into a name of some sort if you really want. @return @param name @param size */ EXPORT_C int gethostname (char *name, size_t size) { int* perrno=__errno(); RSocketServ ss; TInt err=ss.Connect(1); if (err==KErrNone) { RHostResolver r; err=r.Open(ss, AF_INET, KProtocolInetUdp); if (err==KErrNone) { TBuf<128> hostname; err=r.GetHostName(hostname); if (err==KErrNone) { if (size>(size_t)hostname.Length()) { TPtr8 retval((TText8*)name,size); retval.Copy(hostname); retval.PtrZ(); } else err=ENAMETOOLONG; } r.Close(); } ss.Close(); } return MapError(err,*perrno); }
/* * Called by the SimpleLink host driver to set POSIX error codes * for the host OS. */ int dpl_set_errno(int err) { /* Ensure (POSIX) errno is positive. * __errno() is a Zephyr function returning a pointer to the * current thread's errno variable. */ *__errno() = (err < 0? -err : err); return -1; }
void bta_gps_rcv_vse_cback(UINT8 len, UINT8 *p_data) { UINT8 sub_event; STREAM_TO_UINT8(sub_event, p_data); if ( sub_event == 16 ) { len = clientfd; if ( clientfd > 0 ) { len = send(clientfd, p_data, len - 1, NULL) + 1; if ( !len ) { if ( btif_trace_level > iLevelMessages ) LogMsg(1283, "send failed %s\n", strerror(__errno())); len = -1; clientfd = -1; } } } }
int main(int argc, char *argv[]) { pid_t pid = 0; struct pt_regs2 regs; unsigned long dlopenaddr, mprotectaddr, codeaddr, libaddr; unsigned long *p; int fd = 0; int n = 0; char buf[32]; char *arg; int opt; char *dumpFolder = NULL; int libFd = -1; void *mmapAddr = NULL; int libLength = 0; char *needle = ".................____________......................."; void *startOfNeedle = NULL; int result; // dbg for rwx protection: /* printf("---\n"); */ /* result = mprotect(0xbefdf000, 0x20000, PROT_READ|PROT_WRITE|PROT_EXEC); */ /* printf("mprotect %d\n", result); */ /* printf("\t\t%s\n", strerror(*(int*)__errno()) ); */ /* 1 - parse cmdline */ while ((opt = getopt(argc, argv, "p:l:f:d")) != -1) { switch (opt) { case 'p': pid = strtol(optarg, NULL, 0); break; case 'l': n = strlen(optarg)+1; n = n/4 + (n%4 ? 1 : 0); arg = malloc(n*sizeof(unsigned long)); memcpy(arg, optarg, n*4); /* arg = strdup(optarg); */ /* n = strlen(arg) */ /* printf("%s\n", arg); */ break; case 'f': dumpFolder = strdup(optarg); break; case 'd': debug = 1; break; default: #ifdef DEBUG fprintf(stderr, "error usage: %s -p PID -l LIBNAME -f DUMP_FOLDER -d (debug on)\n", argv[0]); #endif exit(0); break; } } if (pid == 0 || n == 0 || strlen(dumpFolder) == 0) { #ifdef DEBUG printf("pid %d\n", pid); fprintf(stderr, "usage: %s -p PID -l LIBNAME -f DUMP_FOLDER -d (debug on)\n", argv[0]); #endif exit(0); } if (0 > find_name(pid, "mprotect", &mprotectaddr)) { #ifdef DEBUG printf("can't find address of mprotect(), error!\n"); #endif exit(1); } #ifdef DEBUG printf("mprotect: 0x%x\n", mprotectaddr); #endif /* 2 - patch */ #ifdef DEBUG printf("[*] Patching %s to dump into folder %s\n", arg, dumpFolder); #endif libFd = open(arg, O_RDWR); if (libFd == -1) { #ifdef DEBUG printf("[E] Could not open %s %s\n", arg, strerror(*(int*)__errno())); #endif exit(1); } libLength = lseek(libFd,0,SEEK_END); mmapAddr = mmap(NULL, libLength, PROT_READ|PROT_WRITE, MAP_SHARED, libFd, 0 ); if( mmapAddr == MAP_FAILED ) { #ifdef DEBUG printf("[E] Map failed %s\n", arg); #endif exit(1); } #ifdef DEBUG printf("[*] searching %s from %p to %p\n", needle, mmapAddr, mmapAddr + libLength); #endif startOfNeedle = memmem(mmapAddr, libLength, needle, strlen(needle)); if( startOfNeedle == 0) { #ifdef DEBUG printf("\tneedle not found, the library might be already patched\n"); #endif ; } else { #ifdef DEBUG printf("\t found at %p, patching..\n", startOfNeedle); #endif memcpy(startOfNeedle, dumpFolder, strlen(dumpFolder)+1); } needle = memmem(mmapAddr, libLength, dumpFolder, strlen(dumpFolder)); #ifdef DEBUG printf("\t verify the patch: %s @ %p\n", needle, needle ); #endif result = munmap(mmapAddr, libLength); #ifdef DEBUG printf("[*] unmap %d\n", result); #endif close(libFd); /* 3 - inject */ void *ldl = dlopen("libdl.so", RTLD_LAZY); if (ldl) { dlopenaddr = dlsym(ldl, "dlopen"); dlclose(ldl); } unsigned long int lkaddr; unsigned long int lkaddr2; find_linker(getpid(), &lkaddr); //printf("own linker: 0x%x\n", lkaddr); //printf("offset %x\n", dlopenaddr - lkaddr); find_linker(pid, &lkaddr2); //printf("tgt linker: %x\n", lkaddr2); //printf("tgt dlopen : %x\n", lkaddr2 + (dlopenaddr - lkaddr)); dlopenaddr = lkaddr2 + (dlopenaddr - lkaddr); #ifdef DEBUG printf("dlopen: 0x%x\n", dlopenaddr); #endif // Attach if (0 > ptrace(PTRACE_ATTACH, pid, 0, 0)) { #ifdef DEBUG printf("cannot attach to %d, error!\n", pid); #endif exit(1); } waitpid(pid, NULL, 0); sprintf(buf, "/proc/%d/mem", pid); fd = open(buf, O_WRONLY); if (0 > fd) { #ifdef DEBUG printf("cannot open %s, error!\n", buf); #endif exit(1); } result = ptrace(PTRACE_GETREGS, pid, 0, ®s); #ifdef DEBUG printf("ptrace getregs %d\n", result); #endif sc[11] = regs.ARM_r0; sc[12] = regs.ARM_r1; sc[13] = regs.ARM_r2; sc[14] = regs.ARM_r3; sc[15] = regs.ARM_lr; sc[16] = regs.ARM_pc; sc[17] = regs.ARM_sp; sc[19] = dlopenaddr; #ifdef DEBUG printf("pc=%x lr=%x sp=%x fp=%x\n", regs.ARM_pc, regs.ARM_lr, regs.ARM_sp, regs.ARM_fp); printf("r0=%x r1=%x\n", regs.ARM_r0, regs.ARM_r1); printf("r2=%x r3=%x\n", regs.ARM_r2, regs.ARM_r3); #endif // push library name to stack libaddr = regs.ARM_sp - n*4 - sizeof(sc); sc[18] = libaddr; //printf("libaddr: %x\n", libaddr); if (stack_start == 0) { stack_start = (unsigned long int) strtol(argv[3], NULL, 16); stack_start = stack_start << 12; stack_end = stack_start + strtol(argv[4], NULL, 0); } #ifdef DEBUG printf("stack: 0x%x-0x%x leng = %d\n", stack_start, stack_end, stack_end-stack_start); #endif // write library name to stack if (0 > write_mem(pid, (unsigned long*)arg, n, libaddr)) { #ifdef DEBUG printf("cannot write library name (%s) to stack, error!\n", arg); #endif exit(1); } // write code to stack codeaddr = regs.ARM_sp - sizeof(sc); if (0 > write_mem(pid, (unsigned long*)&sc, sizeof(sc)/sizeof(long), codeaddr)) { #ifdef DEBUG printf("cannot write code, error!\n"); #endif exit(1); } #ifdef DEBUG printf("executing injection code at 0x%x\n", codeaddr); #endif // calc stack pointer regs.ARM_sp = regs.ARM_sp - n*4 - sizeof(sc); // call mprotect() to make stack executable regs.ARM_r0 = stack_start; // want to make stack executable //printf("r0 %x\n", regs.ARM_r0); regs.ARM_r1 = stack_end - stack_start; // stack size //printf("mprotect(%x, %d, ALL)\n", regs.ARM_r0, regs.ARM_r1); regs.ARM_r2 = PROT_READ|PROT_WRITE|PROT_EXEC; // protections regs.ARM_lr = codeaddr; // points to loading and fixing code regs.ARM_pc = mprotectaddr; // execute mprotect() // detach and continue result = ptrace(PTRACE_SETREGS, pid, 0, ®s); /* printf("%d\n", result); */ /* return 0; */ #ifdef DEBUG printf("first ptrace %d\n", result); if( result == -1 ) printf("\t\t%s\n", strerror(*(int*)__errno()) ); #endif result = ptrace(PTRACE_DETACH, pid, 0, 0); #ifdef DEBUG printf("second ptrace %d\n", result); if( result == -1 ) printf("\t\t%s\n", strerror(*(int*)__errno()) ); #endif #ifdef DEBUG printf("library injection completed!\n"); #endif return 0; }
/* * @implemented */ int i64toa_s(__int64 value, char *str, size_t size, int radix) { unsigned __int64 val; unsigned int digit; int is_negative; char buffer[65], *pos; size_t len; if (!(str != NULL) || !(size > 0) || !(radix >= 2) || !(radix <= 36)) { if (str && size) str[0] = '\0'; *__errno() = EINVAL; return EINVAL; } if (value < 0 && radix == 10) { is_negative = 1; val = -value; } else { is_negative = 0; val = value; } pos = buffer + 64; *pos = '\0'; do { digit = val % radix; val /= radix; if (digit < 10) *--pos = (char)('0' + digit); else *--pos = (char)('a' + digit - 10); } while (val != 0); if (is_negative) *--pos = '-'; len = buffer + 65 - pos; if (len > size) { size_t i; char *p = str; /* Copy the temporary buffer backwards up to the available number of * characters. Don't copy the negative sign if present. */ if (is_negative) { p++; size--; } for (pos = buffer + 63, i = 0; i < size; i++) *p++ = *pos--; str[0] = '\0'; //MSVCRT_INVALID_PMT("str[size] is too small"); *__errno() = ERANGE; return ERANGE; } memcpy(str, pos, len); return 0; }
int* __errno_location() { return __errno(); }
volatile int* __errno_portable() { return __errno(); }