android bss fix

kekeimiku · Aug 9, 2024 · d3946be · d3946be
1 parent c561eae
commit d3946be
Show file tree

Hide file tree

Showing 4 changed files with 43 additions and 29 deletions.
diff --git a/command/src/cmd.rs b/command/src/cmd.rs
@@ -228,7 +228,7 @@ pub struct TestPointerChain {
 
 #[cfg(target_os = "android")]
 fn filter_modules(m: &&Module) -> bool {
-    const N_ELFS: [&str; 3] = ["oat", "dex", "odex"];
+    const N_ELFS: [&str; 6] = ["oat", "dex", "odex", "oat:bss", "dex:bss", "odex:bss"];
     let path = Path::new(&m.pathname);
     path.starts_with("/data")
         && !path

diff --git a/libptrscan/src/dump/linux/dump.rs b/libptrscan/src/dump/linux/dump.rs
@@ -23,10 +23,10 @@ pub fn create_pointer_map(
 
     let mut addr_map = BTreeMap::new();
 
-    let mut buf = vec![0_u8; 0x100000];
+    let mut buf = vec![0_u8; 0x200000];
     for Range { start, end } in range_maps.iter() {
         let (start, size) = (start, end - start);
-        for off in (0..size).step_by(0x100000) {
+        for off in (0..size).step_by(0x200000) {
             let size = match mem.read_at(&mut buf, (start + off) as u64) {
                 Ok(n) => n,
                 Err(err) => {
@@ -86,7 +86,7 @@ pub fn create_pointer_map_file(
         .collect::<RangeSet<usize>>();
 
     let file = File::options().append(true).create_new(true).open(path)?;
-    let mut buffer = BufWriter::with_capacity(0x100000, file);
+    let mut buffer = BufWriter::with_capacity(0x200000, file);
 
     buffer.write_all(header(module_maps.len() as u32).as_bytes())?;
 
@@ -100,10 +100,10 @@ pub fn create_pointer_map_file(
                 .and(buffer.write_all(name.as_bytes()))
         })?;
 
-    let mut buf = vec![0_u8; 0x100000];
+    let mut buf = vec![0_u8; 0x200000];
     for Range { start, end } in range_maps.iter() {
         let (start, size) = (start, end - start);
-        for off in (0..size).step_by(0x100000) {
+        for off in (0..size).step_by(0x200000) {
             let size = match mem.read_at(&mut buf, (start + off) as u64) {
                 Ok(n) => n,
                 Err(err) => {

diff --git a/libptrscan/src/dump/linux/info.rs b/libptrscan/src/dump/linux/info.rs
@@ -6,13 +6,12 @@ use std::{
 
 use super::{RangeMap, RangeSet};
 
+#[allow(dead_code)]
 struct Map<'a> {
     start: usize,
     end: usize,
     flags: &'a str,
-    #[allow(dead_code)]
     offset: usize,
-    #[allow(dead_code)]
     dev: &'a str,
     inode: usize,
     name: Option<&'a str>,
@@ -35,9 +34,10 @@ impl Map<'_> {
         &self.flags[1..2] == "w"
     }
 
-    // fn is_exec(&self) -> bool {
-    //     &self.flags[2..3] == "x"
-    // }
+    #[allow(dead_code)]
+    fn is_exec(&self) -> bool {
+        &self.flags[2..3] == "x"
+    }
 
     fn name(&self) -> Option<&str> {
         self.name
@@ -73,27 +73,41 @@ impl<'a> Iterator for MapIter<'a> {
     }
 }
 
+const REGIONS: [&str; 3] = ["[anon:libc_malloc]", "[stack]", "[heap]"];
+const BSS: &str = "[anon:.bss]";
+
+#[inline]
+fn is_a(s: &str) -> bool {
+    s.get(0..7).is_some_and(|s| s.eq("/memfd:")) || s.starts_with("/dev/")
+}
+
+fn is_elf(s: &str) -> bool {
+    let path = Path::new(s);
+    if path.is_file() {
+        let mut buf = [0; 6];
+        File::open(path)
+            .and_then(|mut f| f.read_exact(&mut buf))
+            .is_ok_and(|_| [0x7f, b'E', b'L', b'F', 2, 1].eq(&buf))
+    } else {
+        false
+    }
+}
+
 pub fn list_image_maps(pid: i32) -> Result<RangeMap<usize, String>, Error> {
     let contents = fs::read_to_string(format!("/proc/{pid}/maps"))?;
-    let maps = MapIter::new(&contents);
+    let maps = MapIter::new(&contents).collect::<Vec<_>>();
 
     let mut image_module_maps = RangeMap::new();
-    let mut buf = [0; 8];
 
-    for map in maps.filter(|m| m.is_read() && m.is_write()) {
-        if let Some(name) = map.name() {
-            if map.inode != 0 {
-                if !name.get(0..7).is_some_and(|s| s.eq("/memfd:")) && !name.starts_with("/dev/") {
-                    let path = Path::new(name);
-                    if path.is_file() {
-                        // TODO 判断文件是否是 elf64 小端
-                        let is_elf = File::open(path)
-                            .and_then(|mut f| f.read_exact(&mut buf))
-                            .is_ok_and(|_| [0x7f, b'E', b'L', b'F', 2, 1].eq(&buf[0..6]));
-                        if is_elf {
-                            image_module_maps.insert(map.start()..map.end(), name.to_string());
-                        }
-                    }
+    for (a, b) in maps.iter().zip(maps.iter().skip(1)) {
+        if a.is_read() && a.is_write() {
+            if let Some(module) = a.name().filter(|s| a.inode != 0 && !is_a(s) && is_elf(s)) {
+                image_module_maps.insert(a.start()..a.end(), module.to_string());
+
+                if b.name()
+                    .is_some_and(|s| s == BSS && b.is_read() && b.is_write())
+                {
+                    image_module_maps.insert(b.start()..b.end(), format!("{module}:bss"));
                 }
             }
         }
@@ -108,8 +122,6 @@ pub fn list_unknown_maps(pid: i32) -> Result<RangeSet<usize>, Error> {
 
     let mut unknown_maps = RangeSet::new();
 
-    const REGIONS: [&str; 4] = ["[anon:.bss]", "[anon:libc_malloc]", "[stack]", "[heap]"];
-
     for map in maps.filter(|m| m.is_read() && m.is_write()) {
         if map.name().is_some_and(|name| REGIONS.contains(&name)) || map.name().is_none() {
             unknown_maps.insert(map.start()..map.end())

diff --git a/rust-toolchain.toml b/rust-toolchain.toml
@@ -0,0 +1,2 @@
+[toolchain]
+channel = "nightly-2024-08-06"