Hello,
On Wed, Sep 24, 2014 at 11:05 AM, Zubin Mithra wrote:
> Hello,
>
> Please find below a diff that implements the abspath feature. Using the -A
> flag now resolves the relative paths to absolute ones.
>
Does this diff look OK? I could send over a patch if it is.
> Also, I've written a test for this new feature:
> http://sourceforge.net/p/strace/code/ci/fdfa72276a16d0bd42b795aef3ac6c8969210469/
>
Thank you Dmitry !
- Zubin
--
Meet PCI DSS 3.0 Compliance Requirements with EventL
Hello,
Please find below a diff that implements the abspath feature. Using the -A
flag now resolves the relative paths to absolute ones.
Usage examples can be seen here :-
https://gist.github.com/eQu1NoX/350ef0fa371aad26c7c6
diff --git a/defs.h b/defs.h
index cd9817b..d7434fe 100644
--- a/defs.h
Hi Dmitry,
> print_tracee_cwd() prints a quoted string, while getfdpath() returns
> a raw string.
>
Thank you for the review! Please find below a diff for renameat+renameat2.
diff --git a/defs.h b/defs.h
index 625cac6..a5fd654 100644
--- a/defs.h
+++ b/defs.h
@@ -562,7 +562,8 @@ extern bool ifl
>> Hi Dmitry,
>>
>>> Actually, it is quite linux specific: SOCK_DIAG_BY_FAMILY needs tcp_diag
>>> kernel module to handle IPPROTO_TCP, and udp_diag - for IPPROTO_UDP
>>> sockets.
>>
>> I’m not sure I understand the problem here — could you tell me which kernel
>> version you had used so that I
> I think it would be less confusing to print both src and dst address:port
> when dst address:port is non-zero, for example:
> accept(3<0.0.0.0:7171>, {sa_family=AF_INET, sin_port=htons(48435),
> sin_addr=inet_addr("127.0.0.1")}, [16]) = 4<127.0.0.1:7171->127.0.0.1:48435>
>
Got it, thanks Dmitr
> @@ -1772,10 +1772,10 @@ sys_renameat(struct tcb *tcp)
> {
> if (entering(tcp)) {
> print_dirfd(tcp, tcp->u_arg[0]);
> - printpath(tcp, tcp->u_arg[1]);
> + printpathat(tcp, tcp->u_arg[0], tcp->u_arg[1]);
> tprints(", ");
> pr
(struct tcb *tcp, long addr, int n)
+{
+ printpath_common(tcp, -1, addr, n);
+}
+
+void
printpath(struct tcb *tcp, long addr)
{
/* Size must correspond to char path[] size in printpathn */
Thanks!
-- zm
On 20-Aug-2014, at 18:56, Dmitry V. Levin wrote:
> On Mon, Aug 11,
Hi Dmitry,
On 21-Aug-2014, at 4:27, Dmitry V. Levin wrote:
> On Thu, Aug 21, 2014 at 02:53:46AM +0400, Dmitry V. Levin wrote:
>> On Mon, Aug 11, 2014 at 02:21:01PM +0530, zubin.mit...@gmail.com wrote:
> [...]
>> if (!inet_ntop(diag_msg->idiag_family, diag_msg->id.idiag_dst,
>>
Hi Dmitry,
> Actually, it is quite linux specific: SOCK_DIAG_BY_FAMILY needs tcp_diag
> kernel module to handle IPPROTO_TCP, and udp_diag - for IPPROTO_UDP
> sockets.
I’m not sure I understand the problem here — could you tell me which kernel
version you had used so that I could try compiling th
On Thu, Aug 21, 2014 at 02:53:46AM +0400, Dmitry V. Levin wrote:
> On Mon, Aug 11, 2014 at 02:21:01PM +0530, zubin.mit...@gmail.com wrote:
[...]
> if (!inet_ntop(diag_msg->idiag_family, diag_msg->id.idiag_dst,
> remote_addr_buf, size) || !remote_addr_buf[0])
>
>
> This won't work for renameat, renameat2, and linkat syscalls.
> A more robust approach is to introduce a new printing function, e.g.
> printpathat, and use it in these decoders.
Thank you for the review Dmitry!
Ah I see, indeed I'll do that.
-- zm
---
>
>
>>
>>
> Unless I'm mistaken this header is present on all linux systems in
> /usr/include even with the dev packages installed.
>
>
Typo, sorry. "this header is *not* present on all"
Thanks,
-- zm
--
___
Hello all,
This is the latest patch for extended socket fd decoding. A few points :-
> +
> +#ifdef HAVE_LINUX_SOCK_DIAG_H
> +# include
> +#else
> +# define SOCK_DIAG_BY_FAMILY 20
> + struct sock_diag_req {
> + __u8sdiag_family;
> + __u8sdiag_protocol;
> + };
> +#endif
From: Zubin Mithra
* Makefile.am (strace_SOURCES): Add socketutils.c.
* configure.ac (AC_CHECK_HEADERS): Add linux/inet_diag.h,
linux/netlink.h, linux/sock_diag.h.
(AC_CHECK_TYPES): Add inet_diag_req_v2.
* defs.h (get_pagesize): Add declaration.
(printsockdetails): Add declaration.
* mem.c
From: Zubin Mithra
* Makefile.am (strace_SOURCES): Add socketutils.c.
* configure.ac (AC_CHECK_HEADERS): Add linux/inet_diag.h,
linux/netlink.h, linux/sock_diag.h.
(AC_CHECK_TYPES): Add inet_diag_req_v2.
* defs.h (get_pagesize): Add declaration.
(printsockdetails): Add declaration.
* mem.c
Hi,
Thank you for the review, Dmitry, Mike! I'll send out a patch soon.
>
> > + memset(&msg, 0, sizeof(msg));
> > + memset(&sa, 0, sizeof(sa));
> > + memset(&nlh, 0, sizeof(nlh));
> > + memset(&conn_req, 0, sizeof(conn_req));
>
> do you need to zero these out when you initialize
Hi Dmitry,
On Mon, Aug 11, 2014 at 8:50 AM, Zubin Mithra
wrote:
> Hi Dmitry,
>
>
>> No, -y should not change, conversion of all relative paths to absolute
>> should be controlled by another option.
>>
>
> Thanks, got it. Currently I'm using the
Hi Dmitry,
> No, -y should not change, conversion of all relative paths to absolute
> should be controlled by another option.
>
Thanks, got it. Currently I'm using the -A option for absolute path
decoding.
> When descriptors decoding is enabled, descriptors passed to *at syscalls
> are decoded
Hi Dmitry,
Thank you for your review!
On Sat, Aug 9, 2014 at 5:05 AM, Dmitry V. Levin wrote:
> On Tue, Jul 01, 2014 at 03:13:21PM +0530, zubin.mit...@gmail.com wrote:
> > * defs.h (show_fd_path): Change type to unsigned int.
> > * strace.c (show_fd_path): Update usage to count y flag.
> > (usag
From: Zubin Mithra
* defs.h: Add Add header files netinet/in.h, sys/socket.h,
arpa/inet.h, linux/netlink.h and linux/inet_diag.h.
Change type of show_fd_path to unsigned int.
Add macros SOCK_DIAG_BY_FAMILY, SOCKET_BUFFER_SIZE.
Add structs sock_diag_req, inet_diag_req_v2.
* strace.c (init
Hello,
On Tue, Jul 1, 2014 at 3:13 PM, wrote:
> From: Zubin Mithra
>
> * defs.h (show_fd_path): Change type to unsigned int.
> * strace.c (show_fd_path): Update usage to count y flag.
> (usage): Update to add -yy option.
> * util.c (print_tracee_cwd): New function.
> (p
Hi Masatake !
Thank you for reviewing the patch!
>
> It is nice if you prepare a test case, too. See code/tests/.
>
Sure, I'll check out how tests are done and add relevant tests.
> To make adding more families a bit easier how do you think use switch/case
> instead of if/else? Like:
>
>
From: Zubin Mithra
* defs.h: Add Add header files netinet/in.h, sys/socket.h,
arpa/inet.h, linux/netlink.h and linux/inet_diag.h.
Change type of show_fd_path to unsigned int.
Add macros SOCK_DIAG_BY_FAMILY, SOCKET_BUFFER_SIZE.
Add structs sock_diag_req, inet_diag_req_v2.
* strace.c (init
Hi Mike,
On Wed, Aug 6, 2014 at 6:59 PM, Mike Frysinger wrote:
> On Mon 04 Aug 2014 08:35:02 zubin.mit...@gmail.com wrote:
>> From: Zubin Mithra
>>
>> * desc.c (decode_select): Initialize fds to NULL.
>> * strace.c (expand_tcbtab): Change type to unsigned.
>
Hi Mike,
Thank you for the review!
On Wed, Aug 6, 2014 at 7:14 PM, Mike Frysinger wrote:
> On Mon 04 Aug 2014 08:31:30 zubin.mit...@gmail.com wrote:
>> --- a/bjm.c
>> +++ b/bjm.c
>> @@ -121,6 +121,8 @@ sys_query_module(struct tcb *tcp)
>>
On Wed, Aug 6, 2014 at 11:10 PM, Dmitry V. Levin wrote:
> On Tue, Aug 05, 2014 at 11:58:35PM -0400, Mike Frysinger wrote:
>> On Wed 06 Aug 2014 12:31:36 Masatake YAMATO wrote:
> [...]
>> > A problem is that many libraries wrapping netlink interface are
>> > distributed under term of GPL or LGPL. I
Hello everyone,
I was trying out some netlink socket code and I needed to use the
header file "linux/sock_diag.h".
Doing a locate for the file gave me the following result(I do have
kernel headers installed and I'm on an Ubuntu machine).
$ locate linux/sock_diag.h
/usr/arm-linux-gnueabi/include/
Hi Mike,
>
> i don't think we want to use that model. the /proc net filesystem is known to
> have limitations. instead i think we should do what iproute2's ss tool does
> -- use netlink sockets.
Looks interesting, I'll change the current implementation to use
netlink sockets. Thank you!
-- zm
t.github.com/eQu1NoX/a97d74bd059682da6fe9
Thanks,
-- zm
On Tue, Aug 5, 2014 at 9:24 AM, Zubin Mithra wrote:
> Hello everyone,
>
> A few notes on the patch "Print ip and port associated with descriptor
> with -yy" :-
>
> 1. A sample output of running it on the client and the
From: Zubin Mithra
* defs.h: Add header files netinet/in.h, sys/socket.h and
arpa/inet.h.
(init): change type of show_fd_path to unsigned int.
* util.c (print_remote_ipport): New function.
(check_netfile): New function.
(printsockdetails): New function.
(printfd): Modify to use
Hello everyone,
A few notes on the patch "Print ip and port associated with descriptor
with -yy" :-
1. A sample output of running it on the client and the server can be
found here :-
- client : https://gist.github.com/eQu1NoX/3a325de729b4705dc9c3
- server : https://gist.github.com/eQu1NoX/3713abc
From: Zubin Mithra
* defs.h: Add header files netinet/in.h, sys/socket.h and
arpa/inet.h.
(init): change type of show_fd_path to unsigned int.
* util.c (print_remote_ipport): New function.
(printsockdetails): New function.
(printfd): Modify to use printsockdetails.
Signed-off-by: Zubin Mithra
From: Zubin Mithra
* desc.c (decode_select): Initialize fds to NULL.
* strace.c (expand_tcbtab): Change type to unsigned.
(startup_child): Initialize pathname array.
Signed-off-by: Zubin Mithra
---
desc.c | 2 +-
strace.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff
From: Zubin Mithra
* bjm.c (sys_query_module): Add bounds check.
Signed-off-by: Zubin Mithra
---
bjm.c | 4
1 file changed, 4 insertions(+)
diff --git a/bjm.c b/bjm.c
index b34c6ed..b5ce103 100644
--- a/bjm.c
+++ b/bjm.c
@@ -121,6 +121,8 @@ sys_query_module(struct tcb *tcp
Hi Mike,
On Fri, Aug 1, 2014 at 4:25 PM, Mike Frysinger wrote:
> On Thu 03 Jul 2014 17:45:41 zubin.mit...@gmail.com wrote:
> > From: Zubin Mithra
> >
> > * file.c (sys_getdents): Add d_reclen check.
> > (sys_getdents64): Add d_reclen check.
> >
From: Zubin Mithra
* file.c (sys_getdents): Add d_reclen check.
(sys_getdents64): Add d_reclen check.
Signed-off-by: Zubin Mithra
---
file.c | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/file.c b/file.c
index a92a7dc..0934ce1 100644
--- a/file.c
+++ b/file.c
From: Zubin Mithra
* file.c (sys_getdents): Add d_reclen check.
(sys_getdents64): Add d_reclen check.
Signed-off-by: Zubin Mithra
---
file.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/file.c b/file.c
index a92a7dc..d739df6 100644
--- a/file.c
+++ b
From: Zubin Mithra
* defs.h (show_fd_path): Change type to unsigned int.
* strace.c (show_fd_path): Update usage to count y flag.
(usage): Update to add -yy option.
* util.c (print_tracee_cwd): New function.
(printpathn): Update to use print_tracee_cwd and print
absolute path.
* strace.1: Add
From: Zubin Mithra
* defs.h (show_fd_path): Change type to unsigned int.
* strace.c (show_fd_path): Update usage to count y flag.
(usage): Update to add -yy option.
* util.c (print_tracee_cwd): New function.
(printpathn): Update to use print_tracee_cwd and print
absolute path.
* strace.1: Add
>
> you could use an alloca() buffer starting at a "large enough" value to cover
> most common cases (like 256) and put it into a loop -- when the return value
> of readlink is equal to bufsiz, double the buffer length and try again.
I think there are a few more cases where the call might fail. I
Hi Dmitry, Mike,
Thank you very much for the review! :)
>
> all that said, this is exactly the sort of thing asprintf() was invented. so
> really we should delete all this logic and do:
> char *path = asprintf("/proc/%u/cwd", tcp->pid);
> if (!path)
> return false
From: Zubin Mithra
* defs.h (show_fd_path): Change type to unsigned int.
* strace.c (show_fd_path): Update usage to count y flag.
* util.c (print_tracee_cwd): New function.
(printpathn): Update to use print_tracee_cwd and print
absolute path.
* strace.1: Add description of -yy option
Signed
> The first line would be cwd[n] and not n++ I believe. Im not sure a
> simplification as shown above would be possible.
>
My bad, I was wrong.
-- zm
--
-- Sent from an iPhone
--
HPCC Systems Open Source Big Data Plat
Hey Dmitry,
Thank you for your response. Ill fix the issues and send a fix over asap.
> > + ssize_t n;I suppose incremented "n" would make the code a bit
> simpler, e.g.
>
> cwd[n++] = '/';
> cwd[n++] = '\0';
> outstr = alloca(4 * n); /* 4*(n-1
From: Zubin Mithra
* defs.h (show_fd_path): Change type to unsigned int.
* strace.c (show_fd_path): Update usage to count y flag.
* util.c (print_tracee_cwd): New function.
(printpathn): Update to use print_tracee_cwd and print
absolute path.
Signed-off-by: Zubin Mithra
---
defs.h | 2
Hi Dmitry,
On Thu, Jun 5, 2014 at 4:49 PM, wrote:
> From: Zubin Mithra
>
> * defs.h (show_fd_path): Change type to unsigned int.
> (get_tracee_cwd, print_abspath): New prototypes.
> * strace.c (show_fd_path): Update usage to count y flag.
> * util.c (get_tracee_
From: Zubin Mithra
* defs.h (show_fd_path): Change type to unsigned int.
(get_tracee_cwd, print_abspath): New prototypes.
* strace.c (show_fd_path): Update usage to count y flag.
* util.c (get_tracee_cwd): New function.
(printpathn): Update to use get_tracee_cwd and print
absolute path
Hey Dmitry,
>
> I've corrected this commit message and applied the patch.
> Thanks! :)
Thank you! :)
-- zm
--
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph d
From: Zubin Mithra
* defs.h (RVAL_FD): New macro.
* defs.h (RVAL_MASK, RVAL_STR, RVAL_NONE): Macro values modified.
* desc.c (sys_dup): New function.
* desc.c (sys_delete_module): New function.
* desc.c (do_dup2, decode_open, sys_creat): Modified to return
RVAL_FD.
* linux/dummy.h
From: Zubin Mithra
* defs.h (RVAL_FD): New macro.
* defs.h (RVAL_MASK, RVAL_STR, RVAL_NONE): Macro values modified.
* desc.c (sys_dup): New function.
* desc.c (sys_delete_module): New function.
* desc.c (do_dup2, sys_open): Modified to return RVAL_FD.
* linux/dummy.h (sys_delete_module, sys_dup
>
> Same here, lets change decode_open to return RVAL_FD instead.
>
>> +int sys_delete_module(struct tcb *tcp)
>> +{
>> return decode_open(tcp, 0);
>> }
>
> btw, it's not right for sys_delete_module to use decode_open,
> but that's a subject for another patch.
>
I see -- so do I create a du
From: Zubin Mithra
* defs.h (RVAL_FD): New macro.
* defs.h (RVAL_MASK, RVAL_STR, RVAL_NONE): Macro values modified.
* desc.c (sys_dup): New function.
* desc.c (sys_delete_module): New function.
* desc.c (sys_open, sys_dup2, sys_dup3, sys_creat): Modified to return
RVAL_FD
* linux/dummy.h
>
> linux:~/strace-code # autoreconf -i
> automake: error: cannot open < xlat/Makemodule.am: No such file or directory
> autoreconf: automake failed with exit status: 1
>
I tried running "build_static_example.sh" first and it worked. Im on a
64 bit machine and I also had to set up a symlink to gcc
Hey Dmitry,
>> $ strace -yeclose cat /dev/null
>> close(3) = 0
>> close(3) = 0
>> close(3) = 0
>> close(1)= 0
>> close(2)= 0
>> +++ exited with 0 +++
I had tested it out by running it on a few binaries. I hadn't no
From: Zubin Mithra
* defs.h (returns_fd): New prototype.
* util.c (returns_fd): New function that checks if the tcb refers
to a function that returns a file descriptor.
* syscall.c (trace_syscall_exiting): Use returns_fd to determine whether
tcp->u_rval is a file descriptor.
Signed-off
Hey Dmitry,
>> First, printing absolute paths is not the same as printing canonicalized
>> paths. The first is straightforward, the second is more complicated and
>> may produce unexpected results. For example, do you really want to follow
>> symlinks when decoding path names passed to open(2)?
From: Zubin Mithra
* util.c (print_abspath): New function that converts
a relative to an absolute path.
* util.c (get_tracee_cwd): New function that finds
the current working directory of the tracee.
* (printpathn): Use print_abspath to print out links
if `-yy` flag is used.
Signed-off-by
From: Zubin Mithra
* util.c (print_abspath): New function that converts
a relative to an absolute path.
* util.c (get_tracee_cwd): New function that finds
the current working directory of the tracee.
* (printpathn): Use print_abspath to print out links
if `-yy` flag is used.
Signed-off-by
Hey Dmitry,
On Wed, May 28, 2014 at 10:01 PM, Dmitry V. Levin wrote:
> On Wed, May 28, 2014 at 08:12:05PM +0530, Zubin Mithra wrote:
>> Hello,
>>
>> >> (The current implementation is just a PoC and I haven't committed
>> anything
>> >> yet, I
Hi,
> printpathn is designed for printing paths, and paths cannot be longer than
> MAXPATHLEN. Longer arguments would result to ENAMETOOLONG anyway, so
> there is no need to print more than MAXPATHLEN.
I did a few tests yesterday for fun and I got a surprising result for
getcwd. I've written abo
From: Zubin Mithra
* Type of `show_fd_path` changed from `bool` to `unsigned int` to
support the `-yy` flag.
* util.c (returns_fd): New function that checks if the tcb refers
to a function that returns a file descriptor.
* (trace_syscall_exiting): Use returns_fd to determine whether
tcp
Hi Dmitry,
>> Yes, that is what I had in mind. "-y" would behave as it always had,
>> while "-yy" would have decoding of return fds, path resolution of
>> arguments etc.
>
> I understand your concerns, but the change just extends the number of
> cases when file descriptors are decoded. I agree th
Hello,
>> (The current implementation is just a PoC and I haven't committed
anything
>> yet, I'll post a link to the commit as soon as I push it in.)
>
> This is your own repo, you can commit often!
I've added in the code for converting all paths that are printed via
printpathn(hence, all paths v
Hey Dmitry,
On Tue, May 27, 2014 at 2:47 PM, Dmitry V. Levin wrote:
> On Tue, May 27, 2014 at 06:32:29AM +0530, Zubin Mithra wrote:
>> >> --- a/syscall.c
>> >> +++ b/syscall.c
>> >> @@ -2669,7 +2669,12 @@ trace_syscall_exiting(struct tcb *tcp)
>> &g
From: Zubin Mithra
* Type of `show_fd_path` changed from `bool` to `unsigned int` to
support the `-yy` flag.
* util.c (returns_fd): New function that checks if the tcb refers
to a function that returns a file descriptor.
* (trace_syscall_exiting): Use returns_fd to determine whether
tcp
Hey Philippe,
On Tue, May 27, 2014 at 12:07 PM, Philippe Ombredanne
wrote:
> On Tue, May 27, 2014 at 5:53 AM, Zubin Mithra wrote:
>> Hello everyone,
>>
>> Currently I'm working on a means by which I can convert relative paths to
>> absolute when displayed as sy
Hello everyone,
Currently I'm working on a means by which I can convert relative paths to
absolute when displayed as system call arguments. Some sample output can be
seen here[1]. Please note that the arguments passed to "execve" and "open"
are absolute paths.
(The current implementation is just
From: Zubin Mithra
* Type of `show_fd_path` changed from `bool` to `unsigned int` to
support the `-yy` flag.
* util.c (returns_fd): New function that checks if the tcb refers
to a function that returns a file descriptor.
* (trace_syscall_exiting): Use returns_fd to determine whether
tcp
Hi Dmitry,
On Tue, May 27, 2014 at 4:53 AM, Dmitry V. Levin wrote:
> Hi Zubin,
>
> On Mon, May 26, 2014 at 10:18:11PM +0530, zubin.mit...@gmail.com wrote:
>> From: eQuiNoX__
>
> Could you choose one of your names for use in git commits and stick with
> it, at least for the length of this GSoC, p
On Mon, May 26, 2014 at 8:01 PM, Philippe Ombredanne
wrote:
> On Mon, May 26, 2014 at 1:28 PM, Zubin Mithra wrote:
>> >From 02cb9ad55054da07a4cb7666835b5a58a8e4b3dd Mon Sep 17 00:00:00 2001
>> From: eQuiNoX__
>> Date: Mon, 26 May 2014 16:46:18 +0530
>> Subject: [P
From: eQuiNoX__
* Type of `show_fd_path` changed from `bool` to `unsigned int` to
support the `-yy` flag
* util.c (returns_fd): New function that checks if the tcb refers
to a function that returns a file descriptor
* `trace_syscall_exiting` now uses `returns_fd` to determine if
`tcp->u_rva
> Zubin:
> The indentation is still munged somehow. Same as before.
>
> FYI, the gmail web interface is notable because it DOES NOT work for
> sending patches.
> It converts tabs to spaces and does other weird conversions wrecking
> an otherwise possibly excellent patch...
> Either use another ema
>From 02cb9ad55054da07a4cb7666835b5a58a8e4b3dd Mon Sep 17 00:00:00 2001
From: eQuiNoX__
Date: Mon, 26 May 2014 16:46:18 +0530
Subject: [PATCH] Path decoding for system calls that return file descriptors
implemented.
- util.c (returns_fd): New function that heck if the tcb refers
to a function th
>
> Zubin, your patch arrived to the list with all indentation corrupted,
> so it doesn't apply. Please resubmit.
I seem to have messed up the first line while entering in the commit
message. Let me resubmit.
Thanks,
Zubin
---
ool` to `unsigned int` to support the `-yy` flag - a
`returns_fd` function added in util.c to check if the tcb refers to a
function that returns a file descriptor - `trace_syscall_exiting` now uses
`returns_fd` to determine if `tcp->u_rval` needs to be passed to `printfd`
Signed-off-by:
I've restructured it a bit more, added in dup* calls, please see commit at
[1] and sample output at [2].
[1]
https://github.com/eQu1NoX/strace/commit/3d471ba8fccc531b8bc33b6467644b2d17ba8cc0
[2] https://gist.github.com/eQu1NoX/ccd6e2f9d45e2e0e82f9
>
> There is a receive call, that allows to forw
On Thu, May 22, 2014 at 7:12 PM, Fiedler Roman wrote:
> > Von: Zubin Mithra [mailto:zubin.mit...@gmail.com]
> >
> > Hey everyone,
> >
> > I just had a look around for system calls that return file descriptors
> on a
> > couple of docs[1][2][3] and th
Hey everyone,
I just had a look around for system calls that return file descriptors on a
couple of docs[1][2][3] and the ones I could find are `sys_creat` and
`sys_open`(not looking at the ones that return socket fds right now).
The commit that introduces the -yy flag can be found here[4].
The c
On Wednesday, 21 May 2014, Philippe Ombredanne wrote:
> On Wed, May 21, 2014 at 2:27 PM, Zubin Mithra
> >
> wrote:
> > Hello everyone!
> >
> > My name is Zubin Mithra and my tasks as part of GSoC include the
> following
> > :-
> > - Improving path de
Hello everyone!
My name is Zubin Mithra and my tasks as part of GSoC include the following
:-
- Improving path decoding
- Improving security in the strace codebase
The repository I will be pushing code to can be found here[1]. I'll push
updates about weekly progress onto the wiki page
On Thu, Mar 20, 2014 at 3:38 AM, Dmitry V. Levin wrote:
> Hi,
>
> On Tue, Mar 18, 2014 at 09:20:25PM +0530, Zubin Mithra wrote:
>> Hey everyone,
>>
>> Based on the valuable discussion above, I've written out a first draft
>> of the proposal for the ideas r
Hey guys,
On Tue, Mar 18, 2014 at 9:20 PM, Zubin Mithra wrote:
> (resending with the correct sender email address, sorry for any confusion!)
>
> Hey everyone,
>
> Based on the valuable discussion above, I've written out a first draft
> of the proposal for the ideas relat
(resending with the correct sender email address, sorry for any confusion!)
Hey everyone,
Based on the valuable discussion above, I've written out a first draft
of the proposal for the ideas related to path decoding and structured
output.
Please find the initial draft here[1] -- any opinions and
On Fri, Mar 7, 2014 at 2:15 PM, Philippe Ombredanne
wrote:
> On Fri, Mar 7, 2014 at 3:38 AM, eQuiNoX wrote:
>>> On Tue, Mar 4, 2014 at 1:59 PM, Zubin Mithra wrote:
> [...]
>> Perfect, sounds good to me! I'll modify my GSoC proposal to reflect
>> these chan
Hey Philippe,
> Just curious, why would you use call_one? and arg1,arg2 v.s using lists?
I was just wondering if information related to the call sequence might
be useful. In quite a few languages, JSON data directly maps to
dictionary representations(eg:- Python) -- but upon doing that we'd
lose
>> I believe that the first step would be to document and note down the system
>> calls that belong to one or more of the above categories and their system
>> call numbers, and if the -yy flag is used, check the tcp->scno against
>> these numbers and act accordingly.
>>
>> Is there something I'm mi
Hey Philippe and Dmitry,
On Sun, Mar 2, 2014 at 4:30 PM, Philippe Ombredanne
wrote:
> On Tue, Feb 25, 2014 at 5:57 PM, Zubin Mithra wrote:
>> Hey all,
>> I'm Zubin and I love low level systems programming! :)
> [...]
>> I had a look at the ideas list here[1] and fo
Hey all,
I'm Zubin and I love low level systems programming! :)
A little about myself, I program primarily in C and Python, have systems
programming experience with Minix(filesystem development) and Linux and am
a hobbyist reverse engineer(I play CTF security exercises) -- and thats
when I use st
89 matches
Mail list logo