summaryrefslogtreecommitdiff
path: root/plugins
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2018-06-19 17:45:06 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2018-06-19 17:45:06 (GMT)
commit85c7e2921dc28d78b9c1882af78f88e9ce956fca (patch)
tree9399e2b7309d2056e7a90b6d360349df45ede898 /plugins
parent84f86b7860014dad1a80aabd4e0bf7504710bfe8 (diff)
Improved the Linux syscalls hunt.
Diffstat (limited to 'plugins')
-rw-r--r--plugins/lnxsyscalls/collect.c25
1 files changed, 20 insertions, 5 deletions
diff --git a/plugins/lnxsyscalls/collect.c b/plugins/lnxsyscalls/collect.c
index a71e833..87f5fa2 100644
--- a/plugins/lnxsyscalls/collect.c
+++ b/plugins/lnxsyscalls/collect.c
@@ -524,16 +524,26 @@ bool look_for_registers(tracked_path *path, size_t sid, GArchProcessor *proc, co
/* Traitement de l'instruction courante */
- operand = g_arch_instruction_get_operand(instr, 0);
+ g_arch_instruction_lock_operands(instr);
- if (G_IS_REGISTER_OPERAND(operand))
+ if (_g_arch_instruction_count_operands(instr) > 0)
{
- reg = g_register_operand_get_register(G_REGISTER_OPERAND(operand));
+ operand = _g_arch_instruction_get_operand(instr, 0);
- mark_register_in_tracker(path, sid, reg, instr);
+ if (G_IS_REGISTER_OPERAND(operand))
+ {
+ reg = g_register_operand_get_register(G_REGISTER_OPERAND(operand));
+
+ mark_register_in_tracker(path, sid, reg, instr);
+
+ }
+
+ g_object_unref(G_OBJECT(operand));
}
+ g_arch_instruction_unlock_operands(instr);
+
/* Détermination de l'instruction suivante */
g_arch_instruction_lock_src(instr);
@@ -553,7 +563,6 @@ bool look_for_registers(tracked_path *path, size_t sid, GArchProcessor *proc, co
case ILT_CASE_JUMP:
case ILT_JUMP_IF_TRUE:
case ILT_JUMP_IF_FALSE:
- case ILT_LOOP:
if (first)
{
@@ -565,6 +574,12 @@ bool look_for_registers(tracked_path *path, size_t sid, GArchProcessor *proc, co
{
next = fork_register_tracker(path, sid, proc, link->linked);
look_for_registers(path, next, proc, hops);
+
+ /**
+ * Rechargement car un fork_register_tracker() a pu déplacer la liste via realloc().
+ */
+ stack = &path->stacks[sid];
+
}
break;