From 85c7e2921dc28d78b9c1882af78f88e9ce956fca Mon Sep 17 00:00:00 2001
From: Cyrille Bagard <nocbos@gmail.com>
Date: Tue, 19 Jun 2018 19:45:06 +0200
Subject: Improved the Linux syscalls hunt.
---
plugins/lnxsyscalls/collect.c | 25 ++++++++++++++++++++-----
1 file changed, 20 insertions(+), 5 deletions(-)
diff --git a/plugins/lnxsyscalls/collect.c b/plugins/lnxsyscalls/collect.c
index a71e833..87f5fa2 100644
--- a/plugins/lnxsyscalls/collect.c
+++ b/plugins/lnxsyscalls/collect.c
@@ -524,16 +524,26 @@ bool look_for_registers(tracked_path *path, size_t sid, GArchProcessor *proc, co
/* Traitement de l'instruction courante */
- operand = g_arch_instruction_get_operand(instr, 0);
+ g_arch_instruction_lock_operands(instr);
- if (G_IS_REGISTER_OPERAND(operand))
+ if (_g_arch_instruction_count_operands(instr) > 0)
{
- reg = g_register_operand_get_register(G_REGISTER_OPERAND(operand));
+ operand = _g_arch_instruction_get_operand(instr, 0);
- mark_register_in_tracker(path, sid, reg, instr);
+ if (G_IS_REGISTER_OPERAND(operand))
+ {
+ reg = g_register_operand_get_register(G_REGISTER_OPERAND(operand));
+
+ mark_register_in_tracker(path, sid, reg, instr);
+
+ }
+
+ g_object_unref(G_OBJECT(operand));
}
+ g_arch_instruction_unlock_operands(instr);
+
/* Détermination de l'instruction suivante */
g_arch_instruction_lock_src(instr);
@@ -553,7 +563,6 @@ bool look_for_registers(tracked_path *path, size_t sid, GArchProcessor *proc, co
case ILT_CASE_JUMP:
case ILT_JUMP_IF_TRUE:
case ILT_JUMP_IF_FALSE:
- case ILT_LOOP:
if (first)
{
@@ -565,6 +574,12 @@ bool look_for_registers(tracked_path *path, size_t sid, GArchProcessor *proc, co
{
next = fork_register_tracker(path, sid, proc, link->linked);
look_for_registers(path, next, proc, hops);
+
+ /**
+ * Rechargement car un fork_register_tracker() a pu déplacer la liste via realloc().
+ */
+ stack = &path->stacks[sid];
+
}
break;
--
cgit v0.11.2-87-g4458