aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorcomex2015-02-22 23:03:31 -0500
committercomex2015-02-23 00:54:13 -0500
commiteaf872dc03498d99bfbca802237ea8d10b8523b0 (patch)
treee0d22908cc51f3bfeebcc28f81752d931c32b468
parentFix vm_remap, of trouble with which the previous diagnosis was completely inc... (diff)
downloadsubstitute-eaf872dc03498d99bfbca802237ea8d10b8523b0.tar.gz
fix i386 manual syscall, mmap return check
Diffstat
-rw-r--r--generated/darwin-inject-asm.S2
-rw-r--r--lib/darwin/execmem.c7
-rw-r--r--lib/darwin/manual-syscall.h7
3 files changed, 10 insertions, 6 deletions
diff --git a/generated/darwin-inject-asm.S b/generated/darwin-inject-asm.S
index d710a3e..6a89f62 100644
--- a/generated/darwin-inject-asm.S
+++ b/generated/darwin-inject-asm.S
@@ -17,7 +17,7 @@ _inject_start_x86_64:
.align 2
.globl _inject_start_i386
_inject_start_i386:
-.byte 0x55, 0x89, 0xe5, 0x56, 0x83, 0xec, 0x14, 0x89, 0xce, 0xe8, 0x00, 0x00, 0x00, 0x00, 0x58, 0xc7, 0x45, 0xf8, 0x00, 0x00, 0x00, 0x00, 0x89, 0x74, 0x24, 0x0c, 0x8d, 0x80, 0x98, 0x00, 0x00, 0x00, 0x89, 0x44, 0x24, 0x08, 0x8d, 0x45, 0xf8, 0x89, 0x04, 0x24, 0xc7, 0x44, 0x24, 0x04, 0x00, 0x00, 0x00, 0x00, 0xff, 0x16, 0x8b, 0x45, 0xf8, 0x89, 0x04, 0x24, 0xff, 0x56, 0x04, 0x8b, 0x46, 0x18, 0x89, 0x44, 0x24, 0x0c, 0xc7, 0x44, 0x24, 0x08, 0x00, 0x00, 0x00, 0x00, 0xc7, 0x44, 0x24, 0x04, 0x00, 0x00, 0x00, 0x00, 0xc7, 0x04, 0x24, 0x00, 0x00, 0x00, 0x00, 0xe8, 0x0d, 0x00, 0x00, 0x00, 0xb8, 0xad, 0x0b, 0x00, 0x00, 0xff, 0xd0, 0x83, 0xc4, 0x14, 0x5e, 0x5d, 0xc3, 0xb8, 0x69, 0x01, 0x00, 0x00, 0x5a, 0x89, 0xe1, 0x0f, 0x34, 0xb8, 0xdc, 0xff, 0xff, 0xff, 0x5a, 0x89, 0xe1, 0x0f, 0x34, 0x55, 0x89, 0xe5, 0x81, 0xed, 0x00, 0x04, 0x00, 0x00, 0x8b, 0x54, 0x24, 0x08, 0x8b, 0x42, 0x10, 0x81, 0xe2, 0x00, 0xf0, 0xff, 0xff, 0x89, 0x55, 0x08, 0xc7, 0x45, 0x0c, 0x00, 0x20, 0x00, 0x00, 0x83, 0xc0, 0x03, 0xff, 0xe0, 0x55, 0x89, 0xe5, 0x57, 0x56, 0x83, 0xec, 0x10, 0xe8, 0x00, 0x00, 0x00, 0x00, 0x5f, 0x8b, 0x75, 0x08, 0x8b, 0x46, 0x14, 0x89, 0x04, 0x24, 0xc7, 0x44, 0x24, 0x04, 0x00, 0x00, 0x00, 0x00, 0xff, 0x56, 0x08, 0x85, 0xc0, 0x74, 0x23, 0x8d, 0x8f, 0x52, 0x00, 0x00, 0x00, 0x89, 0x4c, 0x24, 0x04, 0x89, 0x04, 0x24, 0xff, 0x56, 0x0c, 0x85, 0xc0, 0x74, 0x0f, 0x8d, 0x4e, 0x20, 0x8b, 0x56, 0x1c, 0x89, 0x54, 0x24, 0x04, 0x89, 0x0c, 0x24, 0xff, 0xd0, 0x8b, 0x46, 0x18, 0x89, 0x04, 0x24, 0xe8, 0x7d, 0xff, 0xff, 0xff, 0x83, 0xc4, 0x10, 0x5e, 0x5f, 0x5d, 0xe9, 0x7c, 0xff, 0xff, 0xff, 0x73, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x65, 0x5f, 0x69, 0x6e, 0x69, 0x74, 0x00
+.byte 0x55, 0x89, 0xe5, 0x56, 0x83, 0xec, 0x14, 0x89, 0xce, 0xe8, 0x00, 0x00, 0x00, 0x00, 0x58, 0xc7, 0x45, 0xf8, 0x00, 0x00, 0x00, 0x00, 0x89, 0x74, 0x24, 0x0c, 0x8d, 0x80, 0xb0, 0x00, 0x00, 0x00, 0x89, 0x44, 0x24, 0x08, 0x8d, 0x45, 0xf8, 0x89, 0x04, 0x24, 0xc7, 0x44, 0x24, 0x04, 0x00, 0x00, 0x00, 0x00, 0xff, 0x16, 0x8b, 0x45, 0xf8, 0x89, 0x04, 0x24, 0xff, 0x56, 0x04, 0x8b, 0x46, 0x18, 0x89, 0x44, 0x24, 0x0c, 0xc7, 0x44, 0x24, 0x08, 0x00, 0x00, 0x00, 0x00, 0xc7, 0x44, 0x24, 0x04, 0x00, 0x00, 0x00, 0x00, 0xc7, 0x04, 0x24, 0x00, 0x00, 0x00, 0x00, 0xe8, 0x0d, 0x00, 0x00, 0x00, 0xb8, 0xad, 0x0b, 0x00, 0x00, 0xff, 0xd0, 0x83, 0xc4, 0x14, 0x5e, 0x5d, 0xc3, 0xb8, 0x69, 0x01, 0x00, 0x00, 0xe8, 0x00, 0x00, 0x00, 0x00, 0x5a, 0x81, 0xc2, 0x0b, 0x00, 0x00, 0x00, 0x89, 0xe1, 0x0f, 0x34, 0xc3, 0xb8, 0xdc, 0xff, 0xff, 0xff, 0xe8, 0x00, 0x00, 0x00, 0x00, 0x5a, 0x81, 0xc2, 0x0b, 0x00, 0x00, 0x00, 0x89, 0xe1, 0x0f, 0x34, 0xc3, 0x55, 0x89, 0xe5, 0x81, 0xed, 0x00, 0x04, 0x00, 0x00, 0x8b, 0x54, 0x24, 0x08, 0x8b, 0x42, 0x10, 0x81, 0xe2, 0x00, 0xf0, 0xff, 0xff, 0x89, 0x55, 0x08, 0xc7, 0x45, 0x0c, 0x00, 0x20, 0x00, 0x00, 0x83, 0xc0, 0x03, 0xff, 0xe0, 0x55, 0x89, 0xe5, 0x57, 0x56, 0x83, 0xec, 0x10, 0xe8, 0x00, 0x00, 0x00, 0x00, 0x5f, 0x8b, 0x75, 0x08, 0x8b, 0x46, 0x14, 0x89, 0x04, 0x24, 0xc7, 0x44, 0x24, 0x04, 0x00, 0x00, 0x00, 0x00, 0xff, 0x56, 0x08, 0x85, 0xc0, 0x74, 0x23, 0x8d, 0x8f, 0x52, 0x00, 0x00, 0x00, 0x89, 0x4c, 0x24, 0x04, 0x89, 0x04, 0x24, 0xff, 0x56, 0x0c, 0x85, 0xc0, 0x74, 0x0f, 0x8d, 0x4e, 0x20, 0x8b, 0x56, 0x1c, 0x89, 0x54, 0x24, 0x04, 0x89, 0x0c, 0x24, 0xff, 0xd0, 0x8b, 0x46, 0x18, 0x89, 0x04, 0x24, 0xe8, 0x71, 0xff, 0xff, 0xff, 0x83, 0xc4, 0x10, 0x5e, 0x5f, 0x5d, 0xe9, 0x7c, 0xff, 0xff, 0xff, 0x73, 0x75, 0x62, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 0x65, 0x5f, 0x69, 0x6e, 0x69, 0x74, 0x00
.align 2
.globl _inject_start_arm
_inject_start_arm:
diff --git a/lib/darwin/execmem.c b/lib/darwin/execmem.c
index 666fa8a..0155b1f 100644
--- a/lib/darwin/execmem.c
+++ b/lib/darwin/execmem.c
@@ -402,9 +402,10 @@ int execmem_foreign_write_with_pc_patch(struct execmem_foreign_write *writes,
* hook one of them. (This includes the mmap, since there's an epilog
* after the actual syscall instruction.)
* This includes the signal handler! */
- if (manual_mmap((void *) page_start, len, PROT_NONE,
- MAP_ANON | MAP_SHARED | MAP_FIXED, -1, 0)
- == MAP_FAILED) {
+ void *mmret = manual_mmap((void *) page_start, len, PROT_NONE,
+ MAP_ANON | MAP_SHARED | MAP_FIXED, -1, 0);
+ /* MAP_FAILED is a userspace construct */
+ if ((uintptr_t) mmret & 0xfff) {
ret = SUBSTITUTE_ERR_VM;
goto fail_unmap;
}
diff --git a/lib/darwin/manual-syscall.h b/lib/darwin/manual-syscall.h
index b1bac7e..88ac179 100644
--- a/lib/darwin/manual-syscall.h
+++ b/lib/darwin/manual-syscall.h
@@ -23,9 +23,12 @@
#elif defined(__i386__)
#define GEN_SYSCALL_INNER() \
"mov $num, %eax\n" \
- "pop %edx\n" \
+ "call 0f\n" \
+ "0: pop %edx\n" \
+ "add $(1f-0b), %edx\n" \
"mov %esp, %ecx\n" \
- "sysenter\n"
+ "sysenter\n" \
+ "1: ret\n"
#elif defined(__arm__)
#define GEN_SYSCALL_INNER() \
"mov r12, #num\n" \
Copyright (C) 2019-2021 Reiko Asakura. All Rights Reserved.