- 04 Dec, 2017 3 commits
-
-
Gabor Buella authored
-
Gabor Buella authored
-
Gabor Buella authored
-
- 28 Nov, 2017 1 commit
-
-
Gabor Buella authored
Use C preprocessor with assembly sources (used by default when the extension is .S). Using preprocessor includes seems a bit easier to use with cmake. In some configurations the build failed with the following error, when using ".include": /tmp/ccCLZztf.s: Assembler messages: /tmp/ccCLZztf.s:49: Error: can't open mock_trampoline_table.s for reading: No such file or directory
-
- 16 Nov, 2017 1 commit
-
-
Gabor Buella authored
The path opened by this function was: "/proc/sys/vm/mmap_min_addr," Which of course always failed, due to the comma at the end of the string.
-
- 02 Nov, 2017 1 commit
-
-
Gabor Buella authored
The message about not finding capstone could be confusing, when pkg-config is not installed, but libcapstone is.
-
- 19 Oct, 2017 3 commits
-
-
Gabor Buella authored
-
Gabor Buella authored
-
Gabor Buella authored
-
- 13 Oct, 2017 1 commit
-
-
Gabor Buella authored
* Syscall logging has its own translation unit(s). * The syscall argument formats are stored in a table, which makes them easier to maintain. * Removed some libc usages, just to make sure syscall_intercept is not surprised by something unexpected going on in sprintf calls (such as libc opening a file to read locales, other tracing, or whatnot). * Interpreting error codes returned by syscalls.
-
- 05 Oct, 2017 2 commits
-
-
Sarah Jelinek authored
Add gen_ctags target
-
Gabor Buella authored
-
- 04 Oct, 2017 2 commits
-
-
Sarah Jelinek authored
Improve logging of pipe/pipe2.
-
Marcin Ślusarz authored
-
- 29 Sep, 2017 1 commit
-
-
Sarah Jelinek authored
Fix label usage in test asm patterns
-
- 28 Sep, 2017 1 commit
-
-
Gabor Buella authored
The "jmp 0b" "jmp 0f" syntax to jump backward, or forward to numbered labels doesn't seem to be available in intel syntax mode when using clang 5, or clang 6.
-
- 20 Sep, 2017 5 commits
-
-
Sarah Jelinek authored
Refactor intercept template
-
Gabor Buella authored
-
Gabor Buella authored
It requires only two arguments now, instead of eleven.
-
Gabor Buella authored
The new code is somewhat cleaner, and allows for more reliable stack unwinding. The original values of RIP and RSP are stored on the stack among the other registers. This removes the need for multiple backtrace placeholder routines, with appropriate frame sizes.
-
Gabor Buella authored
-
- 19 Sep, 2017 2 commits
-
-
Sarah Jelinek authored
Test with capstone's experimental branch
-
Sarah Jelinek authored
Improve capstone finding code
-
- 16 Sep, 2017 2 commits
-
-
Gabor Buella authored
-
Gabor Buella authored
* The path to the directory containing capstone's library provided by capstone's package config file was ignored. * Attempting to find capstone is done before checking for toolchain features, as that is more likely to fail than the other checks, and this way the user is notified earlier. * More verbose error message when capstone is not found.
-
- 15 Sep, 2017 5 commits
-
-
Marcin Ślusarz authored
logging example -- fix a typo in a condition
-
Gabor Buella authored
Found by Coverity: ``` *** CID 1456740: Memory - illegal accesses (OVERRUN) /syscall_intercept-ubuntu-16.04/examples/syscall_logger.c: 700 in print_rdec() 694 static char * 695 print_rdec(char *dst, long n) 696 { 697 dst = print_signed_dec(dst, n); 698 699 if (n < 0 && n >= -((long)ARRAY_SIZE(error_codes))) { >>> CID 1456740: Memory - illegal accesses (OVERRUN) >>> Overrunning array "error_codes" of 134 8-byte elements at element index 134 (byte offset 1072) using index "-n" (which evaluates to 134). 700 if (error_codes[-n] != NULL) { 701 dst = print_cstr(dst, " ("); 702 dst = print_cstr(dst, error_codes[-n]); 703 dst = print_cstr(dst, ")"); 704 } 705 } ```
-
Marcin Ślusarz authored
Syscall logging improvements.
-
Marcin Ślusarz authored
Stop using sudo on Travis.
-
Marcin Ślusarz authored
Provide default values of GITHUB_REPO and DOCKERHUB_REPO.
-
- 14 Sep, 2017 4 commits
-
-
Marcin Ślusarz authored
-
Marcin Ślusarz authored
-
Marcin Ślusarz authored
-
Marcin Ślusarz authored
Without that people who fork syscall_intercept have to set those values in theirs Travis configuration.
-
- 13 Sep, 2017 6 commits
-
-
Sarah Jelinek authored
Coverity integration fix + optimization
-
Sarah Jelinek authored
Disable reporting of coverage for tests.
-
Sarah Jelinek authored
Fix (f)chmod logging
-
Sarah Jelinek authored
Add test using vfork
-
Marcin Ślusarz authored
There's no point in downloading/rebuilding Docker image in: - normal (PR/merge) build for Coverity job - Coverity build (cron/converity_scan) for non-Coverity jobs
-
Marcin Ślusarz authored
-