修改注入检测bug

2022-11-23 18:11:56 +08:00 · 2022-11-23 18:11:56 +08:00 · 8555519078
parent 0b2723f90f
commit 8555519078
4 changed files with 30 additions and 13 deletions
--- a/detect-plugin/detect-tools/bincheck_loader.sh
+++ b/detect-plugin/detect-tools/bincheck_loader.sh
@ -3,10 +3,18 @@ ARCH=`arch`
 DIR=`dirname $0`
 BINLOADER=$DIR/${ARCH}/binloader
 HIJACKLIBPATH=$DIR/${ARCH}/hijack_pthread.so
-# if [ -n "`ps -ef | grep deadlockcheck | grep -v grep`" ];then
+CLEANFILE=`ls /tmp/lock.info.*`
-# 	exit 100
+for tmpfile in ${CLEANFILE}
-# fi
+do
    pid=`echo $tmpfile | awk -F '.' '{print $3}'`
    [ -e /proc/$pid ] || rm -rf $tmpfile
 done
 if [ -n "`ps -ef | grep 'deadlockcheck --threadlib' | grep -v grep`" ];then
 	exit 100
 fi
 if [ $# -lt 1 ];then
    # echo "Error params"
@ -30,4 +38,9 @@ if [ -z "${LIBPTHREAD_PATH}" ];then
    exit 104
 fi
 if [ -z $HIJACK ];then
    ${BINLOADER} $@
 else
    export LD_PRELOAD=${HIJACKLIBPATH}
    ${BINLOADER} $@
 fi
--- a/detect-plugin/detect-tools/x86_64/deadlockcheck.b
+++ b/detect-plugin/detect-tools/x86_64/deadlockcheck.b
--- a/detect-plugin/src/detectTaskProvider.ts
+++ b/detect-plugin/src/detectTaskProvider.ts
@ -137,7 +137,6 @@ class CustomBuildTaskTerminal implements vscode.Pseudoterminal {
 			this.closeEmitter.fire(0);
 		}
 	}
 	private hijackCheck(){
 		// 注入方式
 		child.exec(`${hijackTool} ${this.checkedPid}`, (err, o, e)=>{
@ -173,20 +172,24 @@ class CustomBuildTaskTerminal implements vscode.Pseudoterminal {
 	private async doExec(): Promise<void> {
 		return new Promise<void>((resolve) => {
 			this.writeEmitter.fire('正在检测 ...\r\n');
 			let localEnv: NodeJS.ProcessEnv = {};
 			for(var key in process.env){
 				localEnv[key] = process.env[key];
 			}
 			if(this.option.env){
 				Object.keys(this.option.env).forEach(key => {
 					let value = this.option.env?.[key];
-					process.env[key] = value;
+					localEnv[key] = value;
 				});
 			}
 			let hadPid = false;
 			if(isNotSupport){
 				// 库注入
 				this.hadChecked = false;
-				process.env["LD_PRELOAD"] = hijackLib;
+				localEnv["HIJACK"] = "true";
 			} 
 			let coption: child.SpawnOptionsWithoutStdio = {
-				env: process.env
+				env: localEnv
 			};
 			if(this.option.cwd?.length){
 				coption.cwd = this.option.cwd;
@ -199,7 +202,7 @@ class CustomBuildTaskTerminal implements vscode.Pseudoterminal {
 				let errmsg = "";
 				switch (code) {
 					case 100:
-						errmsg = "正在检测请稍后";
+						errmsg = "有程序正在检测请稍后...";
 						break;
 					case 101:
 						errmsg = "待检测可执行程序不能为空 !";
--- a/detect-plugin/src/extension.ts
+++ b/detect-plugin/src/extension.ts
@ -156,19 +156,20 @@ export function activate(context: vscode.ExtensionContext) {
 		}
 		var kernelOptions: string[] = [
 			"CONFIG_UPROBES=y",
-			"CONFIG_UPROBE_EVENTS=y",
+			"CONFIG_UPROBE_EVENTS=yv",
 			"CONFIG_TRACEPOINTS=y",
 			"CONFIG_PERF_EVENTS=y",
 			"CONFIG_BPF_EVENTS=y"
 		];
 		var isNotSupport = false;
-		fs.readFile(`/boot/config-${o}`, 'utf8', function (err, buffer) {
+		o = o.replace("\n", "");
 		fs.readFile(`/boot/config-${o}`, function (err, buff) {
 			if(err){
 				isNotSupport = true;
 			}else{
-				// var str = buffer.toString();
+				console.log(buff.toString());
 				kernelOptions.forEach(elem=>{
-					if(!buffer.includes(elem)){
+					if(!buff.includes(elem)){
 						isNotSupport = true;
 					}
 				});