Last active
July 5, 2021 04:24
-
-
Save bakueikozo/29fda6d50fd7a218b70f05625b06bce6 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define _GNU_SOURCE | |
| #include <dlfcn.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <unistd.h> | |
| #include <stdint.h> | |
| #include <fcntl.h> | |
| #include <linux/videodev2.h> | |
| static ssize_t (*real_write)(int fd, const void *buf, size_t count) = NULL; | |
| static uint32_t (*real_local_sdk_video_set_encode_frame_callback)(uint32_t param1,uint32_t param2)=NULL; | |
| static uint32_t (*real_local_sdk_video_set_yuv_frame_callback)(uint32_t param1,uint32_t param2)=NULL; | |
| typedef uint32_t (* framecb)(uint32_t); | |
| void *pfunccb=NULL; | |
| void *pfuncycb=NULL; | |
| int cnt=0; | |
| struct v4l2_capability vid_caps; | |
| struct v4l2_format vid_format; | |
| int v4l2_fd; | |
| char v4l2_device_path[255]; | |
| static uint32_t test_capture(void *param){ | |
| int ret=0; | |
| strcpy(v4l2_device_path,"/dev/video1"); | |
| // param is malloc'd pointer | |
| if( cnt==0 ){ | |
| fprintf(stderr,"Opening V4L2 device: %s ", v4l2_device_path); | |
| v4l2_fd=open(v4l2_device_path, O_WRONLY, 0777); | |
| if (v4l2_fd < 0) { | |
| fprintf(stderr,"Failed to open V4L2 device: %s", v4l2_device_path); | |
| //return -1; | |
| } | |
| memset(&vid_format, 0, sizeof(vid_format)); | |
| vid_format.type = V4L2_BUF_TYPE_VIDEO_OUTPUT; | |
| vid_format.fmt.pix.width = 1920; | |
| vid_format.fmt.pix.height = 1080; | |
| vid_format.fmt.pix.pixelformat = V4L2_PIX_FMT_H264; | |
| vid_format.fmt.pix.sizeimage = 0; | |
| vid_format.fmt.pix.field = V4L2_FIELD_NONE; | |
| vid_format.fmt.pix.bytesperline = 0; | |
| vid_format.fmt.pix.colorspace = V4L2_PIX_FMT_YUV420; | |
| ret = ioctl(v4l2_fd, VIDIOC_S_FMT, &vid_format); | |
| if (ret < 0) { | |
| fprintf(stderr,"Unable to set V4L2 device video format: %d", ret); | |
| //return -1; | |
| } | |
| ret = ioctl(v4l2_fd, VIDIOC_STREAMON, &vid_format); | |
| if (ret < 0) { | |
| fprintf(stderr,"Unable to perform VIDIOC_STREAMON: %d", ret); | |
| //return -1; | |
| } | |
| } | |
| uint32_t *ptr=(uint32_t *)param; | |
| uint32_t length=ptr[1]; | |
| ret = write(v4l2_fd, (void *)(*(uint32_t*)param), length); | |
| if (ret != length) { | |
| fprintf(stderr,"Stream write error: %s", ret); | |
| } | |
| cnt++; | |
| return ((framecb)pfunccb)((uint32_t)param); | |
| } | |
| uint32_t local_sdk_video_set_encode_frame_callback(uint32_t param1,uint32_t param2){ | |
| void *handle; | |
| fprintf(stderr,"!!! injected local_sdk_video_set_encode_frame_callback !!!\n"); | |
| fflush(stderr); | |
| if (real_local_sdk_video_set_encode_frame_callback == NULL){ | |
| handle = dlopen ("/system/lib/liblocalsdk.so", RTLD_LAZY); | |
| if (!handle) { | |
| fputs (dlerror(), stderr); | |
| } | |
| real_local_sdk_video_set_encode_frame_callback = dlsym(handle, "local_sdk_video_set_encode_frame_callback"); | |
| fprintf(stderr,"ptr=%d injected!!! err=%s\n",real_local_sdk_video_set_encode_frame_callback,dlerror()); | |
| } | |
| fprintf(stderr,"param1=0x%x,param2=0x%x,*param2=0x%x",param1,param2,*(int32_t*)param2); | |
| if(param1==0){ | |
| pfunccb=param2; | |
| fprintf(stderr,"enc func injection save pcb=0x%x\n",pfunccb); | |
| param2=(uint32_t)test_capture; | |
| fprintf(stderr,"override to 0x%x\n",param2); | |
| } | |
| int ret=real_local_sdk_video_set_encode_frame_callback(param1,param2); | |
| return ret; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment