Created
July 18, 2018 14:39
-
-
Save emersion/b473e34bb9749f7ec7321427a6d3fc88 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| int main(int argc, char **argv) | |
| { | |
| char buf[256], *mem; | |
| const char *range_name; | |
| FILE *rd, *wr; | |
| long long start_addr, end_addr; | |
| /* Open file for writing the vdso data to */ | |
| if (argc != 3) | |
| { | |
| fprintf(stderr, | |
| "Usage: %s <file> <string>\n" | |
| "\t<file>: File to write the vdso data to.\n" | |
| "\t<string>: Name of the mapped in region, e.g. vdso\n", | |
| argv[0]); | |
| return 1; | |
| } | |
| range_name = argv[2]; | |
| if (!(wr = fopen(argv[1], "w"))) | |
| { | |
| perror("Error: fopen() - output file"); | |
| return 1; | |
| } | |
| /* Get this process' memory layout */ | |
| if (!(rd = fopen("/proc/self/maps", "r"))) | |
| { | |
| perror("Error: fopen() - /proc/self/maps"); | |
| return 1; | |
| } | |
| /* Find the line in /proc/self/maps that contains | |
| the substring [vdso] * */ | |
| while (fgets(buf, sizeof(buf), rd)) | |
| { | |
| if (strstr(buf, range_name)) | |
| break; | |
| } | |
| fclose(rd); | |
| /* Locate the end memory range for [vdso] */ | |
| end_addr = strtoll((strchr(buf, '-') + 1), NULL, 16); | |
| /* Terminate the string so we can get the start | |
| address really easily * */ | |
| *(strchr(buf, '-')) = '\0'; | |
| start_addr = strtoll(buf, NULL, 16); | |
| /* Open up the memory page and extract the vdso */ | |
| if (!(rd = fopen("/proc/self/mem", "r"))) | |
| { | |
| perror("Error: fopen() - /proc/self/mem"); | |
| return 1; | |
| } | |
| /* Hop to the vdso portion */ | |
| fseek(rd, start_addr, SEEK_SET); | |
| /* Copy the memory locally and then move it to the file */ | |
| mem = malloc(end_addr - start_addr); | |
| if (!fread(mem, 1, end_addr - start_addr, rd)) | |
| { | |
| perror("Error: read() - /proc/self/mem"); | |
| return 1; | |
| } | |
| /* Write the data to the specified output file */ | |
| if (!fwrite(mem, 1, end_addr - start_addr, wr)) | |
| { | |
| perror("Error: fwrite() - output file"); | |
| return 1; | |
| } | |
| free(mem); | |
| fclose(rd); | |
| fclose(wr); | |
| printf("Start: %p\nEnd: %p\nBytes: %d\n", | |
| (void *)start_addr, (void *)end_addr, (int)(end_addr - start_addr)); | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is incorrect. The following works for me: