Current File : //usr/local/lib/python3.6/site-packages/ptrace/debugger/__pycache__/process.cpython-36.pyc
3

�d�d�@s|ddlmZmZmZmZmZmZmZmZm	Z	m
Z
mZmZm
Z
mZddlmZmZmZddlmZddlmZddlmZmZmZmZddlmZmZmZddlm Z m!Z!ddl"m#Z#m$Z$dd	l%m&Z&m'Z'm(Z(dd
l)m*Z*ddl+m,Z,m-Z-ddl.m/Z/m0Z0m1Z1m2Z2m3Z3dd
l4m5Z5m6Z6m7Z7m8Z8m9Z9m:Z:m;Z;ddl<m=Z=ddl>m?Z?ddl@mAZAddlBmCZCddlDmEZEmFZFmGZGmHZHddlImJZJe�r�ddlmKZKe�r�ddlmLZLe�r�ddl"mMZMmNZNddlmOZOmPZPmQZQmRZRe�rddlmSZSmTZTmUZUmVZVmWZWmXZXmYZYeVeWeXfZZe�se�rddlm[Z[nddlm\Z\m]Z]e=�rFddl<m^Z^m_Z_m`Z`e�rXddlambZbdZcdZddZed ZfGd!d"�d"eg�Zhd#S)$�)�HAS_PTRACE_SINGLESTEP�HAS_PTRACE_EVENTS�HAS_PTRACE_SIGINFO�
HAS_PTRACE_IO�HAS_PTRACE_GETREGS�HAS_PTRACE_GETREGSET�
ptrace_attach�
ptrace_detach�ptrace_cont�ptrace_syscall�ptrace_setregs�ptrace_peektext�ptrace_poketext�REGISTER_NAMES)�HAS_PROC�RUNNING_BSD�RUNNING_PYTHON3)�dumpRegs)�
CPU_WORD_SIZE)�
bytes2word�
word2bytes�
bytes2type�bytes2array)�SIGTRAP�SIGSTOP�SIGKILL)�
formatAddress�
formatWordHex)�sizeof�c_char_p)�info�warning�error)�PtraceError)�ESRCH�EACCES)�
Breakpoint�ProcessExit�
ProcessSignal�NewProcessEvent�ProcessExecution)�kill�
WIFSTOPPED�WSTOPSIG�WIFSIGNALED�WTERMSIG�	WIFEXITED�WEXITSTATUS)�HAS_DISASSEMBLER)�getBacktrace)�ProcessError)�readProcessMappings)�CPU_INSTR_POINTER�CPU_STACK_POINTER�CPU_FRAME_POINTER�CPU_SUB_REGISTERS)�SyscallState)�ptrace_singlestep)�ptrace_getsiginfo)�create_string_buffer�	addressof)�	ptrace_io�ptrace_io_desc�PIOD_READ_D�PIOD_WRITE_D)�ptrace_setoptions�ptrace_geteventmsg�WPTRACEEVENT�PTRACE_EVENT_FORK�PTRACE_EVENT_VFORK�PTRACE_EVENT_CLONE�PTRACE_EVENT_EXEC)�ptrace_getregs)�ptrace_peekuser�ptrace_registers_t)�disassemble�disassembleOne�MAX_INSTR_SIZE)�readProcessStat� i�
�c@seZdZdZddd�Zdd�Zdd	�Zd�d
d�Zdd
�Zd�dd�Z	d�dd�Z
dd�Zdd�Zdd�Z
dd�Zd�dd�Zdd�Zdd �Zd!d"�Zd#d$�Zd%d&�Zd'd(�Zd)d*�Zd+d,�Zd-d.�Zd/d0�Zd1d2�Zd3d4�Zd5d6�Zd�d8d9�Zd:d;�Zd<d=�Zd>d?�Z d@dA�Z!dBdC�Z"dDdE�Z#e$�r(dFdG�Z%ne&�r8dHdG�Z%ne"Z%dIdJ�Z'dKdL�Z(dMdN�Z)dOdP�Z*d�dRdS�Z+d�dTdU�Z,dVdW�Z-dXdY�Z.d�dZd[�Z/d\d]�Z0d�d^d_�Z1d�d`da�Z2dbdc�Z3ddde�Z4dfdg�Z5dhdi�Z6djdk�Z7d�dmdn�Z8d�dqdr�Z9dsdt�Z:dudv�Z;dwdx�Z<dydz�Z=d{d|�Z>d}d~�Z?dS)��
PtraceProcessa�
    Process traced by a PtraceDebugger.

    Methods
    =======

     * control execution:

       - singleStep(): execute one instruction
       - cont(): continue the execution
       - syscall(): break at next syscall
       - setInstrPointer(): change the instruction pointer
       - kill(): send a signal to the process
       - terminate(): kill the process

     * wait an event:

      - waitEvent(): wait next process event
      - waitSignals(): wait a signal

     * get status

       - getreg(): get a register
       - getInstrPointer(): get the instruction pointer
       - getStackPointer(): get the stack pointer
       - getFramePointer(): get the stack pointer
       - getregs(): get all registers, e.g. regs=getregs(); print regs.eax
       - disassemble(): assembler code of the next instructions
       - disassembleOne(): assembler code of the next instruction
       - findStack(): get stack memory mapping
       - getsiginfo(): get signal information
       - getBacktrace(): get the current backtrace

     * set status

       - setreg(): set a register
       - setregs(): set all registers

     * memory access:

       - readWord(): read a memory word
       - readBytes(): read some bytes
       - readStruct(): read a structure
       - readArray(): read an array
       - readCString(): read a C string
       - readMappings(): get all memory mappings
       - writeWord(): write a memory word
       - writeBytes(): write some bytes

     * display status:

       - dumpCode(): display the next instructions
       - dumpStack(): display some memory words around the stack pointer
       - dumpMaps(): display memory mappings
       - dumpRegs(): display all registers

     * breakpoint:

       - createBreakpoint(): set a breakpoint
       - findBreakpoint(): find a breakpoint
       - removeBreakpoint(): remove a breakpoint

     * other:

       - setoptions(): set ptrace options

    See each method to get better documentation. You are responsible
    to manage the process state: some methods may fail or crash your
    processus if they are called when the process is in the wrong
    state.

    Attributes
    ==========

     * main attributes:
       - pid: identifier of the process
       - debugger: PtraceDebugger instance
       - breakpoints: dictionary of active breakpoints
       - parent: parent PtraceProcess (None if process has no parent)

     * state:
       - running: if True, the process is alive, otherwise the process
         doesn't exist anymore
       - exited: if True, the process has exited (attributed only used
         on BSD operation systems)
       - is_attached: if True, the process is attached by ptrace
       - was_attached: if True, the process will be detached at exit
       - is_stopped: if True, the process is stopped, otherwise it's
         running
       - syscall_state: control syscall tracing

    Sometimes, is_stopped value is wrong. You might use isTraced() to
    make sure that the process is stopped.
    NFcCsh||_i|_||_d|_d|_||_||_d|_d|_||_	|sJ|j
�nd|_trZd|_t
|�|_dS)NTF)�debugger�breakpoints�pid�running�exited�parent�was_attached�is_attached�
is_stopped�	is_thread�attachr�
read_mem_filer:Z
syscall_state)�selfrUrWr\rZr^�rb�@/tmp/pip-build-in2aja_b/python-ptrace/ptrace/debugger/process.py�__init__�s 
zPtraceProcess.__init__cCs ts|j�t|j�}|jdkS)N�T)r�notImplementedErrorrPrW�state)ra�statrbrbrc�isTraced�s
zPtraceProcess.isTracedcCs,|jr
dStd|j�t|j�d|_dS)NzAttach process %sT)r\r rWr)rarbrbrcr_�s

zPtraceProcess.attachcCs�|st}y|j�}Wn>tk
rR}z"|dkr>|d|�dSd}WYdd}~XnX|dkr`|}y|j|||||�Wn6tk
r�}z|dt|�|f�WYdd}~XnXdS)Nz&Unable to read instruction pointer: %szUnable to dump code at %s: %s)r"�getInstrPointerr#�	_dumpCoder)ra�start�stop�	manage_bp�log�ip�errrbrbrc�dumpCode�s zPtraceProcess.dumpCodecCs�|dk	r$t||�}t||td�}ts�|dk	r>||d}nt}|j||�}trhdjdd�|D��}ndjdd�|D��}|d|�dS|d�|�rD|}	x�td�D]�}
d	}|	|j	kr�|j	|	j
}t||	�}
d
}n
|j|	�}
dt|
j
�|
j|
jf}|
j
|k�r|d7}|�r|d
7}||�|	|
j}	|dk	r�||	kr�Pq�WnLxJ|j||�D]:}
dt|
j
�|
j|
jf}|
j
|k�r�|d7}||��qRWdS)N�� css|]}d|VqdS)z%02xNrb)�.0�byterbrbrc�	<genexpr>�sz*PtraceProcess._dumpCode.<locals>.<genexpr>css|]}dt|�VqdS)z%02xN)�ord)rurvrbrbrcrw�szCODE: %szCODE:rRFTz%s| %s (%s)z <==z     * BREAKPOINT *)�max�min�
MAX_CODE_SIZEr2�
MIN_CODE_SIZE�	readBytesr�join�rangerVZ	old_bytesrNr�address�textZhexa�sizerM)rarlrmrprnror��coder�r��line�bp�bytes�instrrbrbrcrk�sN




zPtraceProcess._dumpCodeccs�ts|j�|dkr|j�}|dk	r<t||�}||d}n|dkrHt}|t}|j||�}x2tt||��D] \}}|V|rl||dkrlPqlWdS)Nrs)	r2rfrjry�DEFAULT_NB_INSTRrOr}�	enumeraterM)rarlrmZnb_instrr�r��indexr�rbrbrcrMs
zPtraceProcess.disassemblecCs2ts|j�|dkr|j�}|j|t�}t||�S)N)r2rfrjr}rOrN)rar�r�rbrbrcrNszPtraceProcess.disassembleOnecCs$x|j�D]}|jdkr
|Sq
WdS)Nz[stack])�readMappings�pathname)ra�maprbrbrc�	findStacks
zPtraceProcess.findStackcCs>|js
dSd|_|jr,td|�t|j�|jj|d�dS)NFz	Detach %s)�process)r\rXr r	rWrUZ
deleteProcess)rarbrbrc�detach#s
zPtraceProcess.detachcCs@d|_tr4|jr4y|jj�Wntk
r2YnX|j�dS)NF)rXrr`�close�IOErrorr�)rarbrbrc�_notRunning,s
zPtraceProcess._notRunningcCst|j|�dS)N)r+rW)ra�signumrbrbrcr+5szPtraceProcess.killTcCs�|js|jrdStd|�d}y |jr8|jt�n
|jt�Wn6tk
rz}z|jt	krfd}n|�WYdd}~XnX|s�|s�dS|j
�|j�dS)NTzTerminate %sF)rXr[r!r]�contrr+r#�errnor$�waitExitr�)raZ	wait_exit�done�eventrbrbrc�	terminate8s$
zPtraceProcess.terminatecCsVxP|j�}|j}|tkrdS|tkr(|�|j}|ttfkrF|j|�q|j�qWdS)N)�	waitEvent�	__class__r'r(r�rrr�)rar�Z	event_clsr�rbrbrcr�NszPtraceProcess.waitExitcCs�t|�rt|�}|j|�}nft|�r8t|�}|j|�}nJt|�sPt|d|��n2trpt	|�rpt	|�}|j
|�}nt|�}|j|�}|S)NzUnknown process status: %r)
r0r1�
processExitedr.r/�
processKilledr,r4rrE�ptraceEventr-�
processSignal)ra�statusr�r�r�rbrbrc�
processStatuscs
zPtraceProcess.processStatuscCs|j�t|�S)N)r�r')rarbrbrc�processTerminated|szPtraceProcess.processTerminatedcCs.tr|jrd|_|j�|j�t||d�S)NT)�exitcode)rrYr�r�r')rar�rbrbrcr��s
zPtraceProcess.processExitedcCs|j�t||d�S)N)r�)r�r')rar�rbrbrcr��szPtraceProcess.processKilledcCsd|_t||�S)NT)r]r()rar�rbrbrcr��szPtraceProcess.processSignalcCsdts|j�|tkrBt|j�}|tk}|jj|d||d�}t|�S|t	krRt
|�St|d|��dS)NT)r\rZr^zUnknown ptrace event: %r)rrf�NEW_PROCESS_EVENTrDrWrHrUZ
addProcessr)rIr*r4)rar�Znew_pidr^Znew_processrbrbrcr��s
zPtraceProcess.ptraceEventcCsntstrt|j�Sg}tt�t}x2t|�D]&}t|j|t�}t	|�}|j
|�q,Wdj|�}t|t�SdS)N�)
rrrJrWrrLrrrKr�appendr~r)ra�wordsZnb_words�offset�wordr�rbrbrc�getregs�s

zPtraceProcess.getregscCspyt|\}}}Wntk
r.d}d}YnX|tkrFt|d|��|j�}t||�}||L}|rl||M}|S)NrzUnknown register: %r)r9�KeyErrorrr4r��getattr)ra�name�shift�mask�regs�valuerbrbrc�getreg�s

zPtraceProcess.getregcCst|j|�dS)N)rrW)rar�rbrbrc�setregs�szPtraceProcess.setregscCsz|j�}|tkrJt|\}}}t||�}||M}|||@|>O}|}|}|tkr`t|d|��t|||�|j|�dS)NzUnknown register: %r)r�r9r�rr4�setattrr�)rar�r�r�Z	full_namer�r�Z
full_valuerbrbrc�setreg�s

zPtraceProcess.setregcCsts|j�t|j�dS)N)rrfr;rW)rarbrbrc�
singleStep�szPtraceProcess.singleStepcCs|tkrdS|SdS)Nr)r)rar�rbrbrc�filterSignal�szPtraceProcess.filterSignalrcCs |j|�}t|j|�d|_dS)NF)r�rrWr])rar�rbrbrc�syscall�s
zPtraceProcess.syscallcCs tr|jt|�n
t|d��dS)Nz+Instruction pointer register is not defined)r6r�r4)rarprbrbrc�setInstrPointer�szPtraceProcess.setInstrPointercCstr|jt�St|d��dS)Nz+Instruction pointer register is not defined)r6r�r4)rarbrbrcrj�s
zPtraceProcess.getInstrPointercCstr|jt�St|d��dS)Nz%Stack pointer register is not defined)r7r�r4)rarbrbrc�getStackPointer�s
zPtraceProcess.getStackPointercCstr|jt�St|d��dS)Nz%Stack pointer register is not defined)r8r�r4)rarbrbrc�getFramePointer�s
zPtraceProcess.getFramePointercCs�|t}|rV||8}|j|�}t|�}tt||�}||||�}||8}|t7}nd}xL|r�|j|�}t|�}|tkr�||d|�7}P||7}|t8}|t7}q\W|S)N�)r�readWordrrz)rar�r�r�r�r�Zsubsize�datarbrbrc�
_readBytes�s(


zPtraceProcess._readBytescCst|j|�}|S)zAddress have to be aligned!)r
rW)rar�r�rbrbrcr�szPtraceProcess.readWordcCs.t|�}tt|t|�|d�}t|j|�|jS)N)�piod_op�	piod_offs�	piod_addr�piod_len)r=r@rAr>r?rW�raw)rar�r��buffer�io_descrbrbrcr} szPtraceProcess.readBytesc Cs|jsxd|j}yt|dd�|_WnTtk
rv}z8d|}|jtkrPt|�nt|�|j|_	|j	||�Sd}~XnXy|j}|j
|�|j|�}Wn>ttfk
r�}zt
|dt|�||f��WYdd}~XnXt|�dko�|�r�|j|_	|j	||�S|S)Nz/proc/%u/mem�rbrz4Unable to open %s: fallback to ptrace implementationzreadBytes(%s, %s) error: %s)r`rW�openr�r�r%r"r r�r}�seek�read�
ValueErrorr4r�len)rar�r��filenamerq�messageZmemr�rbrbrcr}*s,



$cCsts|j�t|j�S)N)rrfr<rW)rarbrbrc�
getsiginfoMszPtraceProcess.getsiginfocCsdtr8t|�}t|�}tt|t|�|d�}t|j|��n(|t}|r�||8}t|}|j	|t�}t|�|kr�t|�}|d|�|d|�|||d�}n|d|�|d|�}|j
|t|��||d�}|t7}xFtt|�k�r |dt�}t|�}|j
||�|td�}|t7}q�W|�s,dSt|�}|j	|t�}|||d�}|j
|t|��dS)N)r�r�r�r�)rr�r=r@rBr>r?rWrr}�	writeWordr)rar�r�r�r�r�r�rbrbrc�
writeBytesRsDzPtraceProcess.writeBytescCs"|j|t|��}t|�}t||�S)N)r}rrr)rar��structr�rbrbrc�
readStruct�szPtraceProcess.readStructcCs(|j|t|�|�}t|�}t|||�S)N)r}rrr)rar�Zbasetype�countr�rbrbrc�	readArray�szPtraceProcess.readArray�c
Cs�g}d}d}x�d}|j||�}|jd�}	|	dkr@d}|d|	�}|||krl|d||�}|j|�d}P|j|�|r|P||7}||7}qWdj|�|fS)NrF�rsTr����)r}�findr�r~)
rar��max_sizeZchunk_length�stringr�Z	truncatedr�r��posrbrbrc�readCString�s*


zPtraceProcess.readCStringcCs.|st}|j�}|r |d|�|j|�dS)Nz	STACK: %s)r"r��
_dumpStack)raro�stackrbrbrc�	dumpStack�szPtraceProcess.dumpStackcCs�|j�}d}x^tdd�D]P}|t}y.|j||�}|d|t|�f�|d7}Wqtk
rfYqXqW|s�|dt|��dS)Nr�rszSTACK%+ 3i: %sz'ERROR: unable to read the stack (SP=%s)����)r�rrr�rr#r)raro�spZ	displayedr��deltar�rbrbrcr��s
zPtraceProcess._dumpStackcCst|�S)N)r5)rarbrbrcr��szPtraceProcess.readMappingscCs*|st}x|j�D]}|d|�qWdS)NzMAPS: %s)r"r�)raror�rbrbrc�dumpMaps�szPtraceProcess.dumpMapscCst|j||�dS)z-
        Address have to be aligned!
        N)rrW)rar�r�rbrbrcr��szPtraceProcess.writeWordcCsR|st}y|j�}t||�Wn.tk
rL}z|d|�WYdd}~XnXdS)NzUnable to read registers: %s)r"r�rr#)raror�rqrbrbrcr�szPtraceProcess.dumpRegscCs |j|�}t|j|�d|_dS)NF)r�r
rWr])rar�rbrbrcr��s
zPtraceProcess.contcCs,ts|j�td||f�t|j|�dS)NzSet %s options to %s)rrfr rCrW)ra�optionsrbrbrc�
setoptions�szPtraceProcess.setoptionscCs|jj|jd�S)N)rW)rUZwaitProcessEventrW)rarbrbrcr��szPtraceProcess.waitEventcGs|jj|d|ji�S)NrW)rU�waitSignalsrW)raZsignalsrbrbrcr��szPtraceProcess.waitSignalscCs|jj|�dS)N)rU�waitSyscall)rarbrbrcr��szPtraceProcess.waitSyscallcCs>x8|jj�D]*}|j|ko,|j|jknr|SqWdS)N)rV�valuesr�r�)rar�r�rbrbrc�findBreakpoint�s"zPtraceProcess.findBreakpointrscCs6|j|�}|rt|d|��t|||�}||j|<|S)NzA breakpoint is already set: %s)r�r4r&rV)rar�r�r�rbrbrc�createBreakpoint�s

zPtraceProcess.createBreakpointr��cCst|||d�S)N)�max_args�	max_depth)r3)rar�r�rbrbrcr3�szPtraceProcess.getBacktracecCs|j|j=dS)N)rVr�)raZ
breakpointrbrbrc�removeBreakpoint�szPtraceProcess.removeBreakpointcCs&y|j�Wntk
r YnXdS)N)r�r#)rarbrbrc�__del__�szPtraceProcess.__del__cCs|j�S)N)�__repr__)rarbrbrc�__str__�szPtraceProcess.__str__cCs
d|jS)Nz<PtraceProcess #%s>)rW)rarbrbrcr�szPtraceProcess.__repr__cCs
t|j�S)N)�hashrW)rarbrbrc�__hash__szPtraceProcess.__hash__cCs
t��dS)N)�NotImplementedError)rarbrbrcrfsz!PtraceProcess.notImplementedError)NF)NNFN)NNN)N)T)r)r�)N)N)N)r)rs)r�r�)@�__name__�
__module__�__qualname__�__doc__rdrir_rrrkrMrNr�r�r�r+r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rjr�r�r�r�rr}rr�r�r�r�r�r�r�r�r�r�rr�r�r�r�r�r�r�r3r�r�r�r�r�rfrbrbrbrcrT@s~^

/

		
	
"
	
!0



	


rTN)iZptrace.bindingrrrrrrrr	r
rrr
rrZptrace.os_toolsrrrZptrace.toolsrZptrace.cpu_inforZptrace.ctypes_toolsrrrr�signalrrrrr�ctypesrr�loggingr r!r"Zptrace.errorr#r�r$r%Zptrace.debuggerr&r'r(r)r*�osr+r,r-r.r/r0r1Z
ptrace.disasmr2Zptrace.debugger.backtracer3Zptrace.debugger.process_errorr4Zptrace.debugger.memory_mappingr5Zptrace.binding.cpur6r7r8r9Zptrace.debugger.syscall_stater:r;r<r=r>r?r@rArBrCrDrErFrGrHrIr�rJrKrLrMrNrOZptrace.linux_procrPr|r{r�ZDEFAULT_CODE_SIZE�objectrTrbrbrbrc�<module>sP@	$$