diff options
| author | David Carlier <devnexen@gmail.com> | 2019-10-23 20:07:16 +0100 |
|---|---|---|
| committer | David Carlier <devnexen@gmail.com> | 2019-10-23 20:07:16 +0100 |
| commit | 814242225725f338e35f9af372ee55daba5b4f38 (patch) | |
| tree | 87fe43b6ae9cdffb33629f44206034c074e9a041 | |
| parent | 0f032266562115092100bc54b5f780a4aeb15c56 (diff) | |
| download | afl++-814242225725f338e35f9af372ee55daba5b4f38.tar.gz | |
Porting libtokencap to Darwin.
Reading only main addresses and read only's.
| -rw-r--r-- | libtokencap/Makefile | 3 | ||||
| -rw-r--r-- | libtokencap/libtokencap.so.c | 37 |
2 files changed, 38 insertions, 2 deletions
diff --git a/libtokencap/Makefile b/libtokencap/Makefile index 91933140..702ce696 100644 --- a/libtokencap/Makefile +++ b/libtokencap/Makefile @@ -24,6 +24,9 @@ CFLAGS += -Wall -D_FORTIFY_SOURCE=2 -g -Wno-pointer-sign ifeq "$(shell uname)" "Linux" TARGETS = libtokencap.so endif +ifeq "$(shell uname)" "Darwin" + TARGETS = libtokencap.so +endif all: $(TARGETS) libtokencap.so: libtokencap.so.c ../config.h diff --git a/libtokencap/libtokencap.so.c b/libtokencap/libtokencap.so.c index 39095beb..212fa31d 100644 --- a/libtokencap/libtokencap.so.c +++ b/libtokencap/libtokencap.so.c @@ -26,10 +26,15 @@ #include "../types.h" #include "../config.h" -#ifndef __linux__ -#error "Sorry, this library is Linux-specific for now!" +#if !defined(__linux__) && !defined(__APPLE__) +#error "Sorry, this library is unsupported in this platform for now!" #endif /* !__linux__ */ +#if defined(__APPLE__) +#include <mach/vm_map.h> +#include <mach/mach_init.h> +#endif + /* Mapping data and such */ #define MAX_MAPPINGS 1024 @@ -46,6 +51,7 @@ static FILE* __tokencap_out_file; static void __tokencap_load_mappings(void) { +#if defined(__linux__) u8 buf[MAX_LINE]; FILE* f = fopen("/proc/self/maps", "r"); @@ -69,7 +75,34 @@ static void __tokencap_load_mappings(void) { } fclose(f); +#elif defined(__APPLE__) + struct vm_region_submap_info_64 region; + mach_msg_type_number_t cnt = VM_REGION_SUBMAP_INFO_COUNT_64; + vm_address_t base = 0; + vm_size_t size = 0; + natural_t depth = 0; + + __tokencap_ro_loaded = 1; + + while (1) { + + if (vm_region_recurse_64(mach_task_self(), &base, &size, &depth, + (vm_region_info_64_t)®ion, &cnt) != KERN_SUCCESS) break; + + if (region.is_submap) { + depth++; + } else { + /* We only care of main map addresses and the read only kinds */ + if ((region.protection & VM_PROT_READ) && !(region.protection & VM_PROT_WRITE)) { + __tokencap_ro[__tokencap_ro_cnt].st = (void *)base; + __tokencap_ro[__tokencap_ro_cnt].en = (void *)(base + size); + + if (++__tokencap_ro_cnt == MAX_MAPPINGS) break; + } + } + } +#endif } /* Check an address against the list of read-only mappings. */ |