Add functions for retrieving process mappings #2371
Conversation
…apping properties
|
Oh didn't know it had to support python2.7 |
Not sure what exactly you meant by this. |
|
Yes, I was imagining a parameter to .libs() to get the base address of the passed lib instead of a dict. |
|
Sorry for late push,
So do I leave it as is, change the functions I added, or add an overload to |
|
A doctest failed but it isnt mine? |
|
^ Other than that, I think thats it. (you can add the musl doctests after you do the musl-tools stuff I guess). Btw, after thinking about it a bit (and while making the tests), I feel like the various something_location() functions are redundant and should probably be removed. That use-case was something I needed in my project but libc_mappings = p.libc_mapping(single=False)
size = libc_mappings[-1].end - libc_mappings[0].startis easy enough. Also calling What do you think? |
|
Yes, please remove redundant API. Maybe returning some class instead of a simple mapping list which has a function to give you the total mapping size? Don't know how usable that is |
|
Okay so since vvar and vdso are only one mapping and stack and heap don't have contiguity guarantees it only makes sense from a user perspective to ask for the size of shared libraries (and the elf I guess?), so I replaced all the |
|
If you agree with the changes, the PR is done / ready for (re)review. |
|
Oh and as I said, it might be good to look into why https://github.com/Gallopsled/pwntools/actions/runs/8789031621/job/24117819520 failed. |
* add to process mapping function, and stack, heap, vdso, vvar, libc _mapping properties * better libc string mapping detection Gallopsled#2370 * return all mappings instead of just the first one * add single/multiple option to every _mapping function * undo @Property tags * added function doc comments * added elf_mapping * add get_mapping and refactor helpers to use it * better doc * add _location functions * _location_from_mappings for libc and musl locations * _location_from_mappings doc * change comment * fix executable -> path * change comment * python2.7 support * changelog * add address_mapping() * get_mapping comment typo * mention the path is an exact match * add references to wrapped functions * add missing 'the's, make sentences one line, fix 'exact' path description in get_mapping_location * add private and shared fields to permissions object * maps doctest * get_mapping doctest * stack_mapping doctest * heap_mapping doctest * improve stack_mapping and heap_mapping with address example * vvar and vdso _mapping doctest * libc_mapping doctest * elf_mapping doctest * _location_from_mappings doctest * get_mapping_location doctest * heap and stack _location doctest * vdso vvar _location doctest * improved vdso and vvar doctest * elf_location doctest * libc_location doctest * address_mapping bugfix * address_mapping doctest * fix meow check * fix len(mappings) check * actually fix meow check * why dont docs support format string? * removed _location functions * removed the rest of the _location related functions * added lib_size() * add lib_size() example * replace f'' with correct syntax * remove _location() from other doctests * cleanup == in doctest * change " to ' in doctests --------- Co-authored-by: peace-maker <[email protected]>
Closes #2369
process.mapswhich is a wrapper aroundutil.proc.memory_mapsget_mappingfunction which finds mappings given a "path" to lookstack_mapping,heap_mapping,vdso_mapping,vvar_mapping,elf_mappingwhich hook intoget_mapping, andlibc_mapping,musl_mappingutil.proc.memory_mapsreturns (so lots!)address_mappingwhich allows the user to get a mapping for a supplied addressprint(p.address_mapping(is_this_stack_addr).path == '[stack]')lib_sizewhich returns the size of a loaded shared library given the pathAlso Closes #2370
I didn't really touch
.libs()or.libcsince they have a different return signature. Also.libs()hasWhich makes little sense to me, because if
/proc/<pid>/mapsreally fails and it goes to this check, if ASLR is enabled.libs()will just quietly return wrong addresses instead of erroring out, which seems counterintuitive.Fun fact: now you can do stuff like
print(p.stack_mapping().perms.execute)!! (prints True/False)