def invoke(self, arg, from_tty):
argv = gdb.string_to_argv(arg)
if len(argv) != 2:
raise gdb.GdbError('hex-dump takes exactly 2 arguments.')
addr = gdb.parse_and_eval(argv[0]).cast(
gdb.lookup_type('void').pointer())
try:
bytes = int(gdb.parse_and_eval(argv[1]))
except ValueError:
raise gdb.GdbError('Byte count numst be an integer value.')
inferior = gdb.selected_inferior()
align = gdb.parameter('hex-dump-align')
width = gdb.parameter('hex-dump-width')
if width == 0:
width = 16
mem = inferior.read_memory(addr, bytes)
pr_addr = int(str(addr), 16)
pr_offset = width
if align:
pr_offset = width - (pr_addr % width)
pr_addr -= pr_addr % width
for group in groups_of(mem, width, pr_offset):
print '0x%x: ' % (pr_addr, ) + ' ' * (width - pr_offset),
print ' '.join(['%02X' % (ord(g),) for g in group]) + \
' ' * (width - len(group) if pr_offset == width else 0) + ' ',
print ' ' * (width - pr_offset) + ''.join(
[g if isgraph(g) or g == ' ' else '.' for g in group])
pr_addr += width
pr_offset = width
def _recv(self):
"""Receive a message from the client.
Return message (str) or None if failure
"""
RECV_SIZE = 1024
try:
while (True):
m = self._csocket.recv(RECV_SIZE)
if not m:
logging.error('failed to recv message, client disconnected')
return None
# Decode the incoming data as utf-8 ignoring any
# control characters
m = bytes([ b if ascii.isgraph(b) or ascii.isspace(b) else 0xff for b in m ])
self._recv_str = self._recv_str + m.decode('utf-8', 'ignore')
if self._recv_str.find('\n') >= 0 or self._recv_str.find('\r') >= 0:
lines = self._recv_str.splitlines()
self._recv_str = '\n'.join(lines[1:])
return lines[0]
except Exception as ex:
logging.error('failed to recv message to client {0}: {1}'.format(self._csocket.getpeername(), ex))
return False
return True
def invoke(self, arg, from_tty):
argv = gdb.string_to_argv(arg)
if len(argv) != 2:
raise gdb.GdbError('hex-dump takes exactly 2 arguments.')
addr = gdb.parse_and_eval(argv[0]).cast(
gdb.lookup_type('void').pointer())
try:
bytes = int(gdb.parse_and_eval(argv[1]))
except ValueError:
raise gdb.GdbError('Byte count numst be an integer value.')
inferior = gdb.selected_inferior()
align = gdb.parameter('hex-dump-align')
width = gdb.parameter('hex-dump-width')
if width == 0:
width = 16
mem = inferior.read_memory(addr, bytes)
pr_addr = int(str(addr), 16)
pr_offset = width
if align:
pr_offset = width - (pr_addr % width)
pr_addr -= pr_addr % width
for group in groups_of(mem, width, pr_offset):
print '0x%x: ' % (pr_addr,) + ' '*(width - pr_offset),
print ' '.join(['%02X' % (ord(g),) for g in group]) + \
' ' * (width - len(group) if pr_offset == width else 0) + ' ',
print ' '*(width - pr_offset) + ''.join(
[g if isgraph(g) or g == ' ' else '.' for g in group])
pr_addr += width
pr_offset = width
def _check_bad_chars(self, string, bad_chars):
for char in bad_chars:
if char in string:
if isgraph(char):
raise G2CommandBadCharacterError('command {:s}: '
'contains \'{}\''.format(self.__class__.__name__, char))
else:
raise G2CommandBadCharacterError('command {:s}: '
'contains \'\\x{:02X}\''.format(self.__class__.__name__, ord(char)))
def repr_get_key():
"""Represent output of the _get_keycodes() method"""
keycodes = _get_keycodes()
initial_code, codes = keycodes[0], keycodes[1:]
initial_char = chr(initial_code)
if initial_code == 27:
initial_char = '\\e'
elif not ascii.isgraph(initial_char):
initial_char = '\\x%x' % initial_code
chars = ''.join([chr(c) for c in codes])
return ''.join((initial_char, chars))
def get_string():
"""A better str(_get_keycodes()) method"""
keycodes = _get_keycodes()
initial_code, codes = keycodes[0], keycodes[1:]
initial_char = chr(initial_code)
if initial_code == 27:
initial_char = '\\e'
elif not ascii.isgraph(initial_char):
initial_char = '\\x%x' % initial_code
chars = ''.join([chr(c) for c in codes])
return ''.join((initial_char, chars))
def invoke(self, arg, from_tty):
argv = gdb.string_to_argv(arg)
addr = gdb.parse_and_eval(argv[0]).cast(
gdb.lookup_type('void').pointer())
if len(argv) == 2:
try:
bytes = int(gdb.parse_and_eval(argv[1]))
except ValueError:
raise gdb.GdbError('Byte count numst be an integer value.')
else:
bytes = 512
inferior = gdb.selected_inferior()
align = gdb.parameter('hex-dump-align')
width = gdb.parameter('hex-dump-width')
if width == 0:
width = 16
mem = inferior.read_memory(addr, bytes)
pr_addr = int(str(addr), 16)
pr_offset = width
if align:
pr_offset = width - (pr_addr % width)
pr_addr -= pr_addr % width
start = (pr_addr) & 0xff
print(' ', end="")
print(' '.join(
['%01X' % (i & 0x0f, ) for i in range(start, start + width)]),
end="")
print(' ', end="")
print(''.join(
['%01X' % (i & 0x0f, ) for i in range(start, start + width)]))
for group in groups_of(mem, width, pr_offset):
print('0x%x: ' % (pr_addr, ) + ' ' * (width - pr_offset), end="")
print (' '.join(['%02X' % (ord(g),) for g in group]) + \
' ' * (width - len(group) if pr_offset == width else 0) + ' ', end="")
print(' ' * (width - pr_offset) + ''.join([
chr(int.from_bytes(g, byteorder='big')) if isgraph(
int.from_bytes(g, byteorder='big')) or g == ' ' else '.'
for g in group
]))
pr_addr += width
pr_offset = width
def invoke(self, arg, from_tty):
argv = gdb.string_to_argv(arg)
if len(argv) != 2:
raise gdb.GdbError('s2e-x takes 2 arguments')
addr = gdb.parse_and_eval(argv[0]).cast(
gdb.lookup_type('void').pointer())
try:
bytes = int(gdb.parse_and_eval(argv[1]))
except ValueError:
raise gdb.GdbError('Byte count numst be an integer value.')
env = gdb.parse_and_eval("env")
if env.type.code != gdb.lookup_type('CPUX86State').pointer().code:
print "env has incorrect type"
return
inferior = gdb.selected_inferior()
align = gdb.parameter('hex-dump-align')
width = gdb.parameter('hex-dump-width')
if width == 0:
width = 16
mem = [0] * bytes
for n in range(0, bytes):
addr = virt_to_host(env, gdb.parse_and_eval(argv[0]) + n)
tmp = inferior.read_memory(addr, 1)
mem[n] = tmp[0]
pr_addr = int(str(argv[0]), 16)
pr_offset = width
if align:
pr_offset = width - (pr_addr % width)
pr_addr -= pr_addr % width
for group in groups_of(mem, width, pr_offset):
print '0x%x: ' % (pr_addr, ) + ' ' * (width - pr_offset),
print ' '.join(['%02X' % (ord(g),) for g in group]) + \
' ' * (width - len(group) if pr_offset == width else 0) + ' ',
print ' ' * (width - pr_offset) + ''.join(
[g if isgraph(g) or g == ' ' else '.' for g in group])
pr_addr += width
pr_offset = width
def invoke(self, arg, from_tty):
argv = gdb.string_to_argv(arg)
if len(argv) != 2:
raise gdb.GdbError('Usage: s2e-x vaddress count')
addr = gdb.parse_and_eval(argv[0]).cast(
gdb.lookup_type('void').pointer())
try:
count = int(gdb.parse_and_eval(argv[1]))
except ValueError:
raise gdb.GdbError('Byte count must be an integer value')
cpu = X86CPU.create()
mem = cpu.read_memory(int(addr), count)
align = 0 #gdb.parameter('hex-dump-align')
width = 16 #gdb.parameter('hex-dump-width')
if width == 0:
width = 16
pr_addr = int(str(argv[0]), 16)
pr_offset = width
if align:
pr_offset = width - (pr_addr % width)
pr_addr -= pr_addr % width
raw = True
for group in groups_of(mem, width, pr_offset):
if not raw:
s = '0x%x: ' % (pr_addr, ) + ' ' * (width - pr_offset)
else:
s = ''
s += ' '.join(['%02x' % (g,) for g in group]) + \
' ' * (width - len(group) if pr_offset == width else 0) + ' '
if not raw:
s += ' ' * (width - pr_offset) + ''.join(
[chr(g) if isgraph(g) or g == ' ' else '.' for g in group])
print(s)
pr_addr += width
pr_offset = width
def invoke(self, arg, from_tty):
argv = gdb.string_to_argv(arg)
addr = gdb.parse_and_eval(argv[0]).cast(
gdb.lookup_type('void').pointer())
if len(argv) == 2:
try:
bytes = int(gdb.parse_and_eval(argv[1]))
except ValueError:
raise gdb.GdbError('Byte count numst be an integer value.')
else:
bytes = 256
inferior = gdb.selected_inferior()
align = gdb.parameter('hex-dump-align')
width = gdb.parameter('hex-dump-width')
if width == 0:
width = 16
mem = inferior.read_memory(addr, bytes)
pr_addr = int(str(addr).split()[0], 16)
pr_offset = width
if align:
pr_offset = width - (pr_addr % width)
pr_addr -= pr_addr % width
start=(pr_addr) & 0xff;
print (' ' , end="")
print (' '.join(['%01X' % (i&0x0f,) for i in range(start,start+width)]) , end="")
print (' ' , end="")
print (''.join(['%01X' % (i&0x0f,) for i in range(start,start+width)]) )
for group in groups_of(mem, width, pr_offset):
print ('0x%x: ' % (pr_addr,) + ' '*(width - pr_offset), end="")
print (' '.join(['%02X' % (ord(g),) for g in group]) + \
' ' * (width - len(group) if pr_offset == width else 0) + ' ', end="")
print (' '*(width - pr_offset) + ''.join(
[chr( int.from_bytes(g, byteorder='big')) if isgraph( int.from_bytes(g, byteorder='big') ) or g == ' ' else '.' for g in group]))
pr_addr += width
pr_offset = width
def wrapped(self, *args, **kw):
try:
getattr(g, "log")
except TypeError:
# don't have access to g, maybe in a thread?
return fn(self, *args, **kw)
if self.check_keys and getattr(g, "log"):
keys = args[0]
prefix = kw.get("prefix", "")
if self.stats:
cache_name = self.stats.cache_name
else:
cache_name = "unknown"
live_config = getattr(g, "live_config", {})
log_chance = live_config.get("invalid_key_sample_rate", 1)
will_log = random.random() < log_chance
for key in tup(keys):
# map_keys will coerce keys to str but we need to do
# it for non multi operations so the `isgraph` checks
# don't fail
# any key that's not a valid str will end up
# triggering a ValueError when it hits memcache
key = str(key)
if prefix:
key = prefix + key
for c in key:
if will_log and not isgraph(c):
g.log.warning("%s: keyname is invalid: %r", cache_name,
key)
break
return fn(self, *args, **kw)
def wrapped(self, *args, **kw):
try:
getattr(g, "log")
except TypeError:
# don't have access to g, maybe in a thread?
return fn(self, *args, **kw)
if self.check_keys and getattr(g, "log"):
keys = args[0]
prefix = kw.get("prefix", "")
if self.stats:
cache_name = self.stats.cache_name
else:
cache_name = "unknown"
live_config = getattr(g, "live_config", {})
log_chance = live_config.get("invalid_key_sample_rate", 1)
will_log = random.random() < log_chance
for key in tup(keys):
# map_keys will coerce keys to str but we need to do
# it for non multi operations so the `isgraph` checks
# don't fail
# any key that's not a valid str will end up
# triggering a ValueError when it hits memcache
key = str(key)
if prefix:
key = prefix + key
for c in key:
if will_log and not isgraph(c):
g.log.warning(
"%s: keyname is invalid: %r", cache_name, key)
break
return fn(self, *args, **kw)
def guessParsing(file1):
# Look at the lines in the first 10000 chars for clues on the type.
# disabled /*If the lines are around at least 1000 chars longs, assume it is binary*/
# If there are unprintable characters then binary
if not all([isgraph(c) or isspace(c) for c in file1.read(10000)]):
print "Binary file"
parsed_as = 'Binary file'
return parsed_as, None
file1.seek(0)
firstlines = file1.read(10000).splitlines()
# if len(''.join(firstlines))/len(firstlines) >= 1000:
# print "IGNORE"
# print firstlines
# file1.seek(0)
# ret = json.loads(file1)
percentContainingComma = len([1 for line in firstlines if line.find(',') != -1]) * 100 / len(firstlines)
# numberOfSquareBrackets = len([1 for line in firstlines if line.find('[')!=-1])
file1.seek(0)
lines = list(Lines(file1.read().splitlines()))
# print lines
if len(lines) == 0:
print "Empty file"
parsed_as = 'Empty file'
return parsed_as, []
beginsWithBrackets = [line.startswith('{') or line.startswith('[') for line in lines[0:20]]
if any(beginsWithBrackets):
text = ' '.join(lines[beginsWithBrackets.index(True):])
text = re.sub(r', *([\]\}])', '\\1', text)
if re.search(r'} *{', text) is not None:
print "List of json maps"
text = re.sub(r'} *{', '},{', text)
text = '[' + text + ']'
if re.search(r'\] *\[', text) is not None:
print "List of json maps"
text = re.sub(r'\] *\[', '],[', text)
text = '[' + text + ']'
try:
print text
ret = json.loads(text)
print "Valid JSON"
parsed_as = 'Valid JSON'
return parsed_as, ret
except:
pass
# print text
text = re.sub(r'([\[\{,]) *([^" ])', '\\1"\\2', text)
text = re.sub(r'([^" ]) *([\]\},])', '\\1"\\2', text)
text = re.sub(r'"([0-9]+\.?[0-9]*e?[0-9]*)"', '\\1', text)
# print text
try:
# print text
ret = json.loads(text)
print "Almost valid JSON"
parsed_as = 'Almost valid JSON (multiple entries not explicitly in an array)'
return parsed_as, ret
except:
pass
# ParseArrayOrMap(text)
# try:
# ParseArrayOrMap(' '.join(lines))
# except:
# print lines
if percentContainingComma > 50:
print "CSV"
parsed_as = 'CSV (does not begin with bracket, most lines contain a comma)'
ret = csv.reader(lines, delimiter=',')
# ret = [line.split(',') for line in lines]
else:
parsed_as = 'SSV (does not begin with bracket, most lines do not contain a comma)'
print "SSV"
# print lines
ret = csv.reader(lines, delimiter=' ', skipinitialspace=True)
# ret = [line.split(' ') for line in lines]
ret = [[parseSingle(i) for i in row] for row in ret]
if len(ret) == 1:
ret = ret[0]
elif all([len(row) == 1 for row in ret]):
ret = [row[0] for row in ret]
return parsed_as, ret
def isgoodchar(x):
return isspace(x) or isgraph(x)
def main(fn):
# f = record.zopen(fn)
f = open(fn)
base = os.path.basename(f.name)
if base.startswith("syscall"):
read = record.read_syscall
elif base.startswith("kprobes"):
read = record.read_kprobes
else:
raise "unrecognized file"
print "=" * 60
print f.name
print "-" * 60
cache = (-1, 0)
while True:
try:
pos = f.tell()
r = read(f)
length = f.tell() - pos
ts = ".".join([str(e) for e in r.ts])
print("%08X:%-4s " % (pos, length) + str(r.sid & 0xFFFFFF) + " " +
str(r))
if read == record.read_syscall:
key = (r.nr, r.usage)
size, count, time, time_cnt = stats.setdefault(
key, (0, 0, 0, 0))
# exit
if (r.usage & EXIT) and cache[0] != -1:
if r.nr == cache[0]:
time_cnt += 1
time += r.ts[0] - cache[1]
stats[key] = (size + length, count + 1, time, time_cnt)
cache = (r.nr, r.ts[0])
if not r.pid in pids:
pids[r.pid] = r
except EOFError:
break
except IOError:
length = 60
width = 16
f.seek(pos - width * length / 5, os.SEEK_SET)
pos = f.tell()
dump = f.read(width * length)
print "-" * 5, "ERROR", "-" * 70
for l in range(length):
print "%08X" % (pos + l * width) + "| ",
print " ".join("%02X" % ord(c)
for c in dump[l * width:(l + 1) * width]),
print "|",
print "".join("%c" % ord(c) if isgraph(ord(c)) else "."
for c in dump[l * width:(l + 1) * width])
print "=" * 5, "ERROR", "=" * 70
except KeyboardInterrupt:
break
def guessParsing(file1):
# Look at the lines in the first 10000 chars for clues on the type.
# disabled /*If the lines are around at least 1000 chars longs, assume it is binary*/
# If there are unprintable characters then binary
if not all([isgraph(c) or isspace(c) for c in file1.read(10000)]):
print "Binary file"
parsed_as = 'Binary file'
return parsed_as, None
file1.seek(0)
firstlines = file1.read(10000).splitlines()
# if len(''.join(firstlines))/len(firstlines) >= 1000:
# print "IGNORE"
# print firstlines
# file1.seek(0)
# ret = json.loads(file1)
percentContainingComma = len([
1 for line in firstlines if line.find(',') != -1
]) * 100 / len(firstlines)
# numberOfSquareBrackets = len([1 for line in firstlines if line.find('[')!=-1])
file1.seek(0)
lines = list(Lines(file1.read().splitlines()))
# print lines
if len(lines) == 0:
print "Empty file"
parsed_as = 'Empty file'
return parsed_as, []
beginsWithBrackets = [
line.startswith('{') or line.startswith('[') for line in lines[0:20]
]
if any(beginsWithBrackets):
text = ' '.join(lines[beginsWithBrackets.index(True):])
text = re.sub(r', *([\]\}])', '\\1', text)
if re.search(r'} *{', text) is not None:
print "List of json maps"
text = re.sub(r'} *{', '},{', text)
text = '[' + text + ']'
if re.search(r'\] *\[', text) is not None:
print "List of json maps"
text = re.sub(r'\] *\[', '],[', text)
text = '[' + text + ']'
try:
print text
ret = json.loads(text)
print "Valid JSON"
parsed_as = 'Valid JSON'
return parsed_as, ret
except:
pass
# print text
text = re.sub(r'([\[\{,]) *([^" ])', '\\1"\\2', text)
text = re.sub(r'([^" ]) *([\]\},])', '\\1"\\2', text)
text = re.sub(r'"([0-9]+\.?[0-9]*e?[0-9]*)"', '\\1', text)
# print text
try:
# print text
ret = json.loads(text)
print "Almost valid JSON"
parsed_as = 'Almost valid JSON (multiple entries not explicitly in an array)'
return parsed_as, ret
except:
pass
# ParseArrayOrMap(text)
# try:
# ParseArrayOrMap(' '.join(lines))
# except:
# print lines
if percentContainingComma > 50:
print "CSV"
parsed_as = 'CSV (does not begin with bracket, most lines contain a comma)'
ret = csv.reader(lines, delimiter=',')
# ret = [line.split(',') for line in lines]
else:
parsed_as = 'SSV (does not begin with bracket, most lines do not contain a comma)'
print "SSV"
# print lines
ret = csv.reader(lines, delimiter=' ', skipinitialspace=True)
# ret = [line.split(' ') for line in lines]
ret = [[parseSingle(i) for i in row] for row in ret]
if len(ret) == 1:
ret = ret[0]
elif all([len(row) == 1 for row in ret]):
ret = [row[0] for row in ret]
return parsed_as, ret