def check(debugger): try: file = debugger.readstr(debugger.uarg1) except MaxLengthExceeded as e: log.warning('Denied access via syscall %s to overly long path: %r', syscall, e.args[0]) return ACCESS_ENOENT(debugger) except UnicodeDecodeError as e: log.warning('Denied access via syscall %s to path with invalid unicode: %r', syscall, e.object) return ACCESS_ENOENT(debugger) file, accessible = self._file_access_check(file, debugger, is_open, dirfd=debugger.arg0, flag_reg=2) if accessible: return True log.debug('Denied access via syscall %s: %s', syscall, file) return ACCESS_ENOENT(debugger)
def check(debugger): file_ptr = getattr(debugger, 'uarg%d' % argument) file = debugger.readstr(file_ptr) if self._file_access_check(file, debugger, file_ptr): return True log.info('Denied access via syscall %s: %s', syscall, file) return ACCESS_ENOENT(debugger)
def check(debugger): file_ptr = getattr(debugger, 'uarg%d' % argument) file = debugger.readstr(file_ptr) file, accessible = self._file_access_check( file, debugger, debugger.uarg0 if is_open else None) if accessible: return True log.info('Denied access via syscall %s: %s', syscall, file) return ACCESS_ENOENT(debugger)
def handle_open(debugger): file = debugger.readstr(debugger.uarg0) if fs.match(file) is None: log.info('Denied file open: %s', file) return ACCESS_ENOENT(debugger) can = write_fs.match(file) is not None def update(): writable[debugger.result] = can debugger.on_return(update) return True
def check(debugger): file = debugger.readstr(debugger.uarg1) file, accessible = self._file_access_check(file, debugger, is_open, dirfd=debugger.arg0, flag_reg=2) if accessible: return True log.info('Denied access via syscall %s: %s', syscall, file) return ACCESS_ENOENT(debugger)
def check(debugger): file_ptr = getattr(debugger, 'uarg%d' % argument) try: file = debugger.readstr(file_ptr) except MaxLengthExceeded as e: log.info( 'Denied access via syscall %s to overly long path: %r', syscall, e.args[0]) return ACCESS_ENOENT(debugger) except UnicodeDecodeError as e: log.info( 'Denied access via syscall %s to path with invalid unicode: %r', syscall, e.object) return ACCESS_ENOENT(debugger) file, accessible = self._file_access_check(file, debugger, is_open) if accessible: return True log.info('Denied access via syscall %s: %s', syscall, file) return ACCESS_ENOENT(debugger)
def read_path(syscall: str, debugger: Debugger, ptr: int): try: file = debugger.readstr(ptr) except MaxLengthExceeded as e: log.warning('Denied access via syscall %s to overly long path: %r', syscall, e.args[0]) return None, ACCESS_ENAMETOOLONG(debugger) except UnicodeDecodeError as e: log.warning( 'Denied access via syscall %s to path with invalid unicode: %r', syscall, e.object) return None, ACCESS_ENOENT(debugger) return file, None
def check(debugger): file = debugger.readstr(debugger.uarg1) file, accessible = self._file_access_check( file, debugger, debugger.uarg0 if is_open else None, dirfd=debugger.arg0, flag_reg=2) if accessible and (not is_open or self.check_open_flags(debugger.uarg2)): return True log.info('Denied access via syscall %s: %s', syscall, file) return ACCESS_ENOENT(debugger)
def unlink(debugger): path = debugger.readstr(debugger.uarg0) if UNLINK_FS.match(path) is None: log.info('Denied file unlink: %s', path) return ACCESS_ENOENT(debugger) return True