def parseOptions(self):
parser = OptionParser(usage="%prog [options] -- program [arg1 arg2 ...]")
self.createCommonOptions(parser)
parser.add_option("--enter", help="Show system call enter and exit",
action="store_true", default=False)
parser.add_option("--profiler", help="Use profiler",
action="store_true", default=False)
parser.add_option("--type", help="Display arguments type and result type (default: no)",
action="store_true", default=False)
parser.add_option("--name", help="Display argument name (default: no)",
action="store_true", default=False)
parser.add_option("--string-length", "-s", help="String max length (default: 300)",
type="int", default=300)
parser.add_option("--array-count", help="Maximum number of array items (default: 20)",
type="int", default=20)
parser.add_option("--raw-socketcall", help="Raw socketcall form",
action="store_true", default=False)
parser.add_option("--output", "-o", help="Write output to specified log file",
type="str")
parser.add_option("--ignore-regex", help="Regex used to filter syscall names (eg. --ignore='^(gettimeofday|futex|f?stat)')",
type="str")
parser.add_option("--address", help="Display structure addressl",
action="store_true", default=False)
parser.add_option("--syscalls", '-e', help="Comma separated list of shown system calls (other will be skipped)",
type="str", default=None)
parser.add_option("--socket", help="Show only socket functions",
action="store_true", default=False)
parser.add_option("--filename", help="Show only syscall using filename",
action="store_true", default=False)
parser.add_option("--show-pid",
help="Prefix line with process identifier",
action="store_true", default=False)
parser.add_option("--list-syscalls",
help="Display system calls and exit",
action="store_true", default=False)
parser.add_option("-i", "--show-ip",
help="print instruction pointer at time of syscall",
action="store_true", default=False)
self.createLogOptions(parser)
self.options, self.program = parser.parse_args()
if self.options.list_syscalls:
syscalls = list(SYSCALL_NAMES.items())
syscalls.sort(key=lambda data: data[0])
for num, name in syscalls:
print("% 3s: %s" % (num, name))
exit(0)
if self.options.pid is None and not self.program:
parser.print_help()
exit(1)
# Create "only" filter
only = set()
if self.options.syscalls:
# split by "," and remove spaces
for item in self.options.syscalls.split(","):
item = item.strip()
if not item or item in only:
continue
ok = True
valid_names = list(SYSCALL_NAMES.values())
for name in only:
if name not in valid_names:
print("ERROR: unknow syscall %r" % name, file=stderr)
ok = False
if not ok:
print(file=stderr)
print("Use --list-syscalls options to get system calls list", file=stderr)
exit(1)
# remove duplicates
only.add(item)
if self.options.filename:
for syscall, format in SYSCALL_PROTOTYPES.items():
restype, arguments = format
if any(argname in FILENAME_ARGUMENTS for argtype, argname in arguments):
only.add(syscall)
if self.options.socket:
only |= SOCKET_SYSCALL_NAMES
self.only = only
if self.options.ignore_regex:
try:
self.ignore_regex = re.compile(self.options.ignore_regex)
except Exception as err:
print("Invalid regular expression! %s" % err)
print("(regex: %r)" % self.options.ignore_regex)
exit(1)
else:
self.ignore_regex = None
if self.options.fork:
self.options.show_pid = True
self.processOptions()
def parseOptions(self):
parser = OptionParser(
usage="%prog [options] -- program [arg1 arg2 ...]")
self.createCommonOptions(parser)
parser.add_option("--enter",
help="Show system call enter and exit",
action="store_true",
default=False)
parser.add_option("--profiler",
help="Use profiler",
action="store_true",
default=False)
parser.add_option(
"--type",
help="Display arguments type and result type (default: no)",
action="store_true",
default=False)
parser.add_option("--name",
help="Display argument name (default: no)",
action="store_true",
default=False)
parser.add_option("--string-length",
"-s",
help="String max length (default: 300)",
type="int",
default=300)
parser.add_option("--array-count",
help="Maximum number of array items (default: 20)",
type="int",
default=20)
parser.add_option("--raw-socketcall",
help="Raw socketcall form",
action="store_true",
default=False)
parser.add_option("--output",
"-o",
help="Write output to specified log file",
type="str")
parser.add_option(
"--ignore-regex",
help=
"Regex used to filter syscall names (e.g. --ignore='^(gettimeofday|futex|f?stat)')",
type="str")
parser.add_option("--address",
help="Display structure address",
action="store_true",
default=False)
parser.add_option(
"--syscalls",
'-e',
help=
"Comma separated list of shown system calls (other will be skipped)",
type="str",
default=None)
parser.add_option("--socket",
help="Show only socket functions",
action="store_true",
default=False)
parser.add_option("--filename",
help="Show only syscall using filename",
action="store_true",
default=False)
parser.add_option("--show-pid",
help="Prefix line with process identifier",
action="store_true",
default=False)
parser.add_option("--list-syscalls",
help="Display system calls and exit",
action="store_true",
default=False)
parser.add_option("-i",
"--show-ip",
help="print instruction pointer at time of syscall",
action="store_true",
default=False)
self.createLogOptions(parser)
self.options, self.program = parser.parse_args()
if self.options.list_syscalls:
syscalls = list(SYSCALL_NAMES.items())
syscalls.sort(key=lambda data: data[0])
for num, name in syscalls:
print("% 3s: %s" % (num, name))
exit(0)
if self.options.pid is None and not self.program:
parser.print_help()
exit(1)
# Create "only" filter
only = set()
if self.options.syscalls:
# split by "," and remove spaces
for item in self.options.syscalls.split(","):
item = item.strip()
if not item or item in only:
continue
ok = True
valid_names = list(SYSCALL_NAMES.values())
for name in only:
if name not in valid_names:
print("ERROR: unknown syscall %r" % name, file=stderr)
ok = False
if not ok:
print(file=stderr)
print(
"Use --list-syscalls options to get system calls list",
file=stderr)
exit(1)
# remove duplicates
only.add(item)
if self.options.filename:
for syscall, format in SYSCALL_PROTOTYPES.items():
restype, arguments = format
if any(argname in FILENAME_ARGUMENTS
for argtype, argname in arguments):
only.add(syscall)
if self.options.socket:
only |= SOCKET_SYSCALL_NAMES
self.only = only
if self.options.ignore_regex:
try:
self.ignore_regex = re.compile(self.options.ignore_regex)
except Exception as err:
print("Invalid regular expression! %s" % err)
print("(regex: %r)" % self.options.ignore_regex)
exit(1)
else:
self.ignore_regex = None
if self.options.fork:
self.options.show_pid = True
self.processOptions()
