def set_tid_address_exit_handler(syscall_id, syscall_object, pid):
logging.debug('Entering set_tid_address_exit_handler')
addr_from_trace = int('0x' + syscall_object.args[0].value, 16)
tid_from_trace = int(syscall_object.ret[0])
# We have to use the address from the trace here for two reasons:
# 1. We already confirmed at the traces matches execution in this regard
# in the entry handler
# 2. Registers have been trashed by this point so we don't have any choice
logging.debug('Address from trace: %x', addr_from_trace)
logging.debug('TID from trace: %d', tid_from_trace)
# We place the TID from the trace into the appropriate memory location
# so future references are correct
cint.populate_unsigned_int(pid, addr_from_trace, tid_from_trace)
apply_return_conditions(pid, syscall_object)
def getresgid_entry_handler(syscall_id, syscall_object, pid):
logging.debug('Entering getresgid entry handler')
ruid = int(syscall_object.args[0].value.strip('[]'))
euid = int(syscall_object.args[0].value.strip('[]'))
suid = int(syscall_object.args[0].value.strip('[]'))
ruid_addr = cint.peek_register(pid, cint.EBX)
euid_addr = cint.peek_register(pid, cint.ECX)
suid_addr = cint.peek_register(pid, cint.EDX)
logging.debug('ruid: %d', ruid)
logging.debug('euid: %d', euid)
logging.debug('suid: %d', suid)
logging.debug('ruid addr: %x', ruid_addr & 0xffffffff)
logging.debug('ruid addr: %x', euid_addr & 0xffffffff)
logging.debug('ruid addr: %x', suid_addr & 0xffffffff)
noop_current_syscall(pid)
cint.populate_unsigned_int(pid, ruid_addr, ruid)
cint.populate_unsigned_int(pid, euid_addr, euid)
cint.populate_unsigned_int(pid, suid_addr, suid)
apply_return_conditions(pid, syscall_object)