summary refs log tree commit diff
diff options
context:
space:
mode:
authoredef <edef@unfathomable.blue>2021-12-27 14:21:59 +0000
committeredef <edef@unfathomable.blue>2021-12-28 17:54:37 +0000
commiteb24a8ca42179a0d26a642978401ee34b3f08594 (patch)
tree226421b661af8150a709a9a3235fa6358325dd8b
parent977730017ce27275b71d29dfa88e98ca4db21dcd (diff)
downloadunf-legacy-eb24a8ca42179a0d26a642978401ee34b3f08594.tar.zst
ripple/minitrace: enforce arguments for arch_prctl, prlimit64, ioctl, mmap
Change-Id: Ifb5939b9088de3096da7a1bdc6e0bc6e6a6ba94f
-rw-r--r--ripple/minitrace/src/main.rs34
1 files changed, 30 insertions, 4 deletions
diff --git a/ripple/minitrace/src/main.rs b/ripple/minitrace/src/main.rs
index 60ef287..9868f6f 100644
--- a/ripple/minitrace/src/main.rs
+++ b/ripple/minitrace/src/main.rs
@@ -159,7 +159,14 @@ fn check_syscall(entry: SyscallEntry) -> bool {
 		3 => {}
 
 		// mmap
-		9 => {}
+		9 => {
+			let [_addr, _len, _prot, flags, fd, _off] = entry.args;
+			if fd != !0 {
+				return flags & (libc::MAP_PRIVATE as u64) != 0;
+			} else {
+				return flags & (libc::MAP_ANON as u64) != 0;
+			}
+		}
 
 		// mprotect
 		10 => {}
@@ -171,7 +178,11 @@ fn check_syscall(entry: SyscallEntry) -> bool {
 		13 => {}
 
 		// ioctl
-		16 => {}
+		16 => match entry.args[1] {
+			// TCGETS
+			0x5401 | 0x5413 => {}
+			_ => return false,
+		},
 
 		// pread64
 		17 => {}
@@ -192,7 +203,11 @@ fn check_syscall(entry: SyscallEntry) -> bool {
 		100 => {}
 
 		// arch_prctl
-		158 => {}
+		158 => match entry.args[0] {
+			// ARCH_SET_FS
+			0x1002 => {}
+			_ => return false,
+		},
 
 		// exit_group
 		231 => {}
@@ -204,7 +219,18 @@ fn check_syscall(entry: SyscallEntry) -> bool {
 		262 => {}
 
 		// prlimit64
-		302 => {}
+		302 => {
+			// pid = 0
+			if entry.args[0] != 0 {
+				return false;
+			}
+
+			match entry.args[1] as u32 {
+				libc::RLIMIT_AS | libc::RLIMIT_STACK | libc::RLIMIT_RSS => {}
+				_ => return false,
+			}
+		}
+
 		_ => return false,
 	}
 	true