forked from scanmem/scanmem
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmaps.h
71 lines (57 loc) · 2.55 KB
/
maps.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
/*
Reading the data from /proc/pid/maps into a regions list.
Copyright (C) 2006,2007,2009 Tavis Ormandy <[email protected]>
Copyright (C) 2009 Eli Dupree <[email protected]>
Copyright (C) 2009,2010 WANG Lu <[email protected]>
Copyright (C) 2014-2016 Sebastian Parschauer <[email protected]>
This file is part of libscanmem.
This library is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published
by the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this library. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef MAPS_H
#define MAPS_H
#include <stdbool.h>
#include <sys/types.h>
#include "list.h"
/* determine which regions we need */
typedef enum {
REGION_ALL, /* All regions, including non-writable regions */
REGION_ALL_RW, /* each of them */
REGION_HEAP_STACK_EXECUTABLE, /* heap, stack, executable */
REGION_HEAP_STACK_EXECUTABLE_BSS /* heap, stack, executable, bss */
} region_scan_level_t;
typedef enum {
REGION_TYPE_MISC,
REGION_TYPE_CODE,
REGION_TYPE_EXE,
REGION_TYPE_HEAP,
REGION_TYPE_STACK
} region_type_t;
#define REGION_TYPE_NAMES { "misc", "code", "exe", "heap", "stack" }
extern const char *region_type_names[];
/* a region obtained from /proc/pid/maps, these are searched for matches */
typedef struct {
void *start; /* Start address. Hack: If HAVE_PROCMEM is defined, this is actually an (unsigned long) offset into /proc/{pid}/mem */
unsigned long size; /* size */
region_type_t type;
unsigned long load_addr; /* e.g. load address of the executable */
struct __attribute__((packed)) {
unsigned read:1;
unsigned write:1;
unsigned exec:1;
unsigned shared:1;
unsigned private:1;
} flags;
unsigned id; /* unique identifier */
char filename[1]; /* associated file, must be last */
} region_t;
bool sm_readmaps(pid_t target, list_t *regions, region_scan_level_t region_scan_level);
#endif /* MAPS_H */