Fix pathtrace for old_mmap/old_mmap_pgoff

As these system calls have only one argument that points to the location in memory containing actual arguments, current path tracing implementation is incorrect. In order to fix this, let's use recently introduced fetch_old_mmap_args in order to get actual arguments suitable for path matching. * pathtrace.c [HAVE_ARCH_OLD_MMAP] <case SEN_old_mmap, case SEN_old_mmap_pgoff>: Retrieve actual old_mmap arguments with fetch_old_mmap_args, pass the value from the retrieved args if it's available.
2018-01-17 02:38:55 +01:00 · 2018-01-17 02:38:55 +01:00 · d3890c53c8
commit d3890c53c8
parent 4c34c65d97
1 changed files with 10 additions and 2 deletions
--- a/pathtrace.c
+++ b/pathtrace.c
@ -214,10 +214,18 @@ pathtrace_match_set(struct tcb *tcp, struct path_set *set)
 			upathmatch(tcp, tcp->u_arg[1], set) ||
 			upathmatch(tcp, tcp->u_arg[3], set);

+#ifdef HAVE_ARCH_OLD_MMAP
 	case SEN_old_mmap:
-#if defined(S390)
+# if defined(S390)
 	case SEN_old_mmap_pgoff:
-#endif
+# endif
+	{
+		kernel_ulong_t *args = fetch_old_mmap_args(tcp);
+
+		return args && fdmatch(tcp, args[4], set);
+	}
+#endif /* HAVE_ARCH_OLD_MMAP */
+
 	case SEN_mmap:
 	case SEN_mmap_4koff:
 	case SEN_mmap_pgoff: