diff --git a/.vscode/settings.json b/.vscode/settings.json index 06bc5fe..2ae650d 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -19,7 +19,8 @@ "wait.h": "c", "signal_handlers.h": "c", "terminal_utils.h": "c", - "stdlib.h": "c" + "stdlib.h": "c", + "init_cleanup.h": "c" }, "C_Cpp.errorSquiggles": "disabled" } \ No newline at end of file diff --git a/build/config.o b/build/config.o index c7dadc1..3ec92e5 100644 Binary files a/build/config.o and b/build/config.o differ diff --git a/build/debug.o b/build/debug.o index 7699e81..4d648ea 100644 Binary files a/build/debug.o and b/build/debug.o differ diff --git a/build/execve_interceptor.o b/build/execve_interceptor.o index 916b815..c733236 100644 Binary files a/build/execve_interceptor.o and b/build/execve_interceptor.o differ diff --git a/build/hook_write.o b/build/hook_write.o index d64dc30..f9de376 100644 Binary files a/build/hook_write.o and b/build/hook_write.o differ diff --git a/build/hook_write.so b/build/hook_write.so index d17bd7c..9e9526b 100755 Binary files a/build/hook_write.so and b/build/hook_write.so differ diff --git a/build/init_cleanup.o b/build/init_cleanup.o index 409a44a..771479f 100644 Binary files a/build/init_cleanup.o and b/build/init_cleanup.o differ diff --git a/build/intercept.so b/build/intercept.so index c269ed5..dd7d2a6 100755 Binary files a/build/intercept.so and b/build/intercept.so differ diff --git a/build/logging.o b/build/logging.o index e408358..73b57ec 100644 Binary files a/build/logging.o and b/build/logging.o differ diff --git a/build/pty_dup.o b/build/pty_dup.o index 64c13cc..ace5756 100644 Binary files a/build/pty_dup.o and b/build/pty_dup.o differ diff --git a/build/rules.o b/build/rules.o index a8df34e..7f2a2a3 100644 Binary files a/build/rules.o and b/build/rules.o differ diff --git a/build/signal_handlers.o b/build/signal_handlers.o index 6c87b3d..71e1f95 100644 Binary files a/build/signal_handlers.o and b/build/signal_handlers.o differ diff --git a/build/terminal_utils.o b/build/terminal_utils.o index 11d40e3..1c6c24f 100644 Binary files a/build/terminal_utils.o and b/build/terminal_utils.o differ diff --git a/build/utils.o b/build/utils.o index 497c020..d23d0cf 100644 Binary files a/build/utils.o and b/build/utils.o differ diff --git a/logs/execve.log b/logs/execve.log index e69de29..d606d3f 100644 --- a/logs/execve.log +++ b/logs/execve.log @@ -0,0 +1,116 @@ +[Wed Apr 9 20:41:23 2025 +] Command: /usr/bin/lesspipe +arg[0]: lesspipe +[Wed Apr 9 20:41:23 2025 +] Command: /usr/bin/dircolors +arg[0]: dircolors +arg[1]: -b +[Wed Apr 9 20:41:24 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +[Wed Apr 9 23:41:08 2025 +] Command: /usr/bin/lesspipe +arg[0]: lesspipe +[Wed Apr 9 23:41:08 2025 +] Command: /usr/bin/dircolors +arg[0]: dircolors +arg[1]: -b +[Wed Apr 9 23:41:10 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +[Wed Apr 9 23:43:12 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +[Wed Apr 9 23:43:20 2025 +] Command: /usr/bin/lesspipe +arg[0]: lesspipe +[Wed Apr 9 23:43:20 2025 +] Command: /usr/bin/dircolors +arg[0]: dircolors +arg[1]: -b +[Wed Apr 9 23:43:20 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +[Wed Apr 9 23:58:40 2025 +] Command: /usr/bin/lesspipe +arg[0]: lesspipe +[Wed Apr 9 23:58:40 2025 +] Command: /usr/bin/dircolors +arg[0]: dircolors +arg[1]: -b +[Wed Apr 9 23:58:53 2025 +] Command: /usr/bin/lesspipe +arg[0]: lesspipe +[Wed Apr 9 23:58:53 2025 +] Command: /usr/bin/dircolors +arg[0]: dircolors +arg[1]: -b +[Thu Apr 10 00:00:43 2025 +] Command: /usr/bin/lesspipe +arg[0]: lesspipe +[Thu Apr 10 00:00:43 2025 +] Command: /usr/bin/dircolors +arg[0]: dircolors +arg[1]: -b +[Thu Apr 10 00:16:12 2025 +] Command: /usr/bin/lesspipe +arg[0]: lesspipe +[Thu Apr 10 00:16:12 2025 +] Command: /usr/bin/dircolors +arg[0]: dircolors +arg[1]: -b +[Thu Apr 10 00:16:13 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +[Thu Apr 10 00:16:15 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +arg[2]: -CF +[Thu Apr 10 00:17:05 2025 +] Command: /usr/bin/lesspipe +arg[0]: lesspipe +[Thu Apr 10 00:17:05 2025 +] Command: /usr/bin/dircolors +arg[0]: dircolors +arg[1]: -b +[Thu Apr 10 00:17:06 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +[Thu Apr 10 00:17:09 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +arg[2]: -CF +[Thu Apr 10 00:17:12 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +arg[2]: -alF +[Thu Apr 10 00:17:36 2025 +] Command: /usr/bin/lesspipe +arg[0]: lesspipe +[Thu Apr 10 00:17:36 2025 +] Command: /usr/bin/dircolors +arg[0]: dircolors +arg[1]: -b +[Thu Apr 10 00:17:37 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +[Thu Apr 10 00:17:38 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +arg[2]: -CF +[Thu Apr 10 00:17:41 2025 +] Command: /usr/bin/ls +arg[0]: ls +arg[1]: --color=auto +arg[2]: -alF diff --git a/logs/execve_out.log b/logs/execve_out.log index e69de29..fc46f3b 100644 --- a/logs/execve_out.log +++ b/logs/execve_out.log @@ -0,0 +1,60 @@ +Makefile README.md build config logs output.txt src test_bash.sh tests +[DEBUG][PID 179587] src/pty_dup.c:43:dupIO(): forkpty result is: 0. +[DEBUG][PID 179587] src/pty_dup.c:50:dupIO(): Child process ready. +Makefile README.md build config logs output.txt src test_bash.sh tests +[DEBUG][PID 180868] src/pty_dup.c:43:dupIO(): forkpty result is: 0. +[DEBUG][PID 180868] src/pty_dup.c:50:dupIO(): Child process ready. +Makefile README.md build config logs output.txt src test_bash.sh tests +[DEBUG][PID 181037] src/pty_dup.c:43:dupIO(): forkpty result is: 0. +[DEBUG][PID 181037] src/pty_dup.c:50:dupIO(): Child process ready. +Makefile README.md build config logs output.txt src test_bash.sh tests +[DEBUG][PID 214944] src/pty_dup.c:43:dupIO(): forkpty result is: 0. +[DEBUG][PID 214944] src/pty_dup.c:50:dupIO(): Child process ready. +Makefile README.md build config logs output.txt src test_bash.sh tests +[DEBUG][PID 214969] src/pty_dup.c:43:dupIO(): forkpty result is: 0. +[DEBUG][PID 214969] src/pty_dup.c:50:dupIO(): Child process ready. +Makefile README.md build/ config/ logs/ output.txt src/ test_bash.sh* tests/ + [DEBUG][PID 215677] src/pty_dup.c:43:dupIO(): forkpty result is: 0. + [DEBUG][PID 215677] src/pty_dup.c:50:dupIO(): Child process ready. +Makefile README.md build config logs output.txt src test_bash.sh tests + [DEBUG][PID 215741] src/pty_dup.c:43:dupIO(): forkpty result is: 0. + [DEBUG][PID 215741] src/pty_dup.c:50:dupIO(): Child process ready. +Makefile README.md build/ config/ logs/ output.txt src/ test_bash.sh* tests/ + [DEBUG][PID 215794] src/pty_dup.c:43:dupIO(): forkpty result is: 0. + [DEBUG][PID 215794] src/pty_dup.c:50:dupIO(): Child process ready. +total 68 +drwxr-xr-x 9 qcqcqc qcqcqc 4096 Apr 10 00:17 ./ +drwxr-xr-x 8 qcqcqc qcqcqc 4096 Apr 9 20:33 ../ +drwxr-xr-x 8 qcqcqc qcqcqc 4096 Apr 9 20:34 .git/ +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 .vscode/ +-rw-r--r-- 1 qcqcqc qcqcqc 1364 Apr 9 20:33 Makefile +-rw-r--r-- 1 qcqcqc qcqcqc 4361 Apr 9 20:33 README.md +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 10 00:17 build/ +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 config/ +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 logs/ +-rw-r--r-- 1 qcqcqc qcqcqc 16097 Apr 9 20:33 output.txt +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 src/ +-rwxr-xr-x 1 qcqcqc qcqcqc 2594 Apr 9 20:33 test_bash.sh* +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 tests/ + [DEBUG][PID 216195] src/pty_dup.c:43:dupIO(): forkpty result is: 0. + [DEBUG][PID 216195] src/pty_dup.c:50:dupIO(): Child process ready. +Makefile README.md build config logs output.txt src test_bash.sh tests + [DEBUG][PID 216203] src/pty_dup.c:43:dupIO(): forkpty result is: 0. + [DEBUG][PID 216203] src/pty_dup.c:50:dupIO(): Child process ready. +Makefile README.md build/ config/ logs/ output.txt src/ test_bash.sh* tests/ + [DEBUG][PID 216247] src/pty_dup.c:43:dupIO(): forkpty result is: 0. + [DEBUG][PID 216247] src/pty_dup.c:50:dupIO(): Child process ready. +total 68 +drwxr-xr-x 9 qcqcqc qcqcqc 4096 Apr 10 00:17 ./ +drwxr-xr-x 8 qcqcqc qcqcqc 4096 Apr 9 20:33 ../ +drwxr-xr-x 8 qcqcqc qcqcqc 4096 Apr 9 20:34 .git/ +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 .vscode/ +-rw-r--r-- 1 qcqcqc qcqcqc 1364 Apr 9 20:33 Makefile +-rw-r--r-- 1 qcqcqc qcqcqc 4361 Apr 9 20:33 README.md +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 10 00:17 build/ +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 config/ +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 logs/ +-rw-r--r-- 1 qcqcqc qcqcqc 16097 Apr 9 20:33 output.txt +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 src/ +-rwxr-xr-x 1 qcqcqc qcqcqc 2594 Apr 9 20:33 test_bash.sh* +drwxr-xr-x 2 qcqcqc qcqcqc 4096 Apr 9 20:33 tests/ diff --git a/src/debug.h b/src/debug.h index 7dad4b4..b54fe16 100644 --- a/src/debug.h +++ b/src/debug.h @@ -6,7 +6,7 @@ void print_stacktrace(); #define DEBUG_LOG(fmt, ...) \ - fprintf(stderr, "[DEBUG][PID %d] %s:%d:%s(): " fmt "\n", getpid(), \ + fprintf(stderr, "[DEBUG][PID %d] %s:%d:%s(): " fmt "\n\r", getpid(), \ __FILE__, __LINE__, __func__, ##__VA_ARGS__) #else diff --git a/src/execve_interceptor.c b/src/execve_interceptor.c index 291ad3a..4bf20a1 100644 --- a/src/execve_interceptor.c +++ b/src/execve_interceptor.c @@ -28,7 +28,7 @@ orig_execve_type orig_execve = NULL; #ifdef HOOK /** - * 拦截系统调用execve, + * 拦截系统调用execve, * 在真实调用直接检查配置和创建输出 */ int execve(const char *filename, char *const argv[], char *const envp[]) { @@ -36,9 +36,11 @@ int execve(const char *filename, char *const argv[], char *const envp[]) { /** * 在真实系统调用之前可以调用这个函数, * 主进程会做出和直接调用execve一样的逻辑, - * 在此之前检查配置和创建输出 + * 在此之前检查配置和创建输出, + * 返回值1表示可以运行,返回值0表示不能运行,返回值-1表示出错 */ -int pre_hook(const char *filename, char *const argv[], char *const envp[]) { +int enhance_execve(const char *filename, char *const argv[], + char *const envp[]) { (void)envp; #endif // 去除首尾空格 @@ -95,7 +97,8 @@ int pre_hook(const char *filename, char *const argv[], char *const envp[]) { #ifdef HOOK return orig_execve(filename, argv, envp); #else - return 0; + return execve(filename, argv, envp); + // return -1; #endif } @@ -106,7 +109,8 @@ int pre_hook(const char *filename, char *const argv[], char *const envp[]) { #ifdef HOOK return orig_execve(filename, argv, envp); #else - return 0; + return execve(filename, argv, envp); + // return 1; #endif } @@ -124,7 +128,8 @@ int pre_hook(const char *filename, char *const argv[], char *const envp[]) { #ifdef HOOK return orig_execve(filename, argv, envp); #else - return 0; + return execve(filename, argv, envp); + // return 1; #endif } @@ -141,7 +146,8 @@ int pre_hook(const char *filename, char *const argv[], char *const envp[]) { #ifdef HOOK return orig_execve(filename, argv, envp); #else - return 0; + return execve(filename, argv, envp); + // return 1; #endif } else if (strcmp(shared_config->rules[i].type, "warn") == 0) { @@ -198,6 +204,8 @@ int pre_hook(const char *filename, char *const argv[], char *const envp[]) { return orig_execve(filename, argv, new_envp); #else - return 0; + DEBUG_LOG("Ready to exec file: %s", filename); + return execve(filename, argv, envp); + // return 1; #endif } \ No newline at end of file diff --git a/src/execve_interceptor.h b/src/execve_interceptor.h index a20a2c7..e6aa4b1 100644 --- a/src/execve_interceptor.h +++ b/src/execve_interceptor.h @@ -11,7 +11,8 @@ typedef int (*orig_execve_type)(const char *filename, char *const argv[], extern orig_execve_type orig_execve; int execve(const char *filename, char *const argv[], char *const envp[]); - +#else +int enhance_execve(const char *filename, char *const argv[], char *const envp[]); #endif #endif // EXECVE_INTERCEPTOR_H \ No newline at end of file diff --git a/src/pty_dup.c b/src/pty_dup.c index 32f50b6..d818461 100644 --- a/src/pty_dup.c +++ b/src/pty_dup.c @@ -28,6 +28,7 @@ void dupIO() { struct termios term; struct winsize win; + DEBUG_LOG("Setup termios...."); setup_termios(&term); signal(SIGINT, handle_sigint); @@ -39,16 +40,19 @@ void dupIO() { } pid = forkpty(&master, NULL, &term, &win); + DEBUG_LOG("forkpty result is: %d.", pid); child_pid = pid; if (pid < 0) { perror("forkpty failed"); exit(1); } else if (pid == 0) { + DEBUG_LOG("Child process ready."); signal(SIGINT, SIG_DFL); return; } + DEBUG_LOG("Ready to handle IO"); handle_io(master); close(master); diff --git a/src/terminal_utils.c b/src/terminal_utils.c index 6a5d6eb..4213efa 100644 --- a/src/terminal_utils.c +++ b/src/terminal_utils.c @@ -1,6 +1,7 @@ #include "terminal_utils.h" -#include "config.h" +#include "config.h" +#include "debug.h" #include "pty_dup.h" void setup_termios(struct termios *term) { @@ -47,9 +48,11 @@ void handle_io(int master_fd) { struct termios orig_term, raw_term; // 保存原始终端设置 + DEBUG_LOG("Saving original config."); tcgetattr(STDIN_FILENO, &orig_term); // 设置原始模式 + DEBUG_LOG("Setting origin mode."); raw_term = orig_term; cfmakeraw(&raw_term); tcsetattr(STDIN_FILENO, TCSANOW, &raw_term); @@ -75,6 +78,7 @@ void handle_io(int master_fd) { } while (1) { + DEBUG_LOG("poll....."); int ret = poll(fds, 2, 100); // 设置超时以便定期检查子进程状态 if (ret < 0) { if (errno == EINTR) continue; @@ -83,7 +87,9 @@ void handle_io(int master_fd) { } // 优先处理 PTY 输出,确保缓冲区中的数据被完全读出 + DEBUG_LOG("Handling pty output..."); if (fds[1].revents & (POLLIN | POLLHUP)) { + DEBUG_LOG("Read from: %d \n\r", master_fd); ssize_t n = read(master_fd, buffer, sizeof(buffer)); if (n > 0) { // 直接写入,让终端自己处理控制序列 @@ -93,15 +99,38 @@ void handle_io(int master_fd) { } // 检查子进程状态 + DEBUG_LOG("Checking child status: %d", child_status); if (child_status != -1) { // 再次尝试读取可能残留的输出 while (1) { ssize_t n = read(master_fd, buffer, sizeof(buffer)); - if (n <= 0) break; - write(STDOUT_FILENO, buffer, n); - write(log_fd, buffer, n); + DEBUG_LOG("Read n is: %ld", n); + if (n < 0) { + // 读取错误处理 + break; + } else if (n == 0) { + // EOF处理 + break; + } + // 写入错误检查 + if (n > 0) { + ssize_t written = write(STDOUT_FILENO, buffer, n); + if (written < 0) { + perror("write to stdout failed"); + break; + } + + if (log_fd >= 0) { + written = write(log_fd, buffer, n); + if (written < 0) { + perror("write to log failed"); + break; + } + } + } } + DEBUG_LOG("fflush."); // 确保所有输出都已刷新 fflush(stdout); fflush(stderr); @@ -110,6 +139,7 @@ void handle_io(int master_fd) { } // 处理标准输入 + DEBUG_LOG("Handling stdin"); if (fds[0].revents & POLLIN) { ssize_t n = read(STDIN_FILENO, buffer, sizeof(buffer)); if (n <= 0) break; @@ -122,7 +152,8 @@ void handle_io(int master_fd) { } } - if (log_fd) { + DEBUG_LOG("Try to close log_fd: %d", log_fd); + if (log_fd > 0) { close(log_fd); }