diff --git a/qiling/os/posix/syscall/socket.py b/qiling/os/posix/syscall/socket.py index a80c7b998..ca0cf94ae 100644 --- a/qiling/os/posix/syscall/socket.py +++ b/qiling/os/posix/syscall/socket.py @@ -67,6 +67,17 @@ def ql_bin_to_ip(ip): return ipaddress.ip_address(ip).compressed +def ql_unix_socket_path(ql: Qiling, sun_path: bytearray) -> str: + if sun_path[0] == 0: + # Abstract Unix namespace + # TODO: isolate from host namespace + # TODO: Windows + ql.log.warning(f'Beware! Usage of hosts abstract socket namespace {bytes(sun_path)}') + return sun_path.decode() + sun_path = sun_path.split(b'\0')[0].decode() + return ql.os.path.transform_to_real_path(sun_path) + + def ql_syscall_socket(ql: Qiling, socket_domain, socket_type, socket_protocol): idx = next((i for i in range(NR_OPEN) if ql.os.fd[i] is None), -1) regreturn = idx @@ -115,8 +126,7 @@ def ql_syscall_connect(ql: Qiling, connect_sockfd, connect_addr, connect_addrlen try: if s.family == family: if s.family == AF_UNIX: - sun_path = sock_addr[2 : ].split(b"\x00")[0] - sun_path = ql.os.path.transform_to_real_path(sun_path.decode()) + sun_path = ql_unix_socket_path(ql, sock_addr[2:]) s.connect(sun_path) regreturn = 0 elif s.family == AF_INET: @@ -297,8 +307,7 @@ def ql_syscall_bind(ql: Qiling, bind_fd, bind_addr, bind_addrlen): port = port + 8000 if sin_family == 1: - path = data[2 : ].split(b'\x00')[0] - path = ql.os.path.transform_to_real_path(path.decode()) + path = ql_unix_socket_path(ql, data[2:]) ql.log.info(path) ql.os.fd[bind_fd].bind(path) @@ -545,19 +554,22 @@ def ql_syscall_recvfrom(ql: Qiling, sockfd: int, buf: int, length: int, flags: i ql.log.debug("%s" % tmp_buf) sin_family = int(sock.family) - data = struct.pack("H", tmp_addr[1]) - data += ipaddress.ip_address(tmp_addr[0]).packed + sockaddr_out += struct.pack(">H", tmp_addr[1]) + sockaddr_out += ipaddress.ip_address(tmp_addr[0]).packed addrlen = ql.mem.read_ptr(addrlen) - data = data[:addrlen] + sockaddr_out = sockaddr_out[:addrlen] - ql.mem.write(addr, data) + if addr: + ql.mem.write(addr, sockaddr_out) ql.mem.write(buf, tmp_buf) return len(tmp_buf) @@ -600,8 +612,7 @@ def ql_syscall_sendto(ql: Qiling, sockfd: int, sendto_buf, sendto_len, sendto_fl ql.log.debug("sendto() len is " + str(sendto_len)) if sin_family == 1: - path = data[2 : ].split(b'\x00')[0] - path = ql.os.path.transform_to_real_path(path.decode()) + path = ql_unix_socket_path(ql, data[2:]) ql.log.debug("sendto() path is " + str(path)) regreturn = sock.sendto(bytes(tmp_buf), sendto_flags, path) diff --git a/qiling/os/posix/syscall/uio.py b/qiling/os/posix/syscall/uio.py index f07346a04..6c8e6e3d6 100644 --- a/qiling/os/posix/syscall/uio.py +++ b/qiling/os/posix/syscall/uio.py @@ -17,7 +17,7 @@ def ql_syscall_writev(ql: Qiling, fd: int, vec: int, vlen: int): regreturn += l buf = ql.mem.read(addr, l) - ql.log.debug(f'{buf.decode()!r}') + ql.log.debug(f'{bytes(buf)}') if hasattr(ql.os.fd[fd], 'write'): ql.os.fd[fd].write(buf) diff --git a/qiling/os/posix/syscall/unistd.py b/qiling/os/posix/syscall/unistd.py index 046446f63..4e4e38170 100644 --- a/qiling/os/posix/syscall/unistd.py +++ b/qiling/os/posix/syscall/unistd.py @@ -143,12 +143,8 @@ def ql_syscall_faccessat(ql: Qiling, dfd: int, filename: int, mode: int): if not os.path.exists(real_path): regreturn = -1 - - elif stat.S_ISFIFO(Stat(real_path).st_mode): - regreturn = 0 - else: - regreturn = -1 + regreturn = 0 if regreturn == -1: ql.log.debug(f'File not found or skipped: {access_path}')