needed rebase

google · Oct 18, 2022 · 4d70baf · 4d70baf
1 parent b86fd50
commit 4d70baf
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 24 deletions.
diff --git a/infra/experimental/SystemSan/SystemSan.cpp b/infra/experimental/SystemSan/SystemSan.cpp
@@ -177,27 +177,6 @@ std::string read_string(pid_t pid, unsigned long reg, unsigned long length) {
   return content;
 }
 
-void report_bug(std::string bug_type, pid_t tid) {
-  // Report the bug found based on the bug code.
-  std::cerr << "===BUG DETECTED: " << bug_type.c_str() << "===\n";
-  // Rely on sanitizers/libFuzzer to produce a stacktrace by sending SIGABRT
-  // to the root process.
-  // Note: this may not be reliable or consistent if shell injection happens
-  // in an async way.
-  // Find the thread group id, that is the pid.
-  pid_t pid = tid;
-  auto parent = root_pids[tid];
-  while (!parent.ran_exec) {
-    // Find the first parent which ran exec syscall.
-    if (parent.parent_tid == g_root_pid) {
-      break;
-    }
-    pid = parent.parent_tid;
-    parent = root_pids[parent.parent_tid];
-  }
-  tgkill(pid, tid, SIGABRT);
-}
-
 void inspect_for_injection(pid_t pid, const user_regs_struct &regs) {
   // Inspect a PID's registers for the sign of shell injection.
   std::string path = read_string(pid, regs.rdi, kTripWire.length());

diff --git a/infra/experimental/SystemSan/inspect_utils.cpp b/infra/experimental/SystemSan/inspect_utils.cpp
@@ -29,6 +29,7 @@
 #include <vector>
 
 extern pid_t g_root_pid;
+extern std::map<pid_t, ThreadParent> root_pids;
 
 std::vector<std::byte> read_memory(pid_t pid, unsigned long long address,
                                    size_t size) {
@@ -47,12 +48,23 @@ std::vector<std::byte> read_memory(pid_t pid, unsigned long long address,
   return memory;
 }
 
-void report_bug(std::string bug_type) {
+void report_bug(std::string bug_type, pid_t tid) {
   // Report the bug found based on the bug code.
   std::cerr << "===BUG DETECTED: " << bug_type.c_str() << "===\n";
   // Rely on sanitizers/libFuzzer to produce a stacktrace by sending SIGABRT
   // to the root process.
   // Note: this may not be reliable or consistent if shell injection happens
   // in an async way.
-  tgkill(g_root_pid, g_root_pid, SIGABRT);
+  // Find the thread group id, that is the pid.
+  pid_t pid = tid;
+  auto parent = root_pids[tid];
+  while (!parent.ran_exec) {
+    // Find the first parent which ran exec syscall.
+    if (parent.parent_tid == g_root_pid) {
+      break;
+    }
+    pid = parent.parent_tid;
+    parent = root_pids[parent.parent_tid];
+  }
+  tgkill(pid, tid, SIGABRT);
 }
diff --git a/infra/experimental/SystemSan/inspect_utils.h b/infra/experimental/SystemSan/inspect_utils.h
@@ -25,4 +25,4 @@
 std::vector<std::byte> read_memory(pid_t pid, unsigned long long address,
                                    size_t size);
 
-void report_bug(std::string bug_type);
+void report_bug(std::string bug_type, pid_t tid);