In child_driver when addr2line binary is getting prepared, it's getting executed with an empty envp. This could lead to issues if the environment is messed up and retsnoop was started with envp, specifically constructed to fix this (think of libraries visibility for example).
Do an extra mile and carry around the original provided envp to pass it into fexecve.
In child_driver when addr2line binary is getting prepared, it's getting executed with an empty envp. This could lead to issues if the environment is messed up and retsnoop was started with envp, specifically constructed to fix this (think of libraries visibility for example).
Do an extra mile and carry around the original provided envp to pass it into fexecve.