Closed PandaWill closed 1 year ago
Note this fixes pwndbg/pwndbg#1587
Hi @martinradev
Please could you review/merge this so that we can get the pwndbg bug fixed?
Thanks.
Will,
Is it ok if I review and submit by Sunday evening?
I hadn't even considered namespaces, thanks for pointing that out!
I've come up with a more robust method now that is namespace agnostic.
We can add a chardev file backend via the monitor commands. If we create this with a known file path (e.g /tmp/foo123), we can then check for that path as a link target in /proc/[pid]/fd.
This even works for mount namespaces. It won't be the same file, but the path relative to the root of the mount namespace will be.
It shouldn't affect the guest because we don't add a front-end device attached to this backend.
We only do this when pgrep returns more than one pid.
Looks reasonable. I should really add a proper integration test suite for this project.
Thanks a lot Will!
Fixes #22
I.e. parsing:
Note that this is a thread id. We could parse proc to find the process id but it's not necessary since threads share memory. So /proc/[tid]/mem is the same as /proc/[pid]/mem.