search

qilingframework / qiling

A True Instrumentable Binary Emulation Framework
https://qiling.io
GNU General Public License v2.0
5.11k stars 742 forks source link

execve EPERM with system syscall #1451

Open sele-nium opened 8 months ago

sele-nium commented 8 months ago

*Describe the bug I have 2 elf MIPS LE, the main elf run the child with system.

#include <stdlib.h>
#include <stdio.h>

int main()
{
    printf("run system\n");
    system("./testrun");
    return 0;
}
#include <stdlib.h>
#include <stdio.h>

int main()
{
    printf("testrun\n");
    return 0;
}

child is never executed when I use qiling and I see the error execve (EPERM)

Sample Code

#!/usr/bin/env python3

from qiling import Qiling
from qiling.const import QL_VERBOSE, QL_INTERCEPT

if __name__ == "__main__":
    ql = Qiling([r'./testsystem'], r'./', verbose=QL_VERBOSE.DISASM)

    print(f"elf entry {ql.loader.elf_entry:04X}")
    ql.run()

Expected behavior qiling should run the elf child

elicn commented 8 months ago

Could you please attach your logging output when set to QL_VERBOSE.DEBUG? If it is too long, please attach it as a file.

sele-nium commented 8 months ago

sorry for this lack but the output parameter no longer works, so I forgot to attach the file

output.gz