1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif /* HAVE_CONFIG_H */
#include <stdlib.h>
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <errno.h>
#include <io.h>
#include "evil_private.h"
/*
* Possible values
* PAGE_EXECUTE_READ (equivalent to PAGE_EXECUTE_WRITECOPY)
* PAGE_EXECUTE_READWRITE
* PAGE_READONLY (equivalent to PAGE_WRITECOPY)
* PAGE_READWRITE
*/
static DWORD
_evil_mmap_protection_get(int prot)
{
if (prot & ~(PROT_READ | PROT_WRITE | PROT_EXEC))
return 0xffffffff;
if (prot & PROT_WRITE)
{
if (prot & PROT_EXEC)
return PAGE_EXECUTE_READWRITE;
else
return PAGE_READWRITE;
}
else
{
if (prot & PROT_EXEC)
return PAGE_EXECUTE_READ;
else
return PAGE_READONLY;
}
}
/***** API *****/
void *
mmap(void *addr EVIL_UNUSED,
size_t len,
int prot,
int flags,
int fd,
off_t offset)
{
HANDLE fm;
DWORD protect;
DWORD acs = 0;
HANDLE handle;
void *data;
DWORD low;
DWORD high;
/* get protection */
protect = _evil_mmap_protection_get(prot);
if (protect == 0xffffffff)
return MAP_FAILED;
/* check if the mapping is backed by a file or not */
if (fd == -1)
{
/* shared memory */
if (!(flags & MAP_ANON) || offset)
return MAP_FAILED;
}
else
{
if (flags & MAP_ANON)
return MAP_FAILED;
}
if (fd == -1)
handle = INVALID_HANDLE_VALUE;
else
{
handle = (HANDLE)_get_osfhandle(fd);
if ((errno == EBADF) && (handle == INVALID_HANDLE_VALUE))
{
fprintf(stderr, "[Evil] [mmap] _get_osfhandle failed\n");
return MAP_FAILED;
}
}
#ifdef _WIN64
low = (DWORD)((len >> 32) & 0x00000000ffffffff);
low = (DWORD)(len & 0x00000000ffffffff);
#else
high = 0L;
low = len;
#endif
fm = CreateFileMapping(handle, NULL, protect, high, low, NULL);
if (!fm)
{
fprintf(stderr, "[Evil] [mmap] CreateFileMapping failed: %s\n",
evil_last_error_get());
return MAP_FAILED;
}
if (prot & PROT_WRITE)
acs = FILE_MAP_WRITE;
else
acs = FILE_MAP_READ;
if (prot & PROT_EXEC)
acs |= FILE_MAP_EXECUTE;
if (prot & MAP_PRIVATE)
acs |= FILE_MAP_COPY;
data = MapViewOfFile(fm,
acs,
offset & 0xffff0000,
offset & 0x0000ffff,
len);
CloseHandle(fm);
if (!data)
{
fprintf(stderr, "[Evil] [mmap] MapViewOfFile failed: %s\n",
evil_last_error_get());
return MAP_FAILED;
}
return data;
}
int
munmap(void *addr,
size_t len EVIL_UNUSED)
{
BOOL res;
res = UnmapViewOfFile(addr);
if (!res)
fprintf(stderr, "[Evil] [munmap] UnmapViewOfFile failed: %s\n",
evil_last_error_get());
return (res == 0) ? -1 : 0;
}
int
mprotect(void *addr, size_t len, int prot)
{
DWORD old;
return VirtualProtect(addr, len, _evil_mmap_protection_get(prot), &old) ? 0 : -1;
}
|