Wrap readlink function

luoyesiqiu · Sep 6, 2024 · 076bf1e · 076bf1e
1 parent 5cc0dad
commit 076bf1e
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 4 deletions.
diff --git a/shell/src/main/cpp/dpt_hook.cpp b/shell/src/main/cpp/dpt_hook.cpp
@@ -6,7 +6,9 @@
 #include <unordered_map>
 #include <dex/CodeItem.h>
 #include "dpt_hook.h"
+#include "dpt_risk.h"
 #include "bytehook.h"
+
 using namespace dpt;
 
 extern std::unordered_map<int, std::unordered_map<int, data::CodeItem*>*> dexMap;
@@ -104,7 +106,7 @@ DPT_ENCRYPT void patchMethod(uint8_t *begin,__unused const char *location,uint32
         }
     }
     else{
-        DLOGE("[*] patchMethod cannot find dex: %d in dex map",dexIndex);
+        DLOGE("[*] patchMethod cannot find dex: '%s' in dex map",location);
     }
 }
 
@@ -261,10 +263,8 @@ DPT_ENCRYPT void* fake_mmap(void* __addr, size_t __size, int __prot, int __flags
     int hasRead = (__prot & PROT_READ) == PROT_READ;
     int hasWrite = (__prot & PROT_WRITE) == PROT_WRITE;
 
-    char link_path[128] = {0};
-    snprintf(link_path,sizeof(link_path),"/proc/%d/fd/%d",getpid(),__fd);
     char fd_path[256] = {0};
-    readlink(link_path,fd_path,sizeof(fd_path));
+    dpt_readlink(__fd,fd_path, ARRAY_LENGTH(fd_path));
 
     if(strstr(fd_path,"webview.vdex") != nullptr) {
         DLOGW("fake_mmap link path: %s, no need to change prot",fd_path);
@@ -299,6 +299,7 @@ DPT_ENCRYPT void hook_mmap(){
         DLOGD("mmap hook success!");
     }
 }
+
 DPT_ENCRYPT int fake_execve(const char *pathname, char *const argv[], char *const envp[]) {
     BYTEHOOK_STACK_SCOPE();
     DLOGW("execve hooked: %s", pathname);
@@ -309,6 +310,7 @@ DPT_ENCRYPT int fake_execve(const char *pathname, char *const argv[], char *cons
     }
     return BYTEHOOK_CALL_PREV(fake_execve, pathname, argv, envp);
 }
+
 DPT_ENCRYPT void hook_execve(){
     bytehook_stub_t stub = bytehook_hook_single(
             getArtLibName(),

diff --git a/shell/src/main/cpp/dpt_util.cpp b/shell/src/main/cpp/dpt_util.cpp
@@ -16,6 +16,12 @@ using namespace dpt;
 
 DPT_DATA_SECTION uint8_t DATA_R_FLAG[] = "r";
 
+size_t dpt_readlink(int fd, char *result_path,size_t path_max_len) {
+    char link_path[128] = {0};
+    snprintf(link_path,sizeof(link_path),"/proc/%d/fd/%d",getpid(),fd);
+    return readlink(link_path,result_path,path_max_len);
+}
+
 int dpt_mprotect(void *start,void *end,int prot) {
     uintptr_t start_addr = PAGE_START((uintptr_t)start);
     uintptr_t end_addr = PAGE_START((uintptr_t)end - 1) + getpagesize();

diff --git a/shell/src/main/cpp/dpt_util.h b/shell/src/main/cpp/dpt_util.h
@@ -58,6 +58,7 @@ const char* find_symbol_in_elf_file(const char *elf_file,int keyword_count,...);
 void get_elf_section(Elf_Shdr *target,const char *elf_path,const char *sh_name);
 
 int dpt_mprotect(void *start,void *end,int prot);
+size_t dpt_readlink(int fd, char *result_path,size_t path_max_len);
 
 void getClassName(JNIEnv *env,jobject obj,char *destClassName,size_t max_len);
 void parseClassName(const char *src, char *dest);