-
-
[求助]ptrace attach由pthread_create创建的线程的问题
-
发表于:
2016-1-21 15:55
5409
-
[求助]ptrace attach由pthread_create创建的线程的问题
借用
https://lkml.org/lkml/2006/8/31/241的代码:
#include <stdio.h>
#include <errno.h>
#include <sys/ptrace.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <pthread.h>
#include <sys/syscall.h>
#include <unistd.h>
pthread_t threadPid = 0;
void *threadFunc(void* dummy)
{
threadPid=syscall(__NR_gettid);
while(1)
{
printf("Thread is running with pid %d\n",threadPid);
sleep(1);
}
}
int main (int argc,char** argv)
{
printf("Parent pid: %d\n",getpid());
pthread_t thread;
if (pthread_create(&thread, NULL, &threadFunc, NULL) == -1)
{
perror("pthread_create:");
return 10;
}
sleep(1);
pid_t childPid;
if(argc==2 && strcmp(argv[1],"-f")==0 &&( childPid=fork()) > 0)
{
printf("Forking process for PTRACE_ATTACH, waitig for\n");
int status;
waitpid(childPid,&status,0);
if( WIFEXITED(status) )
{
printf("Child terminated normally\n");
}
return 0;
}
printf("Tracing threadPid %d.\n",threadPid);
if(ptrace(PTRACE_ATTACH,threadPid,NULL,NULL)!=-1)
{
int status;
if(waitpid(threadPid, &status, WUNTRACED|__WALL) == threadPid)
{
if(ptrace(PTRACE_DETACH,threadPid,NULL,NULL)!=-1)
{
printf("Process %d attaching/detaching was sucessful!\n");
}
else
{
perror("PTRACE_ATTACH:");
}
}
else
{
perror("waitthreadPid:");
printf("status:%d errno:%d\n",status,errno);
}
}
else
{
perror("PTRACE_ATTACH: ");
}
return 0;
}
当使用本进程attach pthread_create的线程时,失败,提示没有权限;
然而,当使用fork后的子进程attach pthread_create的线程时,成功。
这是为什么??本进程对自己的线程attach为何会没有权限?就算使用root权限一样提示没有权限
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
