socket.

onegithuber · Jul 12, 2019 · f3b8c01 · f3b8c01
1 parent 6b68e1a
commit f3b8c01
Show file tree

Hide file tree

Showing 6 changed files with 70 additions and 9 deletions.
diff --git a/androidemu/cpu/syscall_handlers.py b/androidemu/cpu/syscall_handlers.py
@@ -44,8 +44,7 @@ def _handle_syscall(self, mu):
                 mu.reg_write(UC_ARM_REG_R0, result)
         else:
 
-            error = ("Unhandled syscall 0x%x (%u) at 0x%x, stopping emulation" % (idx, idx,
-                                                                                      mu.reg_read(UC_ARM_REG_PC)))
-            logger.log(error)
+            error = "Unhandled syscall 0x%x (%u) at 0x%x, stopping emulation" % (idx, idx,
+                                                                                      mu.reg_read(UC_ARM_REG_PC))
             mu.emu_stop()
-            raise error
+            raise RuntimeError(error)
diff --git a/androidemu/cpu/syscall_hooks.py b/androidemu/cpu/syscall_hooks.py
@@ -33,9 +33,25 @@ def __init__(self, mu, syscall_handler):
         self._syscall_handler.set_handler(0x119, "socket", 3, self._socket)
         self._syscall_handler.set_handler(0x11b, "connect", 3, self._connect)
         self._syscall_handler.set_handler(0x159, "getcpu", 3, self._getcpu)
+        self._syscall_handler.set_handler(0x14e, "faccessat", 4, self._faccessat)
+        self._syscall_handler.set_handler(0x14, "getpid", 0, self._getpid)
+        self._syscall_handler.set_handler(0xe0, "gettid", 0, self._gettid)
+        self._syscall_handler.set_handler(0x180,"null1",0, self._null)
         self._clock_start = time.time()
         self._clock_offset = randint(1000, 2000)
 
+    def _null(self, mu):
+        return 0
+
+    def _gettid(self, mu):
+        return  0x2211
+
+    def _getpid(self, mu):
+        return 0x1122
+
+    def _faccessat(self, mu, filename, pathname, mode, flag):
+        return 0
+
     def _getcpu(self, mu, _cpu, node, cache):
         if _cpu != 0:
             mu.mem_write(_cpu, int(1).to_bytes(4, byteorder='little'))
@@ -126,7 +142,8 @@ def _handle_clock_gettime(self, mu, clk_id, tp_ptr):
             raise NotImplementedError("Unsupported clk_id: %d (%x)" % (clk_id, clk_id))
 
     def _socket(self, mu, family, type_in, protocol):
-        raise NotImplementedError()
+        return 0
+        # raise NotImplementedError()
 
     def _connect(self, mu, fd, addr, addr_len):
         print(hexdump.hexdump(mu.mem_read(addr, addr_len)))

diff --git a/androidemu/internal/module.py b/androidemu/internal/module.py
@@ -21,5 +21,11 @@ def __init__(self, filename, address, size, symbols_resolved, init_array=[]):
     def find_symbol(self, name):
         if name in self.symbols:
             return self.symbols[name]
-
         return None
+
+    def is_symbol_addr(self, addr):
+        if addr in self.symbol_lookup:
+            return  self.symbol_lookup[addr](0)
+        else:
+            return None
+
diff --git a/androidemu/native/hooks.py b/androidemu/native/hooks.py
@@ -17,18 +17,20 @@ class NativeHooks:
     """
 
     def __init__(self, emu, memory, modules, hooker):
+        self._module_mgr = modules
         self._emu = emu
         self._memory = memory
         self.atexit = []
 
         modules.add_symbol_hook('__system_property_get', hooker.write_function(self.system_property_get) + 1)
         modules.add_symbol_hook('dladdr', hooker.write_function(self.nop('dladdr')) + 1)
         modules.add_symbol_hook('dlsym', hooker.write_function(self.nop('dlsym')) + 1)
-        modules.add_symbol_hook('dlopen', hooker.write_function(self.nop('dlopen')) + 1)
+        modules.add_symbol_hook('dlopen', hooker.write_function(self.mydlopen) + 1)
         modules.add_symbol_hook('pthread_create', hooker.write_function(self.nop('pthread_create')) + 1)
         modules.add_symbol_hook('pthread_join', hooker.write_function(self.nop('pthread_join')) + 1)
         modules.add_symbol_hook('vfprintf', hooker.write_function(self.nop('vfprintf')) + 1)
         modules.add_symbol_hook('fprintf', hooker.write_function(self.nop('fprintf')) + 1)
+        modules.add_symbol_hook('dladdr', hooker.write_function(self.dladdr) + 1)
 
     @native_method
     def system_property_get(self, uc, name_ptr, buf_ptr):
@@ -42,6 +44,27 @@ def system_property_get(self, uc, name_ptr, buf_ptr):
 
         return None
 
+    @native_method
+    def mydlopen(self, uc, path):
+        path = memory_helpers.read_utf8(uc, path)
+        logger.debug("Called dlopen(%s)" % path)
+        return None
+
+    @native_method
+    def dladdr(self, uc, addr, info):
+        infos = memory_helpers.read_uints(uc, info, 4)
+        Dl_info = {}
+
+        nm = self._emu.native_memory
+        isfind = False
+        for mod in self._module_mgr.modules:
+            if mod.base <= addr < mod.base + mod.size:
+                dli_fname = nm.allocate(len(mod.filename) + 1)
+                memory_helpers.write_utf8(uc, dli_fname, mod.filename + '\x00')
+                memory_helpers.write_uints(uc, addr, [dli_fname, mod.base, 0, 0])
+                return 1
+
+
     def nop(self, name):
         @native_method
         def nop_inside(emu):

diff --git a/androidemu/utils/memory_helpers.py b/androidemu/utils/memory_helpers.py
@@ -1,5 +1,5 @@
 import hexdump
-
+import struct
 
 def hex_dump(mu, address, size):
     data = mu.mem_read(address, size)
@@ -28,6 +28,20 @@ def read_utf8(mu, address):
 
     return buffer[:null_pos].decode("utf-8")
 
+def read_uints(mu, address, num = 1):
+    data = mu.mem_read(address, num * 4)
+    return struct.unpack("I"*num,data)
 
 def write_utf8(mu, address, value):
     mu.mem_write(address, value.encode(encoding="utf-8") + b"\x00")
+
+def write_uints(mu, address, num):
+    l = []
+    if not isinstance(num, list):
+        l = [num]
+    else:
+        l = num
+
+    for v in l:
+        mu.mem_write(address, int(v).to_bytes(4, byteorder='little'))
+        address += 4
diff --git a/samples/example_douyin.py b/samples/example_douyin.py
@@ -9,6 +9,8 @@
 from androidemu.java.java_class_def import JavaClassDef
 from androidemu.java.java_method_def import java_method_def
 
+from samples import debug_utils
+
 class XGorgen(metaclass=JavaClassDef, jvm_name='com/ss/sys/ces/a'):
     def __init__(self):
         pass
@@ -126,7 +128,7 @@ def getStackTrace(self, *args, **kwargs):
 
 # Debug
 # emulator.mu.hook_add(UC_HOOK_CODE, debug_utils.hook_code)
-# emulator.mu.hook_add(UC_HOOK_MEM_UNMAPPED, debug_utils.hook_unmapped)
+emulator.mu.hook_add(UC_HOOK_MEM_UNMAPPED, debug_utils.hook_unmapped)
 # emulator.mu.hook_add(UC_HOOK_MEM_WRITE, debug_utils.hook_mem_write)
 # emulator.mu.hook_add(UC_HOOK_MEM_READ, debug_utils.hook_mem_read)