From b97291602b767e0846462700fe4d87245feb8684 Mon Sep 17 00:00:00 2001 From: "Kartik K. Agaram" Date: Sun, 2 Jan 2022 22:36:18 -0800 Subject: instrument some obvious syscalls --- src/liolib.c | 6 +++++- src/luasocket/inet.c | 13 +++++++++++++ src/luasocket/tcp.c | 13 +++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/src/liolib.c b/src/liolib.c index 6c03421..a22be20 100644 --- a/src/liolib.c +++ b/src/liolib.c @@ -132,7 +132,7 @@ static char iolib_errbuf[1024] = {0}; static int io_open (lua_State *L) { const char *filename = luaL_checkstring(L, 1); const char *mode = luaL_optstring(L, 2, "r"); - static buffer[1024] = {0}; + static char buffer[1024] = {0}; memset(buffer, '\0', 1024); snprintf(buffer, 1020, "io.open(\"%s\", \"%s\")", filename, mode); append_to_audit_log(L, buffer); @@ -174,6 +174,10 @@ static int f_lines (lua_State *L) { static int io_lines (lua_State *L) { const char *filename = luaL_checkstring(L, 1); FILE **pf = newfile(L); + static char buffer[1024] = {0}; + memset(buffer, '\0', 1024); + snprintf(buffer, 1020, "io.lines(\"%s\", \"r\")", filename); + append_to_audit_log(L, buffer); if (file_operation_permitted(filename, "r")) *pf = fopen(filename, "r"); else { diff --git a/src/luasocket/inet.c b/src/luasocket/inet.c index fabbffc..d726c89 100644 --- a/src/luasocket/inet.c +++ b/src/luasocket/inet.c @@ -4,6 +4,7 @@ \*=========================================================================*/ #include "luasocket.h" #include "inet.h" +#include "../teliva.h" #include #include @@ -62,6 +63,10 @@ static int inet_gethost(const char *address, struct hostent **hp) { \*-------------------------------------------------------------------------*/ static int inet_global_tohostname(lua_State *L) { const char *address = luaL_checkstring(L, 1); + static char buffer[1024] = {0}; + memset(buffer, '\0', 1024); + snprintf(buffer, 1020, "socket.tohostname(\"%s\")", address); + append_to_audit_log(L, buffer); struct hostent *hp = NULL; int err = inet_gethost(address, &hp); if (err != IO_DONE) { @@ -82,6 +87,10 @@ static int inet_global_getnameinfo(lua_State *L) { struct addrinfo *resolved, *iter; const char *host = luaL_optstring(L, 1, NULL); const char *serv = luaL_optstring(L, 2, NULL); + static char buffer[1024] = {0}; + memset(buffer, '\0', 1024); + snprintf(buffer, 1020, "socket.getnameinfo(\"%s\", \"%s\")", host, serv); + append_to_audit_log(L, buffer); if (!(host || serv)) luaL_error(L, "host and serv cannot be both nil"); @@ -126,6 +135,10 @@ static int inet_global_toip(lua_State *L) { const char *address = luaL_checkstring(L, 1); struct hostent *hp = NULL; + static char buffer[1024] = {0}; + memset(buffer, '\0', 1024); + snprintf(buffer, 1020, "socket.toip(\"%s\")", address); + append_to_audit_log(L, buffer); int err = inet_gethost(address, &hp); if (err != IO_DONE) { lua_pushnil(L); diff --git a/src/luasocket/tcp.c b/src/luasocket/tcp.c index 5876bfb..ba99ae6 100644 --- a/src/luasocket/tcp.c +++ b/src/luasocket/tcp.c @@ -9,6 +9,7 @@ #include "inet.h" #include "options.h" #include "tcp.h" +#include "../teliva.h" #include @@ -214,6 +215,7 @@ static int meth_accept(lua_State *L) p_tcp server = (p_tcp) auxiliar_checkclass(L, "tcp{server}", 1); p_timeout tm = timeout_markstart(&server->tm); t_socket sock; + append_to_audit_log(L, "socket.accept()"); const char *err = inet_tryaccept(&server->sock, server->family, &sock, tm); /* if successful, push client socket */ if (err == NULL) { @@ -243,6 +245,10 @@ static int meth_bind(lua_State *L) { p_tcp tcp = (p_tcp) auxiliar_checkclass(L, "tcp{master}", 1); const char *address = luaL_checkstring(L, 2); const char *port = luaL_checkstring(L, 3); + static char buffer[1024] = {0}; + memset(buffer, '\0', 1024); + snprintf(buffer, 1020, "socket.bind(\"%s\", %s)", address, port); + append_to_audit_log(L, buffer); const char *err; struct addrinfo bindhints; memset(&bindhints, 0, sizeof(bindhints)); @@ -268,6 +274,10 @@ static int meth_connect(lua_State *L) { const char *port = luaL_checkstring(L, 3); struct addrinfo connecthints; const char *err; + static char buffer[1024] = {0}; + memset(buffer, '\0', 1024); + snprintf(buffer, 1020, "socket.connect(\"%s\", %s)", address, port); + append_to_audit_log(L, buffer); memset(&connecthints, 0, sizeof(connecthints)); connecthints.ai_socktype = SOCK_STREAM; /* make sure we try to connect only to the same family */ @@ -320,6 +330,7 @@ static int meth_getfamily(lua_State *L) \*-------------------------------------------------------------------------*/ static int meth_listen(lua_State *L) { + append_to_audit_log(L, "socket.listen()"); p_tcp tcp = (p_tcp) auxiliar_checkclass(L, "tcp{master}", 1); int backlog = (int) luaL_optnumber(L, 2, 32); int err = socket_listen(&tcp->sock, backlog); @@ -353,12 +364,14 @@ static int meth_shutdown(lua_State *L) \*-------------------------------------------------------------------------*/ static int meth_getpeername(lua_State *L) { + append_to_audit_log(L, "socket.getpeername()"); p_tcp tcp = (p_tcp) auxiliar_checkgroup(L, "tcp{any}", 1); return inet_meth_getpeername(L, &tcp->sock, tcp->family); } static int meth_getsockname(lua_State *L) { + append_to_audit_log(L, "socket.getsockname()"); p_tcp tcp = (p_tcp) auxiliar_checkgroup(L, "tcp{any}", 1); return inet_meth_getsockname(L, &tcp->sock, tcp->family); } -- cgit 1.4.1-2-gfad0