Merge pull request #14 from aktsk/v0.2.3

v0.2.3

cmd/cmd.go

@@ -9,6 +9,7 @@ import (
 	"log"
 	"os"
 	"os/exec"
+	"path/filepath"
 	"regexp"
 	"strconv"
 	"strings"
@@ -38,22 +39,27 @@ func Plist() (string, error) {
 
 	re := regexp.MustCompile(`\s+`)
 	line, err := out.ReadString('\n')
-	pids := []string{}
+	pids := make(map[string]string)
 	for err == nil && len(line) != 0 {
 		s := strings.Split(re.ReplaceAllString(string(line), " "), " ")
 		pid := s[1]
 		cmd := s[8]
 		if pid != "PID" && cmd != "" && cmd != "ps" && cmd != "sh" && cmd != "medit" {
 			fmt.Printf("Package: %s, PID: %s\n", cmd, pid)
-			pids = append(pids, pid)
+			pids[cmd] = pid
 		}
 		line, err = out.ReadString('\n')
 	}
 
-	if len(pids) == 1 {
-		fmt.Printf("Target PID has been set to %s.\n", pids[0])
-		return pids[0], nil
+	current_path, _ := os.Getwd()
+	_, package_name := filepath.Split(current_path)
+	for cmd, pid := range pids {
+		if cmd == package_name {
+			fmt.Printf("Target PID has been set to %s.\n", pid)
+			return pid, nil
+		}
 	}
+
 	return "", nil
 }
 
@@ -98,10 +104,11 @@ func Attach(pid string) error {
 
 func Find(pid string, targetVal string, dataType string) ([]Found, error) {
 	founds := []Found{}
-	// search value in /proc/<pid>/mem
+	// parse /proc/<pid>/map, and get writable area
 	mapsPath := fmt.Sprintf("/proc/%s/maps", pid)
-	memPath := fmt.Sprintf("/proc/%s/mem", pid)
 	addrRanges, err := memory.GetWritableAddrRanges(mapsPath)
+	// search value in /proc/<pid>/mem
+	memPath := fmt.Sprintf("/proc/%s/mem", pid)
 	if err != nil {
 		return nil, err
 	}
@@ -115,6 +122,8 @@ func Find(pid string, targetVal string, dataType string) ([]Found, error) {
 				converter: converter.StringToBytes,
 				dataType:  "UTF-8 string",
 			})
+		} else if _, ok := err.(memory.TooManyErr); ok {
+			return founds, err
 		}
 		fmt.Println("------------------------")
 
@@ -129,6 +138,8 @@ func Find(pid string, targetVal string, dataType string) ([]Found, error) {
 				})
 			}
 			return founds, nil
+		} else if _, ok := err.(memory.TooManyErr); ok {
+			return founds, err
 		}
 		fmt.Println("------------------------")
 		foundAddrs, err = memory.FindDword(memPath, targetVal, addrRanges)
@@ -141,6 +152,8 @@ func Find(pid string, targetVal string, dataType string) ([]Found, error) {
 				})
 			}
 			return founds, nil
+		} else if _, ok := err.(memory.TooManyErr); ok {
+			return founds, err
 		}
 		fmt.Println("------------------------")
 		foundAddrs, err = memory.FindQword(memPath, targetVal, addrRanges)
@@ -153,6 +166,8 @@ func Find(pid string, targetVal string, dataType string) ([]Found, error) {
 				})
 			}
 			return founds, nil
+		} else if _, ok := err.(memory.TooManyErr); ok {
+			return founds, err
 		}
 
 	} else if dataType == "string" {
@@ -166,6 +181,8 @@ func Find(pid string, targetVal string, dataType string) ([]Found, error) {
 				})
 			}
 			return founds, nil
+		} else if _, ok := err.(memory.TooManyErr); ok {
+			return founds, err
 		}
 
 	} else if dataType == "word" {
@@ -179,6 +196,8 @@ func Find(pid string, targetVal string, dataType string) ([]Found, error) {
 				})
 			}
 			return founds, nil
+		} else if _, ok := err.(memory.TooManyErr); ok {
+			return founds, err
 		}
 
 	} else if dataType == "dword" {
@@ -192,6 +211,8 @@ func Find(pid string, targetVal string, dataType string) ([]Found, error) {
 				})
 			}
 			return founds, nil
+		} else if _, ok := err.(memory.TooManyErr); ok {
+			return founds, err
 		}
 
 	} else if dataType == "qword" {
@@ -205,6 +226,8 @@ func Find(pid string, targetVal string, dataType string) ([]Found, error) {
 				})
 			}
 			return founds, nil
+		} else if _, ok := err.(memory.TooManyErr); ok {
+			return founds, err
 		}
 	}
 
@@ -235,7 +258,7 @@ func Filter(pid string, targetVal string, prevFounds []Found) ([]Found, error) {
 			}
 		}
 		foundAddrs, _ := memory.FindDataInAddrRanges(memPath, targetBytes, addrRanges)
-		fmt.Printf("Found: %d!!!\n", len(foundAddrs))
+		fmt.Printf("Found: %d!!\n", len(foundAddrs))
 		if len(foundAddrs) < 10 {
 			for _, v := range foundAddrs {
 				fmt.Printf("Address: 0x%x\n", v)

main.go

@@ -48,10 +48,7 @@ func executor(in string) {
 			targetVal = inputSlice[2]
 			dataType = inputSlice[1]
 		}
-		foundAddr, err := cmd.Find(appPID, targetVal, dataType)
-		if err != nil {
-			fmt.Println(err)
-		}
+		foundAddr, _ := cmd.Find(appPID, targetVal, dataType)
 		addrCache = foundAddr
 
 	} else if strings.HasPrefix(in, "filter") {

pkg/memory/search.go

@@ -13,7 +13,7 @@ import (
 	"github.com/aktsk/apk-medit/pkg/converter"
 )
 
-var splitSize = 0x50000000
+var splitSize = 0x5000000
 var bufferPool = sync.Pool{
 	New: func() interface{} {
 		return make([]byte, splitSize)
@@ -57,6 +57,22 @@ func GetWritableAddrRanges(mapsPath string) ([][2]int, error) {
 	return addrRanges, nil
 }
 
+type Err struct {
+	err error
+}
+
+func (e *Err) Error() string {
+	return fmt.Sprint(e.err)
+}
+
+type ParseErr struct {
+	*Err
+}
+
+type TooManyErr struct {
+	*Err
+}
+
 func FindDataInAddrRanges(memPath string, targetBytes []byte, addrRanges [][2]int) ([]int, error) {
 	foundAddrs := []int{}
 	f, err := os.OpenFile(memPath, os.O_RDONLY, 0600)
@@ -71,6 +87,7 @@ func FindDataInAddrRanges(memPath string, targetBytes []byte, addrRanges [][2]in
 			fmt.Println(err)
 		}
 		for i := 0; i < (memSize/splitSize)+1; i++ {
+			// target memory is too big to read all of it, so split it and then search in memory
 			splitIndex := (i + 1) * splitSize
 			splittedBeginAddr := beginAddr + i*splitSize
 			splittedEndAddr := endAddr
@@ -81,9 +98,9 @@ func FindDataInAddrRanges(memPath string, targetBytes []byte, addrRanges [][2]in
 			ReadMemory(f, b, splittedBeginAddr, splittedEndAddr)
 			findDataInSplittedMemory(&b, targetBytes, searchLength, splittedBeginAddr, 0, &foundAddrs)
 			bufferPool.Put(b)
-			if len(foundAddrs) > 60000 {
+			if len(foundAddrs) > 500000 {
 				fmt.Println("Too many addresses with target data found...")
-				return foundAddrs, errors.New("Error: Too many addresses")
+				return foundAddrs, TooManyErr{&Err{errors.New("Error: Too many addresses")}}
 			}
 		}
 	}
@@ -107,66 +124,66 @@ func FindString(memPath string, targetVal string, addrRanges [][2]int) ([]int, e
 	fmt.Println("Search UTF-8 String...")
 	targetBytes, _ := converter.StringToBytes(targetVal)
 	fmt.Printf("Target Value: %s(%v)\n", targetVal, targetBytes)
-	foundAddrs, _ := FindDataInAddrRanges(memPath, targetBytes, addrRanges)
-	fmt.Printf("Found: %d!\n", len(foundAddrs))
+	foundAddrs, err := FindDataInAddrRanges(memPath, targetBytes, addrRanges)
+	fmt.Printf("Found: %d!!\n", len(foundAddrs))
 	if len(foundAddrs) < 10 {
 		for _, v := range foundAddrs {
 			fmt.Printf("Address: 0x%x\n", v)
 		}
 	}
-	return foundAddrs, nil
+	return foundAddrs, err
 }
 
 func FindWord(memPath string, targetVal string, addrRanges [][2]int) ([]int, error) {
 	fmt.Println("Search Word...")
 	targetBytes, err := converter.WordToBytes(targetVal)
 	if err != nil {
 		fmt.Printf("parsing %s: value out of range\n", targetVal)
-		return nil, err
+		return nil, ParseErr{&Err{errors.New("Error: value out of range")}}
 	}
 	fmt.Printf("Target Value: %s(%v)\n", targetVal, targetBytes)
-	foundAddrs, _ := FindDataInAddrRanges(memPath, targetBytes, addrRanges)
-	fmt.Printf("Found: %d!\n", len(foundAddrs))
+	foundAddrs, err := FindDataInAddrRanges(memPath, targetBytes, addrRanges)
+	fmt.Printf("Found: %d!!\n", len(foundAddrs))
 	if len(foundAddrs) < 10 {
 		for _, v := range foundAddrs {
 			fmt.Printf("Address: 0x%x\n", v)
 		}
 	}
-	return foundAddrs, nil
+	return foundAddrs, err
 }
 
 func FindDword(memPath string, targetVal string, addrRanges [][2]int) ([]int, error) {
 	fmt.Println("Search Double Word...")
 	targetBytes, err := converter.DwordToBytes(targetVal)
 	if err != nil {
 		fmt.Printf("parsing %s: value out of range\n", targetVal)
-		return nil, err
+		return nil, ParseErr{&Err{errors.New("Error: value out of range")}}
 	}
 	fmt.Printf("Target Value: %s(%v)\n", targetVal, targetBytes)
-	foundAddrs, _ := FindDataInAddrRanges(memPath, targetBytes, addrRanges)
-	fmt.Printf("Found: %d!\n", len(foundAddrs))
+	foundAddrs, err := FindDataInAddrRanges(memPath, targetBytes, addrRanges)
+	fmt.Printf("Found: %d!!\n", len(foundAddrs))
 	if len(foundAddrs) < 10 {
 		for _, v := range foundAddrs {
 			fmt.Printf("Address: 0x%x\n", v)
 		}
 	}
-	return foundAddrs, nil
+	return foundAddrs, err
 }
 
 func FindQword(memPath string, targetVal string, addrRanges [][2]int) ([]int, error) {
 	fmt.Println("Search Quad Word...")
 	targetBytes, err := converter.QwordToBytes(targetVal)
 	if err != nil {
 		fmt.Printf("parsing %s: value out of range\n", targetVal)
-		return nil, err
+		return nil, ParseErr{&Err{errors.New("Error: value out of range")}}
 	}
 	fmt.Printf("Target Value: %s(%v)\n", targetVal, targetBytes)
-	foundAddrs, _ := FindDataInAddrRanges(memPath, targetBytes, addrRanges)
-	fmt.Printf("Found: %d!\n", len(foundAddrs))
+	foundAddrs, err := FindDataInAddrRanges(memPath, targetBytes, addrRanges)
+	fmt.Printf("Found: %d!!\n", len(foundAddrs))
 	if len(foundAddrs) < 10 {
 		for _, v := range foundAddrs {
 			fmt.Printf("Address: 0x%x\n", v)
 		}
 	}
-	return foundAddrs, nil
+	return foundAddrs, err
 }