module_init not showing the printk that I want it to - c

I am trying to make my module display a printk. I'm new to this so I might have some programming errors. This is my module C file:
#include <linux/linkage.h>
#include <linux/time.h>
#include <linux/module.h>
asmlinkage long sys_mycall(int myid, char* firstname)
{
printk ("Hello, %s! \n sys_mycall called from process %d with ID %d. \n",
firstname, current->id, myid);
return 0;
}
static int my_init(void)
{
return 0;
}
static int my_exit(void)
{
printk("Goodbye!");
return 0;
}
module_init(sys_mycall);
module_exit(my_exit);
First thing is that I don't know how the arrow pointer exactly works so I usually omit it from the printk so it compiles perfectly. If someone can give me a link or something on how to understand it I would really appreciate it.
When I insert it using insmod in the terminal and then display the message using dmesg I get the message by the module_init calling the sys_mycall but I cannot add any arguments to it and it displays the message but it doesn't show anything for firstname or for myid.

I think the problem that module init expect no parameters in the function, it must be void (you can add them in a different way), so basically your function is called with garbage that is currently in the stack, which might be anything but it probably zero as otherwise your kernel will crash.
what do you want to print? I understand current->id, but no the others.

You have no log level specified, so I suspect it's being filtered out as below the threshold. Stick a KERN_WARNING in front of your format string and verify that it prints. Message without a log level are interpreted at CONFIG_DEFAULT_MESSAGE_LOGLEVEL from your .config file.

Related

Where is scanf() reading input from, if not from the keyboard?

I'm a novice programmer getting introduced to C and I'm missing something fundamental about the way my scanf() works. I want to read a single int from the keyboard with code like this:
#include <stdio.h>
#include <stdlib.h>
int main(void) {
int userBookSelection;
scanf("%i", &userBookSelection);
printf("Printing userBookSelection: %i", userBookSelection);
return EXIT_SUCCESS;
}
When I run the code, the console stays black until I stop debugging. There is never a cursor waiting for keyboard input. When I stop debug I can see this output in the console, same every time:
Printing userBookSelection: 2130567168
I'm debugging in Eclipse with MinGW GCC compiler on Windows. The code syntax seems to be correct -- is it possible there's something wrong in my build path to make this happen? I need to know why scanf() isn't reading for keyboard input.
So I've gotten a line of code from my professor which takes care of this bug -- whether it's a necessary solution particular to Eclipse and/or MinGW I'm not sure. In any case, here's the code with the additional line:
int main(void) {
int userBookSelection;
setvbuf (stdout, NULL, _IONBF, 0);//<---The magic line
scanf("%i", &userBookSelection);
printf("Printing userBookSelection: %i", userBookSelection);
return EXIT_SUCCESS;
}
I'd appreciate any additional wisdom on what's going on, what setvbuf() is doing and how scanf() works more fundamentally.

debug assertion expression stream!=null every time i use fopen

I'm actually having problems with not one but 2 to 3 programs using files and their commands like fopen, fscanf, while(strcmp(input,"E")!=0).Atleast, I think that is the problem. All these programs show the same error that is debug assertion failed! Expression (stream!=null).I tried everything but nothing seems to work pls help. I cant understand what to do. Pls reply as soon as possible.This is one of the programs:
# include <stdio.h>
# include <conio.h>
# include <string.h>
# include <stdlib.h>
void main()
{ char add[6],length[10],input[10],binary[12],bitmask[12],relocbit;
int start,inp,len,i,address,opcode,addr,actualadd;
FILE *fp1=fopen("relinput.dat","r");
FILE *fp2=fopen("reloutput.dat","w");
system("cls");
printf("Enter the actual starting address : ");
scanf("%d",&start);
fscanf(fp1,"%s",input);
while(strcmp(input,"E")!=0)
{ if(strcmp(input,"H")==0)
{ fscanf(fp1,"%s",add);
fscanf(fp1,"%s",length);
fscanf(fp1,"%s",input);
}
if(strcmp(input,"T")==0)
{ fscanf(fp1,"%d",&address);
fscanf(fp1,"%s",bitmask);
address+=start;
len=strlen(bitmask);
for(i=0;i<len;i++)
{ fscanf(fp1,"%d",&opcode);
fscanf(fp1,"%d",&addr);
relocbit=bitmask[i];
if(relocbit=='0')
actualadd=addr;
else
actualadd=addr+start;
fprintf(fp2,"%d\t%d%d\n",address,opcode,actualadd);
address+=3;
}
fscanf(fp1,"%s",input);
}
}
fclose(fp1);
fclose(fp2);
printf("FINISHED");
getch();
}
You need to do error checking on your fopen procedures and in general. This error is most likely due to a fscanf or fopen returning an unexpected value that you didn't catch.
More useful tips:
Debug with breakpoints if your IDE allows you to
Format your code to be more in line and easily readable
Comment on Functions to make clear what they do, for future readers or your future self.

How do I change EIP in a different process?

I'm trying to hack another program by changing the EIP of it. There are two programs running, one is the target, that tells where the function that is the "core-function"(e.g. a function that receive a password string as a parameter and returns true or false) is in memory.
Then now that I know where the core-function is I wanna modify the EIP with the other program so the target program can call my function and simply get a true out of it and print out a beautiful "access granted".
My code is now like this:
Target Program:
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
int checkPwd(char *pwd)
{
printf("\nstill in the function\n");
if(strcmp(pwd, "patrick") == 0) return true;
else return false;
}
int main()
{
char pwd[16];
printf("%d", checkPwd);
scanf("%s", &pwd);
system("pause");
if(checkPwd(pwd)) printf("Granted!\n");
else printf("Not granted\n");
system("pause");
}
Attacker Program:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <memory.h>
int returnTrue()
{
return true;
}
int main()
{
int hex;
scanf("%d", &hex);
memcpy((void*)hex, (void*)returnTrue, sizeof(char)*8);
system("pause");
}
I wanna add that I tried to put the hex code directly(without the scanf part) in the attacker program and did not work, it crashed.
So I think I'm missing some part of the theory in here. I'd be glad to know what is it.
Thanks in advance.
This won't work—the processes occupy different memory spaces!
Modern operating systems are designed to protect user programs from exactly this kind of attack. One process doesn't have access to the memory of another—and indeed, the addresses of data are only valid inside that process.
When a program is running, it has its own view of memory, and only can "see" memory that the kernel has instructed the memory management unit (MMU) to map for it.
Some references:
Mapping of Virtual Address to Physical Address
Printing same physical address in a c program
Why are these two addresses not the same?
It is possible to inject a function into another process but it is a little more involved than you think. The first thing is you need the proper length of the function you can do this by creating two functions.
static int realFunction() { ... }
static void realFunctionEnd() {}
Now when you copy the function over you do the length of:
realFunctionEnd - realFunction
This will give you the size. Now you cannot just call the other functions because as stated they are not guranteed to be at the same address in the other process, but you can assume that , I will assume windows, that kernal32.dll is at the same address so you can actually pass that to the realFunction when you create a remote thread.
Now, as to your real issue. What you need to do is to either inject a dll or copy a function over into the other process and then hook the function that you need to change. You can do this by copying another function over and making that code executable and then overwriting the first five bytes of the target function with a jump to your injected code, or you can do a proper detour type hook. In either case it should work. Or, you can find the offset into the function and patch it yourself by writing the proper op codes in place of the real code, such as a return of true.
Some kind of injection or patching is required to complete this, you have the basic idea, but there is a little more to it than you think at the moment. I have working code for windows to copy a function into another process, but I believe it is a good learning experience.

how to print to console graphically in C on unix

So I'm familiar with printf and the like, but I need to update a single line on the screen without having multiple lines scrolling. I have found libraries to do this in windows (conio.h) but not in unix. I need to be able to run this in cygwin, but any unix examples would be welcome.
I found the following stackoverflow article , but I don't think it quite closes the question for my needs.
Thanks for your help
It depends on whether you're trying to do a text-mode full-screen application (in which case ncurses is probably what you want) or just want to update a single line in-place (e.g., you want to update an "X percent done" indicator from 1 to 100, with all the output appearing on the same line so when X percent done is printed, it prints "over" the previous X-1 percent done indicator). In the latter case, you can write code that's relatively portable, and considerably simpler as well. For example, something like this:
#include <windows.h> // Used only for "Sleep" in our simulated work load
#include <stdio.h>
void do_work() {
// Simulated work load. Just waste some time:
Sleep(100);
}
int main() {
for (int i=0; i<100; i++) {
char buffer[82];
sprintf(buffer, "%d percent done", i+1);
printf("\r%-79s", buffer);
do_work();
}
return 0;
}
You want Ncurses for this. It's a library which allows you to edit any character on the screen.

about write function in linux device driver

I wrote a linux device driver and implemented the function device_write like this:
static int device_write(struct file* file,const char* buff,int count, loff * offp)
{
//some implementation
printk("write value %x to card\n",value);
//some implementation
}
I also implement the device_read function and have a printk to print some information in it.
The problem is when I use the read(fd,buff,1) in application program the printk result is displayed but when I use the write(fd,buff,1) there is no printk's result.The device_write function may not be called.What can cause this problem? Have anyone encounter this kind of problem before? Can anybody give me some help and suggestion?
This is only half an answer, but it is too big for a comment.
Are other actions within your device_write function happening?
Do a very simple printk at the top of the device_write function and see if that prints. Something like
static int device_write(struct file* file,const char* buff,int count, loff * offp)
{
printk("%s: %s\n", __FILE__, __func__);
that executes regardless of whatever else happens in the function. If that prints then you can narrow down where to go from there.
If that doesn't work then make sure you are actually setting the function pointer in the device structure. Or maybe your error is in the test application. Are you sure that you've opened up the device with write permissions? That would be an easy mistake to make if you copied code from a program initially written just to test the read functionality.

Resources