diff --git a/src/libdrakvuf/linux-processes.c b/src/libdrakvuf/linux-processes.c index 0a8aadb61..65811aa84 100644 --- a/src/libdrakvuf/linux-processes.c +++ b/src/libdrakvuf/linux-processes.c @@ -144,7 +144,8 @@ addr_t linux_get_current_process(drakvuf_t drakvuf, uint64_t vcpu_id) { if ( VMI_FAILURE == vmi_read_addr(vmi, &ctx, &process) || process < MIN_KERNEL_BOUNDARY ) { ctx.addr = drakvuf->kpcr[vcpu_id] & ~STACK_SIZE_8K; - vmi_read_addr(vmi, &ctx, &process); + if ( VMI_FAILURE == vmi_read_addr(vmi, &ctx, &process) || process < MIN_KERNEL_BOUNDARY ) + process = 0; } } diff --git a/src/plugins/filetracer/filetracer.cpp b/src/plugins/filetracer/filetracer.cpp index 5e8f079b6..46d67cdf9 100644 --- a/src/plugins/filetracer/filetracer.cpp +++ b/src/plugins/filetracer/filetracer.cpp @@ -293,9 +293,12 @@ static event_response_t cb(drakvuf_t drakvuf, drakvuf_trap_info_t *info) { tag = info->regs->r8; } else { ctx.addr = info->regs->rsp+8; - vmi_read_32(vmi, &ctx, (uint32_t*)&size); + if ( VMI_FAILURE == vmi_read_32(vmi, &ctx, (uint32_t*)&size) ) + return 0; + ctx.addr = info->regs->rsp+12; - vmi_read_32(vmi, &ctx, (uint32_t*)&tag); + if ( VMI_FAILURE == vmi_read_32(vmi, &ctx, (uint32_t*)&tag) ) + return 0; } /*printf("Got a heap alloc request for tag %c%c%c%c!\n", @@ -309,7 +312,9 @@ static event_response_t cb(drakvuf_t drakvuf, drakvuf_trap_info_t *info) { addr_t ret, ret_pa; ctx.addr = info->regs->rsp; - vmi_read_addr(vmi, &ctx, &ret); + if ( VMI_FAILURE == vmi_read_addr(vmi, &ctx, &ret) ) + return 0; + ret_pa = vmi_pagetable_lookup(vmi, info->regs->cr3, ret); struct rettrap_struct *s = (struct rettrap_struct*)g_hash_table_lookup(f->rettraps, &ret_pa); @@ -330,7 +335,9 @@ static event_response_t cb(drakvuf_t drakvuf, drakvuf_trap_info_t *info) { rettrap->cb = pool_alloc_return; rettrap->data = s; - drakvuf_add_trap(drakvuf, rettrap); + if (!drakvuf_add_trap(drakvuf, rettrap)) + return 0; + g_hash_table_insert(f->rettraps, &rettrap->breakpoint.addr, s); }