Add an option for only checking the stack

Toasterbirb · Aug 20, 2024 · e3f0606 · e3f0606
1 parent 58aaa87
commit e3f0606
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 5 deletions.
diff --git a/include/Memory.hpp b/include/Memory.hpp
@@ -107,7 +107,7 @@ namespace harava
 	class memory
 	{
 	public:
-		memory(const i32 pid);
+		memory(const i32 pid, const options opts);
 
 		__attribute__((warn_unused_result))
 		std::vector<result> search(const options opts, const filter filter, const type_bundle value, const comparison comparison);

diff --git a/include/Options.hpp b/include/Options.hpp
@@ -11,5 +11,6 @@ namespace harava
 		bool skip_volatile = false;
 		bool skip_zeroes = false;
 		bool skip_null_regions = false;
+		bool stack_scan = false;
 	};
 }
diff --git a/src/main.cpp b/src/main.cpp
@@ -16,7 +16,8 @@ int main(int argc, char** argv)
 		(clipp::option("--memory", "-m") & clipp::number("GB").set(opts.memory_limit)) % "set the maximum memory usage in gigabytes",
 		clipp::option("--skip-volatile").set(opts.skip_volatile) % "during the initial search scan each region twice and skip values that change between the two scans",
 		clipp::option("--skip-zeroes").set(opts.skip_zeroes) % "skip zeroes during the initial search to lower the memory usage (only really works for comparison searches)",
-		clipp::option("--skip-null-regions").set(opts.skip_null_regions) % "skip memory regions that are full of zeroes during the initial search"
+		clipp::option("--skip-null-regions").set(opts.skip_null_regions) % "skip memory regions that are full of zeroes during the initial search",
+		clipp::option("--stack").set(opts.stack_scan) % "only scan the stack of the process"
 	);
 
 	if (!clipp::parse(argc, argv, cli))

diff --git a/src/memory.cpp b/src/memory.cpp
@@ -107,7 +107,7 @@ namespace harava
 		return match;
 	}
 
-	memory::memory(const i32 pid)
+	memory::memory(const i32 pid, const options opts)
 	:pid(pid), proc_path("/proc/" + std::to_string(pid)), mem_path(proc_path + "/mem")
 	{
 		// Find suitable memory regions
@@ -132,6 +132,9 @@ namespace harava
 			ss << line;
 			ss >> range >> perms >> offset >> ids >> inode_id >> file_path;
 
+			if (opts.stack_scan && file_path != "[stack]")
+				continue;
+
 			// Skip memory regions that are not writable
 			if (!perms.starts_with("rw"))
 				continue;

diff --git a/src/shell.cpp b/src/shell.cpp
@@ -44,7 +44,7 @@ namespace harava
 
 	void run_shell(const options opts)
 	{
-		std::unique_ptr<harava::memory> process_memory = std::make_unique<harava::memory>(opts.pid);
+		std::unique_ptr<harava::memory> process_memory = std::make_unique<harava::memory>(opts.pid, opts);
 
 		harava::filter filter;
 
@@ -470,7 +470,7 @@ namespace harava
 						first_search = true;
 
 						process_memory.reset();
-						process_memory = std::make_unique<harava::memory>(opts.pid);
+						process_memory = std::make_unique<harava::memory>(opts.pid, opts);
 					}
 				}
 			};