Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 25 Apr 2025 03:03:55 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 285021] the procctl PROC_TRACE_CTL doesn't work as expected
Message-ID:  <bug-285021-227-mMlvRo1I2q@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-285021-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285021

--- Comment #12 from WZIS Software <wzis@hotmail.com> ---
I am using the follow codes to get a process cmd name from it's PID:
#ifdef FreeBSD
    struct kinfo_proc *kp;
    kp=kinfo_getproc(pid);

    if(kp!=NULL)
    {
        char cmdp[128];
        strcpy(cmdp, kp[0].ki_comm);
        free(kp);
        return basename(cmdp);
    }
    else
        return NULL;
#endif

However, I found it's not reliable, often returns the wrong name.
and:
  char *cmdn;
  cmdn=get_cmdname(pgdpids->pid1);
  fprintf(stderr, "cmdn of pid=%d=%s\n", pgdpids->pid1, cmdn);
  if(cmdn==NULL || strstr(av[2], cmdn)==NULL)
  {
        shmctl(shmid, IPC_RMID, NULL);
        fprintf(stderr, "1 pid1=%d pid2=%d\n", pgdpids->pid1, pgdpids->pid2);
        system("ps aux");
        fprintf(stderr, "av[2]=%s, cmdn=%s: Someone has attacked the %s, please
check then
 rerun!\n", av[2], cmdn, av[2]);
        kill(pid, 9);
        return -1;
  }

and the result is:
 cmdn of pid=6107=Q
1 pid1=6107 pid2=6103
USER  PID  %CPU %MEM   VSZ  RSS TT  STAT STARTED     TIME COMMAND
root   11 197.0  0.0     0   32  -  RNL  12:42   38:40.59 [idle]
root    0   0.0  0.0     0  448  -  DLs  12:42    0:04.35 [kernel]
root    1   0.0  0.0 11772 1112  -  SLs  12:42    0:00.01 /sbin/init
root    2   0.0  0.0     0   32  -  DL   12:42    0:00.00 [KTLS]
root    3   0.0  0.0     0   48  -  DL   12:42    0:00.00 [crypto]
root    4   0.0  0.0     0   32  -  DL   12:42    0:01.25 [cam]
root    5   0.0  0.0     0   16  -  DL   12:42    0:00.23 [rand_harvestq]
root    6   0.0  0.0     0   48  -  DL   12:42    0:00.21 [pagedaemon]
root    7   0.0  0.0     0   16  -  DL   12:42    0:00.00 [vmdaemon]
root    8   0.0  0.0     0   64  -  DL   12:42    0:00.15 [bufdaemon]
root    9   0.0  0.0     0   16  -  DL   12:42    0:00.02 [vnlru]
root   10   0.0  0.0     0   16  -  DL   12:42    0:00.00 [audit]
root   12   0.0  0.0     0  240  -  WL   12:42    0:03.39 [intr]
root   13   0.0  0.0     0   48  -  DL   12:42    0:00.06 [geom]
root   14   0.0  0.0     0   16  -  DL   12:42    0:00.00 [sequencer 00]
root   15   0.0  0.0     0  160  -  DL   12:42    0:00.20 [usb]
root   16   0.0  0.0     0   16  -  DL   12:42    0:00.09 [syncer]
root  502   0.0  0.1 11568 1508  -  Is   12:42    0:00.00 /sbin/devd
root  711   0.0  0.1 12868 2668  -  Is   12:42    0:00.01 /usr/sbin/syslogd -s
ntpd  778   0.0  0.2 28040 5084  -  Ss   12:43    0:00.10 /usr/sbin/ntpd -p
/var/db/ntp/n
root  788   0.0  0.1 13080 2376  -  Is   12:43    0:00.00 /usr/sbin/moused -p
/dev/psm0 -
root  849   0.0  0.3 21068 8192  -  Is   12:43    0:00.00 sshd: /usr/sbin/sshd
[listener]
root  853   0.0  0.1 12908 2604  -  Ss   12:43    0:00.01 /usr/sbin/cron -s
root  884   0.0  0.4 21508 9340  -  Ss   12:46    0:01.15 sshd: root@pts/0
(sshd)
root  890   0.0  0.4 21508 9384  -  Is   12:46    0:00.02 sshd: root@pts/1
(sshd)
root  892   0.0  0.4 21508 9368  -  Is   12:46    0:00.02 sshd: root@pts/2
(sshd)
root 6103   0.0  0.1 11772 1932  -  Ss   13:02    0:00.12 ./bsd123.hackme
root 6107   0.0  0.1 11776 1848  -  Ss   13:02    0:00.01 ./bsd123.hackme
root  866   0.0  0.1 12836 2256 v0  Is+  12:43    0:00.00 /usr/libexec/getty Pc
ttyv0
root  867   0.0  0.1 12836 2268 v1  Is+  12:43    0:00.00 /usr/libexec/getty Pc
ttyv1
root  868   0.0  0.1 12836 2256 v2  Is+  12:43    0:00.00 /usr/libexec/getty Pc
ttyv2
root  869   0.0  0.1 12836 2260 v3  Is+  12:43    0:00.00 /usr/libexec/getty Pc
ttyv3
root  870   0.0  0.1 12836 2256 v4  Is+  12:43    0:00.00 /usr/libexec/getty Pc
ttyv4
root  871   0.0  0.1 12836 2264 v5  Is+  12:43    0:00.00 /usr/libexec/getty Pc
ttyv5
root  872   0.0  0.1 12836 2264 v6  Is+  12:43    0:00.00 /usr/libexec/getty Pc
ttyv6
root  873   0.0  0.1 12836 2260 v7  Is+  12:43    0:00.00 /usr/libexec/getty Pc
ttyv7
root  887   0.0  0.2 14904 4612  0  Ss   12:46    0:00.04 -bash (bash)
root 6099   0.0  0.1 13580 3032  0  S+   13:02    0:00.01 /bin/sh
/var/tmp/.cmd.MxNBZ4
root 6386   0.0  0.1 13172 2544  0  S+   13:02    0:00.00 /var/wzpkg/guardchk
6099 ./bsd1
root 6387   0.0  0.1 13444 2992  0  R+   13:02    0:00.00 ps aux
root  896   0.0  0.2 14904 4560  1  Is+  12:46    0:00.01 -bash (bash)
root  899   0.0  0.2 14904 4564  2  Is+  12:46    0:00.01 -bash (bash)
av[2]=./bsd123.hackme, cmdn=: Someone has attacked the ./bsd123.hackme, please
check then rerun!
Killed

-- 
You are receiving this mail because:
You are the assignee for the bug.
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-285021-227-mMlvRo1I2q>