Pointer to a buffer of a certain size containing arbitrary data. More...
#include <items.hxx>
Inheritance diagram for clues::item::BufferPointer:
Public Member Functions | |
| BufferPointer (const SystemCallItem &size_par, const ItemType type, const std::string_view short_name, const std::string_view long_name={}) | |
| const auto & | data () const |
| size_t | availableBytes () const |
| Returns the actual number of input bytes available in the Tracee. | |
| std::string | str () const override |
| Returns a human readable string representation of the item. | |
| Public Member Functions inherited from clues::item::PointerValue | |
| PointerValue (const ItemType type, const std::string_view short_name, const std::string_view long_name) | |
| Public Member Functions inherited from clues::SystemCallItem | |
| SystemCallItem (const ItemType type, const std::string_view short_name={}, const std::string_view long_name={}) | |
| Constructs a new SystemCallItem. | |
| auto | type () const |
| bool | isIn () const |
| bool | isOut () const |
| bool | isInOut () const |
| bool | isReturnValue () const |
| void | fill (const Tracee &proc, const Word word) |
| Fills the item from the given register data. | |
| bool | needsUpdate () const |
| Returns whether the item needs to be updated after the system call is finished. | |
| std::string_view | shortName () const |
| Returns the friendly short name for this item. | |
| std::string_view | longName () const |
| Returns the friendly long name for this item, if available, else the short name. | |
| auto | hasLongName () const |
| bool | isZero () const |
| Returns whether the parameter is set to 0 / NULL. | |
| Word | value () const |
| Returns the currently stored raw value of the item. | |
| template<typename OTHER> | |
| OTHER | valueAs () const |
Helper to cast the strongly typed Word m_val to other strong enum types. | |
| ForeignPtr | asPtr () const |
| Flags | flags () const |
| bool | deferFill () const |
Protected Member Functions | |
| void | processValue (const Tracee &) override |
| Processes the value stored in m_val acc. to the actual item type. | |
| void | updateData (const Tracee &) override |
| Called upon exit of the system call to update possible out parameters. | |
| void | fillBuffer (const Tracee &) |
| Protected Member Functions inherited from clues::SystemCallItem | |
| void | setSystemCall (const SystemCall &sc) |
| Sets the system call context this item is a part of. | |
Protected Attributes | |
| const SystemCallItem & | m_size_par |
| std::vector< uint8_t > | m_data |
| Protected Attributes inherited from clues::SystemCallItem | |
| const SystemCall * | m_call = nullptr |
| The system call context this item part of. | |
| const ItemType | m_type |
| The type of item. | |
| std::string_view | m_short_name |
| A human readable short name for the item, should be one word only. | |
| std::string_view | m_long_name |
| A human readable longer name for the item. | |
| Word | m_val |
| The raw register value for the item. | |
| Flags | m_flags |
| Flags influencing the processing of the item. | |
Additional Inherited Members | |
| Public Types inherited from clues::SystemCallItem | |
| enum class | Flag { DEFER_FILL = 1 << 0 } |
| using | Flags = cosmos::BitMask<Flag> |
Detailed Description
Pointer to a buffer of a certain size containing arbitrary data.
This type is used for read/write buffers like found in read()/write() system calls. They are accompanied by another system call parameter denoting the number of bytes found in the buffer.
Constructor & Destructor Documentation
◆ BufferPointer()
|
inlineexplicit |
Definition at line 156 of file items.hxx.
Member Function Documentation
◆ availableBytes()
| size_t clues::item::BufferPointer::availableBytes | ( | ) | const |
Returns the actual number of input bytes available in the Tracee.
Depending on configuration libclues only fetches part of the tracee's buffer data. This function returns the actual amount of data available in the tracee, in bytes.
The amount of pre-fetched data can be controlled per tracee via Tracee::setMaxBufferPrefetch().
Definition at line 122 of file items.cxx.
◆ data()
|
inline |
◆ fillBuffer()
|
protected |
Definition at line 110 of file items.cxx.
◆ processValue()
|
overrideprotectedvirtual |
Processes the value stored in m_val acc. to the actual item type.
This function is called for all parameter types upon entry to a system call, and for ItemType::RETVAL upon exit from a system call.
For parameters of ItemType::PARAM_OUT this callback can be used to reset any stored data to be filled in later when updateData() is called.
Reimplemented from clues::SystemCallItem.
Definition at line 91 of file items.cxx.
◆ str()
|
overridevirtual |
Returns a human readable string representation of the item.
This member function should be specialized in derived classes to output the item's data in a fashion suitable for the concrete item type.
Reimplemented from clues::SystemCallItem.
Definition at line 126 of file items.cxx.
◆ updateData()
|
overrideprotectedvirtual |
Called upon exit of the system call to update possible out parameters.
This function is called for parameters of ItemType::PARAM_OUT and ItemType::PARAM_IN_OUT upon system call exit to update the data from the values returned from the system call.
The default implementation calls processValue() to allow to share the same data processing code for input and output for item types that support both.
This function is called regardless of system call success or error, so it can happen that there is no valid data returned by the kernel or pointers in userspace are broken. Implementations should take this into consideration when operating on the data.
Reimplemented from clues::SystemCallItem.
Definition at line 101 of file items.cxx.
Member Data Documentation
◆ m_data
|
protected |
◆ m_size_par
|
protected |
The documentation for this class was generated from the following files:
