[heap-analysis] also track calloc()

hugsy · Apr 1, 2018 · f533924 · f533924
1 parent c99d7cc
commit f533924
Showing 1 changed file with 9 additions and 7 deletions.
diff --git a/gef.py b/gef.py
@@ -3027,10 +3027,10 @@ def stop(self):
 
 
 class TraceMallocBreakpoint(gdb.Breakpoint):
-    """Track allocations done with malloc()."""
+    """Track allocations done with malloc() or calloc."""
 
-    def __init__(self):
-        super(TraceMallocBreakpoint, self).__init__("__libc_malloc", gdb.BP_BREAKPOINT, internal=True)
+    def __init__(self, name):
+        super(TraceMallocBreakpoint, self).__init__(name, gdb.BP_BREAKPOINT, internal=True)
         self.silent = True
         return
 
@@ -3044,6 +3044,7 @@ def stop(self):
         return False
 
 
+
 class TraceMallocRetBreakpoint(gdb.FinishBreakpoint):
     """Internal temporary breakpoint to retrieve the return value of malloc()."""
 
@@ -7954,7 +7955,7 @@ def __init__(self, *args, **kwargs):
         self.add_setting("check_uaf", True, "Break execution when a possible Use-after-Free condition is found")
         self.add_setting("check_heap_overlap", True, "Break execution when a possible overlap in allocation is found")
 
-        self.bp_malloc, self.bp_free, self.bp_realloc = None, None, None
+        self.bp_malloc, self.bp_calloc, self.bp_free, self.bp_realloc = None, None, None, None
         return
 
     @only_if_gdb_running
@@ -7969,8 +7970,9 @@ def do_invoke(self, argv):
         return
 
     def setup(self):
-        ok("Tracking malloc()")
-        self.bp_malloc = TraceMallocBreakpoint()
+        ok("Tracking malloc() & calloc()")
+        self.bp_malloc = TraceMallocBreakpoint("__libc_malloc")
+        self.bp_calloc = TraceMallocBreakpoint("__libc_calloc")
         ok("Tracking free()")
         self.bp_free = TraceFreeBreakpoint()
         ok("Tracking realloc()")
@@ -8006,7 +8008,7 @@ def clean(self, event):
         global __heap_allocated_list__, __heap_freed_list__, __heap_uaf_watchpoints__
 
         ok("{} - Cleaning up".format(Color.colorify("Heap-Analysis", attrs="yellow bold"),))
-        for bp in [self.bp_malloc, self.bp_free, self.bp_realloc]:
+        for bp in [self.bp_malloc, self.bp_calloc, self.bp_free, self.bp_realloc]:
             if hasattr(bp, "retbp") and bp.retbp:
                 bp.retbp.delete()
             bp.delete()