thesis: Complete 2.8

thesis/Makefile

@@ -2,7 +2,7 @@
 .PHONY: all clean clean-out
 all: thesis.pdf clean-out
 
-%.pdf: %.tex $(wildcard src/*)
+%.pdf: %.tex $(wildcard src/*) $(wildcard listings/*)
 	latexmk -pdf $<
 
 clean:

thesis/listings/intercept-client.txt

@@ -0,0 +1,73 @@
+1747639484.855979238 17036 17036 \
+  getopt(2, 0x7ffdff7b20b8:[0x7ffdff7b3eb3:"/home/lorenz/client", 0x7ffdff7b3ee6:\
+  "http://www.complang.tuwien.ac.at/"], 0x61520b0190f2:"hp:o:d:"): 0x61520b017ac5 \
+  (/home/lorenz/client+0x1ac5, client.c:186)
+1747639484.856009998 17036 17036 \
+  return -1
+1747639484.859018930 17036 17036 \
+  getaddrinfo(0x7ffdff7b0e70:"www.complang.tuwien.ac.at", 0x61520b019052:"http", 0x7ffdff7b0c30:\
+  [{ai_flags: 0x0:|, ai_family: 0:AF_UNSPEC, ai_socktype: 1:SOCK_STREAM, ai_protocol: 0, \
+  ai_addrlen: 0, ai_addr: (nil):{}, ai_canonname: (nil):"", ai_next: (nil)}], 0x7ffdff7b0c10): \
+  0x61520b01747b (/home/lorenz/client+0x147b, client.c:74)
+1747639484.870971294 17036 17036 \
+  return 0:SUCCESS; errno 0; res=0x615238e79e00:[{ai_flags: 0x0:|, ai_family: 2:AF_INET, \
+  ai_socktype: 1:SOCK_STREAM, ai_protocol: 6, ai_addrlen: 16, ai_addr: 0x615238e79e30:{sa_family: \
+  2:AF_INET, sin_addr: "128.130.173.64", sin_port: 80}, ai_canonname: (nil):"", ai_next: (nil)}]
+1747639484.870983698 17036 17036 \
+  socket(2:AF_INET, 1:SOCK_STREAM, 6): 0x61520b0174f2 (/home/lorenz/client+0x14f2, client.c:81)
+1747639484.870991734 17036 17036 \
+  return 7; errno 0
+1747639484.870998006 17036 17036 \
+  connect(7, 0x615238e79e30:{sa_family: 2:AF_INET, sin_addr: "128.130.173.64", sin_port: 80}, 16): \
+  0x61520b0175f3 (/home/lorenz/client+0x15f3, client.c:104)
+1747639484.877322756 17036 17036 \
+  return 0; errno 0
+1747639484.877333157 17036 17036 \
+  freeaddrinfo(0x615238e79e00): 0x61520b017638 (/home/lorenz/client+0x1638, client.c:114)
+1747639484.877358736 17036 17036 \
+  return
+1747639484.877364678 17036 17036 \
+  send(7, 0x7ffdff7b0f70:"GET / HTTP/1.1\r\nHost: www.complang.tuwien.ac.at\r\nUser-Agent: \
+  osue-12119052/1.0\r\nConnection: close\r\n\r\n", 101, 0x0:|): 0x61520b017f5c \
+  (/home/lorenz/client+0x1f5c, client.c:277)
+1747639484.877385048 17036 17036 \
+  return 101; errno 0
+1747639484.877390719 17036 17036 \
+  recv(7, 0x7ffdff7b0f70, 4095, 0x2:|MSG_PEEK|): 0x61520b017fa1 (/home/lorenz/client+0x1fa1, \
+  client.c:284)
+1747639484.885364636 17036 17036 \
+  return 2674; errno 0; buf=0x7ffdff7b0f70:"HTTP/1.1 200 OK\r\n\
+  Date: Mon, 19 May 2025 07:24:44 GMT\r\n\
+  Server: Apache/2.4.62 (Debian) OpenSSL/3.0.15\r\n\
+  Last-Modified: Thu, 25 Aug 2022 14:41:10 GMT\r\n\
+  ETag: \"944-5e711c9dd0ce5\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2372\r\n\
+  Vary: Accept-Encoding\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n\
+  <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\n               \
+  \"http://www.w3.org/TR/html4/strict.dtd\">\n<HTML lang=\"de\">\n\
+[-- omitted --]
+  </HTML>\n"
+1747639484.889134948 17036 17036 \
+  recv(7, 0x7ffdff7b0f70, 302, 0x0:|): 0x61520b018062 (/home/lorenz/client+0x2062, client.c:300)
+1747639484.889148325 17036 17036 \
+  return 302; errno 0; buf=0x7ffdff7b0f70:"HTTP/1.1 200 OK\r\n\
+  Date: Mon, 19 May 2025 07:24:44 GMT\r\n\
+  Server: Apache/2.4.62 (Debian) OpenSSL/3.0.15\r\n\
+  Last-Modified: Thu, 25 Aug 2022 14:41:10 GMT\r\n\
+  ETag: \"944-5e711c9dd0ce5\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2372\r\n\
+  Vary: Accept-Encoding\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n"
+1747639484.889156551 17036 17036 \
+  recv(7, 0x7ffdff7b0f70, 4096, 0x0:|): 0x61520b018442 (/home/lorenz/client+0x2442, client.c:360)
+1747639484.889160779 17036 17036 \
+  return 2372; errno 0; buf=0x7ffdff7b0f70:"\
+  <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\n\               \
+  \"http://www.w3.org/TR/html4/strict.dtd\">\n<HTML lang=\"de\">\n\
+[-- omitted --]
+  </HTML>\n"
+1747639484.889196809 17036 17036 \
+  recv(7, 0x7ffdff7b0f70, 4096, 0x0:|): 0x61520b018442 (/home/lorenz/client+0x2442, client.c:360)
+1747639484.889200556 17036 17036 \
+  return 0; errno 0; buf=0x7ffdff7b0f70:""
+1747639484.889203532 17036 17036 \
+  close(7): 0x61520b018489 (/home/lorenz/client+0x2489, client.c:375)
+1747639484.889214523 17036 17036 \
+  return 0; errno 0

thesis/src/02.intercept.tex

@@ -453,6 +453,16 @@ These other environment variables are described in the following:
     By default, function calls from everywhere are intercepted.
 \end{description}
 
+The shared object currently supports intercepting the following functions:
+\texttt{malloc}, \texttt{calloc}, \texttt{realloc}, \texttt{reallocarray}, \texttt{free}, \texttt{getopt}, \texttt{exit},
+\texttt{read}, \texttt{pread}, \texttt{write}, \texttt{pwrite}, \texttt{close}, \texttt{sigaction}, \texttt{sem\_init},
+\texttt{sem\_open}, \texttt{sem\_post}, \texttt{sem\_wait}, \texttt{sem\_trywait}, \texttt{sem\_timedwait}, \texttt{sem\_getvalue},
+\texttt{sem\_close}, \texttt{sem\_unlink}, \texttt{sem\_destroy}, \texttt{shm\_open}, \texttt{shm\_unlink}, \texttt{mmap},
+\texttt{munmap}, \texttt{ftruncate}, \texttt{fork}, \texttt{wait}, \texttt{waitpid}, \texttt{execl}, \texttt{execlp},
+\texttt{execle}, \texttt{execv}, \texttt{execvp}, \texttt{execvpe}, \texttt{execve}, \texttt{fexecve}, \texttt{pipe},
+\texttt{dup}, \texttt{dup2}, \texttt{dup3}, \texttt{socket}, \texttt{bind}, \texttt{listen}, \texttt{accept}, \texttt{connect},
+\texttt{getaddrinfo}, \texttt{freeaddrinfo}, \texttt{send}, \texttt{sendto}, \texttt{sendmsg}, \texttt{recv}, \texttt{recvfrom},
+\texttt{recvmsg}, \texttt{getline}, \texttt{getdelim}.
 
 \section{\texttt{intercept} Command}\label{sec:intercept-command}
 
@@ -498,7 +508,25 @@ intercept [-h] [-F FUNCTIONS] [-s] [-o | -L LIBRARIES] \
 
 \section{Example}\label{sec:intercepting-example}
 
-Lorem Ipsum.
+To make it easier for the reader listing \ref{lst:intercept-client} provides some recorded function calls.
+Most lines had to be broken up into multiple lines for better readability.
+The recorded calls stem from a program written by myself as a solution for an assignment in the Operating Systems course at university.
+It is a simple HTTP client.
+The program was invoked using \texttt{./intercept -o -{}- ./client http://www.complang.tuwien.ac.at/}.
+
+The first number on each line indicates unix time with nanosecond precision.
+The second and third numbers correspond to the process ID and thread ID respectively.
+Each line contains either a recorded call to a function or a recorded return of a function.
+After the arguments of each function call a colon (\texttt{:}) indicates the beginning of meta-information.
+This information always includes the return address to where the function jumps when completed.
+If available, the interpretation of the return address is also provided.
+This includes the offset relative to the calling binary and a source file and line number combination if the binary was compiled using \texttt{gcc -g} or \texttt{gcc -gdwarf}.
+
+\begin{listing}[htbp]
+  \inputminted[fontsize=\tiny]{text}{listings/intercept-client.txt}
+  \caption{Recoreded function calls from \texttt{./client}.}
+  \label{lst:intercept-client}
+\end{listing}
 
 
 \section{Analyzing Intercepted Function Calls}\label{sec:analyzing-intercepted-function-calls}
@@ -506,11 +534,6 @@ Lorem Ipsum.
 Lorem Ipsum.
 
 
-\section{Parsing Intercepted Function Calls in Python}\label{sec:parsing-intercepted-function-calls}
-
-Lorem Ipsum.
-
-
 \section{Automated Testing on Intercepted Function Calls}\label{sec:automated-testing-on-intercepted-function-calls}
 
 Lorem Ipsum.