Example #1
0
// checkLibraries retrieves the linked libraries of a process and compares them with the
// regexes of library checks
func (s search) checkLibraries(proc process.Process, procname string) (matchedall bool) {
	matchedall = true
	if s.checkmask&checkLib == 0 {
		// this search has no library check
		return
	}
	for i, c := range s.checks {
		if c.code&checkLib == 0 {
			continue
		}
		libs, err, serr := listlibs.GetMatchingLoadedLibraries(proc, c.regex)
		if err != nil {
			stats.Failures = append(stats.Failures, err.Error())
		}
		if len(serr) > 0 && s.Options.LogFailures {
			stats.Failures = append(stats.Failures, err.Error())
			if debug {
				for _, err := range serr {
					fmt.Printf("checkLibraries: soft error -> %v\n", err)
				}
			}
		}
		if len(libs) > 0 {
			if debug {
				fmt.Printf("checkLibraries: proc name '%s' pid %d has libraries matching regex '%s'\n",
					procname, proc.Pid(), c.value)
			}
			c.storeMatch(proc)
		} else {
			matchedall = false
		}
		s.checks[i] = c
	}
	return
}
Example #2
0
func findProcWithLib(r *regexp.Regexp, ps []process.Process) (matches map[process.Process][]string, harderror error, softerrors []error) {
	matches = make(map[process.Process][]string)
	softerrors = make([]error, 0)
	for _, p := range ps {
		libs, hard, softs := listlibs.GetMatchingLoadedLibraries(p, r)
		if hard != nil {
			return nil, hard, softerrors
		}
		softerrors = append(softerrors, softs...)
		if len(libs) != 0 {
			matches[p] = libs
		}
	}
	return matches, nil, softerrors
}