.

benfred · Nov 1, 2024 · 846e5c0 · 846e5c0
1 parent 7f361ff
commit 846e5c0
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 24 deletions.
diff --git a/src/binary_parser.rs b/src/binary_parser.rs
@@ -14,6 +14,7 @@ pub struct BinaryInfo {
     pub bss_addr: u64,
     pub bss_size: u64,
     pub pyruntime_addr: u64,
+    #[allow(dead_code)]
     pub pyruntime_size: u64,
     #[allow(dead_code)]
     pub addr: u64,

diff --git a/src/python_process_info.rs b/src/python_process_info.rs
@@ -456,37 +456,21 @@ where
     P: ProcessMemory,
 {
     // First check the pyruntime section it was found
+    //  TODO: if this works, won't be correct for python 3.10
     if binary.pyruntime_addr != 0 {
-        info!(
-            "getting interpreter addresses from {:#016x} {}",
-            binary.pyruntime_addr, binary.pyruntime_size
-        );
-        let bss = process.copy(
-            binary.pyruntime_addr as usize,
-            binary.pyruntime_size as usize,
+        let addr = process.copy_struct(
+            binary.pyruntime_addr as usize + pyruntime::get_interp_head_offset(version),
         )?;
-        #[allow(clippy::cast_ptr_alignment)]
-        let addrs = unsafe {
-            slice::from_raw_parts(bss.as_ptr() as *const usize, bss.len() / size_of::<usize>())
-        };
-        if let Ok(addr) = check_interpreter_addresses(addrs, maps, process, version, true) {
+        if let Ok(addr) = check_interpreter_addresses(&[addr], maps, process, version, true) {
             return Ok(addr);
         }
 
-        // try again with different alignment
-        info!("pyruntime+4bytes");
-        let bss = process.copy(
-            binary.pyruntime_addr as usize + 4,
-            binary.pyruntime_size as usize - 4,
-        )?;
-        #[allow(clippy::cast_ptr_alignment)]
-        let addrs = unsafe {
-            slice::from_raw_parts(bss.as_ptr() as *const usize, bss.len() / size_of::<usize>())
-        };
-        if let Ok(addr) = check_interpreter_addresses(addrs, maps, process, version, true) {
+        info!("failed to get from pyruntime_addr");
+        let addr = process.copy_struct(binary.pyruntime_addr as usize + 28)?;
+        if let Ok(addr) = check_interpreter_addresses(&[addr], maps, process, version, true) {
             return Ok(addr);
         }
-        info!("failed to get interpreter address from pyruntime section");
+        info!("failed to get from pyruntime_addr2");
     }
 
     // We're going to scan the BSS/data section for things, and try to narrowly scan things that