edb-debugger icon indicating copy to clipboard operation
edb-debugger copied to clipboard

Published 20 hours ago verified publisher icon eteran

Set Environment Variables

Open GoogleCodeExporter opened this issue 9 years ago • 7 comments

I would it if the Environment Viewer plugin could set the environment variables it finds.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

GoogleCodeExporter avatar Mar 29 '15 00:03 GoogleCodeExporter

Adding new variables would be nice too.

GoogleCodeExporter avatar Mar 29 '15 00:03 GoogleCodeExporter

Besides, there is currently no way to set (not just edit) environment variables before execution, execle() style. That would be really handy.

GoogleCodeExporter avatar Mar 29 '15 00:03 GoogleCodeExporter

So, I think the way to do this most "correctly" would be do the following:

  1. allocate a new page in the foreign process, probably by forcing a mmap call
  2. copy the existing environment to that page
  3. modify as needed in the new copy
  4. set the libc's environment pointer to that new page

Now here's the real question: We know how to do all of the above, but have not had any particular demand for this feature. Do we need an issue for this given that if needed, we know how to do it?

PS: if the new values are in total smaller than the previous ones, then we can just overwrite the stuff in the environment directly.

eteran avatar Jan 03 '17 18:01 eteran

set the libc's environment pointer to that new page

What if the app isn't using libc, like fasm? Although fasm doesn't check environment, a similar app can still use it.

10110111 avatar Jan 03 '17 18:01 10110111

Good point, we'd probably want to find some pointer which is the most "fundamental" to work with then

eteran avatar Jan 03 '17 22:01 eteran

To execute the child don't we fork and exec? Can't we call setenv before we exec? I believe we already do this for some environment variables.

On Jan 3, 2017 4:26 PM, "Evan Teran" [email protected] wrote:

Good point, we'd probably want to find some pointer which is the most "fundamental" to work with then

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/eteran/edb-debugger/issues/14#issuecomment-270243130, or mute the thread https://github.com/notifications/unsubscribe-auth/ABIk4R0y0PZApZmpI7qAl6kR_pQXZcchks5rOsr6gaJpZM4LZ4me .

AaronOpfer avatar Jan 04 '17 00:01 AaronOpfer

@AaronOpfer yes, we do and that will cover setting environment variables for a process we are about to start. When I first wrote this FR, I was thinking more along the lines of changing the environment of a process that is already running.

eteran avatar Jan 04 '17 04:01 eteran