Add the ability to dump memory and vads for binaries.#4
Conversation
|
|
||
| # All done, write the stamp | ||
| stampfile = os.path.join(logdir, 'stamps', run_id) | ||
| stampfile = os.path.join(logdir, 'stamps', sample_name) |
There was a problem hiding this comment.
What's the idea behind these changes? IIRC, run_id was intended to be a UUID, whereas sample_name was the filename of the sample. I had been trying to use run_id everywhere because we may want to run the same sample more than once. (But I may be misremembering the purpose of these variables)
There was a problem hiding this comment.
Right for the purpose of dumping the memory and finding the process in the list of dumped vads later on having the name was pretty important. One solution here would be to add a cli argument for naming scheme type so that either are available. What do you think?
There was a problem hiding this comment.
Hmm, right now the UUID to filename map is put into an sqlite database so it can be retrieved later for things like matching the VADs. Would that work here?
|
This looks pretty good, modulo one comment about |
|
Sure can, will get to this shortly |
2 participants
Hey professor, I expect you to have some questions about things I am doing here let me know and I can make changes. I intend to add a markdown file in the next day explaining my steps for getting this up and running as well as the additional code I have here.