accept() 不会阻止程序执行
accept() doesn't block the program execution
我开始用 asm (NASM) 编写网络程序,从技术上讲,accept 函数会阻止程序(被动套接字)。好吧,在我的程序中,我执行程序并完成程序。我测试过将 backlog 设置为 1(监听功能),但这不是问题所在...发生了什么?
BITS 32
section .text
global _start
_start:
; Create the socket file descriptor
; int socket(int domain, int type, int protocol);
mov eax, 102 ; __NR_socketcall
mov ebx, 1 ; socketcall type (socket)
; socket parameters
push 0 ; IPPROTO_TCP
push 1 ; SOCK_STREAM
push 2 ; AF_INET
int 0x80 ; socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)
mov edx, eax ; edx = socketfd
; Bind the socket with an address type
; int bind(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
mov eax, 102 ; __NR_socketcall
mov ebx, 2 ; socketcall type (bind)
; build the sockaddr_in struct
push 0 ; INADDR_ANY
push WORD 0x0457 ; port 1111
push WORD 2 ; AF_INET
mov ecx, esp ; struct ptr
; bind parameters
push 16 ; sockaddr struct size = sizeof(struct sockaddr) = 16
push ecx ; sockaddr_in struct ptr
push edx ; socket fd
int 0x80 ; bind(sockfd, {AF_INET, 11111, INADDR_ANY}, 16)
; Prepare to listen the incoming connection (passive socket)
; int listen(int sockfd, int backlog);
mov eax, 102 ; __NR_socketcall
mov ebx, 4 ; socketcall type (listen)
; listen parameters
push 0 ; nº connections in the waiting queue (0 = accept and we haven't queue)
push edx ; socket fd
int 0x80 ; listen(sockfd, 0);
; Accept the incoming connection
; int accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen);
mov eax, 102 ; __NR_socketcall
mov ebx, 5 ; socketcall type (accept)
; accept parameters
push 0
push 0
push edx ; socket fd
int 0x80 ; accept(sockfd, NULL, NULL)
; Exit
; int exit(int status)
mov eax, 1 ; __NR_exit
mov ebx, 0 ; exit code
int 0x80
您在每次参数推送的最后一次推送之后缺少 mov ecx, esp,以及 htons'ing 端口号。您代码的固定版本应如下所示:
BITS 32
section .text
global _start
_start:
; Create the socket file descriptor
; int socket(int domain, int type, int protocol);
mov eax, 102 ; __NR_socketcall
mov ebx, 1 ; socketcall type (socket)
; socket parameters
push 6 ; IPPROTO_TCP
push 1 ; SOCK_STREAM
push 2 ; AF_INET
mov ecx, esp ; <<== uargs* in ecx
int 0x80 ; socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)
mov edx, eax ; edx = socketfd
; Bind the socket with an address type
; int bind(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
mov eax, 102 ; __NR_socketcall
mov ebx, 2 ; socketcall type (bind)
; build the sockaddr_in struct
push 0 ; INADDR_ANY
push WORD 0x5704 ; port 1111 == htons(1111)
push WORD 2 ; AF_INET
mov ecx, esp ; struct ptr
; bind parameters
push 16 ; sockaddr struct size = sizeof(struct sockaddr) = 16
push ecx ; sockaddr_in struct ptr
push edx ; socket fd
mov ecx, esp ; <<== uargs* in ecx
int 0x80 ; bind(sockfd, {AF_INET, 11111, INADDR_ANY}, 16)
; Prepare to listen the incoming connection (passive socket)
; int listen(int sockfd, int backlog);
mov eax, 102 ; __NR_socketcall
mov ebx, 4 ; socketcall type (listen)
; listen parameters
push 0 ; nº connections in the waiting queue (0 = accept and we haven't queue)
push edx ; socket fd
mov ecx, esp ; <<== uargs* in ecx
int 0x80 ; listen(sockfd, 0);
; Accept the incoming connection
; int accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen);
mov eax, 102 ; __NR_socketcall
mov ebx, 5 ; socketcall type (accept)
; accept parameters
push 0
push 0
push edx ; socket fd
mov ecx, esp ; struct ptr
int 0x80 ; accept(sockfd, NULL, NULL)
; Exit
; int exit(int status)
mov eax, 1 ; __NR_exit
mov ebx, 0 ; exit code
int 0x80
在这种情况下,您对程序执行 strace 以验证您看到系统调用中正在处理的参数是否正确很重要。
如果我们strace你的原始程序我们得到:
socket(PF_UNSPEC, 0, 0) = -1 EFAULT (Bad address)
bind(1459879938, NULL, 2) = -1 EBADF (Bad file descriptor)
listen(1459879938, 0) = -1 EBADF (Bad file descriptor)
accept(1459879938, 0, 0x2) = -1 EBADF (Bad file descriptor)
所有这些看起来都很糟糕。
如果您查看 compat_sys_socketcall 的来源,它会显示:
asmlinkage long compat_sys_socketcall(int call, u32 __user *args)
这意味着 EBX 是调用,而 ECX 指向参数的其余部分。
我开始用 asm (NASM) 编写网络程序,从技术上讲,accept 函数会阻止程序(被动套接字)。好吧,在我的程序中,我执行程序并完成程序。我测试过将 backlog 设置为 1(监听功能),但这不是问题所在...发生了什么?
BITS 32
section .text
global _start
_start:
; Create the socket file descriptor
; int socket(int domain, int type, int protocol);
mov eax, 102 ; __NR_socketcall
mov ebx, 1 ; socketcall type (socket)
; socket parameters
push 0 ; IPPROTO_TCP
push 1 ; SOCK_STREAM
push 2 ; AF_INET
int 0x80 ; socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)
mov edx, eax ; edx = socketfd
; Bind the socket with an address type
; int bind(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
mov eax, 102 ; __NR_socketcall
mov ebx, 2 ; socketcall type (bind)
; build the sockaddr_in struct
push 0 ; INADDR_ANY
push WORD 0x0457 ; port 1111
push WORD 2 ; AF_INET
mov ecx, esp ; struct ptr
; bind parameters
push 16 ; sockaddr struct size = sizeof(struct sockaddr) = 16
push ecx ; sockaddr_in struct ptr
push edx ; socket fd
int 0x80 ; bind(sockfd, {AF_INET, 11111, INADDR_ANY}, 16)
; Prepare to listen the incoming connection (passive socket)
; int listen(int sockfd, int backlog);
mov eax, 102 ; __NR_socketcall
mov ebx, 4 ; socketcall type (listen)
; listen parameters
push 0 ; nº connections in the waiting queue (0 = accept and we haven't queue)
push edx ; socket fd
int 0x80 ; listen(sockfd, 0);
; Accept the incoming connection
; int accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen);
mov eax, 102 ; __NR_socketcall
mov ebx, 5 ; socketcall type (accept)
; accept parameters
push 0
push 0
push edx ; socket fd
int 0x80 ; accept(sockfd, NULL, NULL)
; Exit
; int exit(int status)
mov eax, 1 ; __NR_exit
mov ebx, 0 ; exit code
int 0x80
您在每次参数推送的最后一次推送之后缺少 mov ecx, esp,以及 htons'ing 端口号。您代码的固定版本应如下所示:
BITS 32
section .text
global _start
_start:
; Create the socket file descriptor
; int socket(int domain, int type, int protocol);
mov eax, 102 ; __NR_socketcall
mov ebx, 1 ; socketcall type (socket)
; socket parameters
push 6 ; IPPROTO_TCP
push 1 ; SOCK_STREAM
push 2 ; AF_INET
mov ecx, esp ; <<== uargs* in ecx
int 0x80 ; socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)
mov edx, eax ; edx = socketfd
; Bind the socket with an address type
; int bind(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
mov eax, 102 ; __NR_socketcall
mov ebx, 2 ; socketcall type (bind)
; build the sockaddr_in struct
push 0 ; INADDR_ANY
push WORD 0x5704 ; port 1111 == htons(1111)
push WORD 2 ; AF_INET
mov ecx, esp ; struct ptr
; bind parameters
push 16 ; sockaddr struct size = sizeof(struct sockaddr) = 16
push ecx ; sockaddr_in struct ptr
push edx ; socket fd
mov ecx, esp ; <<== uargs* in ecx
int 0x80 ; bind(sockfd, {AF_INET, 11111, INADDR_ANY}, 16)
; Prepare to listen the incoming connection (passive socket)
; int listen(int sockfd, int backlog);
mov eax, 102 ; __NR_socketcall
mov ebx, 4 ; socketcall type (listen)
; listen parameters
push 0 ; nº connections in the waiting queue (0 = accept and we haven't queue)
push edx ; socket fd
mov ecx, esp ; <<== uargs* in ecx
int 0x80 ; listen(sockfd, 0);
; Accept the incoming connection
; int accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen);
mov eax, 102 ; __NR_socketcall
mov ebx, 5 ; socketcall type (accept)
; accept parameters
push 0
push 0
push edx ; socket fd
mov ecx, esp ; struct ptr
int 0x80 ; accept(sockfd, NULL, NULL)
; Exit
; int exit(int status)
mov eax, 1 ; __NR_exit
mov ebx, 0 ; exit code
int 0x80
在这种情况下,您对程序执行 strace 以验证您看到系统调用中正在处理的参数是否正确很重要。
如果我们strace你的原始程序我们得到:
socket(PF_UNSPEC, 0, 0) = -1 EFAULT (Bad address)
bind(1459879938, NULL, 2) = -1 EBADF (Bad file descriptor)
listen(1459879938, 0) = -1 EBADF (Bad file descriptor)
accept(1459879938, 0, 0x2) = -1 EBADF (Bad file descriptor)
所有这些看起来都很糟糕。
如果您查看 compat_sys_socketcall 的来源,它会显示:
asmlinkage long compat_sys_socketcall(int call, u32 __user *args)
这意味着 EBX 是调用,而 ECX 指向参数的其余部分。