Merge pull request #117 from tklengyel/module_loop

Break module loop when target is found and don't start plugins before…

src/drakvuf.cpp

@@ -153,8 +153,7 @@ int drakvuf_c::start_plugins(const char *dump_folder)
 drakvuf_c::drakvuf_c(const char* domain,
                      const char *rekall_profile,
                      output_format_t output,
-                     int timeout,
-                     const char* dump_folder)
+                     int timeout)
 {
     this->drakvuf = NULL;
     this->interrupted = 0;
@@ -169,11 +168,6 @@ drakvuf_c::drakvuf_c(const char* domain,
 
     this->plugins = new drakvuf_plugins(this->drakvuf, output);
     this->pause();
-
-    if ( !this->start_plugins(dump_folder) ) {
-        this->close();
-        throw -2;
-    }
 }
 
 void drakvuf_c::close()

src/drakvuf.h

@@ -124,8 +124,6 @@ class drakvuf_c {
         drakvuf_plugins* plugins;
         GThread *timeout_thread;
         const char *rekall_profile;
-
-        int start_plugins(const char *dump_folder);
         void close();
 
     public:
@@ -135,8 +133,7 @@ class drakvuf_c {
         drakvuf_c(const char* domain,
                   const char *rekall_profile,
                   output_format_t output,
-                  int timeout,
-                  const char* dump_folder);
+                  int timeout);
         ~drakvuf_c();
 
         int is_initialized();
@@ -145,6 +142,7 @@ class drakvuf_c {
         void pause();
         void resume();
         int inject_cmd(vmi_pid_t injection_pid, const char *inject_cmd);
+        int start_plugins(const char *dump_folder);
 };
 
 #endif

src/libdrakvuf/vmi.c

@@ -734,15 +734,13 @@ bool inject_traps_modules(drakvuf_t drakvuf,
 
         if(out.contents && !strcmp((char*)out.contents,trap->module)) {
             free(out.contents);
-
-            if ( !inject_trap(drakvuf, trap, dllbase, pid) )
-                return 0;
+            return inject_trap(drakvuf, trap, dllbase, pid);
         }
 
         next_module = tmp_next;
     }
 
-    return 1;
+    return 0;
 }
 
 void drakvuf_loop(drakvuf_t drakvuf) {

src/main.cpp

@@ -195,12 +195,7 @@ int main(int argc, char** argv) {
         return rc;
     }
 
-    try {
-        drakvuf = new drakvuf_c(domain, rekall_profile, output, timeout, dump_folder);
-    } catch(int e) {
-        printf("Failed to initialize DRAKVUF (%i)!\n", e);
-        return rc;
-    }
+    drakvuf = new drakvuf_c(domain, rekall_profile, output, timeout);
 
     /* for a clean exit */
     act.sa_handler = close_handler;
@@ -217,6 +212,10 @@ int main(int argc, char** argv) {
             goto exit;
     }
 
+    rc = drakvuf->start_plugins(dump_folder);
+    if (!rc)
+        goto exit;
+
     /* Start the event listener */
     drakvuf->loop();
     rc = 1;