Make gdb.attach work with arrays instead of string concatenation (#1846)

* Make gdb.attach work with arrays instead of string concatenation This results in a simpler set of code that is more resilient to issues with quoting and files with spaces in their name. * Remove detach_and_quit for now, this was for Docker CI testing * Fix typo * Fix lint errors * shlex.quote is unavailable on Python3 * Update CHANGELOG.md * With no escaping comes no escaping Co-authored-by: Arusekk <arek_koz@o2.pl>
Gallopsled · Apr 28, 2021 · ad251a8 · ad251a8
1 parent 603e5ba
commit ad251a8
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 23 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -64,11 +64,13 @@ The table below shows which release corresponds to each branch, and what date th
 - [#1739][1739] Add/fix shellcraft.linux.kill() / shellcraft.linux.killparent()
 - [#1746][1746] Prefer Python3 over Python2 for spawning remote processes over SSH
 - [#1776][1776] mips: do not use $t0 temporary variable in dupio
+- [#1846][1846] support launching GDB in more different terminals
 
 [1429]: https://github.com/Gallopsled/pwntools/pull/1429
 [1739]: https://github.com/Gallopsled/pwntools/pull/1739
 [1746]: https://github.com/Gallopsled/pwntools/pull/1746
 [1776]: https://github.com/Gallopsled/pwntools/pull/1776
+[1846]: https://github.com/Gallopsled/pwntools/pull/1846
 
 ## 4.5.0 (`beta`)
 

diff --git a/pwnlib/gdb.py b/pwnlib/gdb.py
@@ -144,6 +144,7 @@
 from contextlib import contextmanager
 import os
 import platform
+import psutil
 import random
 import re
 import shlex
@@ -495,7 +496,7 @@ def debug(args, gdbscript=None, exe=None, ssh=None, env=None, sysroot=None, api=
         Connect to the SSH server and start a process on the server
 
         >>> shell = ssh('travis', 'example.pwnme', password='demopass')
-        >>> io = gdb.debug(['bash'],
+        >>> io = gdb.debug(['whoami'],
         ...                 ssh = shell,
         ...                 gdbscript = '''
         ... break main
@@ -915,12 +916,9 @@ def attach(target, gdbscript = '', exe = None, gdb_args = None, ssh = None, sysr
             cmd = ['sshpass', '-p', shell.password] + cmd
         if shell.keyfile:
             cmd += ['-i', shell.keyfile]
-        exefile = target.executable
-        cmd += ['gdb -q %s %s -x "%s"' % (exefile,
-                                       target.pid,
-                                       tmpfile)]
+        cmd += ['gdb', '-q', target.executable, target.pid, '-x', tmpfile]
 
-        misc.run_in_new_terminal(' '.join(cmd))
+        misc.run_in_new_terminal(cmd)
         return
 
     elif isinstance(target, tubes.sock.sock):
@@ -985,30 +983,29 @@ def findexe():
         log.error('could not find target process')
 
     gdb_binary = binary()
-    cmd = gdb_binary
+    cmd = [gdb_binary]
 
     if gdb_args:
-        cmd += ' '
-        cmd += ' '.join(gdb_args)
+        cmd += gdb_args
 
     if context.gdbinit:
-        cmd += ' -nh '                     # ignore ~/.gdbinit
-        cmd += ' -x %s ' % context.gdbinit # load custom gdbinit
+        cmd += ['-nh']                  # ignore ~/.gdbinit
+        cmd += ['-x', context.gdbinit]  # load custom gdbinit
 
-    cmd += ' -q '
+    cmd += ['-q']
 
     if exe and context.native:
         if not ssh and not os.path.isfile(exe):
             log.error('No such file: %s', exe)
-        cmd += ' "%s"' % exe
+        cmd += [exe]
 
     if pid and not context.os == 'android':
-        cmd += ' %d' % pid
+        cmd += [str(pid)]
 
     if context.os == 'android' and pid:
         runner  = _get_runner()
         which   = _get_which()
-        gdb_cmd = _gdbserver_args(pid=pid, which=which, env=env)
+        gdb_cmd = _gdbserver_args(pid=pid, which=which)
         gdbserver = runner(gdb_cmd)
         port    = _gdbserver_port(gdbserver, None)
         host    = context.adb_host
@@ -1039,7 +1036,7 @@ def findexe():
 
         tmp.write(gdbscript)
         tmp.close()
-        cmd += ' -x %s' % (tmp.name)
+        cmd += ['-x', tmp.name]
 
     log.info('running in new terminal: %s', cmd)
 
@@ -1297,20 +1294,20 @@ def corefile(process):
     gdb_args = ['-batch',
                 '-q',
                 '-nx',
-                '-ex', '"set pagination off"',
-                '-ex', '"set height 0"',
-                '-ex', '"set width 0"',
-                '-ex', '"set use-coredump-filter on"',
-                '-ex', '"generate-core-file %s"' % corefile_path,
+                '-ex', 'set pagination off',
+                '-ex', 'set height 0',
+                '-ex', 'set width 0',
+                '-ex', 'set use-coredump-filter on',
+                '-ex', 'generate-core-file %s' % corefile_path,
                 '-ex', 'detach']
 
     with context.local(terminal = ['sh', '-c']):
         with context.quiet:
             pid = attach(process, gdb_args=gdb_args)
             log.debug("Got GDB pid %d", pid)
             try:
-                os.waitpid(pid, 0)
-            except Exception:
+                psutil.Process(pid).wait()
+            except psutil.Error:
                 pass
 
     if not os.path.exists(corefile_path):