'dict' object has no attribute 'split' when using grep command

[ebubekirtrkr]

When using grep command in gef it throws an error which is

[+] Searching '/bin/sh' in memory
[!] Command 'search-pattern' failed to execute properly, reason: 'dict' object has no attribute 'split'

Here is the debug version

[+] Searching '/bin/sh' in memory

─────────────────────────────── Exception raised ───────────────────────────────
AttributeError: 'dict' object has no attribute 'split'
───────────────────────────── Detailed stacktrace ──────────────────────────────
↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 571, in colorify()
    →             msg = [colors[attr] for attr in attrs.split() if attr in colors]

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 224, in highlight_text()
    →                     ansiSplit[index] = val.replace(match, Color.colorify(match, color))

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 234, in <listcomp>()
    →         parts = [highlight_text(a) for a in args]

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 234, in gef_print()
    →         parts = [highlight_text(a) for a in args]

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 1653, in ok()
    →         gef_print(f"{Color.colorify('[+]', 'bold green')} {msg}")

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 6048, in print_section()
    →             ok(title)

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 6113, in search_pattern()
    →                             self.print_section(addr_loc_start.section)

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 6159, in do_invoke()
    →                 self.search_pattern(pattern, "")

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 358, in wrapper()
    →                 return f(*args, **kwargs)

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 255, in wrapper()
    →                 rv = f(*args, **kwargs)

↳ File "~/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py", line 4599, in invoke()
    →                 bufferize(self.do_invoke)(argv)

─────────────────────────────────── Version ────────────────────────────────────
GEF: (Standalone)
Blob Hash(/home/XXXXXX/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py): 026b5ed9e1a48703e9dd36deb30a08761edeab00
SHA256(/home/XXXXXX/.gef-283690ae9bfcecbb3deb80cd275d327c46b276b5.py): 1bd8d5c72cd60e1ae725b5f688fbe078c65a7bdb6672b48ab44848f790275979
GDB: 9.2
GDB-Python: 3.8
Loaded commands: $, aliases, aliases add, aliases ls, aliases rm, aslr, assemble, canary, capstone-disassemble, checksec, context, dereference, edit-flags, elf-info, entry-break, format-string-helper, functions, gef-remote, got, heap, heap arenas, heap bins, heap bins fast, heap bins large, heap bins small, heap bins tcache, heap bins unsorted, heap chunk, heap chunks, heap set-arena, heap-analysis-helper, hexdump, hexdump byte, hexdump dword, hexdump qword, hexdump word, highlight, highlight add, highlight clear, highlight list, highlight remove, hijack-fd, ida-interact, is-syscall, ksymaddr, memory, memory list, memory reset, memory unwatch, memory watch, name-break, nop, patch, patch byte, patch dword, patch qword, patch string, patch word, pattern, pattern create, pattern search, pcustom, pcustom edit, pcustom list, pcustom show, pie, pie attach, pie breakpoint, pie delete, pie info, pie remote, pie run, print-format, process-search, process-status, registers, reset-cache, ropper, scan, search-pattern, set-permission, shellcode, shellcode get, shellcode search, stub, syscall-args, theme, trace-run, unicorn-emulate, version, vmmap, xfiles, xinfo, xor-memory, xor-memory display, xor-memory patch
───────────────────────────── Last 10 GDB commands ─────────────────────────────
  251  grep "/bin/sh"
  252  ni
  253  grep "/bin/sh"
  254  gef gef.debug false
  255  gef config gef.debug false
  256  gef save
  257  gef save
  258  grep "/bin/sh"
  259  gef config gef.debug true
  260  grep "/bin/sh"
───────────────────────────── Runtime environment ──────────────────────────────
* GDB: 9.2
* Python: 3.8.10 - final
Python Exception <class 'AttributeError'> 'dict' object has no attribute 'split':
Python Exception <class 'gdb.error'> Error occurred in Python: 'dict' object has no attribute 'split':
Error occurred in Python: Error occurred in Python: 'dict' object has no attribute 'split'

I think problem is in the load_libc_args() function, there is a misuse of gef.ui.highlight_table varible it should be something else. In the highlight_text function Line 224 Color.colorify takes two string argument but color is an dict because of the Line 3518.

I fixed it temporary by adding highlight_table to GefSessionManager class then changing gef.ui.highlight_table to gef.session.highlight_table in load_libc_args, but i dont know if it is real solution.

gef/gef.py

Line 3518 in 283690a

gef.ui.highlight_table[_arch_mode] = json.load(_libc_args)

gef/gef.py

Line 224 in 283690a

ansiSplit[index] = val.replace(match, Color.colorify(match, color))

[hugsy]

Thanks for the report. I can confirm the bug.

Quick repro:

$ grep libc_arch ~/.gef.rc
11:libc_args = True
12:libc_args_path = ~/code/gef-extras/glibc-function-args
$ gdb -ex start -ex 'grep /bin/sh' /tmp/default.out

@ebubekirtrkr In the mean time a quick workaround for now is simply to disable libc_args like this gef config context.libc_args false. Another workaround is also to remove the text highlighting you have defined.

[hugsy]

The bug is identified and quickly fixed. Once PR is merged we'll push the change to master so you'll just have to update your gef to get the latest version.

Thanks!

[ebubekirtrkr]

Thanks for reply, looking forward to merge

[hugsy]

Thanks for reply, looking forward to merge

It's now merged in dev. You shouldn't have any problem.

Cheers