From 46e9456fd4ef46ee440102780067f26e58af61d8 Mon Sep 17 00:00:00 2001 From: xerool Date: Sat, 30 Apr 2022 22:37:17 -0500 Subject: [PATCH] linux: wait for process before detach, and send SIGCONT I had issues with the ptrace call failing because the process had not yet stopped from SIGSTOP. From this stackoverflow answer, it seems that you can use waitpid to wait until the process is actually stopped. In python, this is exposed as os.waitpid. https://stackoverflow.com/questions/20510300/ptrace-detach-fails-after-ptrace-cont-with-errno-esrch#20525326 Additionally, the process was left frozen. I send a SIGCONT to continue the process after the detach, so that it isn't left stopped. --- mem_edit/linux.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mem_edit/linux.py b/mem_edit/linux.py index 18f3b8f..aa25a49 100644 --- a/mem_edit/linux.py +++ b/mem_edit/linux.py @@ -58,7 +58,9 @@ class Process(AbstractProcess): def close(self): os.kill(self.pid, signal.SIGSTOP) + os.waitpid(self.pid, 0) ptrace(ptrace_commands['PTRACE_DETACH'], self.pid, 0, 0) + os.kill(self.pid, signal.SIGCONT) self.pid = None def write_memory(self, base_address: int, write_buffer: ctypes_buffer_t):