From 38966a58203355d6040e9487f07d8f8289333ebe Mon Sep 17 00:00:00 2001
From: Jari Vetoniemi <mailroxas@gmail.com>
Date: Sun, 18 Nov 2018 07:37:09 +0200
Subject: add src/libc-antiantidebug.c

---
 Makefile                 |  2 +-
 src/libc-antiantidebug.c | 41 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 src/libc-antiantidebug.c

diff --git a/Makefile b/Makefile
index 5e42e9e..e91dc1b 100644
--- a/Makefile
+++ b/Makefile
@@ -37,7 +37,7 @@ runtime/libc.so: private override CPPFLAGS += -D_GNU_SOURCE
 runtime/libc.so: private override LDFLAGS += -Wl,-wrap,_IO_file_xsputn
 runtime/libc.so: private override CFLAGS += -Wno-deprecated-declarations
 runtime/libc.so: private override LDLIBS += `pkg-config --libs libbsd libunwind`
-runtime/libc.so: verbose src/libc.c src/libc-stdio.c src/libc-sha1.c
+runtime/libc.so: verbose src/libc.c src/libc-stdio.c src/libc-sha1.c src/libc-antiantidebug.c
 runtime/libpthread.so: private override CPPFLAGS += -D_GNU_SOURCE
 runtime/libpthread.so: private override LDLIBS += -lpthread
 runtime/libpthread.so: src/libpthread.c
diff --git a/src/libc-antiantidebug.c b/src/libc-antiantidebug.c
new file mode 100644
index 0000000..940f6a1
--- /dev/null
+++ b/src/libc-antiantidebug.c
@@ -0,0 +1,41 @@
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+#include <fcntl.h>
+
+int
+bionic_open(const char *path, int oflag, ...)
+{
+   // Hide TracerPid from /proc/self/status for hideous apps that check for debugger.
+   // Note, since /proc/self/status doesn't get updated anymore, this may break some stuff.
+   // XXX: Turn this ON/OFF with env var maybe?
+   if (!strcmp(path, "/proc/self/status")) {
+      static FILE *faked = NULL;
+
+      if (!faked) {
+         static char status[4096];
+
+         {
+            FILE *f = fopen(path, "rb");
+            assert(f && "/proc/self/status failed to open :/");
+            const size_t ret = fread(status, 1, sizeof(status), f);
+            assert(ret <= sizeof(status) && "/proc/self/status doesn't fit in 4096 bytes :/");
+            fclose(f);
+         }
+
+         for (char *s, *e; (s = strstr(status, "TracerPid:\t"));) {
+            for (e = s; (size_t)(e - status) < sizeof(status) && *e && *e != '\n'; ++e);
+            memmove(s, e, sizeof(status) - (e - status));
+            break;
+         }
+
+         printf("%s\n", status);
+         faked = fmemopen(status, sizeof(status), "rb");
+         assert(faked && "fmemopen failed :/");
+      }
+
+      return fileno(faked);
+   }
+
+   return open(path, oflag);
+}
-- 
cgit v1.2.3