[ext_ida] net code hardening and better error reporting

**broker**:
- receive beacon from dispatcher
- reply to beacon request from idb
- better error reporting and logging
- connect to the dispatcher in the localhost interface

**dispatcher**:
- check port availability
- sends a beacon to the broker if run properly
- support for new command dbg_err
- better error reporting and logging

**syncrays**:
- handle decompilation error (may happen if flooding the engine)

**syncplugin**:
- request beacon from broker
Objective is to prevent or make more explicit issues like
 #33 and #32

Author: bootleg

ext_ida/SyncPlugin.py

@@ -523,7 +523,7 @@ def req_broker(self, hash):
         elif(subtype == 'notice'):
             # notice from broker
             self.broker_port = int(hash['port'])
-            rs_log("<< broker << listening on port %d" % self.broker_port)
+            rs_debug("<< broker << binding on port %d" % self.broker_port)
 
             for attempt in range(rsconfig.CONNECT_BROKER_MAX_ATTEMPT):
                 try:
@@ -543,6 +543,10 @@ def req_broker(self, hash):
                         self.announcement("[sync] failed to connect to broker (attempt %d)" % attempt)
                         raise RuntimeError
 
+            # request broker to validate its beacon
+            time.sleep(0.4)
+            self.beacon_notice()
+
         # enable/disable idb, if disable it drops most sync requests
         elif(subtype == 'enable_idb'):
             self.is_active = True
@@ -616,6 +620,10 @@ def normalize(self, req, taglen):
     def kill_notice(self):
         self.notice_broker("kill")
 
+    # send a beacon notice to the broker
+    def beacon_notice(self):
+        self.notice_broker('beacon')
+
     # send a bp command (F2) to the debugger (via the broker and dispatcher)
     def bp_notice(self, oneshot=False):
         if not self.is_active:
@@ -817,6 +825,7 @@ def __init__(self, parser):
         # create a request handler
         self.worker = RequestHandler(parser)
 
+
 # --------------------------------------------------------------------------
 
 

ext_ida/retsync/broker.py

@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2016-2019, Alexandre Gazet.
+# Copyright (C) 2016-2020, Alexandre Gazet.
 #
 # Copyright (C) 2012-2015, Quarkslab.
 #
@@ -30,6 +30,7 @@
 import subprocess
 import socket
 import select
+from contextlib import contextmanager
 
 try:
     from ConfigParser import SafeConfigParser
@@ -106,16 +107,14 @@ def run_dispatcher(self):
         tokenizer = shlex.shlex(cmdline)
         tokenizer.whitespace_split = True
         args = [arg.replace('\"', '') for arg in list(tokenizer)]
-
         try:
             proc = subprocess.Popen(args, shell=False,
                                     stdout=subprocess.PIPE,
                                     stderr=subprocess.PIPE)
             pid = proc.pid
         except (OSError, ValueError):
             pid = None
-            self.announcement('failed to run dispatcher')
-            err_log('failed to run dispatcher')
+            self.err_log('failed to run dispatcher')
 
         time.sleep(0.2)
         return pid
@@ -125,7 +124,7 @@ def notify(self):
             try:
                 self.notify_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                 self.notify_socket.settimeout(2)
-                self.notify_socket.connect((HOST, PORT))
+                self.notify_socket.connect(('127.0.0.1', PORT))
                 break
             except socket.error:
                 self.notify_socket.close()
@@ -163,16 +162,18 @@ def recvall(self, client):
             if data == '':
                 raise Exception('rabbit eating the cable')
         except socket.error:
-            self.announcement('dispatcher connection error, quitting')
-            sys.exit()
+            self.err_log('dispatcher connection error, quitting')
 
         return client.feed(data)
 
     def req_dispatcher(self, s, hash):
         subtype = hash['subtype']
-        if (subtype == 'msg'):
+        if subtype == 'msg':
             msg = hash['msg']
             self.announcement("dispatcher msg: %s" % msg)
+        elif subtype == 'beacon':
+            # dispatcher sends a beacon at startup
+            self.beaconed = True
 
     def req_cmd(self, s, hash):
         cmd = hash['cmd']
@@ -185,6 +186,12 @@ def req_kill(self, s, hash):
             s.close()
         sys.exit()
 
+    # idb is checking if broker has received beacon from dispatcher
+    def req_beacon(self, s, hash):
+        if not self.beaconed:
+            self.announcement('beacon not received (possible dispatcher error)')
+            self.req_kill(s, hash)
+
     def parse_exec(self, s, req):
         if not (req[0:8] == '[notice]'):
             self.puts(req)
@@ -195,7 +202,7 @@ def parse_exec(self, s, req):
         try:
             hash = json.loads(req)
         except ValueError:
-            print("[-] broker failed to parse json\n %s" % repr(req))
+            self.announcement("[-] broker failed to parse json\n %s" % repr(req))
             return
 
         type = hash['type']
@@ -239,38 +246,55 @@ def loop(self):
                 else:
                     self.handle(s)
 
-    def __init__(self, name):
-        self.name = name
+    # use logging facility to record the exception and exit
+    def err_log(self, msg):
+        rs_log.exception(msg, exc_info=True)
+        try:
+            # inform idb and dispatcher
+            self.announcement(msg)
+            self.notice_dispatcher('kill')
+        except Exception as e:
+            pass
+        finally:
+            sys.exit()
+
+    def __init__(self):
+        self.name = None
+        self.beaconed = False
         self.opened_sockets = []
         self.clients_list = []
         self.pat = re.compile('dbg disconnected')
         self.req_handlers = {
             'dispatcher': self.req_dispatcher,
             'cmd': self.req_cmd,
-            'kill': self.req_kill
+            'kill': self.req_kill,
+            'beacon': self.req_beacon
         }
 
 
-def err_log(msg=''):
-    rs_log.debug(msg, exc_info=True)
-    sys.exit()
+@contextmanager
+def error_reporting(stage, info=None):
+    try:
+        yield
+    except Exception as e:
+        server.err_log(' error - '.join(filter(None, (stage, info))))
 
 
 if __name__ == "__main__":
 
-    try:
+    server = BrokerSrv()
+
+    with error_reporting('server.env', 'PYTHON_PATH not found'):
         PYTHON_PATH = os.environ['PYTHON_PATH']
-    except Exception as e:
-        err_log('broker failed to retrieve PYTHON_PATH value from env')
 
     parser = argparse.ArgumentParser()
     parser.add_argument('--idb', nargs=1, action='store')
     args = parser.parse_args()
 
-    if not args.idb:
-        err_log('[sync] no idb argument')
+    with error_reporting('server.arg', 'missing idb argument'):
+        server.name = args.idb[0]
 
-    try:
+    with error_reporting('server.config'):
         for loc in ('IDB_PATH', 'USERPROFILE', 'HOME'):
             if loc in os.environ:
                 confpath = os.path.join(os.path.realpath(os.environ[loc]), '.sync')
@@ -281,25 +305,12 @@ def err_log(msg=''):
                         PORT = config.getint('INTERFACE', 'port')
                         HOST = config.get('INTERFACE', 'host')
                     break
-    except Exception as e:
-        err_log('failed to load configuration file')
 
-    server = BrokerSrv(args.idb[0])
-
-    try:
+    with error_reporting('server.bind'):
         server.bind()
-    except socket.error as e:
-        server.announcement('failed to bind')
-        err_log('server.bind error')
 
-    try:
+    with error_reporting('server.notify'):
         server.notify()
-    except Exception as e:
-        server.announcement('failed to notify dispatcher')
-        err_log('server.notify error')
 
-    try:
+    with error_reporting('server.loop'):
         server.loop()
-    except Exception as e:
-        server.announcement('broker stop')
-        err_log('server.loop error')

ext_ida/retsync/dispatcher.py

@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2016-2019, Alexandre Gazet.
+# Copyright (C) 2016-2020, Alexandre Gazet.
 #
 # Copyright (C) 2012-2015, Quarkslab.
 #
@@ -29,6 +29,7 @@
 import select
 import re
 import traceback
+from contextlib import contextmanager
 try:
     from ConfigParser import SafeConfigParser
 except ImportError:
@@ -100,23 +101,35 @@ def __init__(self):
             'idb_n': self.req_idb_n,
             'idb_list': self.req_idb_list,
             'module': self.req_module,
+            'dbg_err': self.req_dbg_err,
             'sync_mode': self.req_sync_mode,
             'cmd': self.req_cmd,
             'bc': self.req_bc,
             'kill': self.req_kill
         }
 
+    def is_port_available(self, host, port):
+        try:
+            sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+            if sys.platform == 'win32':
+                sock.setsockopt(socket.SOL_SOCKET, socket.SO_EXCLUSIVEADDRUSE, 1)
+            sock.bind((host, port))
+        finally:
+            sock.close()
+
+    def bind_sock(self, host, port):
+        self.is_port_available(host, port)
+        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+        sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+        sock.bind((host, port))
+        self.srv_socks.append(sock)
+        return sock
+
     def bind(self, host, port):
-        self.dbg_srv_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-        self.dbg_srv_sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-        self.dbg_srv_sock.bind((host, port))
-        self.srv_socks.append(self.dbg_srv_sock)
+        self.dbg_srv_sock = self.bind_sock(host, port)
 
         if not (socket.gethostbyname(host) == '127.0.0.1'):
-            self.localhost_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-            self.localhost_sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-            self.localhost_sock.bind(('localhost', port))
-            self.srv_socks.append(self.localhost_sock)
+            self.localhost_sock = self.bind_sock('127.0.0.1', port)
 
     def accept(self, s):
         new_socket, addr = s.accept()
@@ -179,7 +192,7 @@ def recvall(self, client):
                 self.dbg_quit()
             else:
                 self.client_quit(client.srv_sock)
-                self.broadcast("a client quit, nb client(s) left: %d" % len(self.idb_clients))
+                self.broadcast("a client quit, %d client(s) left" % len(self.idb_clients))
 
             return []
 
@@ -250,6 +263,10 @@ def forward_all(self, msg, s=None):
         for idbc in self.idb_clients:
             self.forward(msg, idbc.client_sock)
 
+    # send a beacon to the broker
+    def send_beacon(self, s):
+        s.sendall(rs_encode("[notice]{\"type\":\"dispatcher\",\"subtype\":\"beacon\"}\n"))
+
     # disable current idb and enable new idb matched from current module name
     def switch_idb(self, new_idb):
         msg = "[sync]{\"type\":\"broker\",\"subtype\":\"%s\"}\n"
@@ -277,6 +294,9 @@ def req_new_client(self, srv_sock, hash):
             srv_sock.close()
             return
 
+        # send beacon to acknowledge dispatcher presence
+        self.send_beacon(client_sock)
+
         # check if an idb client is already registered with the same name
         conflicting = [client for client in self.idb_clients if (client.name == name)]
 
@@ -429,11 +449,16 @@ def req_module(self, s, hash):
             if self.current_idb and self.current_idb.enabled:
                 self.switch_idb(None)
 
+    # dbg notice of error, e.g. current module resolution failed
+    def req_dbg_err(self, s, hash):
+        if self.sync_mode_auto:
+            self.switch_idb(None)
+
     # sync mode tells if idb switch is automatic or manual
     def req_sync_mode(self, s, hash):
         mode = hash['auto']
         self.broadcast("sync mode auto set to %s" % mode)
-        self.sync_mode_auto = (mode == "on")
+        self.sync_mode_auto = (mode == 'on')
 
     # bc request should be forwarded to all idbs
     def req_bc(self, s, hash):
@@ -444,17 +469,31 @@ def req_cmd(self, s, hash):
         cmd = "%s\n" % hash['cmd']
         self.current_dbg.client_sock.sendall(rs_encode(cmd))
 
+    # use logging facility to record the exception and exit
+    def err_log(self, msg):
+        rs_log.exception(msg, exc_info=True)
+        try:
+            self.announcement('dispatcher stopped')
+            [sckt.close() for sckt in self.srv_socks]
+        except Exception:
+            pass
+        finally:
+            sys.exit()
 
-def err_log(msg):
-    rs_log.debug(msg, exc_info=True)
-    sys.exit()
+
+@contextmanager
+def error_reporting(stage, info=None):
+    try:
+        yield
+    except Exception as e:
+        server.err_log(' error - '.join(filter(None, (stage, info))))
 
 
 if __name__ == "__main__":
 
     server = DispatcherSrv()
 
-    try:
+    with error_reporting('server.config'):
         for loc in ('IDB_PATH', 'USERPROFILE', 'HOME'):
             if loc in os.environ:
                 confpath = os.path.join(os.path.realpath(os.environ[loc]), '.sync')
@@ -466,16 +505,9 @@ def err_log(msg):
                         PORT = config.getint('INTERFACE', 'port')
                     server.announcement('configuration file loaded')
                     break
-    except Exception as e:
-        err_log('failed to load configuration file')
 
-    try:
+    with error_reporting('server.bind', '(%s:%s)' % (HOST, PORT)):
         server.bind(HOST, PORT)
-    except Exception as e:
-        err_log("server.bind error %s:%s" % (HOST, PORT))
 
-    try:
+    with error_reporting('server.loop'):
         server.loop()
-    except Exception as e:
-        server.announcement('dispatcher stopped')
-        err_log('server.loop error')