diff --git a/user/module/const.go b/user/module/const.go index 377b9301f..02c8329d9 100644 --- a/user/module/const.go +++ b/user/module/const.go @@ -47,10 +47,6 @@ const ( MasterKeyHookFuncBoringSSL = "SSL_in_init" ) -// buffer size times of ebpf perf map -// buffer size = BufferSizeOfEbpfMap * os.pagesize -const BufferSizeOfEbpfMap = 1024 * 10 - const ( MasterSecretKeyLogName = "ecapture_masterkey.log" ) diff --git a/user/module/const_androidgki.go b/user/module/const_androidgki.go new file mode 100644 index 000000000..5da32d4fe --- /dev/null +++ b/user/module/const_androidgki.go @@ -0,0 +1,8 @@ +//go:build androidgki +// +build androidgki + +package module + +// buffer size times of ebpf perf map +// buffer size = BufferSizeOfEbpfMap * os.pagesize +const BufferSizeOfEbpfMap = 1024 diff --git a/user/module/const_linux.go b/user/module/const_linux.go new file mode 100644 index 000000000..911b0db41 --- /dev/null +++ b/user/module/const_linux.go @@ -0,0 +1,8 @@ +//go:build !androidgki +// +build !androidgki + +package module + +// buffer size times of ebpf perf map +// buffer size = BufferSizeOfEbpfMap * os.pagesize +const BufferSizeOfEbpfMap = 1024 * 10 diff --git a/user/module/probe_openssl.go b/user/module/probe_openssl.go index fdff1aae2..43add406b 100644 --- a/user/module/probe_openssl.go +++ b/user/module/probe_openssl.go @@ -608,6 +608,10 @@ func (m *MOpenSSLProbe) saveMasterSecretBSSL(secretEvent *event.MasterSecretBSSL default: var length int length = int(secretEvent.HashLen) + if length > event.EvpMaxMdSize { + m.logger.Println("master secret length is too long, truncate to 64 bytes, but it may cause keylog file error") + length = event.EvpMaxMdSize + } // 判断 密钥是否为空 if m.bSSLEvent13NullSecrets(secretEvent) { return @@ -647,6 +651,9 @@ func (m *MOpenSSLProbe) bSSLEvent12NullSecrets(e *event.MasterSecretBSSLEvent) b var isNull = true var hashLen = int(e.HashLen) for i := 0; i < hashLen; i++ { + if hashLen >= len(e.Secret) { + break + } if e.Secret[i] != 0 { isNull = false break