ChildProcessError: [Errno 10] No child processes and module 'os' has no attribute 'WCOREDUMP'

Question

ChildProcessError: [Errno 10] No child processes and module 'os' has no attribute 'WCOREDUMP'

Chinakentgao opened this issue 2 years ago · 4 comments

Report

C:\Users\windows\Desktop\boofuzz-0.4.1>python process_monitor.py
[08:59.13] Process Monitor PED-RPC server initialized:
[08:59.13] listening on: 0.0.0.0:26002
[08:59.13] crash file: C:\Users\windows\Desktop\boofuzz-0.4.1\boofuzz-crash-bin
[08:59.13] # records: 0
[08:59.13] proc name: None
[08:59.13] log level: 1
[08:59.13] awaiting requests...
[08:59.18] updating stop commands to: ['wmic process where (name="dostackbufferoverflowgood") delete']
[08:59.18] updating start commands to: ['C:\dostackbufferoverflowgood.exe']
[08:59.18] updating crash bin filename to 'boofuzz-crash-bin-2023-03-20T12-59-17'
[08:59.18] Starting target...
[08:59.18] starting target process
[08:59.18] exec start command: C:\dostackbufferoverflowgood.exe
[08:59.18] done. target up and running, giving it 5 seconds to settle in.
[+] Listening for connections.
[08:59.23] attached to pid: 3076
Exception in thread Thread-1:
Traceback (most recent call last):
File "C:\Python310\lib\threading.py", line 1016, in _bootstrap_inner
self.run()
File "C:\Users\windows\Desktop\boofuzz-0.4.1\boofuzz\utils\debugger_thread_simple.py", line 155, in run
exit_info = os.waitpid(self.pid, 0)
ChildProcessError: [Errno 10] No child processes
Received connection from remote host.
Connection handed off to handler thread.

After I bypassed the first error by relying on annotations, I tested the process crashing with another error.

Received connection from remote host.
Exception in thread [09:37.42] done. waiting for start command to terminate.
Thread-6:
[09:37.42] searching for process by name "dostackbufferoverflowgood.exe"
Traceback (most recent call last):
File "C:\Python310\lib\threading.py", line 1016, in _bootstrap_inner
self.run()
File "c:\Users\windows\Desktop\boofuzz-0.4.1\boofuzz\utils\debugger_thread_simple.py", line 160, in run
if os.WCOREDUMP(self.exit_status):
AttributeError: module 'os' has no attribute 'WCOREDUMP'

Expected behavior

windows 10 pro python3.10.10 running the process_monitor.py

Actual behavior

No response

Steps to reproduce the problem

1.ChildProcessError: [Errno 10] No child processes
2.AttributeError: module 'os' has no attribute 'WCOREDUMP'

boofuzz script

No response

boofuzz version

0.4.1

Python version

3.10

Platform

Windows

Anything else?

No response

Answer 1 · 2023-03-20T14:54:59.000Z

@Chinakentgao I Googled a bit and found https://docs.python.org/3/library/os.html#os.WCOREDUMP -- WCOREDUMP is Unix only, so this is indeed a bug.

The Windows procmon functionality has kind of fallen behind due to lack of attention. I think we disabled pydbg by default due to its lack of support (IIRC you need 32-bit Python and and maybe Python 2 as well), but there was probably a lack of Windows testing.

My best suggestion is to hack at the procmon code until it works with Windows. For example you might start with:

if hasattr(os, 'WCOREDUMP') and os.WCOREDUMP

for starters. The procmon code is a bit tricky and requires some interaction with the OS. Good luck!

Also hot tip: You can use markdown formatting in your issues to format code, which will make it easier for everyone to read. :)

Answer 2 · 2023-03-20T15:01:59.000Z

As a shameless plug, you can use my Vtrace-based monitor to get a target debugger-based monitor as well

Answer 3 · 2023-03-21T01:44:06.000Z

As a shameless plug, you can use my Vtrace-based monitor to get a target debugger-based monitor as well

Thanks for your advice!

Answer 4 · 2023-03-21T01:48:53.000Z

@Chinakentgao I Googled a bit and found https://docs.python.org/3/library/os.html#os.WCOREDUMP -- WCOREDUMP is Unix only, so this is indeed a bug.

The Windows procmon functionality has kind of fallen behind due to lack of attention. I think we disabled pydbg by default due to its lack of support (IIRC you need 32-bit Python and and maybe Python 2 as well), but there was probably a lack of Windows testing.

My best suggestion is to hack at the procmon code until it works with Windows. For example you might start with:
if hasattr(os, 'WCOREDUMP') and os.WCOREDUMP
for starters. The procmon code is a bit tricky and requires some interaction with the OS. Good luck!

Also hot tip: You can use markdown formatting in your issues to format code, which will make it easier for everyone to read. :)

I try to solve this problem using this method https://github.com/jtpereyda/boofuzz/issues/667#issuecomment-1476395074