linux-rootkit

Feature-rich interactive rootkit that targets Linux kernel 4.19, accompanied by a dynamic kernel memory analysis GDB plugin for in vivo introspection (e.g. using QEMU)
git clone git://git.deurzen.net/linux-rootkit
Log | Files | Refs
commit 852620cb6692bd4399b38ce27a29acdc11df4cf3
parent 1ed566f9c42e3f7103e84f3b6e9479d8c4a47b11
Author: deurzen <m.deurzen@tum.de>
Date:   Fri,  5 Feb 2021 10:56:13 +0100

slight improvement

Diffstat:

Mproject/type_dict.py | 8++++----


1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/project/type_dict.py b/project/type_dict.py
@@ -100,15 +100,15 @@ class CodeDict():
         # loop over the compound type's fields, attempt to match field we're looking for
         for f in ptype:
             # account for possible bit field
-            bitmask = f.rfind(':')
-            if bitmask > 0:
-                f = f[:bitmask]
+            bitfield = f.rfind(':')
+            if bitfield > 0:
+                f = f[:bitfield]
 
             # account for possible array
             f = re.sub('\[.*?\]', '', f)
 
             # match on field name, everything preceding it is its type
-            name = re.search(f"[^_A-Za-z0-9]({field})[^_A-Za-z0-9]", f)
+            name = re.search(f"[^_A-Za-z]({field})[^_A-Za-z0-9]", f)
 
             # field name was found, extract type and recurse if necessary
             if bool(name):