Add options to print the argument and environment string parameters to

execve().

This could be done in a more general manner but it still wouldn't
be very pretty.

MFC after:	 3 weeks

usr.bin/truss/alpha-fbsd.c

@@ -254,6 +254,24 @@ alpha_syscall_entry(struct trussinfo *trussinfo, int nargs) {
    */
 
   if (!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit")) {
+
+    /* XXX
+     * This could be done in a more general
+     * manner but it still wouldn't be very pretty.
+     */
+    if (!strcmp(fsc.name, "execve")) {
+        if ((trussinfo->flags & EXECVEARGS) == 0)
+          if (fsc.s_args[1]) {
+            free(fsc.s_args[1]);
+            fsc.s_args[1] = NULL;
+          }
+        if ((trussinfo->flags & EXECVEENVS) == 0)
+          if (fsc.s_args[2]) {
+            free(fsc.s_args[2]);
+            fsc.s_args[2] = NULL;
+          }
+    }
+
     print_syscall(trussinfo, fsc.name, fsc.nargs, fsc.s_args);
     fprintf(trussinfo->outfile, "\n");
   }

usr.bin/truss/amd64-fbsd32.c

@@ -233,6 +233,24 @@ i386_syscall_entry(struct trussinfo *trussinfo, int nargs) {
    */
 
   if (!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit")) {
+
+    /* XXX
+     * This could be done in a more general
+     * manner but it still wouldn't be very pretty.
+     */
+    if (!strcmp(fsc.name, "execve")) {
+        if ((trussinfo->flags & EXECVEARGS) == 0)
+	  if (fsc.s_args[1]) {
+            free(fsc.s_args[1]);
+            fsc.s_args[1] = NULL;
+          }
+        if ((trussinfo->flags & EXECVEENVS) == 0)
+	  if (fsc.s_args[2]) {
+            free(fsc.s_args[2]);
+            fsc.s_args[2] = NULL;
+          }
+    }
+
     print_syscall(trussinfo, fsc.name, fsc.nargs, fsc.s_args);
     fprintf(trussinfo->outfile, "\n");
   }

usr.bin/truss/amd64-linux32.c

@@ -182,6 +182,24 @@ i386_linux_syscall_entry(struct trussinfo *trussinfo, int nargs) {
   }
 
   if (!strcmp(lsc.name, "linux_execve") || !strcmp(lsc.name, "exit")) {
+
+    /* XXX
+     * This could be done in a more general
+     * manner but it still wouldn't be very pretty.
+     */
+    if (!strcmp(lsc.name, "linux_execve")) {
+        if ((trussinfo->flags & EXECVEARGS) == 0)
+          if (lsc.s_args[1]) {
+            free(lsc.s_args[1]);
+            lsc.s_args[1] = NULL;
+          }
+        if ((trussinfo->flags & EXECVEENVS) == 0)
+          if (lsc.s_args[2]) {
+            free(lsc.s_args[2]);
+            lsc.s_args[2] = NULL;
+          }
+    }
+
     print_syscall(trussinfo, lsc.name, lsc.nargs, lsc.s_args);
     fprintf(trussinfo->outfile, "\n");
   }

usr.bin/truss/i386-fbsd.c

@@ -233,6 +233,24 @@ i386_syscall_entry(struct trussinfo *trussinfo, int nargs) {
    */
 
   if (!strcmp(fsc.name, "execve") || !strcmp(fsc.name, "exit")) {
+
+    /* XXX
+     * This could be done in a more general
+     * manner but it still wouldn't be very pretty.
+     */
+    if (!strcmp(fsc.name, "execve")) {
+        if ((trussinfo->flags & EXECVEARGS) == 0)
+	  if (fsc.s_args[1]) {
+            free(fsc.s_args[1]);
+            fsc.s_args[1] = NULL;
+          }
+        if ((trussinfo->flags & EXECVEENVS) == 0)
+	  if (fsc.s_args[2]) {
+            free(fsc.s_args[2]);
+            fsc.s_args[2] = NULL;
+          }
+    }
+
     print_syscall(trussinfo, fsc.name, fsc.nargs, fsc.s_args);
     fprintf(trussinfo->outfile, "\n");
   }

usr.bin/truss/i386-linux.c

@@ -182,6 +182,24 @@ i386_linux_syscall_entry(struct trussinfo *trussinfo, int nargs) {
   }
 
   if (!strcmp(lsc.name, "linux_execve") || !strcmp(lsc.name, "exit")) {
+
+    /* XXX
+     * This could be done in a more general
+     * manner but it still wouldn't be very pretty.
+     */
+    if (!strcmp(lsc.name, "linux_execve")) {
+        if ((trussinfo->flags & EXECVEARGS) == 0)
+          if (lsc.s_args[1]) {
+            free(lsc.s_args[1]);
+            lsc.s_args[1] = NULL;
+          }
+        if ((trussinfo->flags & EXECVEENVS) == 0)
+          if (lsc.s_args[2]) {
+            free(lsc.s_args[2]);
+            lsc.s_args[2] = NULL;
+          }
+    }
+
     print_syscall(trussinfo, lsc.name, lsc.nargs, lsc.s_args);
     fprintf(trussinfo->outfile, "\n");
   }

usr.bin/truss/main.c

@@ -67,8 +67,8 @@ static __inline void
 usage(void)
 {
   fprintf(stderr, "%s\n%s\n",
-	"usage: truss [-fdDS] [-o file] -p pid",
-	"       truss [-fdDS] [-o file] command [args]");
+	"usage: truss [-faedDS] [-o file] -p pid",
+	"       truss [-faedDS] [-o file] command [args]");
   exit(1);
 }
 
@@ -146,7 +146,7 @@ main(int ac, char **av) {
   bzero(trussinfo, sizeof(struct trussinfo));
   trussinfo->outfile = stderr;
 
-  while ((c = getopt(ac, av, "p:o:fdDS")) != -1) {
+  while ((c = getopt(ac, av, "p:o:faedDS")) != -1) {
     switch (c) {
     case 'p':	/* specified pid */
       trussinfo->pid = atoi(optarg);
@@ -154,6 +154,12 @@ main(int ac, char **av) {
     case 'f': /* Follow fork()'s */
       trussinfo->flags |= FOLLOWFORKS;
       break;
+    case 'a': /* Print execve() argument strings. */
+      trussinfo->flags |= EXECVEARGS;
+      break;
+    case 'e': /* Print execve() environment strings. */
+      trussinfo->flags |= EXECVEENVS;
+      break;
     case 'd': /* Absolute timestamps */
       trussinfo->flags |= ABSOLUTETIMESTAMPS;
       break;

usr.bin/truss/syscall.h

@@ -22,7 +22,7 @@
  */
 
 enum Argtype { None = 1, Hex, Octal, Int, String, Ptr, Stat, Ioctl, Quad,
-	Signal, Sockaddr };
+	Signal, Sockaddr, StringArray };
 
 #define ARG_MASK	0xff
 #define OUT	0x100

usr.bin/truss/syscalls.c

@@ -103,6 +103,10 @@ struct syscall syscalls[] = {
 	  { { Hex, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } },
 	{ "getsockname", 1, 3,
 	  { { Hex, 0 }, { Sockaddr | OUT, 1 }, { Ptr | OUT, 2 } } },
+	{ "execve", 1, 3,
+	  { { String | IN, 0 }, { StringArray | IN, 1 }, { StringArray | IN, 2 } } },
+	{ "linux_execve", 1, 3,
+	  { { String | IN, 0 }, { StringArray | IN, 1 }, { StringArray | IN, 2 } } },
 	{ 0, 0, 0, { { 0, 0 }}},
 };
 
@@ -245,6 +249,40 @@ print_arg(int fd, struct syscall_args *sc, unsigned long *args) {
       free(tmp2);
     }
   break;
+  case StringArray:
+    {
+      int num, size, i;
+      char *tmp2;
+      char *string;
+      char *strarray[100];	/* XXX This is ugly. */
+
+      if (get_struct(fd, (void *)args[sc->offset], (void *)&strarray,
+                     sizeof(strarray)) == -1) {
+	err(1, "get_struct %p", (void *)args[sc->offset]);
+      }
+      num = 0;
+      size = 0;
+
+      /* Find out how large of a buffer we'll need. */
+      while (strarray[num] != NULL) {
+	string = get_string(fd, (void*)strarray[num], 0);
+        size += strlen(string);
+	free(string);
+	num++;
+      }
+      size += 4 + (num * 4);
+      tmp = (char *)malloc(size);
+      tmp2 = tmp;
+
+      tmp2 += sprintf(tmp2, " [");
+      for (i = 0; i < num; i++) {
+	string = get_string(fd, (void*)strarray[i], 0);
+        tmp2 += sprintf(tmp2, " \"%s\"%c", string, (i+1 == num) ? ' ' : ',');
+	free(string);
+      }
+      tmp2 += sprintf(tmp2, "]");
+    }
+  break;
   case Quad:
     {
       unsigned long long t;

usr.bin/truss/truss.1

@@ -8,11 +8,11 @@
 .Nd trace system calls
 .Sh SYNOPSIS
 .Nm
-.Op Fl fdDS
+.Op Fl faedDS
 .Op Fl o Ar file
 .Fl p Ar pid
 .Nm
-.Op Fl fdDS
+.Op Fl faedDS
 .Op Fl o Ar file
 command
 .Op args
@@ -29,6 +29,10 @@ The options are as follows:
 .It Fl f
 Trace decendants of the original traced process created by fork(),
 vfork, etc.
+.It Fl a
+Show the argument strings that are passed in each execve() system call.
+.It Fl e
+Show the environment strings that are passed in each execve() system call.
 .It Fl d
 Include timestamps in the output showing the time elapsed
 since the trace was started.

usr.bin/truss/truss.h

@@ -29,6 +29,8 @@
 #define RELATIVETIMESTAMPS 0x00000002
 #define ABSOLUTETIMESTAMPS 0x00000004
 #define NOSIGS             0x00000008
+#define EXECVEARGS         0x00000010
+#define EXECVEENVS         0x00000020
 
 struct trussinfo
 {