pub fn scan_ld_preload<P: PhysicalMemoryProvider>(
reader: &ObjectReader<P>,
processes: &[ProcessInfo],
) -> Result<Vec<LdPreloadInfo>>Expand description
Scan processes for LD_PRELOAD environment variable injection.
For each process in the provided list, reads the environment block from
mm_struct.env_start..env_end, scans for a LD_PRELOAD= entry, and
if found, parses the libraries and classifies the value.
Returns only processes that have LD_PRELOAD set in their environment. Kernel threads (NULL mm) and processes with unreadable environment blocks are silently skipped.