From 846e5c07e62aa9173ff32db527437e183c00f98b Mon Sep 17 00:00:00 2001
From: Ben Frederickson <github@benfrederickson.com>
Date: Thu, 31 Oct 2024 23:57:51 -0700
Subject: [PATCH] .

---
 src/binary_parser.rs       |  1 +
 src/python_process_info.rs | 32 ++++++++------------------------
 2 files changed, 9 insertions(+), 24 deletions(-)

diff --git a/src/binary_parser.rs b/src/binary_parser.rs
index d7f6e90d..58c73d77 100644
--- a/src/binary_parser.rs
+++ b/src/binary_parser.rs
@@ -14,6 +14,7 @@ pub struct BinaryInfo {
     pub bss_addr: u64,
     pub bss_size: u64,
     pub pyruntime_addr: u64,
+    #[allow(dead_code)]
     pub pyruntime_size: u64,
     #[allow(dead_code)]
     pub addr: u64,
diff --git a/src/python_process_info.rs b/src/python_process_info.rs
index 2b10ffc4..e5720d1f 100644
--- a/src/python_process_info.rs
+++ b/src/python_process_info.rs
@@ -456,37 +456,21 @@ where
     P: ProcessMemory,
 {
     // First check the pyruntime section it was found
+    //  TODO: if this works, won't be correct for python 3.10
     if binary.pyruntime_addr != 0 {
-        info!(
-            "getting interpreter addresses from {:#016x} {}",
-            binary.pyruntime_addr, binary.pyruntime_size
-        );
-        let bss = process.copy(
-            binary.pyruntime_addr as usize,
-            binary.pyruntime_size as usize,
+        let addr = process.copy_struct(
+            binary.pyruntime_addr as usize + pyruntime::get_interp_head_offset(version),
         )?;
-        #[allow(clippy::cast_ptr_alignment)]
-        let addrs = unsafe {
-            slice::from_raw_parts(bss.as_ptr() as *const usize, bss.len() / size_of::<usize>())
-        };
-        if let Ok(addr) = check_interpreter_addresses(addrs, maps, process, version, true) {
+        if let Ok(addr) = check_interpreter_addresses(&[addr], maps, process, version, true) {
             return Ok(addr);
         }
 
-        // try again with different alignment
-        info!("pyruntime+4bytes");
-        let bss = process.copy(
-            binary.pyruntime_addr as usize + 4,
-            binary.pyruntime_size as usize - 4,
-        )?;
-        #[allow(clippy::cast_ptr_alignment)]
-        let addrs = unsafe {
-            slice::from_raw_parts(bss.as_ptr() as *const usize, bss.len() / size_of::<usize>())
-        };
-        if let Ok(addr) = check_interpreter_addresses(addrs, maps, process, version, true) {
+        info!("failed to get from pyruntime_addr");
+        let addr = process.copy_struct(binary.pyruntime_addr as usize + 28)?;
+        if let Ok(addr) = check_interpreter_addresses(&[addr], maps, process, version, true) {
             return Ok(addr);
         }
-        info!("failed to get interpreter address from pyruntime section");
+        info!("failed to get from pyruntime_addr2");
     }
 
     // We're going to scan the BSS/data section for things, and try to narrowly scan things that