summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2018-07-23 08:20:21 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2018-07-23 08:20:21 (GMT)
commitff9d6470935529cece23378ef9e3aa0f573e5925 (patch)
tree59ae6c67053722a5ed43269bb4eac5f5be781fb7
parent53213051036151645ae287436ad94dff92c7fa20 (diff)
Linked callers with callees in Dalvik code.
-rw-r--r--plugins/dalvik/link.c69
-rw-r--r--plugins/dalvik/link.h3
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_6e.d6
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_6f.d6
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_70.d6
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_71.d6
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_72.d6
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_74.d6
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_75.d6
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_76.d6
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_77.d6
-rw-r--r--plugins/dalvik/v35/opdefs/invoke_78.d6
12 files changed, 132 insertions, 0 deletions
diff --git a/plugins/dalvik/link.c b/plugins/dalvik/link.c
index 8e34485..3b5d43e 100644
--- a/plugins/dalvik/link.c
+++ b/plugins/dalvik/link.c
@@ -374,3 +374,72 @@ void handle_dalvik_packed_switch_links(GArchInstruction *instr, GArchProcessor *
}
}
+
+
+/******************************************************************************
+* *
+* Paramètres : instr = instruction ARMv7 à traiter. *
+* proc = représentation de l'architecture utilisée. *
+* context = contexte associé à la phase de désassemblage. *
+* format = acès aux données du binaire d'origine. *
+* *
+* Description : Etablit une référence entre appelant et appelé. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void handle_links_between_caller_and_callee(GArchInstruction *instr, GArchProcessor *proc, GProcContext *context, GExeFormat *format)
+{
+ GArchOperand *op; /* Opérande numérique en place */
+ uint32_t index; /* Indice dans la table Dex */
+ GDexMethod *method; /* Méthode ciblée ici */
+ GBinRoutine *routine; /* Routine liée à la méthode */
+ const mrange_t *range; /* Zone d'occupation */
+ GArchInstruction *target; /* Ligne visée par la référence*/
+
+ g_arch_instruction_lock_operands(instr);
+
+ assert(_g_arch_instruction_count_operands(instr) == 2);
+
+ op = _g_arch_instruction_get_operand(instr, 1);
+
+ g_arch_instruction_unlock_operands(instr);
+
+ assert(G_IS_DALVIK_POOL_OPERAND(op));
+
+ assert(g_dalvik_pool_operand_get_pool_type(G_DALVIK_POOL_OPERAND(op)) == DPT_METHOD);
+
+ index = g_dalvik_pool_operand_get_index(G_DALVIK_POOL_OPERAND(op));
+
+ method = get_method_from_dex_pool(G_DEX_FORMAT(format), index);
+
+ if (method != NULL)
+ {
+ routine = g_dex_method_get_routine(method);
+ range = g_binary_symbol_get_range(G_BIN_SYMBOL(routine));
+
+ if (range->addr.physical > 0)
+ {
+ target = g_arch_processor_find_instr_by_address(proc, get_mrange_addr(range));
+
+ if (target != NULL)
+ {
+ g_arch_instruction_link_with(instr, target, ILT_REF);
+
+ g_object_unref(G_OBJECT(target));
+
+ }
+
+ }
+
+ g_object_unref(G_OBJECT(routine));
+ g_object_unref(G_OBJECT(method));
+
+ }
+
+ g_object_unref(G_OBJECT(op));
+
+}
diff --git a/plugins/dalvik/link.h b/plugins/dalvik/link.h
index 3b4a91f..2f1ec6d 100644
--- a/plugins/dalvik/link.h
+++ b/plugins/dalvik/link.h
@@ -47,6 +47,9 @@ static inline void handle_dalvik_ifz_branch_as_link(GArchInstruction *ins, GArch
/* Etablit tous les liens liés à un embranchement compressé. */
void handle_dalvik_packed_switch_links(GArchInstruction *, GArchProcessor *, GProcContext *, GExeFormat *);
+/* Etablit une référence entre appelant et appelé. */
+void handle_links_between_caller_and_callee(GArchInstruction *, GArchProcessor *, GProcContext *, GExeFormat *);
+
#endif /* _PLUGINS_DALVIK_LINK_H */
diff --git a/plugins/dalvik/v35/opdefs/invoke_6e.d b/plugins/dalvik/v35/opdefs/invoke_6e.d
index 80bac4b..3f5e9da 100644
--- a/plugins/dalvik/v35/opdefs/invoke_6e.d
+++ b/plugins/dalvik/v35/opdefs/invoke_6e.d
@@ -49,4 +49,10 @@ In Dex files version <b>037</b> or later, if the <b>method_id</b> refers to an i
@format 35c | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}
diff --git a/plugins/dalvik/v35/opdefs/invoke_6f.d b/plugins/dalvik/v35/opdefs/invoke_6f.d
index 580e0d1..ad9cc9b 100644
--- a/plugins/dalvik/v35/opdefs/invoke_6f.d
+++ b/plugins/dalvik/v35/opdefs/invoke_6f.d
@@ -49,4 +49,10 @@ In Dex files version <b>037</b> or later, if the <b>method_id</b> refers to an i
@format 35c | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}
diff --git a/plugins/dalvik/v35/opdefs/invoke_70.d b/plugins/dalvik/v35/opdefs/invoke_70.d
index 4a168e9..aad6c19 100644
--- a/plugins/dalvik/v35/opdefs/invoke_70.d
+++ b/plugins/dalvik/v35/opdefs/invoke_70.d
@@ -49,4 +49,10 @@ In Dex files version <b>037</b> or later, if the <b>method_id</b> refers to an i
@format 35c | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}
diff --git a/plugins/dalvik/v35/opdefs/invoke_71.d b/plugins/dalvik/v35/opdefs/invoke_71.d
index dc67423..d28ff54 100644
--- a/plugins/dalvik/v35/opdefs/invoke_71.d
+++ b/plugins/dalvik/v35/opdefs/invoke_71.d
@@ -49,4 +49,10 @@ In Dex files version <b>037</b> or later, if the <b>method_id</b> refers to an i
@format 35c | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}
diff --git a/plugins/dalvik/v35/opdefs/invoke_72.d b/plugins/dalvik/v35/opdefs/invoke_72.d
index e38e64f..fe7eb2c 100644
--- a/plugins/dalvik/v35/opdefs/invoke_72.d
+++ b/plugins/dalvik/v35/opdefs/invoke_72.d
@@ -49,4 +49,10 @@ In Dex files version <b>037</b> or later, if the <b>method_id</b> refers to an i
@format 35c | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}
diff --git a/plugins/dalvik/v35/opdefs/invoke_74.d b/plugins/dalvik/v35/opdefs/invoke_74.d
index 3d44a11..0a105cb 100644
--- a/plugins/dalvik/v35/opdefs/invoke_74.d
+++ b/plugins/dalvik/v35/opdefs/invoke_74.d
@@ -35,4 +35,10 @@
@format 3rc | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}
diff --git a/plugins/dalvik/v35/opdefs/invoke_75.d b/plugins/dalvik/v35/opdefs/invoke_75.d
index 16e0e2b..0596bb0 100644
--- a/plugins/dalvik/v35/opdefs/invoke_75.d
+++ b/plugins/dalvik/v35/opdefs/invoke_75.d
@@ -35,4 +35,10 @@
@format 3rc | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}
diff --git a/plugins/dalvik/v35/opdefs/invoke_76.d b/plugins/dalvik/v35/opdefs/invoke_76.d
index 597b3aa..2aa3dbc 100644
--- a/plugins/dalvik/v35/opdefs/invoke_76.d
+++ b/plugins/dalvik/v35/opdefs/invoke_76.d
@@ -35,4 +35,10 @@
@format 3rc | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}
diff --git a/plugins/dalvik/v35/opdefs/invoke_77.d b/plugins/dalvik/v35/opdefs/invoke_77.d
index feabd12..c972bea 100644
--- a/plugins/dalvik/v35/opdefs/invoke_77.d
+++ b/plugins/dalvik/v35/opdefs/invoke_77.d
@@ -35,4 +35,10 @@
@format 3rc | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}
diff --git a/plugins/dalvik/v35/opdefs/invoke_78.d b/plugins/dalvik/v35/opdefs/invoke_78.d
index e5ed03b..d7ee370 100644
--- a/plugins/dalvik/v35/opdefs/invoke_78.d
+++ b/plugins/dalvik/v35/opdefs/invoke_78.d
@@ -35,4 +35,10 @@
@format 3rc | pool_meth
+ @hooks {
+
+ link = handle_links_between_caller_and_callee
+
+ }
+
}