diff options
| author | Cyrille Bagard <nocbos@gmail.com> | 2018-11-24 11:41:13 (GMT) |
|---|---|---|
| committer | Cyrille Bagard <nocbos@gmail.com> | 2018-11-24 11:41:13 (GMT) |
| commit | dad453ff553f0ab07206f26345dc0adeffb775fd (patch) | |
| tree | 322f3b26da0d0d25011b7e64afc7c7ee37aa5608 /plugins/dwarf/v2 | |
| parent | 615171f171f53791a25aeab7970e29b024177d48 (diff) | |
Moved the DWARF support as plugin and disabled it.
Diffstat (limited to 'plugins/dwarf/v2')
| -rw-r--r-- | plugins/dwarf/v2/Makefile.am | 18 | ||||
| -rw-r--r-- | plugins/dwarf/v2/dwarf.c | 180 | ||||
| -rw-r--r-- | plugins/dwarf/v2/dwarf.h | 58 | ||||
| -rw-r--r-- | plugins/dwarf/v2/form.c | 276 | ||||
| -rw-r--r-- | plugins/dwarf/v2/form.h | 39 |
5 files changed, 571 insertions, 0 deletions
diff --git a/plugins/dwarf/v2/Makefile.am b/plugins/dwarf/v2/Makefile.am new file mode 100644 index 0000000..d1fc563 --- /dev/null +++ b/plugins/dwarf/v2/Makefile.am @@ -0,0 +1,18 @@ + +noinst_LTLIBRARIES = libformatdwarfv2.la + +libformatdwarfv2_la_SOURCES = \ + dwarf.h dwarf.c \ + form.h form.c + +libformatdwarfv2_la_LDFLAGS = $(LIBGTK_LIBS) + + +devdir = $(includedir)/chrysalide/$(subdir:src/%=%) + +dev_HEADERS = $(libformatdwarfv2_la_SOURCES:%c=) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/dwarf/v2/dwarf.c b/plugins/dwarf/v2/dwarf.c new file mode 100644 index 0000000..8f794bf --- /dev/null +++ b/plugins/dwarf/v2/dwarf.c @@ -0,0 +1,180 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.c - support du format DWARF v2 + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "dwarf.h" + + +#include "../dwarf-int.h" + + +#include "form.h" + + + +/* Format de débogage DWARF v2 (instance) */ +struct _GDwarfV2Format +{ + GDwarfFormat parent; /* A laisser en premier */ + +}; + +/* Format de débogage DWARF v2 (classe) */ +struct _GDwarfV2FormatClass +{ + GDwarfFormatClass parent; /* A laisser en premier */ + +}; + + +/* Initialise la classe des formats de débogage DWARF v2. */ +static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *); + +/* Initialise une instance de format de débogage DWARF v2. */ +static void g_dwarfv2_format_init(GDwarfV2Format *); + +/* Supprime toutes les références externes. */ +static void g_dwarfv2_format_dispose(GDwarfV2Format *); + +/* Procède à la libération totale de la mémoire. */ +static void g_dwarfv2_format_finalize(GDwarfV2Format *); + + + +/* Indique le type défini pour un format de débogage DWARF v2. */ +G_DEFINE_TYPE(GDwarfV2Format, g_dwarfv2_format, G_TYPE_DWARF_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats de débogage DWARF v2. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + GDwarfFormatClass *dwarf; /* Version parente de la classe*/ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv2_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_dwarfv2_format_finalize; + + dwarf = G_DWARF_FORMAT_CLASS(klass); + + dwarf->read_form = (read_form_value_fc)read_dwarf_v2_form_value; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format de débogage DWARF v2. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_init(GDwarfV2Format *format) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_dispose(GDwarfV2Format *format) +{ + G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_finalize(GDwarfV2Format *format) +{ + G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * + status = barre de statut à tenir informée. * +* * +* Description : Prend en charge un nouveau format DWARF (v2). * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinFormat *g_dwarfv2_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) +{ + GDwarfV2Format *result; /* Structure à retourner */ + + result = g_object_new(G_TYPE_DWARFV2_FORMAT, NULL); + + + + g_binary_format_set_content(G_BIN_FORMAT(result), content); + + + + return G_BIN_FORMAT(result); + +} diff --git a/plugins/dwarf/v2/dwarf.h b/plugins/dwarf/v2/dwarf.h new file mode 100644 index 0000000..f3b3501 --- /dev/null +++ b/plugins/dwarf/v2/dwarf.h @@ -0,0 +1,58 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.h - prototypes pour le support du format DWARF v2 + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _FORMAT_DWARF_V2_DWARF_H +#define _FORMAT_DWARF_V2_DWARF_H + + +#include <glib-object.h> + + +#include "../../../core/formats.h" + + + +#define G_TYPE_DWARFV2_FORMAT g_dwarfv2_format_get_type() +#define G_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv2_format_get_type(), GDwarfV2Format)) +#define G_IS_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv2_format_get_type())) +#define G_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) +#define G_IS_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV2_FORMAT)) +#define G_DWARFV2_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) + + +/* Format de débogage DWARF v2 (instance) */ +typedef struct _GDwarfV2Format GDwarfV2Format; + +/* Format de débogage DWARF v2 (classe) */ +typedef struct _GDwarfV2FormatClass GDwarfV2FormatClass; + + +/* Indique le type défini pour un format de débogage DWARF v2. */ +GType g_dwarfv2_format_get_type(void); + +/* Prend en charge un nouveau format DWARF (v2). */ +GBinFormat *g_dwarfv2_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); + + + +#endif /* _FORMAT_DWARF_V2_DWARF_H */ diff --git a/plugins/dwarf/v2/form.c b/plugins/dwarf/v2/form.c new file mode 100644 index 0000000..7e012b7 --- /dev/null +++ b/plugins/dwarf/v2/form.c @@ -0,0 +1,276 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * form.c - chargement en mémoire des valeurs d'attributs + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "form.h" + + +#include "../dwarf-int.h" + + + +/****************************************************************************** +* * +* Paramètres : format = contenu binaire de débogage à parcourir. * +* cu = unité de compilation parente. * +* form = nature de la valeur à lire. * +* pos = tête de lecture au sein des données. [OUT] * +* value = valeur au format donné lue. [OUT] * +* * +* Description : Lit la valeur correspondant à un type donné. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_v2_form_value(const GDwarfFormat *format, const dw_compil_unit_header *cu, DwarfForm form, vmpa2t *pos, dw_v2_form_value *value) +{ + bool result; /* Bilan de lecture à renvoyer */ + GBinContent *content; /* Contenu binaire à parcourir */ + SourceEndian endian; /* Boutisme des enregistrements*/ + GExeFormat *exe; /* Format d'exécutable rattaché*/ + const bin_t *tmp; /* Données quelconques */ + uint8_t tmp8; /* Données sur 8 bits */ + uint16_t tmp16; /* Données sur 16 bits */ + uint32_t tmp32; /* Données sur 32 bits */ + uint64_t tmp64; /* Données sur 64 bits */ + uleb128_t tmpuleb; /* Données sur xxx bits */ + phys_t offset; /* Décalage à appliquer */ + mrange_t range; /* Couverture d'une section */ + vmpa2t iter; /* Point de lecture parallèle */ + + content = G_BIN_FORMAT(format)->content; + endian = g_binary_format_get_endianness(G_BIN_FORMAT(format)); + exe = G_DBG_FORMAT(format)->executable; + + switch (form) + { + case DW_FORM_addr: + + switch (cu->address_size) + { + case 2: + result = g_binary_content_read_u16(content, pos, endian, &tmp16); + if (result) value->address = tmp16; + break; + case 4: + result = g_binary_content_read_u32(content, pos, endian, &tmp32); + if (result) value->address = tmp32; + break; + case 8: + result = g_binary_content_read_u64(content, pos, endian, &tmp64); + if (result) value->address = tmp64; + break; + default: + result = false; + break; + } + break; + + case DW_FORM_block2: + result = g_binary_content_read_u16(content, pos, endian, &tmp16); + if (result) + { + value->block.size = tmp16; + goto block_finish; + } + break; + + case DW_FORM_block4: + result = g_binary_content_read_u32(content, pos, endian, &tmp32); + if (result) + { + value->block.size = tmp32; + goto block_finish; + } + break; + + case DW_FORM_data2: + result = g_binary_content_read_u16(content, pos, endian, &value->data2); + break; + + case DW_FORM_data4: + result = g_binary_content_read_u32(content, pos, endian, &value->data4); + break; + + case DW_FORM_data8: + result = g_binary_content_read_u64(content, pos, endian, &value->data8); + break; + + case DW_FORM_string: + + tmp = g_binary_content_get_raw_access(content, pos, 1); + result = (tmp != NULL); + + if (result) + { + value->string = (const char *)tmp; + + while (result && *tmp != '\0') + { + tmp = g_binary_content_get_raw_access(content, pos, 1); + result = (tmp != NULL); + } + + } + + break; + + case DW_FORM_block: + + tmpuleb = 0; /* Pour GCC */ + + result = g_binary_content_read_uleb128(content, pos, &tmpuleb); + if (!result) break; + + value->block.size = tmpuleb; + + block_finish: + + value->block.start = g_binary_content_get_raw_access(content, pos, value->block.size); + + result = (value->block.start != NULL); + break; + + case DW_FORM_block1: + result = g_binary_content_read_u8(content, pos, &tmp8); + if (result) + { + value->block.size = tmp8; + goto block_finish; + } + break; + + case DW_FORM_data1: + result = g_binary_content_read_u8(content, pos, &value->data1); + break; + + case DW_FORM_flag: + result = g_binary_content_read_u8(content, pos, &value->flag); + break; + + case DW_FORM_sdata: + result = g_binary_content_read_leb128(content, pos, &value->sdata); + break; + + case DW_FORM_strp: + + /* Définition des positions */ + + if (cu->is_32b) + { + result = g_binary_content_read_u32(content, pos, endian, &tmp32); + offset = tmp32; + } + else + { + result = g_binary_content_read_u64(content, pos, endian, &tmp64); + offset = tmp64; + } + + /* Lecture dans la section adaptée */ + + if (result) + result = g_exe_format_get_section_range_by_name(exe, ".debug_str", &range); + + if (result) + { + copy_vmpa(&iter, get_mrange_addr(&range)); + + result = g_binary_content_seek(content, &iter, offset); + + if (!result) + break; + + tmp = g_binary_content_get_raw_access(content, &iter, 1); + result = (tmp != NULL); + + if (result) + { + value->string = (const char *)tmp; + + while (result && *tmp != '\0') + { + tmp = g_binary_content_get_raw_access(content, &iter, 1); + result = (tmp != NULL); + } + + } + + } + + break; + + case DW_FORM_udata: + result = g_binary_content_read_uleb128(content, pos, &value->udata); + break; + + + + + + + + + + + + case DW_FORM_ref1: + result = g_binary_content_read_u8(content, pos, &value->ref1); + break; + + case DW_FORM_ref2: + result = g_binary_content_read_u16(content, pos, endian, &value->ref2); + break; + + case DW_FORM_ref4: + result = g_binary_content_read_u32(content, pos, endian, &value->ref4); + break; + + case DW_FORM_ref8: + result = g_binary_content_read_u64(content, pos, endian, &value->ref8); + break; + + case DW_FORM_ref_udata: + result = g_binary_content_read_uleb128(content, pos, &value->ref_udata); + break; + + + + + + + + + + + default: + result = false; + break; + + } + + return result; + +} diff --git a/plugins/dwarf/v2/form.h b/plugins/dwarf/v2/form.h new file mode 100644 index 0000000..a124e67 --- /dev/null +++ b/plugins/dwarf/v2/form.h @@ -0,0 +1,39 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * form.h - prototypes pour le chargement en mémoire des valeurs d'attributs + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _FORMAT_DWARF_V2_FORM_H +#define _FORMAT_DWARF_V2_FORM_H + + +#include "../dwarf.h" +#include "../dwarf_def.h" +#include "../../../analysis/content.h" + + + +/* Lit la valeur correspondant à un type donné. */ +bool read_dwarf_v2_form_value(const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_v2_form_value *); + + + +#endif /* _FORMAT_DWARF_V2_FORM_H */ |