diff options
| author | Cyrille Bagard <nocbos@gmail.com> | 2018-11-24 14:28:22 (GMT) |
|---|---|---|
| committer | Cyrille Bagard <nocbos@gmail.com> | 2018-11-24 14:28:22 (GMT) |
| commit | dd851e1fb743d77b421519ee5915534aed2d2c4f (patch) | |
| tree | 9a9f91c09438467ade7a67c5e2188b4051d23569 /plugins/dwarf/v4 | |
| parent | 59b1bdfdc9b64dac8fd1450c51aa5014c8c469f0 (diff) | |
Updated the DWARF support.
Diffstat (limited to 'plugins/dwarf/v4')
| -rw-r--r-- | plugins/dwarf/v4/Makefile.am | 15 | ||||
| -rw-r--r-- | plugins/dwarf/v4/checks.c | 80 | ||||
| -rw-r--r-- | plugins/dwarf/v4/checks.h (renamed from plugins/dwarf/v4/form.h) | 24 | ||||
| -rw-r--r-- | plugins/dwarf/v4/dwarf.c | 182 | ||||
| -rw-r--r-- | plugins/dwarf/v4/dwarf.h | 58 | ||||
| -rw-r--r-- | plugins/dwarf/v4/form.c | 106 |
6 files changed, 101 insertions, 364 deletions
diff --git a/plugins/dwarf/v4/Makefile.am b/plugins/dwarf/v4/Makefile.am index ca77923..333dfac 100644 --- a/plugins/dwarf/v4/Makefile.am +++ b/plugins/dwarf/v4/Makefile.am @@ -1,18 +1,17 @@ -noinst_LTLIBRARIES = libformatdwarfv4.la +noinst_LTLIBRARIES = libdwarfv4.la -libformatdwarfv4_la_SOURCES = \ - dwarf.h dwarf.c \ - form.h form.c +libdwarfv4_la_SOURCES = \ + checks.h checks.c -libformatdwarfv4_la_LDFLAGS = $(LIBGTK_LIBS) +libdwarfv4_la_LDFLAGS = $(LIBGTK_LIBS) -devdir = $(includedir)/chrysalide/$(subdir:src/%=%) +devdir = $(includedir)/chrysalide-$(subdir) -dev_HEADERS = $(libformatdwarfv4_la_SOURCES:%c=) +dev_HEADERS = $(libdwarfv4_la_SOURCES:%c=) -AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) -I$(top_srcdir)/src AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/dwarf/v4/checks.c b/plugins/dwarf/v4/checks.c new file mode 100644 index 0000000..3450287 --- /dev/null +++ b/plugins/dwarf/v4/checks.c @@ -0,0 +1,80 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * checks.c - validations liées au format DWARF v4 + * + * Copyright (C) 2018 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "checks.h" + + + +/****************************************************************************** +* * +* Paramètres : decl = structure brute dont le contenu est à valider. * +* * +* Description : Procède à la conversion de base d'une abréviation DWARF. * +* * +* Retour : Validité confirmée ou non. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool check_dwarfv4_abbrev_decl(const dw_abbrev_decl *decl) +{ + bool result; /* Validité à retourner */ + + result = (decl->tag >= DW_TAG_array_type && decl->tag <= DW_TAG_template_alias) + || (decl->tag >= DW_TAG_lo_user && decl->tag <= DW_TAG_hi_user); + + if (result) + result = (decl->has_children == DW_CHILDREN_no + || decl->has_children == DW_CHILDREN_yes); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : decl = structure brute dont le contenu est à valider. * +* * +* Description : Procède à la conversion d'un attribut d'abréviation DWARF. * +* * +* Retour : Validité confirmée ou non. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool check_dwarfv4_abbrev_attrib(const dw_abbrev_raw_attr *attr) +{ + bool result; /* Validité à retourner */ + + result = (attr->name >= DW_AT_sibling && attr->name <= DW_AT_linkage_name) + || (attr->name >= DW_AT_lo_user && attr->name <= DW_AT_hi_user); + + if (result) + result = (attr->form >= DW_FORM_addr && attr->form <= DW_FORM_ref_sig8); + + return result; + +} diff --git a/plugins/dwarf/v4/form.h b/plugins/dwarf/v4/checks.h index 053b693..25b8fc1 100644 --- a/plugins/dwarf/v4/form.h +++ b/plugins/dwarf/v4/checks.h @@ -1,8 +1,8 @@ /* Chrysalide - Outil d'analyse de fichiers binaires - * form.h - prototypes pour le chargement en mémoire des valeurs d'attributs + * checks.h - prototypes pour les validations liées au format DWARF v4 * - * Copyright (C) 2016-2017 Cyrille Bagard + * Copyright (C) 2018 Cyrille Bagard * * This file is part of Chrysalide. * @@ -21,19 +21,23 @@ */ -#ifndef _FORMAT_DWARF_V4_FORM_H -#define _FORMAT_DWARF_V4_FORM_H +#ifndef _PLUGINS_DWARF_V4_CHECKS_H +#define _PLUGINS_DWARF_V4_CHECKS_H -#include "../dwarf.h" -#include "../dwarf_def.h" -#include "../../../analysis/content.h" +#include <stdbool.h> +#include "../def.h" -/* Lit la valeur correspondant à un type donné. */ -bool read_dwarf_v4_form_value(const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_v4_form_value *); +/* Procède à la conversion de base d'une abréviation DWARF. */ +bool check_dwarfv4_abbrev_decl(const dw_abbrev_decl *); -#endif /* _FORMAT_DWARF_V4_FORM_H */ +/* Procède à la conversion d'un attribut d'abréviation DWARF. */ +bool check_dwarfv4_abbrev_attrib(const dw_abbrev_raw_attr *); + + + +#endif /* _PLUGINS_DWARF_V4_CHECKS_H */ diff --git a/plugins/dwarf/v4/dwarf.c b/plugins/dwarf/v4/dwarf.c deleted file mode 100644 index a220aff..0000000 --- a/plugins/dwarf/v4/dwarf.c +++ /dev/null @@ -1,182 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.c - support du format DWARF v4 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. - */ - - -#include "dwarf.h" - - -#include "../dwarf-int.h" - - -#include "form.h" - - - -/* Format de débogage DWARF v4 (instance) */ -struct _GDwarfV4Format -{ - GDwarfFormat parent; /* A laisser en premier */ - -}; - -/* Format de débogage DWARF v4 (classe) */ -struct _GDwarfV4FormatClass -{ - GDwarfFormatClass parent; /* A laisser en premier */ - -}; - - -/* Initialise la classe des formats de débogage DWARF v4. */ -static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *); - -/* Initialise une instance de format de débogage DWARF v4. */ -static void g_dwarfv4_format_init(GDwarfV4Format *); - -/* Supprime toutes les références externes. */ -static void g_dwarfv4_format_dispose(GDwarfV4Format *); - -/* Procède à la libération totale de la mémoire. */ -static void g_dwarfv4_format_finalize(GDwarfV4Format *); - - - -/* Indique le type défini pour un format de débogage DWARF v4. */ -G_DEFINE_TYPE(GDwarfV4Format, g_dwarfv4_format, G_TYPE_DWARF_FORMAT); - - -/****************************************************************************** -* * -* Paramètres : klass = classe à initialiser. * -* * -* Description : Initialise la classe des formats de débogage DWARF v4. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *klass) -{ - GObjectClass *object; /* Autre version de la classe */ - GDwarfFormatClass *dwarf; /* Version parente de la classe*/ - - object = G_OBJECT_CLASS(klass); - - object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv4_format_dispose; - object->finalize = (GObjectFinalizeFunc)g_dwarfv4_format_finalize; - - dwarf = G_DWARF_FORMAT_CLASS(klass); - - dwarf->read_form = (read_form_value_fc)read_dwarf_v4_form_value; - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance à initialiser. * -* * -* Description : Initialise une instance de format de débogage DWARF v4. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv4_format_init(GDwarfV4Format *format) -{ - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Supprime toutes les références externes. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv4_format_dispose(GDwarfV4Format *format) -{ - G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->dispose(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Procède à la libération totale de la mémoire. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv4_format_finalize(GDwarfV4Format *format) -{ - G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->finalize(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : content = contenu binaire à parcourir. * -* parent = éventuel format exécutable déjà chargé. * - status = barre de statut à tenir informée. * -* * -* Description : Prend en charge un nouveau format DWARF (v4). * -* * -* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* -* * -* Remarques : - * -* * -******************************************************************************/ - -GBinFormat *g_dwarfv4_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) -{ - GDwarfV4Format *result; /* Structure à retourner */ - - result = g_object_new(G_TYPE_DWARFV4_FORMAT, NULL); - - g_binary_format_set_content(G_BIN_FORMAT(result), content); - - if (!g_dwarf_format_load(G_DWARF_FORMAT(result), parent)) - { - g_object_unref(G_OBJECT(result)); - result = NULL; - } - - return G_BIN_FORMAT(result); - -} diff --git a/plugins/dwarf/v4/dwarf.h b/plugins/dwarf/v4/dwarf.h deleted file mode 100644 index 89135e3..0000000 --- a/plugins/dwarf/v4/dwarf.h +++ /dev/null @@ -1,58 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.h - prototypes pour le support du format DWARF v4 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. - */ - - -#ifndef _FORMAT_DWARF_V4_DWARF_H -#define _FORMAT_DWARF_V4_DWARF_H - - -#include <glib-object.h> - - -#include "../../../core/formats.h" - - - -#define G_TYPE_DWARFV4_FORMAT g_dwarfv4_format_get_type() -#define G_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv4_format_get_type(), GDwarfV4Format)) -#define G_IS_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv4_format_get_type())) -#define G_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass)) -#define G_IS_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV4_FORMAT)) -#define G_DWARFV4_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass)) - - -/* Format de débogage DWARF v4 (instance) */ -typedef struct _GDwarfV4Format GDwarfV4Format; - -/* Format de débogage DWARF v4 (classe) */ -typedef struct _GDwarfV4FormatClass GDwarfV4FormatClass; - - -/* Indique le type défini pour un format de débogage DWARF v4. */ -GType g_dwarfv4_format_get_type(void); - -/* Prend en charge un nouveau format DWARF (v4). */ -GBinFormat *g_dwarfv4_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); - - - -#endif /* _FORMAT_DWARF_V4_DWARF_H */ diff --git a/plugins/dwarf/v4/form.c b/plugins/dwarf/v4/form.c deleted file mode 100644 index 80dbf1e..0000000 --- a/plugins/dwarf/v4/form.c +++ /dev/null @@ -1,106 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * form.c - chargement en mémoire des valeurs d'attributs - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. - */ - - -#include "form.h" - - -#include "../dwarf-int.h" -#include "../v2/form.h" - - - -/****************************************************************************** -* * -* Paramètres : format = contenu binaire de débogage à parcourir. * -* cu = unité de compilation parente. * -* form = nature de la valeur à lire. * -* pos = tête de lecture au sein des données. [OUT] * -* value = valeur au format donné lue. [OUT] * -* * -* Description : Lit la valeur correspondant à un type donné. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_v4_form_value(const GDwarfFormat *format, const dw_compil_unit_header *cu, DwarfForm form, vmpa2t *pos, dw_v4_form_value *value) -{ - bool result; /* Bilan de lecture à renvoyer */ - GBinContent *content; /* Contenu binaire à parcourir */ - SourceEndian endian; /* Boutisme des enregistrements*/ - uint32_t tmp32; /* Données sur 32 bits */ - uint64_t tmp64; /* Données sur 64 bits */ - uleb128_t tmpuleb; /* Données sur xxx bits */ - - content = G_BIN_FORMAT(format)->content; - endian = g_binary_format_get_endianness(G_BIN_FORMAT(format)); - - switch (form) - { - case DW_FORM_sec_offset: - - if (cu->is_32b) - { - result = g_binary_content_read_u32(content, pos, endian, &tmp32); - tmp64 = tmp32; - } - else - result = g_binary_content_read_u64(content, pos, endian, &tmp64); - - value->sec_offset = tmp64; - break; - - case DW_FORM_exprloc: - - tmpuleb = 0; /* Pour GCC */ - - result = g_binary_content_read_uleb128(content, pos, &tmpuleb); - if (!result) break; - - value->expr.size = tmpuleb; - - value->expr.start = g_binary_content_get_raw_access(content, pos, value->expr.size); - result = (value->expr.start != NULL); - - break; - - case DW_FORM_flag_present: - result = true; - value->has_flag = true; - break; - - case DW_FORM_ref_sig8: - result = g_binary_content_read_u64(content, pos, endian, &value->signature); - break; - - default: - result = read_dwarf_v2_form_value(format, cu, form, pos, &value->v2); - break; - - } - - return result; - -} |