summaryrefslogtreecommitdiff
path: root/plugins/pychrysalide/analysis
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2023-10-01 18:08:26 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2023-10-01 18:08:26 (GMT)
commit3ab6c0c0072ae0e2abde48d60d7eac18f084a764 (patch)
treeeb971388c5061dc91416924e98cc0c965fdcd19c /plugins/pychrysalide/analysis
parent8c3fa9dab2ca7c46b6334fbbac5baf0fb822add0 (diff)
Introduce parameters for scan pattern modifiers.
Diffstat (limited to 'plugins/pychrysalide/analysis')
-rw-r--r--plugins/pychrysalide/analysis/scan/Makefile.am2
-rw-r--r--plugins/pychrysalide/analysis/scan/core.c9
-rw-r--r--plugins/pychrysalide/analysis/scan/patterns/modifier.c114
-rw-r--r--plugins/pychrysalide/analysis/scan/patterns/modifiers/Makefile.am3
-rw-r--r--plugins/pychrysalide/analysis/scan/patterns/modifiers/hex.c4
-rw-r--r--plugins/pychrysalide/analysis/scan/patterns/modifiers/module.c2
-rw-r--r--plugins/pychrysalide/analysis/scan/patterns/modifiers/rev.c2
-rw-r--r--plugins/pychrysalide/analysis/scan/patterns/modifiers/xor.c210
-rw-r--r--plugins/pychrysalide/analysis/scan/patterns/modifiers/xor.h45
9 files changed, 372 insertions, 19 deletions
diff --git a/plugins/pychrysalide/analysis/scan/Makefile.am b/plugins/pychrysalide/analysis/scan/Makefile.am
index 32bf1e3..0b20ca5 100644
--- a/plugins/pychrysalide/analysis/scan/Makefile.am
+++ b/plugins/pychrysalide/analysis/scan/Makefile.am
@@ -15,7 +15,7 @@ libpychrysaanalysisscan_la_SOURCES = \
libpychrysaanalysisscan_la_LIBADD = \
patterns/libpychrysaanalysisscanpatterns.la
-libpychrysaanalysisscan_la_CFLAGS = $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) $(TOOLKIT_CFLAGS) \
+libpychrysaanalysisscan_la_CFLAGS = $(LIBPYTHON_INTERPRETER_CFLAGS) $(LIBPYGOBJECT_CFLAGS) $(TOOLKIT_CFLAGS) \
-I$(top_srcdir)/src -DNO_IMPORT_PYGOBJECT
diff --git a/plugins/pychrysalide/analysis/scan/core.c b/plugins/pychrysalide/analysis/scan/core.c
index f609f7d..dcf5bf8 100644
--- a/plugins/pychrysalide/analysis/scan/core.c
+++ b/plugins/pychrysalide/analysis/scan/core.c
@@ -119,7 +119,8 @@ static PyObject *py_scan_register_token_modifier(PyObject *self, PyObject *args)
static PyObject *py_scan_find_token_modifiers_for_name(PyObject *self, PyObject *args)
{
PyObject *result; /* Bilan à retourner */
- const char *name; /* Nom d'appel à rechercher */
+ sized_string_t name; /* Nom d'appel à rechercher */
+ Py_ssize_t len; /* Taille de ce nom */
int ret; /* Bilan de lecture des args. */
GScanTokenModifier *modifier; /* Instance mise en place */
@@ -135,10 +136,12 @@ static PyObject *py_scan_find_token_modifiers_for_name(PyObject *self, PyObject
" if no instance was found for the provided name." \
)
- ret = PyArg_ParseTuple(args, "s", &name);
+ ret = PyArg_ParseTuple(args, "s#", &name.static_data, &len);
if (!ret) return NULL;
- modifier = find_scan_token_modifiers_for_name(name);
+ name.len = len;
+
+ modifier = find_scan_token_modifiers_for_name(&name);
if (modifier != NULL)
{
diff --git a/plugins/pychrysalide/analysis/scan/patterns/modifier.c b/plugins/pychrysalide/analysis/scan/patterns/modifier.c
index 4cae011..0fec60c 100644
--- a/plugins/pychrysalide/analysis/scan/patterns/modifier.c
+++ b/plugins/pychrysalide/analysis/scan/patterns/modifier.c
@@ -91,19 +91,27 @@ static int py_scan_token_modifier_init(PyObject *self, PyObject *args, PyObject
static PyObject *py_scan_token_modifier_transform(PyObject *self, PyObject *args)
{
PyObject *result; /* Bilan à faire remonter */
- const char *data; /* Séquence d'octets à traiter */
+ PyObject *py_src; /* Motifs Python en entrée */
+ PyObject *py_arg; /* Eventuel paramètre de config*/
+ sized_binary_t src; /* Entrée au format adapté */
Py_ssize_t len; /* Quantité de ces données */
int ret; /* Bilan de lecture des args. */
- sized_binary_t src; /* Entrée au format adapté */
+ sized_binary_t *src_list; /* Entrées au format adapté */
+ size_t scount; /* Taille de cette liste */
+ bool dyn_src; /* Allocation dynamique ? */
+ Py_ssize_t size; /* Taille d'une séquence */
+ Py_ssize_t k; /* Boucle de parcours #1 */
+ PyObject *item; /* Elément de liste de motifs */
+ modifier_arg_t arg; /* Eventuelle précision */
GScanTokenModifier *modifier; /* Version native de l'instance*/
sized_binary_t *dest; /* Liste des nouvelles chaînes */
- size_t count; /* Taille de cette liste */
+ size_t dcount; /* Taille de cette liste */
bool status; /* Bilan de l'opération */
- size_t i; /* Boucle de parcours */
+ size_t i; /* Boucle de parcours #2 */
#define SCAN_TOKEN_MODIFIER_TRANSFORM_METHOD PYTHON_METHOD_DEF \
( \
- transform, "$self, data", \
+ transform, "$self, data, /, arg", \
METH_VARARGS, py_scan_token_modifier, \
"Transform data from a byte pattern for an incoming scan.\n" \
"\n" \
@@ -113,21 +121,105 @@ static PyObject *py_scan_token_modifier_transform(PyObject *self, PyObject *args
" *None* in case of error." \
)
- ret = PyArg_ParseTuple(args, "s#", &data, &len);
+ py_arg = NULL;
+
+ ret = PyArg_ParseTuple(args, "O|O", &py_src, &py_arg);
if (!ret) return NULL;
- src.data = (char *)data;
- src.len = len;
+ /* Constitution des motifs d'entrée */
+
+ if (PyBytes_Check(py_src))
+ {
+ ret = PyBytes_AsStringAndSize(py_src, &src.data, &len);
+ if (ret == -1) return NULL;
+
+ src.len = len;
+
+ src_list = &src;
+ scount = 1;
+
+ dyn_src = false;
+
+ }
+
+ else if (PySequence_Check(py_src))
+ {
+ size = PySequence_Size(py_src);
+
+ src_list = malloc(size * sizeof(sized_binary_t));
+ scount = size;
+
+ dyn_src = true;
+
+ for (k = 0; k < size; k++)
+ {
+ item = PySequence_ITEM(py_src, k);
+
+ if (PyBytes_Check(item))
+ {
+ ret = PyBytes_AsStringAndSize(item, &src_list[k].data, &len);
+ if (ret == -1) return NULL;
+
+ src_list[k].len = len;
+
+ }
+ else
+ {
+ free(src_list);
+
+ PyErr_SetString(PyExc_TypeError, "lists of items other than bytes are not supported");
+ return NULL;
+ }
+
+ }
+
+ }
+
+ else
+ {
+ PyErr_SetString(PyExc_TypeError, "only bytes and lists of bytes are expected as input for modifiers");
+ return NULL;
+ }
+
+ /* Récupération d'une éventuelle précision opérationnelle */
+
+ if (py_arg != NULL)
+ {
+ if (PyLong_Check(py_arg))
+ {
+ arg.type = MAT_UNSIGNED_INTEGER;
+ arg.value.u_integer = PyLong_AsUnsignedLongLong(py_arg);
+ }
+
+ else
+ {
+ if (dyn_src)
+ free(src_list);
+
+ PyErr_SetString(PyExc_TypeError, "unable to handle the argument type for calling a modifier");
+ return NULL;
+
+ }
+
+ }
+
+ /* Création des nouveaux motifs */
modifier = G_SCAN_TOKEN_MODIFIER(pygobject_get(self));
- status = g_scan_token_modifier_transform(modifier, &src, &dest, &count);
+ if (py_arg == NULL)
+ status = g_scan_token_modifier_transform(modifier, src_list, scount, &dest, &dcount);
+ else
+ status = g_scan_token_modifier_transform_with_arg(modifier, src_list, scount, &arg, &dest, &dcount);
+
+ if (dyn_src)
+ free(src_list);
if (status)
{
- result = PyTuple_New(count);
+ result = PyTuple_New(dcount);
- for (i = 0; i < count; i++)
+ for (i = 0; i < dcount; i++)
{
PyTuple_SetItem(result, i, PyBytes_FromStringAndSize(dest[i].data, dest[i].len));
exit_szstr(&dest[i]);
diff --git a/plugins/pychrysalide/analysis/scan/patterns/modifiers/Makefile.am b/plugins/pychrysalide/analysis/scan/patterns/modifiers/Makefile.am
index baf7ed5..ae53e45 100644
--- a/plugins/pychrysalide/analysis/scan/patterns/modifiers/Makefile.am
+++ b/plugins/pychrysalide/analysis/scan/patterns/modifiers/Makefile.am
@@ -6,7 +6,8 @@ libpychrysaanalysisscanpatternsmodifiers_la_SOURCES = \
list.h list.c \
module.h module.c \
plain.h plain.c \
- rev.h rev.c
+ rev.h rev.c \
+ xor.h xor.c
libpychrysaanalysisscanpatternsmodifiers_la_CFLAGS = $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) $(TOOLKIT_CFLAGS) \
-I$(top_srcdir)/src -DNO_IMPORT_PYGOBJECT
diff --git a/plugins/pychrysalide/analysis/scan/patterns/modifiers/hex.c b/plugins/pychrysalide/analysis/scan/patterns/modifiers/hex.c
index d0d1e1f..503580d 100644
--- a/plugins/pychrysalide/analysis/scan/patterns/modifiers/hex.c
+++ b/plugins/pychrysalide/analysis/scan/patterns/modifiers/hex.c
@@ -131,7 +131,7 @@ PyTypeObject *get_python_scan_hex_modifier_type(void)
* *
* Paramètres : - *
* *
-* Description : Prend en charge l'objet 'pychrysalide....HexModifier'. *
+* Description : Prend en charge l'objet 'pychrysalide....HexModifier'. *
* *
* Retour : Bilan de l'opération. *
* *
@@ -141,7 +141,7 @@ PyTypeObject *get_python_scan_hex_modifier_type(void)
bool ensure_python_scan_hex_modifier_is_registered(void)
{
- PyTypeObject *type; /* Type Python 'HexModifier' */
+ PyTypeObject *type; /* Type Python 'HexModifier' */
PyObject *module; /* Module à recompléter */
PyObject *dict; /* Dictionnaire du module */
diff --git a/plugins/pychrysalide/analysis/scan/patterns/modifiers/module.c b/plugins/pychrysalide/analysis/scan/patterns/modifiers/module.c
index 1e9bda7..ae450dc 100644
--- a/plugins/pychrysalide/analysis/scan/patterns/modifiers/module.c
+++ b/plugins/pychrysalide/analysis/scan/patterns/modifiers/module.c
@@ -32,6 +32,7 @@
#include "list.h"
#include "plain.h"
#include "rev.h"
+#include "xor.h"
#include "../../../../helpers.h"
@@ -102,6 +103,7 @@ bool populate_analysis_scan_patterns_modifiers_module(void)
if (result) result = ensure_python_scan_modifier_list_is_registered();
if (result) result = ensure_python_scan_plain_modifier_is_registered();
if (result) result = ensure_python_scan_reverse_modifier_is_registered();
+ if (result) result = ensure_python_scan_xor_modifier_is_registered();
assert(result);
diff --git a/plugins/pychrysalide/analysis/scan/patterns/modifiers/rev.c b/plugins/pychrysalide/analysis/scan/patterns/modifiers/rev.c
index 6ee350c..841e929 100644
--- a/plugins/pychrysalide/analysis/scan/patterns/modifiers/rev.c
+++ b/plugins/pychrysalide/analysis/scan/patterns/modifiers/rev.c
@@ -141,7 +141,7 @@ PyTypeObject *get_python_scan_reverse_modifier_type(void)
bool ensure_python_scan_reverse_modifier_is_registered(void)
{
- PyTypeObject *type; /* Type Python 'HexModifier' */
+ PyTypeObject *type; /* Type Python ReverseModifier */
PyObject *module; /* Module à recompléter */
PyObject *dict; /* Dictionnaire du module */
diff --git a/plugins/pychrysalide/analysis/scan/patterns/modifiers/xor.c b/plugins/pychrysalide/analysis/scan/patterns/modifiers/xor.c
new file mode 100644
index 0000000..1280f2f
--- /dev/null
+++ b/plugins/pychrysalide/analysis/scan/patterns/modifiers/xor.c
@@ -0,0 +1,210 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * hex.c - équivalent Python du fichier "analysis/scan/patterns/modifiers/hex.c"
+ *
+ * Copyright (C) 2023 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include "xor.h"
+
+
+#include <pygobject.h>
+
+
+#include <i18n.h>
+#include <analysis/scan/patterns/modifiers/xor.h>
+
+
+#include "../modifier.h"
+#include "../../../../access.h"
+#include "../../../../helpers.h"
+
+
+
+CREATE_DYN_CONSTRUCTOR(scan_xor_modifier, G_TYPE_SCAN_XOR_MODIFIER);
+
+/* Initialise une instance sur la base du dérivé de GObject. */
+static int py_scan_xor_modifier_init(PyObject *, PyObject *, PyObject *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : self = objet à initialiser (théoriquement). *
+* args = arguments fournis à l'appel. *
+* kwds = arguments de type key=val fournis. *
+* *
+* Description : Initialise une instance sur la base du dérivé de GObject. *
+* *
+* Retour : 0. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static int py_scan_xor_modifier_init(PyObject *self, PyObject *args, PyObject *kwds)
+{
+ int ret; /* Bilan de lecture des args. */
+
+#define SCAN_HEX_MODIFIER_DOC \
+ "The *XorModifier* class transforms a byte pattern by XORing bytes.\n" \
+ "\n" \
+ "Instances can be created using the following constructor:\n" \
+ "\n" \
+ " XorModifier()"
+
+ /* Initialisation d'un objet GLib */
+
+ ret = forward_pygobjet_init(self);
+ if (ret == -1) return -1;
+
+ return 0;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : - *
+* *
+* Description : Fournit un accès à une définition de type à diffuser. *
+* *
+* Retour : Définition d'objet pour Python. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+PyTypeObject *get_python_scan_xor_modifier_type(void)
+{
+ static PyMethodDef py_scan_xor_modifier_methods[] = {
+ { NULL }
+ };
+
+ static PyGetSetDef py_scan_xor_modifier_getseters[] = {
+ { NULL }
+ };
+
+ static PyTypeObject py_scan_xor_modifier_type = {
+
+ PyVarObject_HEAD_INIT(NULL, 0)
+
+ .tp_name = "pychrysalide.analysis.scan.patterns.modifiers.XorModifier",
+ .tp_basicsize = sizeof(PyGObject),
+
+ .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,
+
+ .tp_doc = SCAN_HEX_MODIFIER_DOC,
+
+ .tp_methods = py_scan_xor_modifier_methods,
+ .tp_getset = py_scan_xor_modifier_getseters,
+
+ .tp_init = py_scan_xor_modifier_init,
+ .tp_new = py_scan_xor_modifier_new,
+
+ };
+
+ return &py_scan_xor_modifier_type;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : - *
+* *
+* Description : Prend en charge l'objet 'pychrysalide....XorModifier'. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool ensure_python_scan_xor_modifier_is_registered(void)
+{
+ PyTypeObject *type; /* Type Python XorModifier */
+ PyObject *module; /* Module à recompléter */
+ PyObject *dict; /* Dictionnaire du module */
+
+ type = get_python_scan_xor_modifier_type();
+
+ if (!PyType_HasFeature(type, Py_TPFLAGS_READY))
+ {
+ module = get_access_to_python_module("pychrysalide.analysis.scan.patterns.modifiers");
+
+ dict = PyModule_GetDict(module);
+
+ if (!ensure_python_scan_token_modifier_is_registered())
+ return false;
+
+ if (!register_class_for_pygobject(dict, G_TYPE_SCAN_XOR_MODIFIER, type))
+ return false;
+
+ }
+
+ return true;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : arg = argument quelconque à tenter de convertir. *
+* dst = destination des valeurs récupérées en cas de succès. *
+* *
+* Description : Tente de convertir en transformation d'octets par inverse. *
+* *
+* Retour : Bilan de l'opération, voire indications supplémentaires. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+int convert_to_scan_xor_modifier(PyObject *arg, void *dst)
+{
+ int result; /* Bilan à retourner */
+
+ result = PyObject_IsInstance(arg, (PyObject *)get_python_scan_xor_modifier_type());
+
+ switch (result)
+ {
+ case -1:
+ /* L'exception est déjà fixée par Python */
+ result = 0;
+ break;
+
+ case 0:
+ PyErr_SetString(PyExc_TypeError, "unable to convert the provided argument to XOR modifier");
+ break;
+
+ case 1:
+ *((GScanXorModifier **)dst) = G_SCAN_XOR_MODIFIER(pygobject_get(arg));
+ break;
+
+ default:
+ assert(false);
+ break;
+
+ }
+
+ return result;
+
+}
diff --git a/plugins/pychrysalide/analysis/scan/patterns/modifiers/xor.h b/plugins/pychrysalide/analysis/scan/patterns/modifiers/xor.h
new file mode 100644
index 0000000..7b9bb69
--- /dev/null
+++ b/plugins/pychrysalide/analysis/scan/patterns/modifiers/xor.h
@@ -0,0 +1,45 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * xor.h - équivalent Python du fichier "analysis/scan/patterns/modifiers/xor.h"
+ *
+ * Copyright (C) 2023 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_SCAN_PATTERNS_MODIFIERS_XOR_H
+#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_SCAN_PATTERNS_MODIFIERS_XOR_H
+
+
+#include <Python.h>
+#include <stdbool.h>
+
+
+
+/* Fournit un accès à une définition de type à diffuser. */
+PyTypeObject *get_python_scan_xor_modifier_type(void);
+
+/* Prend en charge l'objet 'pychrysalide.analysis.scan.patterns.modifiers.XorModifier'. */
+bool ensure_python_scan_xor_modifier_is_registered(void);
+
+/* Tente de convertir en transformation d'octets par inverse. */
+int convert_to_scan_xor_modifier(PyObject *, void *);
+
+
+
+#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_SCAN_PATTERNS_MODIFIERS_XOR_H */