summaryrefslogtreecommitdiff
path: root/plugins
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2018-11-24 11:41:13 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2018-11-24 11:41:13 (GMT)
commitdad453ff553f0ab07206f26345dc0adeffb775fd (patch)
tree322f3b26da0d0d25011b7e64afc7c7ee37aa5608 /plugins
parent615171f171f53791a25aeab7970e29b024177d48 (diff)
Moved the DWARF support as plugin and disabled it.
Diffstat (limited to 'plugins')
-rw-r--r--plugins/dwarf/Makefile.am39
-rw-r--r--plugins/dwarf/abbrev.c1390
-rw-r--r--plugins/dwarf/abbrev.h126
-rw-r--r--plugins/dwarf/d_dwarf.c114
-rw-r--r--plugins/dwarf/d_dwarf.h50
-rw-r--r--plugins/dwarf/die.c303
-rw-r--r--plugins/dwarf/die.h76
-rw-r--r--plugins/dwarf/dwarf-int.c207
-rw-r--r--plugins/dwarf/dwarf-int.h185
-rw-r--r--plugins/dwarf/dwarf.c337
-rw-r--r--plugins/dwarf/dwarf.h55
-rw-r--r--plugins/dwarf/dwarf_def.h830
-rw-r--r--plugins/dwarf/form.c113
-rw-r--r--plugins/dwarf/form.h40
-rw-r--r--plugins/dwarf/info.c853
-rw-r--r--plugins/dwarf/info.h63
-rw-r--r--plugins/dwarf/symbols.c316
-rw-r--r--plugins/dwarf/symbols.h40
-rw-r--r--plugins/dwarf/utils.c304
-rw-r--r--plugins/dwarf/utils.h56
-rw-r--r--plugins/dwarf/v2/Makefile.am18
-rw-r--r--plugins/dwarf/v2/dwarf.c180
-rw-r--r--plugins/dwarf/v2/dwarf.h58
-rw-r--r--plugins/dwarf/v2/form.c276
-rw-r--r--plugins/dwarf/v2/form.h39
-rw-r--r--plugins/dwarf/v3/Makefile.am17
-rw-r--r--plugins/dwarf/v3/dwarf.c172
-rw-r--r--plugins/dwarf/v3/dwarf.h58
-rw-r--r--plugins/dwarf/v4/Makefile.am18
-rw-r--r--plugins/dwarf/v4/dwarf.c182
-rw-r--r--plugins/dwarf/v4/dwarf.h58
-rw-r--r--plugins/dwarf/v4/form.c106
-rw-r--r--plugins/dwarf/v4/form.h39
33 files changed, 6718 insertions, 0 deletions
diff --git a/plugins/dwarf/Makefile.am b/plugins/dwarf/Makefile.am
new file mode 100644
index 0000000..3020643
--- /dev/null
+++ b/plugins/dwarf/Makefile.am
@@ -0,0 +1,39 @@
+
+noinst_LTLIBRARIES = libformatdwarf.la
+
+libformatdwarf_la_SOURCES = \
+ abbrev.h abbrev.c \
+ die.h die.c \
+ dwarf.h dwarf.c \
+ dwarf-int.h dwarf-int.c \
+ dwarf_def.h \
+ form.h form.c \
+ info.h info.c \
+ symbols.h symbols.c
+
+# libformatdwarf_la_SOURCES = \
+# abbrev.h abbrev.c \
+# dwarf.h dwarf.c \
+# d_dwarf.h d_dwarf.c \
+# dwarf_def.h \
+# info.h info.c \
+# utils.h utils.c
+
+libformatdwarf_la_LIBADD = \
+ v2/libformatdwarfv2.la \
+ v3/libformatdwarfv3.la \
+ v4/libformatdwarfv4.la
+
+libformatdwarf_la_LDFLAGS = $(LIBGTK_LIBS)
+
+
+devdir = $(includedir)/chrysalide/$(subdir:src/%=%)
+
+dev_HEADERS = $(libformatdwarf_la_SOURCES:%c=)
+
+
+AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS)
+
+AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
+
+SUBDIRS = v2 v3 v4
diff --git a/plugins/dwarf/abbrev.c b/plugins/dwarf/abbrev.c
new file mode 100644
index 0000000..f214430
--- /dev/null
+++ b/plugins/dwarf/abbrev.c
@@ -0,0 +1,1390 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * abbrev.c - manipulation des abréviation DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "abbrev.h"
+
+
+#include <malloc.h>
+
+
+#include "dwarf-int.h"
+
+
+
+
+
+/* Description d'un attribut d'une abréviation */
+typedef struct _dw_abbrev_attr
+{
+ DwarfAttrib name; /* Sujet de l'élément */
+ DwarfForm form; /* Représentation */
+
+} dw_abbrev_attr;
+
+
+/* Description d'une abréviation */
+struct _dw_abbrev
+{
+ uleb128_t code; /* Identifiant attribué */
+ DwarfTag tag; /* Sujet de l'élément */
+
+ dw_abbrev_attr *attribs; /* Liste des attributs */
+ size_t attribs_count; /* Nombre de ces attributs */
+
+ struct _dw_abbrev **children; /* Liste des sous-éléments */
+ size_t children_count; /* Nombre de ces enfants */
+
+};
+
+
+
+
+
+/* Procède à la conversion de base d'une abréviation DWARF. */
+static bool check_abbreviation_decl(const GDwarfFormat *, const dw_abbrev_decl *, dw_abbrev *);
+
+/* Procède à la conversion d'un attribut d'abréviation DWARF. */
+static bool check_abbreviation_attrib(const GDwarfFormat *, const dw_abbrev_raw_attr *, dw_abbrev_attr *);
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à constituer. *
+* *
+* Description : Charge toutes les abbréviations présentes dans un DWARF. *
+* *
+* Retour : Bilan de l'opération, potentiellement un succès sans sortie. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool load_all_dwarf_abbreviations(GDwarfFormat *format)
+{
+ bool result; /* Bilan à faire remonter */
+ mrange_t range; /* Couverture d'une section */
+ vmpa2t *pos; /* Position de tête de lecture */
+
+ result = g_exe_format_get_section_range_by_name(G_DBG_FORMAT(format)->executable, ".debug_abbrev", &range);
+
+ pos = get_mrange_addr(&range);
+
+ printf("start :: 0x%08x\n", (unsigned int)pos->physical);
+
+ result &= load_dwarf_abbreviation(format, pos, &format->abbreviations);
+
+ printf("abbrevs :: %p\n", format->abbreviations);
+
+ if (format->abbreviations != NULL)
+ printf(" -> children : %zu\n", format->abbreviations->children_count);
+ else
+ printf(" -> (nothing)\n");
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à consulter. *
+* pos = tête de lecture à faire évoluer. *
+* abbrev = abréviation lue et complète, NULL si aucune. [OUT] *
+* *
+* Description : Charge une abréviation valide pour un DWARF en mémoire. *
+* *
+* Retour : Bilan de l'opération, potentiellement un succès sans sortie. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool load_dwarf_abbreviation(const GDwarfFormat *format, vmpa2t *pos, dw_abbrev **abbrev)
+{
+ dw_abbrev_decl decl; /* En-tête d'abréviation */
+ bool status; /* Bilan d'une lecture */
+ dw_abbrev_raw_attr attr; /* Attribut de l'abréviation */
+ dw_abbrev *child; /* Rejeton à intégrer */
+
+ *abbrev = NULL;
+
+ /**
+ * Cette routine est la transcription du paragraphe 7.5.3 ("Abbreviations Tables"),
+ * de la quatrième version de la définition du format DWARF.
+ *
+ * La spécification précise :
+ *
+ * As mentioned in Section 2.3, each chain of sibling entries is terminated by a null entry.
+ *
+ * Cependant, ce formalisme n'est pas constaté dans la pratique. D'ailleurs, readelf
+ * comporte le commentaire suivant dans le fichier 'dwarf_reader.cc' :
+ *
+ * Read the abbrev code. A zero here indicates the end of the abbrev table.
+ *
+ */
+
+ if (!read_dwarf_abbrev_decl(format, pos, &decl))
+ goto lda_bad_exit;
+
+ if (decl.code == 0)
+ goto lda_exit;
+
+ *abbrev = (dw_abbrev *)calloc(1, sizeof(dw_abbrev));
+
+ if (!check_abbreviation_decl(format, &decl, *abbrev))
+ goto lda_bad_exit;
+
+ /* Chargement des attributs */
+
+ for (;;)
+ {
+ status = read_dwarf_abbrev_attr(format, pos, &attr);
+ if (!status) goto lda_bad_exit;
+
+ printf(" -- [0x%llx] [0x%llx] name = %u\tform = %u\n",
+ (unsigned long long)pos->physical,
+ (unsigned long long)decl.code,
+ (unsigned int)attr.name, (unsigned int)attr.form);
+
+ if (attr.name == DW_ATTR_invalid && attr.form == DW_FORM_invalid)
+ break;
+
+ (*abbrev)->attribs_count++;
+ (*abbrev)->attribs = (dw_abbrev_attr *)realloc((*abbrev)->attribs,
+ (*abbrev)->attribs_count * sizeof(dw_abbrev_attr));
+
+ status = check_abbreviation_attrib(format, &attr,
+ &(*abbrev)->attribs[(*abbrev)->attribs_count - 1]);
+ if (!status) goto lda_bad_exit;
+
+ }
+
+ /* Chargement des enfants */
+
+ printf(" || children ? %d vs %d\n", (int)decl.has_children, (int)DW_CHILDREN_yes);
+
+ if (decl.has_children == DW_CHILDREN_yes)
+ for (;;)
+ {
+ status = load_dwarf_abbreviation(format, pos, &child);
+ if (!status) goto lda_bad_exit;
+
+ if (child == NULL)
+ break;
+
+ (*abbrev)->children_count++;
+ (*abbrev)->children = (dw_abbrev **)realloc((*abbrev)->children,
+ (*abbrev)->children_count * sizeof(dw_abbrev));
+
+ (*abbrev)->children[(*abbrev)->children_count - 1] = child;
+
+ }
+
+ lda_exit:
+
+ return true;
+
+ lda_bad_exit:
+
+ free_dwarf_abbreviation(*abbrev);
+
+ return false;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : abbrev = abréviation chargée en mémoire à traiter. *
+* *
+* Description : Supprime de la mémoire toute trace d'une abréviation DWARF. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void free_dwarf_abbreviation(dw_abbrev *abbrev)
+{
+ size_t i; /* Boucle de parcours */
+
+ if (abbrev->attribs != NULL)
+ free(abbrev->attribs);
+
+ if (abbrev->children != NULL)
+ {
+ for (i = 0; i < abbrev->children_count; i++)
+ free_dwarf_abbreviation(abbrev->children[i]);
+
+ free(abbrev->attribs);
+
+ }
+
+ free(abbrev);
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* decl = structure brute dont le contenu est à valider. *
+* abbrev = abréviation à constituer à partir du brut. [OUT] *
+* *
+* Description : Procède à la conversion de base d'une abréviation DWARF. *
+* *
+* Retour : Validité confirmée ou non. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool check_abbreviation_decl(const GDwarfFormat *format, const dw_abbrev_decl *decl, dw_abbrev *abbrev)
+{
+ bool result; /* Validité à retourner */
+
+ result = (decl->has_children == DW_CHILDREN_no
+ || decl->has_children == DW_CHILDREN_yes);
+
+
+ /* TODO : vérifier les bornes de 'tag' */
+
+
+ if (result)
+ {
+ abbrev->code = decl->code;
+ abbrev->tag = decl->tag;
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* decl = structure brute dont le contenu est à valider. *
+* abbrev = abréviation à constituer à partir du brut. [OUT] *
+* *
+* Description : Procède à la conversion d'un attribut d'abréviation DWARF. *
+* *
+* Retour : Validité confirmée ou non. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool check_abbreviation_attrib(const GDwarfFormat *format, const dw_abbrev_raw_attr *attr, dw_abbrev_attr *attrib)
+{
+ bool result; /* Validité à retourner */
+
+ result = true;
+
+
+ /* TODO : vérifier les bornes de 'name' et 'form' */
+
+
+ if (result)
+ {
+ attrib->name = attr->name;
+ attrib->form = attr->form;
+
+
+
+ }
+
+ return result;
+
+}
+
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : abbrev = abréviation chargée en mémoire à consulter. *
+* *
+* Description : Fournit l'étiquette associée à l'ensemble des attributs. *
+* *
+* Retour : Etiquette officielle de l'ensemble représenté. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+DwarfTag dwarf_abbreviation_get_tag(const dw_abbrev *abbrev)
+{
+ return abbrev->tag;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : abbrev = abréviation chargée en mémoire à consulter. *
+* *
+* Description : Compte le nombre d'attributs présents dans une abréviation. *
+* *
+* Retour : Quantité d'attributs pris en compte dans l'abréviation. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+size_t dwarf_abbreviation_count_attribs(const dw_abbrev *abbrev)
+{
+ return abbrev->attribs_count;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : abbrev = abréviation chargée en mémoire à consulter. *
+* attrib = désignation de l'attribut à retrouver. *
+* index = indice de cet attribut dans l'ensemble. [OUT] *
+* *
+* Description : Recherche un attribut dans une abréviation. *
+* *
+* Retour : Indication sur le bilan des recherches. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool dwarf_abbreviation_get_attrib_index(const dw_abbrev *abbrev, DwarfAttrib attrib, size_t *index)
+{
+ bool result; /* Etat de validité à renvoyer */
+ size_t i; /* Boucle de parcours */
+
+ for (i = 0; i < abbrev->attribs_count; i++)
+ if (abbrev->attribs[i].name == attrib)
+ break;
+
+ if (i < abbrev->attribs_count)
+ {
+ result = true;
+ *index = i;
+ }
+ else
+ result = false;
+
+ return result;
+
+}
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : abbrev = abréviation chargée en mémoire à consulter. *
+* attrib = désignation de l'attribut à retrouver. *
+* index = indice de cet attribut dans l'ensemble. *
+* form = type de valeur attendu pour un attribut donné. [OUT]*
+* *
+* Description : Détermine le type d'un attribut dans une abréviation. *
+* *
+* Retour : Indication sur le bilan des accès. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool dwarf_abbreviation_get_form_for_index(const dw_abbrev *abbrev, size_t index, DwarfForm *form)
+{
+ if (index >= abbrev->attribs_count)
+ return false;
+
+ *form = abbrev->attribs[index].form;
+
+ return true;
+
+}
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : abbrev = abréviation chargée en mémoire à consulter. *
+* *
+* Description : Indique si une abbréviation comporte des sous-définitions. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool dwarf_abbreviation_has_children(const dw_abbrev *abbrev)
+{
+ return (abbrev->children_count > 0);
+
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à consulter. *
+* code = identifiant de l'abbréviation recherchée. *
+* *
+* Description : Recherche une abréviation DWARF donnée. *
+* *
+* Retour : Adresse d'une abréviation ou NULL en cas d'échec. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const dw_abbrev *find_dwarf_abbreviations(const GDwarfFormat *format, uleb128_t code)
+{
+ const dw_abbrev *result; /* Trouvaille à retourner */
+
+ if (format->abbreviations->code == code)
+ result = format->abbreviations;
+
+ else
+ {
+ const dw_abbrev *_find_dwarf_abbreviations(const dw_abbrev *abbrev, uleb128_t c)
+ {
+ const dw_abbrev *found; /* Trouvaille à retourner */
+ size_t i; /* Boucle de parcours */
+
+ if (abbrev->code == c)
+ found = abbrev;
+ else
+ {
+ found = NULL;
+
+ for (i = 0; i < abbrev->children_count && found == NULL; i++)
+ found = _find_dwarf_abbreviations(abbrev->children[i], c);
+
+ }
+
+ return found;
+
+ }
+
+ result = _find_dwarf_abbreviations(format->abbreviations, code);
+
+ }
+
+ return result;
+
+}
+
+
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = contenu binaire de débogage à parcourir. *
+* cu = unité de compilation parente. *
+* form = nature de la valeur à lire. *
+* pos = tête de lecture au sein des données. [OUT] *
+* value = valeur au format donné lue. [OUT] *
+* *
+* Description : Lit la valeur correspondant à un type donné. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+dw_value *translate_abbreviation_attributes(const GDwarfFormat *format, const dw_abbrev *abbrev, const dw_compil_unit_header *cu, vmpa2t *pos)
+{
+ dw_value *result; /* Valeurs lues retournées */
+ size_t i; /* Boucle de parcours */
+ bool status; /* Bilan d'une lecture */
+
+ result = (dw_value *)calloc(abbrev->attribs_count, sizeof(dw_value));
+
+ for (i = 0; i < abbrev->attribs_count; i++)
+ {
+ result[i].attrib = abbrev->attribs[i].name;
+
+ printf("-- loading attrib %x (%u) -- form = %x (%u) -- pos = %llx --\n",
+ (unsigned int)abbrev->attribs[i].name,
+ (unsigned int)abbrev->attribs[i].name,
+ (unsigned int)abbrev->attribs[i].form,
+ (unsigned int)abbrev->attribs[i].form,
+ (unsigned long long)(pos->physical - 0x1039));
+
+ status = G_DWARF_FORMAT_GET_CLASS(format)->read_form(format, cu,
+ abbrev->attribs[i].form, pos, &result[i].value);
+ if (!status) printf("[%zu] failed for %x\n", i, abbrev->attribs[i].form);
+ if (status) printf("[%zu] success for %x\n", i, abbrev->attribs[i].form);
+ printf(" current pos :: %llx\n", (unsigned long long)(pos->physical - 0x1039));
+ if (!status) break;
+
+ }
+
+ if (i != abbrev->attribs_count)
+ {
+ free(result);
+ result = NULL;
+ }
+
+ return result;
+
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+#if 0
+
+#include <malloc.h>
+#include <stdarg.h>
+#include <string.h>
+
+
+#include "utils.h"
+
+
+
+#include <ctype.h>
+
+
+
+/* Libère de la mémoire une abréviation DWARF. */
+void free_dwarf_abbrev(dw_abbrev *);
+
+/* Charge une abréviations DWARF. */
+dw_abbrev *read_dwarf_abbreviations(dwarf_format *, off_t *, uint64_t *);
+
+/* Recherche une abréviation DWARF donnée. */
+const dw_abbrev *_find_dwarf_abbreviations(const dw_abbrev *, uint8_t *);
+
+/* Lit la valeur d'un attribut DWARF. */
+bool _read_dwarf_abbrev_attribute(dwarf_format *, off_t *, DwarfForm, ...);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* *
+* Description : Charge les abréviations trouvées pour un DWARF. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool load_dwarf_abbreviations(dwarf_format *format)
+{
+ bool result; /* Bilan à renvoyer */
+
+
+
+
+ off_t offset;
+ off_t start;
+ off_t size;
+
+ bool test;
+
+ int i;
+
+
+ dw_abbrev *abbrev;
+ uint64_t index;
+
+ printf("Searching...\n");
+
+
+ result = true;
+
+ test = find_exe_section(DBG_FORMAT(format)->e_format, ".debug_abbrev", &start, &size, NULL);
+
+ offset = start;
+
+
+ printf(" -> offset=%d size=%d\n", offset, size);
+
+
+
+ for (i = 0; i < size; i++)
+ {
+ if (i % 10 == 0) printf("\n");
+ printf("0x%02hhx ", DBG_FORMAT(format)->content[offset + i]);
+ }
+
+ printf("\n");
+
+
+
+
+ while (offset < (start + size))
+ {
+ abbrev = read_dwarf_abbreviations(format, &offset, &index);
+
+ offset++; /* 0x00 */
+
+ printf("abbrev :: %p\n", abbrev);
+
+ if (abbrev != NULL)
+ {
+ abbrev->offset -= start;
+
+ format->abbrevs = (dw_abbrev **)realloc(format->abbrevs, ++format->abbrevs_count * sizeof(dw_abbrev *));
+ format->abbrevs[format->abbrevs_count - 1] = abbrev;
+
+ printf(" %d attribs, %d children\n", abbrev->attribs_count, abbrev->children_count);
+
+ }
+ else
+ {
+ unload_dwarf_abbreviations(format);
+ result = false;
+ break;
+ }
+
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à effacer. *
+* *
+* Description : Décharge les abréviations trouvées pour un DWARF. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void unload_dwarf_abbreviations(dwarf_format *format)
+{
+ size_t i; /* Boucle de parcours */
+
+ for (i = 0; i < format->abbrevs_count; i++)
+ free_dwarf_abbrev(format->abbrevs[i]);
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : abbrev = élément à supprimer de la mémoire. *
+* *
+* Description : Libère de la mémoire une abréviation DWARF. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void free_dwarf_abbrev(dw_abbrev *abbrev)
+{
+ size_t i; /* Boucle de parcours */
+
+ for (i = 0; i < abbrev->children_count; i++)
+ free_dwarf_abbrev(abbrev->children[i]);
+
+ free(abbrev->attribs);
+ free(abbrev->children);
+
+ free(abbrev);
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* index = code de l'abréviation. [OUT] *
+* *
+* Description : Charge une abréviation DWARF. *
+* *
+* Retour : Adresse d'une abréviation ou NULL en cas d'échec. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+dw_abbrev *read_dwarf_abbreviations(dwarf_format *format, off_t *pos, uint64_t *index)
+{
+ dw_abbrev *result; /* Abréviation à retourner */
+ bool has_children; /* Indique la présence de fils */
+ uint64_t value1; /* Valeur quelconque lue #1 */
+ uint64_t value2; /* Valeur quelconque lue #2 */
+ uint64_t sub_index; /* Indice d'un sous-élément */
+ dw_abbrev *child; /* Sous-élément à intégrer */
+
+ result = (dw_abbrev *)calloc(1, sizeof(dw_abbrev));
+
+ result->offset = *pos;
+
+ /* Code de l'élément */
+ if (!read_uleb128(format, pos, index, true)) goto rda_error;
+
+ if (!read_uleb128(format, pos, &value1, true)) goto rda_error;
+ result->tag = value1;
+
+ printf(" --ta :: 0x%02llx\n", value1);
+
+ if (*pos >= DBG_FORMAT(format)->length) goto rda_error;
+ has_children = (DBG_FORMAT(format)->content[(*pos)++] == DW_CHILDREN_YES);
+
+ printf(" --ch ? %d\n", has_children);
+
+ /* Liste des attributs */
+
+ while (DBG_FORMAT(format)->content[*pos] != 0x00)
+ {
+ if (!read_uleb128(format, pos, &value1, true)) goto rda_error;
+ if (!read_uleb128(format, pos, &value2, true)) goto rda_error;
+
+ result->attribs = (dw_abbrev_attr *)realloc(result->attribs, ++result->attribs_count * sizeof(dw_abbrev_attr));
+
+ result->attribs[result->attribs_count - 1].attrib = value1;
+ result->attribs[result->attribs_count - 1].form = value2;
+
+ }
+
+ (*pos) += 2; /* 0x00 0x00 */
+
+ /* Chargement des sous-éléments */
+
+ if (has_children)
+ while (DBG_FORMAT(format)->content[*pos] != 0x00)
+ {
+ child = read_dwarf_abbreviations(format, pos, &sub_index);
+
+ if (child == NULL) goto rda_error;
+
+ if ((sub_index - *index - 1) != result->children_count) goto rda_error;
+
+ result->children = (dw_abbrev **)realloc(result->children, ++result->children_count * sizeof(dw_abbrev *));
+
+ result->children[result->children_count - 1] = child;
+
+ }
+
+ return result;
+
+ rda_error:
+
+ free_dwarf_abbrev(result);
+
+ return NULL;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : abbrev = abréviation racine à parcourir. *
+* index = code de l'abréviation. [OUT] *
+* *
+* Description : Recherche une abréviation DWARF donnée. *
+* *
+* Retour : Adresse d'une abréviation ou NULL en cas d'échec. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const dw_abbrev *_find_dwarf_abbreviations(const dw_abbrev *abbrev, uint8_t *index)
+{
+ const dw_abbrev *result; /* Structure à retourner */
+ size_t i; /* Boucle de parcours */
+
+ result = NULL;
+
+ if (*index == 0) result = abbrev;
+ else
+ for (i = 0; i < abbrev->children_count && result == NULL; i++)
+ {
+ (*index)--;
+ result = _find_dwarf_abbreviations(abbrev->children[i], index);
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à consulter. *
+* offset = position dans les abréviations. *
+* pos = position dans le flux binaire courant. [OUT] *
+* *
+* Description : Recherche une abréviation DWARF donnée. *
+* *
+* Retour : Adresse d'une abréviation ou NULL en cas d'échec. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const dw_abbrev *find_dwarf_abbreviations(dwarf_format *format, const off_t *offset, off_t *pos)
+{
+ const dw_abbrev *result; /* Structure à retourner */
+ uint64_t index; /* Code de l'abréviation */
+ size_t i; /* Boucle de parcours */
+
+ result = NULL;
+
+ do
+ {
+ if (!read_uleb128(format, pos, &index, true))
+ {
+ printf("error skipping padding...\n");
+ return NULL;
+ }
+ }
+ while (index == 0);
+
+ for (i = 0; i < format->abbrevs_count; i++)
+ if (format->abbrevs[i]->offset == *offset) break;
+
+ if (i < format->abbrevs_count)
+ {
+ index--;
+ result = _find_dwarf_abbreviations(format->abbrevs[i], &index);
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : abbrev = informations à parcourir. *
+* attrib = attribut visé par la lecture. *
+* *
+* Description : Indique la présence ou l'absence d'un attribut donné. *
+* *
+* Retour : true si l'attribut est présent, false sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool test_dwarf_abbrev_attribute(const dw_abbrev *abbrev, DwarfAttrib attrib)
+{
+ bool result; /* Bilan à retourner */
+ size_t i; /* Boucle de parcours */
+
+ result = false;
+
+ for (i = 0; i < abbrev->attribs_count && !result; i++)
+ result = (abbrev->attribs[i].attrib == attrib);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* form = format des données à lire. *
+* ... = lieu d'enregistrement ou NULL. [OUT] *
+* *
+* Description : Lit la valeur d'un attribut DWARF. *
+* *
+* Retour : true si la lecture est un succès, false sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool _read_dwarf_abbrev_attribute(dwarf_format *format, off_t *pos, DwarfForm form, ...)
+{
+ bool result; /* Bilan à revoyer */
+ va_list ap; /* Adresse fournie en dernier */
+ uint8_t *val8; /* Données sur 8 bits */
+ uint16_t *val16; /* Données sur 16 bits */
+ uint32_t *val32; /* Données sur 32 bits */
+ uint64_t *val64; /* Données sur 64 bits */
+ uint64_t *sval64; /* Données sur 64 bits (signée)*/
+ bool *boolval; /* Valeur booléenne */
+ uint8_t tmp8; /* Données sur 8 bits */
+ uint16_t tmp16; /* Données sur 16 bits */
+ uint32_t tmp32; /* Données sur 32 bits */
+ uint64_t tmp64; /* Données sur 64 bits */
+ uint64_t stmp64; /* Données sur 64 bits (signée)*/
+ uint64_t size_to_read; /* Nombre d'octets à lire */
+ off_t offset; /* Décalage dans une zone */
+ char **strval; /* Chaîne de caractères */
+ size_t length; /* Taille d'une chaîne */
+
+ va_start(ap, form);
+
+ switch (form)
+ {
+ case DWF_ADDR:
+ result = ((*pos + (format->format == DWF_32_BITS ? 4 : 8)) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ val64 = va_arg(ap, uint64_t *);
+ if (val64 != NULL)
+ {
+ if (format->format == DWF_32_BITS)
+ {
+ memcpy(&tmp32, &DBG_FORMAT(format)->content[*pos], 4);
+ *val64 = tmp32;
+ }
+ else memcpy(val64, &DBG_FORMAT(format)->content[*pos], 8);
+ }
+ *pos += (format->format == DWF_32_BITS ? 4 : 8);
+ }
+ break;
+
+ case DWF_BLOCK2:
+ result = ((*pos + 2) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ memcpy(&tmp16, &DBG_FORMAT(format)->content[*pos], 2);
+ size_to_read = tmp16;
+ /* ... */
+ *pos += 2 + size_to_read;
+ }
+ break;
+
+ case DWF_BLOCK4:
+ result = ((*pos + 4) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ memcpy(&tmp32, &DBG_FORMAT(format)->content[*pos], 4);
+ size_to_read = tmp32;
+ /* ... */
+ *pos += 4 + size_to_read;
+ }
+ break;
+
+ case DWF_DATA2:
+ result = ((*pos + 2) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ val16 = va_arg(ap, uint16_t *);
+ if (val16 != NULL) memcpy(val16, &DBG_FORMAT(format)->content[*pos], 2);
+ *pos += 2;
+ }
+ break;
+
+ case DWF_DATA4:
+ result = ((*pos + 4) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ val32 = va_arg(ap, uint32_t *);
+ if (val32 != NULL) memcpy(val32, &DBG_FORMAT(format)->content[*pos], 4);
+ *pos += 4;
+ }
+ break;
+
+ case DWF_DATA8:
+ result = ((*pos + 8) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ val64 = va_arg(ap, uint64_t *);
+ if (val64 != NULL) memcpy(val64, &DBG_FORMAT(format)->content[*pos], 8);
+ *pos += 8;
+ }
+ break;
+
+ case DWF_STRING:
+ result = ((*pos + 1) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ strval = va_arg(ap, char **);
+ if (strval != NULL) *strval = (char *)calloc(1, sizeof(char));
+ length = 0;
+
+ while (result)
+ {
+ if (DBG_FORMAT(format)->content[*pos] == '\0') break;
+
+ length++;
+
+ if (strval != NULL)
+ {
+ *strval = (char *)realloc(*strval, (length + 1) * sizeof(char));
+ (*strval)[length - 1] = DBG_FORMAT(format)->content[*pos];
+ }
+
+ result = ((*pos + 1) <= DBG_FORMAT(format)->length);
+ if (!result) break;
+
+ (*pos)++;
+
+ }
+
+ result = ((*pos + 1) <= DBG_FORMAT(format)->length);
+
+ if (result)
+ {
+ (*pos)++;
+
+ if (strval != NULL)
+ (*strval)[length] = 0;
+
+ }
+ else if (strval != NULL)
+ {
+ free(*strval);
+ *strval = NULL;
+ }
+
+ }
+
+ break;
+
+ case DWF_BLOCK:
+ result = read_uleb128(format, pos, &size_to_read, true);
+ result &= ((*pos + size_to_read) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ /* ... */
+ *pos += size_to_read;
+ }
+ break;
+
+ case DWF_BLOCK1:
+ result = ((*pos + 1) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ memcpy(&tmp8, &DBG_FORMAT(format)->content[*pos], 1);
+ size_to_read = tmp8;
+ /* ... */
+ *pos += 1 + size_to_read;
+ }
+ break;
+
+ case DWF_DATA1:
+ result = ((*pos + 1) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ val8 = va_arg(ap, uint8_t *);
+ if (val8 != NULL) memcpy(val8, &DBG_FORMAT(format)->content[*pos], 1);
+ *pos += 1;
+ }
+ break;
+
+ case DWF_FLAG:
+ result = ((*pos + 1) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ boolval = va_arg(ap, bool *);
+ if (boolval != NULL) *boolval = (DBG_FORMAT(format)->content[*pos] != 0x00);
+ *pos += 1;
+ }
+ break;
+
+ case DWF_SDATA:
+ sval64 = va_arg(ap, int64_t *);
+ if (sval64 == NULL) sval64 = &stmp64;
+ result = read_uleb128(format, pos, sval64, true);
+ break;
+
+ case DWF_STRP:
+ result = read_abbrev_offset(format, pos, &offset);
+ if (result)
+ {
+ if (va_arg(ap, bool *) != NULL)
+ {
+ printf("TODO\n");
+ exit(0);
+ }
+ /*
+ boolval = va_arg(ap, bool *);
+ if (boolval != NULL) *boolval = (DBG_FORMAT(format)->content[*pos] != 0x00);
+ */
+ }
+ break;
+
+ case DWF_UDATA:
+ val64 = va_arg(ap, uint64_t *);
+ if (val64 == NULL) val64 = &tmp64;
+ result = read_uleb128(format, pos, val64, true);
+ break;
+
+ case DWF_REF_ADDR:
+ result = ((*pos + 4) <= DBG_FORMAT(format)->length);
+
+ printf("bad at %d\n", __LINE__); exit(0);
+
+ break;
+
+
+ case DWF_REF1:
+ result = ((*pos + 1) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ val8 = va_arg(ap, uint8_t *);
+ if (val8 != NULL) memcpy(val8, &DBG_FORMAT(format)->content[*pos], 1);
+ *pos += 1;
+ }
+ break;
+
+ case DWF_REF2:
+ result = ((*pos + 2) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ val16 = va_arg(ap, uint16_t *);
+ if (val16 != NULL) memcpy(val16, &DBG_FORMAT(format)->content[*pos], 2);
+ *pos += 2;
+ }
+ break;
+
+ case DWF_REF4:
+ result = ((*pos + 4) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ val32 = va_arg(ap, uint32_t *);
+ if (val32 != NULL) memcpy(val32, &DBG_FORMAT(format)->content[*pos], 4);
+ *pos += 4;
+ }
+ break;
+
+ case DWF_REF8:
+ result = ((*pos + 8) <= DBG_FORMAT(format)->length);
+ if (result)
+ {
+ val64 = va_arg(ap, uint64_t *);
+ if (val64 != NULL) memcpy(val64, &DBG_FORMAT(format)->content[*pos], 8);
+ *pos += 8;
+ }
+ break;
+
+ case DWF_REF_UDATA:
+ result = ((*pos + 4) <= DBG_FORMAT(format)->length);
+
+ printf("bad at %d\n", __LINE__); exit(0);
+
+ break;
+
+
+ case DWF_INDIRECT:
+ result = ((*pos + 4) <= DBG_FORMAT(format)->length);
+
+ printf("bad at %d\n", __LINE__); exit(0);
+
+ break;
+
+
+
+
+ default:
+ result = false;
+ break;
+
+ }
+
+ va_end(ap);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* update = indique si la position est à mettre à jour. *
+* abbrev = informations à parcourir. *
+* attrib = attribut visé par la lecture. *
+* ... = lieu d'enregistrement ou NULL. [OUT] *
+* *
+* Description : Lit la valeur d'un attribut DWARF. *
+* *
+* Retour : true si la lecture est un succès, false sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dwarf_abbrev_attribute(dwarf_format *format, off_t *pos, bool update, const dw_abbrev *abbrev, DwarfAttrib attrib, ...)
+{
+ bool result; /* Bilan à retourner */
+ off_t curpos; /* Tête de lecture effective */
+ size_t i; /* Boucle de parcours */
+ va_list ap; /* Adresse fournie en dernier */
+
+ result = true;
+
+ curpos = *pos;
+
+ for (i = 0; i < abbrev->attribs_count && result; i++)
+ if (abbrev->attribs[i].attrib == attrib) break;
+ else result = _read_dwarf_abbrev_attribute(format, &curpos, abbrev->attribs[i].form, NULL);
+
+ if (result)
+ {
+ va_start(ap, attrib);
+
+ if (i < abbrev->attribs_count)
+ result = _read_dwarf_abbrev_attribute(format, &curpos, abbrev->attribs[i].form, va_arg(ap, void *));
+ else
+ result = false;
+
+ va_end(ap);
+
+ }
+
+ if (result && update) *pos = curpos;
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* abbrev = informations à survoler. *
+* *
+* Description : Fait avancer la tête de lecture d'une seule abréviation. *
+* *
+* Retour : true si l'opération est un succès, false sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool skip_dwarf_abbrev(dwarf_format *format, off_t *pos, const dw_abbrev *abbrev)
+{
+ bool result; /* Bilan à revoyer */
+ size_t i; /* Boucle de parcours */
+ uint64_t index; /* Code de padding */
+
+ result = true;
+
+ /* Ecartement du corps */
+
+ for (i = 0; i < abbrev->attribs_count && result; i++)
+ result = _read_dwarf_abbrev_attribute(format, pos, abbrev->attribs[i].form, NULL);
+
+ /* Ecartement du padding */
+
+ do
+ {
+ if (!read_uleb128(format, pos, &index, false))
+ {
+ printf("error skipping padding...\n");
+ return false;
+ }
+
+ if (index == 0)
+ read_uleb128(format, pos, &index, true);
+
+ }
+ while (index == 0);
+
+ return result;
+
+}
+
+#endif
diff --git a/plugins/dwarf/abbrev.h b/plugins/dwarf/abbrev.h
new file mode 100644
index 0000000..b5fe3be
--- /dev/null
+++ b/plugins/dwarf/abbrev.h
@@ -0,0 +1,126 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * abbrev.h - prototypes pour la manipulation des abréviation DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_ABBREV_H
+#define _FORMAT_DWARF_ABBREV_H
+
+
+#include <stdbool.h>
+
+
+#include "dwarf.h"
+#include "dwarf_def.h"
+
+
+
+
+/* Description d'une abréviation */
+typedef struct _dw_abbrev dw_abbrev;
+
+
+
+
+
+
+
+/* Charge toutes les abbréviations présentes dans un DWARF. */
+bool load_all_dwarf_abbreviations(GDwarfFormat *);
+
+/* Charge une abréviation valide pour un DWARF en mémoire. */
+bool load_dwarf_abbreviation(const GDwarfFormat *, vmpa2t *, dw_abbrev **);
+
+/* Supprime de la mémoire toute trace d'une abréviation DWARF. */
+void free_dwarf_abbreviation(dw_abbrev *);
+
+/* Fournit l'étiquette associée à l'ensemble des attributs. */
+DwarfTag dwarf_abbreviation_get_tag(const dw_abbrev *);
+
+/* Compte le nombre d'attributs présents dans une abréviation. */
+size_t dwarf_abbreviation_count_attribs(const dw_abbrev *);
+
+/* Recherche un attribut dans une abréviation. */
+bool dwarf_abbreviation_get_attrib_index(const dw_abbrev *, DwarfAttrib, size_t *);
+
+
+/* Détermine le type d'un attribut dans une abréviation. */
+bool dwarf_abbreviation_get_form_for_index(const dw_abbrev *, size_t, DwarfForm *);
+
+
+/* Indique si une abbréviation comporte des sous-définitions. */
+bool dwarf_abbreviation_has_children(const dw_abbrev *);
+
+
+
+/* Recherche une abréviation DWARF donnée. */
+const dw_abbrev *find_dwarf_abbreviations(const GDwarfFormat *, uleb128_t);
+
+/* Lit la valeur correspondant à un type donné. */
+dw_value *translate_abbreviation_attributes(const GDwarfFormat *, const dw_abbrev *, const dw_compil_unit_header *, vmpa2t *);
+
+
+
+
+
+
+
+
+
+
+
+
+
+#if 0
+
+
+#include <stdbool.h>
+
+
+#include "d_dwarf.h"
+#include "dwarf-int.h"
+
+
+
+/* Charge les abréviations trouvées pour un DWARF. */
+bool load_dwarf_abbreviations(dwarf_format *);
+
+/* Décharge les abréviations trouvées pour un DWARF. */
+void unload_dwarf_abbreviations(dwarf_format *);
+
+/* Recherche une abréviation DWARF donnée. */
+const dw_abbrev *find_dwarf_abbreviations(dwarf_format *, const off_t *, off_t *);
+
+/* Indique la présence ou l'absence d'un attribut donné. */
+bool test_dwarf_abbrev_attribute(const dw_abbrev *, DwarfAttrib);
+
+/* Lit la valeur d'un attribut DWARF. */
+bool read_dwarf_abbrev_attribute(dwarf_format *, off_t *, bool, const dw_abbrev *, DwarfAttrib, ...);
+
+/* Fait avancer la tête de lecture d'une seule abréviation. */
+bool skip_dwarf_abbrev(dwarf_format *, off_t *, const dw_abbrev *);
+
+
+#endif
+
+
+
+#endif /* _FORMAT_DWARF_ABBREV_H */
diff --git a/plugins/dwarf/d_dwarf.c b/plugins/dwarf/d_dwarf.c
new file mode 100644
index 0000000..67ab955
--- /dev/null
+++ b/plugins/dwarf/d_dwarf.c
@@ -0,0 +1,114 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * d_dwarf.c - support du format DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "d_dwarf.h"
+
+
+#include <malloc.h>
+
+
+#include "abbrev.h"
+#include "dwarf-int.h"
+#include "info.h"
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : content = contenu binaire à parcourir. *
+* length = taille du contenu en question. *
+* e_format = gestionnaire global (partie exécutable). *
+* *
+* Description : Prend en charge un nouveau DWARF. *
+* *
+* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.*
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+dwarf_format *load_dwarf(const uint8_t *content, off_t length, exe_format *e_format)
+{
+ dwarf_format *result; /* Structure à retourner */
+ bool test; /* Bilan d'une initialisation */
+
+ result = (dwarf_format *)calloc(1, sizeof(dwarf_format));
+
+ DBG_FORMAT(result)->content = content;
+ DBG_FORMAT(result)->length = length;
+
+ DBG_FORMAT(result)->e_format = e_format;
+
+ result->format = DWF_32_BITS;
+
+ test = load_dwarf_abbreviations(result);
+
+ test = load_dwarf_information(result);
+
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* comments = liste des commentaires à insérer. [OUT] *
+* offsets = liste des indices des commentaires. [OUT] *
+* *
+* Description : Récupère tous les commentaires à insérer dans le code. *
+* *
+* Retour : Nombre d'éléments mis en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+size_t get_dwarf_comments(const dwarf_format *format, const char ***comments, uint64_t **offsets)
+{
+ size_t result; /* Quantité à retourner */
+ size_t i; /* Boucle de parcours */
+
+ result = format->dbg_fc_count;
+
+ if (result > 0)
+ {
+ *comments = (char **)calloc(result, sizeof(char *));
+ *offsets = (uint64_t *)calloc(result, sizeof(uint64_t));
+
+ for (i = 0; i < result; i++)
+ {
+ (*comments)[i] = format->dbg_functions[i]->prototype;
+ (*offsets)[i] = format->dbg_functions[i]->low_pc;
+ }
+
+ }
+
+ return result;
+
+}
diff --git a/plugins/dwarf/d_dwarf.h b/plugins/dwarf/d_dwarf.h
new file mode 100644
index 0000000..4b699ca
--- /dev/null
+++ b/plugins/dwarf/d_dwarf.h
@@ -0,0 +1,50 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * d_dwarf.h - prototypes pour le support du format DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_DWARF_H
+#define _FORMAT_DWARF_DWARF_H
+
+
+#include <stdint.h>
+#include <sys/types.h>
+
+
+#include "../exe_format.h"
+
+
+
+/* Description du format DWARF */
+typedef struct _dwarf_format dwarf_format;
+
+
+
+/* Prend en charge un nouveau DWARF. */
+dwarf_format *load_dwarf(const uint8_t *, off_t, exe_format *);
+
+/* Récupère tous les commentaires à insérer dans le code. */
+size_t get_dwarf_comments(const dwarf_format *, const char ***, uint64_t **);
+
+
+
+
+#endif /* _FORMAT_DWARF_DWARF_H */
diff --git a/plugins/dwarf/die.c b/plugins/dwarf/die.c
new file mode 100644
index 0000000..0c1887c
--- /dev/null
+++ b/plugins/dwarf/die.c
@@ -0,0 +1,303 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * die.c - gestion des entrées renvoyant à des informations de débogage
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "die.h"
+
+
+#include <assert.h>
+#include <malloc.h>
+
+
+#include "dwarf-int.h"
+
+
+
+/**
+ * § 2.1 The Debugging Information Entry (DIE).
+ */
+
+typedef struct _dw_die
+{
+ unsigned int level; /* Niveau hiérarchique */
+ phys_t offset; /* Position dans le flux */
+
+ const dw_abbrev *abbrev; /* Lien vers la représentation */
+
+ dw_value *values; /* Liste des valeurs associées */
+
+ bool has_children; /* Feuille ou noeud de l'arbre */
+ struct _dw_die **children; /* Liste d'éventuels enfants */
+ size_t children_count; /* Taille de cette liste */
+
+} dw_die;
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* pos = position de début de lecture. [OUT] *
+* endian = boutisme reconnu dans le format. *
+* header = en-tête de description de l'unité à traiter. *
+* die = emplacement de stockage de l'entrée ou NULL. [OUT] *
+* *
+* Description : Procède à la lecture de l'en-tête d'une unité de compilation.*
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : Le format autorise à ne rien produire ici légitimement. *
+* *
+******************************************************************************/
+
+bool build_dwarf_die(GDwarfFormat *format, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die **die)
+{
+ uleb128_t code; /* Code de la description liée */
+ bool status; /* Bilan de la lecture */
+ const dw_abbrev *abbrev; /* Lien vers la représentation */
+ dw_value *values; /* Liste des valeurs associées */
+
+ *die = NULL;
+
+ /**
+ * § 7.5.2 Debugging Information Entry.
+ */
+
+ status = g_binary_content_read_uleb128(G_BIN_FORMAT(format)->content, pos, &code);
+ if (!status) return false;
+
+ printf("[ok] code = 0x%llx\n", (unsigned long long)code);
+
+ if (code == 0) return true;
+
+ abbrev = find_dwarf_abbreviations(format, code);
+
+ printf("[ok] abbrev = %p\n", abbrev);
+
+ printf("----------------------\n");
+
+
+ values = translate_abbreviation_attributes(format, abbrev, header, pos);
+ if (values == NULL) return false;
+
+ printf("[ok] values = %p\n", values);
+
+
+
+ *die = (dw_die *)calloc(1, sizeof(dw_die));
+
+ (*die)->abbrev = abbrev;
+
+ (*die)->values = values;
+
+ (*die)->has_children = dwarf_abbreviation_has_children(abbrev);
+
+
+ return true;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : die = entrée à libérer de la mémoire. *
+* *
+* Description : Supprime les éléments mis en place pour une entrée d'info. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void delete_dwarf_die(dw_die *die)
+{
+ size_t i; /* Boucle de parcours */
+
+ if (die->values != NULL)
+ free(die->values);
+
+ for (i = 0; i < die->children_count; i++)
+ delete_dwarf_die(die->children[i]);
+
+ if (die->children != NULL)
+ free(die->children);
+
+ free(die);
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : die = entrée à consulter. *
+* *
+* Description : Fournit un lien vers l'abréviation de représentation. *
+* *
+* Retour : Structure de représentation en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const dw_abbrev *dw_die_get_abbrev(const dw_die *die)
+{
+ return die->abbrev;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : die = entrée à consulter. *
+* index = indice de cet attribut dans l'ensemble. *
+* *
+* Description : Fournit un lien vers l'abréviation de représentation. *
+* *
+* Retour : Valeur recherchée ou NULL en cas d'erreur. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const dw_form_value *dw_die_peek_value(const dw_die *die, size_t index)
+{
+ dw_form_value *result; /* Valeur ciblée à retourner */
+
+ if (index >= dwarf_abbreviation_count_attribs(die->abbrev))
+ return NULL;
+
+ result = &die->values[index].value;
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : die = entrée d'information à consulter. *
+* attrib = désignation de l'attribut à retrouver. *
+* form = type de valeur attendu pour un attribut donné. [OUT]*
+* *
+* Description : Fournit un lien vers l'abréviation de représentation. *
+* *
+* Retour : Valeur recherchée ou NULL en cas d'erreur. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const dw_form_value *dw_die_peek_extended_value(const dw_die *die, DwarfAttrib attrib, DwarfForm *form)
+{
+ const dw_form_value *result; /* Valeur ciblée à retourner */
+ size_t index; /* Indice d'élément à relire */
+ bool status; /* Bilan d'une récupération */
+
+ status = dwarf_abbreviation_get_attrib_index(die->abbrev, attrib, &index);
+ if (!status) return NULL;
+
+ status = dwarf_abbreviation_get_form_for_index(die->abbrev, index, form);
+ if (!status) return NULL;
+
+ result = dw_die_peek_value(die, index);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : die = entrée à consulter. *
+* *
+* Description : Indique si une entrée de débogage possède des enfants. *
+* *
+* Retour : true ou false selon la situation. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool dw_die_has_children(const dw_die *die)
+{
+ return die->has_children;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : die = entrée à consulter. *
+* *
+* Description : Indique si une entrée de débogage possède des enfants. *
+* *
+* Retour : true ou false selon la situation. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void dw_die_append_child(dw_die *die, dw_die *child)
+{
+ assert(die->has_children);
+
+ die->children = (dw_die **)realloc(die->children, ++die->children_count * sizeof(dw_die *));
+
+ die->children[die->children_count - 1] = child;
+
+}
+
+
+
+/* ---------------------------------------------------------------------------------- */
+/* TRAITEMENT PAR ENSEMBLES */
+/* ---------------------------------------------------------------------------------- */
+
+
+/******************************************************************************
+* *
+* Paramètres : root = entrée première à consulter. *
+* visitor = intervention régulière à respecter. *
+* data = données quelconques à associer aux visites. *
+* *
+* Description : Entame une grande tournée de toutes les entrées présentes. *
+* *
+* Retour : true si l'opération s'est déroulée complètement, false sinon.*
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool dw_die_visit(dw_die *root, visit_dies_fc visitor, void *data)
+{
+ bool result; /* Bilan à retourner */
+ size_t i; /* Boucle de parcours */
+
+ result = visitor(root, data);
+
+ for (i = 0; i < root->children_count && result; i++)
+ result = dw_die_visit(root->children[i], visitor, data);
+
+ return result;
+
+}
diff --git a/plugins/dwarf/die.h b/plugins/dwarf/die.h
new file mode 100644
index 0000000..8bff4a9
--- /dev/null
+++ b/plugins/dwarf/die.h
@@ -0,0 +1,76 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * die.h - prototypes pour la gestion des entrées renvoyant à des informations de débogage
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_DIE_H
+#define _FORMAT_DWARF_DIE_H
+
+
+#include <stdbool.h>
+
+
+#include "abbrev.h"
+#include "dwarf.h"
+#include "dwarf_def.h"
+
+
+
+/* § 2.1 The Debugging Information Entry (DIE). */
+typedef struct _dw_die dw_die;
+
+
+/* Procède à la lecture de l'en-tête d'une unité de compilation. */
+bool build_dwarf_die(GDwarfFormat *, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die **);
+
+/* Supprime les éléments mis en place pour une entrée d'info. */
+void delete_dwarf_die(dw_die *);
+
+/* Fournit un lien vers l'abréviation de représentation. */
+const dw_abbrev *dw_die_get_abbrev(const dw_die *);
+
+/* Fournit un lien vers l'abréviation de représentation. */
+const dw_form_value *dw_die_peek_value(const dw_die *, size_t);
+
+/* Fournit un lien vers l'abréviation de représentation. */
+const dw_form_value *dw_die_peek_extended_value(const dw_die *, DwarfAttrib, DwarfForm *);
+
+/* Indique si une entrée de débogage possède des enfants. */
+bool dw_die_has_children(const dw_die *);
+
+/* Indique si une entrée de débogage possède des enfants. */
+void dw_die_append_child(dw_die *, dw_die *);
+
+
+
+/* ---------------------------- TRAITEMENT PAR ENSEMBLES ---------------------------- */
+
+
+/* Procédure appelée pour chaque élément recontré pendant une visite. */
+typedef bool (* visit_dies_fc) (const dw_die *, void *);
+
+
+/* Entame une grande tournée de toutes les entrées présentes. */
+bool dw_die_visit(dw_die *, visit_dies_fc, void *);
+
+
+
+#endif /* _FORMAT_DWARF_DIE_H */
diff --git a/plugins/dwarf/dwarf-int.c b/plugins/dwarf/dwarf-int.c
new file mode 100644
index 0000000..365414b
--- /dev/null
+++ b/plugins/dwarf/dwarf-int.c
@@ -0,0 +1,207 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf-int.c - structures internes du format DWARF
+ *
+ * Copyright (C) 2015-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "dwarf-int.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* pos = position de début de lecture. [OUT] *
+* attr = structure lue à retourner. [OUT] *
+* *
+* Description : Procède à la lecture d'un attribut d'abréviation DWARF. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dwarf_abbrev_attr(const GDwarfFormat *format, vmpa2t *pos, dw_abbrev_raw_attr *attr)
+{
+ bool result; /* Bilan à retourner */
+ const GBinContent *content; /* Contenu binaire à lire */
+
+ content = G_BIN_FORMAT(format)->content;
+
+ result = g_binary_content_read_uleb128(content, pos, &attr->name);
+ result &= g_binary_content_read_uleb128(content, pos, &attr->form);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* pos = position de début de lecture. [OUT] *
+* decl = structure lue à retourner. [OUT] *
+* *
+* Description : Procède à la lecture d'une déclaration d'abréviation DWARF. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dwarf_abbrev_decl(const GDwarfFormat *format, vmpa2t *pos, dw_abbrev_decl *decl)
+{
+ bool result; /* Bilan à retourner */
+ const GBinContent *content; /* Contenu binaire à lire */
+
+ content = G_BIN_FORMAT(format)->content;
+
+ result = g_binary_content_read_uleb128(content, pos, &decl->code);
+ result &= g_binary_content_read_uleb128(content, pos, &decl->tag);
+ result &= g_binary_content_read_u8(content, pos, &decl->has_children);
+
+ return result;
+
+}
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* pos = position de début de lecture. [OUT] *
+* endian = boutisme reconnu dans le format. *
+* header = en-tête à déterminer. [OUT] *
+* *
+* Description : Procède à la lecture de l'en-tête d'un contenu binaire DWARF.*
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dwarf_section_header(GBinContent *content, vmpa2t *pos, SourceEndian endian, dw_section_header *header)
+{
+ bool result; /* Bilan à retourner */
+ uint32_t first; /* Premier paquet d'octets */
+ bool status; /* Bilan d'opération */
+
+ result = false;
+
+ status = g_binary_content_read_u32(content, pos, endian, &first);
+ if (!status) goto rdsh_exit;
+
+ if (first >= 0xfffffff0 && first != 0xffffffff)
+ goto rdsh_exit;
+
+ if (first == 0xffffffff)
+ {
+ result = g_binary_content_read_u64(content, pos, endian, &header->unit_length);
+ header->is_32b = false;
+ }
+ else
+ {
+ result = true;
+ header->unit_length = first;
+ header->is_32b = true;
+ }
+
+ result &= g_binary_content_read_u16(content, pos, endian, &header->version);
+
+ rdsh_exit:
+
+ return result;
+
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* pos = position de début de lecture. [OUT] *
+* endian = boutisme reconnu dans le format. *
+* header = en-tête à déterminer. [OUT] *
+* *
+* Description : Procède à la lecture de l'en-tête d'une unité de compilation.*
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dwarf_compil_unit_header(GBinContent *content, vmpa2t *pos, SourceEndian endian, dw_compil_unit_header *header)
+{
+ bool result; /* Bilan à retourner */
+ uint32_t val32; /* Premier paquet d'octets */
+ bool status; /* Bilan d'opération */
+
+ result = read_dwarf_section_header(content, pos, endian, (dw_section_header *)header);
+ if (!result) goto rdcuh_exit;
+
+ if (header->is_32b)
+ {
+ status = g_binary_content_read_u32(content, pos, endian, &val32);
+ if (!status) goto rdcuh_exit;
+
+ header->debug_abbrev_offset = val32;
+
+ }
+ else
+ {
+ status = g_binary_content_read_u64(content, pos, endian, &header->debug_abbrev_offset);
+ if (!status) goto rdcuh_exit;
+
+ }
+
+ result &= g_binary_content_read_u8(content, pos, &header->address_size);
+
+ rdcuh_exit:
+
+ return result;
+
+}
+
+
+
+
+
+
+
diff --git a/plugins/dwarf/dwarf-int.h b/plugins/dwarf/dwarf-int.h
new file mode 100644
index 0000000..6f8f921
--- /dev/null
+++ b/plugins/dwarf/dwarf-int.h
@@ -0,0 +1,185 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf-int.h - prototypes pour les structures internes du format DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_DWARF_INT_H
+#define _FORMAT_DWARF_DWARF_INT_H
+
+
+#include "dwarf.h"
+
+
+#include <stdint.h>
+
+
+
+
+#include "../debuggable-int.h"
+
+#include "abbrev.h"
+#include "die.h"
+#include "dwarf_def.h"
+
+
+
+
+
+/* Procède à la lecture d'un attribut d'abréviation DWARF. */
+bool read_dwarf_abbrev_attr(const GDwarfFormat *, vmpa2t *, dw_abbrev_raw_attr *);
+
+/* Procède à la lecture d'une déclaration d'abréviation DWARF. */
+bool read_dwarf_abbrev_decl(const GDwarfFormat *, vmpa2t *, dw_abbrev_decl *);
+
+
+
+
+/* En-tête présente dans certaines sections */
+typedef struct _dw_section_header
+{
+ uint64_t unit_length; /* Taille totale sans le champ */
+ bool is_32b; /* Le format est-il sur 32b ? */
+
+ uint16_t version; /* Version de la section */
+
+} dw_section_header;
+
+
+
+
+
+
+/* Procède à la lecture de l'en-tête d'un contenu binaire ELF. */
+bool read_dwarf_section_header(GBinContent *, vmpa2t *, SourceEndian, dw_section_header *);
+
+
+
+
+
+/* Procède à la lecture de l'en-tête d'une unité de compilation. */
+bool read_dwarf_compil_unit_header(GBinContent *, vmpa2t *, SourceEndian, dw_compil_unit_header *);
+
+
+
+///---------------------
+
+
+
+
+//-------------------------------
+
+
+
+
+
+/* Lit la valeur correspondant à un type donné. */
+typedef bool (* read_form_value_fc) (const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_form_value *);
+
+
+/* Format de débogage DWARF (instance) */
+struct _GDwarfFormat
+{
+ GDbgFormat parent; /* A laisser en premier */
+
+ dw_abbrev *abbreviations; /* Racine des abbréviations */
+
+
+ dw_die *info_die;
+
+
+
+};
+
+/* Format de débogage DWARF (classe) */
+struct _GDwarfFormatClass
+{
+ GDbgFormatClass parent; /* A laisser en premier */
+
+ read_form_value_fc read_form; /* lecture de valeurs formatées*/
+
+};
+
+
+
+
+
+/* Charge de façon générique toutes les informations DWARF. */
+bool g_dwarf_format_load(GDwarfFormat *, GExeFormat *);
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+/* Format du DWARF */
+typedef enum _DwarfFormat
+{
+ DWF_32_BITS, /* Mode 32 bits */
+ DWF_64_BITS /* Mode 64 bits */
+
+} DwarfFormat;
+
+
+
+
+
+/* Eléments récupérés sur une fonction */
+typedef struct _dw_dbg_function
+{
+ char *name; /* Nom de la fonction */
+ char *prototype; /* Chaîne descriptive */
+
+ uint64_t low_pc; /* Début de la fonction */
+ uint64_t high_pc; /* Fin de la fonction */
+
+} dw_dbg_function;
+
+
+#if 0
+/* Description du format DWARF */
+struct _dwarf_format
+{
+ dbg_format dummy; /* A laisser en premier */
+
+ DwarfFormat format; /* Format de l'instance */
+
+ dw_abbrev **abbrevs; /* Liste des abréviations */
+ size_t abbrevs_count; /* Nombre de ces abréviations */
+
+ dw_dbg_function **dbg_functions; /* Liste de fonctions trouvées */
+ size_t dbg_fc_count; /* Nombre de ces fonctions */
+
+};
+#endif
+
+
+
+#endif /* _FORMAT_DWARF_DWARF_INT_H */
diff --git a/plugins/dwarf/dwarf.c b/plugins/dwarf/dwarf.c
new file mode 100644
index 0000000..0c0dab8
--- /dev/null
+++ b/plugins/dwarf/dwarf.c
@@ -0,0 +1,337 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf.c - support du format Dwarf
+ *
+ * Copyright (C) 2009-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "dwarf.h"
+
+
+#include "abbrev.h"
+#include "dwarf-int.h"
+#include "info.h"
+#include "symbols.h"
+#include "../../common/cpp.h"
+
+
+
+/* Initialise la classe des formats de débogage DWARF. */
+static void g_dwarf_format_class_init(GDwarfFormatClass *);
+
+/* Initialise une instance de format de débogage DWARF. */
+static void g_dwarf_format_init(GDwarfFormat *);
+
+/* Supprime toutes les références externes. */
+static void g_dwarf_format_dispose(GDwarfFormat *);
+
+/* Procède à la libération totale de la mémoire. */
+static void g_dwarf_format_finalize(GDwarfFormat *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : content = contenu binaire à parcourir. *
+* parent = éventuel format exécutable déjà chargé. *
+* unused = adresse non utilisée ici. *
+* key = identifiant de format trouvé ou NULL. [OUT] *
+* *
+* Description : Indique si le format peut être pris en charge ici. *
+* *
+* Retour : Conclusion de haut niveau sur la reconnaissance effectuée. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+FormatMatchStatus dwarf_is_matching(GBinContent *content, GExeFormat *parent, void *unused, char **key)
+{
+ FormatMatchStatus result; /* Bilan à renvoyer */
+ size_t i; /* Boucle de parcours */
+ mrange_t range; /* Couverture d'une section */
+ dw_section_header header; /* En-tête DWARF de section */
+ bool found; /* Bilan d'une comparaison */
+
+ static const char *section_names[] = {
+ ".debug_aranges",
+ ".debug_frame",
+ ".debug_info",
+ ".debug_line",
+ ".debug_pubnames",
+ ".debug_pubtypes",
+ ".debug_types"
+ };
+
+ static const uint16_t dwarf_v2_versions[] = {
+ 2, /* .debug_aranges */
+ 1, /* .debug_frame */
+ 2, /* .debug_info */
+ 2, /* .debug_line */
+ 2, /* .debug_pubnames */
+ 0, /* .debug_pubtypes */
+ 0 /* .debug_types */
+ };
+
+ static const uint16_t dwarf_v3_versions[] = {
+ 2, /* .debug_aranges */
+ 3, /* .debug_frame */
+ 3, /* .debug_info */
+ 3, /* .debug_line */
+ 2, /* .debug_pubnames */
+ 2, /* .debug_pubtypes */
+ 0 /* .debug_types */
+ };
+
+ static const uint16_t dwarf_v4_versions[] = {
+ 2, /* .debug_aranges */
+ 4, /* .debug_frame */
+ 4, /* .debug_info */
+ 4, /* .debug_line */
+ 2, /* .debug_pubnames */
+ 2, /* .debug_pubtypes */
+ 4 /* .debug_types */
+ };
+
+ uint16_t current_versions[] = {
+ 0, /* .debug_aranges */
+ 0, /* .debug_frame */
+ 0, /* .debug_info */
+ 0, /* .debug_line */
+ 0, /* .debug_pubnames */
+ 0, /* .debug_pubtypes */
+ 0 /* .debug_types */
+ };
+
+ result = FMS_UNKNOWN;
+
+ if (parent == NULL)
+ return FMS_UNKNOWN;
+ return FMS_UNKNOWN;
+ *key = strdup("dwarf_v4");
+ return FMS_MATCHED;
+
+ /* Lecture des indices présents */
+
+ for (i = 0; i < ARRAY_SIZE(section_names); i++)
+ {
+ if (!g_exe_format_get_section_range_by_name(parent, section_names[i], &range))
+ continue;
+
+ if (!read_dwarf_section_header(content, get_mrange_addr(&range), SRE_LITTLE /* FIXME */, &header))
+ continue;
+
+ current_versions[i] = header.version;
+
+ }
+
+ /* Détermination d'une version bien identifiée */
+
+ bool check_dwarf_version(const uint16_t *ref, const uint16_t *cur, size_t count)
+ {
+ bool equal;
+ size_t k;
+
+ equal = true;
+
+ for (k = 0; k < count && equal; k++)
+ printf(" -> %hhu vs %hhu\n", ref[k], cur[k]);
+
+ for (k = 0; k < count && equal; k++)
+ equal = (cur[k] == 0) || (ref[k] == cur[k]);
+
+ return equal;
+
+ }
+
+ /**
+ * Un fichier DWARF sans section sera vu comme un fichier DWARF de
+ * dernière génération.
+ * Ce qui n'est pas très grave car rien ne sera chargé par la suite,
+ * du fait de l'absence de section, donc il n'y aura pas d'incompatibilité.
+ */
+
+ printf("---dwarf v4\n");
+
+ found = check_dwarf_version(dwarf_v4_versions, current_versions, ARRAY_SIZE(section_names));
+
+ if (found)
+ {
+ result = FMS_MATCHED;
+ *key = strdup("dwarf_v4");
+ }
+
+ if (result == FMS_UNKNOWN)
+ {
+ printf("---dwarf v3\n");
+
+ found = check_dwarf_version(dwarf_v3_versions, current_versions, ARRAY_SIZE(section_names));
+
+ if (found)
+ {
+ result = FMS_MATCHED;
+ *key = strdup("dwarf_v3");
+ }
+
+ }
+
+ if (result == FMS_UNKNOWN)
+ {
+ printf("---dwarf v2\n");
+
+ found = check_dwarf_version(dwarf_v2_versions, current_versions, ARRAY_SIZE(section_names));
+
+ if (found)
+ {
+ result = FMS_MATCHED;
+ *key = strdup("dwarf_v2");
+ }
+
+ }
+
+ return result;
+
+}
+
+
+/* Indique le type défini pour un format de débogage générique. */
+G_DEFINE_TYPE(GDwarfFormat, g_dwarf_format, G_TYPE_DBG_FORMAT);
+
+
+/******************************************************************************
+* *
+* Paramètres : klass = classe à initialiser. *
+* *
+* Description : Initialise la classe des formats de débogage DWARF. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarf_format_class_init(GDwarfFormatClass *klass)
+{
+ GObjectClass *object; /* Autre version de la classe */
+
+ object = G_OBJECT_CLASS(klass);
+
+ object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarf_format_dispose;
+ object->finalize = (GObjectFinalizeFunc)g_dwarf_format_finalize;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance à initialiser. *
+* *
+* Description : Initialise une instance de format de débogage DWARF. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarf_format_init(GDwarfFormat *format)
+{
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Supprime toutes les références externes. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarf_format_dispose(GDwarfFormat *format)
+{
+ G_OBJECT_CLASS(g_dwarf_format_parent_class)->dispose(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Procède à la libération totale de la mémoire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarf_format_finalize(GDwarfFormat *format)
+{
+ G_OBJECT_CLASS(g_dwarf_format_parent_class)->finalize(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description du binaire de débogage à compléter. *
+* executable = référence vers le binaire exécutable à lier. *
+* *
+* Description : Charge de façon générique toutes les informations DWARF. *
+* *
+* Retour : Bilan du chargement : réussi ou non ? *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool g_dwarf_format_load(GDwarfFormat *format, GExeFormat *executable)
+{
+ bool result; /* Bilan à faire remonter */
+
+ result = true;
+
+ g_debuggable_format_attach_executable(G_DBG_FORMAT(format), executable);
+
+ printf("Loading abbrev...\n");
+
+ result &= load_all_dwarf_abbreviations(format);
+
+ printf("Loading debug info...\n");
+
+ result &= load_dwarf_debug_information(format);
+
+ printf("Done!\n");
+
+ result &= load_dwarf_symbols(format);
+
+ printf("Got symbols...\n");
+
+ exit(0);
+
+ return result;
+
+}
+
diff --git a/plugins/dwarf/dwarf.h b/plugins/dwarf/dwarf.h
new file mode 100644
index 0000000..ad2f008
--- /dev/null
+++ b/plugins/dwarf/dwarf.h
@@ -0,0 +1,55 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf.h - prototypes pour le support du format Dwarf
+ *
+ * Copyright (C) 2009-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_DWARF_H
+#define _FORMAT_DWARF_DWARF_H
+
+
+#include "../../core/formats.h"
+
+
+
+#define G_TYPE_DWARF_FORMAT g_dwarf_format_get_type()
+#define G_DWARF_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarf_format_get_type(), GDwarfFormat))
+#define G_IS_DWARF_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarf_format_get_type()))
+#define G_DWARF_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARF_FORMAT, GDwarfFormatClass))
+#define G_IS_DWARF_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARF_FORMAT))
+#define G_DWARF_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARF_FORMAT, GDwarfFormatClass))
+
+
+/* Format de débogage DWARF (instance) */
+typedef struct _GDwarfFormat GDwarfFormat;
+
+/* Format de débogage DWARF (classe) */
+typedef struct _GDwarfFormatClass GDwarfFormatClass;
+
+
+/* Indique si le format peut être pris en charge ici. */
+FormatMatchStatus dwarf_is_matching(GBinContent *, GExeFormat *, void *, char **);
+
+/* Indique le type défini pour un format de débogage DWARF. */
+GType g_dwarf_format_get_type(void);
+
+
+
+#endif /* _FORMAT_DWARF_DWARF_H */
diff --git a/plugins/dwarf/dwarf_def.h b/plugins/dwarf/dwarf_def.h
new file mode 100644
index 0000000..6641576
--- /dev/null
+++ b/plugins/dwarf/dwarf_def.h
@@ -0,0 +1,830 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf_def.h - liste des constantes utilisées par le format DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_DWARF_DEF_H
+#define _FORMAT_DWARF_DWARF_DEF_H
+
+
+
+#include <stdint.h>
+
+
+#include "../../arch/vmpa.h"
+#include "../../common/leb128.h"
+
+
+
+
+/**
+ * § 7.5.1.1 Compilation Unit Header.
+ */
+
+/* En-tête présente dans certaines sections */
+typedef struct _dw_compil_unit_header
+{
+ uint64_t unit_length; /* Taille totale sans le champ */
+ bool is_32b; /* Le format est-il sur 32b ? */
+
+ uint16_t version; /* Version de la section */
+
+ uint64_t debug_abbrev_offset; /* Emplacement dans la section */
+ uint8_t address_size; /* Taille des adresses */
+
+} dw_compil_unit_header;
+
+
+/**
+ * § 7.5.4 Attribute Encodings
+ */
+
+/* Figure 18, Tag encodings, begins here. */
+
+typedef enum _DwarfTag
+{
+ DW_TAG_array_type = 0x01,
+ DW_TAG_class_type = 0x02,
+ DW_TAG_entry_point = 0x03,
+ DW_TAG_enumeration_type = 0x04,
+ DW_TAG_formal_parameter = 0x05,
+ DW_TAG_imported_declaration = 0x08,
+ DW_TAG_label = 0x0a,
+ DW_TAG_lexical_block = 0x0b,
+ DW_TAG_member = 0x0d,
+ DW_TAG_pointer_type = 0x0f,
+ DW_TAG_reference_type = 0x10,
+ DW_TAG_compile_unit = 0x11,
+ DW_TAG_string_type = 0x12,
+ DW_TAG_structure_type = 0x13,
+ DW_TAG_subroutine_type = 0x15,
+ DW_TAG_typedef = 0x16,
+ DW_TAG_union_type = 0x17,
+ DW_TAG_unspecified_parameters = 0x18,
+ DW_TAG_variant = 0x19,
+ DW_TAG_common_block = 0x1a,
+ DW_TAG_common_inclusion = 0x1b,
+ DW_TAG_inheritance = 0x1c,
+ DW_TAG_inlined_subroutine = 0x1d,
+ DW_TAG_module = 0x1e,
+ DW_TAG_ptr_to_member_type = 0x1f,
+ DW_TAG_set_type = 0x20,
+ DW_TAG_subrange_type = 0x21,
+ DW_TAG_with_stmt = 0x22,
+ DW_TAG_access_declaration = 0x23,
+ DW_TAG_base_type = 0x24,
+ DW_TAG_catch_block = 0x25,
+ DW_TAG_const_type = 0x26,
+ DW_TAG_constant = 0x27,
+ DW_TAG_enumerator = 0x28,
+ DW_TAG_file_type = 0x29,
+ DW_TAG_friend = 0x2a,
+ DW_TAG_namelist = 0x2b,
+ DW_TAG_namelist_item = 0x2c,
+ DW_TAG_packed_type = 0x2d,
+ DW_TAG_subprogram = 0x2e,
+ DW_TAG_template_type_parameter = 0x2f,
+ DW_TAG_template_value_parameter = 0x30,
+ DW_TAG_thrown_type = 0x31,
+ DW_TAG_try_block = 0x32,
+ DW_TAG_variant_part = 0x33,
+ DW_TAG_variable = 0x34,
+ DW_TAG_volatile_type = 0x35,
+
+ DW_TAG_dwarf_procedure = 0x36,
+ DW_TAG_restrict_type = 0x37,
+ DW_TAG_interface_type = 0x38,
+ DW_TAG_namespace = 0x39,
+ DW_TAG_imported_module = 0x3a,
+ DW_TAG_unspecified_type = 0x3b,
+ DW_TAG_partial_unit = 0x3c,
+ DW_TAG_imported_unit = 0x3d,
+ DW_TAG_condition = 0x3f,
+ DW_TAG_shared_type = 0x40,
+
+ /* Nouveautés v.4 */
+
+ DW_TAG_type_unit = 0x41,
+ DW_TAG_rvalue_reference_type = 0x42,
+ DW_TAG_template_alias = 0x43,
+
+ DW_TAG_lo_user = 0x4080,
+ DW_TAG_hi_user = 0xffff
+
+} DwarfTag;
+
+/* Figure 19. Child determination encodings. */
+
+#define DW_CHILDREN_no 0x00
+#define DW_CHILDREN_yes 0x01
+
+/* Figure 21. Attribute form encodings. */
+
+typedef enum _DwarfForm
+{
+ DW_FORM_invalid = 0x00,
+
+ DW_FORM_addr = 0x01,
+ DW_FORM_block2 = 0x03,
+ DW_FORM_block4 = 0x04,
+ DW_FORM_data2 = 0x05,
+ DW_FORM_data4 = 0x06,
+ DW_FORM_data8 = 0x07,
+ DW_FORM_string = 0x08,
+ DW_FORM_block = 0x09,
+ DW_FORM_block1 = 0x0a,
+ DW_FORM_data1 = 0x0b,
+ DW_FORM_flag = 0x0c,
+ DW_FORM_sdata = 0x0d,
+ DW_FORM_strp = 0x0e,
+ DW_FORM_udata = 0x0f,
+ DW_FORM_ref_addr = 0x10,
+ DW_FORM_ref1 = 0x11,
+ DW_FORM_ref2 = 0x12,
+ DW_FORM_ref4 = 0x13,
+ DW_FORM_ref8 = 0x14,
+ DW_FORM_ref_udata = 0x15,
+ DW_FORM_indirect = 0x16,
+
+ /* Nouveautés v4 */
+
+ DW_FORM_sec_offset = 0x17,
+ DW_FORM_exprloc = 0x18,
+ DW_FORM_flag_present = 0x19,
+ DW_FORM_ref_sig8 = 0x20
+
+} DwarfForm;
+
+
+
+
+
+
+/* Résumé des différentes valeurs dans DWARF v2 */
+typedef union _dw_v2_form_value
+{
+ /* DW_FORM_addr */
+ virt_t address;
+
+ /* DW_FORM_data[1248] */
+ uint8_t data1;
+ uint16_t data2;
+ uint32_t data4;
+ uint64_t data8;
+
+ /* DW_FORM_sdata */
+ leb128_t sdata;
+
+ /* DW_FORM_udata */
+ uleb128_t udata;
+
+ /* DW_FORM_block[124]? */
+ struct
+ {
+ const bin_t *start;
+ phys_t size;
+
+ } block;
+
+ /* DW_FORM_string */
+ /* DW_FORM_strp */
+ const char *string;
+
+ /* DW_FORM_flag */
+ uint8_t flag;
+
+ /* DW_FORM_ref[1248] */
+ uint8_t ref1;
+ uint16_t ref2;
+ uint32_t ref4;
+ uint64_t ref8;
+
+ /* DW_FORM_ref_udata */
+ uleb128_t ref_udata;
+
+} dw_v2_form_value;
+
+
+/* Résumé des différentes valeurs dans DWARF v4 */
+typedef union _dw_v4_form_value
+{
+ dw_v2_form_value v2;
+
+ /* DW_FORM_sec_offset */
+ uint64_t sec_offset;
+
+ /* DW_FORM_exprloc */
+ struct
+ {
+ const bin_t *start;
+ phys_t size;
+
+ } expr;
+
+ /* DW_FORM_flag_present */
+ bool has_flag;
+
+ /* DW_FORM_ref_sig8 */
+ uint64_t signature;
+
+} dw_v4_form_value;
+
+
+/* Résumé des différentes valeurs dans DWARF */
+typedef union _dw_form_value
+{
+ dw_v2_form_value v2;
+ dw_v2_form_value v4;
+
+} dw_form_value;
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+/**
+ * § 7.5.3 Abbreviations Tables.
+ */
+
+/* Description d'un attribut d'une abréviation */
+typedef struct _dw_abbrev_raw_attr
+{
+ uleb128_t name; /* Désignation de l'attribut */
+ uleb128_t form; /* Nature de sa valeur */
+
+} dw_abbrev_raw_attr;
+
+/* En-tête de déclaration d'une abréviation */
+typedef struct _dw_abbrev_decl
+{
+ uleb128_t code; /* Identifiant attribué */
+ uleb128_t tag; /* Identifiant attribué */
+
+ uint8_t has_children; /* Présence de sous-entrées ? */
+
+} dw_abbrev_decl;
+
+
+
+
+
+
+
+
+
+
+/* Liste des attributs rencontrés */
+typedef enum _DwarfAttrib
+{
+ DW_AT_sibling = 0x01,
+ DW_AT_location = 0x02,
+ DW_AT_name = 0x03,
+ DW_AT_ordering = 0x09,
+ DW_AT_byte_size = 0x0b,
+ DW_AT_bit_offset = 0x0c,
+ DW_AT_bit_size = 0x0d,
+ DW_AT_stmt_list = 0x10,
+ DW_AT_low_pc = 0x11,
+ DW_AT_high_pc = 0x12,
+ DW_AT_language = 0x13,
+ DW_AT_discr = 0x15,
+ DW_AT_discr_value = 0x16,
+ DW_AT_visibility = 0x17,
+ DW_AT_import = 0x18,
+ DW_AT_string_length = 0x19,
+ DW_AT_common_reference = 0x1a,
+ DW_AT_comp_dir = 0x1b,
+ DW_AT_const_value = 0x1c,
+ DW_AT_containing_type = 0x1d,
+ DW_AT_default_value = 0x1e,
+ DW_AT_inline = 0x20,
+ DW_AT_is_optional = 0x21,
+ DW_AT_lower_bound = 0x22,
+ DW_AT_producer = 0x25,
+ DW_AT_prototyped = 0x27,
+ DW_AT_return_addr = 0x2a,
+ DW_AT_start_scope = 0x2c,
+ DW_AT_bit_stride = 0x2e,
+ DW_AT_upper_bound = 0x2f,
+ DW_AT_abstract_origin = 0x31,
+ DW_AT_accessibility = 0x32,
+ DW_AT_address_class = 0x33,
+ DW_AT_artificial = 0x34,
+ DW_AT_base_types = 0x35,
+ DW_AT_calling_convention = 0x36,
+ DW_AT_count = 0x37,
+ DW_AT_data_member_location = 0x38,
+ DW_AT_decl_column = 0x39,
+ DW_AT_decl_file = 0x3a,
+ DW_AT_decl_line = 0x3b,
+ DW_AT_declaration = 0x3c,
+ DW_AT_discr_list = 0x3d,
+ DW_AT_encoding = 0x3e,
+ DW_AT_external = 0x3f,
+ DW_AT_frame_base = 0x40,
+ DW_AT_friend = 0x41,
+ DW_AT_identifier_case = 0x42,
+ DW_AT_macro_info = 0x43,
+ DW_AT_namelist_item = 0x44,
+ DW_AT_priority = 0x45,
+ DW_AT_segment = 0x46,
+ DW_AT_specification = 0x47,
+ DW_AT_static_link = 0x48,
+ DW_AT_type = 0x49,
+ DW_AT_use_location = 0x4a,
+ DW_AT_variable_parameter = 0x4b,
+ DW_AT_virtuality = 0x4c,
+ DW_AT_vtable_elem_location = 0x4d,
+ DW_AT_allocated = 0x4e,
+ DW_AT_associated = 0x4f,
+ DW_AT_data_location = 0x50,
+ DW_AT_byte_stride = 0x51,
+ DW_AT_entry_pc = 0x52,
+ DW_AT_use_UTF8 = 0x53,
+ DW_AT_extension = 0x54,
+ DW_AT_ranges = 0x55,
+ DW_AT_trampoline = 0x56,
+ DW_AT_call_column = 0x57,
+ DW_AT_call_file = 0x58,
+ DW_AT_call_line = 0x59,
+ DW_AT_description = 0x5a,
+ DW_AT_binary_scale = 0x5b,
+ DW_AT_decimal_scale = 0x5c,
+ DW_AT_small = 0x5d,
+ DW_AT_decimal_sign = 0x5e,
+ DW_AT_digit_count = 0x5f,
+ DW_AT_picture_string = 0x60,
+ DW_AT_mutable = 0x61,
+ DW_AT_threads_scaled = 0x62,
+ DW_AT_explicit = 0x63,
+ DW_AT_object_pointer = 0x64,
+ DW_AT_endianity = 0x65,
+ DW_AT_elemental = 0x66,
+ DW_AT_pure = 0x67,
+ DW_AT_recursive = 0x68,
+
+ /* Nouveautés v4 */
+
+ DW_AT_signature = 0x69,
+ DW_AT_main_subprogram = 0x6a,
+ DW_AT_data_bit_offset = 0x6b,
+ DW_AT_const_expr = 0x6c,
+ DW_AT_enum_class = 0x6d,
+ DW_AT_linkage_name = 0x6e,
+
+ DW_AT_lo_user = 0x2000,
+ DW_AT_hi_user = 0x3fff,
+
+} DwarfAttrib;
+
+
+#define DW_ATTR_invalid 0 /* FIXME */
+
+
+typedef struct _dw_value
+{
+ DwarfAttrib attrib; /* Sujet de l'élément */
+ dw_form_value value; /* Valeur instanciée associée */
+
+} dw_value;
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+#if 0
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+/* Liste des balises rencontrées */
+typedef enum _DwarfTag
+{
+ DWT_NONE = 0x00,
+
+ DWT_ARRAY_TYPE = 0x01,
+ DWT_CLASS_TYPE = 0x02,
+ DWT_ENTRY_POINT = 0x03,
+ DWT_ENUMERATION_TYPE = 0x04,
+ DWT_FORMAL_PARAMETER = 0x05,
+ DWT_IMPORTED_DECLARATION = 0x08,
+ DWT_LABEL = 0x0a,
+ DWT_LEXICAL_BLOCK = 0x0b,
+ DWT_MEMBER = 0x0d,
+ DWT_POINTER_TYPE = 0x0f,
+ DWT_REFERENCE_TYPE = 0x10,
+ DWT_COMPILE_UNIT = 0x11,
+ DWT_STRING_TYPE = 0x12,
+ DWT_STRUCTURE_TYPE = 0x13,
+ DWT_SUBROUTINE_TYPE = 0x15,
+ DWT_TYPEDEF = 0x16,
+ DWT_UNION_TYPE = 0x17,
+ DWT_UNSPECIFIED_PARAMETERS = 0x18,
+ DWT_VARIANT = 0x19,
+ DWT_COMMON_BLOCK = 0x1a,
+ DWT_COMMON_INCLUSION = 0x1b,
+ DWT_INHERITANCE = 0x1c,
+ DWT_INLINED_SUBROUTINE = 0x1d,
+ DWT_MODULE = 0x1e,
+ DWT_PTR_TO_MEMBER_TYPE = 0x1f,
+ DWT_SET_TYPE = 0x20,
+ DWT_SUBRANGE_TYPE = 0x21,
+ DWT_WITH_STMT = 0x22,
+ DWT_ACCESS_DECLARATION = 0x23,
+ DWT_BASE_TYPE = 0x24,
+ DWT_CATCH_BLOCK = 0x25,
+ DWT_CONST_TYPE = 0x26,
+ DWT_CONSTANT = 0x27,
+ DWT_ENUMERATOR = 0x28,
+ DWT_FILE_TYPE = 0x29,
+ DWT_FRIEND = 0x2a,
+ DWT_NAMELIST = 0x2b,
+
+ DWT_NAMELIST_ITEM = 0x2c,
+ DWT_PACKED_TYPE = 0x2d,
+ DWT_SUBPROGRAM = 0x2e,
+
+ DWT_TEMPLATE_TYPE_PARAM = 0x2f, /* DWARF2 */
+ DWT_TEMPLATE_TYPE_PARAMETER = 0x2f, /* DWARF3 */
+ DWT_TEMPLATE_VALUE_PARAM = 0x30, /* DWARF2 */
+ DWT_TEMPLATE_VALUE_PARAMETER = 0x30, /* DWARF3 */
+ DWT_THROWN_TYPE = 0x31,
+ DWT_TRY_BLOCK = 0x32,
+ DWT_VARIANT_PART = 0x33,
+ DWT_VARIABLE = 0x34,
+ DWT_VOLATILE_TYPE = 0x35,
+ DWT_DWARF_PROCEDURE = 0x36, /* DWARF3 */
+ DWT_RESTRICT_TYPE = 0x37, /* DWARF3 */
+ DWT_INTERFACE_TYPE = 0x38, /* DWARF3 */
+ DWT_NAMESPACE = 0x39, /* DWARF3 */
+ DWT_IMPORTED_MODULE = 0x3a, /* DWARF3 */
+ DWT_UNSPECIFIED_TYPE = 0x3b, /* DWARF3 */
+ DWT_PARTIAL_UNIT = 0x3c, /* DWARF3 */
+ DWT_IMPORTED_UNIT = 0x3d, /* DWARF3 */
+
+ DWT_MUTABLE_TYPE = 0x3e, /* Oublié en faveur des deux suivantes (DWARF3 -> DWARF3f) */
+ DWT_CONDITION = 0x3f, /* DWARF3f */
+ DWT_SHARED_TYPE = 0x40, /* DWARF3f */
+
+ DWT_LO_USER = 0x4080,
+
+ DWT_MIPS_LOOP = 0x4081,
+
+ /* Extensions HP */
+
+ DWT_HP_ARRAY_DESCRIPTOR = 0x4090,
+
+ /* Extensions GNU */
+
+ DWT_GNU_FORMAT_LABEL = 0x4101, /* Fortran. */
+ DWT_GNU_FUNCTION_TEMPLATE = 0x4102, /* C++ */
+ DWT_GNU_CLASS_TEMPLATE = 0x4103, /* C++ */
+ DWT_GNU_BINCL = 0x4104,
+ DWT_GNU_EINCL = 0x4105,
+
+ /* Extensions ALTIUM */
+
+ DWT_ALTIUM_CIRC_TYPE = 0x5101, /* DSP-C/Starcore __circ qualifier */
+ DWT_ALTIUM_MWA_CIRC_TYPE = 0x5102, /* Starcore __mwa_circ qualifier */
+ DWT_ALTIUM_REV_CARRY_TYPE = 0x5103, /* Starcore __rev_carry qualifier */
+ DWT_ALTIUM_ROM = 0x5111, /* M16 __rom qualifier */
+
+ /* Extensions pour le support UPC */
+
+ DWT_UPC_SHARED_TYPE = 0x8765,
+ DWT_UPC_STRICT_TYPE = 0x8766,
+ DWT_UPC_RELAXED_TYPE = 0x8767,
+
+ /* Extensions PGI (STMicroelectronics) */
+
+ DWT_PGI_KANJI_TYPE = 0xa000,
+ DWT_PGI_INTERFACE_BLOCK = 0xa020,
+
+ /* Extensions SUN */
+
+ DWT_SUN_FUNCTION_TEMPLATE = 0x4201,
+ DWT_SUN_CLASS_TEMPLATE = 0x4202,
+ DWT_SUN_STRUCT_TEMPLATE = 0x4203,
+ DWT_SUN_UNION_TEMPLATE = 0x4204,
+ DWT_SUN_INDIRECT_INHERITANCE = 0x4205,
+ DWT_SUN_CODEFLAGS = 0x4206,
+ DWT_SUN_MEMOP_INFO = 0x4207,
+ DWT_SUN_OMP_CHILD_FUNC = 0x4208,
+ DWT_SUN_RTTI_DESCRIPTOR = 0x4209,
+ DWT_SUN_DTOR_INFO = 0x420a,
+ DWT_SUN_DTOR = 0x420b,
+ DWT_SUN_F90_INTERFACE = 0x420c,
+ DWT_SUN_FORTRAN_VAX_STRUCTURE = 0x420d,
+ DWT_SUN_HI = 0x42ff,
+
+ DWT_HI_USER = 0xffff
+
+} DwarfTag;
+
+
+#define DW_CHILDREN_NO 0x00
+#define DW_CHILDREN_YES 0x01
+
+
+/* Liste des attributs rencontrés */
+typedef enum _DwarfAttrib
+{
+ DWA_SIBLING = 0x01,
+ DWA_LOCATION = 0x02,
+ DWA_NAME = 0x03,
+ DWA_ORDERING = 0x09,
+ DWA_SUBSCR_DATA = 0x0a,
+ DWA_BYTE_SIZE = 0x0b,
+ DWA_BIT_OFFSET = 0x0c,
+ DWA_BIT_SIZE = 0x0d,
+ DWA_ELEMENT_LIST = 0x0f,
+ DWA_STMT_LIST = 0x10,
+ DWA_LOW_PC = 0x11,
+ DWA_HIGH_PC = 0x12,
+ DWA_LANGUAGE = 0x13,
+ DWA_MEMBER = 0x14,
+ DWA_DISCR = 0x15,
+ DWA_DISCR_VALUE = 0x16,
+ DWA_VISIBILITY = 0x17,
+ DWA_IMPORT = 0x18,
+ DWA_STRING_LENGTH = 0x19,
+ DWA_COMMON_REFERENCE = 0x1a,
+ DWA_COMP_DIR = 0x1b,
+ DWA_CONST_VALUE = 0x1c,
+ DWA_CONTAINING_TYPE = 0x1d,
+ DWA_DEFAULT_VALUE = 0x1e,
+ DWA_INLINE = 0x20,
+ DWA_IS_OPTIONAL = 0x21,
+ DWA_LOWER_BOUND = 0x22,
+ DWA_PRODUCER = 0x25,
+ DWA_PROTOTYPED = 0x27,
+ DWA_RETURN_ADDR = 0x2a,
+ DWA_START_SCOPE = 0x2c,
+ DWA_BIT_STRIDE = 0x2e, /* DWARF3 */
+ DWA_STRIDE_SIZE = 0x2e, /* DWARF2 */
+ DWA_UPPER_BOUND = 0x2f,
+ DWA_ABSTRACT_ORIGIN = 0x31,
+ DWA_ACCESSIBILITY = 0x32,
+ DWA_ADDRESS_CLASS = 0x33,
+ DWA_ARTIFICIAL = 0x34,
+ DWA_BASE_TYPES = 0x35,
+ DWA_CALLING_CONVENTION = 0x36,
+ DWA_COUNT = 0x37,
+ DWA_DATA_MEMBER_LOCATION = 0x38,
+ DWA_DECL_COLUMN = 0x39,
+ DWA_DECL_FILE = 0x3a,
+ DWA_DECL_LINE = 0x3b,
+ DWA_DECLARATION = 0x3c,
+ DWA_DISCR_LIST = 0x3d,
+ DWA_ENCODING = 0x3e,
+ DWA_EXTERNAL = 0x3f,
+ DWA_FRAME_BASE = 0x40,
+ DWA_FRIEND = 0x41,
+ DWA_IDENTIFIER_CASE = 0x42,
+ DWA_MACRO_INFO = 0x43,
+ DWA_NAMELIST_ITEM = 0x44,
+ DWA_PRIORITY = 0x45,
+ DWA_SEGMENT = 0x46,
+ DWA_SPECIFICATION = 0x47,
+ DWA_STATIC_LINK = 0x48,
+ DWA_TYPE = 0x49,
+ DWA_USE_LOCATION = 0x4a,
+ DWA_VARIABLE_PARAMETER = 0x4b,
+ DWA_VIRTUALITY = 0x4c,
+ DWA_VTABLE_ELEM_LOCATION = 0x4d,
+ DWA_ALLOCATED = 0x4e, /* DWARF3 */
+ DWA_ASSOCIATED = 0x4f, /* DWARF3 */
+ DWA_DATA_LOCATION = 0x50, /* DWARF3 */
+ DWA_BYTE_STRIDE = 0x51, /* DWARF3f */
+ DWA_STRIDE = 0x51, /* DWARF3 (ne pas utiliser) */
+ DWA_ENTRY_PC = 0x52, /* DWARF3 */
+ DWA_USE_UTF8 = 0x53, /* DWARF3 */
+ DWA_EXTENSION = 0x54, /* DWARF3 */
+ DWA_RANGES = 0x55, /* DWARF3 */
+ DWA_TRAMPOLINE = 0x56, /* DWARF3 */
+ DWA_CALL_COLUMN = 0x57, /* DWARF3 */
+ DWA_CALL_FILE = 0x58, /* DWARF3 */
+ DWA_CALL_LINE = 0x59, /* DWARF3 */
+ DWA_DESCRIPTION = 0x5a, /* DWARF3 */
+ DWA_BINARY_SCALE = 0x5b, /* DWARF3f */
+ DWA_DECIMAL_SCALE = 0x5c, /* DWARF3f */
+ DWA_SMALL = 0x5d, /* DWARF3f */
+ DWA_DECIMAL_SIGN = 0x5e, /* DWARF3f */
+ DWA_DIGIT_COUNT = 0x5f, /* DWARF3f */
+ DWA_PICTURE_STRING = 0x60, /* DWARF3f */
+ DWA_MUTABLE = 0x61, /* DWARF3f */
+ DWA_THREADS_SCALED = 0x62, /* DWARF3f */
+ DWA_EXPLICIT = 0x63, /* DWARF3f */
+ DWA_OBJECT_POINTER = 0x64, /* DWARF3f */
+ DWA_ENDIANITY = 0x65, /* DWARF3f */
+ DWA_ELEMENTAL = 0x66, /* DWARF3f */
+ DWA_PURE = 0x67, /* DWARF3f */
+ DWA_RECURSIVE = 0x68, /* DWARF3f */
+
+ DWA_LO_USER = 0x2000,
+
+ /* Extension HP */
+
+ DWA_HP_BLOCK_INDEX = 0x2000,
+
+ /* Extensions MIPS/SGI */
+
+ DWA_MIPS_FDE = 0x2001,
+ DWA_MIPS_LOOP_BEGIN = 0x2002,
+ DWA_MIPS_TAIL_LOOP_BEGIN = 0x2003,
+ DWA_MIPS_EPILOG_BEGIN = 0x2004,
+ DWA_MIPS_LOOP_UNROLL_FACTOR = 0x2005,
+ DWA_MIPS_SOFTWARE_PIPELINE_DEPTH = 0x2006,
+ DWA_MIPS_LINKAGE_NAME = 0x2007,
+ DWA_MIPS_STRIDE = 0x2008,
+ DWA_MIPS_ABSTRACT_NAME = 0x2009,
+ DWA_MIPS_CLONE_ORIGIN = 0x200a,
+ DWA_MIPS_HAS_INLINES = 0x200b,
+ DWA_MIPS_STRIDE_BYTE = 0x200c,
+ DWA_MIPS_STRIDE_ELEM = 0x200d,
+ DWA_MIPS_PTR_DOPETYPE = 0x200e,
+ DWA_MIPS_ALLOCATABLE_DOPETYPE = 0x200f,
+ DWA_MIPS_ASSUMED_SHAPE_DOPETYPE = 0x2010,
+ DWA_MIPS_ASSUMED_SIZE = 0x2011,
+
+ /* Extensions HP */
+
+ DWA_HP_unmodifiable = 0x2001, /* conflit : MIPS */
+ DWA_HP_actuals_stmt_list = 0x2010, /* conflit : MIPS */
+ DWA_HP_proc_per_section = 0x2011, /* conflit : MIPS */
+ DWA_HP_raw_data_ptr = 0x2012,
+ DWA_HP_pass_by_reference = 0x2013,
+ DWA_HP_opt_level = 0x2014,
+ DWA_HP_prof_version_id = 0x2015,
+ DWA_HP_opt_flags = 0x2016,
+ DWA_HP_cold_region_low_pc = 0x2017,
+ DWA_HP_cold_region_high_pc = 0x2018,
+ DWA_HP_all_variables_modifiable = 0x2019,
+ DWA_HP_linkage_name = 0x201a,
+ DWA_HP_prof_flags = 0x201b,
+
+ /* Extensions GNU */
+
+ DWA_GNU_SF_NAMES = 0x2101,
+ DWA_GNU_SRC_INFO = 0x2102,
+ DWA_GNU_MAC_INFO = 0x2103,
+ DWA_GNU_SRC_COORDS = 0x2104,
+ DWA_GNU_BODY_BEGIN = 0x2105,
+ DWA_GNU_BODY_END = 0x2106,
+ DWA_GNU_VECTOR = 0x2107,
+
+ /* Extensions SUN */
+
+ DWA_SUN_TEMPLATE = 0x2201,
+ DWA_SUN_RTNBEG_PD_ADDRESS = 0x2201,
+ DWA_SUN_ALIGNMENT = 0x2202,
+ DWA_SUN_VTABLE = 0x2203,
+ DWA_SUN_COUNT_GUARANTEE = 0x2204,
+ DWA_SUN_COMMAND_LINE = 0x2205,
+ DWA_SUN_VBASE = 0x2206,
+ DWA_SUN_COMPILE_OPTIONS = 0x2207,
+ DWA_SUN_LANGUAGE = 0x2208,
+ DWA_SUN_BROWSER_FILE = 0x2209,
+ DWA_SUN_VTABLE_ABI = 0x2210,
+ DWA_SUN_FUNC_OFFSETS = 0x2211,
+ DWA_SUN_CF_KIND = 0x2212,
+ DWA_SUN_VTABLE_INDEX = 0x2213,
+ DWA_SUN_OMP_TPRIV_ADDR = 0x2214,
+ DWA_SUN_OMP_CHILD_FUNC = 0x2215,
+ DWA_SUN_FUNC_OFFSET = 0x2216,
+ DWA_SUN_MEMOP_TYPE_REF = 0x2217,
+ DWA_SUN_PROFILE_ID = 0x2218,
+ DWA_SUN_MEMOP_SIGNATURE = 0x2219,
+ DWA_SUN_OBJ_DIR = 0x2220,
+ DWA_SUN_OBJ_FILE = 0x2221,
+ DWA_SUN_ORIGINAL_NAME = 0x2222,
+ DWA_SUN_HWCPROF_SIGNATURE = 0x2223,
+ DWA_SUN_AMD64_PARMDUMP = 0x2224,
+ DWA_SUN_PART_LINK_NAME = 0x2225,
+ DWA_SUN_LINK_NAME = 0x2226,
+ DWA_SUN_PASS_WITH_CONST = 0x2227,
+ DWA_SUN_RETURN_WITH_CONST = 0x2228,
+ DWA_SUN_IMPORT_BY_NAME = 0x2229,
+ DWA_SUN_F90_POINTER = 0x222a,
+ DWA_SUN_PASS_BY_REF = 0x222b,
+ DWA_SUN_F90_ALLOCATABLE = 0x222c,
+ DWA_SUN_F90_ASSUMED_SHAPE_ARRAY = 0x222d,
+ DWA_SUN_C_VLA = 0x222e,
+ DWA_SUN_RETURN_VALUE_PTR = 0x2230,
+ DWA_SUN_DTOR_START = 0x2231,
+ DWA_SUN_DTOR_LENGTH = 0x2232,
+ DWA_SUN_DTOR_STATE_INITIAL = 0x2233,
+ DWA_SUN_DTOR_STATE_FINAL = 0x2234,
+ DWA_SUN_DTOR_STATE_DELTAS = 0x2235,
+ DWA_SUN_IMPORT_BY_LNAME = 0x2236,
+ DWA_SUN_F90_USE_ONLY = 0x2237,
+ DWA_SUN_NAMELIST_SPEC = 0x2238,
+ DWA_SUN_IS_OMP_CHILD_FUNC = 0x2239,
+ DWA_SUN_FORTRAN_MAIN_ALIAS = 0x223a,
+ DWA_SUN_FORTRAN_BASED = 0x223b,
+
+ /* Extensions ALTIUM */
+
+ DWA_ALTIUM_LOCLIST = 0x2300,
+
+ /* Extensions PGI (STMicroelectronics) */
+
+ DWA_PGI_LBASE = 0x3a00,
+ DWA_PGI_SOFFSET = 0x3a01,
+ DWA_PGI_LSTRIDE = 0x3a02,
+
+ /* Extensions pour le support UPC */
+
+ DWA_UPC_THREADS_SCALED = 0x3210,
+
+ DWA_HI_USER = 0x3fff
+
+} DwarfAttrib;
+
+
+/* Liste des types de données */
+typedef enum _DwarfForm
+{
+ DWF_ADDR = 0x01,
+ DWF_BLOCK2 = 0x03,
+ DWF_BLOCK4 = 0x04,
+ DWF_DATA2 = 0x05,
+ DWF_DATA4 = 0x06,
+ DWF_DATA8 = 0x07,
+ DWF_STRING = 0x08,
+ DWF_BLOCK = 0x09,
+ DWF_BLOCK1 = 0x0a,
+ DWF_DATA1 = 0x0b,
+ DWF_FLAG = 0x0c,
+ DWF_SDATA = 0x0d,
+ DWF_STRP = 0x0e,
+ DWF_UDATA = 0x0f,
+ DWF_REF_ADDR = 0x10,
+ DWF_REF1 = 0x11,
+ DWF_REF2 = 0x12,
+ DWF_REF4 = 0x13,
+ DWF_REF8 = 0x14,
+ DWF_REF_UDATA = 0x15,
+ DWF_INDIRECT = 0x16
+
+} DwarfForm;
+
+
+#endif
+
+
+
+#endif /* _FORMAT_DWARF_DWARF_DEF_H */
diff --git a/plugins/dwarf/form.c b/plugins/dwarf/form.c
new file mode 100644
index 0000000..d7922f7
--- /dev/null
+++ b/plugins/dwarf/form.c
@@ -0,0 +1,113 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * form.h - prototypes pour la transmission des valeurs d'attributs
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "form.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : value = valeur au format Dwarf à consulter. *
+* form = nature de la valeur à lire. *
+* addr = valeur utilisable en interne récupérée. [OUT] *
+* *
+* Description : Transcrit une valeur Dwarf brute en adresse virtuelle. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool translate_form_into_address(const dw_form_value *value, DwarfForm form, virt_t *addr)
+{
+ bool result; /* Bilan à retourner */
+
+ result = true;
+
+ switch (form)
+ {
+ case DW_FORM_addr:
+ *addr = value->v2.address;
+ break;
+
+ case DW_FORM_data1:
+ *addr = value->v2.data1;
+ break;
+
+ case DW_FORM_data2:
+ *addr = value->v2.data2;
+ break;
+
+ case DW_FORM_data4:
+ *addr = value->v2.data4;
+ break;
+
+ case DW_FORM_data8:
+ *addr = value->v2.data8;
+ break;
+
+ default:
+ result = false;
+ break;
+
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : value = valeur au format Dwarf à consulter. *
+* form = nature de la valeur à lire. *
+* *
+* Description : Transcrit une valeur Dwarf brute en chaîne de caractères. *
+* *
+* Retour : Bilan de l'opération : chaîne de caractères ou NULL si échec.*
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const char *translate_form_into_string(const dw_form_value *value, DwarfForm form)
+{
+ const char *result; /* Valeur et bilan à retourner */
+
+ switch (form)
+ {
+ case DW_FORM_string:
+ case DW_FORM_strp:
+ result = value->v2.string;
+ break;
+
+ default:
+ result = NULL;
+ break;
+
+ }
+
+ return result;
+
+}
diff --git a/plugins/dwarf/form.h b/plugins/dwarf/form.h
new file mode 100644
index 0000000..bdef9b3
--- /dev/null
+++ b/plugins/dwarf/form.h
@@ -0,0 +1,40 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * form.h - prototypes pour la transmission des valeurs d'attributs
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_FORM_H
+#define _FORMAT_DWARF_FORM_H
+
+
+#include "dwarf_def.h"
+
+
+
+/* Transcrit une valeur Dwarf brute en adresse virtuelle. */
+bool translate_form_into_address(const dw_form_value *, DwarfForm, virt_t *);
+
+/* Transcrit une valeur Dwarf brute en chaîne de caractères. */
+const char *translate_form_into_string(const dw_form_value *, DwarfForm);
+
+
+
+#endif /* _FORMAT_DWARF_FORM_H */
diff --git a/plugins/dwarf/info.c b/plugins/dwarf/info.c
new file mode 100644
index 0000000..432280e
--- /dev/null
+++ b/plugins/dwarf/info.c
@@ -0,0 +1,853 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * info.c - lecture des informations principales du format DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "info.h"
+
+
+#include "die.h"
+#include "dwarf-int.h"
+#include "../debuggable-int.h"
+
+
+
+
+
+static bool extract_dies_from_debug_information(GDwarfFormat *format, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die *parent, dw_die **die);
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage DWARF à compléter. *
+* *
+* Description : Charge les informations depuis une section ".debug_info". *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool load_dwarf_debug_information(GDwarfFormat *format)
+{
+ bool result; /* Bilan à renvoyer */
+
+
+
+ mrange_t range; /* Couverture d'une section */
+ vmpa2t end;
+ vmpa2t iter; /* Tête de lecture mouvante */
+
+ dw_compil_unit_header header;
+ dw_die *die;
+
+
+
+ result = g_exe_format_get_section_range_by_name(G_DBG_FORMAT(format)->executable, ".debug_info", &range);
+ if (!result) goto lddi_exit;
+
+ copy_vmpa(&iter, get_mrange_addr(&range));
+
+
+ printf("[%d] Passage :: 0x%08llx 0x%08llx\n",
+ result,
+ (unsigned long long)range.addr.physical,
+ (unsigned long long)range.addr.virtual);
+
+ compute_mrange_end_addr(&range, &end);
+
+ while (result)
+ {
+ /* Si il n'y a plus rien à lire dans la section... */
+ if (cmp_vmpa(&iter, &end) >= 0) break;
+
+
+ printf("========================================================================\n");
+ printf("========================================================================\n");
+ printf("========================================================================\n");
+ printf("========================================================================\n");
+ printf("\n");
+ printf("HEADER START :: 0x%x\n", (unsigned int)iter.physical);
+
+
+ result = read_dwarf_compil_unit_header(G_BIN_FORMAT(format)->content, &iter,
+ SRE_LITTLE /* FIXME */, &header);
+ if (!result) break;
+
+ printf("[%d] header :: addr size=%hhu\n", result, header.address_size);
+
+
+ result = extract_dies_from_debug_information(format, &iter,
+ SRE_LITTLE /* FIXME */, &header,
+ NULL, &die);
+
+
+
+ }
+
+
+ format->info_die = die;
+
+
+ lddi_exit:
+
+ return result;
+
+}
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage DWARF à compléter. *
+* pos = position de début de lecture. [OUT] *
+* endian = boutisme reconnu dans le format. *
+* header = en-tête de description de l'unité à traiter. *
+* parent = entrée parent de rattachement ou NULL si racine. *
+* die = emplacement de stockage de l'entrée. [OUT] *
+* *
+* Description : Procède à la lecture de l'en-tête d'un contenu binaire DWARF.*
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool extract_dies_from_debug_information(GDwarfFormat *format, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die *parent, dw_die **die)
+{
+ bool result; /* Bilan à faire remonter */
+ dw_die *child; /* Entrée subordonnée à charger*/
+
+ printf("==================================\n");
+ printf("=== version : 0x%hx\n", header->version);
+ printf("=== offset abbrev : 0x%llx\n", (unsigned long long)header->debug_abbrev_offset);
+ printf("==================================\n");
+
+
+ phys_t start = 0x1039;
+
+ printf("start :: 0x%x\n", (unsigned int)(pos->physical - start));
+ printf("start :: 0x%x\n", (unsigned int)(0x0 + pos->physical));
+
+ result = build_dwarf_die(format, pos, SRE_LITTLE /* FIXME */, header, die);
+ if (*die == NULL) return result;
+
+ if (parent != NULL)
+ dw_die_append_child(parent, *die);
+
+ if (dw_die_has_children(*die))
+ {
+ printf("<<<< children >>>>\n");
+
+ printf("next :: 0x%x\n", (unsigned int)(pos->physical - start));
+
+ while (result)
+ {
+ result = extract_dies_from_debug_information(format, pos, endian, header, *die, &child);
+
+ if (!result)
+ delete_dwarf_die(*die);
+
+ /* Entrée avec un code nul -> fin */
+ if (child == NULL) break;
+
+ }
+
+ }
+
+ return result;
+
+}
+
+
+
+
+
+
+
+#if 0
+#include <malloc.h>
+#include <string.h>
+
+
+#include "abbrev.h"
+#include "dwarf-int.h"
+#include "utils.h"
+
+
+/* Informations utiles d'une unité de compilation */
+typedef struct _compil_unit
+{
+ off_t startpos; /* Position de début d'unité */
+ off_t endpos; /* Position d'unité suivante */
+
+ off_t offset; /* Position dans les abréviat° */
+ uint8_t ptrsize; /* Taille des adresses mémoire */
+
+} compil_unit;
+
+
+
+#define _(str) str
+
+
+/* Procède à la lecture d'une unité de compilation. */
+bool read_dwarf_compilation_unit(dwarf_format *, off_t *, compil_unit *);
+
+/* Récupère toutes les déclarations DWARF utiles trouvées. */
+bool parse_dwarf_compilation_unit(dwarf_format *, off_t *, const compil_unit *);
+
+/* Enregistre toutes les déclarations de fonction trouvées. */
+dw_dbg_function *look_for_dwarf_subprograms(dwarf_format *, const dw_abbrev *, off_t *, const compil_unit *);
+
+/* Obtient la description humaine d'un type. */
+char *resolve_dwarf_function_type(dwarf_format *, const dw_abbrev *, const off_t *, const compil_unit *);
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* *
+* Description : Charge les informations trouvées dans un DWARF. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool load_dwarf_information(dwarf_format *format)
+{
+ bool result; /* Bilan à renvoyer */
+
+
+
+
+ off_t offset;
+ off_t start;
+ off_t size;
+
+ bool test;
+
+ int i;
+
+
+ compil_unit cu;
+
+
+
+ result = true;
+
+ test = find_exe_section(DBG_FORMAT(format)->e_format, ".debug_info", &start, &size, NULL);
+
+ offset = start;
+
+
+ printf(" -> offset=%d size=%d\n", offset, size);
+
+
+
+ for (i = 0; i < size; i++)
+ {
+ if (i % 25 == 0) printf("\n");
+ printf("0x%02hhx ", DBG_FORMAT(format)->content[offset + i]);
+ }
+
+ printf("\n");
+
+
+
+ while (offset < (start + size) && result)
+ {
+ printf("-------------\n");
+
+ result = read_dwarf_compilation_unit(format, &offset, &cu);
+
+ if (result)
+ parse_dwarf_compilation_unit(format, &offset, &cu);
+
+ }
+
+
+ printf("##############\nRegistered functions:\n");
+
+ for (i = 0; i < format->dbg_fc_count; i++)
+ printf(" > [0x%08llx] %s\n", format->dbg_functions[i]->low_pc, format->dbg_functions[i]->prototype);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à effacer. *
+* *
+* Description : Décharge les informations trouvées dans un DWARF. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void unload_dwarf_information(dwarf_format *format)
+{
+
+
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* cu = unité de compilation lue. [OUT] *
+* *
+* Description : Procède à la lecture d'une unité de compilation. *
+* *
+* Retour : true en cas de succès de la lecture, false sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dwarf_compilation_unit(dwarf_format *format, off_t *pos, compil_unit *cu)
+{
+ off_t ulength; /* Taille de l'unité */
+ uint16_t version; /* Version du format DWARF */
+
+ cu->startpos = *pos;
+
+ if (!read_unit_length(format, pos, &ulength))
+ return false;
+
+ cu->endpos = *pos + ulength;
+
+ if (!read_uhalf(format, pos, &version))
+ return false;
+
+ if (version > 3) return false;
+
+ if (!read_abbrev_offset(format, pos, &cu->offset))
+ return false;
+
+ if (!read_address_size(format, pos, &cu->ptrsize))
+ return false;
+
+ return true;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* cu = unité de compilation courante. *
+* *
+* Description : Récupère toutes les déclarations DWARF utiles trouvées. *
+* *
+* Retour : true en cas de succès de la lecture, false sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool parse_dwarf_compilation_unit(dwarf_format *format, off_t *pos, const compil_unit *cu)
+{
+ bool result; /* Bilan à retourner */
+ const dw_abbrev *abbrev; /* Abréviation rencontrée */
+ dw_dbg_function *function; /* Nouvelle fonction lue */
+
+
+
+ result = true;
+
+ while (*pos < cu->endpos && result)
+ {
+
+
+ printf(" =+> Cur :: 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx\n",
+ DBG_FORMAT(format)->content[*pos],
+ DBG_FORMAT(format)->content[*pos + 1],
+ DBG_FORMAT(format)->content[*pos + 2],
+ DBG_FORMAT(format)->content[*pos + 3],
+ DBG_FORMAT(format)->content[*pos + 4]);
+
+
+
+ abbrev = find_dwarf_abbreviations(format, &cu->offset, pos);
+
+ if (abbrev == NULL)
+ break;
+
+
+
+ printf(" --> %p\n", abbrev);
+
+ printf(" == 0x%02x (matched ? %d)\n", abbrev->tag, abbrev->tag == DWT_SUBPROGRAM);
+
+
+
+ switch (abbrev->tag)
+ {
+ case DWT_SUBPROGRAM:
+ function = look_for_dwarf_subprograms(format, abbrev, pos, cu);
+
+ if (function != NULL)
+ {
+ format->dbg_functions = (dw_dbg_function **)realloc(format->dbg_functions, ++format->dbg_fc_count * sizeof(dw_dbg_function *));
+ format->dbg_functions[format->dbg_fc_count - 1] = function;
+ }
+ else result = false;
+
+ break;
+
+ default:
+ break;
+
+ }
+
+
+
+
+
+
+
+
+
+
+
+
+ if (!skip_dwarf_abbrev(format, pos, abbrev))
+ printf("error skipping :(\n");
+
+
+ }
+
+
+ printf(" =+> Next :: 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx\n",
+ DBG_FORMAT(format)->content[*pos],
+ DBG_FORMAT(format)->content[*pos + 1],
+ DBG_FORMAT(format)->content[*pos + 2],
+ DBG_FORMAT(format)->content[*pos + 3],
+ DBG_FORMAT(format)->content[*pos + 4]);
+
+
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* abbrev = abréviation trouvée à traiter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* cu = unité de compilation courante. *
+* *
+* Description : Enregistre toutes les déclarations de fonction trouvées. *
+* *
+* Retour : Fonction chargée en mémoire ou NULL en cas d'échec. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+dw_dbg_function *look_for_dwarf_subprograms(dwarf_format *format, const dw_abbrev *abbrev, off_t *pos, const compil_unit *cu)
+{
+ dw_dbg_function *result; /* Structure à retourner */
+ uint32_t type_pos; /* Décalage p/r au pt courant */
+ off_t subpos; /* Sous-position de lecture #1 */
+ const dw_abbrev *subabbrev; /* Abréviation fille à lire */
+ char *retstr; /* Elément du prototype */
+ char *prototype; /* Stockage temporaire */
+ size_t proto_len; /* Taille du prototype */
+ bool is_pointer; /* Mémorise le type 'pointeur' */
+ uint64_t index; /* Index de la fonction */
+ bool first_arg; /* Marque le 1er argument */
+ off_t subpos2; /* Sous-position de lecture #2 */
+ const dw_abbrev *subabbrev2; /* Abréviation fille à lire #2 */
+
+ result = (dw_dbg_function *)calloc(1, sizeof(dw_dbg_function));
+
+ /* Récupération des informations de base */
+
+ if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_NAME, &result->name))
+ goto lfds_error;
+
+ if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_LOW_PC, &result->low_pc))
+ goto lfds_error;
+
+ if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_HIGH_PC, &result->high_pc))
+ goto lfds_error;
+
+ /* Type de la fonction */
+
+ if (test_dwarf_abbrev_attribute(abbrev, DWA_TYPE))
+ {
+ if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_TYPE, &type_pos))
+ goto lfds_error;
+
+ subpos = cu->startpos + type_pos;
+
+ subabbrev = find_dwarf_abbreviations(format, &cu->offset, &subpos);
+
+ retstr = resolve_dwarf_function_type(format, subabbrev, &subpos, cu);
+
+ }
+ else retstr = strdup("void");
+
+ if (retstr == NULL)
+ {
+ proto_len = 3;
+ prototype = (char *)calloc(proto_len + 1, sizeof(char));
+ strcat(prototype, "???");
+
+ is_pointer = false;
+
+ }
+ else
+ {
+ proto_len = strlen(retstr);
+ prototype = (char *)calloc(proto_len + 1, sizeof(char));
+ strcat(prototype, retstr);
+
+ is_pointer = (retstr[strlen(retstr) - 1] == '*');
+
+ free(retstr);
+
+ }
+
+ /* On saute l'abréviation de la déclaration de fonction... */
+
+ subpos = *pos;
+
+ if (!read_uleb128(format, &subpos, &index, true))
+ goto lfds_error;
+
+ if (!skip_dwarf_abbrev(format, &subpos, abbrev))
+ goto lfds_error;
+
+ /* Lecture des différents arguments */
+
+ proto_len += (!is_pointer ? 1 : 0) + strlen(result->name) + 1;
+ prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char));
+ if (!is_pointer) strcat(prototype, " ");
+ strcat(prototype, result->name);
+ strcat(prototype, "(");
+
+ first_arg = true;
+
+ while (1)
+ {
+ subabbrev = find_dwarf_abbreviations(format, &cu->offset, &subpos);
+ if (subabbrev == NULL) goto exit_loop;
+
+ switch (subabbrev->tag)
+ {
+ case DWT_UNSPECIFIED_PARAMETERS:
+
+ /* Virgule de séparation */
+
+ if (first_arg) first_arg = false;
+ else
+ {
+ proto_len += 2;
+ prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char));
+ strcat(prototype, ", ");
+ }
+
+ /* Marque de l'absence de type */
+
+ proto_len += 3;
+ prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char));
+ strcat(prototype, "...");
+
+ break;
+
+ case DWT_FORMAL_PARAMETER:
+
+ if (!read_dwarf_abbrev_attribute(format, &subpos, false, subabbrev, DWA_TYPE, &type_pos))
+ goto lfds_error;
+
+ subpos2 = cu->startpos + type_pos;
+
+ subabbrev2 = find_dwarf_abbreviations(format, &cu->offset, &subpos2);
+
+ retstr = resolve_dwarf_function_type(format, subabbrev2, &subpos2, cu);
+
+ /* Virgule de séparation */
+
+ if (first_arg) first_arg = false;
+ else
+ {
+ proto_len += 2;
+ prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char));
+ strcat(prototype, ", ");
+ }
+
+ /* Type de l'argument */
+
+ if (retstr == NULL)
+ {
+ proto_len += 3;
+ prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char));
+ strcat(prototype, "???");
+
+ is_pointer = false;
+
+ }
+ else
+ {
+ proto_len += strlen(retstr);
+ prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char));
+ strcat(prototype, retstr);
+
+ is_pointer = (retstr[strlen(retstr) - 1] == '*');
+
+ free(retstr);
+
+ }
+
+ /* Nom de l'argument */
+
+ if (test_dwarf_abbrev_attribute(abbrev, DWA_NAME))
+ {
+ if (!read_dwarf_abbrev_attribute(format, &subpos, false, subabbrev, DWA_NAME, &retstr))
+ goto lfds_error;
+ }
+ else retstr = strdup(_("[no name]"));
+
+ if (retstr != NULL)
+ {
+ proto_len += strlen(retstr) + (!is_pointer ? 1 : 0) + 1;
+ prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char));
+ if (!is_pointer) strcat(prototype, " ");
+ strcat(prototype, retstr);
+
+ free(retstr);
+
+ }
+
+ break;
+
+ default:
+ goto exit_loop;
+ break;
+
+ }
+
+ if (!skip_dwarf_abbrev(format, &subpos, subabbrev))
+ goto lfds_error;
+
+ }
+
+ exit_loop:
+
+ proto_len += 1;
+ prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char));
+ strcat(prototype, ")");
+
+ result->prototype = prototype;
+
+ return result;
+
+ lfds_error:
+
+ if (result->name != NULL) free(result->name);
+ if (result->prototype != NULL) free(result->prototype);
+
+ free(result);
+
+ return NULL;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à compléter. *
+* abbrev = abréviation associée au type. *
+* pos = tête de lecture à avoir sous le coude. *
+* cu = unité de compilation courante. *
+* *
+* Description : Obtient la description humaine d'un type. *
+* *
+* Retour : Chaîne de caractères en cas de succès, NULL sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+char *resolve_dwarf_function_type(dwarf_format *format, const dw_abbrev *abbrev, const off_t *pos, const compil_unit *cu)
+{
+ char *result; /* Description à retourner */
+ off_t oldpos; /* Conservation de l'indice */
+ uint32_t type_pos; /* Sous-type détecté */
+ uint64_t index; /* Indice de l'abréviation... */
+ const dw_abbrev *subabbrev; /* ... et abréviation associée */
+ size_t len; /* Longeur d'un résultat */
+
+ result = NULL;
+ oldpos = *pos;
+
+ switch (abbrev->tag)
+ {
+ /* 0x04 */
+ case DWT_ENUMERATION_TYPE:
+
+ oldpos = *pos;
+ read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result);
+
+ if (result != NULL)
+ {
+ len = strlen(result);
+
+ result = (char *)realloc(result, (strlen("enum ") + len + 1) * sizeof(char));
+ memmove(&result[strlen("enum ")], result, len);
+ memcpy(result, "enum ", strlen("enum "));
+
+ }
+
+ break;
+
+ /* 0x0f */
+ case DWT_POINTER_TYPE:
+
+ if (test_dwarf_abbrev_attribute(abbrev, DWA_TYPE))
+ {
+ if (!read_dwarf_abbrev_attribute(format, &oldpos, true, abbrev, DWA_TYPE, &type_pos))
+ return NULL;
+
+ oldpos = cu->startpos + type_pos;
+
+ subabbrev = find_dwarf_abbreviations(format, &cu->offset, &oldpos);
+
+ result = resolve_dwarf_function_type(format, subabbrev, &oldpos, cu);
+
+ }
+ else result = strdup("void");
+
+ if (result != NULL)
+ {
+ len = strlen(result);
+
+ if (result[len - 1] == '*')
+ {
+ result = (char *)realloc(result, (len + 2) * sizeof(char));
+ result[len] = '*';
+ }
+ else
+ {
+ result = (char *)realloc(result, (len + 3) * sizeof(char));
+ strcat(result, " *");
+ }
+
+ }
+
+ break;
+
+ /* 0x13 */
+ case DWT_STRUCTURE_TYPE:
+
+ oldpos = *pos;
+ read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result);
+
+ if (result != NULL)
+ {
+ len = strlen(result);
+
+ result = (char *)realloc(result, (strlen("struct ") + len + 1) * sizeof(char));
+ memmove(&result[strlen("struct ")], result, len);
+ memcpy(result, "struct ", strlen("struct "));
+
+ }
+
+ break;
+
+ /* 0x16 */
+ case DWT_TYPEDEF:
+ oldpos = *pos;
+ read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result);
+ break;
+
+ /* 0x24 */
+ case DWT_BASE_TYPE:
+ oldpos = *pos;
+ read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result);
+ break;
+
+ /* 0x26 */
+ case DWT_CONST_TYPE:
+
+
+
+ if (read_dwarf_abbrev_attribute(format, &oldpos, true, abbrev, DWA_TYPE, &type_pos))
+ printf(" ## sub type :: 0x%08x\n", type_pos);
+ else printf(" error: no type\n");
+
+ oldpos = cu->startpos + type_pos;
+
+
+
+
+
+
+ subabbrev = find_dwarf_abbreviations(format, &cu->offset, &oldpos);
+ printf("subabbrev == %p\n", subabbrev);
+
+
+
+
+ result = resolve_dwarf_function_type(format, subabbrev, &oldpos, cu);
+
+ if (result != NULL)
+ {
+ len = strlen(result);
+
+ result = (char *)realloc(result, (strlen("const ") + len + 1) * sizeof(char));
+ memmove(&result[strlen("const ")], result, len);
+ memcpy(result, "const ", strlen("const "));
+
+ }
+
+ break;
+
+ default:
+ printf("### NOT HANDLED ### Tag :: 0x%02x\n", abbrev->tag);
+ break;
+
+ }
+
+ return result;
+
+}
+#endif
diff --git a/plugins/dwarf/info.h b/plugins/dwarf/info.h
new file mode 100644
index 0000000..76220e5
--- /dev/null
+++ b/plugins/dwarf/info.h
@@ -0,0 +1,63 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * info.h - prototypes pour la lecture des informations principales du format DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_INFO_H
+#define _FORMAT_DWARF_INFO_H
+
+
+#include <stdbool.h>
+
+
+#include "dwarf.h"
+
+
+
+/* Charge les informations depuis une section ".debug_info". */
+bool load_dwarf_debug_information(GDwarfFormat *);
+
+
+
+
+
+
+
+
+#if 0
+
+#include <stdbool.h>
+
+
+#include "d_dwarf.h"
+
+
+
+/* Charge les informations trouvées dans un DWARF. */
+bool load_dwarf_information(dwarf_format *);
+
+/* Décharge les informations trouvées dans un DWARF. */
+void unload_dwarf_information(dwarf_format *);
+#endif
+
+
+
+#endif /* _FORMAT_DWARF_INFO_H */
diff --git a/plugins/dwarf/symbols.c b/plugins/dwarf/symbols.c
new file mode 100644
index 0000000..3ddfb96
--- /dev/null
+++ b/plugins/dwarf/symbols.c
@@ -0,0 +1,316 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * symbols.c - gestion des symboles d'un DWARF
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "symbols.h"
+
+
+#include "die.h"
+#include "dwarf-int.h"
+#include "form.h"
+#include "../../core/params.h"
+#include "../../mangling/demangler.h"
+
+
+
+/* Charge les informations d'une routine en tant que symbole. */
+static bool load_routine_as_symbol_from_dwarf(GDwarfFormat *, const dw_die *, const dw_abbrev *, bool);
+
+/* Charge les informations d'un objet en tant que symbole. */
+static bool load_object_as_symbol_from_dwarf(GDwarfFormat *, const dw_die *, const dw_abbrev *, bool);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à compléter. *
+* die = entrée d'informations de débogage à utiliser. *
+* abbrev = abréviation déjà chargée sur laquelle s'appuyer. *
+* use_virt = oriente le choix de la distinction ultime. *
+* *
+* Description : Charge les informations d'une routine en tant que symbole. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool load_routine_as_symbol_from_dwarf(GDwarfFormat *format, const dw_die *die, const dw_abbrev *abbrev, bool use_virt)
+{
+ DwarfForm form; /* Type d'une valeur d'attribut*/
+ const dw_form_value *value; /* Valeur concrète d'attribut */
+ virt_t virt; /* Adresse virtuelle de départ */
+ bool status; /* Bilan d'une récupération */
+ virt_t len; /* Taille de la zone couverte */
+ vmpa2t addr; /* Localisation complète */
+ mrange_t range; /* Espace de couverture total */
+ const char *name; /* Désignation humaine */
+ char alt_name[6 + VMPA_MAX_LEN]; /* Nom abstrait de substitution*/
+ GBinRoutine *routine; /* Nouvelle routine trouvée */
+ GBinSymbol *symbol; /* Nouveau symbole construit */
+
+ /* Surface couverte */
+
+ value = dw_die_peek_extended_value(die, DW_AT_low_pc, &form);
+ if (value == NULL) goto lrasfd_bad_start;
+
+ status = translate_form_into_address(value, form, &virt);
+ if (!status) goto lrasfd_bad_start;
+
+ value = dw_die_peek_extended_value(die, DW_AT_high_pc, &form);
+ if (value == NULL) goto lrasfd_bad_start;
+
+ status &= translate_form_into_address(value, form, &len);
+ if (!status) goto lrasfd_bad_start;
+
+ if (!g_exe_format_translate_address_into_vmpa(G_DBG_FORMAT(format)->executable, virt, &addr))
+ init_vmpa(&addr, VMPA_NO_PHYSICAL, virt);
+
+ init_mrange(&range, &addr, len);
+
+ /* Désignation humaine */
+
+ value = dw_die_peek_extended_value(die, DW_AT_name, &form);
+ if (value == NULL) goto lrasfd_bad_name;
+
+ name = translate_form_into_string(value, form);
+
+ if (name == NULL)
+ {
+ strcpy(alt_name, "func_");
+
+ if (use_virt)
+ vmpa2_virt_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL);
+ else
+ vmpa2_phys_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL);
+
+ name = alt_name;
+
+ }
+
+ /* Intégration en bonne et due forme */
+
+ routine = g_binary_format_decode_routine(G_BIN_FORMAT(format), name);
+ symbol = G_BIN_SYMBOL(routine);
+
+ g_binary_symbol_set_range(symbol, &range);
+
+ g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol);
+
+
+
+
+ printf(" --> [valid ?= %d] start @ 0x%08llx\n", status, virt);
+ printf(" --> [valid ?= %d] len = 0x%08llx\n", status, len);
+ printf(" --> [valid ?= %d] name = '%s'\n", status, name);
+
+
+ return true;
+
+ lrasfd_bad_start:
+ lrasfd_bad_name:
+
+ return false;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à compléter. *
+* die = entrée d'informations de débogage à utiliser. *
+* abbrev = abréviation déjà chargée sur laquelle s'appuyer. *
+* use_virt = oriente le choix de la distinction ultime. *
+* *
+* Description : Charge les informations d'un objet en tant que symbole. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool load_object_as_symbol_from_dwarf(GDwarfFormat *format, const dw_die *die, const dw_abbrev *abbrev, bool use_virt)
+{
+ DwarfForm form; /* Type d'une valeur d'attribut*/
+ const dw_form_value *value; /* Valeur concrète d'attribut */
+ virt_t virt; /* Adresse virtuelle de départ */
+ bool status; /* Bilan d'une récupération */
+ virt_t len; /* Taille de la zone couverte */
+ vmpa2t addr; /* Localisation complète */
+ mrange_t range; /* Espace de couverture total */
+ const char *name; /* Désignation humaine */
+ char alt_name[5 + VMPA_MAX_LEN]; /* Nom abstrait de substitution*/
+ GBinRoutine *routine; /* Nouvelle routine trouvée */
+ GBinSymbol *symbol; /* Nouveau symbole construit */
+
+ /* Surface couverte */
+
+
+
+
+
+
+ /*
+ value = dw_die_peek_extended_value(die, DW_AT_low_pc, &form);
+ if (value == NULL) goto lrasfd_bad_start;
+
+ status = translate_form_into_address(value, form, &virt);
+ if (!status) goto lrasfd_bad_start;
+
+ value = dw_die_peek_extended_value(die, DW_AT_high_pc, &form);
+ if (value == NULL) goto lrasfd_bad_start;
+
+ status &= translate_form_into_address(value, form, &len);
+ if (!status) goto lrasfd_bad_start;
+
+ if (!g_exe_format_translate_address_into_vmpa(G_DBG_FORMAT(format)->executable, virt, &addr))
+ init_vmpa(&addr, VMPA_NO_PHYSICAL, virt);
+
+ init_mrange(&range, &addr, len);
+ */
+
+
+
+
+
+ /* Désignation humaine */
+
+ value = dw_die_peek_extended_value(die, DW_AT_name, &form);
+ if (value == NULL) goto lrasfd_bad_name;
+
+ name = translate_form_into_string(value, form);
+
+ if (name == NULL)
+ {
+ strcpy(alt_name, "obj_");
+
+ if (use_virt)
+ vmpa2_virt_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL);
+ else
+ vmpa2_phys_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL);
+
+ name = alt_name;
+
+ }
+
+ /* Intégration en bonne et due forme */
+
+ /*
+ routine = try_to_demangle_routine(name);
+
+ g_binary_symbol_set_range(G_BIN_SYMBOL(routine), &range);
+
+ symbol = g_binary_symbol_new(NULL, STP_OBJECT);
+ g_binary_symbol_attach_routine(symbol, routine);
+
+ g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol);
+ */
+
+
+
+ //printf(" --> [valid ?= %d] start @ 0x%08llx\n", status, virt);
+ //printf(" --> [valid ?= %d] len = 0x%08llx\n", status, len);
+ //printf(" --> [valid ?= %d] name = '%s'\n", status, name);
+
+
+ return true;
+
+ lrasfd_bad_start:
+ lrasfd_bad_name:
+
+ return false;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à compléter. *
+* *
+* Description : Charge en mémoire la liste humaine des symboles. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool load_dwarf_symbols(GDwarfFormat *format)
+{
+ bool result; /* Bilan à retourner */
+ bool no_name; /* Choix de construction de nom*/
+
+ typedef struct _die_visit_info
+ {
+ GDwarfFormat *format;
+ bool use_virt;
+
+ } die_visit_info;
+
+ die_visit_info vinfo; /* Information pour visiteur */
+
+
+ bool catch_dwarf_symbol(const dw_die *die, die_visit_info *info)
+ {
+ const dw_abbrev *abbrev; /* Lien vers la représentation */
+ DwarfTag tag; /* Etiquette à analyser */
+ bool status; /* Bilan d'un chargement */
+
+ abbrev = dw_die_get_abbrev(die);
+ tag = dwarf_abbreviation_get_tag(abbrev);
+
+ switch (tag)
+ {
+ case DW_TAG_subprogram:
+ printf(" DIE ==> %p -> %p // tag = %x\n", die, abbrev, tag);
+ status = load_routine_as_symbol_from_dwarf(info->format, die, abbrev, info->use_virt);
+ break;
+
+ case DW_TAG_variable:
+ printf(" DIE ==> %p -> %p // tag = %x\n", die, abbrev, tag);
+ status = load_object_as_symbol_from_dwarf(info->format, die, abbrev, info->use_virt);
+ break;
+
+ default:
+ status = true;
+ break;
+
+ }
+
+ return status;
+
+ }
+
+
+ if (!g_generic_config_get_value(get_main_configuration(), MPK_FORMAT_NO_NAME, &no_name))
+ return false;
+
+ vinfo.format = format;
+ vinfo.use_virt = no_name;
+
+ result = dw_die_visit(format->info_die, (visit_dies_fc)catch_dwarf_symbol, &vinfo);
+
+ return result;
+
+}
diff --git a/plugins/dwarf/symbols.h b/plugins/dwarf/symbols.h
new file mode 100644
index 0000000..128f00c
--- /dev/null
+++ b/plugins/dwarf/symbols.h
@@ -0,0 +1,40 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * symbols.h - prototypes pour la gestion des symboles d'un DWARF
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_SYMBOLS_H
+#define _FORMAT_DWARF_SYMBOLS_H
+
+
+#include <stdbool.h>
+
+
+#include "dwarf.h"
+
+
+
+/* Charge en mémoire la liste humaine des symboles. */
+bool load_dwarf_symbols(GDwarfFormat *);
+
+
+
+#endif /* _FORMAT_DWARF_SYMBOLS_H */
diff --git a/plugins/dwarf/utils.c b/plugins/dwarf/utils.c
new file mode 100644
index 0000000..b767970
--- /dev/null
+++ b/plugins/dwarf/utils.c
@@ -0,0 +1,304 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * utils.h - prototypes pour les fonctions d'aisance vis à vis du format DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "utils.h"
+
+
+#include <string.h>
+
+
+#include "dwarf-int.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à consulter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* value = valeur au format LEB128 lue. [OUT] *
+* update = indique si la position est à mettre à jour. *
+* *
+* Description : Lit une valeur Little Endian Base 128 signée. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : En cas d'échec, la tête de lecture est indéterminée. *
+* *
+******************************************************************************/
+
+bool read_leb128(dwarf_format *format, off_t *pos, int64_t *value, bool update)
+{
+ off_t curpos; /* Tête de lecture effective */
+ int shift; /* Décalage à appliquer */
+ off_t i; /* Boucle de parcours */
+
+ curpos = *pos;
+ shift = 0;
+ *value = 0;
+
+ for (i = 0; i < 8; i++)
+ {
+ /* On évite les débordements... */
+ if (curpos >= DBG_FORMAT(format)->length) return false;
+
+ *value |= (DBG_FORMAT(format)->content[curpos] & 0x7f) << shift;
+
+ shift += 7;
+ curpos++;
+
+ if ((DBG_FORMAT(format)->content[*pos + i] & 0x80) == 0x00) break;
+
+ }
+
+ if ((shift < 64) && (DBG_FORMAT(format)->content[curpos - 1] & 0x40) == 0x40)
+ *value |= - (1 << shift);
+
+ if (update) *pos = curpos;
+
+ return (i < 8);
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à consulter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* value = valeur au format LEB128 lue. [OUT] *
+* update = indique si la position est à mettre à jour. *
+* *
+* Description : Lit une valeur Little Endian Base 128 non signée. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : En cas d'échec, la tête de lecture est indéterminée. *
+* *
+******************************************************************************/
+
+bool read_uleb128(dwarf_format *format, off_t *pos, uint64_t *value, bool update)
+{
+ off_t curpos; /* Tête de lecture effective */
+ int shift; /* Décalage à appliquer */
+ off_t i; /* Boucle de parcours */
+
+ curpos = *pos;
+ shift = 0;
+ *value = 0;
+
+ for (i = 0; i < 8; i++)
+ {
+ /* On évite les débordements... */
+ if (curpos >= DBG_FORMAT(format)->length) return false;
+
+ *value |= (DBG_FORMAT(format)->content[curpos] & 0x7f) << shift;
+
+ shift += 7;
+ curpos++;
+
+ if ((DBG_FORMAT(format)->content[*pos + i] & 0x80) == 0x00) break;
+
+ }
+
+ if (update) *pos = curpos;
+
+ return (i < 8);
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à consulter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* value = valeur entière lue. [OUT] *
+* *
+* Description : Lit une valeur représentant une longueur d'unité. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : Un peu sale : la sortie est signée et dépend du système, *
+* alors que la valeur est non signée et dépend de la cible. *
+* *
+******************************************************************************/
+
+bool read_unit_length(dwarf_format *format, off_t *pos, off_t *value)
+{
+ bool result; /* Bilan à retourner */
+ uint32_t val32; /* Entier sur 4 octets */
+ uint64_t val64; /* Entier sur 8 octets */
+
+ /* FIXME : Endian... */
+
+ if (format->format == DWF_32_BITS)
+ {
+ result = ((*pos + 4) <= DBG_FORMAT(format)->length);
+
+ if (result)
+ {
+ memcpy(&val32, &DBG_FORMAT(format)->content[*pos], 4);
+ (*pos) += 4;
+
+ *value = val32;
+
+ }
+
+ }
+ else
+ {
+ result = ((*pos + 4 + 8) <= DBG_FORMAT(format)->length);
+
+ if (result)
+ {
+ memcpy(&val64, &DBG_FORMAT(format)->content[*pos + 4], 8);
+ (*pos) += 4 + 8;
+
+ *value = val64;
+
+ }
+
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à consulter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* value = valeur entière non signée lue. [OUT] *
+* *
+* Description : Lit une valeur non signée sur deux octets. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_uhalf(dwarf_format *format, off_t *pos, uint16_t *value)
+{
+ bool result; /* Bilan à retourner */
+
+ /* FIXME : Endian... */
+
+ result = ((*pos + 2) <= DBG_FORMAT(format)->length);
+
+ if (result)
+ {
+ memcpy(value, &DBG_FORMAT(format)->content[*pos], 2);
+ (*pos) += 2;
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à consulter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* value = valeur entière lue. [OUT] *
+* *
+* Description : Lit une valeur indiquant une position dans les abréviations. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : Un peu sale : la sortie est signée et dépend du système, *
+* alors que la valeur est non signée et dépend de la cible. *
+* *
+******************************************************************************/
+
+bool read_abbrev_offset(dwarf_format *format, off_t *pos, off_t *value)
+{
+ bool result; /* Bilan à retourner */
+ uint32_t val32; /* Entier sur 4 octets */
+ uint64_t val64; /* Entier sur 8 octets */
+
+ /* FIXME : Endian... */
+
+ if (format->format == DWF_32_BITS)
+ {
+ result = ((*pos + 4) <= DBG_FORMAT(format)->length);
+
+ if (result)
+ {
+ memcpy(&val32, &DBG_FORMAT(format)->content[*pos], 4);
+ (*pos) += 4;
+
+ *value = val32;
+
+ }
+
+ }
+ else
+ {
+ result = ((*pos + 8) <= DBG_FORMAT(format)->length);
+
+ if (result)
+ {
+ memcpy(&val64, &DBG_FORMAT(format)->content[*pos], 8);
+ (*pos) += 8;
+
+ *value = val64;
+
+ }
+
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations de débogage à consulter. *
+* pos = tête de lecture à mettre à jour. [OUT] *
+* value = valeur entière non signée lue. [OUT] *
+* *
+* Description : Lit une valeur indiquant la taille des adresses mémoire. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_address_size(dwarf_format *format, off_t *pos, uint8_t *value)
+{
+ bool result; /* Bilan à retourner */
+
+ result = ((*pos + 1) <= DBG_FORMAT(format)->length);
+
+ if (result)
+ {
+ *value = DBG_FORMAT(format)->content[*pos];
+ (*pos)++;
+ }
+
+ return result;
+
+}
diff --git a/plugins/dwarf/utils.h b/plugins/dwarf/utils.h
new file mode 100644
index 0000000..6727082
--- /dev/null
+++ b/plugins/dwarf/utils.h
@@ -0,0 +1,56 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * utils.h - prototypes pour les fonctions d'aisance vis à vis du format DWARF
+ *
+ * Copyright (C) 2008-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_UTILS_H
+#define _FORMAT_DWARF_UTILS_H
+
+
+#include <stdbool.h>
+#include <stdint.h>
+
+
+#include "d_dwarf.h"
+
+
+
+/* Lit une valeur Little Endian Base 128 signée. */
+bool read_leb128(dwarf_format *, off_t *, int64_t *, bool);
+
+/* Lit une valeur Little Endian Base 128 non signée. */
+bool read_uleb128(dwarf_format *, off_t *, uint64_t *, bool);
+
+/* Lit une valeur représentant une longueur d'unité. */
+bool read_unit_length(dwarf_format *, off_t *, off_t *);
+
+/* Lit une valeur non signée sur deux octets. */
+bool read_uhalf(dwarf_format *, off_t *, uint16_t *);
+
+/* Lit une valeur indiquant une position dans les abréviations. */
+bool read_abbrev_offset(dwarf_format *, off_t *, off_t *);
+
+/* Lit une valeur indiquant la taille des adresses mémoire. */
+bool read_address_size(dwarf_format *, off_t *, uint8_t *);
+
+
+
+#endif /* _FORMAT_DWARF_UTILS_H */
diff --git a/plugins/dwarf/v2/Makefile.am b/plugins/dwarf/v2/Makefile.am
new file mode 100644
index 0000000..d1fc563
--- /dev/null
+++ b/plugins/dwarf/v2/Makefile.am
@@ -0,0 +1,18 @@
+
+noinst_LTLIBRARIES = libformatdwarfv2.la
+
+libformatdwarfv2_la_SOURCES = \
+ dwarf.h dwarf.c \
+ form.h form.c
+
+libformatdwarfv2_la_LDFLAGS = $(LIBGTK_LIBS)
+
+
+devdir = $(includedir)/chrysalide/$(subdir:src/%=%)
+
+dev_HEADERS = $(libformatdwarfv2_la_SOURCES:%c=)
+
+
+AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS)
+
+AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/plugins/dwarf/v2/dwarf.c b/plugins/dwarf/v2/dwarf.c
new file mode 100644
index 0000000..8f794bf
--- /dev/null
+++ b/plugins/dwarf/v2/dwarf.c
@@ -0,0 +1,180 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf.c - support du format DWARF v2
+ *
+ * Copyright (C) 2015-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "dwarf.h"
+
+
+#include "../dwarf-int.h"
+
+
+#include "form.h"
+
+
+
+/* Format de débogage DWARF v2 (instance) */
+struct _GDwarfV2Format
+{
+ GDwarfFormat parent; /* A laisser en premier */
+
+};
+
+/* Format de débogage DWARF v2 (classe) */
+struct _GDwarfV2FormatClass
+{
+ GDwarfFormatClass parent; /* A laisser en premier */
+
+};
+
+
+/* Initialise la classe des formats de débogage DWARF v2. */
+static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *);
+
+/* Initialise une instance de format de débogage DWARF v2. */
+static void g_dwarfv2_format_init(GDwarfV2Format *);
+
+/* Supprime toutes les références externes. */
+static void g_dwarfv2_format_dispose(GDwarfV2Format *);
+
+/* Procède à la libération totale de la mémoire. */
+static void g_dwarfv2_format_finalize(GDwarfV2Format *);
+
+
+
+/* Indique le type défini pour un format de débogage DWARF v2. */
+G_DEFINE_TYPE(GDwarfV2Format, g_dwarfv2_format, G_TYPE_DWARF_FORMAT);
+
+
+/******************************************************************************
+* *
+* Paramètres : klass = classe à initialiser. *
+* *
+* Description : Initialise la classe des formats de débogage DWARF v2. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *klass)
+{
+ GObjectClass *object; /* Autre version de la classe */
+ GDwarfFormatClass *dwarf; /* Version parente de la classe*/
+
+ object = G_OBJECT_CLASS(klass);
+
+ object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv2_format_dispose;
+ object->finalize = (GObjectFinalizeFunc)g_dwarfv2_format_finalize;
+
+ dwarf = G_DWARF_FORMAT_CLASS(klass);
+
+ dwarf->read_form = (read_form_value_fc)read_dwarf_v2_form_value;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance à initialiser. *
+* *
+* Description : Initialise une instance de format de débogage DWARF v2. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv2_format_init(GDwarfV2Format *format)
+{
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Supprime toutes les références externes. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv2_format_dispose(GDwarfV2Format *format)
+{
+ G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->dispose(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Procède à la libération totale de la mémoire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv2_format_finalize(GDwarfV2Format *format)
+{
+ G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->finalize(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : content = contenu binaire à parcourir. *
+* parent = éventuel format exécutable déjà chargé. *
+ status = barre de statut à tenir informée. *
+* *
+* Description : Prend en charge un nouveau format DWARF (v2). *
+* *
+* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.*
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GBinFormat *g_dwarfv2_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status)
+{
+ GDwarfV2Format *result; /* Structure à retourner */
+
+ result = g_object_new(G_TYPE_DWARFV2_FORMAT, NULL);
+
+
+
+ g_binary_format_set_content(G_BIN_FORMAT(result), content);
+
+
+
+ return G_BIN_FORMAT(result);
+
+}
diff --git a/plugins/dwarf/v2/dwarf.h b/plugins/dwarf/v2/dwarf.h
new file mode 100644
index 0000000..f3b3501
--- /dev/null
+++ b/plugins/dwarf/v2/dwarf.h
@@ -0,0 +1,58 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf.h - prototypes pour le support du format DWARF v2
+ *
+ * Copyright (C) 2015-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_V2_DWARF_H
+#define _FORMAT_DWARF_V2_DWARF_H
+
+
+#include <glib-object.h>
+
+
+#include "../../../core/formats.h"
+
+
+
+#define G_TYPE_DWARFV2_FORMAT g_dwarfv2_format_get_type()
+#define G_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv2_format_get_type(), GDwarfV2Format))
+#define G_IS_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv2_format_get_type()))
+#define G_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass))
+#define G_IS_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV2_FORMAT))
+#define G_DWARFV2_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass))
+
+
+/* Format de débogage DWARF v2 (instance) */
+typedef struct _GDwarfV2Format GDwarfV2Format;
+
+/* Format de débogage DWARF v2 (classe) */
+typedef struct _GDwarfV2FormatClass GDwarfV2FormatClass;
+
+
+/* Indique le type défini pour un format de débogage DWARF v2. */
+GType g_dwarfv2_format_get_type(void);
+
+/* Prend en charge un nouveau format DWARF (v2). */
+GBinFormat *g_dwarfv2_format_new(GBinContent *, GExeFormat *, GtkStatusStack *);
+
+
+
+#endif /* _FORMAT_DWARF_V2_DWARF_H */
diff --git a/plugins/dwarf/v2/form.c b/plugins/dwarf/v2/form.c
new file mode 100644
index 0000000..7e012b7
--- /dev/null
+++ b/plugins/dwarf/v2/form.c
@@ -0,0 +1,276 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * form.c - chargement en mémoire des valeurs d'attributs
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "form.h"
+
+
+#include "../dwarf-int.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = contenu binaire de débogage à parcourir. *
+* cu = unité de compilation parente. *
+* form = nature de la valeur à lire. *
+* pos = tête de lecture au sein des données. [OUT] *
+* value = valeur au format donné lue. [OUT] *
+* *
+* Description : Lit la valeur correspondant à un type donné. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dwarf_v2_form_value(const GDwarfFormat *format, const dw_compil_unit_header *cu, DwarfForm form, vmpa2t *pos, dw_v2_form_value *value)
+{
+ bool result; /* Bilan de lecture à renvoyer */
+ GBinContent *content; /* Contenu binaire à parcourir */
+ SourceEndian endian; /* Boutisme des enregistrements*/
+ GExeFormat *exe; /* Format d'exécutable rattaché*/
+ const bin_t *tmp; /* Données quelconques */
+ uint8_t tmp8; /* Données sur 8 bits */
+ uint16_t tmp16; /* Données sur 16 bits */
+ uint32_t tmp32; /* Données sur 32 bits */
+ uint64_t tmp64; /* Données sur 64 bits */
+ uleb128_t tmpuleb; /* Données sur xxx bits */
+ phys_t offset; /* Décalage à appliquer */
+ mrange_t range; /* Couverture d'une section */
+ vmpa2t iter; /* Point de lecture parallèle */
+
+ content = G_BIN_FORMAT(format)->content;
+ endian = g_binary_format_get_endianness(G_BIN_FORMAT(format));
+ exe = G_DBG_FORMAT(format)->executable;
+
+ switch (form)
+ {
+ case DW_FORM_addr:
+
+ switch (cu->address_size)
+ {
+ case 2:
+ result = g_binary_content_read_u16(content, pos, endian, &tmp16);
+ if (result) value->address = tmp16;
+ break;
+ case 4:
+ result = g_binary_content_read_u32(content, pos, endian, &tmp32);
+ if (result) value->address = tmp32;
+ break;
+ case 8:
+ result = g_binary_content_read_u64(content, pos, endian, &tmp64);
+ if (result) value->address = tmp64;
+ break;
+ default:
+ result = false;
+ break;
+ }
+ break;
+
+ case DW_FORM_block2:
+ result = g_binary_content_read_u16(content, pos, endian, &tmp16);
+ if (result)
+ {
+ value->block.size = tmp16;
+ goto block_finish;
+ }
+ break;
+
+ case DW_FORM_block4:
+ result = g_binary_content_read_u32(content, pos, endian, &tmp32);
+ if (result)
+ {
+ value->block.size = tmp32;
+ goto block_finish;
+ }
+ break;
+
+ case DW_FORM_data2:
+ result = g_binary_content_read_u16(content, pos, endian, &value->data2);
+ break;
+
+ case DW_FORM_data4:
+ result = g_binary_content_read_u32(content, pos, endian, &value->data4);
+ break;
+
+ case DW_FORM_data8:
+ result = g_binary_content_read_u64(content, pos, endian, &value->data8);
+ break;
+
+ case DW_FORM_string:
+
+ tmp = g_binary_content_get_raw_access(content, pos, 1);
+ result = (tmp != NULL);
+
+ if (result)
+ {
+ value->string = (const char *)tmp;
+
+ while (result && *tmp != '\0')
+ {
+ tmp = g_binary_content_get_raw_access(content, pos, 1);
+ result = (tmp != NULL);
+ }
+
+ }
+
+ break;
+
+ case DW_FORM_block:
+
+ tmpuleb = 0; /* Pour GCC */
+
+ result = g_binary_content_read_uleb128(content, pos, &tmpuleb);
+ if (!result) break;
+
+ value->block.size = tmpuleb;
+
+ block_finish:
+
+ value->block.start = g_binary_content_get_raw_access(content, pos, value->block.size);
+
+ result = (value->block.start != NULL);
+ break;
+
+ case DW_FORM_block1:
+ result = g_binary_content_read_u8(content, pos, &tmp8);
+ if (result)
+ {
+ value->block.size = tmp8;
+ goto block_finish;
+ }
+ break;
+
+ case DW_FORM_data1:
+ result = g_binary_content_read_u8(content, pos, &value->data1);
+ break;
+
+ case DW_FORM_flag:
+ result = g_binary_content_read_u8(content, pos, &value->flag);
+ break;
+
+ case DW_FORM_sdata:
+ result = g_binary_content_read_leb128(content, pos, &value->sdata);
+ break;
+
+ case DW_FORM_strp:
+
+ /* Définition des positions */
+
+ if (cu->is_32b)
+ {
+ result = g_binary_content_read_u32(content, pos, endian, &tmp32);
+ offset = tmp32;
+ }
+ else
+ {
+ result = g_binary_content_read_u64(content, pos, endian, &tmp64);
+ offset = tmp64;
+ }
+
+ /* Lecture dans la section adaptée */
+
+ if (result)
+ result = g_exe_format_get_section_range_by_name(exe, ".debug_str", &range);
+
+ if (result)
+ {
+ copy_vmpa(&iter, get_mrange_addr(&range));
+
+ result = g_binary_content_seek(content, &iter, offset);
+
+ if (!result)
+ break;
+
+ tmp = g_binary_content_get_raw_access(content, &iter, 1);
+ result = (tmp != NULL);
+
+ if (result)
+ {
+ value->string = (const char *)tmp;
+
+ while (result && *tmp != '\0')
+ {
+ tmp = g_binary_content_get_raw_access(content, &iter, 1);
+ result = (tmp != NULL);
+ }
+
+ }
+
+ }
+
+ break;
+
+ case DW_FORM_udata:
+ result = g_binary_content_read_uleb128(content, pos, &value->udata);
+ break;
+
+
+
+
+
+
+
+
+
+
+
+ case DW_FORM_ref1:
+ result = g_binary_content_read_u8(content, pos, &value->ref1);
+ break;
+
+ case DW_FORM_ref2:
+ result = g_binary_content_read_u16(content, pos, endian, &value->ref2);
+ break;
+
+ case DW_FORM_ref4:
+ result = g_binary_content_read_u32(content, pos, endian, &value->ref4);
+ break;
+
+ case DW_FORM_ref8:
+ result = g_binary_content_read_u64(content, pos, endian, &value->ref8);
+ break;
+
+ case DW_FORM_ref_udata:
+ result = g_binary_content_read_uleb128(content, pos, &value->ref_udata);
+ break;
+
+
+
+
+
+
+
+
+
+
+ default:
+ result = false;
+ break;
+
+ }
+
+ return result;
+
+}
diff --git a/plugins/dwarf/v2/form.h b/plugins/dwarf/v2/form.h
new file mode 100644
index 0000000..a124e67
--- /dev/null
+++ b/plugins/dwarf/v2/form.h
@@ -0,0 +1,39 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * form.h - prototypes pour le chargement en mémoire des valeurs d'attributs
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_V2_FORM_H
+#define _FORMAT_DWARF_V2_FORM_H
+
+
+#include "../dwarf.h"
+#include "../dwarf_def.h"
+#include "../../../analysis/content.h"
+
+
+
+/* Lit la valeur correspondant à un type donné. */
+bool read_dwarf_v2_form_value(const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_v2_form_value *);
+
+
+
+#endif /* _FORMAT_DWARF_V2_FORM_H */
diff --git a/plugins/dwarf/v3/Makefile.am b/plugins/dwarf/v3/Makefile.am
new file mode 100644
index 0000000..f6c12c3
--- /dev/null
+++ b/plugins/dwarf/v3/Makefile.am
@@ -0,0 +1,17 @@
+
+noinst_LTLIBRARIES = libformatdwarfv3.la
+
+libformatdwarfv3_la_SOURCES = \
+ dwarf.h dwarf.c
+
+libformatdwarfv3_la_LDFLAGS = $(LIBGTK_LIBS)
+
+
+devdir = $(includedir)/chrysalide/$(subdir:src/%=%)
+
+dev_HEADERS = $(libformatdwarfv3_la_SOURCES:%c=)
+
+
+AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS)
+
+AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/plugins/dwarf/v3/dwarf.c b/plugins/dwarf/v3/dwarf.c
new file mode 100644
index 0000000..942c289
--- /dev/null
+++ b/plugins/dwarf/v3/dwarf.c
@@ -0,0 +1,172 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf.c - support du format DWARF v3
+ *
+ * Copyright (C) 2015-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "dwarf.h"
+
+
+#include "../dwarf-int.h"
+
+
+
+/* Format de débogage DWARF v3 (instance) */
+struct _GDwarfV3Format
+{
+ GDwarfFormat parent; /* A laisser en premier */
+
+};
+
+/* Format de débogage DWARF v3 (classe) */
+struct _GDwarfV3FormatClass
+{
+ GDwarfFormatClass parent; /* A laisser en premier */
+
+};
+
+
+/* Initialise la classe des formats de débogage DWARF v3. */
+static void g_dwarfv3_format_class_init(GDwarfV3FormatClass *);
+
+/* Initialise une instance de format de débogage DWARF v3. */
+static void g_dwarfv3_format_init(GDwarfV3Format *);
+
+/* Supprime toutes les références externes. */
+static void g_dwarfv3_format_dispose(GDwarfV3Format *);
+
+/* Procède à la libération totale de la mémoire. */
+static void g_dwarfv3_format_finalize(GDwarfV3Format *);
+
+
+
+/* Indique le type défini pour un format de débogage DWARF v3. */
+G_DEFINE_TYPE(GDwarfV3Format, g_dwarfv3_format, G_TYPE_DWARF_FORMAT);
+
+
+/******************************************************************************
+* *
+* Paramètres : klass = classe à initialiser. *
+* *
+* Description : Initialise la classe des formats de débogage DWARF v3. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv3_format_class_init(GDwarfV3FormatClass *klass)
+{
+ GObjectClass *object; /* Autre version de la classe */
+
+ object = G_OBJECT_CLASS(klass);
+
+ object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv3_format_dispose;
+ object->finalize = (GObjectFinalizeFunc)g_dwarfv3_format_finalize;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance à initialiser. *
+* *
+* Description : Initialise une instance de format de débogage DWARF v3. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv3_format_init(GDwarfV3Format *format)
+{
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Supprime toutes les références externes. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv3_format_dispose(GDwarfV3Format *format)
+{
+ G_OBJECT_CLASS(g_dwarfv3_format_parent_class)->dispose(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Procède à la libération totale de la mémoire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv3_format_finalize(GDwarfV3Format *format)
+{
+ G_OBJECT_CLASS(g_dwarfv3_format_parent_class)->finalize(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : content = contenu binaire à parcourir. *
+* parent = éventuel format exécutable déjà chargé. *
+ status = barre de statut à tenir informée. *
+* *
+* Description : Prend en charge un nouveau format DWARF (v3). *
+* *
+* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.*
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GBinFormat *g_dwarfv3_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status)
+{
+ GDwarfV3Format *result; /* Structure à retourner */
+
+ result = g_object_new(G_TYPE_DWARFV3_FORMAT, NULL);
+
+
+
+ g_binary_format_set_content(G_BIN_FORMAT(result), content);
+
+
+
+ return G_BIN_FORMAT(result);
+
+}
diff --git a/plugins/dwarf/v3/dwarf.h b/plugins/dwarf/v3/dwarf.h
new file mode 100644
index 0000000..5042b89
--- /dev/null
+++ b/plugins/dwarf/v3/dwarf.h
@@ -0,0 +1,58 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf.h - prototypes pour le support du format DWARF v3
+ *
+ * Copyright (C) 2015-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_V3_DWARF_H
+#define _FORMAT_DWARF_V3_DWARF_H
+
+
+#include <glib-object.h>
+
+
+#include "../../../core/formats.h"
+
+
+
+#define G_TYPE_DWARFV3_FORMAT g_dwarfv3_format_get_type()
+#define G_DWARFV3_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv3_format_get_type(), GDwarfV3Format))
+#define G_IS_DWARFV3_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv3_format_get_type()))
+#define G_DWARFV3_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV3_FORMAT, GDwarfV3FormatClass))
+#define G_IS_DWARFV3_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV3_FORMAT))
+#define G_DWARFV3_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV3_FORMAT, GDwarfV3FormatClass))
+
+
+/* Format de débogage DWARF v3 (instance) */
+typedef struct _GDwarfV3Format GDwarfV3Format;
+
+/* Format de débogage DWARF v3 (classe) */
+typedef struct _GDwarfV3FormatClass GDwarfV3FormatClass;
+
+
+/* Indique le type défini pour un format de débogage DWARF v3. */
+GType g_dwarfv3_format_get_type(void);
+
+/* Prend en charge un nouveau format DWARF (v3). */
+GBinFormat *g_dwarfv3_format_new(GBinContent *, GExeFormat *, GtkStatusStack *);
+
+
+
+#endif /* _FORMAT_DWARF_V3_DWARF_H */
diff --git a/plugins/dwarf/v4/Makefile.am b/plugins/dwarf/v4/Makefile.am
new file mode 100644
index 0000000..ca77923
--- /dev/null
+++ b/plugins/dwarf/v4/Makefile.am
@@ -0,0 +1,18 @@
+
+noinst_LTLIBRARIES = libformatdwarfv4.la
+
+libformatdwarfv4_la_SOURCES = \
+ dwarf.h dwarf.c \
+ form.h form.c
+
+libformatdwarfv4_la_LDFLAGS = $(LIBGTK_LIBS)
+
+
+devdir = $(includedir)/chrysalide/$(subdir:src/%=%)
+
+dev_HEADERS = $(libformatdwarfv4_la_SOURCES:%c=)
+
+
+AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS)
+
+AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/plugins/dwarf/v4/dwarf.c b/plugins/dwarf/v4/dwarf.c
new file mode 100644
index 0000000..a220aff
--- /dev/null
+++ b/plugins/dwarf/v4/dwarf.c
@@ -0,0 +1,182 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf.c - support du format DWARF v4
+ *
+ * Copyright (C) 2015-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "dwarf.h"
+
+
+#include "../dwarf-int.h"
+
+
+#include "form.h"
+
+
+
+/* Format de débogage DWARF v4 (instance) */
+struct _GDwarfV4Format
+{
+ GDwarfFormat parent; /* A laisser en premier */
+
+};
+
+/* Format de débogage DWARF v4 (classe) */
+struct _GDwarfV4FormatClass
+{
+ GDwarfFormatClass parent; /* A laisser en premier */
+
+};
+
+
+/* Initialise la classe des formats de débogage DWARF v4. */
+static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *);
+
+/* Initialise une instance de format de débogage DWARF v4. */
+static void g_dwarfv4_format_init(GDwarfV4Format *);
+
+/* Supprime toutes les références externes. */
+static void g_dwarfv4_format_dispose(GDwarfV4Format *);
+
+/* Procède à la libération totale de la mémoire. */
+static void g_dwarfv4_format_finalize(GDwarfV4Format *);
+
+
+
+/* Indique le type défini pour un format de débogage DWARF v4. */
+G_DEFINE_TYPE(GDwarfV4Format, g_dwarfv4_format, G_TYPE_DWARF_FORMAT);
+
+
+/******************************************************************************
+* *
+* Paramètres : klass = classe à initialiser. *
+* *
+* Description : Initialise la classe des formats de débogage DWARF v4. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *klass)
+{
+ GObjectClass *object; /* Autre version de la classe */
+ GDwarfFormatClass *dwarf; /* Version parente de la classe*/
+
+ object = G_OBJECT_CLASS(klass);
+
+ object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv4_format_dispose;
+ object->finalize = (GObjectFinalizeFunc)g_dwarfv4_format_finalize;
+
+ dwarf = G_DWARF_FORMAT_CLASS(klass);
+
+ dwarf->read_form = (read_form_value_fc)read_dwarf_v4_form_value;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance à initialiser. *
+* *
+* Description : Initialise une instance de format de débogage DWARF v4. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv4_format_init(GDwarfV4Format *format)
+{
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Supprime toutes les références externes. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv4_format_dispose(GDwarfV4Format *format)
+{
+ G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->dispose(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Procède à la libération totale de la mémoire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_dwarfv4_format_finalize(GDwarfV4Format *format)
+{
+ G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->finalize(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : content = contenu binaire à parcourir. *
+* parent = éventuel format exécutable déjà chargé. *
+ status = barre de statut à tenir informée. *
+* *
+* Description : Prend en charge un nouveau format DWARF (v4). *
+* *
+* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.*
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GBinFormat *g_dwarfv4_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status)
+{
+ GDwarfV4Format *result; /* Structure à retourner */
+
+ result = g_object_new(G_TYPE_DWARFV4_FORMAT, NULL);
+
+ g_binary_format_set_content(G_BIN_FORMAT(result), content);
+
+ if (!g_dwarf_format_load(G_DWARF_FORMAT(result), parent))
+ {
+ g_object_unref(G_OBJECT(result));
+ result = NULL;
+ }
+
+ return G_BIN_FORMAT(result);
+
+}
diff --git a/plugins/dwarf/v4/dwarf.h b/plugins/dwarf/v4/dwarf.h
new file mode 100644
index 0000000..89135e3
--- /dev/null
+++ b/plugins/dwarf/v4/dwarf.h
@@ -0,0 +1,58 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * dwarf.h - prototypes pour le support du format DWARF v4
+ *
+ * Copyright (C) 2015-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_V4_DWARF_H
+#define _FORMAT_DWARF_V4_DWARF_H
+
+
+#include <glib-object.h>
+
+
+#include "../../../core/formats.h"
+
+
+
+#define G_TYPE_DWARFV4_FORMAT g_dwarfv4_format_get_type()
+#define G_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv4_format_get_type(), GDwarfV4Format))
+#define G_IS_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv4_format_get_type()))
+#define G_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass))
+#define G_IS_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV4_FORMAT))
+#define G_DWARFV4_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass))
+
+
+/* Format de débogage DWARF v4 (instance) */
+typedef struct _GDwarfV4Format GDwarfV4Format;
+
+/* Format de débogage DWARF v4 (classe) */
+typedef struct _GDwarfV4FormatClass GDwarfV4FormatClass;
+
+
+/* Indique le type défini pour un format de débogage DWARF v4. */
+GType g_dwarfv4_format_get_type(void);
+
+/* Prend en charge un nouveau format DWARF (v4). */
+GBinFormat *g_dwarfv4_format_new(GBinContent *, GExeFormat *, GtkStatusStack *);
+
+
+
+#endif /* _FORMAT_DWARF_V4_DWARF_H */
diff --git a/plugins/dwarf/v4/form.c b/plugins/dwarf/v4/form.c
new file mode 100644
index 0000000..80dbf1e
--- /dev/null
+++ b/plugins/dwarf/v4/form.c
@@ -0,0 +1,106 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * form.c - chargement en mémoire des valeurs d'attributs
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "form.h"
+
+
+#include "../dwarf-int.h"
+#include "../v2/form.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = contenu binaire de débogage à parcourir. *
+* cu = unité de compilation parente. *
+* form = nature de la valeur à lire. *
+* pos = tête de lecture au sein des données. [OUT] *
+* value = valeur au format donné lue. [OUT] *
+* *
+* Description : Lit la valeur correspondant à un type donné. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dwarf_v4_form_value(const GDwarfFormat *format, const dw_compil_unit_header *cu, DwarfForm form, vmpa2t *pos, dw_v4_form_value *value)
+{
+ bool result; /* Bilan de lecture à renvoyer */
+ GBinContent *content; /* Contenu binaire à parcourir */
+ SourceEndian endian; /* Boutisme des enregistrements*/
+ uint32_t tmp32; /* Données sur 32 bits */
+ uint64_t tmp64; /* Données sur 64 bits */
+ uleb128_t tmpuleb; /* Données sur xxx bits */
+
+ content = G_BIN_FORMAT(format)->content;
+ endian = g_binary_format_get_endianness(G_BIN_FORMAT(format));
+
+ switch (form)
+ {
+ case DW_FORM_sec_offset:
+
+ if (cu->is_32b)
+ {
+ result = g_binary_content_read_u32(content, pos, endian, &tmp32);
+ tmp64 = tmp32;
+ }
+ else
+ result = g_binary_content_read_u64(content, pos, endian, &tmp64);
+
+ value->sec_offset = tmp64;
+ break;
+
+ case DW_FORM_exprloc:
+
+ tmpuleb = 0; /* Pour GCC */
+
+ result = g_binary_content_read_uleb128(content, pos, &tmpuleb);
+ if (!result) break;
+
+ value->expr.size = tmpuleb;
+
+ value->expr.start = g_binary_content_get_raw_access(content, pos, value->expr.size);
+ result = (value->expr.start != NULL);
+
+ break;
+
+ case DW_FORM_flag_present:
+ result = true;
+ value->has_flag = true;
+ break;
+
+ case DW_FORM_ref_sig8:
+ result = g_binary_content_read_u64(content, pos, endian, &value->signature);
+ break;
+
+ default:
+ result = read_dwarf_v2_form_value(format, cu, form, pos, &value->v2);
+ break;
+
+ }
+
+ return result;
+
+}
diff --git a/plugins/dwarf/v4/form.h b/plugins/dwarf/v4/form.h
new file mode 100644
index 0000000..053b693
--- /dev/null
+++ b/plugins/dwarf/v4/form.h
@@ -0,0 +1,39 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * form.h - prototypes pour le chargement en mémoire des valeurs d'attributs
+ *
+ * Copyright (C) 2016-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_DWARF_V4_FORM_H
+#define _FORMAT_DWARF_V4_FORM_H
+
+
+#include "../dwarf.h"
+#include "../dwarf_def.h"
+#include "../../../analysis/content.h"
+
+
+
+/* Lit la valeur correspondant à un type donné. */
+bool read_dwarf_v4_form_value(const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_v4_form_value *);
+
+
+
+#endif /* _FORMAT_DWARF_V4_FORM_H */