summaryrefslogtreecommitdiff
path: root/src/analysis/disass
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2014-08-05 20:19:08 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2014-08-05 20:19:08 (GMT)
commit56ee4d3ecddeee05f11083fcc1595e3756b91790 (patch)
tree5ec6e5449214093280629047c36016a0de09cbeb /src/analysis/disass
parenta2eb5483fe74923e488013b2d8b94ded6340499e (diff)
Defined the first steps for a new disassembling approach.
git-svn-id: svn://svn.gna.org/svn/chrysalide/trunk@387 abbe820e-26c8-41b2-8c08-b7b2b41f8b0a
Diffstat (limited to 'src/analysis/disass')
-rw-r--r--src/analysis/disass/disassembler.c156
-rw-r--r--src/analysis/disass/fetch.c122
-rw-r--r--src/analysis/disass/fetch.h7
-rw-r--r--src/analysis/disass/output.c4
4 files changed, 280 insertions, 9 deletions
diff --git a/src/analysis/disass/disassembler.c b/src/analysis/disass/disassembler.c
index 8020e02..9344089 100644
--- a/src/analysis/disass/disassembler.c
+++ b/src/analysis/disass/disassembler.c
@@ -191,9 +191,149 @@ static GDelayedDisassembly *g_delayed_disassembly_new(GLoadedBinary *binary, GBi
* Remarques : - *
* *
******************************************************************************/
+#include "../../arch/vmpa.h"
+#include <time.h>
+
+#include <sys/time.h>
+#include <sys/resource.h>
static void g_delayed_disassembly_process(GDelayedDisassembly *disass, GtkExtStatusBar *statusbar)
{
+
+
+ unsigned int valid; /* Instructions traduites */
+ unsigned int db; /* Instructions non décodées */
+ unsigned int valid_sum; /* Instructions traduites */
+ unsigned int instr_sum; /* Instructions totales */
+ size_t i; /* Boucle de parcours */
+
+ GBinRoutine **routines; /* Liste des routines trouvées */
+ size_t routines_count; /* Nombre de ces routines */
+ bstatus_id_t id; /* Identifiant de statut */
+
+
+
+ vmpa2t base;
+
+
+
+ clock_t begin, end;
+ double time_spent;
+
+
+ struct rusage usage;
+ unsigned long ustart;
+ unsigned long uend;
+
+
+
+ /* Première étape */
+
+ id = gtk_extended_status_bar_push(statusbar, _("Disassembling..."), true);
+
+
+ init_vmpa(&base, 0, 0);
+
+
+
+ begin = clock();
+
+ getrusage(RUSAGE_THREAD, &usage);
+ ustart = usage.ru_utime.tv_sec * 1000000 + usage.ru_utime.tv_usec;
+ ustart += usage.ru_stime.tv_sec * 1000000 + usage.ru_stime.tv_usec;
+
+
+ *disass->instrs = load_raw_binary(disass->binary, &base, 100, statusbar, id);
+
+ /*
+ *disass->instrs = disassemble_binary_parts(disass->binary, disass->parts, disass->count,
+ statusbar, id);
+ */
+
+
+
+ getrusage(RUSAGE_THREAD, &usage);
+ uend = usage.ru_utime.tv_sec * 1000000 + usage.ru_utime.tv_usec;
+ uend += usage.ru_stime.tv_sec * 1000000 + usage.ru_stime.tv_usec;
+
+
+ end = clock();
+
+ time_spent = (double)(end - begin) / CLOCKS_PER_SEC;
+
+ printf("[[ TIME ]] Disassembly :: %.2g (%.2g)\n", time_spent, (uend - ustart) / 1000000.0);
+
+
+
+
+ gtk_extended_status_bar_remove(statusbar, id);
+
+
+ run_plugins_on_binary(disass->binary, PGA_BINARY_DISASSEMBLED, true);
+
+
+
+
+
+
+ /* Septième étape */
+
+ id = gtk_extended_status_bar_push(statusbar, _("Printing disassembled code..."), true);
+
+ qsort(routines, routines_count, sizeof(GBinRoutine *), (__compar_fn_t)g_binary_routine_compare);
+
+
+ begin = clock();
+
+
+ getrusage(RUSAGE_THREAD, &usage);
+ ustart = usage.ru_utime.tv_sec * 1000000 + usage.ru_utime.tv_usec;
+ ustart += usage.ru_stime.tv_sec * 1000000 + usage.ru_stime.tv_usec;
+
+
+ print_disassembled_instructions(disass->buffer, disass->format, *disass->instrs,
+ routines, routines_count, statusbar, id);
+
+
+
+
+
+ getrusage(RUSAGE_THREAD, &usage);
+ uend = usage.ru_utime.tv_sec * 1000000 + usage.ru_utime.tv_usec;
+ uend += usage.ru_stime.tv_sec * 1000000 + usage.ru_stime.tv_usec;
+
+
+ end = clock();
+
+ time_spent = (double)(end - begin) / CLOCKS_PER_SEC;
+
+ printf("[[ TIME ]] Printing :: %.2g (%.2g)\n", time_spent, (uend - ustart) / 1000000.0);
+
+
+ gtk_extended_status_bar_remove(statusbar, id);
+
+ run_plugins_on_binary(disass->binary, PGA_BINARY_PRINTED, true);
+
+
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : disass = analyse à mener. *
+* statusbar = barre de statut à tenir informée. *
+* *
+* Description : Assure le désassemblage en différé. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_delayed_disassembly_process_old(GDelayedDisassembly *disass, GtkExtStatusBar *statusbar)
+{
#ifdef DEBUG
unsigned int valid; /* Instructions traduites */
unsigned int db; /* Instructions non décodées */
@@ -339,20 +479,20 @@ static void build_disass_prologue(GCodeBuffer *buffer, const char *filename, con
output = g_asm_output_new();
line = g_lang_output_start_comments(output, buffer);
- if (line != NULL) g_buffer_line_start_merge_at(line, BLC_ADDRESS);
+ if (line != NULL) g_buffer_line_start_merge_at(line, BLC_PHYSICAL);
/* Introduction */
line = g_lang_output_continue_comments(output, buffer,
SL(_("Disassembly generated by Chrysalide")));
- g_buffer_line_start_merge_at(line, BLC_ADDRESS);
+ g_buffer_line_start_merge_at(line, BLC_PHYSICAL);
line = g_lang_output_continue_comments(output, buffer,
SL(_("Chrysalide is free software - © 2008-2014 Cyrille Bagard")));
- g_buffer_line_start_merge_at(line, BLC_ADDRESS);
+ g_buffer_line_start_merge_at(line, BLC_PHYSICAL);
line = g_lang_output_continue_comments(output, buffer, NULL, 0);
- g_buffer_line_start_merge_at(line, BLC_ADDRESS);
+ g_buffer_line_start_merge_at(line, BLC_PHYSICAL);
/* Fichier */
@@ -362,7 +502,7 @@ static void build_disass_prologue(GCodeBuffer *buffer, const char *filename, con
snprintf(content, len, "%s%s", _("File: "), filename);
line = g_lang_output_continue_comments(output, buffer, content, len - 1);
- g_buffer_line_start_merge_at(line, BLC_ADDRESS);
+ g_buffer_line_start_merge_at(line, BLC_PHYSICAL);
free(content);
@@ -381,19 +521,19 @@ static void build_disass_prologue(GCodeBuffer *buffer, const char *filename, con
g_checksum_free(checksum);
line = g_lang_output_continue_comments(output, buffer, content, len - 1);
- g_buffer_line_start_merge_at(line, BLC_ADDRESS);
+ g_buffer_line_start_merge_at(line, BLC_PHYSICAL);
free(content);
/* Ligne de séparation */
line = g_lang_output_continue_comments(output, buffer, NULL, 0);
- g_buffer_line_start_merge_at(line, BLC_ADDRESS);
+ g_buffer_line_start_merge_at(line, BLC_PHYSICAL);
/* Conclusion */
line = g_lang_output_end_comments(output, buffer);
- if (line != NULL) g_buffer_line_start_merge_at(line, BLC_ADDRESS);
+ if (line != NULL) g_buffer_line_start_merge_at(line, BLC_PHYSICAL);
g_object_unref(G_OBJECT(output));
diff --git a/src/analysis/disass/fetch.c b/src/analysis/disass/fetch.c
index 17eea6a..4686fe2 100644
--- a/src/analysis/disass/fetch.c
+++ b/src/analysis/disass/fetch.c
@@ -23,6 +23,117 @@
#include "fetch.h"
+
+#include "../../arch/artificial.h"
+
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : binary = représentation de binaire chargé. *
+* parts = parties binaires à désassembler. *
+* count = nombre de parties à traiter. *
+* statusbar = barre de statut avec progression à mettre à jour.*
+* id = identifiant du message affiché à l'utilisateur. *
+* *
+* Description : Procède au désassemblage basique d'un contenu binaire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GArchInstruction *load_raw_binary(const GLoadedBinary *binary, const vmpa2t *base, off_t end, GtkExtStatusBar *statusbar, bstatus_id_t id)
+{
+ GArchInstruction *result; /* Liste d'instr. à renvoyer */
+ GBinFormat *format; /* Format du fichier binaire */
+ GArchProcessor *proc; /* Architecture du binaire */
+ off_t bin_length; /* Taille des données à lire */
+ bin_t *bin_data; /* Données binaires à lire */
+ vmpa2t *pos; /* Boucle de parcours */
+ vmpa2t *prev; /* Boucle de parcours */
+ off_t old_phy; /* Ancienne position physique */
+ GArchInstruction *instr; /* Instruction décodée */
+ off_t new_phy; /* Nouvelle position physique */
+
+ result = NULL;
+
+ format = G_BIN_FORMAT(g_loaded_binary_get_format(binary));
+ proc = get_arch_processor_from_format(G_EXE_FORMAT(format));
+ bin_data = g_loaded_binary_get_data(binary, &bin_length);
+
+ end = bin_length;
+
+ pos = local_dup_vmpa(base);
+ prev = local_dup_vmpa(base);
+
+ old_phy = get_phy_addr(prev);
+
+ while (old_phy < end)
+ {
+ instr = g_db_instruction_new_from_data(bin_data, pos, end, proc);
+ if (instr == NULL) break;
+
+ new_phy = get_phy_addr(pos);
+
+ g_arch_instruction_set_location(instr, prev, new_phy - old_phy);
+ g_arch_instruction_add_to_list(&result, instr);
+
+ copy_vmpa(prev, pos);
+ old_phy = get_phy_addr(prev);
+
+ //done += (new_phy - old_phy);
+ //gtk_extended_status_bar_update_activity(statusbar, id, done * 1.0 / sum);
+
+ }
+
+ return result;
+
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
#ifdef DEBUG
# include "../../arch/artificial.h"
#endif
@@ -139,3 +250,14 @@ GArchInstruction *disassemble_binary_parts(const GLoadedBinary *binary, GBinPart
return result;
}
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/analysis/disass/fetch.h b/src/analysis/disass/fetch.h
index 87f3134..ff62ce8 100644
--- a/src/analysis/disass/fetch.h
+++ b/src/analysis/disass/fetch.h
@@ -30,6 +30,13 @@
#include "../../gtkext/gtkextstatusbar.h"
+
+
+GArchInstruction *load_raw_binary(const GLoadedBinary *binary, const vmpa2t *base, off_t end, GtkExtStatusBar *statusbar, bstatus_id_t id);
+
+
+
+
/* Procède au désassemblage basique d'un contenu binaire. */
GArchInstruction *disassemble_binary_parts(const GLoadedBinary *, GBinPart **, size_t, GtkExtStatusBar *, bstatus_id_t);
diff --git a/src/analysis/disass/output.c b/src/analysis/disass/output.c
index fd7efce..97f9989 100644
--- a/src/analysis/disass/output.c
+++ b/src/analysis/disass/output.c
@@ -76,6 +76,7 @@ void print_disassembled_instructions(GCodeBuffer *buffer, const GExeFormat *form
iter != NULL;
iter = g_arch_instruction_get_next_iter(instrs, iter, VMPA_MAX))
{
+#if 0
g_arch_instruction_get_location(iter, NULL, NULL, &iaddr);
/* Ajout des prototypes de fonction */
@@ -87,10 +88,11 @@ void print_disassembled_instructions(GCodeBuffer *buffer, const GExeFormat *form
g_binary_routine_output_info(routines[i], output, buffer);
}
+#endif
g_arch_instruction_print(iter, buffer, msize, content, ASX_INTEL);
- gtk_extended_status_bar_update_activity(statusbar, id, (iaddr - start) * 1.0 / (end - start));
+ //gtk_extended_status_bar_update_activity(statusbar, id, (iaddr - start) * 1.0 / (end - start));
}