diff options
| author | Cyrille Bagard <nocbos@gmail.com> | 2018-05-14 19:40:07 (GMT) |
|---|---|---|
| committer | Cyrille Bagard <nocbos@gmail.com> | 2018-05-14 19:40:07 (GMT) |
| commit | 0286b53bad21abf91cbe17c4772ca9cde6a89cbc (patch) | |
| tree | 3bec9dc7e118c00ce9c748576b01606a71880ad7 /src/analysis | |
| parent | 267b1ae8608ed4bf52de743798e8647c903ee1b4 (diff) | |
Created an instruction database for Chrysalide.
Diffstat (limited to 'src/analysis')
| -rw-r--r-- | src/analysis/binary.c | 55 | ||||
| -rw-r--r-- | src/analysis/binary.h | 3 | ||||
| -rw-r--r-- | src/analysis/disass/disassembler.c | 60 | ||||
| -rw-r--r-- | src/analysis/disass/fetch.c | 5 |
4 files changed, 108 insertions, 15 deletions
diff --git a/src/analysis/binary.c b/src/analysis/binary.c index 4bb9e43..f028cd6 100644 --- a/src/analysis/binary.c +++ b/src/analysis/binary.c @@ -40,6 +40,7 @@ #include "db/client.h" //#include "decomp/decompiler.h" #include "disass/disassembler.h" +#include "../arch/storage.h" #include "../common/extstr.h" #include "../common/cpp.h" #include "../common/xdg.h" @@ -1025,6 +1026,53 @@ static bool g_loaded_binary_connect_remote(GLoadedBinary *binary) } +/****************************************************************************** +* * +* Paramètres : binary = élément binaire à manipuler. * +* * +* Description : Sauvegarde le cache des instructions désassemblées. * +* * +* Retour : Bilan préliminaire de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool g_loaded_binary_save_cache(const GLoadedBinary *binary) +{ + bool result; /* Bilan à faire remonter */ + GArchProcessor *proc; /* Processeur concerné */ + GBinContent *content; /* Contenu brut représenté */ + const gchar *id; /* Identifiant court et unique */ + GAsmStorage *storage; /* Cache propre à constituer */ + + proc = g_loaded_binary_get_processor(binary); + content = g_loaded_binary_get_content(binary); + + id = g_binary_content_get_checksum(content); + + storage = g_asm_storage_new_compressed(proc, id); + + g_object_unref(G_OBJECT(content)); + g_object_unref(G_OBJECT(proc)); + + if (storage != NULL) + { + g_signal_connect(G_OBJECT(storage), "saved", G_CALLBACK(g_object_unref), NULL); + + g_asm_storage_save(storage); + + result = true; + + } + else + result = false; + + return result; + +} + + /* ---------------------------------------------------------------------------------- */ /* MANIPULATION DES COLLECTIONS */ @@ -1491,9 +1539,14 @@ static bool g_loaded_binary_save(const GLoadedBinary *binary, xmlDoc *xdoc, xmlX { bool result; /* Bilan à faire remonter */ + /* Mise en cache des instructions */ + + result = g_loaded_binary_save_cache(binary); + /* Elément divers associés au binaire */ - result = g_loaded_binary_save_storage(binary, xdoc, context, path); + if (result) + result = g_loaded_binary_save_storage(binary, xdoc, context, path); /* Sauvegarde côté serveur */ diff --git a/src/analysis/binary.h b/src/analysis/binary.h index b57e072..fd25210 100644 --- a/src/analysis/binary.h +++ b/src/analysis/binary.h @@ -111,6 +111,9 @@ DBStorage g_loaded_binary_get_storage(const GLoadedBinary *, DBFeatures); /* Définit la forme d'enregistrement d'une fonctionnalité. */ void g_loaded_binary_set_storage(GLoadedBinary *, DBFeatures, DBStorage); +/* Sauvegarde le cache des instructions désassemblées. */ +bool g_loaded_binary_save_cache(const GLoadedBinary *); + /* -------------------------- MANIPULATION DES COLLECTIONS -------------------------- */ diff --git a/src/analysis/disass/disassembler.c b/src/analysis/disass/disassembler.c index ca5e565..efe50e1 100644 --- a/src/analysis/disass/disassembler.c +++ b/src/analysis/disass/disassembler.c @@ -36,6 +36,7 @@ #include "instructions.h" #include "output.h" #include "routines.h" +#include "../../arch/storage.h" #include "../../core/global.h" #include "../../glibext/generators/prologue.h" #include "../../plugins/pglist.h" @@ -216,6 +217,10 @@ static void compute_disassembly(GLoadedBinary *binary, GProcContext *context, wg { GArchProcessor *proc; /* Architecture du binaire */ GExeFormat *format; /* Format du binaire représenté*/ + GBinContent *content; /* Contenu brut représenté */ + const gchar *id; /* Identifiant court et unique */ + GAsmStorage *storage; /* Cache propre à constituer */ + bool cached; /* Instructions en cache */ GArchInstruction **instrs; /* Instructions résultantes */ size_t count; /* Quantité de ces instructions*/ @@ -227,25 +232,54 @@ static void compute_disassembly(GLoadedBinary *binary, GProcContext *context, wg format = g_loaded_binary_get_format(binary); + g_binary_format_preload_disassembling_context(G_BIN_FORMAT(format), context, status); + + /** + * Etape zéro : récupération des instructions depuis un cache, si ce dernier exitste. + */ + + content = g_loaded_content_get_content(G_LOADED_CONTENT(binary)); + + id = g_binary_content_get_checksum(content); + + storage = g_asm_storage_new_compressed(proc, id); + + g_object_unref(G_OBJECT(content)); + + cached = g_asm_storage_has_cache(storage); + + if (cached) + cached = g_asm_storage_open(storage, G_BIN_FORMAT(format), gid); + + g_object_unref(G_OBJECT(storage)); + /** * Première étape : collecte des instructions. */ - instrs = disassemble_binary_content(binary, context, gid, status, &count); + if (!cached) + { + instrs = disassemble_binary_content(binary, context, gid, status, &count); + + g_arch_processor_set_instructions(proc, instrs, count); - g_arch_processor_set_instructions(proc, instrs, count); + process_disassembly_event(PGA_DISASSEMBLY_RAW, binary); - process_disassembly_event(PGA_DISASSEMBLY_RAW, binary); + } /** * Seconde étape : liaisons des instructions. */ - process_all_instructions(gid, status, _("Calling 'link' hook on all instructions..."), - g_instructions_study_do_link_operation, - proc, context, format); + if (!cached) + { + process_all_instructions(gid, status, _("Calling 'link' hook on all instructions..."), + g_instructions_study_do_link_operation, + proc, context, format); - process_disassembly_event(PGA_DISASSEMBLY_HOOKED_LINK, binary); + process_disassembly_event(PGA_DISASSEMBLY_HOOKED_LINK, binary); + + } /** * Troisième étape : exécution d'éventuels post-traitements. @@ -271,11 +305,15 @@ static void compute_disassembly(GLoadedBinary *binary, GProcContext *context, wg * Cinquième étape : liaisons entre instructions. */ - process_all_instructions(gid, status, _("Establishing links betweek all instructions..."), - g_instructions_study_establish_links, - proc, context, format); + if (!cached) + { + process_all_instructions(gid, status, _("Establishing links betweek all instructions..."), + g_instructions_study_establish_links, + proc, context, format); - process_disassembly_event(PGA_DISASSEMBLY_LINKED, binary); + process_disassembly_event(PGA_DISASSEMBLY_LINKED, binary); + + } /** * Sixième étape : regroupement en blocs basiques. diff --git a/src/analysis/disass/fetch.c b/src/analysis/disass/fetch.c index 934c755..03b3ff0 100644 --- a/src/analysis/disass/fetch.c +++ b/src/analysis/disass/fetch.c @@ -431,11 +431,10 @@ GArchInstruction **disassemble_binary_content(GLoadedBinary *binary, GProcContex g_proc_context_attach_counter(template.ctx, &remaining_counter); /** - * Première phase de désassemblage : intégration des infos du format. + * Première phase de désassemblage : intégration des infos du format, + * récupérées dans le contexte via un appel à g_binary_format_preload_disassembling_context(). */ - g_binary_format_preload_disassembling_context(format, template.ctx, status); - populate_fresh_memory_areas(gid, status, template.areas, template.count, G_PRELOAD_INFO(ctx)); g_work_queue_wait_for_completion(queue, gid); |