diff options
| author | Cyrille Bagard <nocbos@gmail.com> | 2010-05-13 12:32:03 (GMT) |
|---|---|---|
| committer | Cyrille Bagard <nocbos@gmail.com> | 2010-05-13 12:32:03 (GMT) |
| commit | 118a668adbf6ca9d4c549618e54f58330f46ce58 (patch) | |
| tree | 10e75f1a7e83ab48aba82a5a595441a065a6037e /src/arch/dalvik/processor.c | |
| parent | e56b4db3aae87f0458319019635dea4968a5c529 (diff) | |
Supported Dalvik VM / DEX (partially).
git-svn-id: svn://svn.gna.org/svn/chrysalide/trunk@155 abbe820e-26c8-41b2-8c08-b7b2b41f8b0a
Diffstat (limited to 'src/arch/dalvik/processor.c')
| -rw-r--r-- | src/arch/dalvik/processor.c | 198 |
1 files changed, 198 insertions, 0 deletions
diff --git a/src/arch/dalvik/processor.c b/src/arch/dalvik/processor.c new file mode 100644 index 0000000..7bf469e --- /dev/null +++ b/src/arch/dalvik/processor.c @@ -0,0 +1,198 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * processor.c - manipulation du processeur de la VM Dalvik + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "processor.h" + + +#include "instruction.h" +#include "opcodes.h" +#include "../processor-int.h" + + + +/* Définition du processeur de la VM Dalvik (instance) */ +struct _GDalvikProcessor +{ + GArchProcessor parent; /* Instance parente */ + +}; + + +/* Définition du processeur de la VM Dalvik (classe) */ +struct _GDalvikProcessorClass +{ + GArchProcessorClass parent; /* Classe parente */ + +}; + + +/* Initialise la classe des processeurs de VM Dalvik. */ +static void g_dalvik_processor_class_init(GDalvikProcessorClass *); + +/* Initialise une instance de processeur de VM Dalvik. */ +static void g_dalvik_processor_init(GDalvikProcessor *); + +/* Décode une instruction dans un flux de données. */ +static GArchInstruction *g_dalvik_processor_decode_instruction(const GDalvikProcessor *, const bin_t *, off_t *, off_t, vmpa_t); + + +/* Indique le type défini par la GLib pour le processeur DALVIK. */ +G_DEFINE_TYPE(GDalvikProcessor, g_dalvik_processor, G_TYPE_ARCH_PROCESSOR); + + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des processeurs de VM Dalvik. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dalvik_processor_class_init(GDalvikProcessorClass *klass) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : proc = instance à initialiser. * +* * +* Description : Initialise une instance de processeur de VM Dalvik. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dalvik_processor_init(GDalvikProcessor *proc) +{ + GArchProcessor *parent; /* Instance parente */ + + parent = G_ARCH_PROCESSOR(proc); + + parent->endianness = SRE_LITTLE; + parent->memsize = MDS_32_BITS; + + parent->decode = (decode_instruction_fc)g_dalvik_processor_decode_instruction; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Crée le support de l'architecture Dalvik. * +* * +* Retour : Architecture mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GArchProcessor *g_dalvik_processor_new(void) +{ + GArchProcessor *result; /* Structure à retourner */ + + result = g_object_new(G_TYPE_DALVIK_PROCESSOR, NULL); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : proc = architecture visée par la procédure. * +* data = flux de données à analyser. * +* pos = position courante dans ce flux. [OUT] * +* len = taille totale des données à analyser. * +* addr = adresse virtuelle de l'instruction. * +* * +* Description : Décode une instruction dans un flux de données. * +* * +* Retour : Instruction mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static GArchInstruction *g_dalvik_processor_decode_instruction(const GDalvikProcessor *proc, const bin_t *data, off_t *pos, off_t len, vmpa_t addr) +{ + GArchInstruction *result; /* Instruction à renvoyer */ + DalvikOpcodes id; /* Identifiant d'instruction */ + + static const dalvik_read_instr decodings[DOP_COUNT] = { + + [DOP_NOP] = dalvik_read_instr_nop, + + + [DOP_CONST_4] = dalvik_read_instr_const_4, + [DOP_CONST_16] = dalvik_read_instr_const_16, + + + [DOP_CONST_HIGH16] = dalvik_read_instr_const_high16, + + + [DOP_CONST_STRING] = dalvik_read_instr_const_string, + + + + [DOP_RETURN_VOID] = dalvik_read_instr_return_void, + [DOP_RETURN] = dalvik_read_instr_return, + + + [DOP_SGET] = dalvik_read_instr_sget, + [DOP_SGET_WIDE] = dalvik_read_instr_sget_wide, + [DOP_SGET_OBJECT] = dalvik_read_instr_sget_object, + + + [DOP_INVOKE_VIRTUAL] = dalvik_read_instr_invoke_virtual, + [DOP_INVOKE_SUPER] = dalvik_read_instr_invoke_super, + [DOP_INVOKE_DIRECT] = dalvik_read_instr_invoke_direct, + [DOP_INVOKE_STATIC] = dalvik_read_instr_invoke_static, + [DOP_INVOKE_INTERFACE] = dalvik_read_instr_invoke_interface, + + + [DOP_MUL_INT_2ADDR] = dalvik_read_instr_mul_int_2addr + + + }; + + id = dalvik_guess_next_instruction(data, *pos, len); + + if (id != DOP_COUNT) (*pos)++; + + if (id == DOP_COUNT) result = NULL; + else result = decodings[id](data, pos, len, addr, proc); + + return result; + +} |