diff options
| author | Cyrille Bagard <nocbos@gmail.com> | 2017-10-18 20:50:10 (GMT) |
|---|---|---|
| committer | Cyrille Bagard <nocbos@gmail.com> | 2017-10-18 20:50:10 (GMT) |
| commit | dce9d9cdfef1d37ef11a987a21f36e83b6b1944f (patch) | |
| tree | 830623ade20e892954fcbddd3b7b05d09aac1dd7 /src/arch/dalvik/pseudo | |
| parent | 1e7c7de85438749d3faf7b76984b86a9c088fbc1 (diff) | |
Created plugins for the Dex and Dalvik support.
Diffstat (limited to 'src/arch/dalvik/pseudo')
| -rw-r--r-- | src/arch/dalvik/pseudo/Makefile.am | 15 | ||||
| -rw-r--r-- | src/arch/dalvik/pseudo/fill.c | 198 | ||||
| -rw-r--r-- | src/arch/dalvik/pseudo/fill.h | 60 | ||||
| -rw-r--r-- | src/arch/dalvik/pseudo/switch.c | 301 | ||||
| -rw-r--r-- | src/arch/dalvik/pseudo/switch.h | 63 |
5 files changed, 0 insertions, 637 deletions
diff --git a/src/arch/dalvik/pseudo/Makefile.am b/src/arch/dalvik/pseudo/Makefile.am deleted file mode 100644 index 9743220..0000000 --- a/src/arch/dalvik/pseudo/Makefile.am +++ /dev/null @@ -1,15 +0,0 @@ - -noinst_LTLIBRARIES = libarchdalvikpseudo.la - -libarchdalvikpseudo_la_SOURCES = \ - fill.h fill.c \ - switch.h switch.c - -libarchdalvikpseudo_la_LIBADD = - -libarchdalvikpseudo_la_CFLAGS = $(AM_CFLAGS) - - -AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) - -AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/src/arch/dalvik/pseudo/fill.c b/src/arch/dalvik/pseudo/fill.c deleted file mode 100644 index dc5683c..0000000 --- a/src/arch/dalvik/pseudo/fill.c +++ /dev/null @@ -1,198 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * fill.c - prise en charge de l'instruction spéciale fill-array-data - * - * Copyright (C) 2011-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see <http://www.gnu.org/licenses/>. - */ - - -#include "fill.h" - - -#include <assert.h> -#include <string.h> - - -#include "../instruction-int.h" - - - -/* Définition générique d'une instruction d'architecture Dalvik (instance) */ -struct _GDalvikFillInstr -{ - GDalvikInstruction parent; /* A laisser en premier */ - - uint16_t item_width; /* Taille des éléments */ - uint32_t array_size; /* Taille du tableau */ - -}; - -/* Définition générique d'une instruction d'architecture Dalvik (classe) */ -struct _GDalvikFillInstrClass -{ - GDalvikInstructionClass parent; /* A laisser en premier */ - -}; - - - -/* Initialise la classe générique des instructions. */ -static void g_dalvik_fill_instr_class_init(GDalvikFillInstrClass *); - -/* Initialise une instance d'opérande d'architecture. */ -static void g_dalvik_fill_instr_init(GDalvikFillInstr *); - -/* Supprime toutes les références externes. */ -static void g_dalvik_fill_instr_dispose(GDalvikFillInstr *); - -/* Procède à la libération totale de la mémoire. */ -static void g_dalvik_fill_instr_finalize(GDalvikFillInstr *); - - - -/* Indique le type défini pour une pseudo-instruction Dalvik de remplissage. */ -G_DEFINE_TYPE(GDalvikFillInstr, g_dalvik_fill_instr, G_TYPE_DALVIK_INSTRUCTION); - - -/****************************************************************************** -* * -* Paramètres : klass = classe à initialiser. * -* * -* Description : Initialise la classe générique des instructions. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_fill_instr_class_init(GDalvikFillInstrClass *klass) -{ - GObjectClass *object; /* Autre version de la classe */ - - object = G_OBJECT_CLASS(klass); - - object->dispose = (GObjectFinalizeFunc/* ! */)g_dalvik_fill_instr_dispose; - object->finalize = (GObjectFinalizeFunc)g_dalvik_fill_instr_finalize; - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instance à initialiser. * -* * -* Description : Initialise une instance d'instruction d'architecture. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_fill_instr_init(GDalvikFillInstr *instr) -{ - G_DALVIK_INSTRUCTION(instr)->keyword = "array-data"; - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instance d'objet GLib à traiter. * -* * -* Description : Supprime toutes les références externes. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_fill_instr_dispose(GDalvikFillInstr *instr) -{ - G_OBJECT_CLASS(g_dalvik_fill_instr_parent_class)->dispose(G_OBJECT(instr)); - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instance d'objet GLib à traiter. * -* * -* Description : Procède à la libération totale de la mémoire. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_fill_instr_finalize(GDalvikFillInstr *instr) -{ - G_OBJECT_CLASS(g_dalvik_fill_instr_parent_class)->finalize(G_OBJECT(instr)); - -} - - -/****************************************************************************** -* * -* Paramètres : ident = identifiant de l'instruction déjà lu. * -* ctx = contexte lié à l'exécution du processeur. * -* content = flux de données à analyser. * -* pos = position courante dans ce flux. [OUT] * -* * -* Description : Crée une pesudo-instruction Dalvik de remplissage. * -* * -* Retour : Instruction mise en place. * -* * -* Remarques : - * -* * -******************************************************************************/ - -GArchInstruction *g_dalvik_fill_instr_new(uint16_t ident, GDalvikContext *ctx, const GBinContent *content, vmpa2t *pos) -{ - GDalvikFillInstr *result; /* Structure à retourner */ - phys_t consumed; /* Données consommées */ - - assert(ident == DPO_FILL_ARRAY_DATA); - - result = g_object_new(G_TYPE_DALVIK_FILL_INSTR, NULL); - - G_DALVIK_INSTRUCTION(result)->ptype = ident; - - if (!g_binary_content_read_u16(content, pos, SRE_LITTLE, &result->item_width)) - goto gdfin_bad; - - if (!g_binary_content_read_u32(content, pos, SRE_LITTLE, &result->array_size)) - goto gdfin_bad; - - consumed = result->item_width * result->array_size; - - if (!g_dalvik_context_register_array_data(ctx, pos, result->item_width, consumed)) - goto gdfin_bad; - - return G_ARCH_INSTRUCTION(result); - - gdfin_bad: - - g_object_unref(result); - - return NULL; - -} diff --git a/src/arch/dalvik/pseudo/fill.h b/src/arch/dalvik/pseudo/fill.h deleted file mode 100644 index 2a63df9..0000000 --- a/src/arch/dalvik/pseudo/fill.h +++ /dev/null @@ -1,60 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * fill.h - prototypes pour la prise en charge de l'instruction spéciale fill-array-data - * - * Copyright (C) 2011-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see <http://www.gnu.org/licenses/>. - */ - - -#ifndef _ARCH_DALVIK_PSEUDO_FILL_H -#define _ARCH_DALVIK_PSEUDO_FILL_H - - -#include "../context.h" -#include "../instruction.h" -#include "../processor.h" - - -#include <glib-object.h> - - - -#define G_TYPE_DALVIK_FILL_INSTR g_dalvik_fill_instr_get_type() -#define G_DALVIK_FILL_INSTR(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), G_TYPE_DALVIK_FILL_INSTR, GDalvikFillInstr)) -#define G_IS_DALVIK_FILL_INSTR(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), G_TYPE_DALVIK_FILL_INSTR)) -#define G_DALVIK_FILL_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DALVIK_FILL, GGDalvikFillClass)) -#define G_IS_DALVIK_FILL_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DALVIK_FILL)) -#define G_DALVIK_FILL_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DALVIK_FILL, GGDalvikFillClass)) - - -/* Définition générique d'une instruction d'architecture (instance) */ -typedef struct _GDalvikFillInstr GDalvikFillInstr; - -/* Définition générique d'une instruction d'architecture (classe) */ -typedef struct _GDalvikFillInstrClass GDalvikFillInstrClass; - - -/* Indique le type défini pour une pseudo-instruction Dalvik de remplissage. */ -GType g_dalvik_fill_instr_get_type(void); - -/* Crée une pesudo-instruction Dalvik de remplissage. */ -GArchInstruction *g_dalvik_fill_instr_new(uint16_t, GDalvikContext *, const GBinContent *, vmpa2t *); - - - -#endif /* _ARCH_DALVIK_PSEUDO_FILL_H */ diff --git a/src/arch/dalvik/pseudo/switch.c b/src/arch/dalvik/pseudo/switch.c deleted file mode 100644 index 90cff87..0000000 --- a/src/arch/dalvik/pseudo/switch.c +++ /dev/null @@ -1,301 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * switch.c - prise en charge des instructions spéciales (packed|sparse)switch - * - * Copyright (C) 2011-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see <http://www.gnu.org/licenses/>. - */ - - -#include "switch.h" - - -#include <assert.h> -#include <malloc.h> - - -#include "../instruction-int.h" - - - -/* Définition générique d'une instruction d'architecture Dalvik (instance) */ -struct _GDalvikSwitchInstr -{ - GDalvikInstruction parent; /* A laisser en premier */ - - uint16_t switch_size; /* Taille du switch considéré */ - - int32_t *keys; /* Table de clefs */ - int32_t *targets; /* Table des sauts relatifs */ - -}; - -/* Définition générique d'une instruction d'architecture Dalvik (classe) */ -struct _GDalvikSwitchInstrClass -{ - GDalvikInstructionClass parent; /* A laisser en premier */ - -}; - - - -/* Initialise la classe générique des instructions. */ -static void g_dalvik_switch_instr_class_init(GDalvikSwitchInstrClass *); - -/* Initialise une instance d'opérande d'architecture. */ -static void g_dalvik_switch_instr_init(GDalvikSwitchInstr *); - -/* Supprime toutes les références externes. */ -static void g_dalvik_switch_instr_dispose(GDalvikSwitchInstr *); - -/* Procède à la libération totale de la mémoire. */ -static void g_dalvik_switch_instr_finalize(GDalvikSwitchInstr *); - -/* Lit toutes les valeurs associés aux branchements. */ -static bool g_dalvik_switch_decode_data(GDalvikSwitchInstr *, const GBinContent *, const vmpa2t *); - - - -/* Indique le type défini pour une pseudo-instruction Dalvik de remplissage. */ -G_DEFINE_TYPE(GDalvikSwitchInstr, g_dalvik_switch_instr, G_TYPE_DALVIK_INSTRUCTION); - - -/****************************************************************************** -* * -* Paramètres : klass = classe à initialiser. * -* * -* Description : Initialise la classe générique des instructions. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_switch_instr_class_init(GDalvikSwitchInstrClass *klass) -{ - GObjectClass *object; /* Autre version de la classe */ - - object = G_OBJECT_CLASS(klass); - - object->dispose = (GObjectFinalizeFunc/* ! */)g_dalvik_switch_instr_dispose; - object->finalize = (GObjectFinalizeFunc)g_dalvik_switch_instr_finalize; - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instance à initialiser. * -* * -* Description : Initialise une instance d'instruction d'architecture. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_switch_instr_init(GDalvikSwitchInstr *instr) -{ - G_DALVIK_INSTRUCTION(instr)->keyword = "switch-data"; - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instance d'objet GLib à traiter. * -* * -* Description : Supprime toutes les références externes. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_switch_instr_dispose(GDalvikSwitchInstr *instr) -{ - G_OBJECT_CLASS(g_dalvik_switch_instr_parent_class)->dispose(G_OBJECT(instr)); - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instance d'objet GLib à traiter. * -* * -* Description : Procède à la libération totale de la mémoire. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_switch_instr_finalize(GDalvikSwitchInstr *instr) -{ - if (instr->keys != NULL) - free(instr->keys); - - if (instr->targets != NULL) - free(instr->targets); - - G_OBJECT_CLASS(g_dalvik_switch_instr_parent_class)->finalize(G_OBJECT(instr)); - -} - - -/****************************************************************************** -* * -* Paramètres : ident = identifiant de l'instruction déjà lu. * -* ctx = contexte lié à l'exécution du processeur. * -* content = flux de données à analyser. * -* pos = position courante dans ce flux. [OUT] * -* * -* Description : Crée une pesudo-instruction Dalvik de branchement. * -* * -* Retour : Instruction mise en place. * -* * -* Remarques : - * -* * -******************************************************************************/ - -GArchInstruction *g_dalvik_switch_instr_new(uint16_t ident, GDalvikContext *ctx, const GBinContent *content, vmpa2t *pos) -{ - GDalvikSwitchInstr *result; /* Structure à retourner */ - phys_t consumed; /* Données consommées */ - - assert(ident == DPO_PACKED_SWITCH || ident == DPO_SPARSE_SWITCH); - - result = g_object_new(G_TYPE_DALVIK_SWITCH_INSTR, NULL); - - G_DALVIK_INSTRUCTION(result)->ptype = ident; - - if (!g_binary_content_read_u16(content, pos, SRE_LITTLE, &result->switch_size)) - goto gdsin_bad; - - if (!g_dalvik_switch_decode_data(result, content, pos)) - goto gdsin_bad; - - if (ident == DPO_PACKED_SWITCH) - consumed = (1 + result->switch_size) * sizeof(int32_t); - else - consumed = (2 * result->switch_size) * sizeof(int32_t); - - if (!g_dalvik_context_register_switch_data(ctx, pos, consumed)) - goto gdsin_bad; - - return G_ARCH_INSTRUCTION(result); - - gdsin_bad: - - g_object_unref(result); - - return NULL; - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instruction d'assemblage à compléter. * -* content = flux de données à analyser. * -* pos = position de lecture courante dans ce flux. * -* * -* Description : Lit toutes les valeurs associés aux branchements. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool g_dalvik_switch_decode_data(GDalvikSwitchInstr *instr, const GBinContent *content, const vmpa2t *pos) -{ - vmpa2t iter; /* Position modifiable */ - int32_t first_key; /* Première clef */ - uint16_t i; /* Boucle de parcours */ - - instr->keys = (int32_t *)calloc(instr->switch_size, sizeof(int32_t)); - instr->targets = (int32_t *)calloc(instr->switch_size, sizeof(int32_t)); - - copy_vmpa(&iter, pos); - - if (G_DALVIK_INSTRUCTION(instr)->ptype == DPO_PACKED_SWITCH) - { - if (!g_binary_content_read_s32(content, &iter, SRE_LITTLE, &first_key)) - goto gdsdd_bad; - - for (i = 0; i < instr->switch_size; i++) - { - instr->keys[i] = first_key + i; - - if (!g_binary_content_read_s32(content, &iter, SRE_LITTLE, &instr->targets[i])) - goto gdsdd_bad; - - } - - } - - else - { - for (i = 0; i < instr->switch_size; i++) - if (!g_binary_content_read_s32(content, &iter, SRE_LITTLE, &instr->keys[i])) - goto gdsdd_bad; - - for (i = 0; i < instr->switch_size; i++) - if (!g_binary_content_read_s32(content, &iter, SRE_LITTLE, &instr->targets[i])) - goto gdsdd_bad; - - } - - return true; - - gdsdd_bad: - - return false; - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instruction d'assemblage à compléter. * -* keys = tableau renseignant les conditions de saut. [OUT] * -* targets = tableau renseignant les sauts relatifs. [OUT] * -* * -* Description : Fournit les données associées à un branchement Dalvik. * -* * -* Retour : Taille des tableaux renseignés. * -* * -* Remarques : - * -* * -******************************************************************************/ - -uint16_t g_dalvik_switch_get_data(GDalvikSwitchInstr *instr, const int32_t **keys, const int32_t **targets) -{ - if (keys != NULL) - *keys = instr->keys; - - if (targets != NULL) - *targets = instr->targets; - - return instr->switch_size; - -} diff --git a/src/arch/dalvik/pseudo/switch.h b/src/arch/dalvik/pseudo/switch.h deleted file mode 100644 index d672f86..0000000 --- a/src/arch/dalvik/pseudo/switch.h +++ /dev/null @@ -1,63 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * switch.h - prototypes pour la prise en charge des instructions spéciales (packed|sparse)switch - * - * Copyright (C) 2011-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see <http://www.gnu.org/licenses/>. - */ - - -#ifndef _ARCH_DALVIK_PSEUDO_SWITCH_H -#define _ARCH_DALVIK_PSEUDO_SWITCH_H - - -#include "../context.h" -#include "../instruction.h" -#include "../processor.h" - - -#include <glib-object.h> - - - -#define G_TYPE_DALVIK_SWITCH_INSTR g_dalvik_switch_instr_get_type() -#define G_DALVIK_SWITCH_INSTR(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), G_TYPE_DALVIK_SWITCH_INSTR, GDalvikSwitchInstr)) -#define G_IS_DALVIK_SWITCH_INSTR(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), G_TYPE_DALVIK_SWITCH_INSTR)) -#define G_DALVIK_SWITCH_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DALVIK_SWITCH, GGDalvikSwitchClass)) -#define G_IS_DALVIK_SWITCH_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DALVIK_SWITCH)) -#define G_DALVIK_SWITCH_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DALVIK_SWITCH, GGDalvikSwitchClass)) - - -/* Définition générique d'une instruction d'architecture (instance) */ -typedef struct _GDalvikSwitchInstr GDalvikSwitchInstr; - -/* Définition générique d'une instruction d'architecture (classe) */ -typedef struct _GDalvikSwitchInstrClass GDalvikSwitchInstrClass; - - -/* Indique le type défini pour une pseudo-instruction Dalvik de remplissage. */ -GType g_dalvik_switch_instr_get_type(void); - -/* Crée une pesudo-instruction Dalvik de branchement. */ -GArchInstruction *g_dalvik_switch_instr_new(uint16_t, GDalvikContext *, const GBinContent *, vmpa2t *); - -/* Fournit les données associées à un branchement Dalvik. */ -uint16_t g_dalvik_switch_get_data(GDalvikSwitchInstr *, const int32_t **, const int32_t **); - - - -#endif /* _ARCH_DALVIK_PSEUDO_SWITCH_H */ |