summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--configure.ac2
-rw-r--r--plugins/Makefile.am2
-rw-r--r--plugins/bootimg/Makefile.am51
-rw-r--r--plugins/bootimg/bootimg-def.h78
-rw-r--r--plugins/bootimg/core.c131
-rw-r--r--plugins/bootimg/core.h41
-rw-r--r--plugins/bootimg/format-int.c112
-rw-r--r--plugins/bootimg/format-int.h59
-rw-r--r--plugins/bootimg/format.c404
-rw-r--r--plugins/bootimg/format.h74
-rw-r--r--plugins/bootimg/python/Makefile.am20
-rw-r--r--plugins/bootimg/python/format.c311
-rw-r--r--plugins/bootimg/python/format.h42
-rw-r--r--plugins/bootimg/python/module.c82
-rw-r--r--plugins/bootimg/python/module.h38
-rw-r--r--plugins/bootimg/python/translate.c110
-rw-r--r--plugins/bootimg/python/translate.h41
-rw-r--r--plugins/pychrysalide/format/Makefile.am1
-rw-r--r--plugins/pychrysalide/format/known.c292
-rw-r--r--plugins/pychrysalide/format/known.h42
-rw-r--r--plugins/pychrysalide/format/module.c2
-rw-r--r--src/analysis/loading.c2
-rw-r--r--src/format/Makefile.am2
-rw-r--r--src/format/known-int.h65
-rw-r--r--src/format/known.c260
-rw-r--r--src/format/known.h72
-rw-r--r--src/plugins/pglist.h3
-rw-r--r--src/plugins/plugin.c27
-rw-r--r--src/plugins/plugin.h4
29 files changed, 2368 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac
index 67019f2..2935fad 100644
--- a/configure.ac
+++ b/configure.ac
@@ -406,6 +406,8 @@ AC_CONFIG_FILES([Makefile
plugins/arm/v7/opcodes/Makefile
plugins/arm/v7/operands/Makefile
plugins/arm/v7/registers/Makefile
+ plugins/bootimg/Makefile
+ plugins/bootimg/python/Makefile
plugins/dalvik/Makefile
plugins/dalvik/operands/Makefile
plugins/dalvik/pseudo/Makefile
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index 785a1ed..ecdc018 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -6,4 +6,4 @@ PYTHON3_SUBDIRS = pychrysalide python
endif
# androhelpers
-SUBDIRS = $(PYTHON3_SUBDIRS) arm dex dalvik devdbg dexbnf dwarf elf fmtp itanium javadesc libcsem lnxsyscalls mobicore readdex readelf readmc ropgadgets
+SUBDIRS = $(PYTHON3_SUBDIRS) arm bootimg dex dalvik devdbg dexbnf dwarf elf fmtp itanium javadesc libcsem lnxsyscalls mobicore readdex readelf readmc ropgadgets
diff --git a/plugins/bootimg/Makefile.am b/plugins/bootimg/Makefile.am
new file mode 100644
index 0000000..8329665
--- /dev/null
+++ b/plugins/bootimg/Makefile.am
@@ -0,0 +1,51 @@
+
+lib_LTLIBRARIES = libbootimg.la
+
+libdir = $(pluginslibdir)
+
+
+if BUILD_PYTHON3_BINDINGS
+
+PYTHON3_LIBADD = python/libbootimgpython.la
+
+if BUILD_DISCARD_LOCAL
+
+PYTHON3_LDFLAGS = -Wl,-rpath,$(pluginslibdir) \
+ -L$(top_srcdir)/plugins/pychrysalide/.libs -l:pychrysalide.so
+
+else
+
+PYTHON3_LDFLAGS = -Wl,-rpath,$(abs_top_srcdir)/plugins/pychrysalide/.libs \
+ -L$(top_srcdir)/plugins/pychrysalide/.libs -l:pychrysalide.so
+
+endif
+
+PYTHON3_SUBDIRS = python
+
+endif
+
+
+libbootimg_la_SOURCES = \
+ core.h core.c \
+ bootimg-def.h \
+ format-int.h format-int.c \
+ format.h format.c
+
+libbootimg_la_LIBADD = \
+ $(PYTHON3_LIBADD)
+
+libbootimg_la_LDFLAGS = \
+ -L$(top_srcdir)/src/.libs -lchrysacore \
+ $(PYTHON3_LDFLAGS)
+
+
+devdir = $(includedir)/chrysalide-$(subdir)
+
+dev_HEADERS = $(libbootimg_la_SOURCES:%c=)
+
+
+AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) -I$(top_srcdir)/src
+
+AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
+
+SUBDIRS = $(PYTHON3_SUBDIRS)
diff --git a/plugins/bootimg/bootimg-def.h b/plugins/bootimg/bootimg-def.h
new file mode 100644
index 0000000..90fb97a
--- /dev/null
+++ b/plugins/bootimg/bootimg-def.h
@@ -0,0 +1,78 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * elf_def.h - liste des structures et constantes utilisées par le format BOOT.img
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _PLUGINS_BOOTIMG_BOOTIMG_DEF_H
+#define _PLUGINS_BOOTIMG_BOOTIMG_DEF_H
+
+
+#include <stdint.h>
+
+
+
+/**
+ * Références :
+ *
+ * - https://source.android.com/devices/bootloader/boot-image-header
+ * - https://android.googlesource.com/platform/system/core/+/android-4.4_r1/mkbootimg/bootimg.h
+ */
+
+
+#define BOOT_MAGIC "ANDROID!"
+#define BOOT_MAGIC_SIZE (sizeof(BOOT_MAGIC) - 1)
+
+#define BOOT_NAME_SIZE 16
+#define BOOT_ARGS_SIZE 512
+#define BOOT_EXTRA_ARGS_SIZE 1024
+
+
+/* Entêtes, ancienne et nouvelle, pour une image de démarrage Android */
+typedef struct _boot_img_hdr
+{
+ uint8_t magic[BOOT_MAGIC_SIZE]; /* Identifiant magique */
+ uint32_t kernel_size; /* Taille en octets */
+ uint32_t kernel_addr; /* Adresse de chargement phys. */
+
+ uint32_t ramdisk_size; /* Taille en octets */
+ uint32_t ramdisk_addr; /* Adresse de chargement phys. */
+
+ uint32_t second_size; /* Taille en octets */
+ uint32_t second_addr; /* Adresse de chargement phys. */
+
+ uint32_t tags_addr; /* Adresse de chargement phys. */
+ uint32_t page_size; /* Taille des pages de Flash */
+ uint32_t header_version; /* Version de cet entête */
+ uint32_t os_version; /* Version de l'OS */
+ uint8_t name[BOOT_NAME_SIZE]; /* Désignation ASCII du produit*/
+ uint8_t cmdline[BOOT_ARGS_SIZE]; /* Arguments de démarrage */
+ uint32_t id[8]; /* Horodatage, empreinte, etc. */
+ uint8_t extra_cmdline[BOOT_EXTRA_ARGS_SIZE]; /* Arg. supplémentaires */
+
+ uint32_t recovery_dtbo_size; /* Taille de l'image DTBO */
+ uint64_t recovery_dtbo_offset; /* Emplacement dans le contenu */
+ uint32_t header_size; /* Taille de l'entête en octets*/
+
+} boot_img_hdr;
+
+
+
+#endif /* _PLUGINS_BOOTIMG_BOOTIMG_DEF_H */
diff --git a/plugins/bootimg/core.c b/plugins/bootimg/core.c
new file mode 100644
index 0000000..fdf1c95
--- /dev/null
+++ b/plugins/bootimg/core.c
@@ -0,0 +1,131 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * core.c - intégration du support du format BOOT.img
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "core.h"
+
+
+#include <config.h>
+#include <core/global.h>
+#include <plugins/plugin-def.h>
+
+
+#include "format.h"
+#ifdef HAVE_PYTHON3_BINDINGS
+# include "python/module.h"
+#endif
+
+
+#ifdef HAVE_PYTHON3_BINDINGS
+# define PG_REQ RL("PyChrysalide")
+#else
+# define PG_REQ NO_REQ
+#endif
+
+
+
+DEFINE_CHRYSALIDE_PLUGIN("GBootImgPlugin", "bootimg", "Add support for the BOOT.img format", "0.1.0",
+ PG_REQ, AL(PGA_PLUGIN_INIT, PGA_CONTENT_EXPLORER));
+
+
+
+/******************************************************************************
+* *
+* Paramètres : plugin = greffon à manipuler. *
+* *
+* Description : Prend acte du chargement du greffon. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+G_MODULE_EXPORT bool chrysalide_plugin_init(GPluginModule *plugin)
+{
+ bool result; /* Bilan à retourner */
+
+#ifdef HAVE_PYTHON3_BINDINGS
+ result = add_format_bootimg_module_to_python_module();
+#else
+ result = true;
+#endif
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : plugin = greffon à manipuler. *
+* action = type d'action attendue. *
+* content = contenu binaire à traiter. *
+* wid = identifiant du groupe de traitement. *
+* status = barre de statut à tenir informée. *
+* *
+* Description : Procède à une opération liée à un contenu binaire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+G_MODULE_EXPORT void chrysalide_plugin_handle_binary_content(const GPluginModule *plugin, PluginAction action, GBinContent *content, wgroup_id_t wid, GtkStatusStack *status)
+{
+ bool test; /* Bilan des accès mémoire */
+ GContentExplorer *explorer; /* Explorateur de contenus */
+ GBootImgFormat *format; /* Encapsulation reconnue */
+ GBinContent *embedded; /* Nouveau contenu détecté */
+
+ test = check_bootimg_format(content);
+
+ if (test)
+ {
+ explorer = get_current_content_explorer();
+
+ format = g_bootimg_format_new(content);
+
+ test = g_known_format_analyze(G_KNOWN_FORMAT(format), wid, status);
+
+ if (test)
+ {
+ embedded = g_bootimg_format_get_kernel(format);
+
+ if (embedded != NULL)
+ g_content_explorer_populate_group(explorer, wid, embedded);
+
+ embedded = g_bootimg_format_get_ramdisk(format);
+
+ if (embedded != NULL)
+ g_content_explorer_populate_group(explorer, wid, embedded);
+
+ }
+
+ g_object_unref(G_OBJECT(format));
+
+ g_object_unref(G_OBJECT(explorer));
+
+ }
+
+}
diff --git a/plugins/bootimg/core.h b/plugins/bootimg/core.h
new file mode 100644
index 0000000..606f5b0
--- /dev/null
+++ b/plugins/bootimg/core.h
@@ -0,0 +1,41 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * core.h - prototypes pour l'intégration du support du format BOOT.img
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _PLUGINS_BOOTIMG_CORE_H
+#define _PLUGINS_BOOTIMG_CORE_H
+
+
+#include <plugins/plugin.h>
+#include <plugins/plugin-int.h>
+
+
+
+/* Prend acte du chargement du greffon. */
+G_MODULE_EXPORT bool chrysalide_plugin_init(GPluginModule *);
+
+/* Procède à une opération liée à un contenu binaire. */
+G_MODULE_EXPORT void chrysalide_plugin_handle_binary_content(const GPluginModule *, PluginAction, GBinContent *, wgroup_id_t, GtkStatusStack *);
+
+
+
+#endif /* _PLUGINS_BOOTIMG_CORE_H */
diff --git a/plugins/bootimg/format-int.c b/plugins/bootimg/format-int.c
new file mode 100644
index 0000000..f898d5f
--- /dev/null
+++ b/plugins/bootimg/format-int.c
@@ -0,0 +1,112 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * format-int.c - structures internes du format BOOT.img
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "format-int.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* header = en-tête à déterminer. [OUT] *
+* *
+* Description : Procède à la lecture de l'entête d'une image BOOT.img. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_bootimg_header(GBootImgFormat *format, boot_img_hdr *header)
+{
+ bool result; /* Bilan à retourner */
+ GBinContent *content; /* Contenu binaire à lire */
+ vmpa2t pos; /* Position de lecture */
+
+ content = g_known_format_get_content(G_KNOWN_FORMAT(format));
+
+ init_vmpa(&pos, 0, VMPA_NO_VIRTUAL);
+
+ result = g_binary_content_read_raw(content, &pos, BOOT_MAGIC_SIZE, (bin_t *)header->magic);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->kernel_size);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->kernel_addr);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->ramdisk_size);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->ramdisk_addr);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->second_size);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->second_addr);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->tags_addr);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->page_size);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->header_version);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->os_version);
+
+ if (result)
+ result = g_binary_content_read_raw(content, &pos, BOOT_NAME_SIZE, (bin_t *)header->name);
+
+ if (result)
+ result = g_binary_content_read_raw(content, &pos, BOOT_ARGS_SIZE, (bin_t *)header->cmdline);
+
+ if (result)
+ result = g_binary_content_read_raw(content, &pos, 8, (bin_t *)header->id);
+
+ if (result)
+ result = g_binary_content_read_raw(content, &pos, BOOT_EXTRA_ARGS_SIZE, (bin_t *)header->extra_cmdline);
+
+ if (result && header->header_version == 1)
+ {
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->recovery_dtbo_size);
+
+ if (result)
+ result = g_binary_content_read_u64(content, &pos, SRE_LITTLE, &header->recovery_dtbo_offset);
+
+ if (result)
+ result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->header_size);
+
+ }
+
+ g_object_unref(G_OBJECT(content));
+
+ return result;
+
+}
diff --git a/plugins/bootimg/format-int.h b/plugins/bootimg/format-int.h
new file mode 100644
index 0000000..560841d
--- /dev/null
+++ b/plugins/bootimg/format-int.h
@@ -0,0 +1,59 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * format-int.h - prototypes pour les structures internes du format BOOT.img
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _PLUGINS_BOOTIMG_FORMAT_INT_H
+#define _PLUGINS_BOOTIMG_FORMAT_INT_H
+
+
+#include <format/known-int.h>
+
+
+#include "format.h"
+
+
+
+/* Format d'une image de démarrage (instance) */
+struct _GBootImgFormat
+{
+ GKnownFormat parent; /* A laisser en premier */
+
+ GBinContent *content; /* Contenu binaire à étudier */
+
+ boot_img_hdr header; /* Entête du format */
+
+};
+
+/* Format d'une image de démarrage (classe) */
+struct _GBootImgFormatClass
+{
+ GKnownFormatClass parent; /* A laisser en premier */
+
+};
+
+
+/* Procède à la lecture de l'entête d'une image BOOT.img. */
+bool read_bootimg_header(GBootImgFormat *, boot_img_hdr *);
+
+
+
+#endif /* _PLUGINS_BOOTIMG_FORMAT_INT_H */
diff --git a/plugins/bootimg/format.c b/plugins/bootimg/format.c
new file mode 100644
index 0000000..f41f98d
--- /dev/null
+++ b/plugins/bootimg/format.c
@@ -0,0 +1,404 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * format.h - support du format BOOT.img
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "format.h"
+
+
+#include <string.h>
+
+
+#include <i18n.h>
+#include <analysis/contents/memory.h>
+
+
+#include "format-int.h"
+
+
+
+/* Initialise la classe des formats d'exécutables ELF. */
+static void g_bootimg_format_class_init(GBootImgFormatClass *);
+
+/* Initialise une instance de format d'exécutable ELF. */
+static void g_bootimg_format_init(GBootImgFormat *);
+
+/* Supprime toutes les références externes. */
+static void g_bootimg_format_dispose(GBootImgFormat *);
+
+/* Procède à la libération totale de la mémoire. */
+static void g_bootimg_format_finalize(GBootImgFormat *);
+
+/* Indique la désignation interne du format. */
+static const char *g_bootimg_format_get_name(const GBootImgFormat *);
+
+/* Fournit une description humaine du format. */
+static const char *g_bootimg_format_get_description(const GBootImgFormat *);
+
+/* Assure l'interprétation d'un format en différé. */
+static bool g_bootimg_format_analyze(GBootImgFormat *, wgroup_id_t, GtkStatusStack *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : content = contenu binaire à traiter. *
+* *
+* Description : Valide un contenu comme étant un format Elf. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool check_bootimg_format(const GBinContent *content)
+{
+ bool result; /* Bilan à faire remonter */
+ vmpa2t addr; /* Tête de lecture initiale */
+ char magic[BOOT_MAGIC_SIZE]; /* Idenfiant standard */
+
+ init_vmpa(&addr, 0, VMPA_NO_VIRTUAL);
+
+ result = g_binary_content_read_raw(content, &addr, BOOT_MAGIC_SIZE, (bin_t *)magic);
+
+ if (result)
+ result = (memcmp(magic, BOOT_MAGIC, BOOT_MAGIC_SIZE) == 0);
+
+ return result;
+
+}
+
+
+/* Indique le type défini pour un format d'image BOOT.img. */
+G_DEFINE_TYPE(GBootImgFormat, g_bootimg_format, G_TYPE_KNOWN_FORMAT);
+
+
+/******************************************************************************
+* *
+* Paramètres : klass = classe à initialiser. *
+* *
+* Description : Initialise la classe des formats d'exécutables ELF. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_bootimg_format_class_init(GBootImgFormatClass *klass)
+{
+ GObjectClass *object; /* Autre version de la classe */
+ GKnownFormatClass *known; /* Version parente de la classe*/
+
+ object = G_OBJECT_CLASS(klass);
+
+ object->dispose = (GObjectFinalizeFunc/* ! */)g_bootimg_format_dispose;
+ object->finalize = (GObjectFinalizeFunc)g_bootimg_format_finalize;
+
+ known = G_KNOWN_FORMAT_CLASS(klass);
+
+ known->get_name = (known_get_name_fc)g_bootimg_format_get_name;
+ known->get_desc = (known_get_desc_fc)g_bootimg_format_get_description;
+ known->analyze = (known_analyze_fc)g_bootimg_format_analyze;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance à initialiser. *
+* *
+* Description : Initialise une instance de format d'exécutable ELF. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_bootimg_format_init(GBootImgFormat *format)
+{
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Supprime toutes les références externes. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_bootimg_format_dispose(GBootImgFormat *format)
+{
+ G_OBJECT_CLASS(g_bootimg_format_parent_class)->dispose(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Procède à la libération totale de la mémoire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_bootimg_format_finalize(GBootImgFormat *format)
+{
+ G_OBJECT_CLASS(g_bootimg_format_parent_class)->finalize(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : content = contenu binaire à parcourir. *
+* *
+* Description : Prend en charge un nouveau format ELF. *
+* *
+* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.*
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GBootImgFormat *g_bootimg_format_new(GBinContent *content)
+{
+ GBootImgFormat *result; /* Structure à retourner */
+
+ if (!check_bootimg_format(content))
+ return NULL;
+
+ result = g_object_new(G_TYPE_BOOTIMG_FORMAT, NULL);
+
+ g_known_format_set_content(G_KNOWN_FORMAT(result), content);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description du format à consulter. *
+* *
+* Description : Indique la désignation interne du format. *
+* *
+* Retour : Description du format. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static const char *g_bootimg_format_get_name(const GBootImgFormat *format)
+{
+ const char *result; /* Désignation à retourner */
+
+ result = "bootimg";
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à consulter. *
+* *
+* Description : Fournit une description humaine du format. *
+* *
+* Retour : Description du format. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static const char *g_bootimg_format_get_description(const GBootImgFormat *format)
+{
+ const char *result; /* Désignation à retourner */
+
+ result = "Android Boot Image";
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = format chargé dont l'analyse est lancée. *
+* gid = groupe de travail dédié. *
+* status = barre de statut à tenir informée. *
+* *
+* Description : Assure l'interprétation d'un format en différé. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool g_bootimg_format_analyze(GBootImgFormat *format, wgroup_id_t gid, GtkStatusStack *status)
+{
+ bool result; /* Bilan à retourner */
+
+ result = read_bootimg_header(format, &format->header);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* *
+* Description : Présente l'entête BOOT.img du format chargé. *
+* *
+* Retour : Pointeur vers la description principale. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const boot_img_hdr *g_bootimg_format_get_header(const GBootImgFormat *format)
+{
+ const boot_img_hdr *result; /* Structure à retourner */
+
+ result = &format->header;
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* *
+* Description : Fournit le noyau inclus dans une image de démarrage. *
+* *
+* Retour : Nouveau contenu binaire ou NULL en cas d'absence. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GBinContent *g_bootimg_format_get_kernel(const GBootImgFormat *format)
+{
+ GBinContent *result; /* Contenu à renvoyer */
+ phys_t offset; /* Départ de la zone à traiter */
+ phys_t size; /* Taille de la zone à traiter */
+ vmpa2t pos; /* Position de lecture */
+ GBinContent *content; /* Contenu binaire à lire */
+ const bin_t *data; /* Donnée du contenu nouveau */
+
+ result = NULL;
+
+ if (format->header.kernel_addr == 0) goto no_kernel;
+
+ offset = 1 * format->header.page_size;
+
+ size = format->header.ramdisk_size;
+
+ init_vmpa(&pos, offset, VMPA_NO_VIRTUAL);
+
+ content = g_known_format_get_content(G_KNOWN_FORMAT(format));
+
+ data = g_binary_content_get_raw_access(content, &pos, size);
+ if (data == NULL) goto no_data;
+
+ result = g_memory_content_new(data, size);
+
+ no_data:
+
+ g_object_unref(G_OBJECT(content));
+
+ no_kernel:
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* *
+* Description : Fournit le disque en RAM inclus dans une image de démarrage. *
+* *
+* Retour : Nouveau contenu binaire ou NULL en cas d'absence. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GBinContent *g_bootimg_format_get_ramdisk(const GBootImgFormat *format)
+{
+ GBinContent *result; /* Contenu à renvoyer */
+ phys_t offset; /* Départ de la zone à traiter */
+ phys_t size; /* Taille de la zone à traiter */
+ vmpa2t pos; /* Position de lecture */
+ GBinContent *content; /* Contenu binaire à lire */
+ const bin_t *data; /* Donnée du contenu nouveau */
+
+ result = NULL;
+
+ if (format->header.ramdisk_addr == 0) goto no_ramdisk;
+
+ offset = format->header.kernel_size / format->header.page_size;
+
+ if (format->header.kernel_size % format->header.page_size != 0)
+ offset++;
+
+ offset = (1 + offset) * format->header.page_size;
+
+ size = format->header.ramdisk_size;
+
+ init_vmpa(&pos, offset, VMPA_NO_VIRTUAL);
+
+ content = g_known_format_get_content(G_KNOWN_FORMAT(format));
+
+ data = g_binary_content_get_raw_access(content, &pos, size);
+ if (data == NULL) goto no_data;
+
+ result = g_memory_content_new(data, size);
+
+ no_data:
+
+ g_object_unref(G_OBJECT(content));
+
+ no_ramdisk:
+
+ return result;
+
+}
diff --git a/plugins/bootimg/format.h b/plugins/bootimg/format.h
new file mode 100644
index 0000000..6197727
--- /dev/null
+++ b/plugins/bootimg/format.h
@@ -0,0 +1,74 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * format.h - prototypes pour le support du format BOOT.img
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _PLUGINS_BOOTIMG_FORMAT_H
+#define _PLUGINS_BOOTIMG_FORMAT_H
+
+
+#include <glib-object.h>
+#include <stdbool.h>
+
+
+#include <analysis/content.h>
+
+
+#include "bootimg-def.h"
+
+
+
+#define G_TYPE_BOOTIMG_FORMAT g_bootimg_format_get_type()
+#define G_BOOTIMG_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), G_TYPE_BOOTIMG_FORMAT, GBootImgFormat))
+#define G_IS_BOOTIMG_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), G_TYPE_BOOTIMG_FORMAT))
+#define G_BOOTIMG_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_BOOTIMG_FORMAT, GBootImgFormatClass))
+#define G_IS_BOOTIMG_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_BOOTIMG_FORMAT))
+#define G_BOOTIMG_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_BOOTIMG_FORMAT, GBootImgFormatClass))
+
+
+/* Format d'image BOOT.img (instance) */
+typedef struct _GBootImgFormat GBootImgFormat;
+
+/* Format d'image BOOT.img (classe) */
+typedef struct _GBootImgFormatClass GBootImgFormatClass;
+
+
+/* Valide un contenu comme étant un format BOOT.img. */
+bool check_bootimg_format(const GBinContent *);
+
+/* Indique le type défini pour un format d'image BOOT.img. */
+GType g_bootimg_format_get_type(void);
+
+/* Prend en charge un nouveau format BOOT.img. */
+GBootImgFormat *g_bootimg_format_new(GBinContent *);
+
+/* Présente l'entête BOOT.img du format chargé. */
+const boot_img_hdr *g_bootimg_format_get_header(const GBootImgFormat *);
+
+/* Fournit le noyau inclus dans une image de démarrage. */
+GBinContent *g_bootimg_format_get_kernel(const GBootImgFormat *);
+
+/* Fournit le disque en RAM inclus dans une image de démarrage. */
+GBinContent *g_bootimg_format_get_ramdisk(const GBootImgFormat *);
+
+
+
+#endif /* _PLUGINS_BOOTIMG_FORMAT_H */
diff --git a/plugins/bootimg/python/Makefile.am b/plugins/bootimg/python/Makefile.am
new file mode 100644
index 0000000..a79af4d
--- /dev/null
+++ b/plugins/bootimg/python/Makefile.am
@@ -0,0 +1,20 @@
+
+noinst_LTLIBRARIES = libbootimgpython.la
+
+libbootimgpython_la_SOURCES = \
+ format.h format.c \
+ module.h module.c \
+ translate.h translate.c
+
+libbootimgpython_la_LDFLAGS =
+
+
+devdir = $(includedir)/chrysalide-$(subdir)
+
+dev_HEADERS = $(libbootimgpython_la_SOURCES:%c=)
+
+
+AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) \
+ -I$(top_srcdir)/src -DNO_IMPORT_PYGOBJECT
+
+AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/plugins/bootimg/python/format.c b/plugins/bootimg/python/format.c
new file mode 100644
index 0000000..ac987fc
--- /dev/null
+++ b/plugins/bootimg/python/format.c
@@ -0,0 +1,311 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * format.c - équivalent Python du fichier "plugins/bootimg/format.c"
+ *
+ * Copyright (C) 2013-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include "format.h"
+
+
+#include <pygobject.h>
+
+
+#include <i18n.h>
+#include <plugins/pychrysalide/helpers.h>
+#include <plugins/pychrysalide/analysis/content.h>
+#include <plugins/pychrysalide/format/known.h>
+
+
+#include "translate.h"
+#include "../format.h"
+
+
+
+/* Crée un nouvel objet Python de type 'BootImgFormat'. */
+static PyObject *py_bootimg_format_new(PyTypeObject *, PyObject *, PyObject *);
+
+/* Fournit l'en-tête Bootimg correspondant au format. */
+static PyObject *py_bootimg_format_get_header(PyObject *, void *);
+
+/* Fournit le noyau inclus dans une image de démarrage. */
+static PyObject *py_bootimg_format_get_kernel(PyObject *, void *);
+
+/* Fournit le disque en RAM inclus dans une image de démarrage. */
+static PyObject *py_bootimg_format_get_ramdisk(PyObject *, void *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : type = type de l'objet à instancier. *
+* args = arguments fournis à l'appel. *
+* kwds = arguments de type key=val fournis. *
+* *
+* Description : Crée un nouvel objet Python de type 'BootImgFormat'. *
+* *
+* Retour : Instance Python mise en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_bootimg_format_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
+{
+ PyObject *result; /* Instance à retourner */
+ GBinContent *content; /* Instance GLib du contenu */
+ int ret; /* Bilan de lecture des args. */
+ GBootImgFormat *format; /* Création GLib à transmettre */
+
+#define BOOTIMG_FORMAT_DOC \
+ "BootImgFormat provides support for Android boot images.\n" \
+ "\n" \
+ "Instances can be created using the following constructor:\n" \
+ "\n" \
+ " BootImgFormat(content)" \
+ "\n" \
+ "Where content is the binary content of a file usually named 'boot.img'."
+
+ ret = PyArg_ParseTuple(args, "O&", convert_to_binary_content, &content);
+ if (!ret) return NULL;
+
+ format = g_bootimg_format_new(content);
+
+ if (format == NULL)
+ {
+ result = Py_None;
+ Py_INCREF(result);
+ }
+
+ else
+ {
+ result = pygobject_new(G_OBJECT(format));
+ g_object_unref(format);
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = contenu binaire à manipuler. *
+* closure = non utilisé ici. *
+* *
+* Description : Fournit l'entête Bootimg correspondant au format. *
+* *
+* Retour : Structure Python créée pour l'occasion. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_bootimg_format_get_header(PyObject *self, void *closure)
+{
+ PyObject *result; /* Trouvaille à retourner */
+ GBootImgFormat *format; /* Version GLib du format */
+ const boot_img_hdr *header; /* Entête à transcrire */
+
+#define BOOTING_FORMAT_HEADER_ATTRIB PYTHON_GET_DEF_FULL \
+( \
+ header, py_bootimg_format, \
+ "Header of the boot image." \
+)
+
+ format = G_BOOTIMG_FORMAT(pygobject_get(self));
+
+ header = g_bootimg_format_get_header(format);
+
+ result = translate_bootimg_header_to_python(header);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = objet Python concerné par l'appel. *
+* closure = non utilisé ici. *
+* *
+* Description : Fournit le noyau inclus dans une image de démarrage. *
+* *
+* Retour : Nouveau contenu binaire ou NULL en cas d'absence. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_bootimg_format_get_kernel(PyObject *self, void *closure)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ GBootImgFormat *format; /* Version GLib du format */
+ GBinContent *content; /* Contenu à transmettre */
+
+#define BOOTING_FORMAT_KERNEL_ATTRIB PYTHON_GET_DEF_FULL \
+( \
+ kernel, py_bootimg_format, \
+ "Binary content for the (Linux) kernel contained in the boot image, or None." \
+)
+
+ format = G_BOOTIMG_FORMAT(pygobject_get(self));
+
+ content = g_bootimg_format_get_ramdisk(format);
+
+ if (content == NULL)
+ {
+ result = Py_None;
+ Py_INCREF(result);
+ }
+
+ else
+ {
+ g_object_ref_sink(content);
+ result = pygobject_new(G_OBJECT(content));
+ g_object_unref(content);
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = objet Python concerné par l'appel. *
+* closure = non utilisé ici. *
+* *
+* Description : Fournit le disque en RAM inclus dans une image de démarrage. *
+* *
+* Retour : Nouveau contenu binaire ou None en cas d'absence. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_bootimg_format_get_ramdisk(PyObject *self, void *closure)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ GBootImgFormat *format; /* Version GLib du format */
+ GBinContent *content; /* Contenu à transmettre */
+
+#define BOOTING_FORMAT_RAMDISK_ATTRIB PYTHON_GET_DEF_FULL \
+( \
+ ramdisk, py_bootimg_format, \
+ "Binary content for the ramdisk contained in the boot image, or None." \
+)
+
+ format = G_BOOTIMG_FORMAT(pygobject_get(self));
+
+ content = g_bootimg_format_get_ramdisk(format);
+
+ if (content == NULL)
+ {
+ result = Py_None;
+ Py_INCREF(result);
+ }
+
+ else
+ {
+ g_object_ref_sink(content);
+ result = pygobject_new(G_OBJECT(content));
+ g_object_unref(content);
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : - *
+* *
+* Description : Fournit un accès à une définition de type à diffuser. *
+* *
+* Retour : Définition d'objet pour Python. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+PyTypeObject *get_python_bootimg_format_type(void)
+{
+ static PyMethodDef py_bootimg_format_methods[] = {
+ { NULL }
+ };
+
+ static PyGetSetDef py_bootimg_format_getseters[] = {
+ BOOTING_FORMAT_HEADER_ATTRIB,
+ BOOTING_FORMAT_KERNEL_ATTRIB,
+ BOOTING_FORMAT_RAMDISK_ATTRIB,
+ { NULL }
+ };
+
+ static PyTypeObject py_bootimg_format_type = {
+
+ PyVarObject_HEAD_INIT(NULL, 0)
+
+ .tp_name = "pychrysalide.format.bootimg.BootImgFormat",
+ .tp_basicsize = sizeof(PyGObject),
+
+ .tp_flags = Py_TPFLAGS_DEFAULT,
+
+ .tp_doc = BOOTIMG_FORMAT_DOC,
+
+ .tp_methods = py_bootimg_format_methods,
+ .tp_getset = py_bootimg_format_getseters,
+ .tp_new = py_bootimg_format_new
+
+ };
+
+ return &py_bootimg_format_type;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : module = module dont la définition est à compléter. *
+* *
+* Description : Prend en charge l'objet 'pychrysalide.format..BootImgFormat'.*
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool register_python_bootimg_format(PyObject *module)
+{
+ PyTypeObject *type; /* Type Python 'BootImgFormat' */
+ PyObject *dict; /* Dictionnaire du module */
+
+ type = get_python_bootimg_format_type();
+
+ dict = PyModule_GetDict(module);
+
+ if (!register_class_for_pygobject(dict, G_TYPE_BOOTIMG_FORMAT, type, get_python_known_format_type()))
+ return false;
+
+ return true;
+
+}
diff --git a/plugins/bootimg/python/format.h b/plugins/bootimg/python/format.h
new file mode 100644
index 0000000..495d46e
--- /dev/null
+++ b/plugins/bootimg/python/format.h
@@ -0,0 +1,42 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * format.h - prototypes pour l'équivalent Python du fichier "plugins/bootimg/format.h"
+ *
+ * Copyright (C) 2013-2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef _PLUGINS_BOOTIMG_PYTHON_FORMAT_H
+#define _PLUGINS_BOOTIMG_PYTHON_FORMAT_H
+
+
+#include <Python.h>
+#include <stdbool.h>
+
+
+
+/* Fournit un accès à une définition de type à diffuser. */
+PyTypeObject *get_python_bootimg_format_type(void);
+
+/* Prend en charge l'objet 'pychrysalide.format.bootimg.BootImgFormat'. */
+bool register_python_bootimg_format(PyObject *);
+
+
+
+#endif /* _PLUGINS_BOOTIMG_PYTHON_FORMAT_H */
diff --git a/plugins/bootimg/python/module.c b/plugins/bootimg/python/module.c
new file mode 100644
index 0000000..ee36ecf
--- /dev/null
+++ b/plugins/bootimg/python/module.c
@@ -0,0 +1,82 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * module.c - intégration du répertoire bootimg en tant que module
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include "module.h"
+
+
+#include <Python.h>
+
+
+#include <plugins/pychrysalide/access.h>
+#include <plugins/pychrysalide/helpers.h>
+
+
+#include "format.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : - *
+* *
+* Description : Ajoute le module 'format.bootimg' au module Python. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool add_format_bootimg_module_to_python_module(void)
+{
+ bool result; /* Bilan à retourner */
+ PyObject *super; /* Module à compléter */
+ PyObject *module; /* Sous-module mis en place */
+
+ static PyModuleDef py_chrysalide_bootimg_module = {
+
+ .m_base = PyModuleDef_HEAD_INIT,
+
+ .m_name = "pychrysalide.format.bootimg",
+ .m_doc = "Python module for Chrysalide.format.bootimg",
+
+ .m_size = -1,
+
+ };
+
+ result = false;
+
+ super = get_access_to_python_module("pychrysalide.format");
+
+ module = build_python_module(super, &py_chrysalide_bootimg_module);
+
+ result = (module != NULL);
+
+ if (result) result = register_python_bootimg_format(module);
+
+ assert(result);
+
+ return result;
+
+}
diff --git a/plugins/bootimg/python/module.h b/plugins/bootimg/python/module.h
new file mode 100644
index 0000000..d78ab38
--- /dev/null
+++ b/plugins/bootimg/python/module.h
@@ -0,0 +1,38 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * module.h - prototypes pour l'intégration du répertoire bootimg en tant que module
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef _PLUGINS_BOOTIMG_PYTHON_MODULE_H
+#define _PLUGINS_BOOTIMG_PYTHON_MODULE_H
+
+
+#include <stdbool.h>
+
+
+
+/* Ajoute le module 'format.bootimg' au module Python. */
+bool add_format_bootimg_module_to_python_module(void);
+
+
+
+#endif /* _PLUGINS_BOOTIMG_PYTHON_MODULE_H */
diff --git a/plugins/bootimg/python/translate.c b/plugins/bootimg/python/translate.c
new file mode 100644
index 0000000..6d982c7
--- /dev/null
+++ b/plugins/bootimg/python/translate.c
@@ -0,0 +1,110 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * translate.c - conversion de structures ELF en objets Python
+ *
+ * Copyright (C) 2017 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include "translate.h"
+
+
+#include <assert.h>
+
+
+#include <plugins/pychrysalide/struct.h>
+
+
+
+/******************************************************************************
+* *
+* Paramètres : header = entête BOOT.img à décrire en Python. *
+* *
+* Description : Traduit un entête BOOT.img en Python. *
+* *
+* Retour : Structure mise en place ou NULL en cas d'erreur. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+PyObject *translate_bootimg_header_to_python(const boot_img_hdr *header)
+{
+ PyObject *result; /* Construction à retourner */
+ PyTypeObject *base; /* Modèle d'objet à créer */
+ PyObject *attrib; /* Attribut à constituer */
+ int ret; /* Bilan d'une mise en place */
+
+ base = get_python_py_struct_type();
+
+ result = PyObject_CallFunction((PyObject *)base, NULL);
+ assert(result != NULL);
+
+
+#define TRANSLATE_HEADER_BYTE_VALUE(_f, _sz) \
+ do \
+ { \
+ attrib = PyBytes_FromStringAndSize((char *)header->_f, _sz); \
+ ret = PyDict_SetItemString(result, #_f, attrib); \
+ if (ret != 0) goto failed; \
+ } \
+ while (0);
+
+#define TRANSLATE_HEADER_NUMERIC_VALUE(_f) \
+ do \
+ { \
+ attrib = PyLong_FromUnsignedLongLong(header->_f); \
+ ret = PyDict_SetItemString(result, #_f, attrib); \
+ if (ret != 0) goto failed; \
+ } \
+ while (0);
+
+
+ TRANSLATE_HEADER_BYTE_VALUE(magic, BOOT_MAGIC_SIZE);
+ TRANSLATE_HEADER_NUMERIC_VALUE(kernel_size);
+ TRANSLATE_HEADER_NUMERIC_VALUE(kernel_addr);
+
+ TRANSLATE_HEADER_NUMERIC_VALUE(ramdisk_size);
+ TRANSLATE_HEADER_NUMERIC_VALUE(ramdisk_addr);
+
+ TRANSLATE_HEADER_NUMERIC_VALUE(second_size);
+ TRANSLATE_HEADER_NUMERIC_VALUE(second_addr);
+
+ TRANSLATE_HEADER_NUMERIC_VALUE(tags_addr);
+ TRANSLATE_HEADER_NUMERIC_VALUE(page_size);
+ TRANSLATE_HEADER_NUMERIC_VALUE(header_version);
+ TRANSLATE_HEADER_NUMERIC_VALUE(os_version);
+ TRANSLATE_HEADER_BYTE_VALUE(name, BOOT_NAME_SIZE);
+ TRANSLATE_HEADER_BYTE_VALUE(cmdline, BOOT_ARGS_SIZE);
+ TRANSLATE_HEADER_BYTE_VALUE(id, 8 * sizeof(uint32_t));
+ TRANSLATE_HEADER_BYTE_VALUE(extra_cmdline, BOOT_EXTRA_ARGS_SIZE);
+
+ TRANSLATE_HEADER_NUMERIC_VALUE(recovery_dtbo_size);
+ TRANSLATE_HEADER_NUMERIC_VALUE(recovery_dtbo_offset);
+ TRANSLATE_HEADER_NUMERIC_VALUE(header_size);
+
+ return result;
+
+ failed:
+
+ Py_DECREF(result);
+
+ return NULL;
+
+}
diff --git a/plugins/bootimg/python/translate.h b/plugins/bootimg/python/translate.h
new file mode 100644
index 0000000..1402dc7
--- /dev/null
+++ b/plugins/bootimg/python/translate.h
@@ -0,0 +1,41 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * translate.h - prototypes pour la conversion de structures BOOT.img en objets Python
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef _PLUGINS_BOOTIMG_PYTHON_TRANSLATE_H
+#define _PLUGINS_BOOTIMG_PYTHON_TRANSLATE_H
+
+
+#include <Python.h>
+
+
+#include "../bootimg-def.h"
+
+
+
+/* Traduit un entête BOOT.img en Python. */
+PyObject *translate_bootimg_header_to_python(const boot_img_hdr *);
+
+
+
+#endif /* _PLUGINS_BOOTIMG_PYTHON_TRANSLATE_H */
diff --git a/plugins/pychrysalide/format/Makefile.am b/plugins/pychrysalide/format/Makefile.am
index 847f8e4..6d50da7 100644
--- a/plugins/pychrysalide/format/Makefile.am
+++ b/plugins/pychrysalide/format/Makefile.am
@@ -5,6 +5,7 @@ libpychrysaformat_la_SOURCES = \
executable.h executable.c \
flat.h flat.c \
format.h format.c \
+ known.h known.c \
module.h module.c \
strsym.h strsym.c \
symbol.h symbol.c \
diff --git a/plugins/pychrysalide/format/known.c b/plugins/pychrysalide/format/known.c
new file mode 100644
index 0000000..e19a4a2
--- /dev/null
+++ b/plugins/pychrysalide/format/known.c
@@ -0,0 +1,292 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * known.c - équivalent Python du fichier "format/known.c"
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include "known.h"
+
+
+#include <pygobject.h>
+
+
+#include <format/known.h>
+
+
+#include "../access.h"
+#include "../helpers.h"
+
+
+
+/* Assure l'interprétation d'un format en différé. */
+static PyObject *py_known_format_analyze(PyObject *, PyObject *);
+
+/* Indique la désignation interne du format. */
+static PyObject *py_known_format_get_name(PyObject *, void *);
+
+/* Indique la désignation humaine du format. */
+static PyObject *py_known_format_get_description(PyObject *, void *);
+
+/* Fournit une référence vers le contenu binaire analysé. */
+static PyObject *py_known_format_get_content(PyObject *, void *);
+
+
+
+#define KNOWN_FORMAT_DOC \
+ "KnownFormat is a small class providing basic features for recognized formats."
+
+
+
+/******************************************************************************
+* *
+* Paramètres : self = objet représentant un format connu. *
+* args = arguments fournis pour l'opération. *
+* *
+* Description : Assure l'interprétation d'un format en différé. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_known_format_analyze(PyObject *self, PyObject *args)
+{
+ PyObject *result; /* Bilan à retourner */
+ int ret; /* Bilan de lecture des args. */
+ GKnownFormat *format; /* Format connu manipulé */
+ bool status; /* Bilan de l'opération */
+
+#define KNOWN_FORMAT_ANALYZE_METHOD PYTHON_METHOD_DEF \
+( \
+ analyze, "$self, /, gid, status", \
+ METH_VARARGS, py_known_format, \
+ "Start the analysis of the known format and return its status." \
+)
+
+ ret = PyArg_ParseTuple(args, "");//|KO!", &gid, &status);
+ if (!ret) return NULL;
+
+ format = G_KNOWN_FORMAT(pygobject_get(self));
+
+ status = g_known_format_analyze(format, 0, NULL);
+
+ result = status ? Py_True : Py_False;
+ Py_INCREF(result);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = objet Python concerné par l'appel. *
+* closure = non utilisé ici. *
+* *
+* Description : Indique la désignation interne du format. *
+* *
+* Retour : Description du format. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_known_format_get_name(PyObject *self, void *closure)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ GKnownFormat *format; /* Format de binaire manipulé */
+ const char *name; /* Description interne */
+
+#define KNOWN_FORMAT_NAME_ATTRIB PYTHON_GET_DEF_FULL \
+( \
+ name, py_known_format, \
+ "Internal name of the known format." \
+)
+
+ format = G_KNOWN_FORMAT(pygobject_get(self));
+
+ name = g_known_format_get_name(format);
+
+ result = PyUnicode_FromString(name);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = objet Python concerné par l'appel. *
+* closure = non utilisé ici. *
+* *
+* Description : Indique la désignation humaine du format. *
+* *
+* Retour : Description du format. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_known_format_get_description(PyObject *self, void *closure)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ GKnownFormat *format; /* Format de binaire manipulé */
+ const char *desc; /* Description humaine */
+
+#define KNOWN_FORMAT_DESCRIPTION_ATTRIB PYTHON_GET_DEF_FULL \
+( \
+ description, py_known_format, \
+ "Human description of the known format." \
+)
+
+ format = G_KNOWN_FORMAT(pygobject_get(self));
+
+ desc = g_known_format_get_description(format);
+
+ result = PyUnicode_FromString(desc);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = objet Python concerné par l'appel. *
+* closure = non utilisé ici. *
+* *
+* Description : Fournit une référence vers le contenu binaire analysé. *
+* *
+* Retour : Gestionnaire de contenu binaire en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_known_format_get_content(PyObject *self, void *closure)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ GKnownFormat *format; /* Format de binaire manipulé */
+ GBinContent *content; /* Instance GLib correspondante*/
+
+#define KNOWN_FORMAT_CONTENT_ATTRIB PYTHON_GET_DEF_FULL \
+( \
+ content, py_known_format, \
+ "Binary content linked to the known format." \
+)
+
+ format = G_KNOWN_FORMAT(pygobject_get(self));
+
+ content = g_known_format_get_content(format);
+
+ result = pygobject_new(G_OBJECT(content));
+
+ g_object_unref(content);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : - *
+* *
+* Description : Fournit un accès à une définition de type à diffuser. *
+* *
+* Retour : Définition d'objet pour Python. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+PyTypeObject *get_python_known_format_type(void)
+{
+ static PyMethodDef py_known_format_methods[] = {
+ KNOWN_FORMAT_ANALYZE_METHOD,
+ { NULL }
+ };
+
+ static PyGetSetDef py_known_format_getseters[] = {
+ KNOWN_FORMAT_NAME_ATTRIB,
+ KNOWN_FORMAT_DESCRIPTION_ATTRIB,
+ KNOWN_FORMAT_CONTENT_ATTRIB,
+ { NULL }
+ };
+
+ static PyTypeObject py_known_format_type = {
+
+ PyVarObject_HEAD_INIT(NULL, 0)
+
+ .tp_name = "pychrysalide.format.KnownFormat",
+ .tp_basicsize = sizeof(PyGObject),
+
+ .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_IS_ABSTRACT | Py_TPFLAGS_BASETYPE,
+
+ .tp_doc = KNOWN_FORMAT_DOC,
+
+ .tp_methods = py_known_format_methods,
+ .tp_getset = py_known_format_getseters
+
+ };
+
+ return &py_known_format_type;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : module = module dont la définition est à compléter. *
+* *
+* Description : Prend en charge l'objet 'pychrysalide.format.BinFormat'. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool ensure_python_known_format_is_registered(void)
+{
+ PyTypeObject *type; /* Type Python 'BinFormat' */
+ PyObject *module; /* Module à recompléter */
+ PyObject *dict; /* Dictionnaire du module */
+
+ type = get_python_known_format_type();
+
+ if (!PyType_HasFeature(type, Py_TPFLAGS_READY))
+ {
+ module = get_access_to_python_module("pychrysalide.format");
+
+ APPLY_ABSTRACT_FLAG(type);
+
+ dict = PyModule_GetDict(module);
+
+ if (!register_class_for_pygobject(dict, G_TYPE_KNOWN_FORMAT, type, &PyGObject_Type))
+ return false;
+
+ }
+
+ return true;
+
+}
diff --git a/plugins/pychrysalide/format/known.h b/plugins/pychrysalide/format/known.h
new file mode 100644
index 0000000..16cbf83
--- /dev/null
+++ b/plugins/pychrysalide/format/known.h
@@ -0,0 +1,42 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * known.h - prototypes pour l'équivalent Python du fichier "format/known.h"
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef _PLUGINS_PYCHRYSALIDE_FORMAT_KNOWN_H
+#define _PLUGINS_PYCHRYSALIDE_FORMAT_KNOWN_H
+
+
+#include <Python.h>
+#include <stdbool.h>
+
+
+
+/* Fournit un accès à une définition de type à diffuser. */
+PyTypeObject *get_python_known_format_type(void);
+
+/* Prend en charge l'objet 'pychrysalide.format.KnownFormat'. */
+bool ensure_python_known_format_is_registered(void);
+
+
+
+#endif /* _PLUGINS_PYCHRYSALIDE_FORMAT_KNOWN_H */
diff --git a/plugins/pychrysalide/format/module.c b/plugins/pychrysalide/format/module.c
index 2f90792..f5768d1 100644
--- a/plugins/pychrysalide/format/module.c
+++ b/plugins/pychrysalide/format/module.c
@@ -31,6 +31,7 @@
#include "executable.h"
#include "flat.h"
#include "format.h"
+#include "known.h"
#include "strsym.h"
#include "symbol.h"
#include "symiter.h"
@@ -95,6 +96,7 @@ bool populate_format_module(void)
if (result) result = ensure_python_executable_format_is_registered();
if (result) result = ensure_python_flat_format_is_registered();
+ if (result) result = ensure_python_known_format_is_registered();
if (result) result = ensure_python_binary_format_is_registered();
if (result) result = ensure_python_string_symbol_is_registered();
if (result) result = ensure_python_binary_symbol_is_registered();
diff --git a/src/analysis/loading.c b/src/analysis/loading.c
index 664b8d6..5c105f5 100644
--- a/src/analysis/loading.c
+++ b/src/analysis/loading.c
@@ -843,7 +843,7 @@ void g_content_explorer_populate_group(GContentExplorer *explorer, wgroup_id_t w
group->contents = realloc(group->contents, ++group->count * sizeof(GBinContent *));
group->contents[group->count - 1] = content;
- g_object_ref(G_OBJECT(content));
+ g_object_ref_sink(G_OBJECT(content));
/* Relancement des explorations */
diff --git a/src/format/Makefile.am b/src/format/Makefile.am
index 1ab4825..dab4260 100644
--- a/src/format/Makefile.am
+++ b/src/format/Makefile.am
@@ -10,6 +10,8 @@ libformat_la_SOURCES = \
flat.h flat.c \
format-int.h \
format.h format.c \
+ known-int.h \
+ known.h known.c \
preload-int.h \
preload.h preload.c \
strsym.h strsym.c \
diff --git a/src/format/known-int.h b/src/format/known-int.h
new file mode 100644
index 0000000..e4d3bd6
--- /dev/null
+++ b/src/format/known-int.h
@@ -0,0 +1,65 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * known-int.h - prototypes utiles aux formats binaires reconnus
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_KNOWN_INT_H
+#define _FORMAT_KNOWN_INT_H
+
+
+#include "known.h"
+
+
+
+/* Indique la désignation interne du format. */
+typedef const char * (* known_get_name_fc) (const GKnownFormat *);
+
+/* Fournit une description humaine du format. */
+typedef const char * (* known_get_desc_fc) (const GKnownFormat *);
+
+/*Assure l'interprétation d'un format en différé. */
+typedef bool (* known_analyze_fc) (GKnownFormat *, wgroup_id_t, GtkStatusStack *);
+
+
+/* Format binaire générique (instance) */
+struct _GKnownFormat
+{
+ GObject parent; /* A laisser en premier */
+
+ GBinContent *content; /* Contenu binaire à étudier */
+
+};
+
+/* Format binaire générique (classe) */
+struct _GKnownFormatClass
+{
+ GObjectClass parent; /* A laisser en premier */
+
+ known_get_name_fc get_name; /* Désignation interne */
+ known_get_desc_fc get_desc; /* Désignation humaine */
+
+ known_analyze_fc analyze; /* Interprétation du format */
+
+};
+
+
+
+#endif /* _FORMAT_KNOWN_INT_H */
diff --git a/src/format/known.c b/src/format/known.c
new file mode 100644
index 0000000..9a3eef6
--- /dev/null
+++ b/src/format/known.c
@@ -0,0 +1,260 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * format.c - support des différents formats binaires reconnus
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "known.h"
+
+
+#include <assert.h>
+
+
+#include "known-int.h"
+#include "../plugins/pglist.h"
+
+
+
+/* Initialise la classe des formats binaires génériques. */
+static void g_known_format_class_init(GKnownFormatClass *);
+
+/* Initialise une instance de format binaire générique. */
+static void g_known_format_init(GKnownFormat *);
+
+/* Supprime toutes les références externes. */
+static void g_known_format_dispose(GKnownFormat *);
+
+/* Procède à la libération totale de la mémoire. */
+static void g_known_format_finalize(GKnownFormat *);
+
+
+
+/* Indique le type défini pour un format binaire générique. */
+G_DEFINE_TYPE(GKnownFormat, g_known_format, G_TYPE_OBJECT);
+
+
+/******************************************************************************
+* *
+* Paramètres : klass = classe à initialiser. *
+* *
+* Description : Initialise la classe des formats binaires génériques. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_known_format_class_init(GKnownFormatClass *klass)
+{
+ GObjectClass *object; /* Autre version de la classe */
+
+ object = G_OBJECT_CLASS(klass);
+
+ object->dispose = (GObjectFinalizeFunc/* ! */)g_known_format_dispose;
+ object->finalize = (GObjectFinalizeFunc)g_known_format_finalize;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance à initialiser. *
+* *
+* Description : Initialise une instance de format binaire générique. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_known_format_init(GKnownFormat *format)
+{
+ format->content = NULL;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Supprime toutes les références externes. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_known_format_dispose(GKnownFormat *format)
+{
+ g_clear_object(&format->content);
+
+ G_OBJECT_CLASS(g_known_format_parent_class)->dispose(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance d'objet GLib à traiter. *
+* *
+* Description : Procède à la libération totale de la mémoire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void g_known_format_finalize(GKnownFormat *format)
+{
+ G_OBJECT_CLASS(g_known_format_parent_class)->finalize(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à consulter. *
+* content = contenu binaire à parcourir. *
+* *
+* Description : Définit le contenu binaire à analyser. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void g_known_format_set_content(GKnownFormat *format, GBinContent *content)
+{
+ assert(format->content == NULL);
+
+ g_object_ref_sink(G_OBJECT(content));
+
+ format->content = content;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à consulter. *
+* *
+* Description : Fournit une référence vers le contenu binaire analysé. *
+* *
+* Retour : Gestionnaire de contenu binaire en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GBinContent *g_known_format_get_content(const GKnownFormat *format)
+{
+ GBinContent *result; /* Instance à retourner */
+
+ result = format->content;
+
+ g_object_ref(G_OBJECT(result));
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à consulter. *
+* *
+* Description : Indique la désignation interne du format. *
+* *
+* Retour : Description du format. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const char *g_known_format_get_name(const GKnownFormat *format)
+{
+ const char *result; /* Désignation à retourner */
+
+ result = G_KNOWN_FORMAT_GET_CLASS(format)->get_name(format);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à consulter. *
+* *
+* Description : Fournit une description humaine du format. *
+* *
+* Retour : Description du format. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const char *g_known_format_get_description(const GKnownFormat *format)
+{
+ const char *result; /* Désignation à retourner */
+
+ result = G_KNOWN_FORMAT_GET_CLASS(format)->get_desc(format);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = format chargé dont l'analyse est lancée. *
+* gid = groupe de travail dédié. *
+* status = barre de statut à tenir informée. *
+* *
+* Description : Assure l'interprétation d'un format en différé. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool g_known_format_analyze(GKnownFormat *format, wgroup_id_t gid, GtkStatusStack *status)
+{
+ bool result; /* Bilan à retourner */
+ GKnownFormatClass *class; /* Classe de l'instance */
+
+ handle_known_format_analysis(PGA_FORMAT_ANALYSIS_STARTED, format, gid, status);
+
+ class = G_KNOWN_FORMAT_GET_CLASS(format);
+
+ result = class->analyze(format, gid, status);
+
+ handle_known_format_analysis(PGA_FORMAT_ANALYSIS_ENDED, format, gid, status);
+
+ return result;
+
+}
diff --git a/src/format/known.h b/src/format/known.h
new file mode 100644
index 0000000..c89ba4a
--- /dev/null
+++ b/src/format/known.h
@@ -0,0 +1,72 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * format.h - prototypes pour le support des différents formats binaires reconnus
+ *
+ * Copyright (C) 2019 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * Chrysalide is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Chrysalide is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _FORMAT_KNOWN_H
+#define _FORMAT_KNOWN_H
+
+
+#include <glib-object.h>
+#include <stdbool.h>
+
+
+#include "../analysis/content.h"
+#include "../glibext/delayed.h"
+
+
+
+#define G_TYPE_KNOWN_FORMAT g_known_format_get_type()
+#define G_KNOWN_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), G_TYPE_KNOWN_FORMAT, GKnownFormat))
+#define G_IS_KNOWN_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), G_TYPE_KNOWN_FORMAT))
+#define G_KNOWN_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_KNOWN_FORMAT, GKnownFormatClass))
+#define G_IS_KNOWN_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_KNOWN_FORMAT))
+#define G_KNOWN_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_KNOWN_FORMAT, GKnownFormatClass))
+
+
+/* Format binaire générique (instance) */
+typedef struct _GKnownFormat GKnownFormat;
+
+/* Format binaire générique (classe) */
+typedef struct _GKnownFormatClass GKnownFormatClass;
+
+
+/* Indique le type défini pour un format binaire générique. */
+GType g_known_format_get_type(void);
+
+/* Définit le contenu binaire à analyser. */
+void g_known_format_set_content(GKnownFormat *, GBinContent *);
+
+/* Fournit une référence vers le contenu binaire analysé. */
+GBinContent *g_known_format_get_content(const GKnownFormat *);
+
+/* Indique la désignation interne du format. */
+const char *g_known_format_get_name(const GKnownFormat *);
+
+/* Fournit une description humaine du format. */
+const char *g_known_format_get_description(const GKnownFormat *);
+
+/* Assure l'interprétation d'un format en différé. */
+bool g_known_format_analyze(GKnownFormat *, wgroup_id_t, GtkStatusStack *);
+
+
+
+#endif /* _FORMAT_KNOWN_H */
diff --git a/src/plugins/pglist.h b/src/plugins/pglist.h
index 1306571..c55c6da 100644
--- a/src/plugins/pglist.h
+++ b/src/plugins/pglist.h
@@ -105,6 +105,9 @@ GPluginModule **get_all_plugins_for_action(PluginAction, size_t *);
/* DPS_FORMAT */
+#define handle_known_format_analysis(a, f, g, s) \
+ process_all_plugins_for(a, g_plugin_module_handle_known_format_analysis, f, g, s)
+
#define handle_binary_format_analysis(a, f, g, s) \
process_all_plugins_for(a, g_plugin_module_handle_binary_format_analysis, f, g, s)
diff --git a/src/plugins/plugin.c b/src/plugins/plugin.c
index 27f1871..7423148 100644
--- a/src/plugins/plugin.c
+++ b/src/plugins/plugin.c
@@ -1139,6 +1139,33 @@ void g_plugin_module_handle_loaded_content(const GPluginModule *plugin, PluginAc
* *
******************************************************************************/
+bool g_plugin_module_handle_known_format_analysis(const GPluginModule *plugin, PluginAction action, GKnownFormat *format, wgroup_id_t gid, GtkStatusStack *status)
+{
+ GPluginModuleClass *class; /* Classe de l'instance active */
+
+ class = G_PLUGIN_MODULE_GET_CLASS(plugin);
+
+ return false;//class->handle_fmt_analysis(plugin, action, G_BIN_FORMAT(format), gid, status);
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : plugin = greffon à manipuler. *
+* action = type d'action attendue. *
+* format = format de binaire à manipuler pendant l'opération. *
+* gid = groupe de travail dédié. *
+* status = barre de statut à tenir informée. *
+* *
+* Description : Procède à une opération liée à l'analyse d'un format. *
+* *
+* Retour : Bilan de l'exécution du traitement. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
bool g_plugin_module_handle_binary_format_analysis(const GPluginModule *plugin, PluginAction action, GBinFormat *format, wgroup_id_t gid, GtkStatusStack *status)
{
GPluginModuleClass *class; /* Classe de l'instance active */
diff --git a/src/plugins/plugin.h b/src/plugins/plugin.h
index cccd39b..9b8d294 100644
--- a/src/plugins/plugin.h
+++ b/src/plugins/plugin.h
@@ -32,6 +32,7 @@
#include "plugin-def.h"
#include "../analysis/binary.h"
#include "../format/format.h"
+#include "../format/known.h"
#include "../format/preload.h"
#include "../gtkext/gtkstatusstack.h"
@@ -104,6 +105,9 @@ void g_plugin_module_handle_binary_content(const GPluginModule *, PluginAction,
void g_plugin_module_handle_loaded_content(const GPluginModule *, PluginAction, GLoadedContent *, wgroup_id_t, GtkStatusStack *);
/* Procède à une opération liée à l'analyse d'un format. */
+bool g_plugin_module_handle_known_format_analysis(const GPluginModule *, PluginAction, GKnownFormat *, wgroup_id_t, GtkStatusStack *);
+
+/* Procède à une opération liée à l'analyse d'un format. */
bool g_plugin_module_handle_binary_format_analysis(const GPluginModule *, PluginAction, GBinFormat *, wgroup_id_t, GtkStatusStack *);
/* Procède à un préchargement de format de fichier. */