summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog84
-rw-r--r--configure.ac4
-rw-r--r--plugins/Makefile.am2
-rw-r--r--plugins/androhelpers/Makefile.am18
-rw-r--r--plugins/androhelpers/androhelpers.c100
-rw-r--r--plugins/androhelpers/androhelpers.h43
-rw-r--r--plugins/androhelpers/try_n_catch.c337
-rw-r--r--plugins/androhelpers/try_n_catch.h37
-rw-r--r--plugins/pychrysa/analysis/binary.c39
-rw-r--r--plugins/pychrysa/format/Makefile.am9
-rw-r--r--plugins/pychrysa/format/dex/Makefile.am18
-rw-r--r--plugins/pychrysa/format/dex/class.c157
-rw-r--r--plugins/pychrysa/format/dex/class.h44
-rw-r--r--plugins/pychrysa/format/dex/dex.c250
-rw-r--r--plugins/pychrysa/format/dex/dex.h44
-rw-r--r--plugins/pychrysa/format/dex/module.c70
-rw-r--r--plugins/pychrysa/format/dex/module.h39
-rw-r--r--plugins/pychrysa/format/executable.c29
-rw-r--r--plugins/pychrysa/format/executable.h6
-rw-r--r--plugins/pychrysa/format/format.c159
-rw-r--r--plugins/pychrysa/format/format.h44
-rw-r--r--plugins/pychrysa/format/module.c7
-rw-r--r--src/analysis/disass/links.c31
-rw-r--r--src/analysis/type-int.h67
-rw-r--r--src/arch/instruction-int.h1
-rw-r--r--src/arch/instruction.c28
-rw-r--r--src/arch/instruction.h7
-rw-r--r--src/common/leb128.h11
-rw-r--r--src/format/dex/class.c59
-rw-r--r--src/format/dex/class.h6
-rw-r--r--src/format/dex/dex-int.c266
-rwxr-xr-xsrc/format/dex/dex-int.h30
-rwxr-xr-xsrc/format/dex/dex.c41
-rwxr-xr-xsrc/format/dex/dex.h2
-rwxr-xr-xsrc/format/dex/dex_def.h47
-rw-r--r--src/format/dex/method.c46
-rw-r--r--src/format/dex/method.h6
-rw-r--r--src/gtkext/graph/dot.c18
-rw-r--r--src/gtkext/graph/layout.c35
-rw-r--r--src/gtkext/gtkgraphview.c2
-rw-r--r--src/gtkext/gtklinkrenderer.c16
-rw-r--r--src/gtkext/gtklinkrenderer.h1
-rw-r--r--src/plugins/plugin.c11
43 files changed, 2214 insertions, 57 deletions
diff --git a/ChangeLog b/ChangeLog
index 3153a68..159f811 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,87 @@
+12-11-19 Cyrille Bagard <nocbos@gmail.com>
+
+ * configure.ac:
+ Add the new Makfiles from the 'plugins/androhelpers' and
+ 'plugins/pychrysa/format/dex' directories to AC_CONFIG_FILES.
+ Remove the old 'plugins/dexresolver' one.
+
+ * plugins/androhelpers/androhelpers.c:
+ * plugins/androhelpers/androhelpers.h:
+ * plugins/androhelpers/Makefile.am:
+ * plugins/androhelpers/try_n_catch.c:
+ * plugins/androhelpers/try_n_catch.h:
+ New entries: handle Dalvik exception handlers in the graphic view.
+
+ * plugins/Makefile.am:
+ Add androhelpers to SUBDIRS.
+
+ * plugins/pychrysa/analysis/binary.c:
+ Improve a little bit the Python interface.
+
+ * plugins/pychrysa/format/dex/class.c:
+ * plugins/pychrysa/format/dex/class.h:
+ * plugins/pychrysa/format/dex/dex.c:
+ * plugins/pychrysa/format/dex/dex.h:
+ * plugins/pychrysa/format/dex/Makefile.am:
+ * plugins/pychrysa/format/dex/module.c:
+ * plugins/pychrysa/format/dex/module.h:
+ New entries: define the Dex format for Python.
+
+ * plugins/pychrysa/format/executable.c:
+ * plugins/pychrysa/format/executable.h:
+ Improve a little bit the Python interface.
+
+ * plugins/pychrysa/format/format.c:
+ * plugins/pychrysa/format/format.h:
+ New entries: define formats for Python.
+
+ * plugins/pychrysa/format/Makefile.am:
+ * plugins/pychrysa/format/module.c:
+ Improve a little bit the Python interface.
+
+ * src/analysis/disass/links.c:
+ Create all links between instructions here.
+
+ * src/analysis/type-int.h:
+ New entry: add a missing file.
+
+ * src/arch/instruction.c:
+ * src/arch/instruction.h:
+ * src/arch/instruction-int.h:
+ Provide the previous instruction when asked. Extend links between
+ instructions (with something to fix ?).
+
+ * src/common/leb128.h:
+ Improve leb128 support.
+
+ * src/format/dex/class.c:
+ * src/format/dex/class.h:
+ * src/format/dex/dex.c:
+ * src/format/dex/dex_def.h:
+ * src/format/dex/dex.h:
+ * src/format/dex/dex-int.c:
+ * src/format/dex/dex-int.h:
+ * src/format/dex/method.c:
+ * src/format/dex/method.h:
+ Load more Dex/Dalvik structures and provides access to them.
+
+ * src/gtkext/graph/dot.c:
+ Handle more kinds of links. Compare colors using strcmp().
+
+ * src/gtkext/graph/layout.c:
+ Handle more kinds of links. Do not create virtual links for the expected
+ excution flow anymore.
+
+ * src/gtkext/gtkgraphview.c:
+ Fix a bug in case of return instruction.
+
+ * src/gtkext/gtklinkrenderer.c:
+ * src/gtkext/gtklinkrenderer.h:
+ Handle more kinds of links.
+
+ * src/plugins/plugin.c:
+ Update code.
+
12-11-13 Cyrille Bagard <nocbos@gmail.com>
* src/arch/dalvik/instruction.c:
diff --git a/configure.ac b/configure.ac
index 5ccb4af..89c11a1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -234,13 +234,14 @@ AC_CONFIG_COMMANDS([marshal], [echo -e "VOID:UINT64,UINT64\nVOID:INT,UINT64,INT\
AC_CONFIG_FILES([Makefile
pixmaps/Makefile
plugins/Makefile
- plugins/dexresolver/Makefile
+ plugins/androhelpers/Makefile
plugins/govm/Makefile
plugins/pychrysa/Makefile
plugins/pychrysa/analysis/Makefile
plugins/pychrysa/arch/Makefile
plugins/pychrysa/debug/Makefile
plugins/pychrysa/format/Makefile
+ plugins/pychrysa/format/dex/Makefile
plugins/pychrysa/glibext/Makefile
plugins/pychrysa/gui/Makefile
plugins/pychrysa/gui/panels/Makefile
@@ -249,7 +250,6 @@ AC_CONFIG_FILES([Makefile
plugins/python/apkfiles/Makefile
plugins/python/exectracer/Makefile
plugins/stackvars/Makefile
- plugins/theseus/Makefile
src/Makefile
src/analysis/Makefile
src/analysis/binaries/Makefile
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index b789239..4a6a852 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -1,2 +1,2 @@
-SUBDIRS = pychrysa python stackvars
+SUBDIRS = androhelpers pychrysa python stackvars
diff --git a/plugins/androhelpers/Makefile.am b/plugins/androhelpers/Makefile.am
new file mode 100644
index 0000000..3562206
--- /dev/null
+++ b/plugins/androhelpers/Makefile.am
@@ -0,0 +1,18 @@
+
+lib_LTLIBRARIES = libandrohelpers.la
+
+libandrohelpers_la_SOURCES = \
+ androhelpers.h androhelpers.c \
+ try_n_catch.h try_n_catch.c
+
+libandrohelpers_la_LDFLAGS = -L../../src/.libs -L../../src/gui/.libs -lchrysagui \
+ -lchrysadisass -lchrysagtkext \
+ -L../../src/plugins/.libs -lplugins
+
+
+INCLUDES = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) \
+ -I../../src
+
+AM_CPPFLAGS =
+
+AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/plugins/androhelpers/androhelpers.c b/plugins/androhelpers/androhelpers.c
new file mode 100644
index 0000000..a644868
--- /dev/null
+++ b/plugins/androhelpers/androhelpers.c
@@ -0,0 +1,100 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * androhelpers.c - greffon d'appoint pour les traitements Android
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "androhelpers.h"
+
+
+#include <string.h>
+
+
+#include "try_n_catch.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : - *
+* *
+* Description : Précise le nom associé au greffon. *
+* *
+* Retour : Nom à libérer de la mémoire. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+char *get_plugin_name(void)
+{
+ return strdup("AndroHelpers");
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : plugin = greffon à consulter. *
+* *
+* Description : Indique les opérations offertes par un greffon donné. *
+* *
+* Retour : Action(s) offerte(s) par le greffon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+PluginAction get_plugin_action(const GPluginModule *plugin)
+{
+ PluginAction result; /* Combinaison à retourner */
+
+ result = PGA_DISASS_PROCESS;
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : plugin = greffon de prise en charge à utiliser. *
+* binary = représentation binaire à traiter. *
+* action = action attendue. *
+* *
+* Description : Exécute une action définie sur un binaire chargé. *
+* *
+* Retour : true si une action a été menée, false sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool execute_action_on_binary(GPluginModule *plugin, GLoadedBinary *binary, PluginAction action)
+{
+ bool result; /* Bilan à retourner */
+
+ result = true;
+
+ result &= process_exception_handlers(binary);
+
+ return result;
+
+}
diff --git a/plugins/androhelpers/androhelpers.h b/plugins/androhelpers/androhelpers.h
new file mode 100644
index 0000000..b1a5084
--- /dev/null
+++ b/plugins/androhelpers/androhelpers.h
@@ -0,0 +1,43 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * androhelpers.h - prototypes pour le greffon d'appoint pour les traitements Android
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _PLUGINS_ANDROHELPERS_H
+#define _PLUGINS_ANDROHELPERS_H
+
+
+#include <plugins/plugin.h>
+
+
+
+/* Précise le nom associé au greffon. */
+char *get_plugin_name(void);
+
+/* Indique les opérations offertes par un greffon donné. */
+PluginAction get_plugin_action(const GPluginModule *);
+
+/* Exécute une action définie sur un binaire chargé. */
+bool execute_action_on_binary(GPluginModule *, GLoadedBinary *, PluginAction);
+
+
+
+#endif /* _PLUGINS_ANDROHELPERS_H */
diff --git a/plugins/androhelpers/try_n_catch.c b/plugins/androhelpers/try_n_catch.c
new file mode 100644
index 0000000..e7a3c0a
--- /dev/null
+++ b/plugins/androhelpers/try_n_catch.c
@@ -0,0 +1,337 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * try_n_catch.c - support des exceptions chez Android
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "try_n_catch.h"
+
+
+#include <malloc.h>
+
+
+#include <format/dex/dex-int.h>
+#include <format/dex/pool.h>
+#include <../i18n.h>
+
+
+
+/* Mémorisation d'un lien vers un gestionnaire */
+typedef struct _caught_exception
+{
+ GArchInstruction *instr; /* Première instruction visée */
+ char *desc; /* Nom de l'exception */
+
+} caught_exception;
+
+
+
+/* Valide la zone couverte par le gestionnaire d'exceptions. */
+static bool check_covered_area(const try_item *, const GBinRoutine *);
+
+/* Construit une liste pointant sur les différentes gestions. */
+static caught_exception *build_destinations_list(GLoadedBinary *, const try_item *, const encoded_catch_handler_list *, const GBinRoutine *, size_t *);
+
+/* Rattache les gestionnaires d'exception à leur code couvert. */
+static void attach_caught_code(GLoadedBinary *, const try_item *, const encoded_catch_handler_list *, const GBinRoutine *);
+
+/* Recherche et met en avant tous les gestionnaires d'exception. */
+static void look_for_exception_handlers(GLoadedBinary *, const GDexFormat *, GDexMethod *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : try = informations sur la gestion à consulter. *
+* routine = routine associée, pour validation. *
+* *
+* Description : Valide la zone couverte par le gestionnaire d'exceptions. *
+* *
+* Retour : Validité de la zone couverte. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool check_covered_area(const try_item *try, const GBinRoutine *routine)
+{
+ off_t length; /* Taille de la zone de code */
+ vmpa_t covered_start; /* Début de la zone couverte */
+ vmpa_t covered_end; /* Fin de la zone couverte */
+
+ length = g_binary_routine_get_size(routine);
+
+ covered_start = try->start_addr * sizeof(uint16_t);
+ covered_end = covered_start + try->insn_count * sizeof(uint16_t);
+
+ return (covered_end <= length);
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : binary = représentation binaire à traiter. *
+* try = informations sur la gestion à consulter. *
+* hlist = liste de tous les gestionnaires en place. *
+* routine = routine associée, pour l'accès au instructions. *
+* count = quantité de destinations trouvées. [OUT] *
+* *
+* Description : Construit une liste pointant sur les différentes gestions. *
+* *
+* Retour : Adresse des codes à lier systématiquement. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static caught_exception *build_destinations_list(GLoadedBinary *binary, const try_item *try, const encoded_catch_handler_list *hlist, const GBinRoutine *routine, size_t *count)
+{
+ caught_exception *result; /* Liste à retourner */
+ GDexFormat *format; /* Format du binaire chargé */
+ vmpa_t start; /* Début du code de la routine */
+ GArchInstruction *instrs; /* Instructions Dalvik */
+ uleb128_t index; /* Indice du bon gestionnaire */
+ encoded_catch_handler *handlers; /* Groupe de gestionnaires */
+ leb128_t max; /* Quantité d'exception */
+ leb128_t i; /* Boucle de parcours */
+ vmpa_t handler_addr; /* Adresse du code de gestion */
+ GDataType *type; /* Type de l'exception */
+
+ format = G_DEX_FORMAT(g_loaded_binary_get_format(binary));
+
+ start = g_binary_routine_get_address(routine);
+
+ instrs = g_loaded_binary_get_instructions(binary);
+ instrs = g_arch_instruction_find_by_address(instrs, start, true);
+
+ for (index = 0; index < hlist->size; index++)
+ if (try->handler_off == hlist->list[index].offset)
+ break;
+
+ if (index == hlist->size)
+ {
+ *count = 0;
+ return NULL;
+ }
+
+ handlers = &hlist->list[index];
+ max = leb128_abs(handlers->size);
+
+ *count = max + (handlers->size < 0 ? 1 : 0);
+ result = (caught_exception *)calloc(*count, sizeof(caught_exception));
+
+ *count = 0;
+
+ for (i = 0; i < max; i++)
+ {
+ handler_addr = start + handlers->handlers[i].addr * sizeof(uint16_t);
+ result[*count].instr = g_arch_instruction_find_by_address(instrs, handler_addr, true);
+
+ if (result[*count].instr == NULL)
+ continue;
+
+ type = get_type_from_dex_pool(format, handlers->handlers[i].type_idx);
+ result[*count].desc = g_data_type_to_string(type);
+
+ (*count)++;
+
+ }
+
+ if (handlers->size < 0)
+ {
+ handler_addr = start + handlers->catch_all_addr * sizeof(uint16_t);
+ result[*count].instr = g_arch_instruction_find_by_address(instrs, handler_addr, true);
+
+ if (result[*count].instr != NULL)
+ {
+ result[*count].desc = strdup(_("default"));
+ (*count)++;
+ }
+
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : binary = représentation binaire à traiter. *
+* try = informations sur la gestion à consulter. *
+* handlers = liste de tous les gestionnaires en place. *
+* routine = routine associée, pour l'accès au instructions. *
+* *
+* Description : Rattache les gestionnaires d'exception à leur code couvert. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void attach_caught_code(GLoadedBinary *binary, const try_item *try, const encoded_catch_handler_list *handlers, const GBinRoutine *routine)
+{
+ vmpa_t start; /* Début de la zone couverte */
+ vmpa_t end; /* Début de la zone couverte */
+ GArchInstruction *instrs; /* Instructions Dalvik */
+ GArchInstruction *first; /* Première instruction */
+ GArchInstruction *prev; /* Instruction à détacher */
+ GArchInstruction *iter; /* Boucle de parcours */
+ size_t dests_count; /* Nombre de points d'arrivée */
+ caught_exception *dests; /* Points d'arrivée */
+ size_t i; /* Boucle de parcours */
+
+ start = g_binary_routine_get_address(routine);
+ start += try->start_addr * sizeof(uint16_t);
+
+ end = start + try->insn_count * sizeof(uint16_t);
+
+ instrs = g_loaded_binary_get_instructions(binary);
+ first = g_arch_instruction_find_by_address(instrs, start, true);
+
+ /* Si un détachement est nécessaire... */
+ if (!g_arch_instruction_has_sources(first))
+ {
+ prev = g_arch_instruction_get_prev_iter(instrs, first);
+ g_arch_instruction_link_with(prev, first, ILT_JUMP);
+ }
+
+ /* Détermination du code des exceptions */
+ dests = build_destinations_list(binary, try, handlers, routine, &dests_count);
+
+ if (dests != NULL)
+ {
+ /* Rattachements */
+ for (iter = first;
+ iter != NULL;
+ iter = g_arch_instruction_get_next_iter(instrs, iter, end))
+ {
+ if (!g_arch_instruction_has_destinations(iter))
+ continue;
+
+ for (i = 0; i < dests_count; i++)
+ g_arch_instruction_link_with(iter, dests[i].instr, ILT_CATCH_EXCEPTION);
+
+ }
+
+ /* Libération de la mémoire utilisée */
+
+ for (i = 0; i < dests_count; i++)
+ free(dests[i].desc);
+
+ free(dests);
+
+ }
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : binary = représentation binaire à traiter. *
+* format = format du binaire Dex. *
+* method = méthode à analyser. *
+* *
+* Description : Recherche et met en avant tous les gestionnaires d'exception.*
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void look_for_exception_handlers(GLoadedBinary *binary, const GDexFormat *format, GDexMethod *method)
+{
+ const code_item *body; /* Description du corps */
+ GBinRoutine *routine; /* Abstraction globale */
+ uint16_t i; /* Boucle de parcours */
+
+ body = g_dex_method_get_dex_body(method);
+
+ if (body->tries_size == 0)
+ return;
+
+ routine = g_dex_method_get_routine(method);
+
+ for (i = 0; i < body->tries_size; i++)
+ {
+ if (!check_covered_area(&body->tries[i], routine))
+ continue;
+
+ attach_caught_code(binary, &body->tries[i], body->handlers, routine);
+
+ }
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : binary = représentation binaire à traiter. *
+* *
+* Description : Traite tous les gestionnaires d'exception trouvés. *
+* *
+* Retour : true si une action a été menée, false sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool process_exception_handlers(GLoadedBinary *binary)
+{
+ GDexFormat *format; /* Format du binaire chargé */
+ size_t cls_count; /* Nombre de classes trouvées */
+ size_t i; /* Boucle de parcours #1 */
+ GDexClass *class; /* Classe à analyser */
+ size_t meth_count; /* Nombre de méthodes trouvées */
+ size_t j; /* Boucle de parcours #2 */
+ GDexMethod *method; /* Méthode à parcourir */
+
+ if (!G_IS_DEX_FORMAT(g_loaded_binary_get_format(binary)))
+ return false;
+
+ format = G_DEX_FORMAT(g_loaded_binary_get_format(binary));
+
+ cls_count = g_dex_format_count_classes(format);
+ for (i = 0; i < cls_count; i++)
+ {
+ class = g_dex_format_get_class(format, i);
+
+ meth_count = g_dex_class_count_methods(class, false);
+ for (j = 0; j < meth_count; j++)
+ {
+ method = g_dex_class_get_method(class, false, j);
+ look_for_exception_handlers(binary, format, method);
+ }
+
+ meth_count = g_dex_class_count_methods(class, true);
+ for (j = 0; j < meth_count; j++)
+ {
+ method = g_dex_class_get_method(class, true, j);
+ look_for_exception_handlers(binary, format, method);
+ }
+
+ }
+
+ return true;
+
+}
diff --git a/plugins/androhelpers/try_n_catch.h b/plugins/androhelpers/try_n_catch.h
new file mode 100644
index 0000000..5ac4ad5
--- /dev/null
+++ b/plugins/androhelpers/try_n_catch.h
@@ -0,0 +1,37 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * try_n_catch.h - prototypes pour le support des exceptions chez Android
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _PLUGINS_TRY_N_CATCH_H
+#define _PLUGINS_TRY_N_CATCH_H
+
+
+#include <analysis/binary.h>
+
+
+
+/* Traite tous les gestionnaires d'exception trouvés. */
+bool process_exception_handlers(GLoadedBinary *);
+
+
+
+#endif /* _PLUGINS_TRY_N_CATCH_H */
diff --git a/plugins/pychrysa/analysis/binary.c b/plugins/pychrysa/analysis/binary.c
index 93db685..e8158a2 100644
--- a/plugins/pychrysa/analysis/binary.c
+++ b/plugins/pychrysa/analysis/binary.c
@@ -33,6 +33,7 @@
#include "../quirks.h"
#include "../arch/instruction.h"
+#include "../format/executable.h"
#include "../glibext/codebuffer.h"
@@ -43,6 +44,9 @@ static PyObject *py_loaded_binary_new(PyTypeObject *, PyObject *, PyObject *);
/* Fournit le fichier correspondant à l'élément binaire. */
static PyObject *py_loaded_binary_get_filename(PyObject *self, PyObject *args);
+/* Fournit le format de fichier reconnu dans le contenu binaire. */
+static PyObject *py_loaded_binary_get_format(PyObject *, PyObject *);
+
/* Fournit les instructions issues du désassemblage. */
static PyObject *py_loaded_binary_get_instructions(PyObject *, PyObject *);
@@ -151,6 +155,35 @@ static PyObject *py_loaded_binary_get_filename(PyObject *self, PyObject *args)
* Paramètres : self = classe représentant un binaire. *
* args = arguments fournis à l'appel. *
* *
+* Description : Fournit le format de fichier reconnu dans le contenu binaire.*
+* *
+* Retour : Nom de fichier avec chemin absolu. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_loaded_binary_get_format(PyObject *self, PyObject *args)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ GLoadedBinary *binary; /* Version native */
+ GExeFormat *format; /* Format du binaire physique */
+
+ binary = G_LOADED_BINARY(pygobject_get(self));
+ format = g_loaded_binary_get_format(binary);
+
+ result = py_executable_format_from_c(format);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = classe représentant un binaire. *
+* args = arguments fournis à l'appel. *
+* *
* Description : Fournit les instructions issues du désassemblage. *
* *
* Retour : Instructions issues du désassemblage. *
@@ -239,11 +272,15 @@ bool register_python_loaded_binary(PyObject *module)
"Provide the filename of the loaded binary."
},
{
+ "get_format", (PyCFunction)py_loaded_binary_get_format,
+ METH_NOARGS,
+ "Provide the file format recognized in the binary content."
+ },
+ {
"get_instructions", (PyCFunction)py_loaded_binary_get_instructions,
METH_NOARGS,
"Give access to all disassembled instructions."
},
-
{ NULL }
};
diff --git a/plugins/pychrysa/format/Makefile.am b/plugins/pychrysa/format/Makefile.am
index a890385..9a48749 100644
--- a/plugins/pychrysa/format/Makefile.am
+++ b/plugins/pychrysa/format/Makefile.am
@@ -3,14 +3,21 @@ noinst_LTLIBRARIES = libpychrysaformat.la
libpychrysaformat_la_SOURCES = \
executable.h executable.c \
+ format.h format.c \
module.h module.c
+libpychrysaformat_la_LIBADD = \
+ dex/libpychrysaformatdex.la
+
libpychrysaformat_la_LDFLAGS =
-INCLUDES = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) -I../../../src
+INCLUDES = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) \
+ -I../../../src
AM_CPPFLAGS =
AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
+
+SUBDIRS = dex
diff --git a/plugins/pychrysa/format/dex/Makefile.am b/plugins/pychrysa/format/dex/Makefile.am
new file mode 100644
index 0000000..79b5322
--- /dev/null
+++ b/plugins/pychrysa/format/dex/Makefile.am
@@ -0,0 +1,18 @@
+
+noinst_LTLIBRARIES = libpychrysaformatdex.la
+
+libpychrysaformatdex_la_SOURCES = \
+ class.h class.c \
+ dex.h dex.c \
+ module.h module.c
+
+
+libpychrysaformatdex_la_LDFLAGS =
+
+
+INCLUDES = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) \
+ -I../../../../src
+
+AM_CPPFLAGS =
+
+AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/plugins/pychrysa/format/dex/class.c b/plugins/pychrysa/format/dex/class.c
new file mode 100644
index 0000000..97c1968
--- /dev/null
+++ b/plugins/pychrysa/format/dex/class.c
@@ -0,0 +1,157 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * class.c - équivalent Python du fichier "format/dex/class.c"
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include "class.h"
+
+
+#include <pygobject.h>
+
+
+#include "../../quirks.h"
+
+
+
+/* Crée un nouvel objet Python de type 'DexClass'. */
+static PyObject *py_dex_class_new(PyTypeObject *, PyObject *, PyObject *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : type = type de l'objet à instancier. *
+* args = arguments fournis à l'appel. *
+* kwds = arguments de type key=val fournis. *
+* *
+* Description : Crée un nouvel objet Python de type 'DexClass'. *
+* *
+* Retour : Instance Python mise en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_dex_class_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
+{
+ return Py_None;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : item = instance existante GLib. *
+* *
+* Description : Crée un nouvel objet Python de type 'DexClass'. *
+* *
+* Retour : Instance Python mise en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+PyObject *py_dex_class_from_c(GDexClass *class)
+{
+ PyObject *module; /* Module d'appartenance */
+ PyTypeObject *type; /* Type Python correspondant */
+
+ module = PyImport_ImportModule("pychrysalide.format.dex");
+ type = (PyTypeObject *)PyObject_GetAttrString(module, "DexClass");
+ Py_DECREF(module);
+
+ pychrysalide_set_instance_data(G_OBJECT(class), type);
+
+ return pygobject_new(G_OBJECT(class));
+
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : module = module dont la définition est à compléter. *
+* *
+* Description : Prend en charge l'objet 'pychrysalide.format.dex.DexClass'. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool register_python_dex_class(PyObject *module)
+{
+ PyObject *pygobj_mod; /* Module Python-GObject */
+ int ret; /* Bilan d'un appel */
+
+ static PyMethodDef py_dex_class_methods[] = {
+ { NULL }
+ };
+
+ static PyGetSetDef py_dex_class_getseters[] = {
+ { NULL }
+ };
+
+ static PyTypeObject py_dex_class_type = {
+
+ PyObject_HEAD_INIT(NULL)
+
+ .tp_name = "pychrysalide.format.dex.DexClass",
+ .tp_basicsize = sizeof(PyGObject),
+
+ .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,
+
+ .tp_doc = "PyChrysalide Dex class",
+
+ .tp_methods = py_dex_class_methods,
+ .tp_getset = py_dex_class_getseters,
+ .tp_new = (newfunc)py_dex_class_new
+
+ };
+
+ pygobj_mod = PyImport_ImportModule("gobject");
+ if (pygobj_mod == NULL) return false;
+
+ py_dex_class_type.tp_base = (PyTypeObject *)PyObject_GetAttrString(pygobj_mod, "GObject");
+ Py_DECREF(pygobj_mod);
+
+ if (PyType_Ready(&py_dex_class_type) < 0)
+ return false;
+
+ Py_INCREF(&py_dex_class_type);
+ ret = PyModule_AddObject(module, "DexClass", (PyObject *)&py_dex_class_type);
+
+ return (ret == 0);
+
+}
diff --git a/plugins/pychrysa/format/dex/class.h b/plugins/pychrysa/format/dex/class.h
new file mode 100644
index 0000000..addf7ca
--- /dev/null
+++ b/plugins/pychrysa/format/dex/class.h
@@ -0,0 +1,44 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * class.h - prototypes pour l'équivalent Python du fichier "format/dex/class.h"
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef _PLUGINS_PYCHRYSA_FORMAT_DEX_CLASS_H
+#define _PLUGINS_PYCHRYSA_FORMAT_DEX_CLASS_H
+
+
+#include <Python.h>
+#include <stdbool.h>
+
+#include <format/dex/class.h>
+
+
+
+/* Crée un nouvel objet Python de type 'DexClass'. */
+PyObject *py_dex_class_from_c(GDexClass *);
+
+/* Prend en charge l'objet 'pychrysalide.format.dex.DexClass'. */
+bool register_python_dex_class(PyObject *module);
+
+
+
+#endif /* _PLUGINS_PYCHRYSA_FORMAT_DEX_CLASS_H */
diff --git a/plugins/pychrysa/format/dex/dex.c b/plugins/pychrysa/format/dex/dex.c
new file mode 100644
index 0000000..2df8d1b
--- /dev/null
+++ b/plugins/pychrysa/format/dex/dex.c
@@ -0,0 +1,250 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * dex.c - équivalent Python du fichier "format/dex/dex.c"
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include "dex.h"
+
+
+#include <pygobject.h>
+
+#include <format/dex/dex-int.h>
+
+
+#include "class.h"
+#include "../../quirks.h"
+
+
+
+/* Crée un nouvel objet Python de type 'DexFormat'. */
+static PyObject *py_dex_format_new(PyTypeObject *, PyObject *, PyObject *);
+
+/* Dénombre le nombre de classes trouvées. */
+static PyObject *py_dex_format_count_classes(PyObject *, PyObject *);
+
+/* Fournit une classe du format chargée en mémoire. */
+static PyObject *py_dex_format_get_class(PyObject *, PyObject *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : type = type de l'objet à instancier. *
+* args = arguments fournis à l'appel. *
+* kwds = arguments de type key=val fournis. *
+* *
+* Description : Crée un nouvel objet Python de type 'DexFormat'. *
+* *
+* Retour : Instance Python mise en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_dex_format_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
+{
+ PyObject *result; /* Instance à retourner */
+ const bin_t *content; /* Données binaires */
+ int length; /* Quantité de ces données */
+ int ret; /* Bilan de lecture des args. */
+ GBinFormat *format; /* Version GLib du format */
+
+ ret = PyArg_ParseTuple(args, "s#", &content, &length);
+ if (!ret) return Py_None;
+
+ format = g_dex_format_new(content, length);
+ if (format == NULL) return Py_None;
+
+ result = py_dex_format_from_c(G_DEX_FORMAT(format));
+ g_object_unref(format);
+
+ return (PyObject *)result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : item = instance existante GLib. *
+* *
+* Description : Crée un nouvel objet Python de type 'DexFormat'. *
+* *
+* Retour : Instance Python mise en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+PyObject *py_dex_format_from_c(GDexFormat *format)
+{
+ PyObject *module; /* Module d'appartenance */
+ PyTypeObject *type; /* Type Python correspondant */
+
+ module = PyImport_ImportModule("pychrysalide.format.dex");
+ type = (PyTypeObject *)PyObject_GetAttrString(module, "DexFormat");
+ Py_DECREF(module);
+
+ pychrysalide_set_instance_data(G_OBJECT(format), type);
+
+ return pygobject_new(G_OBJECT(format));
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = classe représentant un binaire. *
+* args = arguments fournis à l'appel. *
+* *
+* Description : Dénombre le nombre de classes trouvées. *
+* *
+* Retour : Quantité de classes présentes. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_dex_format_count_classes(PyObject *self, PyObject *args)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ GDexFormat *format; /* Version native */
+ size_t count; /* Quantité à retourner */
+
+ format = G_DEX_FORMAT(pygobject_get(self));
+
+ count = g_dex_format_count_classes(format);
+
+ result = PyLong_FromLong(count);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = classe représentant un binaire. *
+* args = arguments fournis à l'appel. *
+* *
+* Description : Fournit une classe du format chargée en mémoire. *
+* *
+* Retour : Instance représentant une classe chargée. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_dex_format_get_class(PyObject *self, PyObject *args)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ int ret; /* Bilan de lecture des args. */
+ int index; /* Indice de la classe */
+ GDexFormat *format; /* Version native */
+ GDexClass *class; /* Classe à communiquer */
+
+ ret = PyArg_ParseTuple(args, "i", &index);
+ if (!ret) return Py_None;
+
+ format = G_DEX_FORMAT(pygobject_get(self));
+
+ class = g_dex_format_get_class(format, index);
+ if (class == NULL) return Py_None;
+
+ result = py_dex_class_from_c(class);
+
+ return result;
+
+}
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : module = module dont la définition est à compléter. *
+* *
+* Description : Prend en charge l'objet 'pychrysalide.format.dex.DexFormat'. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool register_python_dex_format(PyObject *module)
+{
+ PyObject *pygobj_mod; /* Module Python-GObject */
+ int ret; /* Bilan d'un appel */
+
+ static PyMethodDef py_dex_format_methods[] = {
+ {
+ "count_classes", (PyCFunction)py_dex_format_count_classes,
+ METH_NOARGS,
+ "Count the quantity of loaded Dex classes."
+ },
+ {
+ "get_class", (PyCFunction)py_dex_format_get_class,
+ METH_VARARGS,
+ "Provide a given loaded Dex class."
+ },
+ { NULL }
+ };
+
+ static PyGetSetDef py_dex_format_getseters[] = {
+ { NULL }
+ };
+
+ static PyTypeObject py_dex_format_type = {
+
+ PyObject_HEAD_INIT(NULL)
+
+ .tp_name = "pychrysalide.format.dex.DexFormat",
+ .tp_basicsize = sizeof(PyGObject),
+
+ .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,
+
+ .tp_doc = "PyChrysalide Dex format",
+
+ .tp_methods = py_dex_format_methods,
+ .tp_getset = py_dex_format_getseters,
+ .tp_new = (newfunc)py_dex_format_new
+
+ };
+
+ pygobj_mod = PyImport_ImportModule("gobject");
+ if (pygobj_mod == NULL) return false;
+
+ py_dex_format_type.tp_base = (PyTypeObject *)PyObject_GetAttrString(pygobj_mod, "GObject");
+ Py_DECREF(pygobj_mod);
+
+ if (PyType_Ready(&py_dex_format_type) < 0)
+ return false;
+
+ Py_INCREF(&py_dex_format_type);
+ ret = PyModule_AddObject(module, "DexFormat", (PyObject *)&py_dex_format_type);
+
+ return (ret == 0);
+
+}
diff --git a/plugins/pychrysa/format/dex/dex.h b/plugins/pychrysa/format/dex/dex.h
new file mode 100644
index 0000000..65eec0d
--- /dev/null
+++ b/plugins/pychrysa/format/dex/dex.h
@@ -0,0 +1,44 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * dex.h - prototypes pour l'équivalent Python du fichier "format/dex/dex.h"
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef _PLUGINS_PYCHRYSA_FORMAT_DEX_DEX_H
+#define _PLUGINS_PYCHRYSA_FORMAT_DEX_DEX_H
+
+
+#include <Python.h>
+#include <stdbool.h>
+
+#include <format/dex/dex.h>
+
+
+
+/* Crée un nouvel objet Python de type 'DexFormat'. */
+PyObject *py_dex_format_from_c(GDexFormat *);
+
+/* Prend en charge l'objet 'pychrysalide.format.dex.DexFormat'. */
+bool register_python_dex_format(PyObject *module);
+
+
+
+#endif /* _PLUGINS_PYCHRYSA_FORMAT_DEX_DEX_H */
diff --git a/plugins/pychrysa/format/dex/module.c b/plugins/pychrysa/format/dex/module.c
new file mode 100644
index 0000000..cea0702
--- /dev/null
+++ b/plugins/pychrysa/format/dex/module.c
@@ -0,0 +1,70 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * module.c - intégration du répertoire dex en tant que module
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include "module.h"
+
+
+#include "class.h"
+#include "dex.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : module = module dont la définition est à compléter. *
+* *
+* Description : Ajoute le module 'format.dex' au module Python. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool add_format_dex_module_to_python_module(PyObject *super)
+{
+ bool result;
+ PyObject *module;
+ int ret; /* Bilan d'un appel */
+
+ static PyMethodDef py_format_dex_methods[] = {
+ { NULL }
+ };
+
+ module = Py_InitModule("pychrysalide.format.dex", py_format_dex_methods);
+ if (module == NULL) return false;
+
+ Py_INCREF(module);
+ ret = PyModule_AddObject(super, "pychrysalide.format.dex", module);
+
+ result = (ret != 0);
+
+ if (ret != 0) /* ... */;
+
+ result &= register_python_dex_class(module);
+ result &= register_python_dex_format(module);
+
+ return true;
+
+}
diff --git a/plugins/pychrysa/format/dex/module.h b/plugins/pychrysa/format/dex/module.h
new file mode 100644
index 0000000..de79edb
--- /dev/null
+++ b/plugins/pychrysa/format/dex/module.h
@@ -0,0 +1,39 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * module.h - prototypes pour l'intégration du répertoire dex en tant que module
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef _PLUGINS_PYCHRYSA_FORMAT_DEX_MODULE_H
+#define _PLUGINS_PYCHRYSA_FORMAT_DEX_MODULE_H
+
+
+#include <Python.h>
+#include <stdbool.h>
+
+
+
+/* Ajoute le module 'format.dex' au module Python. */
+bool add_format_dex_module_to_python_module(PyObject *);
+
+
+
+#endif /* _PLUGINS_PYCHRYSA_FORMAT_DEX_MODULE_H */
diff --git a/plugins/pychrysa/format/executable.c b/plugins/pychrysa/format/executable.c
index 2f10f71..7cdc855 100644
--- a/plugins/pychrysa/format/executable.c
+++ b/plugins/pychrysa/format/executable.c
@@ -25,6 +25,35 @@
#include "executable.h"
+#include "format.h"
+
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance existante GLib. *
+* *
+* Description : Crée un nouvel objet Python de type 'ExeFormat'. *
+* *
+* Retour : Instance Python mise en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+PyObject *py_executable_format_from_c(GExeFormat *format)
+{
+ return py_binary_format_from_c(G_BIN_FORMAT(format));
+
+}
+
+
+
diff --git a/plugins/pychrysa/format/executable.h b/plugins/pychrysa/format/executable.h
index 577d1f9..4109784 100644
--- a/plugins/pychrysa/format/executable.h
+++ b/plugins/pychrysa/format/executable.h
@@ -33,6 +33,12 @@
+/* Crée un nouvel objet Python de type 'ExeFormat'. */
+PyObject *py_executable_format_from_c(GExeFormat *);
+
+
+
+
/* Convertit une instance GLib en objet Python 'py_executable'. */
PyObject *py_executable_convert(GExeFormat *);
diff --git a/plugins/pychrysa/format/format.c b/plugins/pychrysa/format/format.c
new file mode 100644
index 0000000..ea556ba
--- /dev/null
+++ b/plugins/pychrysa/format/format.c
@@ -0,0 +1,159 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * format.c - équivalent Python du fichier "format/format.c"
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include "format.h"
+
+
+#include <pygobject.h>
+
+
+#include "dex/dex.h"
+#include "../quirks.h"
+
+
+
+/* Crée un nouvel objet Python de type 'BinFormat'. */
+static PyObject *py_binary_format_new(PyTypeObject *, PyObject *, PyObject *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : type = type de l'objet à instancier. *
+* args = arguments fournis à l'appel. *
+* kwds = arguments de type key=val fournis. *
+* *
+* Description : Crée un nouvel objet Python de type 'BinFormat'. *
+* *
+* Retour : Instance Python mise en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_binary_format_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
+{
+ return Py_None;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = instance existante GLib. *
+* *
+* Description : Crée un nouvel objet Python de type 'BinFormat'. *
+* *
+* Retour : Instance Python mise en place. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+PyObject *py_binary_format_from_c(GBinFormat *format)
+{
+ PyObject *result; /* Conversion à retourner */
+ GType type; /* Type réel du format */
+
+ type = G_OBJECT_TYPE(G_OBJECT(format));
+
+ if (type == G_TYPE_DEX_FORMAT)
+ result = py_dex_format_from_c(G_DEX_FORMAT(format));
+ else
+ result = Py_None;
+
+ return result;
+
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+/******************************************************************************
+* *
+* Paramètres : module = module dont la définition est à compléter. *
+* *
+* Description : Prend en charge l'objet 'pychrysalide.gui.panels.BinFormat'. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool register_python_binary_format(PyObject *module)
+{
+ PyObject *pygobj_mod; /* Module Python-GObject */
+ int ret; /* Bilan d'un appel */
+
+ static PyMethodDef py_binary_format_methods[] = {
+ { NULL }
+ };
+
+ static PyGetSetDef py_binary_format_getseters[] = {
+ { NULL }
+ };
+
+ static PyTypeObject py_binary_format_type = {
+
+ PyObject_HEAD_INIT(NULL)
+
+ .tp_name = "pychrysalide.format.BinFormat",
+ .tp_basicsize = sizeof(PyGObject),
+
+ .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,
+
+ .tp_doc = "PyChrysalide binary format",
+
+ .tp_methods = py_binary_format_methods,
+ .tp_getset = py_binary_format_getseters,
+ .tp_new = (newfunc)py_binary_format_new
+
+ };
+
+ pygobj_mod = PyImport_ImportModule("gobject");
+ if (pygobj_mod == NULL) return false;
+
+ py_binary_format_type.tp_base = (PyTypeObject *)PyObject_GetAttrString(pygobj_mod, "GObject");
+ Py_DECREF(pygobj_mod);
+
+ if (PyType_Ready(&py_binary_format_type) < 0)
+ return false;
+
+ Py_INCREF(&py_binary_format_type);
+ ret = PyModule_AddObject(module, "BinFormat", (PyObject *)&py_binary_format_type);
+
+ return (ret == 0);
+
+}
diff --git a/plugins/pychrysa/format/format.h b/plugins/pychrysa/format/format.h
new file mode 100644
index 0000000..8f38408
--- /dev/null
+++ b/plugins/pychrysa/format/format.h
@@ -0,0 +1,44 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * format.h - prototypes pour l'équivalent Python du fichier "format/format.h"
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef _PLUGINS_PYCHRYSA_FORMAT_FORMAT_H
+#define _PLUGINS_PYCHRYSA_FORMAT_FORMAT_H
+
+
+#include <Python.h>
+#include <stdbool.h>
+
+#include <format/format.h>
+
+
+
+/* Crée un nouvel objet Python de type 'BinFormat'. */
+PyObject *py_binary_format_from_c(GBinFormat *);
+
+/* Prend en charge l'objet 'pychrysalide.format.BinFormat'. */
+bool register_python_binary_format(PyObject *module);
+
+
+
+#endif /* _PLUGINS_PYCHRYSA_FORMAT_FORMAT_H */
diff --git a/plugins/pychrysa/format/module.c b/plugins/pychrysa/format/module.c
index 1f15d50..d3e863f 100644
--- a/plugins/pychrysa/format/module.c
+++ b/plugins/pychrysa/format/module.c
@@ -26,6 +26,7 @@
#include "executable.h"
+#include "dex/module.h"
@@ -53,16 +54,18 @@ bool add_format_module_to_python_module(PyObject *super)
{ NULL }
};
- module = Py_InitModule("pyoida.format", py_format_methods);
+ module = Py_InitModule("pychrysalide.format", py_format_methods);
if (module == NULL) return false;
Py_INCREF(module);
- ret = PyModule_AddObject(super, "pyoida.format", module);
+ ret = PyModule_AddObject(super, "pychrysalide.format", module);
result = (ret != 0);
result &= add_format_executable_to_python_module(module);
+ result &= add_format_dex_module_to_python_module(module);
+
return result;
}
diff --git a/src/analysis/disass/links.c b/src/analysis/disass/links.c
index 4d799fc..7cc3c27 100644
--- a/src/analysis/disass/links.c
+++ b/src/analysis/disass/links.c
@@ -50,12 +50,14 @@ void establish_links_between_lines(GArchInstruction *list, GBinRoutine **routine
vmpa_t addr; /* Adresse référencée */
InstructionLinkType type; /* Type de référence */
GArchInstruction *target; /* Ligne visée par la référence*/
+ GArchInstruction *prev; /* Instruction précédente */
for (i = 0; i < count; i++)
{
start = g_binary_routine_get_address(routines[i]);
end = start + g_binary_routine_get_size(routines[i]);
+ /* Définition de toutes les destinations */
for (iter = g_arch_instruction_find_by_address(list, start, true);
iter != NULL;
iter = g_arch_instruction_get_next_iter(list, iter, end))
@@ -104,10 +106,39 @@ void establish_links_between_lines(GArchInstruction *list, GBinRoutine **routine
break;
+ default:
+ /**
+ * Note pour GCC : à ce stade du désassemblage, ILT_CATCH_EXCEPTION
+ * ne peut être présente, car ne provenant que de greffons.
+ * Pour ILT_EXEC_FLOW, sa seule insertion est ici, plus bas.
+ */
+ break;
+
}
}
+ /* Rattachement de deux blocs selon le flux normal */
+
+ iter = g_arch_instruction_find_by_address(list, start, true);
+
+ for (iter = g_arch_instruction_get_next_iter(list, iter, end);
+ iter != NULL;
+ iter = g_arch_instruction_get_next_iter(list, iter, end))
+ {
+ if (!g_arch_instruction_has_sources(iter))
+ continue;
+
+ prev = g_arch_instruction_get_prev_iter(list, iter);
+
+ if (g_arch_instruction_is_return(prev))
+ continue;
+
+ if (!g_arch_instruction_has_destinations(prev))
+ g_arch_instruction_link_with(prev, iter, ILT_EXEC_FLOW);
+
+ }
+
gtk_extended_status_bar_update_activity(statusbar, id, (i + 1) * 1.0 / count);
}
diff --git a/src/analysis/type-int.h b/src/analysis/type-int.h
new file mode 100644
index 0000000..a26deeb
--- /dev/null
+++ b/src/analysis/type-int.h
@@ -0,0 +1,67 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * type-int.h - prototypes pour la définition interne des types de données
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _ANALYSIS_TYPE_INT_H
+#define _ANALYSIS_TYPE_INT_H
+
+
+#include "type.h"
+
+
+
+/* Décrit le type fourni sous forme de caractères. */
+typedef GDataType * (* type_dup_fc) (const GDataType *);
+
+/* Décrit le type fourni sous forme de caractères. */
+typedef char * (* type_to_string_fc) (const GDataType *);
+
+/* Procède à l'impression de la description d'un type. */
+typedef void (* output_type_fc) (const GDataType *, GLangOutput *, GBufferLine *, bool, bool);
+
+
+/* Description de type quelconque (instance) */
+struct _GDataType
+{
+ GObject parent; /* A laisser en premier */
+
+ type_dup_fc dup; /* Copie d'instance existante */
+ type_to_string_fc to_string; /* Conversion au format texte */
+ output_type_fc output; /* Impression à l'écran */
+
+ GDataType *namespace; /* Espace de noms / classe */
+ TypeQualifier qualifiers; /* Eventuels qualificatifs */
+
+ GTypesManager *manager; /* Gestionnaire global */
+
+};
+
+/* Description de type quelconque (classe) */
+struct _GDataTypeClass
+{
+ GObjectClass parent; /* A laisser en premier */
+
+};
+
+
+
+#endif /* _ANALYSIS_TYPE_INT_H */
diff --git a/src/arch/instruction-int.h b/src/arch/instruction-int.h
index e323d6c..c89a51b 100644
--- a/src/arch/instruction-int.h
+++ b/src/arch/instruction-int.h
@@ -83,6 +83,7 @@ struct _GArchInstructionClass
};
+#define ainstr_list_prev_iter(iter, head) dl_list_prev_iter(iter, head, GArchInstruction, flow)
#define ainstr_list_next_iter(iter, head) dl_list_next_iter(iter, head, GArchInstruction, flow)
#define ainstr_list_add_tail(new, head) dl_list_add_tail(new, head, GArchInstruction, flow)
#define ainstr_list_for_each(pos, head) dl_list_for_each(pos, head, GArchInstruction, flow)
diff --git a/src/arch/instruction.c b/src/arch/instruction.c
index b553aec..98d7c85 100644
--- a/src/arch/instruction.c
+++ b/src/arch/instruction.c
@@ -381,7 +381,9 @@ bool g_arch_instruction_has_sources(const GArchInstruction *instr)
bool g_arch_instruction_has_destinations(const GArchInstruction *instr)
{
- return (instr->to_count > 1 || (instr->to_count == 1 && instr->links_type[0] != ILT_CALL));
+ /* FIXME !? */
+ //return (instr->to_count > 1 || (instr->to_count == 1 && instr->links_type[0] != ILT_CALL));
+ return (instr->to_count > 0);
}
@@ -607,6 +609,30 @@ void g_arch_instruction_add_to_list(GArchInstruction **list, GArchInstruction *i
* *
* Paramètres : list = liste d'instructions à consulter. *
* : iter = position actuelle dans la liste. *
+* *
+* Description : Fournit l'élement suivant un autre pour un parcours. *
+* *
+* Retour : Elément suivant ou NULL si aucun. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GArchInstruction *g_arch_instruction_get_prev_iter(const GArchInstruction *list, const GArchInstruction *iter)
+{
+ GArchInstruction *result; /* Elément suivant à renvoyer */
+
+ result = ainstr_list_prev_iter(iter, list);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : list = liste d'instructions à consulter. *
+* : iter = position actuelle dans la liste. *
* max = adresse marquant la limite (exclue) du parcours. *
* *
* Description : Fournit l'élement suivant un autre pour un parcours. *
diff --git a/src/arch/instruction.h b/src/arch/instruction.h
index efd2b75..a4e26d4 100644
--- a/src/arch/instruction.h
+++ b/src/arch/instruction.h
@@ -42,10 +42,12 @@
typedef enum _InstructionLinkType
{
ILT_NONE, /* Aucune instruction visée */
+ ILT_EXEC_FLOW, /* Raccord attendu entre blocs */
ILT_JUMP, /* Saut inconditionnel */
ILT_JUMP_IF_TRUE, /* Saut conditionnel (si vrai) */
ILT_JUMP_IF_FALSE, /* Saut conditionnel (si faux) */
- ILT_CALL /* Appel d'une fonction */
+ ILT_CALL, /* Appel d'une fonction */
+ ILT_CATCH_EXCEPTION /* Gestion d'une exception */
} InstructionLinkType;
@@ -133,6 +135,9 @@ GDecInstruction *g_arch_instruction_decompile(const GArchInstruction *, GDecCont
void g_arch_instruction_add_to_list(GArchInstruction **, GArchInstruction *);
/* Fournit l'élement suivant un autre pour un parcours. */
+GArchInstruction *g_arch_instruction_get_prev_iter(const GArchInstruction *, const GArchInstruction *);
+
+/* Fournit l'élement suivant un autre pour un parcours. */
GArchInstruction *g_arch_instruction_get_next_iter(const GArchInstruction *, const GArchInstruction *, vmpa_t);
/* Recherche une instruction d'après son adresse. */
diff --git a/src/common/leb128.h b/src/common/leb128.h
index 0364cf7..398785f 100644
--- a/src/common/leb128.h
+++ b/src/common/leb128.h
@@ -26,6 +26,7 @@
#include <stdbool.h>
+#include <stdlib.h>
#include "../arch/archbase.h"
@@ -37,6 +38,16 @@ typedef uint64_t uleb128_t;
typedef int64_t leb128_t;
+/* Récupération de la valeur absolue */
+#define leb128_abs(v) llabs(v)
+
+
+/* Valeurs minimales et maximales */
+#define ULEB128_MIN UINT64_MIN
+#define ULEB128_MAX UINT64_MAX
+#define LEB128_MIN INT64_MIN
+#define LEB128_MAX INT64_MAX
+
/* Lit un nombre non signé encodé au format LEB128. */
bool read_uleb128(uleb128_t *, const bin_t *, off_t *, off_t);
diff --git a/src/format/dex/class.c b/src/format/dex/class.c
index 52389c4..52141ae 100644
--- a/src/format/dex/class.c
+++ b/src/format/dex/class.c
@@ -254,6 +254,61 @@ static void g_dex_class_register_method(const GDexClass *class, GBinFormat *form
/******************************************************************************
* *
+* Paramètres : class = informations chargées à consulter. *
+* virtual = précise la nature des méthodes ciblées. *
+* *
+* Description : Dénombre les méthodes chargées d'un type donné. *
+* *
+* Retour : Quantité de méthodes trouvées. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+size_t g_dex_class_count_methods(const GDexClass *class, bool virtual)
+{
+ size_t result; /* Compte à retourner */
+
+ if (virtual)
+ result = class->vmethods_count;
+ else
+ result = class->dmethods_count;
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : class = informations chargées à consulter. *
+* virtual = précise la nature des méthodes ciblées. *
+* index = indique l'indice de la méthode désirée. *
+* *
+* Description : Fournit une méthode chargée correspondant à un type donné. *
+* *
+* Retour : Quantité de méthodes trouvées. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GDexMethod *g_dex_class_get_method(const GDexClass *class, bool virtual, size_t index)
+{
+ GDexMethod *result; /* Instance à renvoyer */
+
+ if (virtual)
+ result = class->virtual_methods[index];
+ else
+ result = class->direct_methods[index];
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
* Paramètres : class = informations chargées à consulter. *
* parts = liste à venir compléter. *
* count = quantité de zones listées. [OUT] *
@@ -294,6 +349,10 @@ GBinPart **g_dex_class_get_parts(const GDexClass *class, GBinPart **parts, size_
}
+
+
+
+
/******************************************************************************
* *
* Paramètres : class = informations chargées à consulter. *
diff --git a/src/format/dex/class.h b/src/format/dex/class.h
index 998c1b7..e7094ff 100644
--- a/src/format/dex/class.h
+++ b/src/format/dex/class.h
@@ -54,6 +54,12 @@ typedef struct _GDexClassClass GDexClassClass;
/* Détermine le type d'une classe issue du code source. */
GType g_dex_class_get_type(void);
+/* Dénombre les méthodes chargées d'un type donné. */
+size_t g_dex_class_count_methods(const GDexClass *, bool);
+
+/* Fournit une méthode chargée correspondant à un type donné. */
+GDexMethod *g_dex_class_get_method(const GDexClass *, bool, size_t);
+
/* Fournit les références aux zones binaires à analyser. */
GBinPart **g_dex_class_get_parts(const GDexClass *, GBinPart **, size_t *);
diff --git a/src/format/dex/dex-int.c b/src/format/dex/dex-int.c
index 5628e6b..200b01f 100644
--- a/src/format/dex/dex-int.c
+++ b/src/format/dex/dex-int.c
@@ -529,10 +529,226 @@ void reset_dex_class_data_item(class_data_item *item)
+/* ---------------------------------------------------------------------------------- */
+/* PORTION DE CODE EXECUTABLE */
+/* ---------------------------------------------------------------------------------- */
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* pos = position de début de lecture. [OUT] *
+* pair = structure lue à retourner. [OUT] *
+* *
+* Description : Procède à la lecture d'une association exception <-> code. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dex_encoded_type_addr_pair(const GDexFormat *format, off_t *pos, encoded_type_addr_pair *pair)
+{
+ bool result; /* Bilan à retourner */
+ const bin_t *content; /* Contenu binaire à lire */
+ off_t length; /* Taille totale du contenu */
+
+ result = true;
+
+ content = G_BIN_FORMAT(format)->content;
+ length = G_BIN_FORMAT(format)->length;
+
+ result &= read_uleb128(&pair->type_idx, content, pos, length);
+ result &= read_uleb128(&pair->addr, content, pos, length);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* pos = position de début de lecture. [OUT] *
+* handler = structure lue à retourner. [OUT] *
+* *
+* Description : Procède à la lecture d'une association exception <-> code. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dex_encoded_catch_handler(const GDexFormat *format, off_t *pos, encoded_catch_handler *handler)
+{
+ bool result; /* Bilan à retourner */
+ const bin_t *content; /* Contenu binaire à lire */
+ off_t length; /* Taille totale du contenu */
+ leb128_t count; /* Nombre de gestionnaires */
+ leb128_t i; /* Boucle de parcours */
+
+ result = true;
+
+ content = G_BIN_FORMAT(format)->content;
+ length = G_BIN_FORMAT(format)->length;
+
+ handler->offset = *pos;
+
+ result &= read_leb128(&handler->size, content, pos, length);
+
+ count = leb128_abs(handler->size);
+
+ if (count > 0 && result)
+ {
+ handler->handlers = (encoded_type_addr_pair *)calloc(count, sizeof(encoded_type_addr_pair));
+
+ for (i = 0; i < count && result; i++)
+ result &= read_dex_encoded_type_addr_pair(format, pos, &handler->handlers[i]);
+
+ }
+ else handler->handlers = NULL;
+
+ if (handler->size < 0)
+ result &= read_uleb128(&handler->catch_all_addr, content, pos, length);
+ else
+ handler->catch_all_addr = ULEB128_MAX;
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : handler = structure à nettoyer. *
+* *
+* Description : Supprime tous les éléments chargés en mémoire à la lecture. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void reset_dex_encoded_catch_handler(encoded_catch_handler *handler)
+{
+ if (handler->handlers != NULL)
+ free(handler->handlers);
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* pos = position de début de lecture. [OUT] *
+* list = structure lue à retourner. [OUT] *
+* *
+* Description : Procède à la lecture d'une association exception <-> code. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dex_encoded_catch_handler_list(const GDexFormat *format, off_t *pos, encoded_catch_handler_list *list)
+{
+ bool result; /* Bilan à retourner */
+ const bin_t *content; /* Contenu binaire à lire */
+ off_t length; /* Taille totale du contenu */
+ off_t saved_off; /* Sauvegarde de position */
+ uleb128_t i; /* Boucle de parcours */
+ result = true;
+ content = G_BIN_FORMAT(format)->content;
+ length = G_BIN_FORMAT(format)->length;
+
+ saved_off = *pos;
+
+ result &= read_uleb128(&list->size, content, pos, length);
+ if (list->size > 0 && result)
+ {
+ list->list = (encoded_catch_handler *)calloc(list->size, sizeof(encoded_catch_handler));
+ for (i = 0; i < list->size && result; i++)
+ {
+ result &= read_dex_encoded_catch_handler(format, pos, &list->list[i]);
+ if (result) list->list[i].offset -= saved_off;
+ }
+
+ }
+ else list->list = NULL;
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : list = structure à nettoyer. *
+* *
+* Description : Supprime tous les éléments chargés en mémoire à la lecture. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void reset_dex_encoded_catch_handler_list(encoded_catch_handler_list *list)
+{
+ uleb128_t i; /* Boucle de parcours */
+
+ if (list->list != NULL)
+ {
+ for (i = 0; i < list->size; i++)
+ reset_dex_encoded_catch_handler(&list->list[i]);
+
+ free(list->list);
+
+ }
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* pos = position de début de lecture. [OUT] *
+* item = structure lue à retourner. [OUT] *
+* *
+* Description : Procède à la lecture d'une association exception <-> code. *
+* *
+* Retour : Bilan de l'opération. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool read_dex_try_item(const GDexFormat *format, off_t *pos, try_item *item)
+{
+ bool result; /* Bilan à retourner */
+ const bin_t *content; /* Contenu binaire à lire */
+ off_t length; /* Taille totale du contenu */
+
+ result = true;
+
+ content = G_BIN_FORMAT(format)->content;
+ length = G_BIN_FORMAT(format)->length;
+
+ result &= read_u32(&item->start_addr, content, pos, length, SRE_LITTLE);
+ result &= read_u16(&item->insn_count, content, pos, length, SRE_LITTLE);
+ result &= read_u16(&item->handler_off, content, pos, length, SRE_LITTLE);
+
+ return result;
+
+}
/******************************************************************************
@@ -554,6 +770,8 @@ bool read_dex_code_item(const GDexFormat *format, off_t *pos, code_item *item)
bool result; /* Bilan à retourner */
const bin_t *content; /* Contenu binaire à lire */
off_t length; /* Taille totale du contenu */
+ uint16_t padding; /* Eventuel alignement */
+ uint16_t i; /* Boucle de parcours */
result = true;
@@ -569,11 +787,59 @@ bool read_dex_code_item(const GDexFormat *format, off_t *pos, code_item *item)
item->insns = (uint16_t *)pos;
+ *pos += item->insns_size * sizeof(uint16_t);
+
+ /* Padding ? */
+ if (item->tries_size > 0 && item->insns_size % 2 == 1)
+ result &= read_u16(&padding, content, pos, length, SRE_LITTLE);
+
+ if (item->tries_size > 0 && result)
+ {
+ item->tries = (try_item *)calloc(item->tries_size, sizeof(try_item));
+
+ for (i = 0; i < item->tries_size && result; i++)
+ result &= read_dex_try_item(format, pos, &item->tries[i]);
+
+ if (result)
+ {
+ item->handlers = (encoded_catch_handler_list *)calloc(1, sizeof(encoded_catch_handler_list));
+ result &= read_dex_encoded_catch_handler_list(format, pos, item->handlers);
+ }
+
+ }
+
return result;
}
+/******************************************************************************
+* *
+* Paramètres : item = structure à nettoyer. *
+* *
+* Description : Supprime tous les éléments chargés en mémoire à la lecture. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void reset_dex_code_item(code_item *item)
+{
+ if (item->tries != NULL)
+ free(item->tries);
+
+ if (item->handlers != NULL)
+ {
+ reset_dex_encoded_catch_handler_list(item->handlers);
+ free(item->handlers);
+ }
+
+}
+
+
+
diff --git a/src/format/dex/dex-int.h b/src/format/dex/dex-int.h
index 5feb427..6a153c1 100755
--- a/src/format/dex/dex-int.h
+++ b/src/format/dex/dex-int.h
@@ -61,6 +61,12 @@ struct _GDexFormatClass
/* Retrouve si possible la méthode associée à une adresse. */
GDexMethod *g_dex_format_find_method_by_address(const GDexFormat *, vmpa_t);
+/* Dénombre le nombre de classes trouvées. */
+size_t g_dex_format_count_classes(const GDexFormat *);
+
+/* Fournit une classe du format chargée en mémoire. */
+GDexClass *g_dex_format_get_class(const GDexFormat *, size_t);
+
/* ------------------------ ELEMENTS DE TABLE DES CONSTANTES ------------------------ */
@@ -112,9 +118,33 @@ void reset_dex_class_data_item(class_data_item *);
+/* --------------------------- PORTION DE CODE EXECUTABLE --------------------------- */
+
+
+/* Procède à la lecture d'une association exception <-> code. */
+bool read_dex_encoded_type_addr_pair(const GDexFormat *, off_t *, encoded_type_addr_pair *);
+
+/* Procède à la lecture d'une association exception <-> code. */
+bool read_dex_encoded_catch_handler(const GDexFormat *, off_t *, encoded_catch_handler *);
+
+/* Supprime tous les éléments chargés en mémoire à la lecture. */
+void reset_dex_encoded_catch_handler(encoded_catch_handler *);
+
+/* Procède à la lecture d'une association exception <-> code. */
+bool read_dex_encoded_catch_handler_list(const GDexFormat *, off_t *, encoded_catch_handler_list *);
+
+/* Supprime tous les éléments chargés en mémoire à la lecture. */
+void reset_dex_encoded_catch_handler_list(encoded_catch_handler_list *);
+
+/* Procède à la lecture d'une association exception <-> code. */
+bool read_dex_try_item(const GDexFormat *, off_t *, try_item *);
+
/* Procède à la lecture d'une portion de code DEX. */
bool read_dex_code_item(const GDexFormat *, off_t *, code_item *);
+/* Supprime tous les éléments chargés en mémoire à la lecture. */
+void reset_dex_code_item(code_item *);
+
diff --git a/src/format/dex/dex.c b/src/format/dex/dex.c
index f0fb421..841f72f 100755
--- a/src/format/dex/dex.c
+++ b/src/format/dex/dex.c
@@ -2,7 +2,7 @@
/* OpenIDA - Outil d'analyse de fichiers binaires
* dex.c - support du format DEX
*
- * Copyright (C) 2010-2011 Cyrille Bagard
+ * Copyright (C) 2010-2012 Cyrille Bagard
*
* This file is part of OpenIDA.
*
@@ -450,3 +450,42 @@ static bool g_dex_format_translate_offset_into_address(const GDexFormat *format,
return result;
}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à consulter. *
+* *
+* Description : Dénombre le nombre de classes trouvées. *
+* *
+* Retour : Quantité de classes présentes. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+size_t g_dex_format_count_classes(const GDexFormat *format)
+{
+ return format->classes_count;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à consulter. *
+* index = indice de la classe visée. *
+* *
+* Description : Fournit une classe du format chargée en mémoire. *
+* *
+* Retour : Instance représentant une classe chargée. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+GDexClass *g_dex_format_get_class(const GDexFormat *format, size_t index)
+{
+ return format->classes[index];
+
+}
diff --git a/src/format/dex/dex.h b/src/format/dex/dex.h
index cfa72c1..9b769c2 100755
--- a/src/format/dex/dex.h
+++ b/src/format/dex/dex.h
@@ -2,7 +2,7 @@
/* OpenIDA - Outil d'analyse de fichiers binaires
* dex.h - prototypes pour le support du format DEX
*
- * Copyright (C) 2010 Cyrille Bagard
+ * Copyright (C) 2010-2012 Cyrille Bagard
*
* This file is part of OpenIDA.
*
diff --git a/src/format/dex/dex_def.h b/src/format/dex/dex_def.h
index ba88d69..d21ac15 100755
--- a/src/format/dex/dex_def.h
+++ b/src/format/dex/dex_def.h
@@ -179,6 +179,49 @@ typedef struct _class_data_item
/* --------------------------- PORTION DE CODE EXECUTABLE --------------------------- */
+/* Exception gérée */
+typedef struct _encoded_type_addr_pair
+{
+ uleb128_t type_idx; /* Type d'exception couverte */
+ uleb128_t addr; /* Adresse du début du code */
+
+} encoded_type_addr_pair;
+
+/* Ensemble d'exceptions prises en compte */
+typedef struct _encoded_catch_handler
+{
+ leb128_t size; /* Quantité d'exceptions */
+ encoded_type_addr_pair *handlers; /* Gestionnaires explicites */
+ uleb128_t catch_all_addr; /* Adresse par défaut */
+
+ /**
+ * Note : les spécifications indiquent que le champ handler_off de
+ * try_item renvoie vers le gestionnaire à partir de la base de la structure
+ * encoded_catch_handler_list. Comme la représentation interne de cette
+ * structure efface la représentation physique, on conserve en mémoire
+ * le décalage rencontré à la lecture dans un champ artificiel.
+ */
+ off_t offset; /* Position dans le binaire */
+
+} encoded_catch_handler;
+
+/* Liste des différents gestionnaires d'exceptions */
+typedef struct _encoded_catch_handler_list
+{
+ uleb128_t size; /* Taille de la liste */
+ encoded_catch_handler *list; /* Gestionnaires en place */
+
+} encoded_catch_handler_list;
+
+/* Zone couverte en cas de pépin */
+typedef struct _try_item
+{
+ uint32_t start_addr; /* Adresse du début couvert */
+ uint16_t insn_count; /* Nbre de doubles-octets gérés*/
+ uint16_t handler_off; /* Indice du gestionnaire */
+
+} try_item;
+
/* Description de la zone */
typedef struct _code_item
{
@@ -190,13 +233,13 @@ typedef struct _code_item
uint32_t insns_size; /* Nbre de blocs de 2 octets */
uint16_t *insns; /* Code exécutable */
-
+ try_item *tries; /* Zone d'exceptions */
+ encoded_catch_handler_list *handlers; /* Gestionnaires associés */
} code_item;
-
/* -------------------------- DESCRIPTION DU FORMAT DALVIK -------------------------- */
diff --git a/src/format/dex/method.c b/src/format/dex/method.c
index 25145f5..6ea9697 100644
--- a/src/format/dex/method.c
+++ b/src/format/dex/method.c
@@ -147,7 +147,9 @@ GDexMethod *g_dex_method_new(const GDexFormat *format, const encoded_method *see
result->info = *seed;
result->body = item;
- //printf(" ==== %s ====\n", g_binary_routine_get_name(routine));
+ //printf(" ==== (%p) %s ====\n", routine, g_binary_routine_to_string(routine));
+
+ //printf(" try ? %d\n", item.tries_size);
//printf(" method idx :: %d\n", seed->method_idx_diff);
//printf(" code size :: %d\n", item.insns_size);
@@ -180,6 +182,44 @@ GDexMethod *g_dex_method_new(const GDexFormat *format, const encoded_method *see
/******************************************************************************
* *
+* Paramètres : method = représentation interne de la méthode à consulter. *
+* *
+* Description : Fournit les indications Dex concernant la méthode. *
+* *
+* Retour : Données brutes du binaire. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const encoded_method *g_dex_method_get_dex_info(const GDexMethod *method)
+{
+ return &method->info;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : method = représentation interne de la méthode à consulter. *
+* *
+* Description : Fournit les indications Dex relatives au corps de la méthode.*
+* *
+* Retour : Données brutes du binaire. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+const code_item *g_dex_method_get_dex_body(const GDexMethod *method)
+{
+ return &method->body;
+
+}
+
+
+/******************************************************************************
+* *
* Paramètres : method = représentation interne du format DEX à consulter. *
* *
* Description : Fournit la routine OpenIDA correspondant à la méthode. *
@@ -272,7 +312,7 @@ DexVariableIndex g_dex_method_get_variable(const GDexMethod *method, uint32_t in
pivot = body->registers_size - body->ins_size;
- if (!(method->info.access_flags & ACC_STATIC))
+ if (!(info->access_flags & ACC_STATIC))
pivot++;
if (index >= pivot)
@@ -280,7 +320,7 @@ DexVariableIndex g_dex_method_get_variable(const GDexMethod *method, uint32_t in
/* S'agit-il de "this" ? */
- if (!(method->info.access_flags & ACC_STATIC)
+ if (!(info->access_flags & ACC_STATIC)
&& index == (body->registers_size - body->ins_size))
return DVI_THIS;
diff --git a/src/format/dex/method.h b/src/format/dex/method.h
index c06df73..33f23b1 100644
--- a/src/format/dex/method.h
+++ b/src/format/dex/method.h
@@ -69,6 +69,12 @@ GType g_dex_method_get_type(void);
/* Crée une nouvelle représentation de methode issue de code. */
GDexMethod *g_dex_method_new(const GDexFormat *, const encoded_method *, uleb128_t *);
+/* Fournit les indications Dex concernant la méthode. */
+const encoded_method *g_dex_method_get_dex_info(const GDexMethod *);
+
+/* Fournit les indications Dex relatives au corps de la méthode. */
+const code_item *g_dex_method_get_dex_body(const GDexMethod *);
+
/* Fournit la routine OpenIDA correspondant à la méthode. */
GBinRoutine *g_dex_method_get_routine(const GDexMethod *);
diff --git a/src/gtkext/graph/dot.c b/src/gtkext/graph/dot.c
index 4c35089..0e7091e 100644
--- a/src/gtkext/graph/dot.c
+++ b/src/gtkext/graph/dot.c
@@ -25,6 +25,7 @@
#include <malloc.h>
+#include <string.h>
#include <graphviz/gvc.h>
#include <graphviz/types.h>
@@ -210,14 +211,19 @@ GtkLinkRenderer **create_links_from_graph_layout(const graph_layout *layout, siz
/* Détermination de la couleur */
+ color = LKC_DEFAULT;
+
attrib = agfindedgeattr(agraphof(agtail(eiter)), "color");
- if (eiter->attr[attrib->index][0] == 'g') /* "green" */
- color = LKC_GREEN;
- else if (eiter->attr[attrib->index][0] == 'r') /* "red" */
- color = LKC_RED;
- else
- color = LKC_DEFAULT;
+ if (attrib != NULL)
+ {
+ if (strcmp("green", eiter->attr[attrib->index]) == 0)
+ color = LKC_GREEN;
+ else if (strcmp("red", eiter->attr[attrib->index]) == 0)
+ color = LKC_RED;
+ else if (strcmp("gray", eiter->attr[attrib->index]) == 0)
+ color = LKC_DASHED_GRAY;
+ }
/* Raccordement au point de départ */
diff --git a/src/gtkext/graph/layout.c b/src/gtkext/graph/layout.c
index 64a8236..3a2f4e3 100644
--- a/src/gtkext/graph/layout.c
+++ b/src/gtkext/graph/layout.c
@@ -137,7 +137,6 @@ static char *complete_graph_links(const GtkGraphView *view, GtkViewPanel **views
size_t j; /* Boucle de parcours #2 */
size_t k; /* Boucle de parcours #3 */
char cmd[LINKS_DESC_LEN]; /* Tampon pour l'ajout de liens*/
- GArchInstruction *next; /* Instruction suivante */
if (count == 0)
return desc;
@@ -168,6 +167,7 @@ static char *complete_graph_links(const GtkGraphView *view, GtkViewPanel **views
if (k < count)
switch (types[j])
{
+ case ILT_EXEC_FLOW:
case ILT_JUMP:
snprintf(cmd, LINKS_DESC_LEN,
"_%p:s -> _%p:n [ltail=cluster_%p, lhead=cluster_%p];\n",
@@ -191,6 +191,14 @@ static char *complete_graph_links(const GtkGraphView *view, GtkViewPanel **views
desc = stradd(desc, cmd);
break;
+ case ILT_CATCH_EXCEPTION:
+ snprintf(cmd, LINKS_DESC_LEN,
+ "_%p:s -> _%p:n [ltail=cluster_%p, lhead=cluster_%p, " \
+ "color=gray];\n",
+ views[i], views[k], views[i], views[k]);
+ desc = stradd(desc, cmd);
+ break;
+
default:
break;
@@ -200,31 +208,6 @@ static char *complete_graph_links(const GtkGraphView *view, GtkViewPanel **views
}
- /* Sinon on suit le flux normal */
- else
- {
- if (g_arch_instruction_is_return(last))
- continue;
-
- next = g_arch_instruction_get_next_iter(instrs, last, VMPA_MAX);
- if (next == NULL) continue;
-
- g_arch_instruction_get_location(next, NULL, NULL, &addr);
-
- for (k = 0; k < count; k++)
- if (gtk_view_panel_contain_address(views[k], addr))
- break;
-
- if (k < count)
- {
- snprintf(cmd, LINKS_DESC_LEN,
- "_%p:s -> _%p:n [ltail=cluster_%p, lhead=cluster_%p];\n",
- views[i], views[k], views[i], views[k]);
- desc = stradd(desc, cmd);
- }
-
- }
-
}
return desc;
diff --git a/src/gtkext/gtkgraphview.c b/src/gtkext/gtkgraphview.c
index f205ee2..1a48680 100644
--- a/src/gtkext/gtkgraphview.c
+++ b/src/gtkext/gtkgraphview.c
@@ -650,7 +650,7 @@ static GtkViewPanel **gtk_graph_view_load_nodes(GtkGraphView *view, GLoadedBinar
g_arch_instruction_get_location(iter, NULL, NULL, &last);
if (first == VMPA_MAX) first = last;
- if (g_arch_instruction_has_destinations(iter))
+ if (g_arch_instruction_has_destinations(iter) || g_arch_instruction_is_return(iter))
{
result = (GtkViewPanel **)realloc(result, ++(*count) * sizeof(GtkViewPanel *));
diff --git a/src/gtkext/gtklinkrenderer.c b/src/gtkext/gtklinkrenderer.c
index 43eda38..8b43fa8 100644
--- a/src/gtkext/gtklinkrenderer.c
+++ b/src/gtkext/gtklinkrenderer.c
@@ -189,6 +189,22 @@ void _gtk_link_renderer_draw(const GtkLinkRenderer *renderer, cairo_t *cairo, bo
case LKC_RED:
cairo_set_source_rgb(cairo, 0.8, 0, 0);
break;
+ case LKC_DASHED_GRAY:
+ cairo_set_source_rgb(cairo, 0.4, 0.4, 0.4);
+ break;
+ }
+
+ switch (renderer->color)
+ {
+ default:
+ case LKC_DEFAULT:
+ case LKC_GREEN:
+ case LKC_RED:
+ cairo_set_dash(cairo, (double []) { 6.0 }, 0, 0.0);
+ break;
+ case LKC_DASHED_GRAY:
+ cairo_set_dash(cairo, (double []) { 6.0 }, 1, 0.0);
+ break;
}
/**
diff --git a/src/gtkext/gtklinkrenderer.h b/src/gtkext/gtklinkrenderer.h
index 574bd1d..3f6442c 100644
--- a/src/gtkext/gtklinkrenderer.h
+++ b/src/gtkext/gtklinkrenderer.h
@@ -52,6 +52,7 @@ typedef enum _LinkColor
LKC_DEFAULT, /* Noir, par défaut */
LKC_GREEN, /* Condition vérifiée */
LKC_RED, /* Condition non vérifiée */
+ LKC_DASHED_GRAY, /* Exception omniprésente */
LKC_COUNT
diff --git a/src/plugins/plugin.c b/src/plugins/plugin.c
index 89b46f0..416c647 100644
--- a/src/plugins/plugin.c
+++ b/src/plugins/plugin.c
@@ -125,10 +125,7 @@ GPluginModule *g_plugin_module_new(const gchar *filename, GObject *ref)
result->name = get_name();
if (!g_module_symbol(result->module, "init_plugin", (gpointer *)&result->init))
- {
- printf("Err plugin init sym\n");
- /* TODO */
- }
+ result->init = NULL;
/*
@@ -156,8 +153,7 @@ GPluginModule *g_plugin_module_new(const gchar *filename, GObject *ref)
result->get_action = get_action;
- /*
- if (result->action & (PGA_DISASSEMBLE | PGA_CODE_PROCESS))
+ if (g_plugin_module_get_action(result) & (PGA_DISASSEMBLE | PGA_DISASS_PROCESS | PGA_CODE_PROCESS))
{
if (!g_module_symbol(result->module, "execute_action_on_binary", (gpointer *)&result->exec_on_bin))
{
@@ -168,14 +164,13 @@ GPluginModule *g_plugin_module_new(const gchar *filename, GObject *ref)
}
- */
- if (!result->init(result, ref))
+ if (result->init != NULL && !result->init(result, ref))
{
log_variadic_message(LMT_ERROR, _("Initialization of plugin '%s' failed !"), filename);
goto bad_plugin;