summaryrefslogtreecommitdiff
path: root/plugins/androhelpers
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/androhelpers')
-rw-r--r--plugins/androhelpers/Makefile.am1
-rw-r--r--plugins/androhelpers/androhelpers.c9
-rw-r--r--plugins/androhelpers/params.c222
-rw-r--r--plugins/androhelpers/params.h37
-rw-r--r--plugins/androhelpers/try_n_catch.c6
5 files changed, 270 insertions, 5 deletions
diff --git a/plugins/androhelpers/Makefile.am b/plugins/androhelpers/Makefile.am
index 3562206..d5618d1 100644
--- a/plugins/androhelpers/Makefile.am
+++ b/plugins/androhelpers/Makefile.am
@@ -3,6 +3,7 @@ lib_LTLIBRARIES = libandrohelpers.la
libandrohelpers_la_SOURCES = \
androhelpers.h androhelpers.c \
+ params.h params.c \
try_n_catch.h try_n_catch.c
libandrohelpers_la_LDFLAGS = -L../../src/.libs -L../../src/gui/.libs -lchrysagui \
diff --git a/plugins/androhelpers/androhelpers.c b/plugins/androhelpers/androhelpers.c
index a644868..95714fd 100644
--- a/plugins/androhelpers/androhelpers.c
+++ b/plugins/androhelpers/androhelpers.c
@@ -27,6 +27,7 @@
#include <string.h>
+#include "params.h"
#include "try_n_catch.h"
@@ -66,7 +67,7 @@ PluginAction get_plugin_action(const GPluginModule *plugin)
{
PluginAction result; /* Combinaison à retourner */
- result = PGA_DISASS_PROCESS;
+ result = PGA_BINARY_DISASSEMBLED | PGA_BINARY_PRINTED;
return result;
@@ -93,7 +94,11 @@ bool execute_action_on_binary(GPluginModule *plugin, GLoadedBinary *binary, Plug
result = true;
- result &= process_exception_handlers(binary);
+ if (action == PGA_BINARY_DISASSEMBLED)
+ result &= replace_parameters(binary);
+
+ else if (action == PGA_BINARY_PRINTED)
+ result &= process_exception_handlers(binary);
return result;
diff --git a/plugins/androhelpers/params.c b/plugins/androhelpers/params.c
new file mode 100644
index 0000000..83cb5ec
--- /dev/null
+++ b/plugins/androhelpers/params.c
@@ -0,0 +1,222 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * params.c - affichage plus adapté des registres liés à des paramètres
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "params.h"
+
+
+#include <stdio.h>
+
+
+#include <arch/dalvik/operands/args.h>
+#include <arch/dalvik/operands/register.h>
+#include <format/dex/dex-int.h>
+#include <format/dex/method.h>
+
+
+
+/* Procède si nécessaire au remplacement du texte de l'opérande. */
+static void process_register_operand(const GDexMethod *, GArchOperand *);
+
+/* Parcours en profondeur un ensemble d'arguments. */
+static void process_args_operand(const GDexMethod *, const GDalvikArgsOperand *);
+
+/* Visite chaque opérande des instructions d'une méthode. */
+static void visit_all_method_operands(const GDexMethod *, GArchInstruction *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : method = routine en cours de parcours. *
+* operand = morceau d'instruction en cours de traitement. *
+* *
+* Description : Procède si nécessaire au remplacement du texte de l'opérande.*
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void process_register_operand(const GDexMethod *method, GArchOperand *operand)
+{
+ GDalvikRegister *reg; /* Registre représenté */
+ uint16_t index; /* Indice de ce registre */
+ DexVariableIndex info; /* Nature réelle du registre */
+ char tmp[12 /* 4294967295U */]; /* Construction du texte */
+
+ reg = g_dalvik_register_operand_get(G_DALVIK_REGISTER_OPERAND(operand));
+ index = g_dalvik_register_get_index(reg);
+
+ info = g_dex_method_get_variable(method, index);
+
+ if (info & DVI_THIS)
+ g_arch_operand_set_alt_text(operand, "this", RTT_REGISTER);
+
+ else if (info & DVI_ARGUMENT)
+ {
+ snprintf(tmp, 12, "p%u", (unsigned int)DVI_INDEX(info));
+ g_arch_operand_set_alt_text(operand, tmp, RTT_REGISTER);
+ printf("set '%s'\n", tmp);
+ }
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : method = routine en cours de parcours. *
+* args = liste d'opérandes à analyser. *
+* *
+* Description : Parcours en profondeur un ensemble d'arguments. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void process_args_operand(const GDexMethod *method, const GDalvikArgsOperand *args)
+{
+ size_t count; /* Nombre d'opérandes */
+ size_t i; /* Boucle de parcours */
+ GArchOperand *operand; /* Operande à manipuler */
+
+ count = g_dalvik_args_count(args);
+
+ for (i = 0; i < count; i++)
+ {
+ operand = g_dalvik_args_operand_get(args, i);
+
+ if (G_IS_DALVIK_REGISTER_OPERAND(operand))
+ process_register_operand(method, operand);
+
+ }
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : method = routine à venir parcourir. *
+* instrs = liste des instructions pour tout le binaire. *
+* *
+* Description : Visite chaque opérande des instructions d'une méthode. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void visit_all_method_operands(const GDexMethod *method, GArchInstruction *instrs)
+{
+ GBinRoutine *routine; /* Abstraction de la méthode */
+ vmpa_t start; /* Début de la zone couverte */
+ vmpa_t end; /* Fin de la zone couverte */
+ GArchInstruction *iter; /* Boucle de parcours #1 */
+ size_t count; /* Nombre d'opérandes */
+ size_t i; /* Boucle de parcours #2 */
+ GArchOperand *operand; /* Operande à manipuler */
+
+ routine = g_dex_method_get_routine(method);
+
+ start = g_binary_routine_get_address(routine);
+ end = start + g_binary_routine_get_size(routine);
+
+ for (iter = g_arch_instruction_find_by_address(instrs, start, true);
+ iter != NULL;
+ iter = g_arch_instruction_get_next_iter(instrs, iter, end))
+ {
+ count = g_arch_instruction_count_operands(iter);
+
+ for (i = 0; i < count; i++)
+ {
+ operand = g_arch_instruction_get_operand(iter, i);
+
+ if (G_IS_DALVIK_REGISTER_OPERAND(operand))
+ process_register_operand(method, operand);
+
+ else if (G_IS_DALVIK_ARGS_OPERAND(operand))
+ process_args_operand(method, G_DALVIK_ARGS_OPERAND(operand));
+
+ }
+
+ }
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : binary = représentation binaire à traiter. *
+* *
+* Description : Effectue le remplacement de tous les paramètres. *
+* *
+* Retour : true si une action a été menée, false sinon. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+bool replace_parameters(GLoadedBinary *binary)
+{
+ GArchInstruction *instrs; /* Instructions Dalvik */
+ GDexFormat *format; /* Format du binaire chargé */
+ size_t cls_count; /* Nombre de classes trouvées */
+ size_t i; /* Boucle de parcours #1 */
+ GDexClass *class; /* Classe à analyser */
+ size_t meth_count; /* Nombre de méthodes trouvées */
+ size_t j; /* Boucle de parcours #2 */
+ GDexMethod *method; /* Méthode à parcourir */
+
+ if (!G_IS_DEX_FORMAT(g_loaded_binary_get_format(binary)))
+ return false;
+
+ instrs = g_loaded_binary_get_instructions(binary);
+ format = G_DEX_FORMAT(g_loaded_binary_get_format(binary));
+
+ cls_count = g_dex_format_count_classes(format);
+ for (i = 0; i < cls_count; i++)
+ {
+ class = g_dex_format_get_class(format, i);
+
+ meth_count = g_dex_class_count_methods(class, false);
+ for (j = 0; j < meth_count; j++)
+ {
+ method = g_dex_class_get_method(class, false, j);
+ visit_all_method_operands(method, instrs);
+ }
+
+ meth_count = g_dex_class_count_methods(class, true);
+ for (j = 0; j < meth_count; j++)
+ {
+ method = g_dex_class_get_method(class, true, j);
+ visit_all_method_operands(method, instrs);
+ }
+
+ }
+
+ return true;
+
+}
diff --git a/plugins/androhelpers/params.h b/plugins/androhelpers/params.h
new file mode 100644
index 0000000..23b2994
--- /dev/null
+++ b/plugins/androhelpers/params.h
@@ -0,0 +1,37 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * params.h - prototypes pour l'affichage plus adapté des registres liés à des paramètres
+ *
+ * Copyright (C) 2012 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _PLUGINS_PARAMS_H
+#define _PLUGINS_PARAMS_H
+
+
+#include <analysis/binary.h>
+
+
+
+/* Effectue le remplacement de tous les paramètres. */
+bool replace_parameters(GLoadedBinary *);
+
+
+
+#endif /* _PLUGINS_PARAMS_H */
diff --git a/plugins/androhelpers/try_n_catch.c b/plugins/androhelpers/try_n_catch.c
index 7db0f70..288fa1e 100644
--- a/plugins/androhelpers/try_n_catch.c
+++ b/plugins/androhelpers/try_n_catch.c
@@ -110,13 +110,13 @@ static bool check_covered_area(const try_item *try, const GBinRoutine *routine)
static void attach_caught_code(const GLoadedBinary *binary, const GBinRoutine *routine, const try_item *try, const caught_exception *handlers, size_t count)
{
vmpa_t start; /* Début de la zone couverte */
- vmpa_t end; /* Début de la zone couverte */
+ vmpa_t end; /* Fin de la zone couverte */
GArchInstruction *instrs; /* Instructions Dalvik */
GArchInstruction *first; /* Première instruction */
GArchInstruction *next; /* Dernière instruction + 1 */
GArchInstruction *prev; /* Instruction à détacher */
- GArchInstruction *iter; /* Boucle de parcours */
- size_t i; /* Boucle de parcours */
+ GArchInstruction *iter; /* Boucle de parcours #1 */
+ size_t i; /* Boucle de parcours #2 */
start = g_binary_routine_get_address(routine);
start += try->start_addr * sizeof(uint16_t);