diff options
Diffstat (limited to 'plugins/dwarf/v2')
| -rw-r--r-- | plugins/dwarf/v2/Makefile.am | 15 | ||||
| -rw-r--r-- | plugins/dwarf/v2/checks.c | 80 | ||||
| -rw-r--r-- | plugins/dwarf/v2/checks.h (renamed from plugins/dwarf/v2/form.h) | 24 | ||||
| -rw-r--r-- | plugins/dwarf/v2/dwarf.c | 180 | ||||
| -rw-r--r-- | plugins/dwarf/v2/dwarf.h | 58 | ||||
| -rw-r--r-- | plugins/dwarf/v2/form.c | 276 |
6 files changed, 101 insertions, 532 deletions
diff --git a/plugins/dwarf/v2/Makefile.am b/plugins/dwarf/v2/Makefile.am index d1fc563..a597686 100644 --- a/plugins/dwarf/v2/Makefile.am +++ b/plugins/dwarf/v2/Makefile.am @@ -1,18 +1,17 @@ -noinst_LTLIBRARIES = libformatdwarfv2.la +noinst_LTLIBRARIES = libdwarfv2.la -libformatdwarfv2_la_SOURCES = \ - dwarf.h dwarf.c \ - form.h form.c +libdwarfv2_la_SOURCES = \ + checks.h checks.c -libformatdwarfv2_la_LDFLAGS = $(LIBGTK_LIBS) +libdwarfv2_la_LDFLAGS = $(LIBGTK_LIBS) -devdir = $(includedir)/chrysalide/$(subdir:src/%=%) +devdir = $(includedir)/chrysalide-$(subdir) -dev_HEADERS = $(libformatdwarfv2_la_SOURCES:%c=) +dev_HEADERS = $(libdwarfv2_la_SOURCES:%c=) -AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) -I$(top_srcdir)/src AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/dwarf/v2/checks.c b/plugins/dwarf/v2/checks.c new file mode 100644 index 0000000..4d1e660 --- /dev/null +++ b/plugins/dwarf/v2/checks.c @@ -0,0 +1,80 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * checks.c - validations liées au format DWARF v2 + * + * Copyright (C) 2018 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "checks.h" + + + +/****************************************************************************** +* * +* Paramètres : decl = structure brute dont le contenu est à valider. * +* * +* Description : Procède à la conversion de base d'une abréviation DWARF. * +* * +* Retour : Validité confirmée ou non. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool check_dwarfv2_abbrev_decl(const dw_abbrev_decl *decl) +{ + bool result; /* Validité à retourner */ + + result = (decl->tag >= DW_TAG_array_type && decl->tag <= DW_TAG_volatile_type) + || (decl->tag >= DW_TAG_lo_user && decl->tag <= DW_TAG_hi_user); + + if (result) + result = (decl->has_children == DW_CHILDREN_no + || decl->has_children == DW_CHILDREN_yes); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : decl = structure brute dont le contenu est à valider. * +* * +* Description : Procède à la conversion d'un attribut d'abréviation DWARF. * +* * +* Retour : Validité confirmée ou non. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool check_dwarfv2_abbrev_attrib(const dw_abbrev_raw_attr *attr) +{ + bool result; /* Validité à retourner */ + + result = (attr->name >= DW_AT_sibling && attr->name <= DW_AT_vtable_elem_location) + || (attr->name >= DW_AT_lo_user && attr->name <= DW_AT_hi_user); + + if (result) + result = (attr->form >= DW_FORM_addr && attr->form <= DW_FORM_indirect); + + return result; + +} diff --git a/plugins/dwarf/v2/form.h b/plugins/dwarf/v2/checks.h index a124e67..c0f8030 100644 --- a/plugins/dwarf/v2/form.h +++ b/plugins/dwarf/v2/checks.h @@ -1,8 +1,8 @@ /* Chrysalide - Outil d'analyse de fichiers binaires - * form.h - prototypes pour le chargement en mémoire des valeurs d'attributs + * checks.h - prototypes pour les validations liées au format DWARF v2 * - * Copyright (C) 2016-2017 Cyrille Bagard + * Copyright (C) 2018 Cyrille Bagard * * This file is part of Chrysalide. * @@ -21,19 +21,23 @@ */ -#ifndef _FORMAT_DWARF_V2_FORM_H -#define _FORMAT_DWARF_V2_FORM_H +#ifndef _PLUGINS_DWARF_V2_CHECKS_H +#define _PLUGINS_DWARF_V2_CHECKS_H -#include "../dwarf.h" -#include "../dwarf_def.h" -#include "../../../analysis/content.h" +#include <stdbool.h> +#include "../def.h" -/* Lit la valeur correspondant à un type donné. */ -bool read_dwarf_v2_form_value(const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_v2_form_value *); +/* Procède à la conversion de base d'une abréviation DWARF. */ +bool check_dwarfv2_abbrev_decl(const dw_abbrev_decl *); -#endif /* _FORMAT_DWARF_V2_FORM_H */ +/* Procède à la conversion d'un attribut d'abréviation DWARF. */ +bool check_dwarfv2_abbrev_attrib(const dw_abbrev_raw_attr *); + + + +#endif /* _PLUGINS_DWARF_V2_CHECKS_H */ diff --git a/plugins/dwarf/v2/dwarf.c b/plugins/dwarf/v2/dwarf.c deleted file mode 100644 index 8f794bf..0000000 --- a/plugins/dwarf/v2/dwarf.c +++ /dev/null @@ -1,180 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.c - support du format DWARF v2 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. - */ - - -#include "dwarf.h" - - -#include "../dwarf-int.h" - - -#include "form.h" - - - -/* Format de débogage DWARF v2 (instance) */ -struct _GDwarfV2Format -{ - GDwarfFormat parent; /* A laisser en premier */ - -}; - -/* Format de débogage DWARF v2 (classe) */ -struct _GDwarfV2FormatClass -{ - GDwarfFormatClass parent; /* A laisser en premier */ - -}; - - -/* Initialise la classe des formats de débogage DWARF v2. */ -static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *); - -/* Initialise une instance de format de débogage DWARF v2. */ -static void g_dwarfv2_format_init(GDwarfV2Format *); - -/* Supprime toutes les références externes. */ -static void g_dwarfv2_format_dispose(GDwarfV2Format *); - -/* Procède à la libération totale de la mémoire. */ -static void g_dwarfv2_format_finalize(GDwarfV2Format *); - - - -/* Indique le type défini pour un format de débogage DWARF v2. */ -G_DEFINE_TYPE(GDwarfV2Format, g_dwarfv2_format, G_TYPE_DWARF_FORMAT); - - -/****************************************************************************** -* * -* Paramètres : klass = classe à initialiser. * -* * -* Description : Initialise la classe des formats de débogage DWARF v2. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *klass) -{ - GObjectClass *object; /* Autre version de la classe */ - GDwarfFormatClass *dwarf; /* Version parente de la classe*/ - - object = G_OBJECT_CLASS(klass); - - object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv2_format_dispose; - object->finalize = (GObjectFinalizeFunc)g_dwarfv2_format_finalize; - - dwarf = G_DWARF_FORMAT_CLASS(klass); - - dwarf->read_form = (read_form_value_fc)read_dwarf_v2_form_value; - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance à initialiser. * -* * -* Description : Initialise une instance de format de débogage DWARF v2. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv2_format_init(GDwarfV2Format *format) -{ - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Supprime toutes les références externes. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv2_format_dispose(GDwarfV2Format *format) -{ - G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->dispose(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Procède à la libération totale de la mémoire. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv2_format_finalize(GDwarfV2Format *format) -{ - G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->finalize(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : content = contenu binaire à parcourir. * -* parent = éventuel format exécutable déjà chargé. * - status = barre de statut à tenir informée. * -* * -* Description : Prend en charge un nouveau format DWARF (v2). * -* * -* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* -* * -* Remarques : - * -* * -******************************************************************************/ - -GBinFormat *g_dwarfv2_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) -{ - GDwarfV2Format *result; /* Structure à retourner */ - - result = g_object_new(G_TYPE_DWARFV2_FORMAT, NULL); - - - - g_binary_format_set_content(G_BIN_FORMAT(result), content); - - - - return G_BIN_FORMAT(result); - -} diff --git a/plugins/dwarf/v2/dwarf.h b/plugins/dwarf/v2/dwarf.h deleted file mode 100644 index f3b3501..0000000 --- a/plugins/dwarf/v2/dwarf.h +++ /dev/null @@ -1,58 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.h - prototypes pour le support du format DWARF v2 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. - */ - - -#ifndef _FORMAT_DWARF_V2_DWARF_H -#define _FORMAT_DWARF_V2_DWARF_H - - -#include <glib-object.h> - - -#include "../../../core/formats.h" - - - -#define G_TYPE_DWARFV2_FORMAT g_dwarfv2_format_get_type() -#define G_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv2_format_get_type(), GDwarfV2Format)) -#define G_IS_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv2_format_get_type())) -#define G_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) -#define G_IS_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV2_FORMAT)) -#define G_DWARFV2_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) - - -/* Format de débogage DWARF v2 (instance) */ -typedef struct _GDwarfV2Format GDwarfV2Format; - -/* Format de débogage DWARF v2 (classe) */ -typedef struct _GDwarfV2FormatClass GDwarfV2FormatClass; - - -/* Indique le type défini pour un format de débogage DWARF v2. */ -GType g_dwarfv2_format_get_type(void); - -/* Prend en charge un nouveau format DWARF (v2). */ -GBinFormat *g_dwarfv2_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); - - - -#endif /* _FORMAT_DWARF_V2_DWARF_H */ diff --git a/plugins/dwarf/v2/form.c b/plugins/dwarf/v2/form.c deleted file mode 100644 index 7e012b7..0000000 --- a/plugins/dwarf/v2/form.c +++ /dev/null @@ -1,276 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * form.c - chargement en mémoire des valeurs d'attributs - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see <http://www.gnu.org/licenses/>. - */ - - -#include "form.h" - - -#include "../dwarf-int.h" - - - -/****************************************************************************** -* * -* Paramètres : format = contenu binaire de débogage à parcourir. * -* cu = unité de compilation parente. * -* form = nature de la valeur à lire. * -* pos = tête de lecture au sein des données. [OUT] * -* value = valeur au format donné lue. [OUT] * -* * -* Description : Lit la valeur correspondant à un type donné. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_v2_form_value(const GDwarfFormat *format, const dw_compil_unit_header *cu, DwarfForm form, vmpa2t *pos, dw_v2_form_value *value) -{ - bool result; /* Bilan de lecture à renvoyer */ - GBinContent *content; /* Contenu binaire à parcourir */ - SourceEndian endian; /* Boutisme des enregistrements*/ - GExeFormat *exe; /* Format d'exécutable rattaché*/ - const bin_t *tmp; /* Données quelconques */ - uint8_t tmp8; /* Données sur 8 bits */ - uint16_t tmp16; /* Données sur 16 bits */ - uint32_t tmp32; /* Données sur 32 bits */ - uint64_t tmp64; /* Données sur 64 bits */ - uleb128_t tmpuleb; /* Données sur xxx bits */ - phys_t offset; /* Décalage à appliquer */ - mrange_t range; /* Couverture d'une section */ - vmpa2t iter; /* Point de lecture parallèle */ - - content = G_BIN_FORMAT(format)->content; - endian = g_binary_format_get_endianness(G_BIN_FORMAT(format)); - exe = G_DBG_FORMAT(format)->executable; - - switch (form) - { - case DW_FORM_addr: - - switch (cu->address_size) - { - case 2: - result = g_binary_content_read_u16(content, pos, endian, &tmp16); - if (result) value->address = tmp16; - break; - case 4: - result = g_binary_content_read_u32(content, pos, endian, &tmp32); - if (result) value->address = tmp32; - break; - case 8: - result = g_binary_content_read_u64(content, pos, endian, &tmp64); - if (result) value->address = tmp64; - break; - default: - result = false; - break; - } - break; - - case DW_FORM_block2: - result = g_binary_content_read_u16(content, pos, endian, &tmp16); - if (result) - { - value->block.size = tmp16; - goto block_finish; - } - break; - - case DW_FORM_block4: - result = g_binary_content_read_u32(content, pos, endian, &tmp32); - if (result) - { - value->block.size = tmp32; - goto block_finish; - } - break; - - case DW_FORM_data2: - result = g_binary_content_read_u16(content, pos, endian, &value->data2); - break; - - case DW_FORM_data4: - result = g_binary_content_read_u32(content, pos, endian, &value->data4); - break; - - case DW_FORM_data8: - result = g_binary_content_read_u64(content, pos, endian, &value->data8); - break; - - case DW_FORM_string: - - tmp = g_binary_content_get_raw_access(content, pos, 1); - result = (tmp != NULL); - - if (result) - { - value->string = (const char *)tmp; - - while (result && *tmp != '\0') - { - tmp = g_binary_content_get_raw_access(content, pos, 1); - result = (tmp != NULL); - } - - } - - break; - - case DW_FORM_block: - - tmpuleb = 0; /* Pour GCC */ - - result = g_binary_content_read_uleb128(content, pos, &tmpuleb); - if (!result) break; - - value->block.size = tmpuleb; - - block_finish: - - value->block.start = g_binary_content_get_raw_access(content, pos, value->block.size); - - result = (value->block.start != NULL); - break; - - case DW_FORM_block1: - result = g_binary_content_read_u8(content, pos, &tmp8); - if (result) - { - value->block.size = tmp8; - goto block_finish; - } - break; - - case DW_FORM_data1: - result = g_binary_content_read_u8(content, pos, &value->data1); - break; - - case DW_FORM_flag: - result = g_binary_content_read_u8(content, pos, &value->flag); - break; - - case DW_FORM_sdata: - result = g_binary_content_read_leb128(content, pos, &value->sdata); - break; - - case DW_FORM_strp: - - /* Définition des positions */ - - if (cu->is_32b) - { - result = g_binary_content_read_u32(content, pos, endian, &tmp32); - offset = tmp32; - } - else - { - result = g_binary_content_read_u64(content, pos, endian, &tmp64); - offset = tmp64; - } - - /* Lecture dans la section adaptée */ - - if (result) - result = g_exe_format_get_section_range_by_name(exe, ".debug_str", &range); - - if (result) - { - copy_vmpa(&iter, get_mrange_addr(&range)); - - result = g_binary_content_seek(content, &iter, offset); - - if (!result) - break; - - tmp = g_binary_content_get_raw_access(content, &iter, 1); - result = (tmp != NULL); - - if (result) - { - value->string = (const char *)tmp; - - while (result && *tmp != '\0') - { - tmp = g_binary_content_get_raw_access(content, &iter, 1); - result = (tmp != NULL); - } - - } - - } - - break; - - case DW_FORM_udata: - result = g_binary_content_read_uleb128(content, pos, &value->udata); - break; - - - - - - - - - - - - case DW_FORM_ref1: - result = g_binary_content_read_u8(content, pos, &value->ref1); - break; - - case DW_FORM_ref2: - result = g_binary_content_read_u16(content, pos, endian, &value->ref2); - break; - - case DW_FORM_ref4: - result = g_binary_content_read_u32(content, pos, endian, &value->ref4); - break; - - case DW_FORM_ref8: - result = g_binary_content_read_u64(content, pos, endian, &value->ref8); - break; - - case DW_FORM_ref_udata: - result = g_binary_content_read_uleb128(content, pos, &value->ref_udata); - break; - - - - - - - - - - - default: - result = false; - break; - - } - - return result; - -} |