summaryrefslogtreecommitdiff
path: root/plugins/libcsem
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/libcsem')
-rw-r--r--plugins/libcsem/Makefile.am13
-rw-r--r--plugins/libcsem/exit.c122
-rw-r--r--plugins/libcsem/exit.h37
-rw-r--r--plugins/libcsem/semantic.c62
-rw-r--r--plugins/libcsem/semantic.h39
5 files changed, 273 insertions, 0 deletions
diff --git a/plugins/libcsem/Makefile.am b/plugins/libcsem/Makefile.am
new file mode 100644
index 0000000..1c8ad9c
--- /dev/null
+++ b/plugins/libcsem/Makefile.am
@@ -0,0 +1,13 @@
+
+lib_LTLIBRARIES = liblibcsem.la
+
+liblibcsem_la_SOURCES = \
+ exit.h exit.c \
+ semantic.h semantic.c
+
+liblibcsem_la_CFLAGS = $(AM_CFLAGS)
+
+
+AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) -I../../src
+
+AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS)
diff --git a/plugins/libcsem/exit.c b/plugins/libcsem/exit.c
new file mode 100644
index 0000000..fbe0923
--- /dev/null
+++ b/plugins/libcsem/exit.c
@@ -0,0 +1,122 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * exit.c - définition des sorties comme points de non retour
+ *
+ * Copyright (C) 2015 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "exit.h"
+
+
+
+/* Modifie toutes les instructions appelant exit(). */
+static void mark_one_kind_of_exit_as_return(const GLoadedBinary *, const char *);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : binary = binaire dont le contenu est en cours de traitement. *
+* *
+* Description : Modifie toutes les instructions appelant exit(). *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static void mark_one_kind_of_exit_as_return(const GLoadedBinary *binary, const char *fname)
+{
+ GBinFormat *format; /* Format du fichier binaire */
+ GBinSymbol *symbol; /* Symbole de fonction trouvé */
+ const mrange_t *range; /* Emplacement du symbole */
+ GArchProcessor *proc; /* Architecture du binaire */
+ GArchInstruction *instr; /* Instruction de sortie */
+ GArchInstruction **sources; /* Instructions diverses liées */
+ InstructionLinkType *types; /* Types de lien existants */
+ size_t count; /* Nbre de sources affichées */
+ size_t i; /* Boucle de parcours */
+
+ format = G_BIN_FORMAT(g_loaded_binary_get_format(binary));
+
+ if (!g_binary_format_find_symbol_by_label(format, fname, &symbol))
+ goto mokoear_exit;
+
+ if (g_binary_symbol_get_target_type(symbol) != STP_ROUTINE)
+ goto mokoear_done_with_sym;
+
+ range = g_binary_symbol_get_range(symbol);
+
+ proc = g_loaded_binary_get_processor(binary);
+
+ instr = g_arch_processor_find_instr_by_address(proc, get_mrange_addr(range));
+
+ count = g_arch_instruction_get_sources(instr, &sources, &types);
+
+ for (i = 0; i < count; i++)
+ {
+ if (types[i] != ILT_CALL) continue;
+
+ g_arch_instruction_define_as_return(sources[i], true);
+
+ }
+
+ g_object_unref(G_OBJECT(proc));
+
+ mokoear_done_with_sym:
+
+ g_object_unref(G_OBJECT(symbol));
+
+ mokoear_exit:
+
+ //g_object_unref(G_OBJECT(format));
+
+ ;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : binary = binaire dont le contenu est en cours de traitement. *
+* *
+* Description : Modifie toutes les instructions appelant exit(). *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+void mark_exit_calls_as_return_instructions(const GLoadedBinary *binary)
+{
+ const char **iter; /* Boucle de parcours */
+
+ static const char *exit_functions[] = {
+ "exit",
+ "_exit",
+ "_Exit",
+ NULL
+ };
+
+ for (iter = exit_functions; *iter != NULL; iter++)
+ mark_one_kind_of_exit_as_return(binary, *iter);
+
+}
diff --git a/plugins/libcsem/exit.h b/plugins/libcsem/exit.h
new file mode 100644
index 0000000..f580036
--- /dev/null
+++ b/plugins/libcsem/exit.h
@@ -0,0 +1,37 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * exit.h - prototypes pour la définition des sorties comme points de non retour
+ *
+ * Copyright (C) 2015 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _PLUGINS_LIBCSEM_EXIT_H
+#define _PLUGINS_LIBCSEM_EXIT_H
+
+
+#include <analysis/binary.h>
+
+
+
+/* Modifie toutes les instructions appelant exit(). */
+void mark_exit_calls_as_return_instructions(const GLoadedBinary *);
+
+
+
+#endif /* _PLUGINS_LIBCSEM_EXIT_H */
diff --git a/plugins/libcsem/semantic.c b/plugins/libcsem/semantic.c
new file mode 100644
index 0000000..2da2ea6
--- /dev/null
+++ b/plugins/libcsem/semantic.c
@@ -0,0 +1,62 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * semantic.c - prise en charge personnalisée de la bibliothèque C
+ *
+ * Copyright (C) 2015 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "semantic.h"
+
+
+#include <plugins/plugin-def.h>
+
+
+#include "exit.h"
+
+
+
+DEFINE_CHRYSALIDE_ACTIVE_PLUGIN("LibC semantics", "Register semantic information relative to the libc", "0.1.0",
+ PGA_DISASSEMBLY_HOOKED_POST);
+
+
+
+/******************************************************************************
+* *
+* Paramètres : plugin = greffon à manipuler. *
+* action = type d'action attendue. *
+* binary = binaire dont le contenu est en cours de traitement. *
+* *
+* Description : Exécute une action pendant un désassemblage de binaire. *
+* *
+* Retour : - *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+G_MODULE_EXPORT void process_binary_disassembly(const GPluginModule *plugin, PluginAction action, GLoadedBinary *binary)
+{
+ if (action == PGA_DISASSEMBLY_HOOKED_POST)
+ {
+ /* Traitement de appels à exit() ou fonctions similaires */
+ mark_exit_calls_as_return_instructions(binary);
+
+ }
+
+}
diff --git a/plugins/libcsem/semantic.h b/plugins/libcsem/semantic.h
new file mode 100644
index 0000000..72ce0ce
--- /dev/null
+++ b/plugins/libcsem/semantic.h
@@ -0,0 +1,39 @@
+
+/* Chrysalide - Outil d'analyse de fichiers binaires
+ * semantic.h - prototypes pour la prise en charge personnalisée de la bibliothèque C
+ *
+ * Copyright (C) 2015 Cyrille Bagard
+ *
+ * This file is part of Chrysalide.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#ifndef _PLUGINS_LIBCSEM_SEMANTIC_H
+#define _PLUGINS_LIBCSEM_SEMANTIC_H
+
+
+#include <format/elf/elf.h>
+#include <plugins/plugin.h>
+#include <plugins/plugin-int.h>
+
+
+
+/* Exécute une action pendant un désassemblage de binaire. */
+G_MODULE_EXPORT void process_binary_disassembly(const GPluginModule *, PluginAction, GLoadedBinary *);
+
+
+
+#endif /* _PLUGINS_LIBCSEM_SEMANTIC_H */
generated by cgit v0.11.2-87-g4458 at 2025-10-31 05:11:57 (GMT)