diff options
Diffstat (limited to 'plugins/pychrysalide/analysis')
-rw-r--r-- | plugins/pychrysalide/analysis/contents/Makefile.am | 2 | ||||
-rw-r--r-- | plugins/pychrysalide/analysis/contents/encapsulated.c | 160 | ||||
-rw-r--r-- | plugins/pychrysalide/analysis/contents/encapsulated.h | 42 | ||||
-rw-r--r-- | plugins/pychrysalide/analysis/contents/memory.c | 154 | ||||
-rw-r--r-- | plugins/pychrysalide/analysis/contents/memory.h | 42 | ||||
-rw-r--r-- | plugins/pychrysalide/analysis/contents/module.c | 8 | ||||
-rw-r--r-- | plugins/pychrysalide/analysis/module.c | 2 |
7 files changed, 406 insertions, 4 deletions
diff --git a/plugins/pychrysalide/analysis/contents/Makefile.am b/plugins/pychrysalide/analysis/contents/Makefile.am index 3cd00a6..b7e2f43 100644 --- a/plugins/pychrysalide/analysis/contents/Makefile.am +++ b/plugins/pychrysalide/analysis/contents/Makefile.am @@ -2,7 +2,9 @@ noinst_LTLIBRARIES = libpychrysaanalysiscontents.la libpychrysaanalysiscontents_la_SOURCES = \ + encapsulated.h encapsulated.c \ file.h file.c \ + memory.h memory.c \ module.h module.c \ restricted.h restricted.c diff --git a/plugins/pychrysalide/analysis/contents/encapsulated.c b/plugins/pychrysalide/analysis/contents/encapsulated.c new file mode 100644 index 0000000..a81e45b --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/encapsulated.c @@ -0,0 +1,160 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * encapsulated.c - prototypes pour l'équivalent Python du fichier "analysis/contents/encapsulated.c" + * + * Copyright (C) 2018 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "encapsulated.h" + + +#include <pygobject.h> + + +#include <analysis/contents/encapsulated.h> + + +#include "../content.h" +#include "../../helpers.h" + + + +/* Crée un nouvel objet Python de type 'BinContent'. */ +static PyObject *py_encaps_content_new(PyTypeObject *, PyObject *, PyObject *); + + + +/****************************************************************************** +* * +* Paramètres : type = type de l'objet à instancier. * +* args = arguments fournis à l'appel. * +* kwds = arguments de type key=val fournis. * +* * +* Description : Crée un nouvel objet Python de type 'BinContent'. * +* * +* Retour : Instance Python mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_encaps_content_new(PyTypeObject *type, PyObject *args, PyObject *kwds) +{ + PyObject *result; /* Instance à retourner */ + PyObject *base_obj; /* Base en Python */ + const char *path; /* Chemin vers le contenu final*/ + PyObject *endpoint_obj; /* Contenu final en Python */ + int ret; /* Bilan de lecture des args. */ + GBinContent *base; /* Base de l'extraction */ + GBinContent *endpoint; /* Contenu accessible au final */ + GBinContent *content; /* Version GLib du contenu */ + + ret = PyArg_ParseTuple(args, "O!sO!", + get_python_binary_content_type(), &base_obj, + &path, + get_python_binary_content_type(), &endpoint_obj); + if (!ret) Py_RETURN_NONE; + + base = G_BIN_CONTENT(pygobject_get(base_obj)); + endpoint = G_BIN_CONTENT(pygobject_get(endpoint_obj)); + + content = g_encaps_content_new(base, path, endpoint); + + result = pygobject_new(G_OBJECT(content)); + + if (content != NULL) + g_object_unref(content); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_encaps_content_type(void) +{ + static PyMethodDef py_encaps_content_methods[] = { + { NULL } + }; + + static PyGetSetDef py_encaps_content_getseters[] = { + { NULL } + }; + + static PyTypeObject py_encaps_content_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.contents.EncapsulatedContent", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide binary encapsulated content", + + .tp_methods = py_encaps_content_methods, + .tp_getset = py_encaps_content_getseters, + .tp_new = (newfunc)py_encaps_content_new + + }; + + return &py_encaps_content_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide...EncapsulatedContent'.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_encaps_content(PyObject *module) +{ + PyTypeObject *py_encaps_content_type; /* Type 'EncapsulatedContent' */ + PyObject *dict; /* Dictionnaire du module */ + + py_encaps_content_type = get_python_encaps_content_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_ENCAPS_CONTENT, py_encaps_content_type, &PyGObject_Type)) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/contents/encapsulated.h b/plugins/pychrysalide/analysis/contents/encapsulated.h new file mode 100644 index 0000000..ebd760c --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/encapsulated.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * encapsulated.h - prototypes pour l'équivalent Python du fichier "analysis/contents/encapsulated.h" + * + * Copyright (C) 2018 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_ENCAPSULATED_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_ENCAPSULATED_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_encaps_content_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.contents.EncapsulatedContent'. */ +bool register_python_encaps_content(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_ENCAPSULATED_H */ diff --git a/plugins/pychrysalide/analysis/contents/memory.c b/plugins/pychrysalide/analysis/contents/memory.c new file mode 100644 index 0000000..fadc9bf --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/memory.c @@ -0,0 +1,154 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * memory.c - prototypes pour l'équivalent Python du fichier "analysis/contents/memory.c" + * + * Copyright (C) 2018 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "memory.h" + + +#include <pygobject.h> + + +#include <analysis/contents/memory.h> + + +#include "../../helpers.h" + + + +/* Crée un nouvel objet Python de type 'BinContent'. */ +static PyObject *py_memory_content_new(PyTypeObject *, PyObject *, PyObject *); + + + +/****************************************************************************** +* * +* Paramètres : type = type de l'objet à instancier. * +* args = arguments fournis à l'appel. * +* kwds = arguments de type key=val fournis. * +* * +* Description : Crée un nouvel objet Python de type 'BinContent'. * +* * +* Retour : Instance Python mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_memory_content_new(PyTypeObject *type, PyObject *args, PyObject *kwds) +{ + PyObject *result; /* Instance à retourner */ + PyObject *data; /* Données brutes à charger */ + int ret; /* Bilan de lecture des args. */ + char *buffer; /* Tampon interne de Python */ + Py_ssize_t length; /* Taille utilisé de ce tampon */ + GBinContent *content; /* Version GLib du contenu */ + + ret = PyArg_ParseTuple(args, "S", &data); + if (!ret) Py_RETURN_NONE; + + ret = PyBytes_AsStringAndSize(data, &buffer, &length); + if (ret == -1) Py_RETURN_NONE; + + content = g_memory_content_new((bin_t *)buffer, length); + + result = pygobject_new(G_OBJECT(content)); + + if (content != NULL) + g_object_unref(content); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_memory_content_type(void) +{ + static PyMethodDef py_memory_content_methods[] = { + { NULL } + }; + + static PyGetSetDef py_memory_content_getseters[] = { + { NULL } + }; + + static PyTypeObject py_memory_content_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.contents.MemoryContent", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide binary memory content", + + .tp_methods = py_memory_content_methods, + .tp_getset = py_memory_content_getseters, + .tp_new = (newfunc)py_memory_content_new + + }; + + return &py_memory_content_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.....MemoryContent'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_memory_content(PyObject *module) +{ + PyTypeObject *py_memory_content_type; /* Type Python 'MemoryContent' */ + PyObject *dict; /* Dictionnaire du module */ + + py_memory_content_type = get_python_memory_content_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_MEMORY_CONTENT, py_memory_content_type, &PyGObject_Type)) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/contents/memory.h b/plugins/pychrysalide/analysis/contents/memory.h new file mode 100644 index 0000000..f3db9a7 --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/memory.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * memory.h - prototypes pour l'équivalent Python du fichier "analysis/contents/memory.h" + * + * Copyright (C) 2018 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_MEMORY_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_MEMORY_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_memory_content_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.contents.MemoryContent'. */ +bool register_python_memory_content(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_MEMORY_H */ diff --git a/plugins/pychrysalide/analysis/contents/module.c b/plugins/pychrysalide/analysis/contents/module.c index 2daa62c..53fcdc8 100644 --- a/plugins/pychrysalide/analysis/contents/module.c +++ b/plugins/pychrysalide/analysis/contents/module.c @@ -28,7 +28,9 @@ #include <assert.h> +#include "encapsulated.h" #include "file.h" +#include "memory.h" #include "restricted.h" #include "../../access.h" @@ -45,7 +47,7 @@ * Remarques : - * * * ******************************************************************************/ -#include "../content.h" + bool add_analysis_contents_module_to_python_module(PyObject *super) { bool result; /* Bilan à retourner */ @@ -80,9 +82,9 @@ bool add_analysis_contents_module_to_python_module(PyObject *super) result = true; - result &= register_python_binary_content(module); - + result &= register_python_encaps_content(module); result &= register_python_file_content(module); + result &= register_python_memory_content(module); result &= register_python_restricted_content(module); if (result) diff --git a/plugins/pychrysalide/analysis/module.c b/plugins/pychrysalide/analysis/module.c index c9a9276..309083c 100644 --- a/plugins/pychrysalide/analysis/module.c +++ b/plugins/pychrysalide/analysis/module.c @@ -86,11 +86,11 @@ bool add_analysis_module_to_python_module(PyObject *super) result = true; + result &= register_python_binary_content(module); result &= register_python_loaded_content(module); result &= register_python_loaded_binary(module); result &= register_python_instr_block(module); - //result &= register_python_binary_content(module); result &= register_python_binary_routine(module); result &= register_python_data_type(module); |