diff options
Diffstat (limited to 'plugins/pychrysalide/analysis')
34 files changed, 3825 insertions, 0 deletions
diff --git a/plugins/pychrysalide/analysis/Makefile.am b/plugins/pychrysalide/analysis/Makefile.am new file mode 100644 index 0000000..c1639e7 --- /dev/null +++ b/plugins/pychrysalide/analysis/Makefile.am @@ -0,0 +1,24 @@ + +noinst_LTLIBRARIES = libpychrysaanalysis.la + +libpychrysaanalysis_la_SOURCES = \ + binary.h binary.c \ + block.h block.c \ + content.h content.c \ + loaded.h loaded.c \ + module.h module.c \ + routine.h routine.c + +libpychrysaanalysis_la_LIBADD = \ + contents/libpychrysaanalysiscontents.la \ + db/libpychrysaanalysisdb.la + +libpychrysaanalysis_la_LDFLAGS = + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) \ + -I../../../src + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) + +SUBDIRS = contents db diff --git a/plugins/pychrysalide/analysis/binary.c b/plugins/pychrysalide/analysis/binary.c new file mode 100644 index 0000000..6be767c --- /dev/null +++ b/plugins/pychrysalide/analysis/binary.c @@ -0,0 +1,381 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * binary.c - équivalent Python du fichier "analysis/binary.h" + * + * Copyright (C) 2012-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "binary.h" + + +#include <pygobject.h> + + +#include <i18n.h> + + +#include <analysis/binary.h> + + +#include "content.h" +#include "../helpers.h" + + + +/* Crée un nouvel objet Python de type 'LoadedBinary'. */ +static PyObject *py_loaded_binary_new(PyTypeObject *, PyObject *, PyObject *); + +/* Fournit le nom associé à l'élément binaire. */ +static PyObject *py_loaded_binary_get_name(PyObject *, void *); + +/* Lance l'analyse d'un élément binaire chargé. */ +static PyObject *py_loaded_binary_analyse(PyObject *, PyObject *); + +/* Lance l'analyse d'un binaire chargé et attend sa conclusion. */ +static PyObject *py_loaded_binary_analyse_and_wait(PyObject *, PyObject *); + +/* Fournit le format de fichier reconnu dans le contenu binaire. */ +static PyObject *py_loaded_binary_get_format(PyObject *, void *); + +/* Fournit le processeur de l'architecture liée au binaire. */ +static PyObject *py_loaded_binary_get_processor(PyObject *, void *); + +/* Fournit le tampon associé au contenu assembleur d'un binaire. */ +static PyObject *py_loaded_binary_get_disassembled_cache(PyObject *, void *); + + + +/****************************************************************************** +* * +* Paramètres : type = type de l'objet à instancier. * +* args = arguments fournis à l'appel. * +* kwds = arguments de type key=val fournis. * +* * +* Description : Crée un nouvel objet Python de type 'LoadedBinary'. * +* * +* Retour : Instance Python mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_loaded_binary_new(PyTypeObject *type, PyObject *args, PyObject *kwds) +{ + PyObject *result; /* Instance à retourner */ + PyObject *content_obj; /* Objet pour le contenu */ + int ret; /* Bilan de lecture des args. */ + GBinContent *content; /* Instance GLib correspondante*/ + GLoadedBinary *binary; /* Version GLib du format */ + + ret = PyArg_ParseTuple(args, "O", &content_obj); + if (!ret) return NULL; + + ret = PyObject_IsInstance(content_obj, (PyObject *)get_python_binary_content_type()); + if (ret == 0) + { + PyErr_SetString(PyExc_TypeError, _("Expected a BinContent as argument")); + return NULL; + } + + content = G_BIN_CONTENT(pygobject_get(content_obj)); + binary = g_loaded_binary_new(content); + + result = pygobject_new(G_OBJECT(binary)); + + g_object_unref(binary); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Fournit le nom associé à l'élément binaire. * +* * +* Retour : Nom de fichier avec chemin absolu. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_loaded_binary_get_name(PyObject *self, void *closure) +{ + PyObject *result; /* Trouvailles à retourner */ + GLoadedBinary *binary; /* Version native */ + const char *name; /* Désignation du binaire */ + + binary = G_LOADED_BINARY(pygobject_get(self)); + + name = g_loaded_binary_get_name(binary, true); + + result = PyUnicode_FromString(name); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* args = non utilisé ici. * +* * +* Description : Lance l'analyse d'un élément binaire chargé. * +* * +* Retour : Rien (None). * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_loaded_binary_analyse(PyObject *self, PyObject *args) +{ + GLoadedBinary *binary; /* Version GLib du format */ + + binary = G_LOADED_BINARY(pygobject_get(self)); + + g_loaded_binary_analyse(binary); + + Py_RETURN_NONE; + +} + + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* args = non utilisé ici. * +* * +* Description : Lance l'analyse d'un binaire chargé et attend sa conclusion. * +* * +* Retour : Rien (None). * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_loaded_binary_analyse_and_wait(PyObject *self, PyObject *args) +{ + GLoadedBinary *binary; /* Version GLib du format */ + + binary = G_LOADED_BINARY(pygobject_get(self)); + + g_loaded_binary_analyse_and_wait(binary); + + Py_RETURN_NONE; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Fournit le format de fichier reconnu dans le contenu binaire.* +* * +* Retour : Instance du format reconnu. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_loaded_binary_get_format(PyObject *self, void *closure) +{ + PyObject *result; /* Instance Python à retourner */ + GLoadedBinary *binary; /* Binaire en cours d'analyse */ + GExeFormat *format; /* Format du binaire lié */ + + binary = G_LOADED_BINARY(pygobject_get(self)); + format = g_loaded_binary_get_format(binary); + + result = pygobject_new(G_OBJECT(format)); + + g_object_unref(G_OBJECT(format)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Fournit le processeur de l'architecture liée au binaire. * +* * +* Retour : Instance du processeur associé. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_loaded_binary_get_processor(PyObject *self, void *closure) +{ + PyObject *result; /* Instance Python à retourner */ + GLoadedBinary *binary; /* Binaire en cours d'analyse */ + GArchProcessor *proc; /* Architecture visée */ + + binary = G_LOADED_BINARY(pygobject_get(self)); + proc = g_loaded_binary_get_processor(binary); + + result = pygobject_new(G_OBJECT(proc)); + + g_object_unref(G_OBJECT(proc)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = classe représentant une instruction. * +* closure = adresse non utilisée ici. * +* * +* Description : Fournit le tampon associé au contenu assembleur d'un binaire.* +* * +* Retour : Valeur associée à la propriété consultée. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_loaded_binary_get_disassembled_cache(PyObject *self, void *closure) +{ + PyObject *result; /* Trouvailles à retourner */ + GLoadedBinary *binary; /* Version native */ + GBufferCache *cache; /* Tampon à récupérer */ + + binary = G_LOADED_BINARY(pygobject_get(self)); + cache = g_loaded_binary_get_disassembled_cache(binary); + + result = pygobject_new(G_OBJECT(cache)); + + g_object_unref(G_OBJECT(cache)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_loaded_binary_type(void) +{ + static PyMethodDef py_loaded_binary_methods[] = { + { + "analyse", py_loaded_binary_analyse, + METH_NOARGS, + "analyse(/)\n--\n\nStart the analysis of the loaded binary and " \ + "send a \"disassembly-done\" signal when done." + }, + { + "analyse_and_wait", py_loaded_binary_analyse_and_wait, + METH_NOARGS, + "analyse_and_wait(/)\n--\n\nRun the analysis of the loaded binary and " \ + "wait for its completion." + }, + { NULL } + }; + + static PyGetSetDef py_loaded_binary_getseters[] = { + { + "name", py_loaded_binary_get_name, NULL, + "Name of the loaded binary.", NULL + }, + { + "format", py_loaded_binary_get_format, NULL, + "File format recognized in the binary content.", NULL + }, + { + "processor", py_loaded_binary_get_processor, NULL, + "Handler for the current binary processor.", NULL + }, + { + "disassembled_cache", py_loaded_binary_get_disassembled_cache, NULL, + "Disassembled buffer cache.", NULL + }, + { NULL } + }; + + static PyTypeObject py_loaded_binary_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.LoadedBinary", + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide loaded binary", + + .tp_methods = py_loaded_binary_methods, + .tp_getset = py_loaded_binary_getseters, + .tp_new = (newfunc)py_loaded_binary_new + + }; + + return &py_loaded_binary_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.analysis.LoadedBinary'.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_loaded_binary(PyObject *module) +{ + PyTypeObject *py_loaded_binary_type; /* Type Python 'LoadedBinary' */ + PyObject *dict; /* Dictionnaire du module */ + + py_loaded_binary_type = get_python_loaded_binary_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_LOADED_BINARY, py_loaded_binary_type, &PyGObject_Type)) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/binary.h b/plugins/pychrysalide/analysis/binary.h new file mode 100644 index 0000000..d134111 --- /dev/null +++ b/plugins/pychrysalide/analysis/binary.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * binary.h - prototypes pour l'équivalent Python du fichier "analysis/binary.h" + * + * Copyright (C) 2012-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYOIDA_ANALYSIS_BINARY_H +#define _PLUGINS_PYOIDA_ANALYSIS_BINARY_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_loaded_binary_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.LoadedBinary'. */ +bool register_python_loaded_binary(PyObject *); + + + +#endif /* _PLUGINS_PYOIDA_ANALYSIS_BINARY_H */ diff --git a/plugins/pychrysalide/analysis/block.c b/plugins/pychrysalide/analysis/block.c new file mode 100644 index 0000000..edd364d --- /dev/null +++ b/plugins/pychrysalide/analysis/block.c @@ -0,0 +1,274 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * block.c - équivalent Python du fichier "analysis/block.c" + * + * Copyright (C) 2013-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "block.h" + + +#include <pygobject.h> + + +#include <analysis/block.h> + + +#include "../helpers.h" + + + +/* Permet la jonction entre C et Python lors des visites */ +typedef struct _py_block_vdata +{ + PyObject *func; /* Fonction à appeler */ + PyObject *user; /* Donnée à faire suivre */ + +} py_block_vdata; + + +/* Parcourt le bloc d'instructions dans un ordre donné. */ +static bool py_block_visitor_glue(GInstrBlock *, BlockVisitOrder, py_block_vdata *); + +/* Parcourt tous les blocs d'instructions dans un ordre donné. */ +static PyObject *py_instructions_block_visit(PyObject *, PyObject *); + +/* Fournit l'ensemble contenant les blocs liés. */ +static PyObject *py_instructions_block_get_links_block(PyObject *, PyObject *); + +/* Définit les constantes pour les blocs basiques. */ +static bool py_instructions_block_define_constants(PyTypeObject *); + + + +/****************************************************************************** +* * +* Paramètres : block = bloc d'instructions concerné par la visite. * +* order = indication sur la position dans le parcours. * +* data = donnée utilisateur à associer au parcours. * +* * +* Description : Parcourt le bloc d'instructions dans un ordre donné. * +* * +* Retour : true si le parcours a été jusqu'à son terme, false sinon. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool py_block_visitor_glue(GInstrBlock *block, BlockVisitOrder order, py_block_vdata *data) +{ + bool result; /* Bilan à retourner */ + PyObject *args; /* Arguments pour l'appel */ + PyObject *value; /* Retour obtenu */ + + Py_INCREF(data->user); + + args = PyTuple_New(3); + PyTuple_SetItem(args, 0, pygobject_new(G_OBJECT(block))); + PyTuple_SetItem(args, 1, PyLong_FromLong(order)); + PyTuple_SetItem(args, 2, data->user); + + value = _run_python_method(data->func, args); + result = (value == Py_True); + + Py_XDECREF(value); + Py_DECREF(args); + + return result; + +} + + + +/****************************************************************************** +* * +* Paramètres : self = classe représentant un binaire. * +* args = arguments fournis à l'appel. * +* * +* Description : Parcourt tous les blocs d'instructions dans un ordre donné. * +* * +* Retour : True si le parcours a été jusqu'à son terme, False sinon. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_instructions_block_visit(PyObject *self, PyObject *args) +{ + PyObject *result; /* Conclusion à retourner */ + py_block_vdata data; /* Transition entre C et Python*/ + int ret; /* Bilan de lecture des args. */ + GInstrBlock *block; /* Point de départ des visites */ + bool status; /* Bilan du parcours */ + + ret = PyArg_ParseTuple(args, "OO", &data.func, &data.user); + if (!ret) Py_RETURN_NONE; + + if (PyCallable_Check(data.func) != 1) return NULL; + + block = G_INSTR_BLOCK(pygobject_get(self)); + status = g_instr_block_visit(block, (instr_block_visitor_cb)py_block_visitor_glue, &data); + + result = (status ? Py_True : Py_False); + Py_INCREF(result); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = classe représentant un binaire. * +* args = arguments fournis à l'appel. * +* * +* Description : Fournit l'ensemble contenant les blocs liés. * +* * +* Retour : Bloc contenant les blocs liés au bloc. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_instructions_block_get_links_block(PyObject *self, PyObject *args) +{ + PyObject *result; /* Conclusion à retourner */ + GInstrBlock *block; /* Point de départ des visites */ + + block = G_INSTR_BLOCK(pygobject_get(self)); + + block = g_instr_block_get_links_block(block); + + result = pygobject_new(G_OBJECT(block)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : obj_type = type dont le dictionnaire est à compléter. * +* * +* Description : Définit les constantes pour les blocs basiques. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool py_instructions_block_define_constants(PyTypeObject *obj_type) +{ + bool result; /* Bilan à retourner */ + + result = true; + + result &= PyDict_AddIntMacro(obj_type, BVO_IN); + result &= PyDict_AddIntMacro(obj_type, BVO_PENDING); + result &= PyDict_AddIntMacro(obj_type, BVO_OUT); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_instr_block_type(void) +{ + static PyMethodDef py_instr_block_methods[] = { + { + "visit", (PyCFunction)py_instructions_block_visit, + METH_VARARGS, + "visit($self, cb, data, /)\n--\n\nVisit all the basic blocks, starting at the provided one." + }, + { + "get_links_block", (PyCFunction)py_instructions_block_get_links_block, + METH_VARARGS, + "get_links_block($self, /)\n--\n\nGet the block containing all blocks linked to the caller." + }, + { NULL } + }; + + static PyGetSetDef py_instr_block_getseters[] = { + { NULL } + }; + + static PyTypeObject py_instr_block_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.InstrBlock", + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide basic block", + + .tp_methods = py_instr_block_methods, + .tp_getset = py_instr_block_getseters, + + }; + + return &py_instr_block_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.analysis.InstrBlock'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_instr_block(PyObject *module) +{ + PyTypeObject *py_instr_block_type; /* Type Python 'InstrBlock' */ + PyObject *dict; /* Dictionnaire du module */ + + py_instr_block_type = get_python_instr_block_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_INSTR_BLOCK, py_instr_block_type, &PyGObject_Type)) + return false; + + if (!py_instructions_block_define_constants(py_instr_block_type)) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/block.h b/plugins/pychrysalide/analysis/block.h new file mode 100644 index 0000000..1f87445 --- /dev/null +++ b/plugins/pychrysalide/analysis/block.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * block.h - prototypes pour l'équivalent Python du fichier "analysis/block.h" + * + * Copyright (C) 2013-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYOIDA_ANALYSIS_BLOCK_H +#define _PLUGINS_PYOIDA_ANALYSIS_BLOCK_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_instr_block_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.InstrBlock'. */ +bool register_python_instr_block(PyObject *); + + + +#endif /* _PLUGINS_PYOIDA_ANALYSIS_BLOCK_H */ diff --git a/plugins/pychrysalide/analysis/content.c b/plugins/pychrysalide/analysis/content.c new file mode 100644 index 0000000..1f36eb8 --- /dev/null +++ b/plugins/pychrysalide/analysis/content.c @@ -0,0 +1,460 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * content.c - prototypes pour l'équivalent Python du fichier "analysis/content.c" + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "content.h" + + +#include <assert.h> +#include <pygobject.h> + + +#include <i18n.h> + + +#include <analysis/content.h> +#include <common/endianness.h> + + +#include "../arch/vmpa.h" + + + +/* Fournit une empreinte unique (SHA256) pour les données. */ +static PyObject *py_binary_content_get_checksum(PyObject *, PyObject *); + +/* Détermine le nombre d'octets lisibles. */ +static PyObject *py_binary_content_compute_size(PyObject *, PyObject *); + +/* Fournit une portion des données représentées. */ +static PyObject *py_binary_content_read_raw(PyObject *, PyObject *); + +/* Lit un nombre non signé sur un octet. */ +static PyObject *py_binary_content_read_u8(PyObject *, PyObject *); + +/* Lit un nombre non signé sur deux octets. */ +static PyObject *py_binary_content_read_u16(PyObject *, PyObject *); + +/* Lit un nombre non signé sur quatre octets. */ +static PyObject *py_binary_content_read_u32(PyObject *, PyObject *); + +/* Lit un nombre non signé sur huit octets. */ +static PyObject *py_binary_content_read_u64(PyObject *, PyObject *); + + + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* args = non utilisé ici. * +* * +* Description : Fournit une empreinte unique (SHA256) pour les données. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_content_get_checksum(PyObject *self, PyObject *args) +{ + PyObject *result; /* Instance à retourner */ + GBinContent *content; /* Version GLib du format */ + const gchar *checksum; /* Empreinte fournie */ + + content = G_BIN_CONTENT(pygobject_get(self)); + + checksum = g_binary_content_get_checksum(content); + + result = PyUnicode_FromString(checksum); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* args = non utilisé ici. * +* * +* Description : Détermine le nombre d'octets lisibles. * +* * +* Retour : Quantité représentée. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_content_compute_size(PyObject *self, PyObject *args) +{ + PyObject *result; /* Instance à retourner */ + GBinContent *content; /* Version GLib du format */ + phys_t size; /* Quantité d'octets dispos. */ + + content = G_BIN_CONTENT(pygobject_get(self)); + + size = g_binary_content_compute_size(content); + + result = PyLong_FromUnsignedLongLong(size); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* args = non utilisé ici. * +* * +* Description : Fournit une portion des données représentées. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_content_read_raw(PyObject *self, PyObject *args) +{ + PyObject *result; /* Instance à retourner */ + GBinContent *content; /* Version GLib du format */ + PyObject *addr_obj; /* Objet pour une position */ + vmpa2t *addr; /* Position interne associée */ + unsigned long long length; /* Quantité de données à lire */ + int ret; /* Bilan de lecture des args. */ + const bin_t *val; /* Valeur lue à faire suivre */ + + content = G_BIN_CONTENT(pygobject_get(self)); + assert(content != NULL); + + ret = PyArg_ParseTuple(args, "OK", &addr_obj, &length); + if (!ret) return NULL; + + addr = get_internal_vmpa(addr_obj); + assert(addr != NULL); + + val = g_binary_content_get_raw_access(content, addr, length); + if (val == NULL) + { + PyErr_SetString(PyExc_Exception, _("Invalid read access.")); + return NULL; + } + + result = PyBytes_FromStringAndSize((char *)val, length); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* args = non utilisé ici. * +* * +* Description : Lit un nombre non signé sur un octet. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_content_read_u8(PyObject *self, PyObject *args) +{ + PyObject *result; /* Instance à retourner */ + GBinContent *content; /* Version GLib du format */ + int ret; /* Bilan de lecture des args. */ + PyObject *addr_obj; /* Objet pour une position */ + vmpa2t *addr; /* Position interne associée */ + uint8_t val; /* Valeur lue à faire suivre */ + bool status; /* Bilan de l'opération */ + + content = G_BIN_CONTENT(pygobject_get(self)); + assert(content != NULL); + + ret = PyArg_ParseTuple(args, "O", &addr_obj); + if (!ret) return NULL; + + addr = get_internal_vmpa(addr_obj); + assert(addr != NULL); + + status = g_binary_content_read_u8(content, addr, &val); + if (!status) + { + PyErr_SetString(PyExc_Exception, _("Invalid read access.")); + return NULL; + } + + result = PyLong_FromUnsignedLong(val); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* args = non utilisé ici. * +* * +* Description : Lit un nombre non signé sur deux octets. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_content_read_u16(PyObject *self, PyObject *args) +{ + PyObject *result; /* Instance à retourner */ + GBinContent *content; /* Version GLib du format */ + int ret; /* Bilan de lecture des args. */ + PyObject *addr_obj; /* Objet pour une position */ + unsigned long endianness; /* Boutisme de la lecture */ + vmpa2t *addr; /* Position interne associée */ + uint16_t val; /* Valeur lue à faire suivre */ + bool status; /* Bilan de l'opération */ + + content = G_BIN_CONTENT(pygobject_get(self)); + assert(content != NULL); + + ret = PyArg_ParseTuple(args, "Ok", &addr_obj, &endianness); + if (!ret) return NULL; + + addr = get_internal_vmpa(addr_obj); + assert(addr != NULL); + + status = g_binary_content_read_u16(content, addr, endianness, &val); + if (!status) + { + PyErr_SetString(PyExc_Exception, _("Invalid read access.")); + return NULL; + } + + result = PyLong_FromUnsignedLong(val); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* args = non utilisé ici. * +* * +* Description : Lit un nombre non signé sur quatre octets. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_content_read_u32(PyObject *self, PyObject *args) +{ + PyObject *result; /* Instance à retourner */ + GBinContent *content; /* Version GLib du format */ + int ret; /* Bilan de lecture des args. */ + PyObject *addr_obj; /* Objet pour une position */ + unsigned long endianness; /* Boutisme de la lecture */ + vmpa2t *addr; /* Position interne associée */ + uint32_t val; /* Valeur lue à faire suivre */ + bool status; /* Bilan de l'opération */ + + content = G_BIN_CONTENT(pygobject_get(self)); + assert(content != NULL); + + ret = PyArg_ParseTuple(args, "Ok", &addr_obj, &endianness); + if (!ret) return NULL; + + addr = get_internal_vmpa(addr_obj); + assert(addr != NULL); + + status = g_binary_content_read_u32(content, addr, endianness, &val); + if (!status) + { + PyErr_SetString(PyExc_Exception, _("Invalid read access.")); + return NULL; + } + + result = PyLong_FromUnsignedLong(val); + + return result; + +} + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* args = non utilisé ici. * +* * +* Description : Lit un nombre non signé sur huit octets. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_content_read_u64(PyObject *self, PyObject *args) +{ + PyObject *result; /* Instance à retourner */ + GBinContent *content; /* Version GLib du format */ + int ret; /* Bilan de lecture des args. */ + PyObject *addr_obj; /* Objet pour une position */ + unsigned long endianness; /* Boutisme de la lecture */ + vmpa2t *addr; /* Position interne associée */ + uint64_t val; /* Valeur lue à faire suivre */ + bool status; /* Bilan de l'opération */ + + content = G_BIN_CONTENT(pygobject_get(self)); + assert(content != NULL); + + ret = PyArg_ParseTuple(args, "Ok", &addr_obj, &endianness); + if (!ret) return NULL; + + addr = get_internal_vmpa(addr_obj); + assert(addr != NULL); + + status = g_binary_content_read_u64(content, addr, endianness, &val); + if (!status) + { + PyErr_SetString(PyExc_Exception, _("Invalid read access.")); + return NULL; + } + + result = PyLong_FromUnsignedLongLong(val); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_binary_content_type(void) +{ + static PyMethodDef py_binary_content_methods[] = { + { + "get_checksum", py_binary_content_get_checksum, + METH_NOARGS, + "get_checksum($self, /)\n--\n\nCompute a SHA256 hash as chechsum of handled data." + }, + { + "compute_size", py_binary_content_compute_size, + METH_NOARGS, + "compute_size($self, /)\n--\n\nCompute the quantity of readable bytes." + }, + { + "read_raw", py_binary_content_read_raw, + METH_VARARGS, + "read_raw($self, addr, length, /)\n--\n\nRead bytes from a given position." + }, + { + "read_u8", py_binary_content_read_u8, + METH_VARARGS, + "read_u8($self, addr, /)\n--\n\nRead an unsigned byte from a given position." + }, + { + "read_u16", py_binary_content_read_u16, + METH_VARARGS, + "read_u16($self, addr, endianness, /)\n--\n\nRead two unsigned bytes from a given position." + }, + { + "read_u32", py_binary_content_read_u32, + METH_VARARGS, + "read_u32($self, addr, endianness, /)\n--\n\nRead four unsigned bytes from a given position." + }, + { + "read_u64", py_binary_content_read_u64, + METH_VARARGS, + "read_u64($self, addr, endianness, /)\n--\n\nRead eight unsigned bytes from a given position." + }, + { NULL } + }; + + static PyGetSetDef py_binary_content_getseters[] = { + { NULL } + }; + + static PyTypeObject py_binary_content_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.BinContent", + .tp_basicsize = sizeof(PyObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide binary content", + + .tp_methods = py_binary_content_methods, + .tp_getset = py_binary_content_getseters + + }; + + return &py_binary_content_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.analysis.BinContent'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_binary_content(PyObject *module) +{ + PyTypeObject *py_binary_content_type; /* Type Python 'BinContent' */ + PyObject *dict; /* Dictionnaire du module */ + + py_binary_content_type = get_python_binary_content_type(); + + dict = PyModule_GetDict(module); + pyg_register_interface(dict, "BinContent", G_TYPE_BIN_CONTENT, py_binary_content_type); + + return true; + +} diff --git a/plugins/pychrysalide/analysis/content.h b/plugins/pychrysalide/analysis/content.h new file mode 100644 index 0000000..71d8100 --- /dev/null +++ b/plugins/pychrysalide/analysis/content.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * content.h - prototypes pour l'équivalent Python du fichier "analysis/content.h" + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENT_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENT_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_binary_content_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.BinContent'. */ +bool register_python_binary_content(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENT_H */ diff --git a/plugins/pychrysalide/analysis/contents/Makefile.am b/plugins/pychrysalide/analysis/contents/Makefile.am new file mode 100644 index 0000000..3cd00a6 --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/Makefile.am @@ -0,0 +1,15 @@ + +noinst_LTLIBRARIES = libpychrysaanalysiscontents.la + +libpychrysaanalysiscontents_la_SOURCES = \ + file.h file.c \ + module.h module.c \ + restricted.h restricted.c + +libpychrysaanalysiscontents_la_LDFLAGS = + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) \ + -I../../../../src + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/pychrysalide/analysis/contents/file.c b/plugins/pychrysalide/analysis/contents/file.c new file mode 100644 index 0000000..b033611 --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/file.c @@ -0,0 +1,149 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * file.c - prototypes pour l'équivalent Python du fichier "analysis/contents/file.c" + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "file.h" + + +#include <pygobject.h> + + +#include <analysis/contents/file.h> + + +#include "../../helpers.h" + + + +/* Crée un nouvel objet Python de type 'BinContent'. */ +static PyObject *py_file_content_new(PyTypeObject *, PyObject *, PyObject *); + + + +/****************************************************************************** +* * +* Paramètres : type = type de l'objet à instancier. * +* args = arguments fournis à l'appel. * +* kwds = arguments de type key=val fournis. * +* * +* Description : Crée un nouvel objet Python de type 'BinContent'. * +* * +* Retour : Instance Python mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_file_content_new(PyTypeObject *type, PyObject *args, PyObject *kwds) +{ + PyObject *result; /* Instance à retourner */ + const char *filename; /* Nom du fichier à charger */ + int ret; /* Bilan de lecture des args. */ + GBinContent *content; /* Version GLib du contenu */ + + ret = PyArg_ParseTuple(args, "s", &filename); + if (!ret) Py_RETURN_NONE; + + content = g_file_content_new(filename); + + result = pygobject_new(G_OBJECT(content)); + + if (content != NULL) + g_object_unref(content); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_file_content_type(void) +{ + static PyMethodDef py_file_content_methods[] = { + { NULL } + }; + + static PyGetSetDef py_file_content_getseters[] = { + { NULL } + }; + + static PyTypeObject py_file_content_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.contents.FileContent", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide binary file content", + + .tp_methods = py_file_content_methods, + .tp_getset = py_file_content_getseters, + .tp_new = (newfunc)py_file_content_new + + }; + + return &py_file_content_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.....FileContent'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_file_content(PyObject *module) +{ + PyTypeObject *py_file_content_type; /* Type Python 'FileContent' */ + PyObject *dict; /* Dictionnaire du module */ + + py_file_content_type = get_python_file_content_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_FILE_CONTENT, py_file_content_type, &PyGObject_Type)) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/contents/file.h b/plugins/pychrysalide/analysis/contents/file.h new file mode 100644 index 0000000..04f4395 --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/file.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * file.h - prototypes pour l'équivalent Python du fichier "analysis/contents/file.h" + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_FILE_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_FILE_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_file_content_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.contents.FileContent'. */ +bool register_python_file_content(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_FILE_H */ diff --git a/plugins/pychrysalide/analysis/contents/module.c b/plugins/pychrysalide/analysis/contents/module.c new file mode 100644 index 0000000..2daa62c --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/module.c @@ -0,0 +1,97 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.c - intégration du répertoire contents en tant que module + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "module.h" + + +#include <assert.h> + + +#include "file.h" +#include "restricted.h" +#include "../../access.h" + + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Ajoute le module 'contents' au module Python. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ +#include "../content.h" +bool add_analysis_contents_module_to_python_module(PyObject *super) +{ + bool result; /* Bilan à retourner */ + PyObject *module; /* Sous-module mis en place */ + int ret; /* Bilan d'un appel */ + + static PyModuleDef py_chrysalide_contents_module = { + + .m_base = PyModuleDef_HEAD_INIT, + + .m_name = "pychrysalide.analysis.contents", + .m_doc = "Python module for Chrysalide.analysis.contents", + + .m_size = -1, + + }; + + result = false; + + module = PyModule_Create(&py_chrysalide_contents_module); + if (module == NULL) return false; + + ret = PyState_AddModule(super, &py_chrysalide_contents_module); + if (ret != 0) goto loading_failed; + + ret = _PyImport_FixupBuiltin(module, "pychrysalide.analysis.contents"); + if (ret != 0) goto loading_failed; + + Py_INCREF(module); + ret = PyModule_AddObject(super, "contents", module); + if (ret != 0) goto loading_failed; + + result = true; + + result &= register_python_binary_content(module); + + result &= register_python_file_content(module); + result &= register_python_restricted_content(module); + + if (result) + register_access_to_python_module("pychrysalide.analysis.contents", module); + + loading_failed: + + assert(result); + + return result; + +} diff --git a/plugins/pychrysalide/analysis/contents/module.h b/plugins/pychrysalide/analysis/contents/module.h new file mode 100644 index 0000000..1b6adfa --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/module.h @@ -0,0 +1,39 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.h - prototypes pour l'intégration du répertoire contents en tant que module + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYOIDA_ANALYSIS_CONTENTS_MODULE_H +#define _PLUGINS_PYOIDA_ANALYSIS_CONTENTS_MODULE_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Ajoute le module 'contents' au module Python. */ +bool add_analysis_contents_module_to_python_module(PyObject *); + + + +#endif /* _PLUGINS_PYOIDA_ANALYSIS_CONTENTS_MODULE_H */ diff --git a/plugins/pychrysalide/analysis/contents/restricted.c b/plugins/pychrysalide/analysis/contents/restricted.c new file mode 100644 index 0000000..f8b0b98 --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/restricted.c @@ -0,0 +1,173 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * restricted.c - prototypes pour l'équivalent Python du fichier "analysis/contents/restricted.c" + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "restricted.h" + + +#include <pygobject.h> + + +#include <i18n.h> + + +#include <analysis/contents/restricted.h> + + +#include "../content.h" +#include "../../helpers.h" +#include "../../arch/vmpa.h" + + + +/* Crée un nouvel objet Python de type 'BinContent'. */ +static PyObject *py_restricted_content_new(PyTypeObject *, PyObject *, PyObject *); + + + +/****************************************************************************** +* * +* Paramètres : type = type de l'objet à instancier. * +* args = arguments fournis à l'appel. * +* kwds = arguments de type key=val fournis. * +* * +* Description : Crée un nouvel objet Python de type 'BinContent'. * +* * +* Retour : Instance Python mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_restricted_content_new(PyTypeObject *type, PyObject *args, PyObject *kwds) +{ + PyObject *result; /* Instance à retourner */ + PyObject *content_obj; /* Objet pour le contenu */ + PyObject *range_obj; /* Objet pour la restriction */ + int ret; /* Bilan de lecture des args. */ + GBinContent *content; /* Instance GLib correspondante*/ + mrange_t *range; /* Restriction à appliquer */ + GBinContent *restricted; /* Création GLib à transmettre */ + + ret = PyArg_ParseTuple(args, "OO", &content_obj, &range_obj); + if (!ret) return NULL; + + ret = PyObject_IsInstance(content_obj, (PyObject *)get_python_binary_content_type()); + if (!ret) + { + PyErr_SetString(PyExc_TypeError, _("The first argument must be an instance of BinContent.")); + return NULL; + } + + ret = PyObject_IsInstance(range_obj, (PyObject *)get_python_mrange_type()); + if (!ret) + { + PyErr_SetString(PyExc_TypeError, _("The second argument must be an instance of mrange.")); + return NULL; + } + + content = G_BIN_CONTENT(pygobject_get(content_obj)); + + range = get_internal_mrange(range_obj); + + restricted = g_restricted_content_new(content, range); + + result = pygobject_new(G_OBJECT(restricted)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_restricted_content_type(void) +{ + static PyMethodDef py_restricted_content_methods[] = { + { NULL } + }; + + static PyGetSetDef py_restricted_content_getseters[] = { + { NULL } + }; + + static PyTypeObject py_restricted_content_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.contents.RestrictedContent", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide binary restricted content", + + .tp_methods = py_restricted_content_methods, + .tp_getset = py_restricted_content_getseters, + .tp_new = (newfunc)py_restricted_content_new + + }; + + return &py_restricted_content_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.....RestrictedContent'.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_restricted_content(PyObject *module) +{ + PyTypeObject *py_restricted_content_type;/* Type Python 'BinContent' */ + PyObject *dict; /* Dictionnaire du module */ + + py_restricted_content_type = get_python_restricted_content_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_RESTRICTED_CONTENT, + py_restricted_content_type, &PyGObject_Type)) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/contents/restricted.h b/plugins/pychrysalide/analysis/contents/restricted.h new file mode 100644 index 0000000..5b7b910 --- /dev/null +++ b/plugins/pychrysalide/analysis/contents/restricted.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * restricted.h - prototypes pour l'équivalent Python du fichier "analysis/contents/restricted.h" + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_RESTRICTED_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_RESTRICTED_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_restricted_content_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.contents.RestrictedContent'. */ +bool register_python_restricted_content(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENTS_RESTRICTED_H */ diff --git a/plugins/pychrysalide/analysis/db/Makefile.am b/plugins/pychrysalide/analysis/db/Makefile.am new file mode 100644 index 0000000..a6bb701 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/Makefile.am @@ -0,0 +1,19 @@ + +noinst_LTLIBRARIES = libpychrysaanalysisdb.la + +libpychrysaanalysisdb_la_SOURCES = \ + certs.h certs.c \ + collection.h collection.c \ + item.h item.c \ + module.h module.c + +libpychrysaanalysisdb_la_LDFLAGS = \ + items/libpychrysaanalysisdbitems.la + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) \ + -I../../../../src + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) + +SUBDIRS = items diff --git a/plugins/pychrysalide/analysis/db/certs.c b/plugins/pychrysalide/analysis/db/certs.c new file mode 100644 index 0000000..e0358d1 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/certs.c @@ -0,0 +1,327 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * certs.c - équivalent Python du fichier "analysis/db/certs.c" + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "certs.h" + + +#include <pygobject.h> +#include <string.h> + + +#include <i18n.h> +#include <analysis/db/certs.h> + + +#include "../../helpers.h" + + + +/* Traduit en version native une identité de certificat. */ +static bool py_certs_fill_x509_entries(PyObject *, x509_entries *); + +/* Crée un certificat de signature racine. */ +static PyObject *py_certs_make_ca(PyObject *, PyObject *); + +/* Crée un certificat pour application. */ +static PyObject *py_certs_make_request(PyObject *, PyObject *); + +/* Signe un certificat pour application. */ +static PyObject *py_certs_sign_cert(PyObject *, PyObject *); + + + +/****************************************************************************** +* * +* Paramètres : dict = ensemble de propriétés renseignées. * +* out = résumé des entrées regroupées. [OUT] * +* * +* Description : Traduit en version native une identité de certificat. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool py_certs_fill_x509_entries(PyObject *dict, x509_entries *out) +{ + bool result; /* Bilan à retourner */ + PyObject *value; /* Valeur au format Python */ + +#define TRANSLATE_ENTRY(name, dest) \ + do \ + { \ + value = PyDict_GetItemString(dict, name); \ + if (value != NULL) \ + { \ + result = PyUnicode_Check(value); \ + if (result) \ + out->dest = strdup((char *)PyUnicode_DATA(value)); \ + else \ + PyErr_Format(PyExc_TypeError, _("The %s property must be a string."), name); \ + } \ + } \ + while (0) + + result = true; + + memset(out, 0, sizeof(x509_entries)); + + TRANSLATE_ENTRY("C", country); + + if (result) + TRANSLATE_ENTRY("ST", state); + + if (result) + TRANSLATE_ENTRY("L", locality); + + if (result) + TRANSLATE_ENTRY("O", organisation); + + if (result) + TRANSLATE_ENTRY("OU", organisational_unit); + + if (result) + TRANSLATE_ENTRY("CN", common_name); + + if (!result) + free_x509_entries(out); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = NULL car méthode statique. * +* args = paramètres à transmettre à l'appel natif. * +* * +* Description : Crée un certificat de signature racine. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_certs_make_ca(PyObject *self, PyObject *args) +{ + PyObject *result; /* Désignation à retourner */ + const char *dir; /* Répertoire de sortie */ + const char *label; /* Nom principal du certificat */ + unsigned long valid; /* Durée de validité en sec. */ + PyObject *dict; /* Détails identitaires */ + int ret; /* Bilan de lecture des args. */ + x509_entries entries; /* Définition d'une identité */ + bool status; /* Bilan d'une constitution */ + + ret = PyArg_ParseTuple(args, "sskO!", &dir, &label, &valid, &PyDict_Type, &dict); + if (!ret) return NULL; + + status = py_certs_fill_x509_entries(dict, &entries); + if (!status) return NULL; + + status = make_ca(dir, label, valid, &entries); + + free_x509_entries(&entries); + + result = status ? Py_True : Py_False; + + Py_INCREF(result); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = NULL car méthode statique. * +* args = paramètres à transmettre à l'appel natif. * +* * +* Description : Crée un certificat pour application. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_certs_make_request(PyObject *self, PyObject *args) +{ + PyObject *result; /* Désignation à retourner */ + const char *dir; /* Répertoire de sortie */ + const char *label; /* Nom principal du certificat */ + PyObject *dict; /* Détails identitaires */ + int ret; /* Bilan de lecture des args. */ + x509_entries entries; /* Définition d'une identité */ + bool status; /* Bilan d'une constitution */ + + ret = PyArg_ParseTuple(args, "ssO!", &dir, &label, &PyDict_Type, &dict); + if (!ret) return NULL; + + status = py_certs_fill_x509_entries(dict, &entries); + if (!status) return NULL; + + status = make_request(dir, label, &entries); + + free_x509_entries(&entries); + + result = status ? Py_True : Py_False; + + Py_INCREF(result); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = NULL car méthode statique. * +* args = paramètres à transmettre à l'appel natif. * +* * +* Description : Signe un certificat pour application. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_certs_sign_cert(PyObject *self, PyObject *args) +{ + PyObject *result; /* Désignation à retourner */ + const char *csr; /* Requête à satisfaire */ + const char *cacert; /* Certificat de confiance */ + const char *cakey; /* Clef de ce certificat */ + const char *cert; /* Certificat en sortie */ + unsigned long valid; /* Durée de validité en sec. */ + int ret; /* Bilan de lecture des args. */ + bool status; /* Bilan de l'opération */ + + ret = PyArg_ParseTuple(args, "ssssk", &csr, &cacert, &cakey, &cert, &valid); + if (!ret) return NULL; + + status = sign_cert(csr, cacert, cakey, cert, valid); + + result = status ? Py_True : Py_False; + + Py_INCREF(result); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_certs_type(void) +{ + static PyMethodDef py_certs_methods[] = { + + { "make_ca", py_certs_make_ca, + METH_VARARGS | METH_STATIC, + "make_ca(dir, label, valid, entries, /)\n--\n\nCreate a certificate authority." + }, + { "make_request", py_certs_make_request, + METH_VARARGS | METH_STATIC, + "make_request(dir, label, entries, /)\n--\n\nCreate a certificate sign request." + }, + { "sign_cert", py_certs_sign_cert, + METH_VARARGS | METH_STATIC, + "sign_cert(csr, cacert, cakey, cert, valid, /)\n--\n\nSign a certificate sign request.." + }, + { NULL } + + }; + + static PyGetSetDef py_certs_getseters[] = { + + { NULL } + + }; + + static PyTypeObject py_certs_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.db.certs", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide support for DataBase certicates", + + .tp_methods = py_certs_methods, + .tp_getset = py_certs_getseters, + + }; + + return &py_certs_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide....db.certs'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_certs(PyObject *module) +{ + PyTypeObject *py_certs_type; /* Type Python pour 'certs' */ + int ret; /* Bilan d'un appel */ + + py_certs_type = get_python_certs_type(); + + py_certs_type->tp_new = PyType_GenericNew; + + if (PyType_Ready(py_certs_type) != 0) + return false; + + Py_INCREF(py_certs_type); + ret = PyModule_AddObject(module, "certs", (PyObject *)py_certs_type); + + return (ret == 0); + +} diff --git a/plugins/pychrysalide/analysis/db/certs.h b/plugins/pychrysalide/analysis/db/certs.h new file mode 100644 index 0000000..2e90778 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/certs.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * certs.h - prototypes pour l'équivalent Python du fichier "analysis/db/certs.h" + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_CERTS_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_CERTS_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_certs_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.db.certs'. */ +bool register_python_certs(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_CERTSS_H */ diff --git a/plugins/pychrysalide/analysis/db/collection.c b/plugins/pychrysalide/analysis/db/collection.c new file mode 100644 index 0000000..80fcfc2 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/collection.c @@ -0,0 +1,110 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * collection.c - équivalent Python du fichier "analysis/db/collection.c" + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "collection.h" + + +#include <pygobject.h> + + +#include <i18n.h> +#include <analysis/db/collection.h> + + +#include "../../helpers.h" + + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_db_collection_type(void) +{ + static PyMethodDef py_db_collection_methods[] = { + { NULL } + }; + + static PyGetSetDef py_db_collection_getseters[] = { + + { NULL } + + }; + + static PyTypeObject py_db_collection_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.db.DbCollection", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide collection for DataBase collection", + + .tp_methods = py_db_collection_methods, + .tp_getset = py_db_collection_getseters, + + }; + + return &py_db_collection_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide....db.DbCollection'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_db_collection(PyObject *module) +{ + PyTypeObject *py_db_collection_type; /* Type Python 'DbCollection' */ + PyObject *dict; /* Dictionnaire du module */ + + py_db_collection_type = get_python_db_collection_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_DB_COLLECTION, py_db_collection_type, &PyGObject_Type)) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/db/collection.h b/plugins/pychrysalide/analysis/db/collection.h new file mode 100644 index 0000000..76256bc --- /dev/null +++ b/plugins/pychrysalide/analysis/db/collection.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * collection.h - prototypes pour l'équivalent Python du fichier "analysis/db/collection.h" + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_COLLECTION_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_COLLECTION_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_db_collection_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.db.DbCollection'. */ +bool register_python_db_collection(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_COLLECTIONS_H */ diff --git a/plugins/pychrysalide/analysis/db/item.c b/plugins/pychrysalide/analysis/db/item.c new file mode 100644 index 0000000..27b5bac --- /dev/null +++ b/plugins/pychrysalide/analysis/db/item.c @@ -0,0 +1,182 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * item.c - équivalent Python du fichier "analysis/db/item.c" + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "item.h" + + +#include <pygobject.h> + + +#include <i18n.h> +#include <analysis/db/item.h> + + +#include "../../helpers.h" + + + +/* Indique si l'élément contient des données à oublier ou non. */ +static PyObject *py_db_item_get_volatile(PyObject *, void *); + +/* Définit si l'élément contient des données à oublier ou non. */ +static int py_db_item_set_volatile(PyObject *, PyObject *, void *); + + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Indique si l'élément contient des données à oublier ou non. * +* * +* Retour : Etat de la sauegarde de l'élément consulté. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_db_item_get_volatile(PyObject *self, void *closure) +{ + PyObject *result; /* Valeur à retourner */ + GDbItem *item; /* Elément à consulter */ + + item = G_DB_ITEM(pygobject_get(self)); + + result = (g_db_item_is_volatile(item) ? Py_True : Py_False); + Py_INCREF(result); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* value = valeur fournie à intégrer ou prendre en compte. * +* closure = non utilisé ici. * +* * +* Description : Définit si l'élément contient des données à oublier ou non. * +* * +* Retour : Bilan de l'opération pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static int py_db_item_set_volatile(PyObject *self, PyObject *value, void *closure) +{ + GDbItem *item; /* Elément à modifier */ + + if (!PyBool_Check(value)) + { + PyErr_SetString(PyExc_TypeError, _("The attribute value must be a boolean.")); + return -1; + } + + item = G_DB_ITEM(pygobject_get(self)); + g_db_item_set_volatile(item, (bool)(value == Py_True)); + + return 0; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_db_item_type(void) +{ + static PyMethodDef py_db_item_methods[] = { + { NULL } + }; + + static PyGetSetDef py_db_item_getseters[] = { + + { + "volatile", py_db_item_get_volatile, py_db_item_set_volatile, + "Define if a Database item can be forgotten.", NULL + }, + { NULL } + + }; + + static PyTypeObject py_db_item_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.db.DbItem", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide item for DataBase collection", + + .tp_methods = py_db_item_methods, + .tp_getset = py_db_item_getseters, + + }; + + return &py_db_item_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide....db.items.DbItem'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_db_item(PyObject *module) +{ + PyTypeObject *py_db_item_type; /* Type Python 'DbItem' */ + PyObject *dict; /* Dictionnaire du module */ + + py_db_item_type = get_python_db_item_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_DB_ITEM, py_db_item_type, &PyGObject_Type)) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/db/item.h b/plugins/pychrysalide/analysis/db/item.h new file mode 100644 index 0000000..96122e6 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/item.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * item.h - prototypes pour l'équivalent Python du fichier "analysis/db/item.h" + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_ITEM_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_ITEM_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_db_item_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.db.DbItem'. */ +bool register_python_db_item(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_ITEM_H */ diff --git a/plugins/pychrysalide/analysis/db/items/Makefile.am b/plugins/pychrysalide/analysis/db/items/Makefile.am new file mode 100644 index 0000000..b08a558 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/items/Makefile.am @@ -0,0 +1,14 @@ + +noinst_LTLIBRARIES = libpychrysaanalysisdbitems.la + +libpychrysaanalysisdbitems_la_SOURCES = \ + comment.h comment.c \ + module.h module.c + +libpychrysaanalysisdbitems_la_LDFLAGS = + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) \ + -I../../../../../src + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/pychrysalide/analysis/db/items/comment.c b/plugins/pychrysalide/analysis/db/items/comment.c new file mode 100644 index 0000000..28886f5 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/items/comment.c @@ -0,0 +1,241 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * comment.c - équivalent Python du fichier "analysis/db/items/comment.c" + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "comment.h" + + +#include <malloc.h> +#include <pygobject.h> + + +#include <i18n.h> +#include <analysis/db/items/comment.h> + + +#include "../item.h" +#include "../../../helpers.h" +#include "../../../arch/vmpa.h" + + + +/* Crée un nouvel objet Python de type 'DbComment'. */ +static PyObject *py_db_comment_new(PyTypeObject *, PyObject *, PyObject *); + +/* Fournit le commentaire associé à un commentaire. */ +static PyObject *py_db_comment_get_text(PyObject *, void *); + +/* Définit le commentaire associé à un commentaire. */ +static int py_db_comment_set_text(PyObject *, PyObject *, void *); + + + +/****************************************************************************** +* * +* Paramètres : type = type de l'objet à instancier. * +* args = arguments fournis à l'appel. * +* kwds = arguments de type key=val fournis. * +* * +* Description : Crée un nouvel objet Python de type 'DbComment'. * +* * +* Retour : Instance Python mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_db_comment_new(PyTypeObject *type, PyObject *args, PyObject *kwds) +{ + PyObject *result; /* Instance à retourner */ + PyObject *py_vmpa; /* Localisation version Python */ + const char *text; /* Texte à associer */ + int is_volatile; /* Conservation en mémoire */ + int ret; /* Bilan de lecture des args. */ + vmpa2t *addr; /* Localisation version C */ + GDbComment *comment; /* Version GLib du commentaire */ + + ret = PyArg_ParseTuple(args, "Osp", &py_vmpa, &text, &is_volatile); + if (!ret) Py_RETURN_NONE; + + ret = PyObject_IsInstance(py_vmpa, (PyObject *)get_python_vmpa_type()); + if (!ret) return NULL; + + addr = get_internal_vmpa(py_vmpa); + if (py_vmpa == NULL) Py_RETURN_NONE; + + return NULL;/* FIXME */ + //comment = g_db_comment_new(addr, text, is_volatile); + + result = pygobject_new(G_OBJECT(comment)); + g_object_unref(comment); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Fournit le commentaire associé à un commentaire. * +* * +* Retour : Texte manipulable en Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_db_comment_get_text(PyObject *self, void *closure) +{ + PyObject *result; /* Résultat à retourner */ + GDbComment *comment; /* Commentaire à consulter */ + char *text; /* Contenu textuel associé */ + + comment = G_DB_COMMENT(pygobject_get(self)); + text = g_db_comment_get_text(comment); + + if (text == NULL) + { + result = Py_None; + Py_INCREF(result); + } + else + { + result = PyUnicode_FromString(text); + free(text); + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* value = valeur fournie à intégrer ou prendre en compte. * +* closure = non utilisé ici. * +* * +* Description : Définit le commentaire associé à un commentaire. * +* * +* Retour : Bilan de l'opération pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static int py_db_comment_set_text(PyObject *self, PyObject *value, void *closure) +{ + GDbComment *comment; /* Commentaire à consulter */ + + if (!PyUnicode_Check(value)) + { + PyErr_SetString(PyExc_TypeError, _("The attribute value must be a string.")); + return -1; + } + + comment = G_DB_COMMENT(pygobject_get(self)); + //g_db_comment_set_text(comment, PyUnicode_DATA(value)); + + return 0; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_db_comment_type(void) +{ + static PyMethodDef py_db_comment_methods[] = { + { NULL } + }; + + static PyGetSetDef py_db_comment_getseters[] = { + { + "text", py_db_comment_get_text, py_db_comment_set_text, + "Give access to the content of a given comment.", NULL + }, + { NULL } + }; + + static PyTypeObject py_db_comment_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.db.items.DbComment", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT, + + .tp_doc = "PyChrysalide comment for edited binary", + + .tp_methods = py_db_comment_methods, + .tp_getset = py_db_comment_getseters, + .tp_new = (newfunc)py_db_comment_new + + }; + + return &py_db_comment_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide....db.items.DbComment'.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_db_comment(PyObject *module) +{ + PyTypeObject *py_db_comment_type; /* Type Python 'DbComment' */ + PyObject *dict; /* Dictionnaire du module */ + + py_db_comment_type = get_python_db_comment_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_DB_COMMENT, py_db_comment_type, get_python_db_item_type())) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/db/items/comment.h b/plugins/pychrysalide/analysis/db/items/comment.h new file mode 100644 index 0000000..2b4f130 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/items/comment.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * comment.h - prototypes pour l'équivalent Python du fichier "analysis/db/items/comment.h" + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_ITEMS_COMMENT_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_ITEMS_COMMENT_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_db_comment_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.db.items.DbComment'. */ +bool register_python_db_comment(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_ITEMS_COMMENT_H */ diff --git a/plugins/pychrysalide/analysis/db/items/module.c b/plugins/pychrysalide/analysis/db/items/module.c new file mode 100644 index 0000000..cf0fe56 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/items/module.c @@ -0,0 +1,93 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.c - intégration du répertoire items en tant que module + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "module.h" + + +#include <assert.h> + + +#include "comment.h" +#include "../../../access.h" + + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Ajoute le module 'items' au module Python. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool add_analysis_db_items_module_to_python_module(PyObject *super) +{ + bool result; /* Bilan à retourner */ + PyObject *module; /* Sous-module mis en place */ + int ret; /* Bilan d'un appel */ + + static PyModuleDef py_chrysalide_items_module = { + + .m_base = PyModuleDef_HEAD_INIT, + + .m_name = "pychrysalide.analysis.db.items", + .m_doc = "Python module for Chrysalide.analysis.db.items", + + .m_size = -1, + + }; + + result = false; + + module = PyModule_Create(&py_chrysalide_items_module); + if (module == NULL) return false; + + ret = PyState_AddModule(super, &py_chrysalide_items_module); + if (ret != 0) goto loading_failed; + + ret = _PyImport_FixupBuiltin(module, "pychrysalide.analysis.db.items"); + if (ret != 0) goto loading_failed; + + Py_INCREF(module); + ret = PyModule_AddObject(super, "items", module); + if (ret != 0) goto loading_failed; + + result = true; + + result &= register_python_db_comment(module); + + if (result) + register_access_to_python_module("pychrysalide.analysis.db.items", module); + + loading_failed: + + assert(result); + + return result; + +} diff --git a/plugins/pychrysalide/analysis/db/items/module.h b/plugins/pychrysalide/analysis/db/items/module.h new file mode 100644 index 0000000..1382226 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/items/module.h @@ -0,0 +1,39 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.h - prototypes pour l'intégration du répertoire items en tant que module + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_ITEMS_MODULE_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_ITEMS_MODULE_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Ajoute le module 'items' au module Python. */ +bool add_analysis_db_items_module_to_python_module(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_ITEMS_MODULE_H */ diff --git a/plugins/pychrysalide/analysis/db/module.c b/plugins/pychrysalide/analysis/db/module.c new file mode 100644 index 0000000..1c4da25 --- /dev/null +++ b/plugins/pychrysalide/analysis/db/module.c @@ -0,0 +1,100 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.c - intégration du répertoire db en tant que module + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "module.h" + + +#include <assert.h> + + +#include "certs.h" +#include "collection.h" +#include "item.h" +#include "items/module.h" +#include "../../access.h" + + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Ajoute le module 'db' au module Python. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool add_analysis_db_module_to_python_module(PyObject *super) +{ + bool result; /* Bilan à retourner */ + PyObject *module; /* Sous-module mis en place */ + int ret; /* Bilan d'un appel */ + + static PyModuleDef py_chrysalide_db_module = { + + .m_base = PyModuleDef_HEAD_INIT, + + .m_name = "pychrysalide.analysis.db", + .m_doc = "Python module for Chrysalide.analysis.db", + + .m_size = -1, + + }; + + result = false; + + module = PyModule_Create(&py_chrysalide_db_module); + if (module == NULL) return false; + + ret = PyState_AddModule(super, &py_chrysalide_db_module); + if (ret != 0) goto loading_failed; + + ret = _PyImport_FixupBuiltin(module, "pychrysalide.analysis.db"); + if (ret != 0) goto loading_failed; + + Py_INCREF(module); + ret = PyModule_AddObject(super, "db", module); + if (ret != 0) goto loading_failed; + + result = true; + + result &= register_python_certs(module); + result &= register_python_db_collection(module); + result &= register_python_db_item(module); + + result &= add_analysis_db_items_module_to_python_module(module); + + if (result) + register_access_to_python_module("pychrysalide.analysis.db", module); + + loading_failed: + + assert(result); + + return result; + +} diff --git a/plugins/pychrysalide/analysis/db/module.h b/plugins/pychrysalide/analysis/db/module.h new file mode 100644 index 0000000..d545ecb --- /dev/null +++ b/plugins/pychrysalide/analysis/db/module.h @@ -0,0 +1,39 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.h - prototypes pour l'intégration du répertoire db en tant que module + * + * Copyright (C) 2014-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_MODULE_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_MODULE_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Ajoute le module 'db' au module Python. */ +bool add_analysis_db_module_to_python_module(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_DB_MODULE_H */ diff --git a/plugins/pychrysalide/analysis/loaded.c b/plugins/pychrysalide/analysis/loaded.c new file mode 100644 index 0000000..b38025a --- /dev/null +++ b/plugins/pychrysalide/analysis/loaded.c @@ -0,0 +1,146 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * loaded.c - prototypes pour l'équivalent Python du fichier "analysis/loaded.c" + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "loaded.h" + + +#include <assert.h> +#include <pygobject.h> + + +#include <i18n.h> + + +#include <analysis/loaded.h> + + + +/* Détermine le nombre de vues disponibles pour un contenu. */ +static PyObject *py_loaded_content_count_views(PyObject *, PyObject *); + + + +/****************************************************************************** +* * +* Paramètres : self = contenu chargé à manipuler. * +* args = non utilisé ici. * +* * +* Description : Détermine le nombre de vues disponibles pour un contenu. * +* * +* Retour : Quantité strictement positive. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_loaded_content_count_views(PyObject *self, PyObject *args) +{ + PyObject *result; /* Instance à retourner */ + GLoadedContent *content; /* Version GLib du format */ + size_t count; /* Quantité à retourner */ + + content = G_LOADED_CONTENT(pygobject_get(self)); + + count = g_loaded_content_count_views(content); + + result = PyLong_FromUnsignedLongLong(count); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_loaded_content_type(void) +{ + static PyMethodDef py_loaded_content_methods[] = { + { + "count_views", py_loaded_content_count_views, + METH_NOARGS, + "count_views($self, /)\n--\n\nCompute the quantity of available views." + }, + { NULL } + }; + + static PyGetSetDef py_loaded_content_getseters[] = { + { NULL } + }; + + static PyTypeObject py_loaded_content_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.LoadedContent", + .tp_basicsize = sizeof(PyObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + + .tp_doc = "PyChrysalide loaded content", + + .tp_methods = py_loaded_content_methods, + .tp_getset = py_loaded_content_getseters + + }; + + return &py_loaded_content_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.....LoadedContent'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_loaded_content(PyObject *module) +{ + PyTypeObject *py_loaded_content_type; /* Type Python 'LoadedContent' */ + PyObject *dict; /* Dictionnaire du module */ + + py_loaded_content_type = get_python_loaded_content_type(); + + dict = PyModule_GetDict(module); + pyg_register_interface(dict, "LoadedContent", G_TYPE_LOADED_CONTENT, py_loaded_content_type); + + return true; + +} diff --git a/plugins/pychrysalide/analysis/loaded.h b/plugins/pychrysalide/analysis/loaded.h new file mode 100644 index 0000000..8f9478b --- /dev/null +++ b/plugins/pychrysalide/analysis/loaded.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * loaded.h - prototypes pour l'équivalent Python du fichier "analysis/loaded.h" + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_LOADED_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_LOADED_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_loaded_content_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.LoadedContent'. */ +bool register_python_loaded_content(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_CONTENT_H */ diff --git a/plugins/pychrysalide/analysis/module.c b/plugins/pychrysalide/analysis/module.c new file mode 100644 index 0000000..f4a0f5b --- /dev/null +++ b/plugins/pychrysalide/analysis/module.c @@ -0,0 +1,107 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.c - intégration du répertoire analysis en tant que module + * + * Copyright (C) 2012-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "module.h" + + +#include <assert.h> + + +#include "binary.h" +#include "block.h" +#include "content.h" +#include "loaded.h" +#include "routine.h" +#include "contents/module.h" +#include "db/module.h" +#include "../access.h" + + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Ajoute le module 'analysis' au module Python. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool add_analysis_module_to_python_module(PyObject *super) +{ + bool result; /* Bilan à retourner */ + PyObject *module; /* Sous-module mis en place */ + int ret; /* Bilan d'un appel */ + + static PyModuleDef py_chrysalide_analysis_module = { + + .m_base = PyModuleDef_HEAD_INIT, + + .m_name = "pychrysalide.analysis", + .m_doc = "Python module for Chrysalide.analysis", + + .m_size = -1, + + }; + + result = false; + + module = PyModule_Create(&py_chrysalide_analysis_module); + if (module == NULL) return false; + + ret = PyState_AddModule(super, &py_chrysalide_analysis_module); + if (ret != 0) goto loading_failed; + + ret = _PyImport_FixupBuiltin(module, "pychrysalide.analysis"); + if (ret != 0) goto loading_failed; + + Py_INCREF(module); + ret = PyModule_AddObject(super, "analysis", module); + if (ret != 0) goto loading_failed; + + result = true; + + result &= register_python_loaded_content(module); + + result &= register_python_loaded_binary(module); + result &= register_python_instr_block(module); + //result &= register_python_binary_content(module); + result &= register_python_binary_routine(module); + + result &= add_analysis_contents_module_to_python_module(module); + result &= add_analysis_db_module_to_python_module(module); + + if (result) + register_access_to_python_module("pychrysalide.analysis", module); + + loading_failed: + + assert(result); + + return result; + +} diff --git a/plugins/pychrysalide/analysis/module.h b/plugins/pychrysalide/analysis/module.h new file mode 100644 index 0000000..310fc0c --- /dev/null +++ b/plugins/pychrysalide/analysis/module.h @@ -0,0 +1,39 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.h - prototypes pour l'intégration du répertoire analysis en tant que module + * + * Copyright (C) 2012-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_ANALYSIS_MODULE_H +#define _PLUGINS_PYCHRYSALIDE_ANALYSIS_MODULE_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Ajoute le module 'analysis' au module Python. */ +bool add_analysis_module_to_python_module(PyObject *); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_ANALYSIS_MODULE_H */ diff --git a/plugins/pychrysalide/analysis/routine.c b/plugins/pychrysalide/analysis/routine.c new file mode 100644 index 0000000..37f36a7 --- /dev/null +++ b/plugins/pychrysalide/analysis/routine.c @@ -0,0 +1,295 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * routine.c - équivalent Python du fichier "analysis/routine.c" + * + * Copyright (C) 2013-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "routine.h" + + +#include <string.h> +#include <pygobject.h> + + +#include <i18n.h> + + +#include <analysis/block.h> +#include <analysis/routine.h> + + +#include "block.h" +#include "../helpers.h" +#include "../format/symbol.h" + + + +/* Crée un nouvel objet Python de type 'BinRoutine'. */ +static PyObject *py_binary_routine_new(PyTypeObject *, PyObject *, PyObject *); + +/* Fournit le nom humain d'une routine. */ +static PyObject *py_binary_routine_get_name(PyObject *, void *); + +/* Définit le nom humain d'une routine. */ +static int py_binary_routine_set_name(PyObject *, PyObject *, void *); + +/* Fournit les blocs basiques de la routine. */ +static PyObject *py_binary_routine_get_basic_blocks(PyObject *, void *); + + + +/****************************************************************************** +* * +* Paramètres : type = type de l'objet à instancier. * +* args = arguments fournis à l'appel. * +* kwds = arguments de type key=val fournis. * +* * +* Description : Crée un nouvel objet Python de type 'BinaryRoutine'. * +* * +* Retour : Instance Python mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_routine_new(PyTypeObject *type, PyObject *args, PyObject *kwds) +{ + PyObject *result; /* Création à retourner */ + + result = pygobject_new(G_OBJECT(g_binary_routine_new())); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Fournit le nom humain d'une routine. * +* * +* Retour : Désignation humainement lisible ou None si non définie. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_routine_get_name(PyObject *self, void *closure) +{ + PyObject *result; /* Valeur à retourner */ + GBinRoutine *routine; /* Elément à consulter */ + const char *name; /* Désignation courante */ + + routine = G_BIN_ROUTINE(pygobject_get(self)); + name = g_binary_routine_get_name(routine); + + if (name != NULL) + result = PyUnicode_FromString(name); + else + { + result = Py_None; + Py_INCREF(result); + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* value = valeur fournie à intégrer ou prendre en compte. * +* closure = non utilisé ici. * +* * +* Description : Définit le nom humain d'une routine. * +* * +* Retour : Bilan de l'opération pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static int py_binary_routine_set_name(PyObject *self, PyObject *value, void *closure) +{ + GBinRoutine *routine; /* Elément à consulter */ + + if (!PyUnicode_Check(value) && value != Py_None) + { + PyErr_SetString(PyExc_TypeError, _("The attribute value must be a string.")); + return -1; + } + + routine = G_BIN_ROUTINE(pygobject_get(self)); + + if (!PyUnicode_Check(value)) + g_binary_routine_set_name(routine, strdup(PyUnicode_DATA(value))); + else + g_binary_routine_set_name(routine, NULL); + + return 0; + +} + + +/****************************************************************************** +* * +* Paramètres : self = classe représentant une routine binaire. * +* closure = adresse non utilisée ici. * +* * +* Description : Fournit les blocs basiques de la routine. * +* * +* Retour : Ensemble de blocs déterminés via les instructions. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_binary_routine_get_basic_blocks(PyObject *self, void *closure) +{ + PyObject *result; /* Eléments à retourner */ + GBinRoutine *routine; /* Version native */ + GBlockList *blocks; /* Blocs basiques de routine */ + + routine = G_BIN_ROUTINE(pygobject_get(self)); + blocks = g_binary_routine_get_basic_blocks(routine); + + result = pygobject_new(G_OBJECT(blocks)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* value = valeur fournie à intégrer ou prendre en compte. * +* closure = non utilisé ici. * +* * +* Description : Définit les blocs basiques de la routine. * +* * +* Retour : Bilan de l'opération pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static int py_binary_routine_set_basic_blocks(PyObject *self, PyObject *value, void *closure) +{ + GBinRoutine *routine; /* Elément à consulter */ + int ret; /* Bilan de lecture des args. */ + GBlockList *blocks; /* Blocs basiques à intégrer */ + + ret = PyObject_IsInstance(value, (PyObject *)get_python_instr_block_type()); + if (!ret) return -1; + + routine = G_BIN_ROUTINE(pygobject_get(self)); + blocks = G_BLOCK_LIST(pygobject_get(value)); + + g_binary_routine_set_basic_blocks(routine, blocks); + + return 0; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_binary_routine_type(void) +{ + static PyMethodDef py_binary_routine_methods[] = { + { NULL } + }; + + static PyGetSetDef py_binary_routine_getseters[] = { + { + "name", py_binary_routine_get_name, py_binary_routine_set_name, + "Name of the current routine.", NULL + }, + { + "basic_blocks", py_binary_routine_get_basic_blocks, py_binary_routine_set_basic_blocks, + "Basic blocks of the binary routine.", NULL + }, + { NULL } + }; + + static PyTypeObject py_binary_routine_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.analysis.BinRoutine", + + .tp_flags = Py_TPFLAGS_DEFAULT, + + .tp_doc = "PyChrysalide binary routine", + + .tp_methods = py_binary_routine_methods, + .tp_getset = py_binary_routine_getseters, + .tp_new = (newfunc)py_binary_routine_new + + }; + + return &py_binary_routine_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.analysis.BinRoutine'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_binary_routine(PyObject *module) +{ + PyTypeObject *py_binary_routine_type; /* Type Python 'BinRoutine' */ + PyObject *dict; /* Dictionnaire du module */ + + py_binary_routine_type = get_python_binary_routine_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_BIN_ROUTINE, + py_binary_routine_type, get_python_binary_symbol_type())) + return false; + + return true; + +} diff --git a/plugins/pychrysalide/analysis/routine.h b/plugins/pychrysalide/analysis/routine.h new file mode 100644 index 0000000..57ad7bc --- /dev/null +++ b/plugins/pychrysalide/analysis/routine.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * routine.h - prototypes pour l'équivalent Python du fichier "analysis/routine.h" + * + * Copyright (C) 2013-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYOIDA_ANALYSIS_ROUTINE_H +#define _PLUGINS_PYOIDA_ANALYSIS_ROUTINE_H + + +#include <Python.h> +#include <stdbool.h> + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_binary_routine_type(void); + +/* Prend en charge l'objet 'pychrysalide.analysis.BinRoutine'. */ +bool register_python_binary_routine(PyObject *); + + + +#endif /* _PLUGINS_PYOIDA_ANALYSIS_ROUTINE_H */ |