summaryrefslogtreecommitdiff
path: root/plugins/pychrysalide/format/executable.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/pychrysalide/format/executable.c')
-rw-r--r--plugins/pychrysalide/format/executable.c392
1 files changed, 351 insertions, 41 deletions
diff --git a/plugins/pychrysalide/format/executable.c b/plugins/pychrysalide/format/executable.c
index d886e9a..7d05578 100644
--- a/plugins/pychrysalide/format/executable.c
+++ b/plugins/pychrysalide/format/executable.c
@@ -36,9 +36,10 @@
#include "program.h"
#include "../access.h"
#include "../helpers.h"
+#include "../analysis/content.h"
//#include "../arch/processor.h"
-//#include "../arch/vmpa.h"
-//#include "../glibext/binportion.h"
+#include "../arch/vmpa.h"
+#include "../glibext/portion.h"
@@ -56,23 +57,35 @@ static int py_executable_format_init(PyObject *, PyObject *, PyObject *);
/* Indique le type d'architecture visée par le format. */
static char *py_executable_format_get_target_machine_wrapper(const GExecutableFormat *);
+/* Fournit l'adresse principale associée à un format. */
+static bool py_executable_format_get_main_address_wrapper(GExecutableFormat *, vmpa2t *);
+
+/* Etend la définition des portions au sein d'un binaire. */
+static bool py_executable_format_refine_portions_wrapper(GExecutableFormat *);
+
/* ------------------------ DECLARATION DE FORMAT EXECUTABLE ------------------------ */
-/* Enregistre une portion artificielle pour le format. */
-//static PyObject *py_executable_format_register_user_portion(PyObject *, PyObject *);
+/* Procède à l'enregistrement d'une portion dans un format. */
+static PyObject *py_executable_format_include_portion(PyObject *, PyObject *);
/* Fournit l'emplacement correspondant à une position physique. */
-//static PyObject *py_executable_format_translate_offset_into_vmpa(PyObject *, PyObject *);
+static PyObject *py_executable_format_translate_offset_into_vmpa(PyObject *, PyObject *);
/* Fournit l'emplacement correspondant à une adresse virtuelle. */
-//static PyObject *py_executable_format_translate_address_into_vmpa(PyObject *, PyObject *);
+static PyObject *py_executable_format_translate_address_into_vmpa(PyObject *, PyObject *);
/* Indique le type d'architecture visée par le format. */
static PyObject *py_executable_format_get_target_machine(PyObject *, void *);
+/* Fournit l'adresse principale associée à un format. */
+static PyObject *py_executable_format_get_main_address(PyObject *, void *);
+
+/* Indique le type d'architecture visée par le format. */
+static PyObject *py_executable_format_get_portions(PyObject *, void *);
+
/* ---------------------------------------------------------------------------------- */
@@ -97,6 +110,9 @@ static void py_executable_format_init_gclass(GExecutableFormatClass *class, gpoi
{
class->get_machine = py_executable_format_get_target_machine_wrapper;
+ class->get_main_addr = py_executable_format_get_main_address_wrapper;
+ class->refine_portions = py_executable_format_refine_portions_wrapper;
+
}
@@ -116,24 +132,42 @@ static void py_executable_format_init_gclass(GExecutableFormatClass *class, gpoi
static int py_executable_format_init(PyObject *self, PyObject *args, PyObject *kwds)
{
+ GBinContent *content; /* Contenu à intégrer au format*/
int ret; /* Bilan de lecture des args. */
+ GExecutableFormat *format; /* Format à manipuler */
#define EXECUTABLE_FORMAT_DOC \
"The ExecutableFormat class provides support for formats containing"\
" code to run.\n" \
"\n" \
- "The following method has to be defined for new classes:\n" \
+ "The following methods have to be defined for new classes:\n" \
"* pychrysalide.format.ExecutableFormat._get_target_machine();\n" \
+ "* pychrysalide.format.ExecutableFormat._get_main_address().\n" \
"\n" \
+ "The following method may be defined for new classes:\n" \
+ "* pychrysalide.format.ExecutableFormat._refine_portions().\n" \
"\n" \
"Calls to the *__init__* constructor of this abstract object expect"\
- " no particular argument."
+ " only one argument: a binary content, provided as a" \
+ " pychrysalide.analysis.BinContent instance."
+
+ /* Récupération des paramètres */
+
+ ret = PyArg_ParseTuple(args, "O&", convert_to_binary_content, &content);
+ if (!ret) return -1;
/* Initialisation d'un objet GLib */
ret = forward_pygobjet_init(self);
if (ret == -1) return -1;
+ /* Eléments de base */
+
+ format = G_EXECUTABLE_FORMAT(pygobject_get(self));
+
+ if (!g_executable_format_create(format, content))
+ return -1;
+
return 0;
}
@@ -203,41 +237,221 @@ static char *py_executable_format_get_target_machine_wrapper(const GExecutableFo
}
+/******************************************************************************
+* *
+* Paramètres : format = description de l'exécutable à consulter. *
+* addr = adresse principale trouvée si possible. [OUT] *
+* *
+* Description : Fournit l'adresse principale associée à un format. *
+* *
+* Retour : Validité de l'adresse transmise. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool py_executable_format_get_main_address_wrapper(GExecutableFormat *format, vmpa2t *addr)
+{
+ bool result; /* Bilan à retourner */
+ PyGILState_STATE gstate; /* Sauvegarde d'environnement */
+ PyObject *pyobj; /* Objet Python concerné */
+ PyObject *pyret; /* Valeur retournée */
+ vmpa2t *tmp; /* Zone de stockage Python */
+ int ret; /* Bilan d'une conversion */
+
+#define EXECUTABLE_FORMAT_GET_MAIN_ADDRESS_WRAPPER PYTHON_WRAPPER_DEF \
+( \
+ _get_main_address, "$self", \
+ METH_NOARGS, \
+ "Abstract method used to provide the main address of code for" \
+ " the executable format.\n" \
+ "\n" \
+ "The return value has to be a pychrysalide.arch.vmpa instance or" \
+ " *None* in case of failure." \
+ )
+
+ result = false;
+
+ gstate = PyGILState_Ensure();
+
+ pyobj = pygobject_new(G_OBJECT(format));
+
+ if (has_python_method(pyobj, "_get_main_address"))
+ {
+ pyret = run_python_method(pyobj, "_get_main_address", NULL);
+
+ if (pyret != NULL)
+ {
+ if (pyret == Py_None)
+ {
+ init_vmpa(addr, VMPA_NO_PHYSICAL, VMPA_NO_VIRTUAL);
+ result = true;
+ }
+
+ else
+ {
+ ret = convert_any_to_vmpa(pyret, &tmp);
+
+ result = (ret == 1 || ret == Py_CLEANUP_SUPPORTED);
+
+ if (result)
+ {
+ copy_vmpa(addr, tmp);
+
+ if (ret == Py_CLEANUP_SUPPORTED)
+ clean_vmpa_arg(tmp);
+
+ }
+
+ else
+ {
+ /**
+ * L'erreur Python peut être effacée.
+ *
+ * Elle sera remontée :
+ * - au code C via le retour (false) :
+ * - à Python lors de l'accès à la propriétée.
+ */
+ PyErr_Clear();
+
+ }
+
+ }
+
+ Py_DECREF(pyret);
+
+ }
+
+ }
+
+ Py_DECREF(pyobj);
+
+ PyGILState_Release(gstate);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : format = informations chargées à consulter. *
+* *
+* Description : Etend la définition des portions au sein d'un binaire. *
+* *
+* Retour : Bilan des définitions de portions. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static bool py_executable_format_refine_portions_wrapper(GExecutableFormat *format)
+{
+ bool result; /* Bilan à retourner */
+ PyGILState_STATE gstate; /* Sauvegarde d'environnement */
+ PyObject *pyobj; /* Objet Python concerné */
+ PyObject *pyret; /* Valeur retournée */
+
+#define EXECUTABLE_FORMAT_REFINE_PORTIONS_WRAPPER PYTHON_WRAPPER_DEF \
+( \
+ _refine_portions, "$self", \
+ METH_NOARGS, \
+ "Abstract method used to extend the definition of the format" \
+ " with binary portions.\n" \
+ "\n" \
+ "Extra portions should be included with calls to" \
+ " pychrysalide.format.ExecutableFormat.include_portion().\n" \
+ "\n" \
+ "The return value has to be a boolean value: *True* in case of" \
+ " success, *False* in case of failure." \
+)
+
+ result = true;
+
+ gstate = PyGILState_Ensure();
+
+ pyobj = pygobject_new(G_OBJECT(format));
+
+ if (has_python_method(pyobj, "_refine_portions"))
+ {
+ pyret = run_python_method(pyobj, "_refine_portions", NULL);
+
+ if (pyret != NULL)
+ {
+ result = (pyret == Py_True);
+ Py_DECREF(pyret);
+ }
+
+ }
+
+ Py_DECREF(pyobj);
+
+ PyGILState_Release(gstate);
+
+ return result;
+
+}
+
+
/* ---------------------------------------------------------------------------------- */
/* DECLARATION DE FORMAT EXECUTABLE */
/* ---------------------------------------------------------------------------------- */
-#if 0
/******************************************************************************
* *
* Paramètres : self = description de l'exécutable à consulter. *
* args = arguments accompagnant l'appel. *
* *
-* Description : Enregistre une portion artificielle pour le format. *
+* Description : Procède à l'enregistrement d'une portion dans un format. *
* *
-* Retour : - *
+* Retour : Bilan de l'opération : True si inclusion, False sinon. *
* *
* Remarques : - *
* *
******************************************************************************/
-static PyObject *py_executable_format_register_user_portion(PyObject *self, PyObject *args)
+static PyObject *py_executable_format_include_portion(PyObject *self, PyObject *args)
{
- GBinPortion *portion; /* Portion binaire à conserver */
+ PyObject *result; /* Bilan à retourner */
+ GBinaryPortion *portion; /* Portion binaire à conserver */
+ vmpa2t *origin; /* Source de l'inclusion */
int ret; /* Bilan de lecture des args. */
GExecutableFormat *format; /* Version GLib du format */
+ bool status; /* Bilan de l'inclusion */
+
+#define EXECUTABLE_FORMAT_INCLUDE_PORTION_METHOD PYTHON_METHOD_DEF \
+( \
+ include_portion, "$self, portion, /, origin=None", \
+ METH_VARARGS, py_executable_format, \
+ "Register a new portion inside the content of an executable format.\n" \
+ "\n" \
+ "The *portion* argument is a pychrysalide.glibext.BinaryPortion" \
+ " instance. The optional *origin* arguement specifies the source of the"\
+ " operation, as a pychrysalide.arch.vmpa definition, which may be used" \
+ " for tracking errors.\n" \
+ "\n" \
+ "The return value is a boolean value: *True* in case of success," \
+ " *False* in case of failure." \
+)
+
+ origin = NULL;
- ret = PyArg_ParseTuple(args, "O&", convert_to_binary_portion, &portion);
+ ret = PyArg_ParseTuple(args, "O&|O&", convert_to_binary_portion, &portion, convert_any_to_vmpa, &origin);
if (!ret) return NULL;
format = G_EXECUTABLE_FORMAT(pygobject_get(self));
- g_object_ref(G_OBJECT(portion));
- g_exe_format_register_user_portion(format, portion);
+ status = g_executable_format_include_portion(format, portion, origin);
+
+ result = status ? Py_True : Py_False;
+ Py_INCREF(result);
- Py_RETURN_NONE;
+ if (origin != NULL)
+ clean_vmpa_arg(origin);
+
+ return result;
}
@@ -264,13 +478,24 @@ static PyObject *py_executable_format_translate_offset_into_vmpa(PyObject *self,
vmpa2t pos; /* Position complète déterminée*/
bool status; /* Bilan de l'opération */
- format = G_EXECUTABLE_FORMAT(pygobject_get(self));
- assert(format != NULL);
+#define EXECUTABLE_FORMAT_TRANSLATE_OFFSET_INTO_VMPA_METHOD PYTHON_METHOD_DEF \
+( \
+ translate_offset_into_vmpa, "$self, addr", \
+ METH_VARARGS, py_executable_format, \
+ "Translate a physical offset to a full location.\n" \
+ "\n" \
+ "The *off* argument is a physical offset provided as an integer value.\n" \
+ "\n" \
+ "The returned position is a pychrysalide.arch.vmpa instance or *None* in" \
+ " case of failure." \
+)
ret = PyArg_ParseTuple(args, "K", &off);
if (!ret) return NULL;
- status = g_exe_format_translate_offset_into_vmpa(format, off, &pos);
+ format = G_EXECUTABLE_FORMAT(pygobject_get(self));
+
+ status = g_executable_format_translate_offset_into_vmpa(format, off, &pos);
if (status)
result = build_from_internal_vmpa(&pos);
@@ -308,13 +533,24 @@ static PyObject *py_executable_format_translate_address_into_vmpa(PyObject *self
vmpa2t pos; /* Position complète déterminée*/
bool status; /* Bilan de l'opération */
- format = G_EXECUTABLE_FORMAT(pygobject_get(self));
- assert(format != NULL);
+#define EXECUTABLE_FORMAT_TRANSLATE_ADDRESS_INTO_VMPA_METHOD PYTHON_METHOD_DEF \
+( \
+ translate_address_into_vmpa, "$self, addr", \
+ METH_VARARGS, py_executable_format, \
+ "Translate a virtual address to a full location.\n" \
+ "\n" \
+ "The *addr* argument is a virtual address provided as an integer value.\n" \
+ "\n" \
+ "The returned position is a pychrysalide.arch.vmpa instance or *None* in" \
+ " case of failure." \
+)
ret = PyArg_ParseTuple(args, "K", &addr);
if (!ret) return NULL;
- status = g_exe_format_translate_address_into_vmpa(format, addr, &pos);
+ format = G_EXECUTABLE_FORMAT(pygobject_get(self));
+
+ status = g_executable_format_translate_address_into_vmpa(format, addr, &pos);
if (status)
result = build_from_internal_vmpa(&pos);
@@ -328,7 +564,6 @@ static PyObject *py_executable_format_translate_address_into_vmpa(PyObject *self
return result;
}
-#endif
/******************************************************************************
@@ -382,6 +617,91 @@ static PyObject *py_executable_format_get_target_machine(PyObject *self, void *c
/******************************************************************************
* *
+* Paramètres : self = objet Python concerné par l'appel. *
+* closure = non utilisé ici. *
+* *
+* Description : Fournit l'adresse principale associée à un format. *
+* *
+* Retour : Validité de l'adresse transmise. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_executable_format_get_main_address(PyObject *self, void *closure)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ GExecutableFormat *format; /* Format exécutable manipulé */
+ vmpa2t addr; /* Point d'entrée principal */
+ bool status; /* Validité de l'adresse */
+
+#define EXECUTABLE_FORMAT_MAIN_ADDRESS_ATTRIB PYTHON_GET_DEF_FULL \
+( \
+ main_address, py_executable_format, \
+ "Main address of code for the executable format.\n" \
+ "\n" \
+ "This property provide a pychrysalide.arch.vmpa instance or" \
+ " *None* in case of failure." \
+)
+
+ format = G_EXECUTABLE_FORMAT(pygobject_get(self));
+
+ status = g_executable_format_get_main_address(format, &addr);
+
+ if (status)
+ result = build_from_internal_vmpa(&addr);
+
+ else
+ {
+ PyErr_SetString(PyExc_AttributeError, _("unable to define a value for the main address"));
+ result = NULL;
+ }
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
+* Paramètres : self = objet Python concerné par l'appel. *
+* closure = non utilisé ici. *
+* *
+* Description : Indique le type d'architecture visée par le format. *
+* *
+* Retour : Identifiant de l'architecture ciblée par le format. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+static PyObject *py_executable_format_get_portions(PyObject *self, void *closure)
+{
+ PyObject *result; /* Trouvailles à retourner */
+ GExecutableFormat *format; /* Format exécutable manipulé */
+ GBinaryPortion *portions; /* Portion principale du format*/
+
+#define EXECUTABLE_FORMAT_PORTIONS_ATTRIB PYTHON_GET_DEF_FULL \
+( \
+ portions, py_executable_format, \
+ "Root portion of the executable format, provided as a" \
+ " pychrysalide.glibext.BinaryPortion instance." \
+)
+
+ format = G_EXECUTABLE_FORMAT(pygobject_get(self));
+
+ portions = g_executable_format_get_portions(format);
+
+ result = pygobject_new(G_OBJECT(portions));
+ unref_object(portions);
+
+ return result;
+
+}
+
+
+/******************************************************************************
+* *
* Paramètres : - *
* *
* Description : Fournit un accès à une définition de type à diffuser. *
@@ -396,28 +716,18 @@ PyTypeObject *get_python_executable_format_type(void)
{
static PyMethodDef py_executable_format_methods[] = {
EXECUTABLE_FORMAT_GET_TARGET_MACHINE_WRAPPER,
-#if 0
- {
- "register_user_portion", py_executable_format_register_user_portion,
- METH_VARARGS,
- "register_user_portion($self, portion, /)\n--\n\nRemember a given user-defined binary portion as part of the executable format content."
- },
- {
- "translate_offset_into_vmpa", py_executable_format_translate_offset_into_vmpa,
- METH_VARARGS,
- "translate_offset_into_vmpa($self, off, /)\n--\n\nTranslate a physical offset to a full location."
- },
- {
- "translate_address_into_vmpa", py_executable_format_translate_address_into_vmpa,
- METH_VARARGS,
- "translate_address_into_vmpa($self, addr, /)\n--\n\nTranslate a physical offset to a full location."
- },
-#endif
+ EXECUTABLE_FORMAT_GET_MAIN_ADDRESS_WRAPPER,
+ EXECUTABLE_FORMAT_REFINE_PORTIONS_WRAPPER,
+ EXECUTABLE_FORMAT_INCLUDE_PORTION_METHOD,
+ EXECUTABLE_FORMAT_TRANSLATE_OFFSET_INTO_VMPA_METHOD,
+ EXECUTABLE_FORMAT_TRANSLATE_ADDRESS_INTO_VMPA_METHOD,
{ NULL }
};
static PyGetSetDef py_executable_format_getseters[] = {
EXECUTABLE_FORMAT_TARGET_MACHINE_ATTRIB,
+ EXECUTABLE_FORMAT_MAIN_ADDRESS_ATTRIB,
+ EXECUTABLE_FORMAT_PORTIONS_ATTRIB,
{ NULL }
};
generated by cgit v0.11.2-87-g4458 at 2024-12-27 11:27:49 (GMT)