diff options
Diffstat (limited to 'src/analysis/scan/core.c')
-rw-r--r-- | src/analysis/scan/core.c | 385 |
1 files changed, 385 insertions, 0 deletions
diff --git a/src/analysis/scan/core.c b/src/analysis/scan/core.c new file mode 100644 index 0000000..2b4fd92 --- /dev/null +++ b/src/analysis/scan/core.c @@ -0,0 +1,385 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * core.c - enregistrement des fonctions principales + * + * Copyright (C) 2022 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "core.h" + + +#include <malloc.h> +#include <string.h> + + +#include "items/count.h" +#include "items/datasize.h" +#include "items/maxcommon.h" +#include "items/modpath.h" +#include "items/uint.h" +#include "items/console/log.h" +#ifdef INCLUDE_MAGIC_SUPPORT +# include "items/magic/type.h" +# include "items/magic/mime-encoding.h" +# include "items/magic/mime-type.h" +#endif +#include "items/math/to_string.h" +#include "items/string/lower.h" +#include "items/string/to_int.h" +#include "items/string/upper.h" +#include "items/string/wide.h" +#include "items/time/make.h" +#include "items/time/now.h" +#include "patterns/modifiers/hex.h" +#include "patterns/modifiers/lower.h" +#include "patterns/modifiers/plain.h" +#include "patterns/modifiers/rev.h" +#include "patterns/modifiers/upper.h" +#include "patterns/modifiers/wide.h" +#include "patterns/modifiers/xor.h" + + +/* Liste des modificateurs disponibles */ + +typedef struct _available_modifier_t +{ + sized_string_t name; /* Désignation humaine */ + GScanTokenModifier *instance; /* Mécanisme correspondant */ + +} available_modifier_t; + +static available_modifier_t *__modifiers = NULL; +static size_t __modifiers_count = 0; + + +/****************************************************************************** +* * +* Paramètres : modifier = modificateur à rendre disponible. * +* * +* Description : Inscrit un modificateur dans la liste des disponibles. * +* * +* Retour : Bilan des enregistrements effectués : true si nouveauté. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_scan_token_modifier(GScanTokenModifier *modifier) +{ + bool result; /* Bilan à retourner */ + sized_string_t name; /* Nom donné au modificateur */ + GScanTokenModifier *found; /* Alternative présente */ + available_modifier_t *last; /* Emplacement disponible */ + + name.data = g_scan_token_modifier_get_name(modifier); + name.len = strlen(name.data); + + found = find_scan_token_modifiers_for_name(&name); + + result = (found == NULL); + + if (!result) + exit_szstr(&name); + + else + { + __modifiers_count++; + __modifiers = realloc(__modifiers, __modifiers_count * sizeof(available_modifier_t)); + + last = &__modifiers[__modifiers_count - 1]; + + last->name = name; + last->instance = modifier; + + g_object_ref(G_OBJECT(modifier)); + + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Charge tous les modificateurs de base. * +* * +* Retour : Bilan des opérations d'enregistrement. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_all_known_scan_token_modifiers(void) +{ + bool result; /* Bilan à retourner */ + + result = true; + +#define REGISTER_SCAN_MODIFIER(m) \ + ({ \ + GScanTokenModifier *__mod; \ + bool __status; \ + __mod = m; \ + __status = register_scan_token_modifier(__mod); \ + g_object_unref(G_OBJECT(__mod)); \ + __status; \ + }) + + if (result) result = REGISTER_SCAN_MODIFIER(g_scan_hex_modifier_new()); + if (result) result = REGISTER_SCAN_MODIFIER(g_scan_lower_modifier_new()); + if (result) result = REGISTER_SCAN_MODIFIER(g_scan_plain_modifier_new()); + if (result) result = REGISTER_SCAN_MODIFIER(g_scan_reverse_modifier_new()); + if (result) result = REGISTER_SCAN_MODIFIER(g_scan_upper_modifier_new()); + if (result) result = REGISTER_SCAN_MODIFIER(g_scan_wide_modifier_new()); + if (result) result = REGISTER_SCAN_MODIFIER(g_scan_xor_modifier_new()); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : count = nombre de motificateurs exportés. [OUT] * +* * +* Description : Fournit la désignation de l'ensemble des modificateurs. * +* * +* Retour : Liste de modificateurs enregistrés. * +* * +* Remarques : - * +* * +******************************************************************************/ + +char **list_all_scan_token_modifiers(size_t *count) +{ + char **result; /* Liste à retourner */ + size_t i; /* Boucle de parcours */ + + result = malloc(__modifiers_count * sizeof(char *)); + + *count = __modifiers_count; + + for (i = 0; i < __modifiers_count; i++) + result[i] = strndup(__modifiers[i].name.data, __modifiers[i].name.len); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Décharge tous les modificateurs inscrits. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void unload_all_scan_token_modifiers(void) +{ + size_t i; /* Boucle de parcours */ + + for (i = 0; i < __modifiers_count; i++) + { + exit_szstr(&__modifiers[i].name); + g_object_unref(G_OBJECT(__modifiers[i].instance)); + } + + if (__modifiers != NULL) + free(__modifiers); + +} + + +/****************************************************************************** +* * +* Paramètres : name = désignation du modificateur recherché. * +* * +* Description : Fournit le modificateur correspondant à un nom. * +* * +* Retour : Instance du modificateur identifié ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GScanTokenModifier *find_scan_token_modifiers_for_name(const sized_string_t *name) +{ + GScanTokenModifier *result; /* Instance à renvoyer */ + size_t i; /* Boucle de parcours */ + available_modifier_t *registered; /* Infos d'enregistrement */ + + result = NULL; + + for (i = 0; i < __modifiers_count; i++) + { + registered = __modifiers + i; + + if (registered->name.len != name->len) + continue; + + if (strncmp(registered->name.data, name->data, name->len) == 0) + { + result = registered->instance; + g_object_ref(G_OBJECT(result)); + break; + } + + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : space = espace de noms à composer. * +* * +* Description : Inscrit les principales fonctions dans l'espace racine. * +* * +* Retour : Bilan des enregistrements effectués. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool populate_main_scan_namespace(GScanNamespace *space) +{ + bool result; /* Bilan à retourner */ + GScanNamespace *ns; /* Nouvel espace de noms */ + + result = true; + +#define REGISTER_FUNC(s, f) \ + ({ \ + GScanRegisteredItem *__item; \ + bool __result; \ + __item = f; \ + __result = g_scan_namespace_register_item(s, __item); \ + g_object_unref(G_OBJECT(__item)); \ + __result; \ + }) + + if (result) result = REGISTER_FUNC(space, g_scan_count_function_new()); + if (result) result = REGISTER_FUNC(space, g_scan_datasize_function_new()); + if (result) result = REGISTER_FUNC(space, g_scan_maxcommon_function_new()); + if (result) result = REGISTER_FUNC(space, g_scan_modpath_function_new()); + + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_8_BITS_SIGNED, SRE_LITTLE)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_8_BITS_UNSIGNED, SRE_LITTLE)); + + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_16_BITS_SIGNED, SRE_LITTLE)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_16_BITS_SIGNED, SRE_BIG)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_16_BITS_UNSIGNED, SRE_LITTLE)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_16_BITS_UNSIGNED, SRE_BIG)); + + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_32_BITS_SIGNED, SRE_LITTLE)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_32_BITS_SIGNED, SRE_BIG)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_32_BITS_UNSIGNED, SRE_LITTLE)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_32_BITS_UNSIGNED, SRE_BIG)); + + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_64_BITS_SIGNED, SRE_LITTLE)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_64_BITS_SIGNED, SRE_BIG)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_64_BITS_UNSIGNED, SRE_LITTLE)); + if (result) result = REGISTER_FUNC(space, g_scan_uint_function_new(MDS_64_BITS_UNSIGNED, SRE_BIG)); + + /* Console */ + + if (result) + { + ns = g_scan_namespace_new("console"); + result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns)); + + if (result) result = REGISTER_FUNC(ns, g_scan_console_log_function_new()); + + g_object_unref(G_OBJECT(ns)); + + } + + /* Magic */ + +#ifdef INCLUDE_MAGIC_SUPPORT + if (result) + { + ns = g_scan_namespace_new("magic"); + result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns)); + + if (result) result = REGISTER_FUNC(ns, g_scan_magic_type_function_new()); + if (result) result = REGISTER_FUNC(ns, g_scan_mime_encoding_function_new()); + if (result) result = REGISTER_FUNC(ns, g_scan_mime_type_function_new()); + + g_object_unref(G_OBJECT(ns)); + + } +#endif + + /* Math */ + + if (result) + { + ns = g_scan_namespace_new("math"); + result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns)); + + if (result) result = REGISTER_FUNC(ns, g_scan_math_to_string_function_new()); + + g_object_unref(G_OBJECT(ns)); + + } + + /* String */ + + if (result) + { + ns = g_scan_namespace_new("string"); + result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns)); + + if (result) result = REGISTER_FUNC(ns, g_scan_string_lower_function_new()); + if (result) result = REGISTER_FUNC(ns, g_scan_string_to_int_function_new()); + if (result) result = REGISTER_FUNC(ns, g_scan_string_upper_function_new()); + if (result) result = REGISTER_FUNC(ns, g_scan_string_wide_function_new()); + + g_object_unref(G_OBJECT(ns)); + + } + + /* Time */ + + if (result) + { + ns = g_scan_namespace_new("time"); + result = g_scan_namespace_register_item(space, G_SCAN_REGISTERED_ITEM(ns)); + + if (result) result = REGISTER_FUNC(ns, g_scan_time_make_function_new()); + if (result) result = REGISTER_FUNC(ns, g_scan_time_now_function_new()); + + g_object_unref(G_OBJECT(ns)); + + } + + return result; + +} |