diff options
Diffstat (limited to 'src/arch/dalvik/decomp')
-rw-r--r-- | src/arch/dalvik/decomp/Makefile.am | 24 | ||||
-rw-r--r-- | src/arch/dalvik/decomp/aget.c | 68 | ||||
-rw-r--r-- | src/arch/dalvik/decomp/aput.c | 68 | ||||
-rw-r--r-- | src/arch/dalvik/decomp/arithm.c | 242 | ||||
-rw-r--r-- | src/arch/dalvik/decomp/array.c | 74 | ||||
-rw-r--r-- | src/arch/dalvik/decomp/const.c | 62 | ||||
-rw-r--r-- | src/arch/dalvik/decomp/if.c | 95 | ||||
-rw-r--r-- | src/arch/dalvik/decomp/invoke.c | 158 | ||||
-rw-r--r-- | src/arch/dalvik/decomp/ret.c | 81 | ||||
-rw-r--r-- | src/arch/dalvik/decomp/translate.h | 68 |
10 files changed, 940 insertions, 0 deletions
diff --git a/src/arch/dalvik/decomp/Makefile.am b/src/arch/dalvik/decomp/Makefile.am new file mode 100644 index 0000000..fef68f6 --- /dev/null +++ b/src/arch/dalvik/decomp/Makefile.am @@ -0,0 +1,24 @@ + +noinst_LTLIBRARIES = libarchdalvikdecomp.la + +libarchdalvikdecomp_la_SOURCES = \ + aget.c \ + aput.c \ + arithm.c \ + array.c \ + const.c \ + if.c \ + invoke.c \ + ret.c \ + translate.h + +libarchdalvikdecomp_la_LIBADD = + +libarchdalvikdecomp_la_CFLAGS = $(AM_CFLAGS) + + +INCLUDES = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) + +AM_CPPFLAGS = + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/src/arch/dalvik/decomp/aget.c b/src/arch/dalvik/decomp/aget.c new file mode 100644 index 0000000..337d0fc --- /dev/null +++ b/src/arch/dalvik/decomp/aget.c @@ -0,0 +1,68 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * aget.c - décompilation des instructions manipulant des tableaux (chargement) + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "translate.h" + + +#include "../../../decomp/expr/array.h" +#include "../../../decomp/expr/assign.h" + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'aget'. * +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_aget(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *content; /* Contenu de cellule visé */ + GDecInstruction *array; /* Tableau accédé */ + GDecInstruction *index; /* Indice de cellule considérée*/ + GDecInstruction *access; /* Représentation de l'accès */ + + operand = g_arch_instruction_get_operand(instr, 0); + content = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 1); + array = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 2); + index = g_dec_context_convert_register(ctx, operand); + + access = g_array_access_new(G_DEC_EXPRESSION(array), G_DEC_EXPRESSION(index)); + result = g_assign_expression_new(G_DEC_EXPRESSION(content), G_DEC_EXPRESSION(access)); + + return result; + +} diff --git a/src/arch/dalvik/decomp/aput.c b/src/arch/dalvik/decomp/aput.c new file mode 100644 index 0000000..20e78bd --- /dev/null +++ b/src/arch/dalvik/decomp/aput.c @@ -0,0 +1,68 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * aput.c - décompilation des instructions manipulant des tableaux (enregistrement) + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "translate.h" + + +#include "../../../decomp/expr/array.h" +#include "../../../decomp/expr/assign.h" + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'aput'. * +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_aput(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *content; /* Contenu de cellule visé */ + GDecInstruction *array; /* Tableau accédé */ + GDecInstruction *index; /* Indice de cellule considérée*/ + GDecInstruction *access; /* Représentation de l'accès */ + + operand = g_arch_instruction_get_operand(instr, 0); + content = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 1); + array = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 2); + index = g_dec_context_convert_register(ctx, operand); + + access = g_array_access_new(G_DEC_EXPRESSION(array), G_DEC_EXPRESSION(index)); + result = g_assign_expression_new(G_DEC_EXPRESSION(access), G_DEC_EXPRESSION(content)); + + return result; + +} diff --git a/src/arch/dalvik/decomp/arithm.c b/src/arch/dalvik/decomp/arithm.c new file mode 100644 index 0000000..fc7134f --- /dev/null +++ b/src/arch/dalvik/decomp/arithm.c @@ -0,0 +1,242 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * arithm.c - décompilation des opérations arithmétiques + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "translate.h" + + +#include "../instruction.h" +#include "../../../decomp/expr/arithm.h" +#include "../../../decomp/expr/assign.h" +#include "../../../decomp/expr/immediate.h" + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'opérations arithmétiques'.* +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_arithm(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + ArithmOperationType type; /* Type d'opération menée */ + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *dest; /* Enregistrement du résultat */ + GDecInstruction *op1; /* Premier opérande utilisé */ + GDecInstruction *op2; /* Second opérande utilisé */ + GDecInstruction *arithm; /* Opération arithmétique */ + + switch (g_dalvik_instruction_get_opcode(G_DALVIK_INSTRUCTION(instr))) + { + case DOP_ADD_INT: + type = AOT_ADD; + break; + case DOP_SUB_INT: + type = AOT_SUB; + break; + case DOP_MUL_INT: + type = AOT_MUL; + break; + case DOP_DIV_INT: + type = AOT_DIV; + break; + case DOP_REM_INT: + type = AOT_REM; + break; + case DOP_AND_INT: + type = AOT_AND; + break; + case DOP_OR_INT: + type = AOT_OR; + break; + case DOP_XOR_INT: + type = AOT_XOR; + break; + default: + type = AOT_COUNT; + break; + } + + operand = g_arch_instruction_get_operand(instr, 0); + dest = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 1); + op1 = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 2); + op2 = g_dec_context_convert_register(ctx, operand); + + arithm = g_arithm_expression_new(G_DEC_EXPRESSION(op1), type, G_DEC_EXPRESSION(op2)); + result = g_assign_expression_new(G_DEC_EXPRESSION(dest), G_DEC_EXPRESSION(arithm)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'opérations arithmétiques'.* +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_arithm_2addr(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + ArithmOperationType type; /* Type d'opération menée */ + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *dest; /* Enregistrement du résultat */ + GDecInstruction *op1; /* Premier opérande utilisé */ + GDecInstruction *arithm; /* Opération arithmétique */ + + switch (g_dalvik_instruction_get_opcode(G_DALVIK_INSTRUCTION(instr))) + { + case DOP_ADD_INT_2ADDR: + type = AOT_ADD; + break; + case DOP_MUL_INT_2ADDR: + case DOP_MUL_DOUBLE_2ADDR: + type = AOT_MUL; + break; + case DOP_DIV_INT_2ADDR: + type = AOT_DIV; + break; + case DOP_REM_INT_2ADDR: + type = AOT_REM; + break; + case DOP_AND_INT_2ADDR: + type = AOT_AND; + break; + case DOP_OR_INT_2ADDR: + type = AOT_OR; + break; + case DOP_XOR_INT_2ADDR: + type = AOT_XOR; + break; + default: + type = AOT_COUNT; + break; + } + + operand = g_arch_instruction_get_operand(instr, 0); + dest = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 1); + op1 = g_dec_context_convert_register(ctx, operand); + + arithm = g_arithm_expression_new(G_DEC_EXPRESSION(dest), type, G_DEC_EXPRESSION(op1)); + result = g_assign_expression_new(G_DEC_EXPRESSION(dest), G_DEC_EXPRESSION(arithm)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'opérations arithmétiques'.* +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_arithm_lit(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + ArithmOperationType type; /* Type d'opération menée */ + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *dest; /* Enregistrement du résultat */ + GDecInstruction *op1; /* Premier opérande utilisé */ + GDecInstruction *op2; /* Second opérande utilisé */ + GDecInstruction *arithm; /* Opération arithmétique */ + + switch (g_dalvik_instruction_get_opcode(G_DALVIK_INSTRUCTION(instr))) + { + case DOP_ADD_INT_LIT8: + case DOP_ADD_INT_LIT16: + type = AOT_ADD; + break; + case DOP_MUL_INT_LIT8: + case DOP_MUL_INT_LIT16: + type = AOT_MUL; + break; + case DOP_DIV_INT_LIT8: + case DOP_DIV_INT_LIT16: + type = AOT_DIV; + break; + case DOP_REM_INT_LIT8: + case DOP_REM_INT_LIT16: + type = AOT_REM; + break; + case DOP_AND_INT_LIT8: + case DOP_AND_INT_LIT16: + type = AOT_AND; + break; + case DOP_OR_INT_LIT8: + case DOP_OR_INT_LIT16: + type = AOT_OR; + break; + case DOP_XOR_INT_LIT8: + case DOP_XOR_INT_LIT16: + type = AOT_XOR; + break; + default: + type = AOT_COUNT; + break; + } + + operand = g_arch_instruction_get_operand(instr, 0); + dest = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 1); + op1 = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 2); + op2 = g_imm_expression_new(G_IMM_OPERAND(operand)); + + arithm = g_arithm_expression_new(G_DEC_EXPRESSION(op1), type, G_DEC_EXPRESSION(op2)); + result = g_assign_expression_new(G_DEC_EXPRESSION(dest), G_DEC_EXPRESSION(arithm)); + + return result; + +} diff --git a/src/arch/dalvik/decomp/array.c b/src/arch/dalvik/decomp/array.c new file mode 100644 index 0000000..95f16f7 --- /dev/null +++ b/src/arch/dalvik/decomp/array.c @@ -0,0 +1,74 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * array.c - décompilation de l'opération récupérant la longueur d'un tableau + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "translate.h" + + +#include "../../../decomp/expr/assign.h" +#include "../../../decomp/expr/dalvik/array.h" + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'array-length'. * +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_array_length(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + + + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *reg; /* Pseudo-registre redéfini */ + GDecInstruction *len; /* Enregistrement de taille */ + + + result = NULL; + + + printf("PAssaage !\n"); + + + + operand = g_arch_instruction_get_operand(instr, 1); + reg = g_dec_context_convert_register(ctx, operand); + len = g_dalvik_alength_new(G_DEC_EXPRESSION(reg)); + + operand = g_arch_instruction_get_operand(instr, 0); + reg = g_dec_context_convert_register(ctx, operand); + + + result = g_assign_expression_new(G_DEC_EXPRESSION(reg), G_DEC_EXPRESSION(len)); + + return result; + +} diff --git a/src/arch/dalvik/decomp/const.c b/src/arch/dalvik/decomp/const.c new file mode 100644 index 0000000..072c987 --- /dev/null +++ b/src/arch/dalvik/decomp/const.c @@ -0,0 +1,62 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * const.c - décompilation des chargements de constantes + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "translate.h" + + +#include "../../../decomp/expr/assign.h" +#include "../../../decomp/expr/immediate.h" + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'const'. * +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_const(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *reg; /* Pseudo-registre redéfini */ + GDecInstruction *imm; /* Valeur immédiate décompilée */ + + operand = g_arch_instruction_get_operand(instr, 0); + reg = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 1); + imm = g_imm_expression_new(G_IMM_OPERAND(operand)); + + result = g_assign_expression_new(G_DEC_EXPRESSION(reg), G_DEC_EXPRESSION(imm)); + + return result; + +} diff --git a/src/arch/dalvik/decomp/if.c b/src/arch/dalvik/decomp/if.c new file mode 100644 index 0000000..39d1cb5 --- /dev/null +++ b/src/arch/dalvik/decomp/if.c @@ -0,0 +1,95 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * array.c - décompilation des branchements conditionnels + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "translate.h" + + +#include "../instruction.h" +#include "../../../decomp/expr/cond.h" +#include "../../../decomp/instr/ite.h" + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de comparaison d'opérandes. * +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_if(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + CompSignType sign; /* Type d'opération menée */ + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *op1; /* Premier opérande utilisé */ + GDecInstruction *op2; /* Second opérande utilisé */ + vmpa_t jmp; /* Adresse de saut */ + GDecInstruction *cond; /* Comparaison à restituer */ + + switch (g_dalvik_instruction_get_opcode(G_DALVIK_INSTRUCTION(instr))) + { + case DOP_IF_EQ: + sign = CST_EQ; + break; + case DOP_IF_NE: + sign = CST_NE; + break; + case DOP_IF_LT: + sign = CST_LT; + break; + case DOP_IF_GE: + sign = CST_GE; + break; + case DOP_IF_GT: + sign = CST_GT; + break; + case DOP_IF_LE: + sign = CST_LE; + break; + default: + sign = CST_COUNT; + break; + } + + operand = g_arch_instruction_get_operand(instr, 0); + op1 = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 1); + op2 = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 2); + jmp = 0x1234ull;/*g_dec_context_convert_register(ctx, operand);*/ + + cond = g_cond_expression_new(G_DEC_EXPRESSION(op1), sign, G_DEC_EXPRESSION(op2)); + result = g_ite_instruction_new(G_DEC_EXPRESSION(cond), jmp, jmp); + + return result; + +} diff --git a/src/arch/dalvik/decomp/invoke.c b/src/arch/dalvik/decomp/invoke.c new file mode 100644 index 0000000..6a542f3 --- /dev/null +++ b/src/arch/dalvik/decomp/invoke.c @@ -0,0 +1,158 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * invoke.c - décompilation des appels de méthode + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "translate.h" + + +#include "../instruction.h" +#include "../operand.h" +#include "../../../decomp/expr/assign.h" +#include "../../../decomp/expr/call.h" +#include "../../../format/dex/pool.h" + + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'invoke-virtual'. * +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_invoke_virtual(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + + + size_t count; /* Quantité d'opérandes */ + GArchOperand *op; /* Opérande de l'instruction */ + uint32_t index; /* Indice de l'élément visé */ + GDexFormat *format; /* Accès aux constantes */ + GBinRoutine *routine; /* Routine visée par l'appel */ + + const char *string; /* Chaîne à afficher */ + GOpenidaType *type; /* Type quelconque */ + char *tmp; /* Chaîne à afficher & libérer */ + + + + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *reg; /* Pseudo-registre redéfini */ + GDecInstruction *imm; /* Valeur immédiate décompilée */ + + GArchInstruction *iter; /* Boucle de parcours */ + vmpa_t max; /* Limite à ne pas dépasser */ + + + result = NULL; + + + printf("PAssaage !\n"); + + + + + + + /* Récupération de la méthode */ + + count = g_arch_instruction_count_operands(instr); + op = g_arch_instruction_get_operand(instr, count - 1); + + index = g_dalvik_pool_operand_get_index(G_DALVIK_POOL_OPERAND(op)); + + printf("POOL ?? %d -> %d\n", G_IS_DALVIK_POOL_OPERAND(op), index); + + format = G_DEX_FORMAT(g_object_get_data(G_OBJECT(ctx), "format")); + routine = get_routine_from_dex_pool(format, index); + if (routine == NULL) return NULL; + + +#if 0 + if (operand->cache.method == NULL) + g_content_exporter_insert_into_buffer(exporter, buffer, BLC_ASSEMBLY, + "<bad_method_index>", 18, RTT_VAR_NAME); + + else + { + tmp = g_binary_routine_to_string(operand->cache.method); + + g_content_exporter_insert_into_buffer(exporter, buffer, BLC_ASSEMBLY, + tmp, strlen(tmp), RTT_VAR_NAME); + + free(tmp); + + +#endif + + result = g_routine_call_new(routine, true); + + //GDecInstruction *g_routine_call_new(GBinRoutine *routine, bool is_object) + /* + operand = g_arch_instruction_get_operand(instr, 1); + reg = g_dec_context_convert_register(ctx, operand); + + operand = g_arch_instruction_get_operand(instr, 1); + imm = g_imm_expression_new(G_IMM_OPERAND(operand)); + + result = g_assign_expression_new(G_DEC_EXPRESSION(reg), G_DEC_EXPRESSION(imm)); + */ + + + + + + /* Récupération d'un résultat ? */ + + iter = instr; + max = g_dec_context_get_max_address(ctx); + + iter = g_arch_instruction_get_next_iter(instr, iter, max); + + if (iter != NULL) + switch (g_dalvik_instruction_get_opcode(G_DALVIK_INSTRUCTION(iter))) + { + case DOP_MOVE_RESULT: + + operand = g_arch_instruction_get_operand(iter, 0); + reg = g_dec_context_convert_register(ctx, operand); + + result = g_assign_expression_new(G_DEC_EXPRESSION(reg), G_DEC_EXPRESSION(result)); + + break; + + default: + break; + + } + + return result; + +} diff --git a/src/arch/dalvik/decomp/ret.c b/src/arch/dalvik/decomp/ret.c new file mode 100644 index 0000000..529a9b5 --- /dev/null +++ b/src/arch/dalvik/decomp/ret.c @@ -0,0 +1,81 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * ret.c - décompilation des ordres de retour + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "translate.h" + + +#include "../../../decomp/expr/return.h" + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'return'. * +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_return(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + GArchOperand *operand; /* Opérande de l'instruction */ + GDecInstruction *reg; /* Pseudo-registre redéfini */ + + operand = g_arch_instruction_get_operand(instr, 0); + reg = g_dec_context_convert_register(ctx, operand); + + result = g_return_expression_new(G_DEC_EXPRESSION(reg)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : instr = instruction d'origine à convertir. * +* ctx = contexte de la phase de décompilation. * +* * +* Description : Décompile une instruction de type 'return-void'. * +* * +* Retour : Instruction mise en place ou NULL. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GDecInstruction *dalvik_decomp_instr_return_void(const GArchInstruction *instr, GDecContext *ctx) +{ + GDecInstruction *result; /* Instruction à retourner */ + + result = g_return_expression_new(NULL); + + return result; + +} diff --git a/src/arch/dalvik/decomp/translate.h b/src/arch/dalvik/decomp/translate.h new file mode 100644 index 0000000..482ba55 --- /dev/null +++ b/src/arch/dalvik/decomp/translate.h @@ -0,0 +1,68 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * translate.h - prototypes pour les environnements de traduction d'instructions Dalvik + * + * Copyright (C) 2010 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _ANALYSIS_DECOMP_RTL_DALVIK_TRANSLATE_H +#define _ANALYSIS_DECOMP_RTL_DALVIK_TRANSLATE_H + + +#include "../../translate.h" + + + +/* Décompile une instruction de type 'aget'. */ +GDecInstruction *dalvik_decomp_instr_aget(const GArchInstruction *, GDecContext *); + +/* Décompile une instruction de type 'aput'. */ +GDecInstruction *dalvik_decomp_instr_aput(const GArchInstruction *, GDecContext *); + +/* Décompile une instruction de type 'array-length'. */ +GDecInstruction *dalvik_decomp_instr_array_length(const GArchInstruction *, GDecContext *); + +/* Décompile une instruction de type 'const'. */ +GDecInstruction *dalvik_decomp_instr_const(const GArchInstruction *, GDecContext *); + +/* Décompile une instruction de type 'invoke-virtual'. */ +GDecInstruction *dalvik_decomp_instr_invoke_virtual(const GArchInstruction *, GDecContext *); + +/* Décompile une instruction de type 'return'. */ +GDecInstruction *dalvik_decomp_instr_return(const GArchInstruction *, GDecContext *); + +/* Décompile une instruction de type 'return-void'. */ +GDecInstruction *dalvik_decomp_instr_return_void(const GArchInstruction *, GDecContext *); + + +/* Décompile une instruction de type 'opérations arithmétiques'. */ +GDecInstruction *dalvik_decomp_instr_arithm(const GArchInstruction *, GDecContext *); + +/* Décompile une instruction de type 'opérations arithmétiques'. */ +GDecInstruction *dalvik_decomp_instr_arithm_2addr(const GArchInstruction *, GDecContext *); + +/* Décompile une instruction de type 'opérations arithmétiques'. */ +GDecInstruction *dalvik_decomp_instr_arithm_lit(const GArchInstruction *, GDecContext *); + +/* Décompile une instruction de comparaison d'opérandes. */ +GDecInstruction *dalvik_decomp_instr_if(const GArchInstruction *, GDecContext *); + + + +#endif /* _ANALYSIS_DECOMP_RTL_DALVIK_TRANSLATE_H */ |