diff options
Diffstat (limited to 'src/arch')
40 files changed, 618 insertions, 571 deletions
diff --git a/src/arch/Makefile.am b/src/arch/Makefile.am index 204ffbd..82d63c9 100644 --- a/src/arch/Makefile.am +++ b/src/arch/Makefile.am @@ -11,6 +11,7 @@ libarch_la_SOURCES = \ link.h link.c \ operand-int.h \ operand.h operand.c \ + post.h post.c \ processor-int.h \ processor.h processor.c \ raw.h raw.c \ diff --git a/src/arch/arm/v7/fetch.c b/src/arch/arm/v7/fetch.c index 33a9e92..6ca98ca 100644 --- a/src/arch/arm/v7/fetch.c +++ b/src/arch/arm/v7/fetch.c @@ -1,6 +1,6 @@ /* Chrysalide - Outil d'analyse de fichiers binaires - * fetch.c - traitements complémentaires à la phase de désassemblage + * fetch.c - ajouts de sauts à traiter durant la phase de désassemblage * * Copyright (C) 2014 Cyrille Bagard * diff --git a/src/arch/arm/v7/fetch.h b/src/arch/arm/v7/fetch.h index af42f2e..1b253ed 100644 --- a/src/arch/arm/v7/fetch.h +++ b/src/arch/arm/v7/fetch.h @@ -1,6 +1,6 @@ /* Chrysalide - Outil d'analyse de fichiers binaires - * fetch.h - prototypes pour l'édition des liens durant la phase de désassemblage + * fetch.h - prototypes pour les ajouts de sauts à traiter durant la phase de désassemblage * * Copyright (C) 2014 Cyrille Bagard * diff --git a/src/arch/arm/v7/post.c b/src/arch/arm/v7/post.c index 0692cea..929d166 100644 --- a/src/arch/arm/v7/post.c +++ b/src/arch/arm/v7/post.c @@ -43,220 +43,6 @@ * * ******************************************************************************/ -void post_process_branch_instructions(GArchInstruction *instr, GArchProcessor *proc, GProcContext *context, GBinFormat *format) -{ - GArchOperand *op; /* Opérande numérique en place */ - uint32_t addr; /* Adresse visée par le saut */ - GArchOperand *new; /* Instruction de ciblage */ - vmpa2t target; - mrange_t trange; /* Etendue du symbole à créer */ - VMPA_BUFFER(loc); - char name[5 + VMPA_MAX_LEN]; - GBinRoutine *routine; /* Nouvelle routine trouvée */ - GBinSymbol *symbol; /* Nouveau symbole construit */ - - op = g_arch_instruction_get_operand(instr, 0); - - - if (!G_IS_IMM_OPERAND(op)) return; - - - if (g_imm_operand_get_value(G_IMM_OPERAND(op), MDS_32_BITS_UNSIGNED, &addr) - && g_exe_format_translate_address_into_vmpa(G_EXE_FORMAT(format), addr, &target)) - { - new = g_target_operand_new(MDS_32_BITS_UNSIGNED, addr); - - if (!g_target_operand_resolve(G_TARGET_OPERAND(new), format)) - { - init_mrange(&trange, &target, 0); - - vmpa2_virt_to_string(&target, MDS_UNDEFINED, loc, NULL); - snprintf(name, sizeof(name), "loc_%s", loc + 2); - - routine = g_binary_routine_new(); - g_binary_routine_set_name(routine, strdup(name)); - //routine = try_to_demangle_routine(name); - - g_binary_routine_set_range(routine, &trange); - - symbol = g_binary_symbol_new(STP_CODE_LABEL); - g_binary_symbol_attach_routine(symbol, routine); - g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol); - - - - g_target_operand_resolve(G_TARGET_OPERAND(new), format); - - } - - g_arch_instruction_replace_operand(instr, new, op); - - } - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instruction ARMv7 à traiter. * -* proc = représentation de l'architecture utilisée. * -* context = contexte associé à la phase de désassemblage. * -* format = accès aux données du binaire d'origine. * -* * -* Description : Complète un désassemblage accompli pour une instruction. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -void post_process_branch_and_link_instructions(GArchInstruction *instr, GArchProcessor *proc, GProcContext *context, GBinFormat *format) -{ - GArchOperand *op; /* Opérande numérique en place */ - uint32_t addr; /* Adresse visée par le saut */ - GArchOperand *new; /* Instruction de ciblage */ - vmpa2t target; - mrange_t trange; /* Etendue du symbole à créer */ - VMPA_BUFFER(loc); - char name[5 + VMPA_MAX_LEN]; - GBinRoutine *routine; /* Nouvelle routine trouvée */ - GBinSymbol *symbol; /* Nouveau symbole construit */ - - op = g_arch_instruction_get_operand(instr, 0); - - - if (!G_IS_IMM_OPERAND(op)) return; - - - if (g_imm_operand_get_value(G_IMM_OPERAND(op), MDS_32_BITS_UNSIGNED, &addr) - && g_exe_format_translate_address_into_vmpa(G_EXE_FORMAT(format), addr, &target)) - { - - - /// FIXME (DUR) ?! - if (addr < 0x8000) return; - - if (addr > 0x6966c) return; - - - - - new = g_target_operand_new(MDS_32_BITS_UNSIGNED, addr); - - if (!g_target_operand_resolve(G_TARGET_OPERAND(new), format)) - { - init_mrange(&trange, &target, 0); - - vmpa2_virt_to_string(&target, MDS_UNDEFINED, loc, NULL); - snprintf(name, sizeof(name), "sub_%s", loc + 2); - - routine = g_binary_routine_new(); - g_binary_routine_set_name(routine, strdup(name)); - //routine = try_to_demangle_routine(name); - - g_binary_routine_set_range(routine, &trange); - - symbol = g_binary_symbol_new(STP_ROUTINE); - g_binary_symbol_attach_routine(symbol, routine); - g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol); - - - - g_target_operand_resolve(G_TARGET_OPERAND(new), format); - - } - - g_arch_instruction_replace_operand(instr, new, op); - - } - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instruction ARMv7 à traiter. * -* proc = représentation de l'architecture utilisée. * -* context = contexte associé à la phase de désassemblage. * -* format = accès aux données du binaire d'origine. * -* * -* Description : Complète un désassemblage accompli pour une instruction. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -void post_process_comp_and_branch_instructions(GArchInstruction *instr, GArchProcessor *proc, GProcContext *context, GBinFormat *format) -{ - GArchOperand *op; /* Opérande numérique en place */ - uint32_t addr; /* Adresse visée par le saut */ - GArchOperand *new; /* Instruction de ciblage */ - vmpa2t target; - mrange_t trange; /* Etendue du symbole à créer */ - VMPA_BUFFER(loc); - char name[5 + VMPA_MAX_LEN]; - GBinRoutine *routine; /* Nouvelle routine trouvée */ - GBinSymbol *symbol; /* Nouveau symbole construit */ - - op = g_arch_instruction_get_operand(instr, 1); - - - if (!G_IS_IMM_OPERAND(op)) return; - - - if (g_imm_operand_get_value(G_IMM_OPERAND(op), MDS_32_BITS_UNSIGNED, &addr) - && g_exe_format_translate_address_into_vmpa(G_EXE_FORMAT(format), addr, &target)) - { - new = g_target_operand_new(MDS_32_BITS_UNSIGNED, addr); - - if (!g_target_operand_resolve(G_TARGET_OPERAND(new), format)) - { - init_mrange(&trange, &target, 0); - - vmpa2_virt_to_string(&target, MDS_UNDEFINED, loc, NULL); - snprintf(name, sizeof(name), "loc_%s", loc + 2); - - routine = g_binary_routine_new(); - g_binary_routine_set_name(routine, strdup(name)); - //routine = try_to_demangle_routine(name); - - g_binary_routine_set_range(routine, &trange); - - symbol = g_binary_symbol_new(STP_CODE_LABEL); - g_binary_symbol_attach_routine(symbol, routine); - g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol); - - - - g_target_operand_resolve(G_TARGET_OPERAND(new), format); - - } - - g_arch_instruction_replace_operand(instr, new, op); - - } - -} - - -/****************************************************************************** -* * -* Paramètres : instr = instruction ARMv7 à traiter. * -* proc = représentation de l'architecture utilisée. * -* context = contexte associé à la phase de désassemblage. * -* format = accès aux données du binaire d'origine. * -* * -* Description : Complète un désassemblage accompli pour une instruction. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - void post_process_ldr_instructions(GArchInstruction *instr, GArchProcessor *proc, GProcContext *context, GBinFormat *format) { GArchOperand *op; /* Opérande numérique en place */ @@ -280,7 +66,7 @@ void post_process_ldr_instructions(GArchInstruction *instr, GArchProcessor *proc { new = g_target_operand_new(MDS_32_BITS_UNSIGNED, addr); - if (!g_target_operand_resolve(G_TARGET_OPERAND(new), format)) + if (!g_target_operand_resolve(G_TARGET_OPERAND(new), format, true)) { addr &= ~0x1; @@ -314,7 +100,7 @@ void post_process_ldr_instructions(GArchInstruction *instr, GArchProcessor *proc - g_target_operand_resolve(G_TARGET_OPERAND(new), format); + g_target_operand_resolve(G_TARGET_OPERAND(new), format, true); } else diff --git a/src/arch/arm/v7/post.h b/src/arch/arm/v7/post.h index 6165597..c2e5b66 100644 --- a/src/arch/arm/v7/post.h +++ b/src/arch/arm/v7/post.h @@ -26,18 +26,29 @@ #include "../../instruction.h" +#include "../../post.h" #include "../../../format/format.h" -/* Complète un désassemblage accompli pour une instruction. */ -void post_process_branch_instructions(GArchInstruction *, GArchProcessor *, GProcContext *, GBinFormat *); +static inline void post_process_branch_instructions(GArchInstruction *ins, GArchProcessor *proc, GProcContext *ctx, GBinFormat *fmt) +{ + post_process_target_resolution(ins, proc, ctx, fmt, 0, STP_CODE_LABEL); -/* Complète un désassemblage accompli pour une instruction. */ -void post_process_branch_and_link_instructions(GArchInstruction *, GArchProcessor *, GProcContext *, GBinFormat *); +} + +static inline void post_process_branch_and_link_instructions(GArchInstruction *ins, GArchProcessor *proc, GProcContext *ctx, GBinFormat *fmt) +{ + post_process_target_resolution(ins, proc, ctx, fmt, 0, STP_ROUTINE); + +} + +static inline void post_process_comp_and_branch_instructions(GArchInstruction *ins, GArchProcessor *proc, GProcContext *ctx, GBinFormat *fmt) +{ + post_process_target_resolution(ins, proc, ctx, fmt, 1, STP_CODE_LABEL); + +} -/* Complète un désassemblage accompli pour une instruction. */ -void post_process_comp_and_branch_instructions(GArchInstruction *, GArchProcessor *, GProcContext *, GBinFormat *); /* Complète un désassemblage accompli pour une instruction. */ void post_process_ldr_instructions(GArchInstruction *, GArchProcessor *, GProcContext *, GBinFormat *); diff --git a/src/arch/dalvik/Makefile.am b/src/arch/dalvik/Makefile.am index 6ccbb5d..054f272 100644 --- a/src/arch/dalvik/Makefile.am +++ b/src/arch/dalvik/Makefile.am @@ -3,11 +3,14 @@ noinst_LTLIBRARIES = libarchdalvik.la libarchdalvik_la_SOURCES = \ context.h context.c \ + fetch.h fetch.c \ helpers.h \ instruction-def.h \ instruction-int.h \ instruction.h instruction.c \ + link.h \ operand.h operand.c \ + post.h \ processor.h processor.c \ register.h register.c \ translate.h diff --git a/src/arch/dalvik/fetch.c b/src/arch/dalvik/fetch.c new file mode 100644 index 0000000..a557601 --- /dev/null +++ b/src/arch/dalvik/fetch.c @@ -0,0 +1,62 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * fetch.c - ajouts de sauts à traiter durant la phase de désassemblage + * + * Copyright (C) 2016 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "fetch.h" + + +#include <assert.h> + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction ARMv7 à traiter. * +* proc = représentation de l'architecture utilisée. * +* context = contexte associé à la phase de désassemblage. * +* format = acès aux données du binaire d'origine. * +* index = indice de l'opérande précisant le saut. * +* * +* Description : Pousse une adresse précisée par un saut pour désassemblage. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void help_fetching_with_dalvik_instruction(GArchInstruction *instr, GArchProcessor *proc, GDalvikContext *context, GBinFormat *format, size_t index) +{ + GArchOperand *op; /* Opérande numérique en place */ + virt_t target; /* Adresse virtuelle visée */ + bool status; /* Bilan de récupération */ + + op = g_arch_instruction_get_operand(instr, index); + assert(G_IS_IMM_OPERAND(op)); + + status = g_imm_operand_to_virt_t(G_IMM_OPERAND(op), &target); + assert(status); + + if (status) + g_proc_context_push_drop_point(G_PROC_CONTEXT(context), 3, target); + +} diff --git a/src/arch/dalvik/fetch.h b/src/arch/dalvik/fetch.h new file mode 100644 index 0000000..b806b60 --- /dev/null +++ b/src/arch/dalvik/fetch.h @@ -0,0 +1,55 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * fetch.h - prototypes pour les ajouts de sauts à traiter durant la phase de désassemblage + * + * Copyright (C) 2016 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _ARCH_DALVIK_FETCH_H +#define _ARCH_DALVIK_FETCH_H + + +#include "context.h" +#include "../instruction.h" +#include "../../format/format.h" + + + +/* Pousse une adresse précisée par un saut pour désassemblage. */ +void help_fetching_with_dalvik_instruction(GArchInstruction *, GArchProcessor *, GDalvikContext *, GBinFormat *, size_t); + + +static inline void help_fetching_with_dalvik_goto_instruction(GArchInstruction *ins, GArchProcessor *proc, GDalvikContext *ctx, GBinFormat *fmt) +{ + help_fetching_with_dalvik_instruction(ins, proc, ctx, fmt, 0); +} + +static inline void help_fetching_with_dalvik_if_instruction(GArchInstruction *ins, GArchProcessor *proc, GDalvikContext *ctx, GBinFormat *fmt) +{ + help_fetching_with_dalvik_instruction(ins, proc, ctx, fmt, 2); +} + +static inline void help_fetching_with_dalvik_ifz_instruction(GArchInstruction *ins, GArchProcessor *proc, GDalvikContext *ctx, GBinFormat *fmt) +{ + help_fetching_with_dalvik_instruction(ins, proc, ctx, fmt, 1); +} + + + +#endif /* _ARCH_DALVIK_FETCH_H */ diff --git a/src/arch/dalvik/instruction.c b/src/arch/dalvik/instruction.c index e4e2ba2..6e95147 100644 --- a/src/arch/dalvik/instruction.c +++ b/src/arch/dalvik/instruction.c @@ -30,7 +30,6 @@ #include "instruction-int.h" #include "decomp/translate.h" #include "operands/register.h" -#include "operands/target.h" #include "../instruction-int.h" #include "../register-int.h" @@ -336,9 +335,6 @@ static dalvik_instruction _instructions[DOP_COUNT] = { /* Reconstruit le cache complet d'une désignation d'instruction. */ static void dalvik_build_instruction_keyword(const GDalvikInstruction *, AsmSyntax); -/* Indique si l'instruction correspond à un retour de fonction. */ -static bool dalvik_instruction_is_return(const GDalvikInstruction *); - /* Décompile une instruction de la machine virtuelle Dalvik. */ GDecInstruction *dalvik_instruction_decompile(const GDalvikInstruction *, GDecContext *); @@ -398,7 +394,6 @@ static void g_dalvik_instruction_init(GDalvikInstruction *instr) parent = G_ARCH_INSTRUCTION(instr); parent->get_rw_regs = (get_instruction_rw_regs_fc)g_dalvik_instruction_get_rw_registers; - //parent->is_return = (is_instruction_return_fc)dalvik_instruction_is_return; parent->decomp = (decomp_instr_fc)dalvik_instruction_decompile; } @@ -587,28 +582,6 @@ static void dalvik_build_instruction_keyword(const GDalvikInstruction *instr, As /****************************************************************************** * * -* Paramètres : instr = instruction à consulter. * -* * -* Description : Indique si l'instruction correspond à un retour de fonction. * -* * -* Retour : true si l'instruction est un 'return' quelconque ou false. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool dalvik_instruction_is_return(const GDalvikInstruction *instr) -{ - return (instr->type == DOP_RETURN_VOID - || instr->type == DOP_RETURN - || instr->type == DOP_RETURN_WIDE - || instr->type == DOP_RETURN_OBJECT); - -} - - -/****************************************************************************** -* * * Paramètres : instr = instruction d'origine à convertir. * * ctx = contexte de la phase de décompilation. * * * diff --git a/src/arch/dalvik/link.h b/src/arch/dalvik/link.h new file mode 100644 index 0000000..14af01d --- /dev/null +++ b/src/arch/dalvik/link.h @@ -0,0 +1,44 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * link.h - prototypes pour l'édition des liens après la phase de désassemblage + * + * Copyright (C) 2016 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _ARCH_DALVIK_LINK_H +#define _ARCH_DALVIK_LINK_H + + +#include "../link.h" + + + +static inline void handle_dalvik_if_branch_as_link(GArchInstruction *ins, GArchProcessor *proc, GProcContext *ctx, GBinFormat *fmt) +{ + handle_branch_as_link(ins, proc, ctx, fmt, 2); +} + +static inline void handle_dalvik_ifz_branch_as_link(GArchInstruction *ins, GArchProcessor *proc, GProcContext *ctx, GBinFormat *fmt) +{ + handle_branch_as_link(ins, proc, ctx, fmt, 1); +} + + + +#endif /* _ARCH_DALVIK_LINK_H */ diff --git a/src/arch/dalvik/opdefs/Makefile.am b/src/arch/dalvik/opdefs/Makefile.am index eebf04e..055e8a4 100644 --- a/src/arch/dalvik/opdefs/Makefile.am +++ b/src/arch/dalvik/opdefs/Makefile.am @@ -16,11 +16,17 @@ D2C_PREFIX = DALVIK_OPT_ D2C_ENCODINGS = \ -e none +D2C_MACROS = \ + -M SetInsFlag=g_arch_instruction_set_flag + FIXED_C_INCLUDES = \ \n\#include \<stdint.h\> \ \n \ + \n\#include \"..\/fetch.h\" \ \n\#include \"..\/helpers.h\" \ \n\#include \"..\/instruction.h\" \ + \n\#include \"..\/link.h\" \ + \n\#include \"..\/post.h\" \ \n\#include \"..\/processor.h\" \ \n\#include \"..\/..\/context.h\" \ \n\#include \"..\/..\/..\/analysis\/content.h\" \ diff --git a/src/arch/dalvik/opdefs/goto_28.d b/src/arch/dalvik/opdefs/goto_28.d index ab5d4e6..a9c12d1 100644 --- a/src/arch/dalvik/opdefs/goto_28.d +++ b/src/arch/dalvik/opdefs/goto_28.d @@ -27,4 +27,12 @@ @format 10t + @hooks { + + fetch = help_fetching_with_dalvik_goto_instruction + link = handle_jump_as_link + post = post_process_dalvik_goto_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/goto_29.d b/src/arch/dalvik/opdefs/goto_29.d index 3df2500..8272a7d 100644 --- a/src/arch/dalvik/opdefs/goto_29.d +++ b/src/arch/dalvik/opdefs/goto_29.d @@ -27,4 +27,12 @@ @format 20t + @hooks { + + fetch = help_fetching_with_dalvik_goto_instruction + link = handle_jump_as_link + post = post_process_dalvik_goto_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/goto_2a.d b/src/arch/dalvik/opdefs/goto_2a.d index ea2f8aa..937b10d 100644 --- a/src/arch/dalvik/opdefs/goto_2a.d +++ b/src/arch/dalvik/opdefs/goto_2a.d @@ -27,4 +27,12 @@ @format 30t + @hooks { + + fetch = help_fetching_with_dalvik_goto_instruction + link = handle_jump_as_link + post = post_process_dalvik_goto_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_32.d b/src/arch/dalvik/opdefs/if_32.d index 587b4c2..714c384 100644 --- a/src/arch/dalvik/opdefs/if_32.d +++ b/src/arch/dalvik/opdefs/if_32.d @@ -27,4 +27,12 @@ @format 22t + @hooks { + + fetch = help_fetching_with_dalvik_if_instruction + link = handle_dalvik_if_branch_as_link + post = post_process_dalvik_goto_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_33.d b/src/arch/dalvik/opdefs/if_33.d index 51f09cc..f655f67 100644 --- a/src/arch/dalvik/opdefs/if_33.d +++ b/src/arch/dalvik/opdefs/if_33.d @@ -27,4 +27,12 @@ @format 22t + @hooks { + + fetch = help_fetching_with_dalvik_if_instruction + link = handle_dalvik_if_branch_as_link + post = post_process_dalvik_if_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_34.d b/src/arch/dalvik/opdefs/if_34.d index 14429eb..1146980 100644 --- a/src/arch/dalvik/opdefs/if_34.d +++ b/src/arch/dalvik/opdefs/if_34.d @@ -27,4 +27,12 @@ @format 22t + @hooks { + + fetch = help_fetching_with_dalvik_if_instruction + link = handle_dalvik_if_branch_as_link + post = post_process_dalvik_if_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_35.d b/src/arch/dalvik/opdefs/if_35.d index 642e1b0..b11b243 100644 --- a/src/arch/dalvik/opdefs/if_35.d +++ b/src/arch/dalvik/opdefs/if_35.d @@ -27,4 +27,12 @@ @format 22t + @hooks { + + fetch = help_fetching_with_dalvik_if_instruction + link = handle_dalvik_if_branch_as_link + post = post_process_dalvik_if_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_36.d b/src/arch/dalvik/opdefs/if_36.d index 962b341..7436901 100644 --- a/src/arch/dalvik/opdefs/if_36.d +++ b/src/arch/dalvik/opdefs/if_36.d @@ -27,4 +27,12 @@ @format 22t + @hooks { + + fetch = help_fetching_with_dalvik_if_instruction + link = handle_dalvik_if_branch_as_link + post = post_process_dalvik_if_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_37.d b/src/arch/dalvik/opdefs/if_37.d index 29f1601..9ecbd84 100644 --- a/src/arch/dalvik/opdefs/if_37.d +++ b/src/arch/dalvik/opdefs/if_37.d @@ -27,4 +27,12 @@ @format 22t + @hooks { + + fetch = help_fetching_with_dalvik_if_instruction + link = handle_dalvik_if_branch_as_link + post = post_process_dalvik_if_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_38.d b/src/arch/dalvik/opdefs/if_38.d index 19d0ad9..ff21f2b 100644 --- a/src/arch/dalvik/opdefs/if_38.d +++ b/src/arch/dalvik/opdefs/if_38.d @@ -27,4 +27,12 @@ @format 21t + @hooks { + + fetch = help_fetching_with_dalvik_ifz_instruction + link = handle_dalvik_ifz_branch_as_link + post = post_process_dalvik_ifz_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_39.d b/src/arch/dalvik/opdefs/if_39.d index fc63f81..0dbba57 100644 --- a/src/arch/dalvik/opdefs/if_39.d +++ b/src/arch/dalvik/opdefs/if_39.d @@ -27,4 +27,12 @@ @format 21t + @hooks { + + fetch = help_fetching_with_dalvik_ifz_instruction + link = handle_dalvik_ifz_branch_as_link + post = post_process_dalvik_ifz_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_3a.d b/src/arch/dalvik/opdefs/if_3a.d index 4f78692..b003824 100644 --- a/src/arch/dalvik/opdefs/if_3a.d +++ b/src/arch/dalvik/opdefs/if_3a.d @@ -27,4 +27,12 @@ @format 21t + @hooks { + + fetch = help_fetching_with_dalvik_ifz_instruction + link = handle_dalvik_ifz_branch_as_link + post = post_process_dalvik_ifz_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_3b.d b/src/arch/dalvik/opdefs/if_3b.d index 2d4a804..f571d7e 100644 --- a/src/arch/dalvik/opdefs/if_3b.d +++ b/src/arch/dalvik/opdefs/if_3b.d @@ -27,4 +27,12 @@ @format 21t + @hooks { + + fetch = help_fetching_with_dalvik_ifz_instruction + link = handle_dalvik_ifz_branch_as_link + post = post_process_dalvik_ifz_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_3c.d b/src/arch/dalvik/opdefs/if_3c.d index 08dcf19..154fe2c 100644 --- a/src/arch/dalvik/opdefs/if_3c.d +++ b/src/arch/dalvik/opdefs/if_3c.d @@ -27,4 +27,12 @@ @format 21t + @hooks { + + fetch = help_fetching_with_dalvik_ifz_instruction + link = handle_dalvik_ifz_branch_as_link + post = post_process_dalvik_ifz_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/if_3d.d b/src/arch/dalvik/opdefs/if_3d.d index fd0b239..2aa5f87 100644 --- a/src/arch/dalvik/opdefs/if_3d.d +++ b/src/arch/dalvik/opdefs/if_3d.d @@ -27,4 +27,12 @@ @format 21t + @hooks { + + fetch = help_fetching_with_dalvik_ifz_instruction + link = handle_dalvik_ifz_branch_as_link + post = post_process_dalvik_ifz_target_resolution + + } + } diff --git a/src/arch/dalvik/opdefs/return_0e.d b/src/arch/dalvik/opdefs/return_0e.d index 6b71fa7..98fa1a8 100644 --- a/src/arch/dalvik/opdefs/return_0e.d +++ b/src/arch/dalvik/opdefs/return_0e.d @@ -27,4 +27,10 @@ @format 10x + @rules { + + call SetInsFlag(AIF_RETURN_POINT) + + } + } diff --git a/src/arch/dalvik/opdefs/return_0f.d b/src/arch/dalvik/opdefs/return_0f.d index 8fbd711..7e681ae 100644 --- a/src/arch/dalvik/opdefs/return_0f.d +++ b/src/arch/dalvik/opdefs/return_0f.d @@ -27,4 +27,10 @@ @format 11x + @rules { + + call SetInsFlag(AIF_RETURN_POINT) + + } + } diff --git a/src/arch/dalvik/opdefs/return_10.d b/src/arch/dalvik/opdefs/return_10.d index 0ff6dd8..644760c 100644 --- a/src/arch/dalvik/opdefs/return_10.d +++ b/src/arch/dalvik/opdefs/return_10.d @@ -27,4 +27,10 @@ @format 11x + @rules { + + call SetInsFlag(AIF_RETURN_POINT) + + } + } diff --git a/src/arch/dalvik/opdefs/return_11.d b/src/arch/dalvik/opdefs/return_11.d index 85bf2da..b8e4e60 100644 --- a/src/arch/dalvik/opdefs/return_11.d +++ b/src/arch/dalvik/opdefs/return_11.d @@ -27,4 +27,10 @@ @format 11x + @rules { + + call SetInsFlag(AIF_RETURN_POINT) + + } + } diff --git a/src/arch/dalvik/operand.c b/src/arch/dalvik/operand.c index 83d95e5..ab098f3 100644 --- a/src/arch/dalvik/operand.c +++ b/src/arch/dalvik/operand.c @@ -56,6 +56,9 @@ typedef enum _DalvikOperandID } DalvikOperandID; +/* Crée un opérande visant une instruction Dalvik. */ +static GArchOperand *dalvik_build_target_operand(const GBinContent *, vmpa2t *, MemoryDataSize , SourceEndian, const vmpa2t *); + /* Procède à la lecture d'opérandes pour une instruction. */ static bool dalvik_read_basic_operands(GArchInstruction *, GDexFormat *, const GBinContent *, vmpa2t *, bool *, SourceEndian, DalvikOperandType, ...); @@ -69,6 +72,63 @@ static bool dalvik_read_variatic_operands(GArchInstruction *, GDexFormat *, cons /****************************************************************************** * * +* Paramètres : content = flux de données à analyser. * +* pos = position courante dans ce flux. [OUT] * +* size = taille de l'opérande. * +* endian = ordre des bits dans la source. * +* base = adresse de référence pour le calcul. * +* * +* Description : Crée un opérande visant une instruction Dalvik. * +* * +* Retour : Opérande mis en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static GArchOperand *dalvik_build_target_operand(const GBinContent *content, vmpa2t *pos, MemoryDataSize size, SourceEndian endian, const vmpa2t *base) +{ + GArchOperand *result; /* Structure à retourner */ + phys_t offset; /* Emplacement de base */ + int8_t val8; /* Valeur sur 8 bits */ + int16_t val16; /* Valeur sur 16 bits */ + int32_t val32; /* Valeur sur 32 bits */ + bool test; /* Bilan de lecture */ + phys_t address; /* Adresse finale visée */ + + offset = get_phy_addr(base); + + switch (size) + { + case MDS_8_BITS_SIGNED: + test = g_binary_content_read_s8(content, pos, &val8); + address = offset + val8 * sizeof(uint16_t); + break; + case MDS_16_BITS_SIGNED: + test = g_binary_content_read_s16(content, pos, endian, &val16); + address = offset + val16 * sizeof(uint16_t); + break; + case MDS_32_BITS_SIGNED: + test = g_binary_content_read_s32(content, pos, endian, &val32); + address = offset + val32 * sizeof(uint16_t); + break; + default: + test = false; + break; + } + + if (!test) + return NULL; + + result = g_imm_operand_new_from_value(MDS_32_BITS, address); + + return result; + +} + + +/****************************************************************************** +* * * Paramètres : instr = instruction dont la définition est incomplète.[OUT]* * format = format du fichier contenant le code. * * content = flux de données à analyser. * @@ -339,21 +399,21 @@ static bool dalvik_read_basic_operands(GArchInstruction *instr, GDexFormat *form case DOI_TARGET_8: va_start(ap, model); base = va_arg(ap, const vmpa2t *); - op = g_dalvik_target_operand_new(content, pos, MDS_8_BITS_SIGNED, endian, base); + op = dalvik_build_target_operand(content, pos, MDS_8_BITS_SIGNED, endian, base); va_end(ap); break; case DOI_TARGET_16: va_start(ap, model); base = va_arg(ap, const vmpa2t *); - op = g_dalvik_target_operand_new(content, pos, MDS_16_BITS_SIGNED, endian, base); + op = dalvik_build_target_operand(content, pos, MDS_16_BITS_SIGNED, endian, base); va_end(ap); break; case DOI_TARGET_32: va_start(ap, model); base = va_arg(ap, const vmpa2t *); - op = g_dalvik_target_operand_new(content, pos, MDS_32_BITS_SIGNED, endian, base); + op = dalvik_build_target_operand(content, pos, MDS_32_BITS_SIGNED, endian, base); va_end(ap); break; diff --git a/src/arch/dalvik/operand.h b/src/arch/dalvik/operand.h index af15bde..cdcf38c 100644 --- a/src/arch/dalvik/operand.h +++ b/src/arch/dalvik/operand.h @@ -28,7 +28,6 @@ #include "operands/args.h" #include "operands/pool.h" #include "operands/register.h" -#include "operands/target.h" #include "../instruction.h" #include "../../format/dex/dex.h" diff --git a/src/arch/dalvik/operands/Makefile.am b/src/arch/dalvik/operands/Makefile.am index 8c88277..e7ad751 100644 --- a/src/arch/dalvik/operands/Makefile.am +++ b/src/arch/dalvik/operands/Makefile.am @@ -4,8 +4,7 @@ noinst_LTLIBRARIES = libarchdalvikoperands.la libarchdalvikoperands_la_SOURCES = \ args.h args.c \ pool.h pool.c \ - register.h register.c \ - target.h target.c + register.h register.c libarchdalvik_la_CFLAGS = $(AM_CFLAGS) diff --git a/src/arch/dalvik/operands/target.c b/src/arch/dalvik/operands/target.c deleted file mode 100644 index 5e8b91a..0000000 --- a/src/arch/dalvik/operands/target.c +++ /dev/null @@ -1,251 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * target.c - opérandes visant une adresse de code - * - * Copyright (C) 2010 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * OpenIDA is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * OpenIDA is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see <http://www.gnu.org/licenses/>. - */ - - -#include "target.h" - - -#include "../../operand-int.h" - - - -/* Définition d'un opérande visant une adresse de code Dalvik (instance) */ -struct _GDalvikTargetOperand -{ - GArchOperand parent; /* Instance parente */ - - GImmOperand *immediate; /* Adresse visée reconstituée */ - -}; - - -/* Définition d'un opérande visant une adresse de code Dalvik (classe) */ -struct _GDalvikTargetOperandClass -{ - GArchOperandClass parent; /* Classe parente */ - -}; - - -/* Initialise la classe des opérandes de ciblage de code Dalvik. */ -static void g_dalvik_target_operand_class_init(GDalvikTargetOperandClass *); - -/* Initialise une instance d'opérande de ciblage de code Dalvik. */ -static void g_dalvik_target_operand_init(GDalvikTargetOperand *); - -/* Supprime toutes les références externes. */ -static void g_dalvik_target_operand_dispose(GDalvikTargetOperand *); - -/* Procède à la libération totale de la mémoire. */ -static void g_dalvik_target_operand_finalize(GDalvikTargetOperand *); - -/* Traduit un opérande en version humainement lisible. */ -static void g_dalvik_target_operand_print(const GDalvikTargetOperand *, GBufferLine *, AsmSyntax); - - - -/* Indique le type défini par la GLib pour un opérande de ciblage de code Dalvik. */ -G_DEFINE_TYPE(GDalvikTargetOperand, g_dalvik_target_operand, G_TYPE_ARCH_OPERAND); - - -/****************************************************************************** -* * -* Paramètres : klass = classe à initialiser. * -* * -* Description : Initialise la classe des opérandes de ciblage de code Dalvik.* -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_target_operand_class_init(GDalvikTargetOperandClass *klass) -{ - GObjectClass *object; /* Autre version de la classe */ - GArchOperandClass *operand; /* Version de classe parente */ - - object = G_OBJECT_CLASS(klass); - operand = G_ARCH_OPERAND_CLASS(klass); - - object->dispose = (GObjectFinalizeFunc/* ! */)g_dalvik_target_operand_dispose; - object->finalize = (GObjectFinalizeFunc)g_dalvik_target_operand_finalize; - - operand->print = (operand_print_fc)g_dalvik_target_operand_print; - -} - - -/****************************************************************************** -* * -* Paramètres : operand = instance à initialiser. * -* * -* Description : Initialise une instance d'opérande de ciblage de code Dalvik.* -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_target_operand_init(GDalvikTargetOperand *operand) -{ - -} - - -/****************************************************************************** -* * -* Paramètres : binary = instance d'objet GLib à traiter. * -* * -* Description : Supprime toutes les références externes. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_target_operand_dispose(GDalvikTargetOperand *operand) -{ - g_object_unref(G_OBJECT(operand->immediate)); - - G_OBJECT_CLASS(g_dalvik_target_operand_parent_class)->dispose(G_OBJECT(operand)); - -} - - -/****************************************************************************** -* * -* Paramètres : binary = instance d'objet GLib à traiter. * -* * -* Description : Procède à la libération totale de la mémoire. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_target_operand_finalize(GDalvikTargetOperand *operand) -{ - G_OBJECT_CLASS(g_dalvik_target_operand_parent_class)->finalize(G_OBJECT(operand)); - -} - - -/****************************************************************************** -* * -* Paramètres : content = flux de données à analyser. * -* pos = position courante dans ce flux. [OUT] * -* size = taille de l'opérande. * -* endian = ordre des bits dans la source. * -* base = adresse de référence pour le calcul. * -* * -* Description : Crée un opérande visant un instruction Dalvik. * -* * -* Retour : Opérande mis en place. * -* * -* Remarques : - * -* * -******************************************************************************/ - -GArchOperand *g_dalvik_target_operand_new(const GBinContent *content, vmpa2t *pos, MemoryDataSize size, SourceEndian endian, const vmpa2t *base) -{ - GDalvikTargetOperand *result; /* Structure à retourner */ - phys_t offset; /* Emplacement de base */ - int8_t val8; /* Valeur sur 8 bits */ - int16_t val16; /* Valeur sur 16 bits */ - int32_t val32; /* Valeur sur 32 bits */ - bool test; /* Bilan de lecture */ - phys_t address; /* Adresse finale visée */ - - offset = get_phy_addr(base); - - switch (size) - { - case MDS_8_BITS_SIGNED: - test = g_binary_content_read_s8(content, pos, &val8); - address = offset + val8 * sizeof(uint16_t); - break; - case MDS_16_BITS_SIGNED: - test = g_binary_content_read_s16(content, pos, endian, &val16); - address = offset + val16 * sizeof(uint16_t); - break; - case MDS_32_BITS_SIGNED: - test = g_binary_content_read_s32(content, pos, endian, &val32); - address = offset + val32 * sizeof(uint16_t); - break; - default: - test = false; - break; - } - - if (!test) - return NULL; - - result = g_object_new(G_TYPE_DALVIK_TARGET_OPERAND, NULL); - result->immediate = G_IMM_OPERAND(g_imm_operand_new_from_value(MDS_32_BITS, address)); - - return G_ARCH_OPERAND(result); - -} - - -/****************************************************************************** -* * -* Paramètres : operand = opérande à traiter. * -* line = ligne tampon où imprimer l'opérande donné. * -* syntax = type de représentation demandée. * -* * -* Description : Traduit un opérande en version humainement lisible. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dalvik_target_operand_print(const GDalvikTargetOperand *operand, GBufferLine *line, AsmSyntax syntax) -{ - g_arch_operand_print(G_ARCH_OPERAND(operand->immediate), line, syntax); - -} - - -/****************************************************************************** -* * -* Paramètres : operand = opérande à traiter. * -* * -* Description : Fournit l'adresse représentée par une opérande Dalvik. * -* * -* Retour : Valeur portée par l'opérande. * -* * -* Remarques : - * -* * -******************************************************************************/ - -const GImmOperand *g_dalvik_target_operand_get_value(const GDalvikTargetOperand *operand) -{ - return operand->immediate; - -} diff --git a/src/arch/dalvik/operands/target.h b/src/arch/dalvik/operands/target.h deleted file mode 100644 index 6328546..0000000 --- a/src/arch/dalvik/operands/target.h +++ /dev/null @@ -1,61 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * target.h - prototypes pour les opérandes visant une adresse de code - * - * Copyright (C) 2010 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * OpenIDA is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * OpenIDA is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see <http://www.gnu.org/licenses/>. - */ - - -#ifndef _ARCH_DALVIK_OPERANDS_TARGET_H -#define _ARCH_DALVIK_OPERANDS_TARGET_H - - -#include <glib-object.h> - - -#include "../../immediate.h" - - - -#define G_TYPE_DALVIK_TARGET_OPERAND g_dalvik_target_operand_get_type() -#define G_DALVIK_TARGET_OPERAND(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dalvik_target_operand_get_type(), GDalvikTargetOperand)) -#define G_IS_DALVIK_TARGET_OPERAND(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dalvik_target_operand_get_type())) -#define G_DALVIK_TARGET_OPERAND_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DALVIK_TARGET_OPERAND, GDalvikTargetOperandClass)) -#define G_IS_DALVIK_TARGET_OPERAND_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DALVIK_TARGET_OPERAND)) -#define G_DALVIK_TARGET_OPERAND_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DALVIK_TARGET_OPERAND, GDalvikTargetOperandClass)) - - -/* Définition d'un opérande visant une adresse de code Dalvik (instance) */ -typedef struct _GDalvikTargetOperand GDalvikTargetOperand; - -/* Définition d'un opérande visant une adresse de code Dalvik (classe) */ -typedef struct _GDalvikTargetOperandClass GDalvikTargetOperandClass; - - -/* Indique le type défini par la GLib pour un opérande de ciblage de code Dalvik. */ -GType g_dalvik_target_operand_get_type(void); - -/* Crée un opérande visant un instruction Dalvik. */ -GArchOperand *g_dalvik_target_operand_new(const GBinContent *, vmpa2t *, MemoryDataSize, SourceEndian, const vmpa2t *); - -/* Fournit l'adresse représentée par une opérande Dalvik. */ -const GImmOperand *g_dalvik_target_operand_get_value(const GDalvikTargetOperand *); - - - -#endif /* _ARCH_DALVIK_OPERANDS_TARGET_H */ diff --git a/src/arch/dalvik/post.h b/src/arch/dalvik/post.h new file mode 100644 index 0000000..9f55d7f --- /dev/null +++ b/src/arch/dalvik/post.h @@ -0,0 +1,52 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * post.h - prototypes pour les traitements complémentaires à la phase de désassemblage + * + * Copyright (C) 2016 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _ARCH_DALVIK_POST_H +#define _ARCH_DALVIK_POST_H + + +#include "../post.h" + + + +static inline void post_process_dalvik_goto_target_resolution(GArchInstruction *ins, GArchProcessor *proc, GProcContext *ctx, GBinFormat *fmt) +{ + post_process_target_resolution(ins, proc, ctx, fmt, 0, STP_CODE_LABEL); + +} + +static inline void post_process_dalvik_if_target_resolution(GArchInstruction *ins, GArchProcessor *proc, GProcContext *ctx, GBinFormat *fmt) +{ + post_process_target_resolution(ins, proc, ctx, fmt, 2, STP_CODE_LABEL); + +} + +static inline void post_process_dalvik_ifz_target_resolution(GArchInstruction *ins, GArchProcessor *proc, GProcContext *ctx, GBinFormat *fmt) +{ + post_process_target_resolution(ins, proc, ctx, fmt, 1, STP_CODE_LABEL); + +} + + + +#endif /* _ARCH_DALVIK_POST_H */ diff --git a/src/arch/post.c b/src/arch/post.c new file mode 100644 index 0000000..7d5f134 --- /dev/null +++ b/src/arch/post.c @@ -0,0 +1,113 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * post.c - traitements complémentaires à la phase de désassemblage + * + * Copyright (C) 2016 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "post.h" + + +#include <assert.h> + + +#include "processor.h" +#include "target.h" + + + +/****************************************************************************** +* * +* Paramètres : instr = instruction ARMv7 à traiter. * +* proc = représentation de l'architecture utilisée. * +* context = contexte associé à la phase de désassemblage. * +* format = accès aux données du binaire d'origine. * +* index = indice de l'opérande précisant le saut. * +* type = type du nouveau simple à mettre en place. * +* * +* Description : Associe un symbole à la valeur ciblée par un opérande. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void post_process_target_resolution(GArchInstruction *instr, GArchProcessor *proc, GProcContext *context, GBinFormat *format, size_t index, SymbolType type) +{ + GArchOperand *op; /* Opérande numérique en place */ + virt_t addr; /* Adresse visée par le saut */ + MemoryDataSize ptr_size; /* Taille de l'espace mémoire */ + GArchOperand *new; /* Instruction de ciblage */ + vmpa2t target; + mrange_t trange; /* Etendue du symbole à créer */ + VMPA_BUFFER(loc); + char name[5 + VMPA_MAX_LEN]; + GBinRoutine *routine; /* Nouvelle routine trouvée */ + GBinSymbol *symbol; /* Nouveau symbole construit */ + + op = g_arch_instruction_get_operand(instr, index); + assert(G_IS_IMM_OPERAND(op)); + + if (g_imm_operand_to_virt_t(G_IMM_OPERAND(op), &addr) + && g_exe_format_translate_address_into_vmpa(G_EXE_FORMAT(format), addr, &target)) + { + ptr_size = g_arch_processor_get_memory_size(proc); + + new = g_target_operand_new(ptr_size, addr); + + if (!g_target_operand_resolve(G_TARGET_OPERAND(new), format, true)) + { + vmpa2_virt_to_string(&target, MDS_UNDEFINED, loc, NULL); + + switch (type) + { + case STP_ROUTINE: + snprintf(name, sizeof(name), "loc_%s", loc + 2); + break; + + case STP_CODE_LABEL: + snprintf(name, sizeof(name), "sub_%s", loc + 2); + break; + + default: + assert(false); + break; + + } + + routine = g_binary_routine_new(); + g_binary_routine_set_name(routine, strdup(name)); + + init_mrange(&trange, &target, 0); + g_binary_routine_set_range(routine, &trange); + + symbol = g_binary_symbol_new(type); + g_binary_symbol_attach_routine(symbol, routine); + g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol); + + g_target_operand_resolve(G_TARGET_OPERAND(new), format, true); + + } + + g_arch_instruction_replace_operand(instr, new, op); + + } + +} diff --git a/src/arch/post.h b/src/arch/post.h new file mode 100644 index 0000000..ce6d796 --- /dev/null +++ b/src/arch/post.h @@ -0,0 +1,38 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * post.h - prototypes pour les traitements complémentaires à la phase de désassemblage + * + * Copyright (C) 2016 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _ARCH_POST_H +#define _ARCH_POST_H + + +#include "instruction.h" +#include "../format/format.h" + + + +/* Associe un symbole à la valeur ciblée par un opérande. */ +void post_process_target_resolution(GArchInstruction *, GArchProcessor *, GProcContext *, GBinFormat *, size_t, SymbolType); + + + +#endif /* _ARCH_POST_H */ diff --git a/src/arch/target.c b/src/arch/target.c index 01c2bfe..4e731ec 100644 --- a/src/arch/target.c +++ b/src/arch/target.c @@ -297,6 +297,7 @@ virt_t g_target_operand_get_addr(const GTargetOperand *operand) * * * Paramètres : operand = opérande dont le contenu est à raffiner. * * format = format du binaire d'origine à consulter. * +* strict = indique si la résolution doit être parfaite ou non.* * * * Description : Tente une résolution de symbole. * * * @@ -306,7 +307,7 @@ virt_t g_target_operand_get_addr(const GTargetOperand *operand) * * ******************************************************************************/ -bool g_target_operand_resolve(GTargetOperand *operand, const GBinFormat *format) +bool g_target_operand_resolve(GTargetOperand *operand, const GBinFormat *format, bool strict) { bool result; /* Bilan à retourner */ vmpa2t addr; /* Adresse de recherche */ @@ -325,6 +326,18 @@ bool g_target_operand_resolve(GTargetOperand *operand, const GBinFormat *format) * En cas de succès, le compteur de références du symbole trouvé a été incrémenté. */ + if (strict) + result &= (operand->diff == 0); + + if (!result && operand->symbol != NULL) + { + g_object_unref(G_OBJECT(operand->symbol)); + + operand->symbol = NULL; + operand->diff = 0; + + } + return result; } diff --git a/src/arch/target.h b/src/arch/target.h index f226ee1..a284c09 100644 --- a/src/arch/target.h +++ b/src/arch/target.h @@ -64,7 +64,7 @@ MemoryDataSize g_target_operand_get_size(const GTargetOperand *); virt_t g_target_operand_get_addr(const GTargetOperand *); /* Tente une résolution de symbole. */ -bool g_target_operand_resolve(GTargetOperand *, const GBinFormat *); +bool g_target_operand_resolve(GTargetOperand *, const GBinFormat *, bool); /* Fournit les indications concernant le symbole associé. */ GBinSymbol *g_target_operand_get_symbol(const GTargetOperand *, phys_t *); |