diff options
Diffstat (limited to 'src/format/elf/e_elf.c')
| -rw-r--r-- | src/format/elf/e_elf.c | 128 |
1 files changed, 128 insertions, 0 deletions
diff --git a/src/format/elf/e_elf.c b/src/format/elf/e_elf.c index f716846..3aa9394 100644 --- a/src/format/elf/e_elf.c +++ b/src/format/elf/e_elf.c @@ -35,6 +35,10 @@ + + + + /****************************************************************************** * * * Paramètres : content = contenu binaire à parcourir. * @@ -53,17 +57,39 @@ elf_format *load_elf(const uint8_t *content, off_t length) elf_format *result; /* Structure à retourner */ bool test; /* Bilan d'une initialisation */ + + Elf32_Half i; + Elf32_Phdr phdr; + + size_t count; + + result = (elf_format *)calloc(1, sizeof(elf_format)); EXE_FORMAT(result)->content = content; EXE_FORMAT(result)->length = length; + EXE_FORMAT(result)->get_def_parts = (get_def_parts_fc)get_elf_default_code_parts; EXE_FORMAT(result)->find_section = (find_section_fc)find_elf_section; EXE_FORMAT(result)->get_symbols = (get_symbols_fc)get_elf_symbols; EXE_FORMAT(result)->resolve_symbol = (resolve_symbol_fc)resolve_elf_symbol; memcpy(&result->header, content, sizeof(Elf32_Ehdr)); + result->is_32b = true; + + + for (i = 0; i < result->header.e_phnum; i++) + { + + memcpy(&phdr, &content[result->header.e_phoff + i * result->header.e_phentsize], result->header.e_phentsize); + + + printf(" seg [0x%08x] :: %d -> %d\n", phdr.p_type, phdr.p_offset, phdr.p_filesz); + + + } + test = read_elf_section_names(result); @@ -74,6 +100,108 @@ elf_format *load_elf(const uint8_t *content, off_t length) printf("ok ? %d\n", test); + + return result; + +} + + + + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* count = quantité de zones listées. [OUT] * +* * +* Description : Fournit les références aux zones de code à analyser. * +* * +* Retour : Zones de code à analyser. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bin_part **get_elf_default_code_parts(const elf_format *format, size_t *count) +{ + bin_part **result; /* Tableau à retourner */ + bin_part *part; /* Partie à intégrer à la liste*/ + off_t offset; /* Position physique */ + off_t size; /* Taille de la partie */ + uint64_t voffset; /* Adresse virtuelle éventuelle*/ + int i; /* Boucle de parcours */ + Elf_Shdr shdr; /* En-tête de programme ELF */ + + result = NULL; + *count = 0; + + if (format->sec_size > 0) + { + if (find_elf_section(format, ".init", &offset, &size, &voffset)) + { + part = create_bin_part(); + + set_bin_part_name(part, ".init"); + set_bin_part_values(part, offset, size, voffset); + + result = (bin_part **)realloc(result, ++(*count) * sizeof(bin_part *)); + result[*count - 1] = part; + + } + + if (find_elf_section(format, ".text", &offset, &size, &voffset)) + { + part = create_bin_part(); + + set_bin_part_name(part, ".text"); + set_bin_part_values(part, offset, size, voffset); + + result = (bin_part **)realloc(result, ++(*count) * sizeof(bin_part *)); + result[*count - 1] = part; + + } + + if (find_elf_section(format, ".fini", &offset, &size, &voffset)) + { + part = create_bin_part(); + + set_bin_part_name(part, ".fini"); + set_bin_part_values(part, offset, size, voffset); + + result = (bin_part **)realloc(result, ++(*count) * sizeof(bin_part *)); + result[*count - 1] = part; + + } + + } + + /* Si aucune section n'a été trouvée... */ + + if (*count == 0) + for (i = 0; i < format->header.e_shnum; i++) + { + offset = format->header.e_shoff + format->header.e_shentsize * i; + if ((offset + format->header.e_shentsize) >= EXE_FORMAT(format)->length) break; + + memcpy(&shdr, &EXE_FORMAT(format)->content[offset], format->header.e_shentsize); + + if (ELF_SHDR(format, shdr, sh_flags) & SHF_EXECINSTR) + { + part = create_bin_part(); + + /* TODO : nom */ + + set_bin_part_values(part, ELF_SHDR(format, shdr, sh_offset), + ELF_SHDR(format, shdr, sh_size), + ELF_SHDR(format, shdr, sh_addr)); + + result = (bin_part **)realloc(result, ++(*count) * sizeof(bin_part *)); + result[*count - 1] = part; + + } + + } + return result; } |