diff options
Diffstat (limited to 'src/format/elf')
-rw-r--r-- | src/format/elf/Makefile.am | 3 | ||||
-rw-r--r-- | src/format/elf/e_elf.c | 5 | ||||
-rw-r--r-- | src/format/elf/elf-int.h | 11 | ||||
-rw-r--r-- | src/format/elf/symbol.c | 243 | ||||
-rw-r--r-- | src/format/elf/symbol.h | 40 |
5 files changed, 301 insertions, 1 deletions
diff --git a/src/format/elf/Makefile.am b/src/format/elf/Makefile.am index cb5682d..4886115 100644 --- a/src/format/elf/Makefile.am +++ b/src/format/elf/Makefile.am @@ -4,7 +4,8 @@ lib_LIBRARIES = libformatelf.a libformatelf_a_SOURCES = \ e_elf.h e_elf.c \ elf-int.h \ - section.h section.c + section.h section.c \ + symbol.h symbol.c libformatelf_a_CFLAGS = $(AM_CFLAGS) diff --git a/src/format/elf/e_elf.c b/src/format/elf/e_elf.c index 1c08cf3..a6399ab 100644 --- a/src/format/elf/e_elf.c +++ b/src/format/elf/e_elf.c @@ -30,6 +30,7 @@ #include "elf-int.h" #include "section.h" +#include "symbol.h" @@ -66,6 +67,10 @@ elf_format *load_elf(const uint8_t *content, off_t length) printf("ok ? %d\n", test); + test = load_elf_symbols(result); + + printf("ok ? %d\n", test); + return result; diff --git a/src/format/elf/elf-int.h b/src/format/elf/elf-int.h index 0fd325f..2ec33c3 100644 --- a/src/format/elf/elf-int.h +++ b/src/format/elf/elf-int.h @@ -34,6 +34,15 @@ +/* Symbole trouvé */ +typedef struct _elf_symbol +{ + const char *name; /* Désignation du symbole */ + uint64_t address; /* Adresse du symbole */ + +} elf_symbol; + + /* Description du format ELF */ struct _elf_format @@ -45,6 +54,8 @@ struct _elf_format char *sec_names; /* Noms des sections */ size_t sec_size; /* Taille de ces définitions */ + elf_symbol *symbols; /* Liste des symboles */ + size_t sym_count; /* Taille de cette liste */ }; diff --git a/src/format/elf/symbol.c b/src/format/elf/symbol.c new file mode 100644 index 0000000..729c154 --- /dev/null +++ b/src/format/elf/symbol.c @@ -0,0 +1,243 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * symbol.c - gestion des symboles d'un ELF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#include "symbol.h" + + +#include <malloc.h> +#include <elf.h> +#include <string.h> + + + +#include "elf-int.h" +#include "section.h" + + + + + +/* Charge en mémoire la liste humaine des symboles (32 bits). */ +bool load_elf_symbol_table_32(elf_format *, const off_t *, const off_t *, const off_t *, const off_t *); + +/* Charge en mémoire la liste humaine des symboles (64 bits). */ +bool load_elf_symbol_table_64(elf_format *, const off_t *, const off_t *, const off_t *, const off_t *); + + + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* * +* Description : Charge en mémoire la liste humaine des symboles. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_elf_symbols(elf_format *format) +{ + bool result; /* Bilan à retourner */ + + + off_t sym_start; /* Début de section */ + off_t sym_size; /* Taille de section */ + off_t str_start; /* Début de section */ + off_t str_size; /* Taille de section */ + + + result = find_elf_section(format, ".symtab", &sym_start, &sym_size, NULL); + + result &= find_elf_section(format, ".strtab", &str_start, &str_size, NULL); + + + if (result) + { + + + + result = load_elf_symbol_table_32(format, &sym_start, &sym_size, &str_start, &str_start); + + + + } + + return result; + +} + + + + + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* sym_start = début de la zone à traiter. * +* sym_size = taille de la zone à traiter. * +* str_start = début de la zone de chaîne de caractères. * +* str_size = taille de la zone de chaînes de caractères. * +* * +* Description : Charge en mémoire la liste humaine des symboles (32 bits). * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_elf_symbol_table_32(elf_format *format, const off_t *sym_start, const off_t *sym_size, const off_t *str_start, const off_t *str_size) +{ + off_t iter; /* Boucle de parcours */ + Elf32_Sym symbol; /* Symbole ELF lu */ + + if (*sym_size % sizeof(Elf32_Sym) != 0) return false; + + for (iter = *sym_start; iter < (*sym_start + *sym_size); iter += sizeof(Elf32_Sym)) + { + memcpy(&symbol, &EXE_FORMAT(format)->content[iter], sizeof(Elf32_Sym)); + + if (!(ELF32_ST_TYPE(symbol.st_info) == STT_FUNC + || (ELF32_ST_TYPE(symbol.st_info) == STT_NOTYPE + && ELF32_ST_BIND(symbol.st_info) == STB_GLOBAL))) continue; + + if (symbol.st_value == 0) continue; + + /* Sécurité anti-débordements */ + if (symbol.st_name >= *str_size) continue; + + /* Si le symbole possède un nom... */ + if (strlen(&EXE_FORMAT(format)->content[*str_start + symbol.st_name]) > 0) + { + format->symbols = (elf_symbol *)realloc(format->symbols, ++format->sym_count * sizeof(elf_symbol)); + + format->symbols[format->sym_count - 1].name = &EXE_FORMAT(format)->content[*str_start + symbol.st_name]; + format->symbols[format->sym_count - 1].address = symbol.st_value; + + } + + } + + return true; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* sym_start = début de la zone à traiter. * +* sym_size = taille de la zone à traiter. * +* str_start = début de la zone de chaîne de caractères. * +* str_size = taille de la zone de chaînes de caractères. * +* * +* Description : Charge en mémoire la liste humaine des symboles (64 bits). * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_elf_symbol_table_64(elf_format *format, const off_t *sym_start, const off_t *sym_size, const off_t *str_start, const off_t *str_size) +{ + off_t iter; /* Boucle de parcours */ + Elf64_Sym symbol; /* Symbole ELF lu */ + + if (*sym_size % sizeof(Elf64_Sym) != 0) return false; + + for (iter = *sym_start; iter < (*sym_start + *sym_size); iter += sizeof(Elf64_Sym)) + { + memcpy(&symbol, &EXE_FORMAT(format)->content[iter], sizeof(Elf64_Sym)); + + if (!(ELF64_ST_TYPE(symbol.st_info) == STT_FUNC + || (ELF64_ST_TYPE(symbol.st_info) == STT_NOTYPE + && ELF64_ST_BIND(symbol.st_info) == STB_GLOBAL))) continue; + + if (symbol.st_value == 0) continue; + + /* Sécurité anti-débordements */ + if (symbol.st_name >= *str_size) continue; + + /* Si le symbole possède un nom... */ + if (strlen(&EXE_FORMAT(format)->content[*str_start + symbol.st_name]) > 0) + { + format->symbols = (elf_symbol *)realloc(format->symbols, ++format->sym_count * sizeof(elf_symbol)); + + format->symbols[format->sym_count - 1].name = &EXE_FORMAT(format)->content[*str_start + symbol.st_name]; + format->symbols[format->sym_count - 1].address = symbol.st_value; + + } + + } + + return true; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* comments = liste des commentaires à insérer. [OUT] * +* offsets = liste des indices des commentaires. [OUT] * +* count = taille des listes construites. [OUT] * +* * +* Description : Récupère tous les commentaires à insérer dans le code. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void get_elf_symbol_comments(const elf_format *format, char ***comments, uint64_t **offsets, size_t *count) +{ + size_t i; /* Boucle de parcours */ + size_t len; /* Longueur d'une désignation */ + + if (format->sym_count > 0) + { + *comments = (char **)calloc(*count + format->sym_count, sizeof(char *)); + *offsets = (uint64_t *)calloc(*count + format->sym_count, sizeof(uint64_t)); + + for (i = 0; i < format->sym_count; i++) + { + len = strlen(format->symbols[i].name); + + (*comments)[i] = (char *)calloc(len + 9, sizeof(char)); + snprintf((*comments)[i], len + 9, "<%s>", format->symbols[i].name); + + (*offsets)[i] = format->symbols[i].address; + + } + + *count += format->sym_count; + + } + +} diff --git a/src/format/elf/symbol.h b/src/format/elf/symbol.h new file mode 100644 index 0000000..0a8f203 --- /dev/null +++ b/src/format/elf/symbol.h @@ -0,0 +1,40 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * symbol.h - prototypes pour la gestion des symboles d'un ELF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see <http://www.gnu.org/licenses/>. + */ + + +#ifndef _FORMAT_ELF_SYMBOL_H +#define _FORMAT_ELF_SYMBOL_H + + +#include "e_elf.h" + + + +/* Charge en mémoire la liste humaine des symboles. */ +bool load_elf_symbols(elf_format *); + +/* Récupère tous les commentaires à insérer dans le code. */ +void get_elf_symbol_comments(const elf_format *, char ***, uint64_t **, size_t *); + + + +#endif /* _FORMAT_ELF_SYMBOL_H */ |