diff options
Diffstat (limited to 'src/format/elf')
| -rw-r--r-- | src/format/elf/e_elf.c | 128 | ||||
| -rw-r--r-- | src/format/elf/e_elf.h | 5 | ||||
| -rw-r--r-- | src/format/elf/elf-int.h | 23 | ||||
| -rw-r--r-- | src/format/elf/section.c | 3 |
4 files changed, 159 insertions, 0 deletions
diff --git a/src/format/elf/e_elf.c b/src/format/elf/e_elf.c index f716846..3aa9394 100644 --- a/src/format/elf/e_elf.c +++ b/src/format/elf/e_elf.c @@ -35,6 +35,10 @@ + + + + /****************************************************************************** * * * Paramètres : content = contenu binaire à parcourir. * @@ -53,17 +57,39 @@ elf_format *load_elf(const uint8_t *content, off_t length) elf_format *result; /* Structure à retourner */ bool test; /* Bilan d'une initialisation */ + + Elf32_Half i; + Elf32_Phdr phdr; + + size_t count; + + result = (elf_format *)calloc(1, sizeof(elf_format)); EXE_FORMAT(result)->content = content; EXE_FORMAT(result)->length = length; + EXE_FORMAT(result)->get_def_parts = (get_def_parts_fc)get_elf_default_code_parts; EXE_FORMAT(result)->find_section = (find_section_fc)find_elf_section; EXE_FORMAT(result)->get_symbols = (get_symbols_fc)get_elf_symbols; EXE_FORMAT(result)->resolve_symbol = (resolve_symbol_fc)resolve_elf_symbol; memcpy(&result->header, content, sizeof(Elf32_Ehdr)); + result->is_32b = true; + + + for (i = 0; i < result->header.e_phnum; i++) + { + + memcpy(&phdr, &content[result->header.e_phoff + i * result->header.e_phentsize], result->header.e_phentsize); + + + printf(" seg [0x%08x] :: %d -> %d\n", phdr.p_type, phdr.p_offset, phdr.p_filesz); + + + } + test = read_elf_section_names(result); @@ -74,6 +100,108 @@ elf_format *load_elf(const uint8_t *content, off_t length) printf("ok ? %d\n", test); + + return result; + +} + + + + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* count = quantité de zones listées. [OUT] * +* * +* Description : Fournit les références aux zones de code à analyser. * +* * +* Retour : Zones de code à analyser. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bin_part **get_elf_default_code_parts(const elf_format *format, size_t *count) +{ + bin_part **result; /* Tableau à retourner */ + bin_part *part; /* Partie à intégrer à la liste*/ + off_t offset; /* Position physique */ + off_t size; /* Taille de la partie */ + uint64_t voffset; /* Adresse virtuelle éventuelle*/ + int i; /* Boucle de parcours */ + Elf_Shdr shdr; /* En-tête de programme ELF */ + + result = NULL; + *count = 0; + + if (format->sec_size > 0) + { + if (find_elf_section(format, ".init", &offset, &size, &voffset)) + { + part = create_bin_part(); + + set_bin_part_name(part, ".init"); + set_bin_part_values(part, offset, size, voffset); + + result = (bin_part **)realloc(result, ++(*count) * sizeof(bin_part *)); + result[*count - 1] = part; + + } + + if (find_elf_section(format, ".text", &offset, &size, &voffset)) + { + part = create_bin_part(); + + set_bin_part_name(part, ".text"); + set_bin_part_values(part, offset, size, voffset); + + result = (bin_part **)realloc(result, ++(*count) * sizeof(bin_part *)); + result[*count - 1] = part; + + } + + if (find_elf_section(format, ".fini", &offset, &size, &voffset)) + { + part = create_bin_part(); + + set_bin_part_name(part, ".fini"); + set_bin_part_values(part, offset, size, voffset); + + result = (bin_part **)realloc(result, ++(*count) * sizeof(bin_part *)); + result[*count - 1] = part; + + } + + } + + /* Si aucune section n'a été trouvée... */ + + if (*count == 0) + for (i = 0; i < format->header.e_shnum; i++) + { + offset = format->header.e_shoff + format->header.e_shentsize * i; + if ((offset + format->header.e_shentsize) >= EXE_FORMAT(format)->length) break; + + memcpy(&shdr, &EXE_FORMAT(format)->content[offset], format->header.e_shentsize); + + if (ELF_SHDR(format, shdr, sh_flags) & SHF_EXECINSTR) + { + part = create_bin_part(); + + /* TODO : nom */ + + set_bin_part_values(part, ELF_SHDR(format, shdr, sh_offset), + ELF_SHDR(format, shdr, sh_size), + ELF_SHDR(format, shdr, sh_addr)); + + result = (bin_part **)realloc(result, ++(*count) * sizeof(bin_part *)); + result[*count - 1] = part; + + } + + } + return result; } diff --git a/src/format/elf/e_elf.h b/src/format/elf/e_elf.h index e101fc6..b11fb24 100644 --- a/src/format/elf/e_elf.h +++ b/src/format/elf/e_elf.h @@ -42,6 +42,11 @@ typedef struct _elf_format elf_format; /* Prend en charge un nouvel ELF. */ elf_format *load_elf(const uint8_t *, off_t); + + +/* Fournit les références aux zones de code à analyser. */ +bin_part **get_elf_default_code_parts(const elf_format *, size_t *); + /* Récupère tous les symboles présents dans le contenu binaire. */ size_t get_elf_symbols(const elf_format *, char ***, SymbolType **, uint64_t **); diff --git a/src/format/elf/elf-int.h b/src/format/elf/elf-int.h index 2ec33c3..f366c71 100644 --- a/src/format/elf/elf-int.h +++ b/src/format/elf/elf-int.h @@ -50,6 +50,7 @@ struct _elf_format exe_format dummy; /* A laisser en premier */ Elf32_Ehdr header; /* En-tête du format */ + bool is_32b; /* Format du binaire */ char *sec_names; /* Noms des sections */ size_t sec_size; /* Taille de ces définitions */ @@ -61,6 +62,28 @@ struct _elf_format +/* En-tête de section ELF */ +typedef union _Elf_Shdr +{ + Elf32_Shdr section32; /* Version 32 bits */ + Elf64_Shdr section64; /* Version 64 bits */ + +} Elf_Shdr; + +#define ELF_SHDR(fmt, sec, fld) (fmt->is_32b ? sec.section32.fld : sec.section64.fld) + + +/* En-tête de programme ELF */ +typedef union _Elf_Phdr +{ + Elf32_Phdr header32; /* Version 32 bits */ + Elf64_Phdr header64; /* Version 64 bits */ + +} Elf_Phdr; + +#define ELF_PHDR(fmt, hdr, fld) (fmt->is_32b ? hdr.header32.fld : hdr.header64.fld) + + #endif /* _FORMAT_ELF_ELF_INT_H */ diff --git a/src/format/elf/section.c b/src/format/elf/section.c index a055f47..f16e002 100644 --- a/src/format/elf/section.c +++ b/src/format/elf/section.c @@ -130,6 +130,9 @@ bool find_elf_section(const elf_format *format, const char *target, off_t *offse Elf32_Half i; Elf32_Shdr data; + /* Si on perd notre temps... */ + if (format->sec_size == 0) return false; + result = false; for (i = 0; i < format->header.e_shnum; i++) |