From 175e8193759e01b45b1f6d2d7970e2993ec8c364 Mon Sep 17 00:00:00 2001 From: Cyrille Bagard Date: Tue, 18 Sep 2018 21:07:28 +0200 Subject: Updated the MCLF format support. --- plugins/mobicore/Makefile.am | 2 +- plugins/mobicore/core.c | 78 +++++++++++++++++++++ plugins/mobicore/core.h | 38 ++++++++++ plugins/mobicore/mclf.c | 163 +++++++++++++++++++++++++++++++++++-------- plugins/mobicore/mclf.h | 9 +-- plugins/mobicore/mobicore.c | 83 ---------------------- plugins/mobicore/mobicore.h | 41 ----------- 7 files changed, 252 insertions(+), 162 deletions(-) create mode 100644 plugins/mobicore/core.c create mode 100644 plugins/mobicore/core.h delete mode 100644 plugins/mobicore/mobicore.c delete mode 100644 plugins/mobicore/mobicore.h diff --git a/plugins/mobicore/Makefile.am b/plugins/mobicore/Makefile.am index 276b3a9..0790200 100644 --- a/plugins/mobicore/Makefile.am +++ b/plugins/mobicore/Makefile.am @@ -5,10 +5,10 @@ libdir = $(pluginslibdir) libmobicore_la_SOURCES = \ + core.h core.c \ mclf-def.h \ mclf-int.h mclf-int.c \ mclf.h mclf.c \ - mobicore.h mobicore.c \ symbols.h symbols.c libmobicore_la_LDFLAGS = -L$(top_srcdir)/src/.libs -lchrysacore diff --git a/plugins/mobicore/core.c b/plugins/mobicore/core.c new file mode 100644 index 0000000..bc7298f --- /dev/null +++ b/plugins/mobicore/core.c @@ -0,0 +1,78 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * core.c - intégration du support du format MobiCore + * + * Copyright (C) 2018 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "core.h" + + +#include +#include + + +#include "mclf.h" + + + +DEFINE_CHRYSALIDE_PLUGIN("mobicore", "Support MobiCore file format for Trusted Applications", "0.1.0", + EMPTY_PG_LIST(.required), AL(PGA_CONTENT_RESOLVER)); + + + +/****************************************************************************** +* * +* Paramètres : plugin = greffon à manipuler. * +* action = type d'action attendue. * +* content = contenu binaire à traiter. * +* wid = identifiant du groupe de traitement. * +* status = barre de statut à tenir informée. * +* * +* Description : Procède à une opération liée à un contenu binaire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +G_MODULE_EXPORT void chrysalide_plugin_handle_binary_content(const GPluginModule *plugin, PluginAction action, GBinContent *content, wgroup_id_t wid, GtkStatusStack *status) +{ + bool test; /* Bilan des accès mémoire */ + GExeFormat *format; /* Format ELF reconnu */ + GLoadedContent *loaded; /* Représentation chargée */ + GContentResolver *resolver; /* Resolveur de contenus */ + + test = check_mclf_format(content); + + if (test) + { + format = g_mclf_format_new(content); + loaded = g_loaded_binary_new(format); + + resolver = get_current_content_resolver(); + g_content_resolver_add_detected(resolver, wid, loaded); + g_object_unref(G_OBJECT(resolver)); + + g_object_unref(G_OBJECT(loaded)); + + } + +} diff --git a/plugins/mobicore/core.h b/plugins/mobicore/core.h new file mode 100644 index 0000000..fe4f7d4 --- /dev/null +++ b/plugins/mobicore/core.h @@ -0,0 +1,38 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * core.h - prototypes pour l'intégration du support du format MobiCore + * + * Copyright (C) 2018 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _PLUGINS_MOBICORE_CORE_H +#define _PLUGINS_MOBICORE_CORE_H + + +#include +#include + + + +/* Procède à une opération liée à un contenu binaire. */ +G_MODULE_EXPORT void chrysalide_plugin_handle_binary_content(const GPluginModule *, PluginAction, GBinContent *, wgroup_id_t, GtkStatusStack *); + + + +#endif /* _PLUGINS_MOBICORE_CORE_H */ diff --git a/plugins/mobicore/mclf.c b/plugins/mobicore/mclf.c index 37939f7..65a7af0 100644 --- a/plugins/mobicore/mclf.c +++ b/plugins/mobicore/mclf.c @@ -49,6 +49,18 @@ static void g_mclf_format_dispose(GMCLFFormat *); /* Procède à la libération totale de la mémoire. */ static void g_mclf_format_finalize(GMCLFFormat *); +/* Indique la désignation interne du format. */ +static const char *g_mclf_format_get_name(const GMCLFFormat *); + +/* Fournit une description humaine du format. */ +static const char *g_mclf_format_get_description(const GMCLFFormat *); + +/* Assure l'interprétation d'un format en différé. */ +static bool g_mclf_format_analyze(GMCLFFormat *, wgroup_id_t, GtkStatusStack *); + +/* Informe quant au boutisme utilisé. */ +static SourceEndian g_mclf_format_get_endianness(const GMCLFFormat *); + /* Indique le type d'architecture visée par le format. */ static const char *g_mclf_format_get_target_machine(const GMCLFFormat *); @@ -59,39 +71,28 @@ static void g_mclf_format_refine_portions(GMCLFFormat *); /****************************************************************************** * * -* Paramètres : content = contenu binaire à parcourir. * -* parent = éventuel format exécutable déjà chargé. * -* unused = adresse non utilisée ici. * -* key = identifiant de format trouvé ou NULL. [OUT] * +* Paramètres : content = contenu binaire à traiter. * * * -* Description : Indique si le format peut être pris en charge ici. * +* Description : Valide un contenu comme étant un format Mobicore. * * * -* Retour : Désignation du format reconnu ou NULL si aucun. * +* Retour : - * * * * Remarques : - * * * ******************************************************************************/ -FormatMatchStatus mclf_is_matching(GBinContent *content, GExeFormat *parent, void *unused, char **key) +bool check_mclf_format(const GBinContent *content) { - FormatMatchStatus result; /* Bilan à renvoyer */ + bool result; /* Bilan à faire remonter */ vmpa2t addr; /* Tête de lecture initiale */ - bool status; /* Bilan des accès mémoire */ char magic[4]; /* Idenfiant standard */ init_vmpa(&addr, 0, VMPA_NO_VIRTUAL); - status = g_binary_content_read_raw(content, &addr, 4, (bin_t *)magic); + result = g_binary_content_read_raw(content, &addr, 4, (bin_t *)magic); - status &= (memcmp(magic, MC_SERVICE_HEADER_MAGIC_STR, 4) == 0); - - if (status) - { - result = FMS_MATCHED; - *key = strdup("mclf"); - } - else - result = FMS_UNKNOWN; + if (result) + result = (memcmp(magic, MC_SERVICE_HEADER_MAGIC_STR, 4) == 0); return result; @@ -117,6 +118,7 @@ G_DEFINE_TYPE(GMCLFFormat, g_mclf_format, G_TYPE_EXE_FORMAT); static void g_mclf_format_class_init(GMCLFFormatClass *klass) { GObjectClass *object; /* Autre version de la classe */ + GBinFormatClass *fmt; /* Version en format basique */ GExeFormatClass *exe; /* Version en exécutable */ object = G_OBJECT_CLASS(klass); @@ -124,6 +126,13 @@ static void g_mclf_format_class_init(GMCLFFormatClass *klass) object->dispose = (GObjectFinalizeFunc/* ! */)g_mclf_format_dispose; object->finalize = (GObjectFinalizeFunc)g_mclf_format_finalize; + fmt = G_BIN_FORMAT_CLASS(klass); + + fmt->get_name = (format_get_name_fc)g_mclf_format_get_name; + fmt->get_desc = (format_get_desc_fc)g_mclf_format_get_description; + fmt->analyze = (format_analyze_fc)g_mclf_format_analyze; + fmt->get_endian = (format_get_endian_fc)g_mclf_format_get_endianness; + exe = G_EXE_FORMAT_CLASS(klass); exe->get_machine = (get_target_machine_fc)g_mclf_format_get_target_machine; @@ -191,8 +200,6 @@ static void g_mclf_format_finalize(GMCLFFormat *format) /****************************************************************************** * * * Paramètres : content = contenu binaire à parcourir. * -* parent = éventuel format exécutable déjà chargé. * - status = barre de statut à tenir informée. * * * * Description : Prend en charge un nouveau format MCLF. * * * @@ -202,29 +209,123 @@ static void g_mclf_format_finalize(GMCLFFormat *format) * * ******************************************************************************/ -GBinFormat *g_mclf_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) +GExeFormat *g_mclf_format_new(GBinContent *content) { GMCLFFormat *result; /* Structure à retourner */ + if (!check_mclf_format(content)) + return NULL; + result = g_object_new(G_TYPE_MCLF_FORMAT, NULL); g_binary_format_set_content(G_BIN_FORMAT(result), content); - if (!read_mclf_header(result, &result->header, result->endian)) - goto gmfn_error; + return G_EXE_FORMAT(result); + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* * +* Description : Indique la désignation interne du format. * +* * +* Retour : Description du format. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static const char *g_mclf_format_get_name(const GMCLFFormat *format) +{ + const char *result; /* Désignation à retourner */ + + result = "mclf"; + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* * +* Description : Fournit une description humaine du format. * +* * +* Retour : Description du format. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static const char *g_mclf_format_get_description(const GMCLFFormat *format) +{ + const char *result; /* Désignation à retourner */ + + result = "MobiCore Load Format"; + + return result; + +} + - g_executable_format_setup_portions(G_EXE_FORMAT(result), status); +/****************************************************************************** +* * +* Paramètres : format = format chargé dont l'analyse est lancée. * +* gid = groupe de travail dédié. * +* status = barre de statut à tenir informée. * +* * +* Description : Assure l'interprétation d'un format en différé. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool g_mclf_format_analyze(GMCLFFormat *format, wgroup_id_t gid, GtkStatusStack *status) +{ + bool result; /* Bilan à retourner */ + GExeFormat *exe; /* Autre version du format */ - if (!load_mclf_symbols(result)) - goto gmfn_error; + result = false; - return G_BIN_FORMAT(result); + exe = G_EXE_FORMAT(format); - gmfn_error: + if (!read_mclf_header(format, &format->header, format->endian)) + goto error; - g_object_unref(G_OBJECT(result)); + g_executable_format_setup_portions(exe, status); - return NULL; + if (!load_mclf_symbols(format)) + goto error; + + result = true; + + error: + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* * +* Description : Informe quant au boutisme utilisé. * +* * +* Retour : Indicateur de boutisme. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static SourceEndian g_mclf_format_get_endianness(const GMCLFFormat *format) +{ + return format->endian; } diff --git a/plugins/mobicore/mclf.h b/plugins/mobicore/mclf.h index 32a13a1..d56968b 100644 --- a/plugins/mobicore/mclf.h +++ b/plugins/mobicore/mclf.h @@ -27,12 +27,9 @@ #include #include -#include #include -#include -#include @@ -51,14 +48,14 @@ typedef struct _GMCLFFormat GMCLFFormat; typedef struct _GMCLFFormatClass GMCLFFormatClass; -/* Indique si le format peut être pris en charge ici. */ -FormatMatchStatus mclf_is_matching(GBinContent *, GExeFormat *, void *, char **); +/* Valide un contenu comme étant un format Mobicore. */ +bool check_mclf_format(const GBinContent *); /* Indique le type défini pour un format d'exécutable MCLF. */ GType g_mclf_format_get_type(void); /* Prend en charge un nouveau format MCLF. */ -GBinFormat *g_mclf_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); +GExeFormat *g_mclf_format_new(GBinContent *); diff --git a/plugins/mobicore/mobicore.c b/plugins/mobicore/mobicore.c deleted file mode 100644 index 8e25469..0000000 --- a/plugins/mobicore/mobicore.c +++ /dev/null @@ -1,83 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * mobicore.c - support du format de chargement MobiCore - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "mobicore.h" - - -#include -#include - - -#include "mclf.h" - - - -DEFINE_CHRYSALIDE_ACTIVE_PLUGIN("Mobicore", "Support MobiCore file format for Trusted Applications", "0.1.0", - PGA_PLUGIN_INIT, PGA_PLUGIN_EXIT); - - - -/****************************************************************************** -* * -* Paramètres : plugin = greffon à manipuler. * -* * -* Description : Prend acte du chargement du greffon. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -G_MODULE_EXPORT bool chrysalide_plugin_init(GPluginModule *plugin) -{ - bool result; /* Bilan à retourner */ - - result = true; - - result &= register_format_matcher(mclf_is_matching, NULL); - - result &= register_format_loader("mclf", "MobiCore Load Format", g_mclf_format_new); - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : plugin = greffon à manipuler. * -* * -* Description : Prend acte du déchargement du greffon. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -G_MODULE_EXPORT void chrysalide_plugin_exit(GPluginModule *plugin) -{ - /* TODO */ - -} diff --git a/plugins/mobicore/mobicore.h b/plugins/mobicore/mobicore.h deleted file mode 100644 index 26a8888..0000000 --- a/plugins/mobicore/mobicore.h +++ /dev/null @@ -1,41 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * mobicore.h - prototypes pour le support du format de chargement MobiCore - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _PLUGINS_MOBICORE_MOBICORE_H -#define _PLUGINS_MOBICORE_MOBICORE_H - - -#include -#include - - - -/* Prend acte du chargement du greffon. */ -G_MODULE_EXPORT bool chrysalide_plugin_init(GPluginModule *); - -/* Prend acte du déchargement du greffon. */ -G_MODULE_EXPORT void chrysalide_plugin_exit(GPluginModule *); - - - -#endif /* _PLUGINS_MOBICORE_MOBICORE_H */ -- cgit v0.11.2-87-g4458