From 24f4b449d22c918d8f0e6c8fc059e0fa1fa485ff Mon Sep 17 00:00:00 2001 From: Cyrille Bagard Date: Sun, 7 Jul 2019 23:46:38 +0200 Subject: Added support for Android boot images. --- configure.ac | 2 + plugins/Makefile.am | 2 +- plugins/bootimg/Makefile.am | 51 ++++ plugins/bootimg/bootimg-def.h | 78 ++++++ plugins/bootimg/core.c | 131 +++++++++++ plugins/bootimg/core.h | 41 ++++ plugins/bootimg/format-int.c | 112 +++++++++ plugins/bootimg/format-int.h | 59 +++++ plugins/bootimg/format.c | 404 ++++++++++++++++++++++++++++++++ plugins/bootimg/format.h | 74 ++++++ plugins/bootimg/python/Makefile.am | 20 ++ plugins/bootimg/python/format.c | 311 ++++++++++++++++++++++++ plugins/bootimg/python/format.h | 42 ++++ plugins/bootimg/python/module.c | 82 +++++++ plugins/bootimg/python/module.h | 38 +++ plugins/bootimg/python/translate.c | 110 +++++++++ plugins/bootimg/python/translate.h | 41 ++++ plugins/pychrysalide/format/Makefile.am | 1 + plugins/pychrysalide/format/known.c | 292 +++++++++++++++++++++++ plugins/pychrysalide/format/known.h | 42 ++++ plugins/pychrysalide/format/module.c | 2 + src/analysis/loading.c | 2 +- src/format/Makefile.am | 2 + src/format/known-int.h | 65 +++++ src/format/known.c | 260 ++++++++++++++++++++ src/format/known.h | 72 ++++++ src/plugins/pglist.h | 3 + src/plugins/plugin.c | 27 +++ src/plugins/plugin.h | 4 + 29 files changed, 2368 insertions(+), 2 deletions(-) create mode 100644 plugins/bootimg/Makefile.am create mode 100644 plugins/bootimg/bootimg-def.h create mode 100644 plugins/bootimg/core.c create mode 100644 plugins/bootimg/core.h create mode 100644 plugins/bootimg/format-int.c create mode 100644 plugins/bootimg/format-int.h create mode 100644 plugins/bootimg/format.c create mode 100644 plugins/bootimg/format.h create mode 100644 plugins/bootimg/python/Makefile.am create mode 100644 plugins/bootimg/python/format.c create mode 100644 plugins/bootimg/python/format.h create mode 100644 plugins/bootimg/python/module.c create mode 100644 plugins/bootimg/python/module.h create mode 100644 plugins/bootimg/python/translate.c create mode 100644 plugins/bootimg/python/translate.h create mode 100644 plugins/pychrysalide/format/known.c create mode 100644 plugins/pychrysalide/format/known.h create mode 100644 src/format/known-int.h create mode 100644 src/format/known.c create mode 100644 src/format/known.h diff --git a/configure.ac b/configure.ac index 67019f2..2935fad 100644 --- a/configure.ac +++ b/configure.ac @@ -406,6 +406,8 @@ AC_CONFIG_FILES([Makefile plugins/arm/v7/opcodes/Makefile plugins/arm/v7/operands/Makefile plugins/arm/v7/registers/Makefile + plugins/bootimg/Makefile + plugins/bootimg/python/Makefile plugins/dalvik/Makefile plugins/dalvik/operands/Makefile plugins/dalvik/pseudo/Makefile diff --git a/plugins/Makefile.am b/plugins/Makefile.am index 785a1ed..ecdc018 100644 --- a/plugins/Makefile.am +++ b/plugins/Makefile.am @@ -6,4 +6,4 @@ PYTHON3_SUBDIRS = pychrysalide python endif # androhelpers -SUBDIRS = $(PYTHON3_SUBDIRS) arm dex dalvik devdbg dexbnf dwarf elf fmtp itanium javadesc libcsem lnxsyscalls mobicore readdex readelf readmc ropgadgets +SUBDIRS = $(PYTHON3_SUBDIRS) arm bootimg dex dalvik devdbg dexbnf dwarf elf fmtp itanium javadesc libcsem lnxsyscalls mobicore readdex readelf readmc ropgadgets diff --git a/plugins/bootimg/Makefile.am b/plugins/bootimg/Makefile.am new file mode 100644 index 0000000..8329665 --- /dev/null +++ b/plugins/bootimg/Makefile.am @@ -0,0 +1,51 @@ + +lib_LTLIBRARIES = libbootimg.la + +libdir = $(pluginslibdir) + + +if BUILD_PYTHON3_BINDINGS + +PYTHON3_LIBADD = python/libbootimgpython.la + +if BUILD_DISCARD_LOCAL + +PYTHON3_LDFLAGS = -Wl,-rpath,$(pluginslibdir) \ + -L$(top_srcdir)/plugins/pychrysalide/.libs -l:pychrysalide.so + +else + +PYTHON3_LDFLAGS = -Wl,-rpath,$(abs_top_srcdir)/plugins/pychrysalide/.libs \ + -L$(top_srcdir)/plugins/pychrysalide/.libs -l:pychrysalide.so + +endif + +PYTHON3_SUBDIRS = python + +endif + + +libbootimg_la_SOURCES = \ + core.h core.c \ + bootimg-def.h \ + format-int.h format-int.c \ + format.h format.c + +libbootimg_la_LIBADD = \ + $(PYTHON3_LIBADD) + +libbootimg_la_LDFLAGS = \ + -L$(top_srcdir)/src/.libs -lchrysacore \ + $(PYTHON3_LDFLAGS) + + +devdir = $(includedir)/chrysalide-$(subdir) + +dev_HEADERS = $(libbootimg_la_SOURCES:%c=) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) -I$(top_srcdir)/src + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) + +SUBDIRS = $(PYTHON3_SUBDIRS) diff --git a/plugins/bootimg/bootimg-def.h b/plugins/bootimg/bootimg-def.h new file mode 100644 index 0000000..90fb97a --- /dev/null +++ b/plugins/bootimg/bootimg-def.h @@ -0,0 +1,78 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * elf_def.h - liste des structures et constantes utilisées par le format BOOT.img + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _PLUGINS_BOOTIMG_BOOTIMG_DEF_H +#define _PLUGINS_BOOTIMG_BOOTIMG_DEF_H + + +#include + + + +/** + * Références : + * + * - https://source.android.com/devices/bootloader/boot-image-header + * - https://android.googlesource.com/platform/system/core/+/android-4.4_r1/mkbootimg/bootimg.h + */ + + +#define BOOT_MAGIC "ANDROID!" +#define BOOT_MAGIC_SIZE (sizeof(BOOT_MAGIC) - 1) + +#define BOOT_NAME_SIZE 16 +#define BOOT_ARGS_SIZE 512 +#define BOOT_EXTRA_ARGS_SIZE 1024 + + +/* Entêtes, ancienne et nouvelle, pour une image de démarrage Android */ +typedef struct _boot_img_hdr +{ + uint8_t magic[BOOT_MAGIC_SIZE]; /* Identifiant magique */ + uint32_t kernel_size; /* Taille en octets */ + uint32_t kernel_addr; /* Adresse de chargement phys. */ + + uint32_t ramdisk_size; /* Taille en octets */ + uint32_t ramdisk_addr; /* Adresse de chargement phys. */ + + uint32_t second_size; /* Taille en octets */ + uint32_t second_addr; /* Adresse de chargement phys. */ + + uint32_t tags_addr; /* Adresse de chargement phys. */ + uint32_t page_size; /* Taille des pages de Flash */ + uint32_t header_version; /* Version de cet entête */ + uint32_t os_version; /* Version de l'OS */ + uint8_t name[BOOT_NAME_SIZE]; /* Désignation ASCII du produit*/ + uint8_t cmdline[BOOT_ARGS_SIZE]; /* Arguments de démarrage */ + uint32_t id[8]; /* Horodatage, empreinte, etc. */ + uint8_t extra_cmdline[BOOT_EXTRA_ARGS_SIZE]; /* Arg. supplémentaires */ + + uint32_t recovery_dtbo_size; /* Taille de l'image DTBO */ + uint64_t recovery_dtbo_offset; /* Emplacement dans le contenu */ + uint32_t header_size; /* Taille de l'entête en octets*/ + +} boot_img_hdr; + + + +#endif /* _PLUGINS_BOOTIMG_BOOTIMG_DEF_H */ diff --git a/plugins/bootimg/core.c b/plugins/bootimg/core.c new file mode 100644 index 0000000..fdf1c95 --- /dev/null +++ b/plugins/bootimg/core.c @@ -0,0 +1,131 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * core.c - intégration du support du format BOOT.img + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "core.h" + + +#include +#include +#include + + +#include "format.h" +#ifdef HAVE_PYTHON3_BINDINGS +# include "python/module.h" +#endif + + +#ifdef HAVE_PYTHON3_BINDINGS +# define PG_REQ RL("PyChrysalide") +#else +# define PG_REQ NO_REQ +#endif + + + +DEFINE_CHRYSALIDE_PLUGIN("GBootImgPlugin", "bootimg", "Add support for the BOOT.img format", "0.1.0", + PG_REQ, AL(PGA_PLUGIN_INIT, PGA_CONTENT_EXPLORER)); + + + +/****************************************************************************** +* * +* Paramètres : plugin = greffon à manipuler. * +* * +* Description : Prend acte du chargement du greffon. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +G_MODULE_EXPORT bool chrysalide_plugin_init(GPluginModule *plugin) +{ + bool result; /* Bilan à retourner */ + +#ifdef HAVE_PYTHON3_BINDINGS + result = add_format_bootimg_module_to_python_module(); +#else + result = true; +#endif + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : plugin = greffon à manipuler. * +* action = type d'action attendue. * +* content = contenu binaire à traiter. * +* wid = identifiant du groupe de traitement. * +* status = barre de statut à tenir informée. * +* * +* Description : Procède à une opération liée à un contenu binaire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +G_MODULE_EXPORT void chrysalide_plugin_handle_binary_content(const GPluginModule *plugin, PluginAction action, GBinContent *content, wgroup_id_t wid, GtkStatusStack *status) +{ + bool test; /* Bilan des accès mémoire */ + GContentExplorer *explorer; /* Explorateur de contenus */ + GBootImgFormat *format; /* Encapsulation reconnue */ + GBinContent *embedded; /* Nouveau contenu détecté */ + + test = check_bootimg_format(content); + + if (test) + { + explorer = get_current_content_explorer(); + + format = g_bootimg_format_new(content); + + test = g_known_format_analyze(G_KNOWN_FORMAT(format), wid, status); + + if (test) + { + embedded = g_bootimg_format_get_kernel(format); + + if (embedded != NULL) + g_content_explorer_populate_group(explorer, wid, embedded); + + embedded = g_bootimg_format_get_ramdisk(format); + + if (embedded != NULL) + g_content_explorer_populate_group(explorer, wid, embedded); + + } + + g_object_unref(G_OBJECT(format)); + + g_object_unref(G_OBJECT(explorer)); + + } + +} diff --git a/plugins/bootimg/core.h b/plugins/bootimg/core.h new file mode 100644 index 0000000..606f5b0 --- /dev/null +++ b/plugins/bootimg/core.h @@ -0,0 +1,41 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * core.h - prototypes pour l'intégration du support du format BOOT.img + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _PLUGINS_BOOTIMG_CORE_H +#define _PLUGINS_BOOTIMG_CORE_H + + +#include +#include + + + +/* Prend acte du chargement du greffon. */ +G_MODULE_EXPORT bool chrysalide_plugin_init(GPluginModule *); + +/* Procède à une opération liée à un contenu binaire. */ +G_MODULE_EXPORT void chrysalide_plugin_handle_binary_content(const GPluginModule *, PluginAction, GBinContent *, wgroup_id_t, GtkStatusStack *); + + + +#endif /* _PLUGINS_BOOTIMG_CORE_H */ diff --git a/plugins/bootimg/format-int.c b/plugins/bootimg/format-int.c new file mode 100644 index 0000000..f898d5f --- /dev/null +++ b/plugins/bootimg/format-int.c @@ -0,0 +1,112 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * format-int.c - structures internes du format BOOT.img + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "format-int.h" + + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* header = en-tête à déterminer. [OUT] * +* * +* Description : Procède à la lecture de l'entête d'une image BOOT.img. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_bootimg_header(GBootImgFormat *format, boot_img_hdr *header) +{ + bool result; /* Bilan à retourner */ + GBinContent *content; /* Contenu binaire à lire */ + vmpa2t pos; /* Position de lecture */ + + content = g_known_format_get_content(G_KNOWN_FORMAT(format)); + + init_vmpa(&pos, 0, VMPA_NO_VIRTUAL); + + result = g_binary_content_read_raw(content, &pos, BOOT_MAGIC_SIZE, (bin_t *)header->magic); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->kernel_size); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->kernel_addr); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->ramdisk_size); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->ramdisk_addr); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->second_size); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->second_addr); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->tags_addr); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->page_size); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->header_version); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->os_version); + + if (result) + result = g_binary_content_read_raw(content, &pos, BOOT_NAME_SIZE, (bin_t *)header->name); + + if (result) + result = g_binary_content_read_raw(content, &pos, BOOT_ARGS_SIZE, (bin_t *)header->cmdline); + + if (result) + result = g_binary_content_read_raw(content, &pos, 8, (bin_t *)header->id); + + if (result) + result = g_binary_content_read_raw(content, &pos, BOOT_EXTRA_ARGS_SIZE, (bin_t *)header->extra_cmdline); + + if (result && header->header_version == 1) + { + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->recovery_dtbo_size); + + if (result) + result = g_binary_content_read_u64(content, &pos, SRE_LITTLE, &header->recovery_dtbo_offset); + + if (result) + result = g_binary_content_read_u32(content, &pos, SRE_LITTLE, &header->header_size); + + } + + g_object_unref(G_OBJECT(content)); + + return result; + +} diff --git a/plugins/bootimg/format-int.h b/plugins/bootimg/format-int.h new file mode 100644 index 0000000..560841d --- /dev/null +++ b/plugins/bootimg/format-int.h @@ -0,0 +1,59 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * format-int.h - prototypes pour les structures internes du format BOOT.img + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _PLUGINS_BOOTIMG_FORMAT_INT_H +#define _PLUGINS_BOOTIMG_FORMAT_INT_H + + +#include + + +#include "format.h" + + + +/* Format d'une image de démarrage (instance) */ +struct _GBootImgFormat +{ + GKnownFormat parent; /* A laisser en premier */ + + GBinContent *content; /* Contenu binaire à étudier */ + + boot_img_hdr header; /* Entête du format */ + +}; + +/* Format d'une image de démarrage (classe) */ +struct _GBootImgFormatClass +{ + GKnownFormatClass parent; /* A laisser en premier */ + +}; + + +/* Procède à la lecture de l'entête d'une image BOOT.img. */ +bool read_bootimg_header(GBootImgFormat *, boot_img_hdr *); + + + +#endif /* _PLUGINS_BOOTIMG_FORMAT_INT_H */ diff --git a/plugins/bootimg/format.c b/plugins/bootimg/format.c new file mode 100644 index 0000000..f41f98d --- /dev/null +++ b/plugins/bootimg/format.c @@ -0,0 +1,404 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * format.h - support du format BOOT.img + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "format.h" + + +#include + + +#include +#include + + +#include "format-int.h" + + + +/* Initialise la classe des formats d'exécutables ELF. */ +static void g_bootimg_format_class_init(GBootImgFormatClass *); + +/* Initialise une instance de format d'exécutable ELF. */ +static void g_bootimg_format_init(GBootImgFormat *); + +/* Supprime toutes les références externes. */ +static void g_bootimg_format_dispose(GBootImgFormat *); + +/* Procède à la libération totale de la mémoire. */ +static void g_bootimg_format_finalize(GBootImgFormat *); + +/* Indique la désignation interne du format. */ +static const char *g_bootimg_format_get_name(const GBootImgFormat *); + +/* Fournit une description humaine du format. */ +static const char *g_bootimg_format_get_description(const GBootImgFormat *); + +/* Assure l'interprétation d'un format en différé. */ +static bool g_bootimg_format_analyze(GBootImgFormat *, wgroup_id_t, GtkStatusStack *); + + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à traiter. * +* * +* Description : Valide un contenu comme étant un format Elf. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool check_bootimg_format(const GBinContent *content) +{ + bool result; /* Bilan à faire remonter */ + vmpa2t addr; /* Tête de lecture initiale */ + char magic[BOOT_MAGIC_SIZE]; /* Idenfiant standard */ + + init_vmpa(&addr, 0, VMPA_NO_VIRTUAL); + + result = g_binary_content_read_raw(content, &addr, BOOT_MAGIC_SIZE, (bin_t *)magic); + + if (result) + result = (memcmp(magic, BOOT_MAGIC, BOOT_MAGIC_SIZE) == 0); + + return result; + +} + + +/* Indique le type défini pour un format d'image BOOT.img. */ +G_DEFINE_TYPE(GBootImgFormat, g_bootimg_format, G_TYPE_KNOWN_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats d'exécutables ELF. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_bootimg_format_class_init(GBootImgFormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + GKnownFormatClass *known; /* Version parente de la classe*/ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_bootimg_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_bootimg_format_finalize; + + known = G_KNOWN_FORMAT_CLASS(klass); + + known->get_name = (known_get_name_fc)g_bootimg_format_get_name; + known->get_desc = (known_get_desc_fc)g_bootimg_format_get_description; + known->analyze = (known_analyze_fc)g_bootimg_format_analyze; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format d'exécutable ELF. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_bootimg_format_init(GBootImgFormat *format) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_bootimg_format_dispose(GBootImgFormat *format) +{ + G_OBJECT_CLASS(g_bootimg_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_bootimg_format_finalize(GBootImgFormat *format) +{ + G_OBJECT_CLASS(g_bootimg_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* * +* Description : Prend en charge un nouveau format ELF. * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +GBootImgFormat *g_bootimg_format_new(GBinContent *content) +{ + GBootImgFormat *result; /* Structure à retourner */ + + if (!check_bootimg_format(content)) + return NULL; + + result = g_object_new(G_TYPE_BOOTIMG_FORMAT, NULL); + + g_known_format_set_content(G_KNOWN_FORMAT(result), content); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description du format à consulter. * +* * +* Description : Indique la désignation interne du format. * +* * +* Retour : Description du format. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static const char *g_bootimg_format_get_name(const GBootImgFormat *format) +{ + const char *result; /* Désignation à retourner */ + + result = "bootimg"; + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* * +* Description : Fournit une description humaine du format. * +* * +* Retour : Description du format. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static const char *g_bootimg_format_get_description(const GBootImgFormat *format) +{ + const char *result; /* Désignation à retourner */ + + result = "Android Boot Image"; + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = format chargé dont l'analyse est lancée. * +* gid = groupe de travail dédié. * +* status = barre de statut à tenir informée. * +* * +* Description : Assure l'interprétation d'un format en différé. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool g_bootimg_format_analyze(GBootImgFormat *format, wgroup_id_t gid, GtkStatusStack *status) +{ + bool result; /* Bilan à retourner */ + + result = read_bootimg_header(format, &format->header); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* * +* Description : Présente l'entête BOOT.img du format chargé. * +* * +* Retour : Pointeur vers la description principale. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const boot_img_hdr *g_bootimg_format_get_header(const GBootImgFormat *format) +{ + const boot_img_hdr *result; /* Structure à retourner */ + + result = &format->header; + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* * +* Description : Fournit le noyau inclus dans une image de démarrage. * +* * +* Retour : Nouveau contenu binaire ou NULL en cas d'absence. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinContent *g_bootimg_format_get_kernel(const GBootImgFormat *format) +{ + GBinContent *result; /* Contenu à renvoyer */ + phys_t offset; /* Départ de la zone à traiter */ + phys_t size; /* Taille de la zone à traiter */ + vmpa2t pos; /* Position de lecture */ + GBinContent *content; /* Contenu binaire à lire */ + const bin_t *data; /* Donnée du contenu nouveau */ + + result = NULL; + + if (format->header.kernel_addr == 0) goto no_kernel; + + offset = 1 * format->header.page_size; + + size = format->header.ramdisk_size; + + init_vmpa(&pos, offset, VMPA_NO_VIRTUAL); + + content = g_known_format_get_content(G_KNOWN_FORMAT(format)); + + data = g_binary_content_get_raw_access(content, &pos, size); + if (data == NULL) goto no_data; + + result = g_memory_content_new(data, size); + + no_data: + + g_object_unref(G_OBJECT(content)); + + no_kernel: + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* * +* Description : Fournit le disque en RAM inclus dans une image de démarrage. * +* * +* Retour : Nouveau contenu binaire ou NULL en cas d'absence. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinContent *g_bootimg_format_get_ramdisk(const GBootImgFormat *format) +{ + GBinContent *result; /* Contenu à renvoyer */ + phys_t offset; /* Départ de la zone à traiter */ + phys_t size; /* Taille de la zone à traiter */ + vmpa2t pos; /* Position de lecture */ + GBinContent *content; /* Contenu binaire à lire */ + const bin_t *data; /* Donnée du contenu nouveau */ + + result = NULL; + + if (format->header.ramdisk_addr == 0) goto no_ramdisk; + + offset = format->header.kernel_size / format->header.page_size; + + if (format->header.kernel_size % format->header.page_size != 0) + offset++; + + offset = (1 + offset) * format->header.page_size; + + size = format->header.ramdisk_size; + + init_vmpa(&pos, offset, VMPA_NO_VIRTUAL); + + content = g_known_format_get_content(G_KNOWN_FORMAT(format)); + + data = g_binary_content_get_raw_access(content, &pos, size); + if (data == NULL) goto no_data; + + result = g_memory_content_new(data, size); + + no_data: + + g_object_unref(G_OBJECT(content)); + + no_ramdisk: + + return result; + +} diff --git a/plugins/bootimg/format.h b/plugins/bootimg/format.h new file mode 100644 index 0000000..6197727 --- /dev/null +++ b/plugins/bootimg/format.h @@ -0,0 +1,74 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * format.h - prototypes pour le support du format BOOT.img + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _PLUGINS_BOOTIMG_FORMAT_H +#define _PLUGINS_BOOTIMG_FORMAT_H + + +#include +#include + + +#include + + +#include "bootimg-def.h" + + + +#define G_TYPE_BOOTIMG_FORMAT g_bootimg_format_get_type() +#define G_BOOTIMG_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), G_TYPE_BOOTIMG_FORMAT, GBootImgFormat)) +#define G_IS_BOOTIMG_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), G_TYPE_BOOTIMG_FORMAT)) +#define G_BOOTIMG_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_BOOTIMG_FORMAT, GBootImgFormatClass)) +#define G_IS_BOOTIMG_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_BOOTIMG_FORMAT)) +#define G_BOOTIMG_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_BOOTIMG_FORMAT, GBootImgFormatClass)) + + +/* Format d'image BOOT.img (instance) */ +typedef struct _GBootImgFormat GBootImgFormat; + +/* Format d'image BOOT.img (classe) */ +typedef struct _GBootImgFormatClass GBootImgFormatClass; + + +/* Valide un contenu comme étant un format BOOT.img. */ +bool check_bootimg_format(const GBinContent *); + +/* Indique le type défini pour un format d'image BOOT.img. */ +GType g_bootimg_format_get_type(void); + +/* Prend en charge un nouveau format BOOT.img. */ +GBootImgFormat *g_bootimg_format_new(GBinContent *); + +/* Présente l'entête BOOT.img du format chargé. */ +const boot_img_hdr *g_bootimg_format_get_header(const GBootImgFormat *); + +/* Fournit le noyau inclus dans une image de démarrage. */ +GBinContent *g_bootimg_format_get_kernel(const GBootImgFormat *); + +/* Fournit le disque en RAM inclus dans une image de démarrage. */ +GBinContent *g_bootimg_format_get_ramdisk(const GBootImgFormat *); + + + +#endif /* _PLUGINS_BOOTIMG_FORMAT_H */ diff --git a/plugins/bootimg/python/Makefile.am b/plugins/bootimg/python/Makefile.am new file mode 100644 index 0000000..a79af4d --- /dev/null +++ b/plugins/bootimg/python/Makefile.am @@ -0,0 +1,20 @@ + +noinst_LTLIBRARIES = libbootimgpython.la + +libbootimgpython_la_SOURCES = \ + format.h format.c \ + module.h module.c \ + translate.h translate.c + +libbootimgpython_la_LDFLAGS = + + +devdir = $(includedir)/chrysalide-$(subdir) + +dev_HEADERS = $(libbootimgpython_la_SOURCES:%c=) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) $(LIBPYTHON_CFLAGS) $(LIBPYGOBJECT_CFLAGS) \ + -I$(top_srcdir)/src -DNO_IMPORT_PYGOBJECT + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/bootimg/python/format.c b/plugins/bootimg/python/format.c new file mode 100644 index 0000000..ac987fc --- /dev/null +++ b/plugins/bootimg/python/format.c @@ -0,0 +1,311 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * format.c - équivalent Python du fichier "plugins/bootimg/format.c" + * + * Copyright (C) 2013-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "format.h" + + +#include + + +#include +#include +#include +#include + + +#include "translate.h" +#include "../format.h" + + + +/* Crée un nouvel objet Python de type 'BootImgFormat'. */ +static PyObject *py_bootimg_format_new(PyTypeObject *, PyObject *, PyObject *); + +/* Fournit l'en-tête Bootimg correspondant au format. */ +static PyObject *py_bootimg_format_get_header(PyObject *, void *); + +/* Fournit le noyau inclus dans une image de démarrage. */ +static PyObject *py_bootimg_format_get_kernel(PyObject *, void *); + +/* Fournit le disque en RAM inclus dans une image de démarrage. */ +static PyObject *py_bootimg_format_get_ramdisk(PyObject *, void *); + + + +/****************************************************************************** +* * +* Paramètres : type = type de l'objet à instancier. * +* args = arguments fournis à l'appel. * +* kwds = arguments de type key=val fournis. * +* * +* Description : Crée un nouvel objet Python de type 'BootImgFormat'. * +* * +* Retour : Instance Python mise en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_bootimg_format_new(PyTypeObject *type, PyObject *args, PyObject *kwds) +{ + PyObject *result; /* Instance à retourner */ + GBinContent *content; /* Instance GLib du contenu */ + int ret; /* Bilan de lecture des args. */ + GBootImgFormat *format; /* Création GLib à transmettre */ + +#define BOOTIMG_FORMAT_DOC \ + "BootImgFormat provides support for Android boot images.\n" \ + "\n" \ + "Instances can be created using the following constructor:\n" \ + "\n" \ + " BootImgFormat(content)" \ + "\n" \ + "Where content is the binary content of a file usually named 'boot.img'." + + ret = PyArg_ParseTuple(args, "O&", convert_to_binary_content, &content); + if (!ret) return NULL; + + format = g_bootimg_format_new(content); + + if (format == NULL) + { + result = Py_None; + Py_INCREF(result); + } + + else + { + result = pygobject_new(G_OBJECT(format)); + g_object_unref(format); + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = contenu binaire à manipuler. * +* closure = non utilisé ici. * +* * +* Description : Fournit l'entête Bootimg correspondant au format. * +* * +* Retour : Structure Python créée pour l'occasion. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_bootimg_format_get_header(PyObject *self, void *closure) +{ + PyObject *result; /* Trouvaille à retourner */ + GBootImgFormat *format; /* Version GLib du format */ + const boot_img_hdr *header; /* Entête à transcrire */ + +#define BOOTING_FORMAT_HEADER_ATTRIB PYTHON_GET_DEF_FULL \ +( \ + header, py_bootimg_format, \ + "Header of the boot image." \ +) + + format = G_BOOTIMG_FORMAT(pygobject_get(self)); + + header = g_bootimg_format_get_header(format); + + result = translate_bootimg_header_to_python(header); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Fournit le noyau inclus dans une image de démarrage. * +* * +* Retour : Nouveau contenu binaire ou NULL en cas d'absence. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_bootimg_format_get_kernel(PyObject *self, void *closure) +{ + PyObject *result; /* Trouvailles à retourner */ + GBootImgFormat *format; /* Version GLib du format */ + GBinContent *content; /* Contenu à transmettre */ + +#define BOOTING_FORMAT_KERNEL_ATTRIB PYTHON_GET_DEF_FULL \ +( \ + kernel, py_bootimg_format, \ + "Binary content for the (Linux) kernel contained in the boot image, or None." \ +) + + format = G_BOOTIMG_FORMAT(pygobject_get(self)); + + content = g_bootimg_format_get_ramdisk(format); + + if (content == NULL) + { + result = Py_None; + Py_INCREF(result); + } + + else + { + g_object_ref_sink(content); + result = pygobject_new(G_OBJECT(content)); + g_object_unref(content); + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Fournit le disque en RAM inclus dans une image de démarrage. * +* * +* Retour : Nouveau contenu binaire ou None en cas d'absence. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_bootimg_format_get_ramdisk(PyObject *self, void *closure) +{ + PyObject *result; /* Trouvailles à retourner */ + GBootImgFormat *format; /* Version GLib du format */ + GBinContent *content; /* Contenu à transmettre */ + +#define BOOTING_FORMAT_RAMDISK_ATTRIB PYTHON_GET_DEF_FULL \ +( \ + ramdisk, py_bootimg_format, \ + "Binary content for the ramdisk contained in the boot image, or None." \ +) + + format = G_BOOTIMG_FORMAT(pygobject_get(self)); + + content = g_bootimg_format_get_ramdisk(format); + + if (content == NULL) + { + result = Py_None; + Py_INCREF(result); + } + + else + { + g_object_ref_sink(content); + result = pygobject_new(G_OBJECT(content)); + g_object_unref(content); + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_bootimg_format_type(void) +{ + static PyMethodDef py_bootimg_format_methods[] = { + { NULL } + }; + + static PyGetSetDef py_bootimg_format_getseters[] = { + BOOTING_FORMAT_HEADER_ATTRIB, + BOOTING_FORMAT_KERNEL_ATTRIB, + BOOTING_FORMAT_RAMDISK_ATTRIB, + { NULL } + }; + + static PyTypeObject py_bootimg_format_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.format.bootimg.BootImgFormat", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT, + + .tp_doc = BOOTIMG_FORMAT_DOC, + + .tp_methods = py_bootimg_format_methods, + .tp_getset = py_bootimg_format_getseters, + .tp_new = py_bootimg_format_new + + }; + + return &py_bootimg_format_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.format..BootImgFormat'.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_python_bootimg_format(PyObject *module) +{ + PyTypeObject *type; /* Type Python 'BootImgFormat' */ + PyObject *dict; /* Dictionnaire du module */ + + type = get_python_bootimg_format_type(); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_BOOTIMG_FORMAT, type, get_python_known_format_type())) + return false; + + return true; + +} diff --git a/plugins/bootimg/python/format.h b/plugins/bootimg/python/format.h new file mode 100644 index 0000000..495d46e --- /dev/null +++ b/plugins/bootimg/python/format.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * format.h - prototypes pour l'équivalent Python du fichier "plugins/bootimg/format.h" + * + * Copyright (C) 2013-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_BOOTIMG_PYTHON_FORMAT_H +#define _PLUGINS_BOOTIMG_PYTHON_FORMAT_H + + +#include +#include + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_bootimg_format_type(void); + +/* Prend en charge l'objet 'pychrysalide.format.bootimg.BootImgFormat'. */ +bool register_python_bootimg_format(PyObject *); + + + +#endif /* _PLUGINS_BOOTIMG_PYTHON_FORMAT_H */ diff --git a/plugins/bootimg/python/module.c b/plugins/bootimg/python/module.c new file mode 100644 index 0000000..ee36ecf --- /dev/null +++ b/plugins/bootimg/python/module.c @@ -0,0 +1,82 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.c - intégration du répertoire bootimg en tant que module + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "module.h" + + +#include + + +#include +#include + + +#include "format.h" + + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Ajoute le module 'format.bootimg' au module Python. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool add_format_bootimg_module_to_python_module(void) +{ + bool result; /* Bilan à retourner */ + PyObject *super; /* Module à compléter */ + PyObject *module; /* Sous-module mis en place */ + + static PyModuleDef py_chrysalide_bootimg_module = { + + .m_base = PyModuleDef_HEAD_INIT, + + .m_name = "pychrysalide.format.bootimg", + .m_doc = "Python module for Chrysalide.format.bootimg", + + .m_size = -1, + + }; + + result = false; + + super = get_access_to_python_module("pychrysalide.format"); + + module = build_python_module(super, &py_chrysalide_bootimg_module); + + result = (module != NULL); + + if (result) result = register_python_bootimg_format(module); + + assert(result); + + return result; + +} diff --git a/plugins/bootimg/python/module.h b/plugins/bootimg/python/module.h new file mode 100644 index 0000000..d78ab38 --- /dev/null +++ b/plugins/bootimg/python/module.h @@ -0,0 +1,38 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * module.h - prototypes pour l'intégration du répertoire bootimg en tant que module + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_BOOTIMG_PYTHON_MODULE_H +#define _PLUGINS_BOOTIMG_PYTHON_MODULE_H + + +#include + + + +/* Ajoute le module 'format.bootimg' au module Python. */ +bool add_format_bootimg_module_to_python_module(void); + + + +#endif /* _PLUGINS_BOOTIMG_PYTHON_MODULE_H */ diff --git a/plugins/bootimg/python/translate.c b/plugins/bootimg/python/translate.c new file mode 100644 index 0000000..6d982c7 --- /dev/null +++ b/plugins/bootimg/python/translate.c @@ -0,0 +1,110 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * translate.c - conversion de structures ELF en objets Python + * + * Copyright (C) 2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "translate.h" + + +#include + + +#include + + + +/****************************************************************************** +* * +* Paramètres : header = entête BOOT.img à décrire en Python. * +* * +* Description : Traduit un entête BOOT.img en Python. * +* * +* Retour : Structure mise en place ou NULL en cas d'erreur. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyObject *translate_bootimg_header_to_python(const boot_img_hdr *header) +{ + PyObject *result; /* Construction à retourner */ + PyTypeObject *base; /* Modèle d'objet à créer */ + PyObject *attrib; /* Attribut à constituer */ + int ret; /* Bilan d'une mise en place */ + + base = get_python_py_struct_type(); + + result = PyObject_CallFunction((PyObject *)base, NULL); + assert(result != NULL); + + +#define TRANSLATE_HEADER_BYTE_VALUE(_f, _sz) \ + do \ + { \ + attrib = PyBytes_FromStringAndSize((char *)header->_f, _sz); \ + ret = PyDict_SetItemString(result, #_f, attrib); \ + if (ret != 0) goto failed; \ + } \ + while (0); + +#define TRANSLATE_HEADER_NUMERIC_VALUE(_f) \ + do \ + { \ + attrib = PyLong_FromUnsignedLongLong(header->_f); \ + ret = PyDict_SetItemString(result, #_f, attrib); \ + if (ret != 0) goto failed; \ + } \ + while (0); + + + TRANSLATE_HEADER_BYTE_VALUE(magic, BOOT_MAGIC_SIZE); + TRANSLATE_HEADER_NUMERIC_VALUE(kernel_size); + TRANSLATE_HEADER_NUMERIC_VALUE(kernel_addr); + + TRANSLATE_HEADER_NUMERIC_VALUE(ramdisk_size); + TRANSLATE_HEADER_NUMERIC_VALUE(ramdisk_addr); + + TRANSLATE_HEADER_NUMERIC_VALUE(second_size); + TRANSLATE_HEADER_NUMERIC_VALUE(second_addr); + + TRANSLATE_HEADER_NUMERIC_VALUE(tags_addr); + TRANSLATE_HEADER_NUMERIC_VALUE(page_size); + TRANSLATE_HEADER_NUMERIC_VALUE(header_version); + TRANSLATE_HEADER_NUMERIC_VALUE(os_version); + TRANSLATE_HEADER_BYTE_VALUE(name, BOOT_NAME_SIZE); + TRANSLATE_HEADER_BYTE_VALUE(cmdline, BOOT_ARGS_SIZE); + TRANSLATE_HEADER_BYTE_VALUE(id, 8 * sizeof(uint32_t)); + TRANSLATE_HEADER_BYTE_VALUE(extra_cmdline, BOOT_EXTRA_ARGS_SIZE); + + TRANSLATE_HEADER_NUMERIC_VALUE(recovery_dtbo_size); + TRANSLATE_HEADER_NUMERIC_VALUE(recovery_dtbo_offset); + TRANSLATE_HEADER_NUMERIC_VALUE(header_size); + + return result; + + failed: + + Py_DECREF(result); + + return NULL; + +} diff --git a/plugins/bootimg/python/translate.h b/plugins/bootimg/python/translate.h new file mode 100644 index 0000000..1402dc7 --- /dev/null +++ b/plugins/bootimg/python/translate.h @@ -0,0 +1,41 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * translate.h - prototypes pour la conversion de structures BOOT.img en objets Python + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_BOOTIMG_PYTHON_TRANSLATE_H +#define _PLUGINS_BOOTIMG_PYTHON_TRANSLATE_H + + +#include + + +#include "../bootimg-def.h" + + + +/* Traduit un entête BOOT.img en Python. */ +PyObject *translate_bootimg_header_to_python(const boot_img_hdr *); + + + +#endif /* _PLUGINS_BOOTIMG_PYTHON_TRANSLATE_H */ diff --git a/plugins/pychrysalide/format/Makefile.am b/plugins/pychrysalide/format/Makefile.am index 847f8e4..6d50da7 100644 --- a/plugins/pychrysalide/format/Makefile.am +++ b/plugins/pychrysalide/format/Makefile.am @@ -5,6 +5,7 @@ libpychrysaformat_la_SOURCES = \ executable.h executable.c \ flat.h flat.c \ format.h format.c \ + known.h known.c \ module.h module.c \ strsym.h strsym.c \ symbol.h symbol.c \ diff --git a/plugins/pychrysalide/format/known.c b/plugins/pychrysalide/format/known.c new file mode 100644 index 0000000..e19a4a2 --- /dev/null +++ b/plugins/pychrysalide/format/known.c @@ -0,0 +1,292 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * known.c - équivalent Python du fichier "format/known.c" + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#include "known.h" + + +#include + + +#include + + +#include "../access.h" +#include "../helpers.h" + + + +/* Assure l'interprétation d'un format en différé. */ +static PyObject *py_known_format_analyze(PyObject *, PyObject *); + +/* Indique la désignation interne du format. */ +static PyObject *py_known_format_get_name(PyObject *, void *); + +/* Indique la désignation humaine du format. */ +static PyObject *py_known_format_get_description(PyObject *, void *); + +/* Fournit une référence vers le contenu binaire analysé. */ +static PyObject *py_known_format_get_content(PyObject *, void *); + + + +#define KNOWN_FORMAT_DOC \ + "KnownFormat is a small class providing basic features for recognized formats." + + + +/****************************************************************************** +* * +* Paramètres : self = objet représentant un format connu. * +* args = arguments fournis pour l'opération. * +* * +* Description : Assure l'interprétation d'un format en différé. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_known_format_analyze(PyObject *self, PyObject *args) +{ + PyObject *result; /* Bilan à retourner */ + int ret; /* Bilan de lecture des args. */ + GKnownFormat *format; /* Format connu manipulé */ + bool status; /* Bilan de l'opération */ + +#define KNOWN_FORMAT_ANALYZE_METHOD PYTHON_METHOD_DEF \ +( \ + analyze, "$self, /, gid, status", \ + METH_VARARGS, py_known_format, \ + "Start the analysis of the known format and return its status." \ +) + + ret = PyArg_ParseTuple(args, "");//|KO!", &gid, &status); + if (!ret) return NULL; + + format = G_KNOWN_FORMAT(pygobject_get(self)); + + status = g_known_format_analyze(format, 0, NULL); + + result = status ? Py_True : Py_False; + Py_INCREF(result); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Indique la désignation interne du format. * +* * +* Retour : Description du format. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_known_format_get_name(PyObject *self, void *closure) +{ + PyObject *result; /* Trouvailles à retourner */ + GKnownFormat *format; /* Format de binaire manipulé */ + const char *name; /* Description interne */ + +#define KNOWN_FORMAT_NAME_ATTRIB PYTHON_GET_DEF_FULL \ +( \ + name, py_known_format, \ + "Internal name of the known format." \ +) + + format = G_KNOWN_FORMAT(pygobject_get(self)); + + name = g_known_format_get_name(format); + + result = PyUnicode_FromString(name); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Indique la désignation humaine du format. * +* * +* Retour : Description du format. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_known_format_get_description(PyObject *self, void *closure) +{ + PyObject *result; /* Trouvailles à retourner */ + GKnownFormat *format; /* Format de binaire manipulé */ + const char *desc; /* Description humaine */ + +#define KNOWN_FORMAT_DESCRIPTION_ATTRIB PYTHON_GET_DEF_FULL \ +( \ + description, py_known_format, \ + "Human description of the known format." \ +) + + format = G_KNOWN_FORMAT(pygobject_get(self)); + + desc = g_known_format_get_description(format); + + result = PyUnicode_FromString(desc); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : self = objet Python concerné par l'appel. * +* closure = non utilisé ici. * +* * +* Description : Fournit une référence vers le contenu binaire analysé. * +* * +* Retour : Gestionnaire de contenu binaire en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_known_format_get_content(PyObject *self, void *closure) +{ + PyObject *result; /* Trouvailles à retourner */ + GKnownFormat *format; /* Format de binaire manipulé */ + GBinContent *content; /* Instance GLib correspondante*/ + +#define KNOWN_FORMAT_CONTENT_ATTRIB PYTHON_GET_DEF_FULL \ +( \ + content, py_known_format, \ + "Binary content linked to the known format." \ +) + + format = G_KNOWN_FORMAT(pygobject_get(self)); + + content = g_known_format_get_content(format); + + result = pygobject_new(G_OBJECT(content)); + + g_object_unref(content); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit un accès à une définition de type à diffuser. * +* * +* Retour : Définition d'objet pour Python. * +* * +* Remarques : - * +* * +******************************************************************************/ + +PyTypeObject *get_python_known_format_type(void) +{ + static PyMethodDef py_known_format_methods[] = { + KNOWN_FORMAT_ANALYZE_METHOD, + { NULL } + }; + + static PyGetSetDef py_known_format_getseters[] = { + KNOWN_FORMAT_NAME_ATTRIB, + KNOWN_FORMAT_DESCRIPTION_ATTRIB, + KNOWN_FORMAT_CONTENT_ATTRIB, + { NULL } + }; + + static PyTypeObject py_known_format_type = { + + PyVarObject_HEAD_INIT(NULL, 0) + + .tp_name = "pychrysalide.format.KnownFormat", + .tp_basicsize = sizeof(PyGObject), + + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_IS_ABSTRACT | Py_TPFLAGS_BASETYPE, + + .tp_doc = KNOWN_FORMAT_DOC, + + .tp_methods = py_known_format_methods, + .tp_getset = py_known_format_getseters + + }; + + return &py_known_format_type; + +} + + +/****************************************************************************** +* * +* Paramètres : module = module dont la définition est à compléter. * +* * +* Description : Prend en charge l'objet 'pychrysalide.format.BinFormat'. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool ensure_python_known_format_is_registered(void) +{ + PyTypeObject *type; /* Type Python 'BinFormat' */ + PyObject *module; /* Module à recompléter */ + PyObject *dict; /* Dictionnaire du module */ + + type = get_python_known_format_type(); + + if (!PyType_HasFeature(type, Py_TPFLAGS_READY)) + { + module = get_access_to_python_module("pychrysalide.format"); + + APPLY_ABSTRACT_FLAG(type); + + dict = PyModule_GetDict(module); + + if (!register_class_for_pygobject(dict, G_TYPE_KNOWN_FORMAT, type, &PyGObject_Type)) + return false; + + } + + return true; + +} diff --git a/plugins/pychrysalide/format/known.h b/plugins/pychrysalide/format/known.h new file mode 100644 index 0000000..16cbf83 --- /dev/null +++ b/plugins/pychrysalide/format/known.h @@ -0,0 +1,42 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * known.h - prototypes pour l'équivalent Python du fichier "format/known.h" + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +#ifndef _PLUGINS_PYCHRYSALIDE_FORMAT_KNOWN_H +#define _PLUGINS_PYCHRYSALIDE_FORMAT_KNOWN_H + + +#include +#include + + + +/* Fournit un accès à une définition de type à diffuser. */ +PyTypeObject *get_python_known_format_type(void); + +/* Prend en charge l'objet 'pychrysalide.format.KnownFormat'. */ +bool ensure_python_known_format_is_registered(void); + + + +#endif /* _PLUGINS_PYCHRYSALIDE_FORMAT_KNOWN_H */ diff --git a/plugins/pychrysalide/format/module.c b/plugins/pychrysalide/format/module.c index 2f90792..f5768d1 100644 --- a/plugins/pychrysalide/format/module.c +++ b/plugins/pychrysalide/format/module.c @@ -31,6 +31,7 @@ #include "executable.h" #include "flat.h" #include "format.h" +#include "known.h" #include "strsym.h" #include "symbol.h" #include "symiter.h" @@ -95,6 +96,7 @@ bool populate_format_module(void) if (result) result = ensure_python_executable_format_is_registered(); if (result) result = ensure_python_flat_format_is_registered(); + if (result) result = ensure_python_known_format_is_registered(); if (result) result = ensure_python_binary_format_is_registered(); if (result) result = ensure_python_string_symbol_is_registered(); if (result) result = ensure_python_binary_symbol_is_registered(); diff --git a/src/analysis/loading.c b/src/analysis/loading.c index 664b8d6..5c105f5 100644 --- a/src/analysis/loading.c +++ b/src/analysis/loading.c @@ -843,7 +843,7 @@ void g_content_explorer_populate_group(GContentExplorer *explorer, wgroup_id_t w group->contents = realloc(group->contents, ++group->count * sizeof(GBinContent *)); group->contents[group->count - 1] = content; - g_object_ref(G_OBJECT(content)); + g_object_ref_sink(G_OBJECT(content)); /* Relancement des explorations */ diff --git a/src/format/Makefile.am b/src/format/Makefile.am index 1ab4825..dab4260 100644 --- a/src/format/Makefile.am +++ b/src/format/Makefile.am @@ -10,6 +10,8 @@ libformat_la_SOURCES = \ flat.h flat.c \ format-int.h \ format.h format.c \ + known-int.h \ + known.h known.c \ preload-int.h \ preload.h preload.c \ strsym.h strsym.c \ diff --git a/src/format/known-int.h b/src/format/known-int.h new file mode 100644 index 0000000..e4d3bd6 --- /dev/null +++ b/src/format/known-int.h @@ -0,0 +1,65 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * known-int.h - prototypes utiles aux formats binaires reconnus + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_KNOWN_INT_H +#define _FORMAT_KNOWN_INT_H + + +#include "known.h" + + + +/* Indique la désignation interne du format. */ +typedef const char * (* known_get_name_fc) (const GKnownFormat *); + +/* Fournit une description humaine du format. */ +typedef const char * (* known_get_desc_fc) (const GKnownFormat *); + +/*Assure l'interprétation d'un format en différé. */ +typedef bool (* known_analyze_fc) (GKnownFormat *, wgroup_id_t, GtkStatusStack *); + + +/* Format binaire générique (instance) */ +struct _GKnownFormat +{ + GObject parent; /* A laisser en premier */ + + GBinContent *content; /* Contenu binaire à étudier */ + +}; + +/* Format binaire générique (classe) */ +struct _GKnownFormatClass +{ + GObjectClass parent; /* A laisser en premier */ + + known_get_name_fc get_name; /* Désignation interne */ + known_get_desc_fc get_desc; /* Désignation humaine */ + + known_analyze_fc analyze; /* Interprétation du format */ + +}; + + + +#endif /* _FORMAT_KNOWN_INT_H */ diff --git a/src/format/known.c b/src/format/known.c new file mode 100644 index 0000000..9a3eef6 --- /dev/null +++ b/src/format/known.c @@ -0,0 +1,260 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * format.c - support des différents formats binaires reconnus + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "known.h" + + +#include + + +#include "known-int.h" +#include "../plugins/pglist.h" + + + +/* Initialise la classe des formats binaires génériques. */ +static void g_known_format_class_init(GKnownFormatClass *); + +/* Initialise une instance de format binaire générique. */ +static void g_known_format_init(GKnownFormat *); + +/* Supprime toutes les références externes. */ +static void g_known_format_dispose(GKnownFormat *); + +/* Procède à la libération totale de la mémoire. */ +static void g_known_format_finalize(GKnownFormat *); + + + +/* Indique le type défini pour un format binaire générique. */ +G_DEFINE_TYPE(GKnownFormat, g_known_format, G_TYPE_OBJECT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats binaires génériques. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_known_format_class_init(GKnownFormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_known_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_known_format_finalize; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format binaire générique. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_known_format_init(GKnownFormat *format) +{ + format->content = NULL; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_known_format_dispose(GKnownFormat *format) +{ + g_clear_object(&format->content); + + G_OBJECT_CLASS(g_known_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_known_format_finalize(GKnownFormat *format) +{ + G_OBJECT_CLASS(g_known_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* content = contenu binaire à parcourir. * +* * +* Description : Définit le contenu binaire à analyser. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void g_known_format_set_content(GKnownFormat *format, GBinContent *content) +{ + assert(format->content == NULL); + + g_object_ref_sink(G_OBJECT(content)); + + format->content = content; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* * +* Description : Fournit une référence vers le contenu binaire analysé. * +* * +* Retour : Gestionnaire de contenu binaire en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinContent *g_known_format_get_content(const GKnownFormat *format) +{ + GBinContent *result; /* Instance à retourner */ + + result = format->content; + + g_object_ref(G_OBJECT(result)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* * +* Description : Indique la désignation interne du format. * +* * +* Retour : Description du format. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const char *g_known_format_get_name(const GKnownFormat *format) +{ + const char *result; /* Désignation à retourner */ + + result = G_KNOWN_FORMAT_GET_CLASS(format)->get_name(format); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* * +* Description : Fournit une description humaine du format. * +* * +* Retour : Description du format. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const char *g_known_format_get_description(const GKnownFormat *format) +{ + const char *result; /* Désignation à retourner */ + + result = G_KNOWN_FORMAT_GET_CLASS(format)->get_desc(format); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = format chargé dont l'analyse est lancée. * +* gid = groupe de travail dédié. * +* status = barre de statut à tenir informée. * +* * +* Description : Assure l'interprétation d'un format en différé. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool g_known_format_analyze(GKnownFormat *format, wgroup_id_t gid, GtkStatusStack *status) +{ + bool result; /* Bilan à retourner */ + GKnownFormatClass *class; /* Classe de l'instance */ + + handle_known_format_analysis(PGA_FORMAT_ANALYSIS_STARTED, format, gid, status); + + class = G_KNOWN_FORMAT_GET_CLASS(format); + + result = class->analyze(format, gid, status); + + handle_known_format_analysis(PGA_FORMAT_ANALYSIS_ENDED, format, gid, status); + + return result; + +} diff --git a/src/format/known.h b/src/format/known.h new file mode 100644 index 0000000..c89ba4a --- /dev/null +++ b/src/format/known.h @@ -0,0 +1,72 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * format.h - prototypes pour le support des différents formats binaires reconnus + * + * Copyright (C) 2019 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_KNOWN_H +#define _FORMAT_KNOWN_H + + +#include +#include + + +#include "../analysis/content.h" +#include "../glibext/delayed.h" + + + +#define G_TYPE_KNOWN_FORMAT g_known_format_get_type() +#define G_KNOWN_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), G_TYPE_KNOWN_FORMAT, GKnownFormat)) +#define G_IS_KNOWN_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), G_TYPE_KNOWN_FORMAT)) +#define G_KNOWN_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_KNOWN_FORMAT, GKnownFormatClass)) +#define G_IS_KNOWN_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_KNOWN_FORMAT)) +#define G_KNOWN_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_KNOWN_FORMAT, GKnownFormatClass)) + + +/* Format binaire générique (instance) */ +typedef struct _GKnownFormat GKnownFormat; + +/* Format binaire générique (classe) */ +typedef struct _GKnownFormatClass GKnownFormatClass; + + +/* Indique le type défini pour un format binaire générique. */ +GType g_known_format_get_type(void); + +/* Définit le contenu binaire à analyser. */ +void g_known_format_set_content(GKnownFormat *, GBinContent *); + +/* Fournit une référence vers le contenu binaire analysé. */ +GBinContent *g_known_format_get_content(const GKnownFormat *); + +/* Indique la désignation interne du format. */ +const char *g_known_format_get_name(const GKnownFormat *); + +/* Fournit une description humaine du format. */ +const char *g_known_format_get_description(const GKnownFormat *); + +/* Assure l'interprétation d'un format en différé. */ +bool g_known_format_analyze(GKnownFormat *, wgroup_id_t, GtkStatusStack *); + + + +#endif /* _FORMAT_KNOWN_H */ diff --git a/src/plugins/pglist.h b/src/plugins/pglist.h index 1306571..c55c6da 100644 --- a/src/plugins/pglist.h +++ b/src/plugins/pglist.h @@ -105,6 +105,9 @@ GPluginModule **get_all_plugins_for_action(PluginAction, size_t *); /* DPS_FORMAT */ +#define handle_known_format_analysis(a, f, g, s) \ + process_all_plugins_for(a, g_plugin_module_handle_known_format_analysis, f, g, s) + #define handle_binary_format_analysis(a, f, g, s) \ process_all_plugins_for(a, g_plugin_module_handle_binary_format_analysis, f, g, s) diff --git a/src/plugins/plugin.c b/src/plugins/plugin.c index 27f1871..7423148 100644 --- a/src/plugins/plugin.c +++ b/src/plugins/plugin.c @@ -1139,6 +1139,33 @@ void g_plugin_module_handle_loaded_content(const GPluginModule *plugin, PluginAc * * ******************************************************************************/ +bool g_plugin_module_handle_known_format_analysis(const GPluginModule *plugin, PluginAction action, GKnownFormat *format, wgroup_id_t gid, GtkStatusStack *status) +{ + GPluginModuleClass *class; /* Classe de l'instance active */ + + class = G_PLUGIN_MODULE_GET_CLASS(plugin); + + return false;//class->handle_fmt_analysis(plugin, action, G_BIN_FORMAT(format), gid, status); + +} + + +/****************************************************************************** +* * +* Paramètres : plugin = greffon à manipuler. * +* action = type d'action attendue. * +* format = format de binaire à manipuler pendant l'opération. * +* gid = groupe de travail dédié. * +* status = barre de statut à tenir informée. * +* * +* Description : Procède à une opération liée à l'analyse d'un format. * +* * +* Retour : Bilan de l'exécution du traitement. * +* * +* Remarques : - * +* * +******************************************************************************/ + bool g_plugin_module_handle_binary_format_analysis(const GPluginModule *plugin, PluginAction action, GBinFormat *format, wgroup_id_t gid, GtkStatusStack *status) { GPluginModuleClass *class; /* Classe de l'instance active */ diff --git a/src/plugins/plugin.h b/src/plugins/plugin.h index cccd39b..9b8d294 100644 --- a/src/plugins/plugin.h +++ b/src/plugins/plugin.h @@ -32,6 +32,7 @@ #include "plugin-def.h" #include "../analysis/binary.h" #include "../format/format.h" +#include "../format/known.h" #include "../format/preload.h" #include "../gtkext/gtkstatusstack.h" @@ -104,6 +105,9 @@ void g_plugin_module_handle_binary_content(const GPluginModule *, PluginAction, void g_plugin_module_handle_loaded_content(const GPluginModule *, PluginAction, GLoadedContent *, wgroup_id_t, GtkStatusStack *); /* Procède à une opération liée à l'analyse d'un format. */ +bool g_plugin_module_handle_known_format_analysis(const GPluginModule *, PluginAction, GKnownFormat *, wgroup_id_t, GtkStatusStack *); + +/* Procède à une opération liée à l'analyse d'un format. */ bool g_plugin_module_handle_binary_format_analysis(const GPluginModule *, PluginAction, GBinFormat *, wgroup_id_t, GtkStatusStack *); /* Procède à un préchargement de format de fichier. */ -- cgit v0.11.2-87-g4458