From dad453ff553f0ab07206f26345dc0adeffb775fd Mon Sep 17 00:00:00 2001 From: Cyrille Bagard Date: Sat, 24 Nov 2018 12:41:13 +0100 Subject: Moved the DWARF support as plugin and disabled it. --- configure.ac | 4 - plugins/dwarf/Makefile.am | 39 ++ plugins/dwarf/abbrev.c | 1390 +++++++++++++++++++++++++++++++++++++++ plugins/dwarf/abbrev.h | 126 ++++ plugins/dwarf/d_dwarf.c | 114 ++++ plugins/dwarf/d_dwarf.h | 50 ++ plugins/dwarf/die.c | 303 +++++++++ plugins/dwarf/die.h | 76 +++ plugins/dwarf/dwarf-int.c | 207 ++++++ plugins/dwarf/dwarf-int.h | 185 ++++++ plugins/dwarf/dwarf.c | 337 ++++++++++ plugins/dwarf/dwarf.h | 55 ++ plugins/dwarf/dwarf_def.h | 830 +++++++++++++++++++++++ plugins/dwarf/form.c | 113 ++++ plugins/dwarf/form.h | 40 ++ plugins/dwarf/info.c | 853 ++++++++++++++++++++++++ plugins/dwarf/info.h | 63 ++ plugins/dwarf/symbols.c | 316 +++++++++ plugins/dwarf/symbols.h | 40 ++ plugins/dwarf/utils.c | 304 +++++++++ plugins/dwarf/utils.h | 56 ++ plugins/dwarf/v2/Makefile.am | 18 + plugins/dwarf/v2/dwarf.c | 180 +++++ plugins/dwarf/v2/dwarf.h | 58 ++ plugins/dwarf/v2/form.c | 276 ++++++++ plugins/dwarf/v2/form.h | 39 ++ plugins/dwarf/v3/Makefile.am | 17 + plugins/dwarf/v3/dwarf.c | 172 +++++ plugins/dwarf/v3/dwarf.h | 58 ++ plugins/dwarf/v4/Makefile.am | 18 + plugins/dwarf/v4/dwarf.c | 182 +++++ plugins/dwarf/v4/dwarf.h | 58 ++ plugins/dwarf/v4/form.c | 106 +++ plugins/dwarf/v4/form.h | 39 ++ src/format/Makefile.am | 2 +- src/format/dwarf/Makefile.am | 39 -- src/format/dwarf/abbrev.c | 1390 --------------------------------------- src/format/dwarf/abbrev.h | 126 ---- src/format/dwarf/d_dwarf.c | 114 ---- src/format/dwarf/d_dwarf.h | 50 -- src/format/dwarf/die.c | 303 --------- src/format/dwarf/die.h | 76 --- src/format/dwarf/dwarf-int.c | 207 ------ src/format/dwarf/dwarf-int.h | 185 ------ src/format/dwarf/dwarf.c | 337 ---------- src/format/dwarf/dwarf.h | 55 -- src/format/dwarf/dwarf_def.h | 830 ----------------------- src/format/dwarf/form.c | 113 ---- src/format/dwarf/form.h | 40 -- src/format/dwarf/info.c | 853 ------------------------ src/format/dwarf/info.h | 63 -- src/format/dwarf/symbols.c | 316 --------- src/format/dwarf/symbols.h | 40 -- src/format/dwarf/utils.c | 304 --------- src/format/dwarf/utils.h | 56 -- src/format/dwarf/v2/Makefile.am | 18 - src/format/dwarf/v2/dwarf.c | 180 ----- src/format/dwarf/v2/dwarf.h | 58 -- src/format/dwarf/v2/form.c | 276 -------- src/format/dwarf/v2/form.h | 39 -- src/format/dwarf/v3/Makefile.am | 17 - src/format/dwarf/v3/dwarf.c | 172 ----- src/format/dwarf/v3/dwarf.h | 58 -- src/format/dwarf/v4/Makefile.am | 18 - src/format/dwarf/v4/dwarf.c | 182 ----- src/format/dwarf/v4/dwarf.h | 58 -- src/format/dwarf/v4/form.c | 106 --- src/format/dwarf/v4/form.h | 39 -- 68 files changed, 6719 insertions(+), 6723 deletions(-) create mode 100644 plugins/dwarf/Makefile.am create mode 100644 plugins/dwarf/abbrev.c create mode 100644 plugins/dwarf/abbrev.h create mode 100644 plugins/dwarf/d_dwarf.c create mode 100644 plugins/dwarf/d_dwarf.h create mode 100644 plugins/dwarf/die.c create mode 100644 plugins/dwarf/die.h create mode 100644 plugins/dwarf/dwarf-int.c create mode 100644 plugins/dwarf/dwarf-int.h create mode 100644 plugins/dwarf/dwarf.c create mode 100644 plugins/dwarf/dwarf.h create mode 100644 plugins/dwarf/dwarf_def.h create mode 100644 plugins/dwarf/form.c create mode 100644 plugins/dwarf/form.h create mode 100644 plugins/dwarf/info.c create mode 100644 plugins/dwarf/info.h create mode 100644 plugins/dwarf/symbols.c create mode 100644 plugins/dwarf/symbols.h create mode 100644 plugins/dwarf/utils.c create mode 100644 plugins/dwarf/utils.h create mode 100644 plugins/dwarf/v2/Makefile.am create mode 100644 plugins/dwarf/v2/dwarf.c create mode 100644 plugins/dwarf/v2/dwarf.h create mode 100644 plugins/dwarf/v2/form.c create mode 100644 plugins/dwarf/v2/form.h create mode 100644 plugins/dwarf/v3/Makefile.am create mode 100644 plugins/dwarf/v3/dwarf.c create mode 100644 plugins/dwarf/v3/dwarf.h create mode 100644 plugins/dwarf/v4/Makefile.am create mode 100644 plugins/dwarf/v4/dwarf.c create mode 100644 plugins/dwarf/v4/dwarf.h create mode 100644 plugins/dwarf/v4/form.c create mode 100644 plugins/dwarf/v4/form.h delete mode 100644 src/format/dwarf/Makefile.am delete mode 100644 src/format/dwarf/abbrev.c delete mode 100644 src/format/dwarf/abbrev.h delete mode 100644 src/format/dwarf/d_dwarf.c delete mode 100644 src/format/dwarf/d_dwarf.h delete mode 100644 src/format/dwarf/die.c delete mode 100644 src/format/dwarf/die.h delete mode 100644 src/format/dwarf/dwarf-int.c delete mode 100644 src/format/dwarf/dwarf-int.h delete mode 100644 src/format/dwarf/dwarf.c delete mode 100644 src/format/dwarf/dwarf.h delete mode 100644 src/format/dwarf/dwarf_def.h delete mode 100644 src/format/dwarf/form.c delete mode 100644 src/format/dwarf/form.h delete mode 100644 src/format/dwarf/info.c delete mode 100644 src/format/dwarf/info.h delete mode 100644 src/format/dwarf/symbols.c delete mode 100644 src/format/dwarf/symbols.h delete mode 100644 src/format/dwarf/utils.c delete mode 100644 src/format/dwarf/utils.h delete mode 100644 src/format/dwarf/v2/Makefile.am delete mode 100644 src/format/dwarf/v2/dwarf.c delete mode 100644 src/format/dwarf/v2/dwarf.h delete mode 100644 src/format/dwarf/v2/form.c delete mode 100644 src/format/dwarf/v2/form.h delete mode 100644 src/format/dwarf/v3/Makefile.am delete mode 100644 src/format/dwarf/v3/dwarf.c delete mode 100644 src/format/dwarf/v3/dwarf.h delete mode 100644 src/format/dwarf/v4/Makefile.am delete mode 100644 src/format/dwarf/v4/dwarf.c delete mode 100644 src/format/dwarf/v4/dwarf.h delete mode 100644 src/format/dwarf/v4/form.c delete mode 100644 src/format/dwarf/v4/form.h diff --git a/configure.ac b/configure.ac index d3ba94d..4db0adb 100644 --- a/configure.ac +++ b/configure.ac @@ -407,10 +407,6 @@ AC_CONFIG_FILES([Makefile src/debug/Makefile src/debug/gdbrsp/Makefile src/format/Makefile - src/format/dwarf/Makefile - src/format/dwarf/v2/Makefile - src/format/dwarf/v3/Makefile - src/format/dwarf/v4/Makefile src/format/java/Makefile src/format/pe/Makefile src/glibext/Makefile diff --git a/plugins/dwarf/Makefile.am b/plugins/dwarf/Makefile.am new file mode 100644 index 0000000..3020643 --- /dev/null +++ b/plugins/dwarf/Makefile.am @@ -0,0 +1,39 @@ + +noinst_LTLIBRARIES = libformatdwarf.la + +libformatdwarf_la_SOURCES = \ + abbrev.h abbrev.c \ + die.h die.c \ + dwarf.h dwarf.c \ + dwarf-int.h dwarf-int.c \ + dwarf_def.h \ + form.h form.c \ + info.h info.c \ + symbols.h symbols.c + +# libformatdwarf_la_SOURCES = \ +# abbrev.h abbrev.c \ +# dwarf.h dwarf.c \ +# d_dwarf.h d_dwarf.c \ +# dwarf_def.h \ +# info.h info.c \ +# utils.h utils.c + +libformatdwarf_la_LIBADD = \ + v2/libformatdwarfv2.la \ + v3/libformatdwarfv3.la \ + v4/libformatdwarfv4.la + +libformatdwarf_la_LDFLAGS = $(LIBGTK_LIBS) + + +devdir = $(includedir)/chrysalide/$(subdir:src/%=%) + +dev_HEADERS = $(libformatdwarf_la_SOURCES:%c=) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) + +SUBDIRS = v2 v3 v4 diff --git a/plugins/dwarf/abbrev.c b/plugins/dwarf/abbrev.c new file mode 100644 index 0000000..f214430 --- /dev/null +++ b/plugins/dwarf/abbrev.c @@ -0,0 +1,1390 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * abbrev.c - manipulation des abréviation DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "abbrev.h" + + +#include + + +#include "dwarf-int.h" + + + + + +/* Description d'un attribut d'une abréviation */ +typedef struct _dw_abbrev_attr +{ + DwarfAttrib name; /* Sujet de l'élément */ + DwarfForm form; /* Représentation */ + +} dw_abbrev_attr; + + +/* Description d'une abréviation */ +struct _dw_abbrev +{ + uleb128_t code; /* Identifiant attribué */ + DwarfTag tag; /* Sujet de l'élément */ + + dw_abbrev_attr *attribs; /* Liste des attributs */ + size_t attribs_count; /* Nombre de ces attributs */ + + struct _dw_abbrev **children; /* Liste des sous-éléments */ + size_t children_count; /* Nombre de ces enfants */ + +}; + + + + + +/* Procède à la conversion de base d'une abréviation DWARF. */ +static bool check_abbreviation_decl(const GDwarfFormat *, const dw_abbrev_decl *, dw_abbrev *); + +/* Procède à la conversion d'un attribut d'abréviation DWARF. */ +static bool check_abbreviation_attrib(const GDwarfFormat *, const dw_abbrev_raw_attr *, dw_abbrev_attr *); + + + + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à constituer. * +* * +* Description : Charge toutes les abbréviations présentes dans un DWARF. * +* * +* Retour : Bilan de l'opération, potentiellement un succès sans sortie. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_all_dwarf_abbreviations(GDwarfFormat *format) +{ + bool result; /* Bilan à faire remonter */ + mrange_t range; /* Couverture d'une section */ + vmpa2t *pos; /* Position de tête de lecture */ + + result = g_exe_format_get_section_range_by_name(G_DBG_FORMAT(format)->executable, ".debug_abbrev", &range); + + pos = get_mrange_addr(&range); + + printf("start :: 0x%08x\n", (unsigned int)pos->physical); + + result &= load_dwarf_abbreviation(format, pos, &format->abbreviations); + + printf("abbrevs :: %p\n", format->abbreviations); + + if (format->abbreviations != NULL) + printf(" -> children : %zu\n", format->abbreviations->children_count); + else + printf(" -> (nothing)\n"); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à consulter. * +* pos = tête de lecture à faire évoluer. * +* abbrev = abréviation lue et complète, NULL si aucune. [OUT] * +* * +* Description : Charge une abréviation valide pour un DWARF en mémoire. * +* * +* Retour : Bilan de l'opération, potentiellement un succès sans sortie. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_dwarf_abbreviation(const GDwarfFormat *format, vmpa2t *pos, dw_abbrev **abbrev) +{ + dw_abbrev_decl decl; /* En-tête d'abréviation */ + bool status; /* Bilan d'une lecture */ + dw_abbrev_raw_attr attr; /* Attribut de l'abréviation */ + dw_abbrev *child; /* Rejeton à intégrer */ + + *abbrev = NULL; + + /** + * Cette routine est la transcription du paragraphe 7.5.3 ("Abbreviations Tables"), + * de la quatrième version de la définition du format DWARF. + * + * La spécification précise : + * + * As mentioned in Section 2.3, each chain of sibling entries is terminated by a null entry. + * + * Cependant, ce formalisme n'est pas constaté dans la pratique. D'ailleurs, readelf + * comporte le commentaire suivant dans le fichier 'dwarf_reader.cc' : + * + * Read the abbrev code. A zero here indicates the end of the abbrev table. + * + */ + + if (!read_dwarf_abbrev_decl(format, pos, &decl)) + goto lda_bad_exit; + + if (decl.code == 0) + goto lda_exit; + + *abbrev = (dw_abbrev *)calloc(1, sizeof(dw_abbrev)); + + if (!check_abbreviation_decl(format, &decl, *abbrev)) + goto lda_bad_exit; + + /* Chargement des attributs */ + + for (;;) + { + status = read_dwarf_abbrev_attr(format, pos, &attr); + if (!status) goto lda_bad_exit; + + printf(" -- [0x%llx] [0x%llx] name = %u\tform = %u\n", + (unsigned long long)pos->physical, + (unsigned long long)decl.code, + (unsigned int)attr.name, (unsigned int)attr.form); + + if (attr.name == DW_ATTR_invalid && attr.form == DW_FORM_invalid) + break; + + (*abbrev)->attribs_count++; + (*abbrev)->attribs = (dw_abbrev_attr *)realloc((*abbrev)->attribs, + (*abbrev)->attribs_count * sizeof(dw_abbrev_attr)); + + status = check_abbreviation_attrib(format, &attr, + &(*abbrev)->attribs[(*abbrev)->attribs_count - 1]); + if (!status) goto lda_bad_exit; + + } + + /* Chargement des enfants */ + + printf(" || children ? %d vs %d\n", (int)decl.has_children, (int)DW_CHILDREN_yes); + + if (decl.has_children == DW_CHILDREN_yes) + for (;;) + { + status = load_dwarf_abbreviation(format, pos, &child); + if (!status) goto lda_bad_exit; + + if (child == NULL) + break; + + (*abbrev)->children_count++; + (*abbrev)->children = (dw_abbrev **)realloc((*abbrev)->children, + (*abbrev)->children_count * sizeof(dw_abbrev)); + + (*abbrev)->children[(*abbrev)->children_count - 1] = child; + + } + + lda_exit: + + return true; + + lda_bad_exit: + + free_dwarf_abbreviation(*abbrev); + + return false; + +} + + +/****************************************************************************** +* * +* Paramètres : abbrev = abréviation chargée en mémoire à traiter. * +* * +* Description : Supprime de la mémoire toute trace d'une abréviation DWARF. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void free_dwarf_abbreviation(dw_abbrev *abbrev) +{ + size_t i; /* Boucle de parcours */ + + if (abbrev->attribs != NULL) + free(abbrev->attribs); + + if (abbrev->children != NULL) + { + for (i = 0; i < abbrev->children_count; i++) + free_dwarf_abbreviation(abbrev->children[i]); + + free(abbrev->attribs); + + } + + free(abbrev); + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* decl = structure brute dont le contenu est à valider. * +* abbrev = abréviation à constituer à partir du brut. [OUT] * +* * +* Description : Procède à la conversion de base d'une abréviation DWARF. * +* * +* Retour : Validité confirmée ou non. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool check_abbreviation_decl(const GDwarfFormat *format, const dw_abbrev_decl *decl, dw_abbrev *abbrev) +{ + bool result; /* Validité à retourner */ + + result = (decl->has_children == DW_CHILDREN_no + || decl->has_children == DW_CHILDREN_yes); + + + /* TODO : vérifier les bornes de 'tag' */ + + + if (result) + { + abbrev->code = decl->code; + abbrev->tag = decl->tag; + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* decl = structure brute dont le contenu est à valider. * +* abbrev = abréviation à constituer à partir du brut. [OUT] * +* * +* Description : Procède à la conversion d'un attribut d'abréviation DWARF. * +* * +* Retour : Validité confirmée ou non. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool check_abbreviation_attrib(const GDwarfFormat *format, const dw_abbrev_raw_attr *attr, dw_abbrev_attr *attrib) +{ + bool result; /* Validité à retourner */ + + result = true; + + + /* TODO : vérifier les bornes de 'name' et 'form' */ + + + if (result) + { + attrib->name = attr->name; + attrib->form = attr->form; + + + + } + + return result; + +} + + + + + + + + +/****************************************************************************** +* * +* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * +* * +* Description : Fournit l'étiquette associée à l'ensemble des attributs. * +* * +* Retour : Etiquette officielle de l'ensemble représenté. * +* * +* Remarques : - * +* * +******************************************************************************/ + +DwarfTag dwarf_abbreviation_get_tag(const dw_abbrev *abbrev) +{ + return abbrev->tag; + +} + + +/****************************************************************************** +* * +* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * +* * +* Description : Compte le nombre d'attributs présents dans une abréviation. * +* * +* Retour : Quantité d'attributs pris en compte dans l'abréviation. * +* * +* Remarques : - * +* * +******************************************************************************/ + +size_t dwarf_abbreviation_count_attribs(const dw_abbrev *abbrev) +{ + return abbrev->attribs_count; + +} + + +/****************************************************************************** +* * +* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * +* attrib = désignation de l'attribut à retrouver. * +* index = indice de cet attribut dans l'ensemble. [OUT] * +* * +* Description : Recherche un attribut dans une abréviation. * +* * +* Retour : Indication sur le bilan des recherches. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool dwarf_abbreviation_get_attrib_index(const dw_abbrev *abbrev, DwarfAttrib attrib, size_t *index) +{ + bool result; /* Etat de validité à renvoyer */ + size_t i; /* Boucle de parcours */ + + for (i = 0; i < abbrev->attribs_count; i++) + if (abbrev->attribs[i].name == attrib) + break; + + if (i < abbrev->attribs_count) + { + result = true; + *index = i; + } + else + result = false; + + return result; + +} + + + + + + +/****************************************************************************** +* * +* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * +* attrib = désignation de l'attribut à retrouver. * +* index = indice de cet attribut dans l'ensemble. * +* form = type de valeur attendu pour un attribut donné. [OUT]* +* * +* Description : Détermine le type d'un attribut dans une abréviation. * +* * +* Retour : Indication sur le bilan des accès. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool dwarf_abbreviation_get_form_for_index(const dw_abbrev *abbrev, size_t index, DwarfForm *form) +{ + if (index >= abbrev->attribs_count) + return false; + + *form = abbrev->attribs[index].form; + + return true; + +} + + + + + + +/****************************************************************************** +* * +* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * +* * +* Description : Indique si une abbréviation comporte des sous-définitions. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool dwarf_abbreviation_has_children(const dw_abbrev *abbrev) +{ + return (abbrev->children_count > 0); + +} + + + + + + + + + + + + + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à consulter. * +* code = identifiant de l'abbréviation recherchée. * +* * +* Description : Recherche une abréviation DWARF donnée. * +* * +* Retour : Adresse d'une abréviation ou NULL en cas d'échec. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const dw_abbrev *find_dwarf_abbreviations(const GDwarfFormat *format, uleb128_t code) +{ + const dw_abbrev *result; /* Trouvaille à retourner */ + + if (format->abbreviations->code == code) + result = format->abbreviations; + + else + { + const dw_abbrev *_find_dwarf_abbreviations(const dw_abbrev *abbrev, uleb128_t c) + { + const dw_abbrev *found; /* Trouvaille à retourner */ + size_t i; /* Boucle de parcours */ + + if (abbrev->code == c) + found = abbrev; + else + { + found = NULL; + + for (i = 0; i < abbrev->children_count && found == NULL; i++) + found = _find_dwarf_abbreviations(abbrev->children[i], c); + + } + + return found; + + } + + result = _find_dwarf_abbreviations(format->abbreviations, code); + + } + + return result; + +} + + + + + + + + + +/****************************************************************************** +* * +* Paramètres : format = contenu binaire de débogage à parcourir. * +* cu = unité de compilation parente. * +* form = nature de la valeur à lire. * +* pos = tête de lecture au sein des données. [OUT] * +* value = valeur au format donné lue. [OUT] * +* * +* Description : Lit la valeur correspondant à un type donné. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +dw_value *translate_abbreviation_attributes(const GDwarfFormat *format, const dw_abbrev *abbrev, const dw_compil_unit_header *cu, vmpa2t *pos) +{ + dw_value *result; /* Valeurs lues retournées */ + size_t i; /* Boucle de parcours */ + bool status; /* Bilan d'une lecture */ + + result = (dw_value *)calloc(abbrev->attribs_count, sizeof(dw_value)); + + for (i = 0; i < abbrev->attribs_count; i++) + { + result[i].attrib = abbrev->attribs[i].name; + + printf("-- loading attrib %x (%u) -- form = %x (%u) -- pos = %llx --\n", + (unsigned int)abbrev->attribs[i].name, + (unsigned int)abbrev->attribs[i].name, + (unsigned int)abbrev->attribs[i].form, + (unsigned int)abbrev->attribs[i].form, + (unsigned long long)(pos->physical - 0x1039)); + + status = G_DWARF_FORMAT_GET_CLASS(format)->read_form(format, cu, + abbrev->attribs[i].form, pos, &result[i].value); + if (!status) printf("[%zu] failed for %x\n", i, abbrev->attribs[i].form); + if (status) printf("[%zu] success for %x\n", i, abbrev->attribs[i].form); + printf(" current pos :: %llx\n", (unsigned long long)(pos->physical - 0x1039)); + if (!status) break; + + } + + if (i != abbrev->attribs_count) + { + free(result); + result = NULL; + } + + return result; + +} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +#if 0 + +#include +#include +#include + + +#include "utils.h" + + + +#include + + + +/* Libère de la mémoire une abréviation DWARF. */ +void free_dwarf_abbrev(dw_abbrev *); + +/* Charge une abréviations DWARF. */ +dw_abbrev *read_dwarf_abbreviations(dwarf_format *, off_t *, uint64_t *); + +/* Recherche une abréviation DWARF donnée. */ +const dw_abbrev *_find_dwarf_abbreviations(const dw_abbrev *, uint8_t *); + +/* Lit la valeur d'un attribut DWARF. */ +bool _read_dwarf_abbrev_attribute(dwarf_format *, off_t *, DwarfForm, ...); + + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* * +* Description : Charge les abréviations trouvées pour un DWARF. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_dwarf_abbreviations(dwarf_format *format) +{ + bool result; /* Bilan à renvoyer */ + + + + + off_t offset; + off_t start; + off_t size; + + bool test; + + int i; + + + dw_abbrev *abbrev; + uint64_t index; + + printf("Searching...\n"); + + + result = true; + + test = find_exe_section(DBG_FORMAT(format)->e_format, ".debug_abbrev", &start, &size, NULL); + + offset = start; + + + printf(" -> offset=%d size=%d\n", offset, size); + + + + for (i = 0; i < size; i++) + { + if (i % 10 == 0) printf("\n"); + printf("0x%02hhx ", DBG_FORMAT(format)->content[offset + i]); + } + + printf("\n"); + + + + + while (offset < (start + size)) + { + abbrev = read_dwarf_abbreviations(format, &offset, &index); + + offset++; /* 0x00 */ + + printf("abbrev :: %p\n", abbrev); + + if (abbrev != NULL) + { + abbrev->offset -= start; + + format->abbrevs = (dw_abbrev **)realloc(format->abbrevs, ++format->abbrevs_count * sizeof(dw_abbrev *)); + format->abbrevs[format->abbrevs_count - 1] = abbrev; + + printf(" %d attribs, %d children\n", abbrev->attribs_count, abbrev->children_count); + + } + else + { + unload_dwarf_abbreviations(format); + result = false; + break; + } + + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à effacer. * +* * +* Description : Décharge les abréviations trouvées pour un DWARF. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void unload_dwarf_abbreviations(dwarf_format *format) +{ + size_t i; /* Boucle de parcours */ + + for (i = 0; i < format->abbrevs_count; i++) + free_dwarf_abbrev(format->abbrevs[i]); + +} + + +/****************************************************************************** +* * +* Paramètres : abbrev = élément à supprimer de la mémoire. * +* * +* Description : Libère de la mémoire une abréviation DWARF. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void free_dwarf_abbrev(dw_abbrev *abbrev) +{ + size_t i; /* Boucle de parcours */ + + for (i = 0; i < abbrev->children_count; i++) + free_dwarf_abbrev(abbrev->children[i]); + + free(abbrev->attribs); + free(abbrev->children); + + free(abbrev); + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* index = code de l'abréviation. [OUT] * +* * +* Description : Charge une abréviation DWARF. * +* * +* Retour : Adresse d'une abréviation ou NULL en cas d'échec. * +* * +* Remarques : - * +* * +******************************************************************************/ + +dw_abbrev *read_dwarf_abbreviations(dwarf_format *format, off_t *pos, uint64_t *index) +{ + dw_abbrev *result; /* Abréviation à retourner */ + bool has_children; /* Indique la présence de fils */ + uint64_t value1; /* Valeur quelconque lue #1 */ + uint64_t value2; /* Valeur quelconque lue #2 */ + uint64_t sub_index; /* Indice d'un sous-élément */ + dw_abbrev *child; /* Sous-élément à intégrer */ + + result = (dw_abbrev *)calloc(1, sizeof(dw_abbrev)); + + result->offset = *pos; + + /* Code de l'élément */ + if (!read_uleb128(format, pos, index, true)) goto rda_error; + + if (!read_uleb128(format, pos, &value1, true)) goto rda_error; + result->tag = value1; + + printf(" --ta :: 0x%02llx\n", value1); + + if (*pos >= DBG_FORMAT(format)->length) goto rda_error; + has_children = (DBG_FORMAT(format)->content[(*pos)++] == DW_CHILDREN_YES); + + printf(" --ch ? %d\n", has_children); + + /* Liste des attributs */ + + while (DBG_FORMAT(format)->content[*pos] != 0x00) + { + if (!read_uleb128(format, pos, &value1, true)) goto rda_error; + if (!read_uleb128(format, pos, &value2, true)) goto rda_error; + + result->attribs = (dw_abbrev_attr *)realloc(result->attribs, ++result->attribs_count * sizeof(dw_abbrev_attr)); + + result->attribs[result->attribs_count - 1].attrib = value1; + result->attribs[result->attribs_count - 1].form = value2; + + } + + (*pos) += 2; /* 0x00 0x00 */ + + /* Chargement des sous-éléments */ + + if (has_children) + while (DBG_FORMAT(format)->content[*pos] != 0x00) + { + child = read_dwarf_abbreviations(format, pos, &sub_index); + + if (child == NULL) goto rda_error; + + if ((sub_index - *index - 1) != result->children_count) goto rda_error; + + result->children = (dw_abbrev **)realloc(result->children, ++result->children_count * sizeof(dw_abbrev *)); + + result->children[result->children_count - 1] = child; + + } + + return result; + + rda_error: + + free_dwarf_abbrev(result); + + return NULL; + +} + + +/****************************************************************************** +* * +* Paramètres : abbrev = abréviation racine à parcourir. * +* index = code de l'abréviation. [OUT] * +* * +* Description : Recherche une abréviation DWARF donnée. * +* * +* Retour : Adresse d'une abréviation ou NULL en cas d'échec. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const dw_abbrev *_find_dwarf_abbreviations(const dw_abbrev *abbrev, uint8_t *index) +{ + const dw_abbrev *result; /* Structure à retourner */ + size_t i; /* Boucle de parcours */ + + result = NULL; + + if (*index == 0) result = abbrev; + else + for (i = 0; i < abbrev->children_count && result == NULL; i++) + { + (*index)--; + result = _find_dwarf_abbreviations(abbrev->children[i], index); + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à consulter. * +* offset = position dans les abréviations. * +* pos = position dans le flux binaire courant. [OUT] * +* * +* Description : Recherche une abréviation DWARF donnée. * +* * +* Retour : Adresse d'une abréviation ou NULL en cas d'échec. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const dw_abbrev *find_dwarf_abbreviations(dwarf_format *format, const off_t *offset, off_t *pos) +{ + const dw_abbrev *result; /* Structure à retourner */ + uint64_t index; /* Code de l'abréviation */ + size_t i; /* Boucle de parcours */ + + result = NULL; + + do + { + if (!read_uleb128(format, pos, &index, true)) + { + printf("error skipping padding...\n"); + return NULL; + } + } + while (index == 0); + + for (i = 0; i < format->abbrevs_count; i++) + if (format->abbrevs[i]->offset == *offset) break; + + if (i < format->abbrevs_count) + { + index--; + result = _find_dwarf_abbreviations(format->abbrevs[i], &index); + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : abbrev = informations à parcourir. * +* attrib = attribut visé par la lecture. * +* * +* Description : Indique la présence ou l'absence d'un attribut donné. * +* * +* Retour : true si l'attribut est présent, false sinon. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool test_dwarf_abbrev_attribute(const dw_abbrev *abbrev, DwarfAttrib attrib) +{ + bool result; /* Bilan à retourner */ + size_t i; /* Boucle de parcours */ + + result = false; + + for (i = 0; i < abbrev->attribs_count && !result; i++) + result = (abbrev->attribs[i].attrib == attrib); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* form = format des données à lire. * +* ... = lieu d'enregistrement ou NULL. [OUT] * +* * +* Description : Lit la valeur d'un attribut DWARF. * +* * +* Retour : true si la lecture est un succès, false sinon. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool _read_dwarf_abbrev_attribute(dwarf_format *format, off_t *pos, DwarfForm form, ...) +{ + bool result; /* Bilan à revoyer */ + va_list ap; /* Adresse fournie en dernier */ + uint8_t *val8; /* Données sur 8 bits */ + uint16_t *val16; /* Données sur 16 bits */ + uint32_t *val32; /* Données sur 32 bits */ + uint64_t *val64; /* Données sur 64 bits */ + uint64_t *sval64; /* Données sur 64 bits (signée)*/ + bool *boolval; /* Valeur booléenne */ + uint8_t tmp8; /* Données sur 8 bits */ + uint16_t tmp16; /* Données sur 16 bits */ + uint32_t tmp32; /* Données sur 32 bits */ + uint64_t tmp64; /* Données sur 64 bits */ + uint64_t stmp64; /* Données sur 64 bits (signée)*/ + uint64_t size_to_read; /* Nombre d'octets à lire */ + off_t offset; /* Décalage dans une zone */ + char **strval; /* Chaîne de caractères */ + size_t length; /* Taille d'une chaîne */ + + va_start(ap, form); + + switch (form) + { + case DWF_ADDR: + result = ((*pos + (format->format == DWF_32_BITS ? 4 : 8)) <= DBG_FORMAT(format)->length); + if (result) + { + val64 = va_arg(ap, uint64_t *); + if (val64 != NULL) + { + if (format->format == DWF_32_BITS) + { + memcpy(&tmp32, &DBG_FORMAT(format)->content[*pos], 4); + *val64 = tmp32; + } + else memcpy(val64, &DBG_FORMAT(format)->content[*pos], 8); + } + *pos += (format->format == DWF_32_BITS ? 4 : 8); + } + break; + + case DWF_BLOCK2: + result = ((*pos + 2) <= DBG_FORMAT(format)->length); + if (result) + { + memcpy(&tmp16, &DBG_FORMAT(format)->content[*pos], 2); + size_to_read = tmp16; + /* ... */ + *pos += 2 + size_to_read; + } + break; + + case DWF_BLOCK4: + result = ((*pos + 4) <= DBG_FORMAT(format)->length); + if (result) + { + memcpy(&tmp32, &DBG_FORMAT(format)->content[*pos], 4); + size_to_read = tmp32; + /* ... */ + *pos += 4 + size_to_read; + } + break; + + case DWF_DATA2: + result = ((*pos + 2) <= DBG_FORMAT(format)->length); + if (result) + { + val16 = va_arg(ap, uint16_t *); + if (val16 != NULL) memcpy(val16, &DBG_FORMAT(format)->content[*pos], 2); + *pos += 2; + } + break; + + case DWF_DATA4: + result = ((*pos + 4) <= DBG_FORMAT(format)->length); + if (result) + { + val32 = va_arg(ap, uint32_t *); + if (val32 != NULL) memcpy(val32, &DBG_FORMAT(format)->content[*pos], 4); + *pos += 4; + } + break; + + case DWF_DATA8: + result = ((*pos + 8) <= DBG_FORMAT(format)->length); + if (result) + { + val64 = va_arg(ap, uint64_t *); + if (val64 != NULL) memcpy(val64, &DBG_FORMAT(format)->content[*pos], 8); + *pos += 8; + } + break; + + case DWF_STRING: + result = ((*pos + 1) <= DBG_FORMAT(format)->length); + if (result) + { + strval = va_arg(ap, char **); + if (strval != NULL) *strval = (char *)calloc(1, sizeof(char)); + length = 0; + + while (result) + { + if (DBG_FORMAT(format)->content[*pos] == '\0') break; + + length++; + + if (strval != NULL) + { + *strval = (char *)realloc(*strval, (length + 1) * sizeof(char)); + (*strval)[length - 1] = DBG_FORMAT(format)->content[*pos]; + } + + result = ((*pos + 1) <= DBG_FORMAT(format)->length); + if (!result) break; + + (*pos)++; + + } + + result = ((*pos + 1) <= DBG_FORMAT(format)->length); + + if (result) + { + (*pos)++; + + if (strval != NULL) + (*strval)[length] = 0; + + } + else if (strval != NULL) + { + free(*strval); + *strval = NULL; + } + + } + + break; + + case DWF_BLOCK: + result = read_uleb128(format, pos, &size_to_read, true); + result &= ((*pos + size_to_read) <= DBG_FORMAT(format)->length); + if (result) + { + /* ... */ + *pos += size_to_read; + } + break; + + case DWF_BLOCK1: + result = ((*pos + 1) <= DBG_FORMAT(format)->length); + if (result) + { + memcpy(&tmp8, &DBG_FORMAT(format)->content[*pos], 1); + size_to_read = tmp8; + /* ... */ + *pos += 1 + size_to_read; + } + break; + + case DWF_DATA1: + result = ((*pos + 1) <= DBG_FORMAT(format)->length); + if (result) + { + val8 = va_arg(ap, uint8_t *); + if (val8 != NULL) memcpy(val8, &DBG_FORMAT(format)->content[*pos], 1); + *pos += 1; + } + break; + + case DWF_FLAG: + result = ((*pos + 1) <= DBG_FORMAT(format)->length); + if (result) + { + boolval = va_arg(ap, bool *); + if (boolval != NULL) *boolval = (DBG_FORMAT(format)->content[*pos] != 0x00); + *pos += 1; + } + break; + + case DWF_SDATA: + sval64 = va_arg(ap, int64_t *); + if (sval64 == NULL) sval64 = &stmp64; + result = read_uleb128(format, pos, sval64, true); + break; + + case DWF_STRP: + result = read_abbrev_offset(format, pos, &offset); + if (result) + { + if (va_arg(ap, bool *) != NULL) + { + printf("TODO\n"); + exit(0); + } + /* + boolval = va_arg(ap, bool *); + if (boolval != NULL) *boolval = (DBG_FORMAT(format)->content[*pos] != 0x00); + */ + } + break; + + case DWF_UDATA: + val64 = va_arg(ap, uint64_t *); + if (val64 == NULL) val64 = &tmp64; + result = read_uleb128(format, pos, val64, true); + break; + + case DWF_REF_ADDR: + result = ((*pos + 4) <= DBG_FORMAT(format)->length); + + printf("bad at %d\n", __LINE__); exit(0); + + break; + + + case DWF_REF1: + result = ((*pos + 1) <= DBG_FORMAT(format)->length); + if (result) + { + val8 = va_arg(ap, uint8_t *); + if (val8 != NULL) memcpy(val8, &DBG_FORMAT(format)->content[*pos], 1); + *pos += 1; + } + break; + + case DWF_REF2: + result = ((*pos + 2) <= DBG_FORMAT(format)->length); + if (result) + { + val16 = va_arg(ap, uint16_t *); + if (val16 != NULL) memcpy(val16, &DBG_FORMAT(format)->content[*pos], 2); + *pos += 2; + } + break; + + case DWF_REF4: + result = ((*pos + 4) <= DBG_FORMAT(format)->length); + if (result) + { + val32 = va_arg(ap, uint32_t *); + if (val32 != NULL) memcpy(val32, &DBG_FORMAT(format)->content[*pos], 4); + *pos += 4; + } + break; + + case DWF_REF8: + result = ((*pos + 8) <= DBG_FORMAT(format)->length); + if (result) + { + val64 = va_arg(ap, uint64_t *); + if (val64 != NULL) memcpy(val64, &DBG_FORMAT(format)->content[*pos], 8); + *pos += 8; + } + break; + + case DWF_REF_UDATA: + result = ((*pos + 4) <= DBG_FORMAT(format)->length); + + printf("bad at %d\n", __LINE__); exit(0); + + break; + + + case DWF_INDIRECT: + result = ((*pos + 4) <= DBG_FORMAT(format)->length); + + printf("bad at %d\n", __LINE__); exit(0); + + break; + + + + + default: + result = false; + break; + + } + + va_end(ap); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* update = indique si la position est à mettre à jour. * +* abbrev = informations à parcourir. * +* attrib = attribut visé par la lecture. * +* ... = lieu d'enregistrement ou NULL. [OUT] * +* * +* Description : Lit la valeur d'un attribut DWARF. * +* * +* Retour : true si la lecture est un succès, false sinon. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_abbrev_attribute(dwarf_format *format, off_t *pos, bool update, const dw_abbrev *abbrev, DwarfAttrib attrib, ...) +{ + bool result; /* Bilan à retourner */ + off_t curpos; /* Tête de lecture effective */ + size_t i; /* Boucle de parcours */ + va_list ap; /* Adresse fournie en dernier */ + + result = true; + + curpos = *pos; + + for (i = 0; i < abbrev->attribs_count && result; i++) + if (abbrev->attribs[i].attrib == attrib) break; + else result = _read_dwarf_abbrev_attribute(format, &curpos, abbrev->attribs[i].form, NULL); + + if (result) + { + va_start(ap, attrib); + + if (i < abbrev->attribs_count) + result = _read_dwarf_abbrev_attribute(format, &curpos, abbrev->attribs[i].form, va_arg(ap, void *)); + else + result = false; + + va_end(ap); + + } + + if (result && update) *pos = curpos; + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* abbrev = informations à survoler. * +* * +* Description : Fait avancer la tête de lecture d'une seule abréviation. * +* * +* Retour : true si l'opération est un succès, false sinon. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool skip_dwarf_abbrev(dwarf_format *format, off_t *pos, const dw_abbrev *abbrev) +{ + bool result; /* Bilan à revoyer */ + size_t i; /* Boucle de parcours */ + uint64_t index; /* Code de padding */ + + result = true; + + /* Ecartement du corps */ + + for (i = 0; i < abbrev->attribs_count && result; i++) + result = _read_dwarf_abbrev_attribute(format, pos, abbrev->attribs[i].form, NULL); + + /* Ecartement du padding */ + + do + { + if (!read_uleb128(format, pos, &index, false)) + { + printf("error skipping padding...\n"); + return false; + } + + if (index == 0) + read_uleb128(format, pos, &index, true); + + } + while (index == 0); + + return result; + +} + +#endif diff --git a/plugins/dwarf/abbrev.h b/plugins/dwarf/abbrev.h new file mode 100644 index 0000000..b5fe3be --- /dev/null +++ b/plugins/dwarf/abbrev.h @@ -0,0 +1,126 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * abbrev.h - prototypes pour la manipulation des abréviation DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_ABBREV_H +#define _FORMAT_DWARF_ABBREV_H + + +#include + + +#include "dwarf.h" +#include "dwarf_def.h" + + + + +/* Description d'une abréviation */ +typedef struct _dw_abbrev dw_abbrev; + + + + + + + +/* Charge toutes les abbréviations présentes dans un DWARF. */ +bool load_all_dwarf_abbreviations(GDwarfFormat *); + +/* Charge une abréviation valide pour un DWARF en mémoire. */ +bool load_dwarf_abbreviation(const GDwarfFormat *, vmpa2t *, dw_abbrev **); + +/* Supprime de la mémoire toute trace d'une abréviation DWARF. */ +void free_dwarf_abbreviation(dw_abbrev *); + +/* Fournit l'étiquette associée à l'ensemble des attributs. */ +DwarfTag dwarf_abbreviation_get_tag(const dw_abbrev *); + +/* Compte le nombre d'attributs présents dans une abréviation. */ +size_t dwarf_abbreviation_count_attribs(const dw_abbrev *); + +/* Recherche un attribut dans une abréviation. */ +bool dwarf_abbreviation_get_attrib_index(const dw_abbrev *, DwarfAttrib, size_t *); + + +/* Détermine le type d'un attribut dans une abréviation. */ +bool dwarf_abbreviation_get_form_for_index(const dw_abbrev *, size_t, DwarfForm *); + + +/* Indique si une abbréviation comporte des sous-définitions. */ +bool dwarf_abbreviation_has_children(const dw_abbrev *); + + + +/* Recherche une abréviation DWARF donnée. */ +const dw_abbrev *find_dwarf_abbreviations(const GDwarfFormat *, uleb128_t); + +/* Lit la valeur correspondant à un type donné. */ +dw_value *translate_abbreviation_attributes(const GDwarfFormat *, const dw_abbrev *, const dw_compil_unit_header *, vmpa2t *); + + + + + + + + + + + + + +#if 0 + + +#include + + +#include "d_dwarf.h" +#include "dwarf-int.h" + + + +/* Charge les abréviations trouvées pour un DWARF. */ +bool load_dwarf_abbreviations(dwarf_format *); + +/* Décharge les abréviations trouvées pour un DWARF. */ +void unload_dwarf_abbreviations(dwarf_format *); + +/* Recherche une abréviation DWARF donnée. */ +const dw_abbrev *find_dwarf_abbreviations(dwarf_format *, const off_t *, off_t *); + +/* Indique la présence ou l'absence d'un attribut donné. */ +bool test_dwarf_abbrev_attribute(const dw_abbrev *, DwarfAttrib); + +/* Lit la valeur d'un attribut DWARF. */ +bool read_dwarf_abbrev_attribute(dwarf_format *, off_t *, bool, const dw_abbrev *, DwarfAttrib, ...); + +/* Fait avancer la tête de lecture d'une seule abréviation. */ +bool skip_dwarf_abbrev(dwarf_format *, off_t *, const dw_abbrev *); + + +#endif + + + +#endif /* _FORMAT_DWARF_ABBREV_H */ diff --git a/plugins/dwarf/d_dwarf.c b/plugins/dwarf/d_dwarf.c new file mode 100644 index 0000000..67ab955 --- /dev/null +++ b/plugins/dwarf/d_dwarf.c @@ -0,0 +1,114 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * d_dwarf.c - support du format DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "d_dwarf.h" + + +#include + + +#include "abbrev.h" +#include "dwarf-int.h" +#include "info.h" + + + + + + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* length = taille du contenu en question. * +* e_format = gestionnaire global (partie exécutable). * +* * +* Description : Prend en charge un nouveau DWARF. * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +dwarf_format *load_dwarf(const uint8_t *content, off_t length, exe_format *e_format) +{ + dwarf_format *result; /* Structure à retourner */ + bool test; /* Bilan d'une initialisation */ + + result = (dwarf_format *)calloc(1, sizeof(dwarf_format)); + + DBG_FORMAT(result)->content = content; + DBG_FORMAT(result)->length = length; + + DBG_FORMAT(result)->e_format = e_format; + + result->format = DWF_32_BITS; + + test = load_dwarf_abbreviations(result); + + test = load_dwarf_information(result); + + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* comments = liste des commentaires à insérer. [OUT] * +* offsets = liste des indices des commentaires. [OUT] * +* * +* Description : Récupère tous les commentaires à insérer dans le code. * +* * +* Retour : Nombre d'éléments mis en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +size_t get_dwarf_comments(const dwarf_format *format, const char ***comments, uint64_t **offsets) +{ + size_t result; /* Quantité à retourner */ + size_t i; /* Boucle de parcours */ + + result = format->dbg_fc_count; + + if (result > 0) + { + *comments = (char **)calloc(result, sizeof(char *)); + *offsets = (uint64_t *)calloc(result, sizeof(uint64_t)); + + for (i = 0; i < result; i++) + { + (*comments)[i] = format->dbg_functions[i]->prototype; + (*offsets)[i] = format->dbg_functions[i]->low_pc; + } + + } + + return result; + +} diff --git a/plugins/dwarf/d_dwarf.h b/plugins/dwarf/d_dwarf.h new file mode 100644 index 0000000..4b699ca --- /dev/null +++ b/plugins/dwarf/d_dwarf.h @@ -0,0 +1,50 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * d_dwarf.h - prototypes pour le support du format DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_DWARF_H +#define _FORMAT_DWARF_DWARF_H + + +#include +#include + + +#include "../exe_format.h" + + + +/* Description du format DWARF */ +typedef struct _dwarf_format dwarf_format; + + + +/* Prend en charge un nouveau DWARF. */ +dwarf_format *load_dwarf(const uint8_t *, off_t, exe_format *); + +/* Récupère tous les commentaires à insérer dans le code. */ +size_t get_dwarf_comments(const dwarf_format *, const char ***, uint64_t **); + + + + +#endif /* _FORMAT_DWARF_DWARF_H */ diff --git a/plugins/dwarf/die.c b/plugins/dwarf/die.c new file mode 100644 index 0000000..0c1887c --- /dev/null +++ b/plugins/dwarf/die.c @@ -0,0 +1,303 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * die.c - gestion des entrées renvoyant à des informations de débogage + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "die.h" + + +#include +#include + + +#include "dwarf-int.h" + + + +/** + * § 2.1 The Debugging Information Entry (DIE). + */ + +typedef struct _dw_die +{ + unsigned int level; /* Niveau hiérarchique */ + phys_t offset; /* Position dans le flux */ + + const dw_abbrev *abbrev; /* Lien vers la représentation */ + + dw_value *values; /* Liste des valeurs associées */ + + bool has_children; /* Feuille ou noeud de l'arbre */ + struct _dw_die **children; /* Liste d'éventuels enfants */ + size_t children_count; /* Taille de cette liste */ + +} dw_die; + + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* pos = position de début de lecture. [OUT] * +* endian = boutisme reconnu dans le format. * +* header = en-tête de description de l'unité à traiter. * +* die = emplacement de stockage de l'entrée ou NULL. [OUT] * +* * +* Description : Procède à la lecture de l'en-tête d'une unité de compilation.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : Le format autorise à ne rien produire ici légitimement. * +* * +******************************************************************************/ + +bool build_dwarf_die(GDwarfFormat *format, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die **die) +{ + uleb128_t code; /* Code de la description liée */ + bool status; /* Bilan de la lecture */ + const dw_abbrev *abbrev; /* Lien vers la représentation */ + dw_value *values; /* Liste des valeurs associées */ + + *die = NULL; + + /** + * § 7.5.2 Debugging Information Entry. + */ + + status = g_binary_content_read_uleb128(G_BIN_FORMAT(format)->content, pos, &code); + if (!status) return false; + + printf("[ok] code = 0x%llx\n", (unsigned long long)code); + + if (code == 0) return true; + + abbrev = find_dwarf_abbreviations(format, code); + + printf("[ok] abbrev = %p\n", abbrev); + + printf("----------------------\n"); + + + values = translate_abbreviation_attributes(format, abbrev, header, pos); + if (values == NULL) return false; + + printf("[ok] values = %p\n", values); + + + + *die = (dw_die *)calloc(1, sizeof(dw_die)); + + (*die)->abbrev = abbrev; + + (*die)->values = values; + + (*die)->has_children = dwarf_abbreviation_has_children(abbrev); + + + return true; + +} + + +/****************************************************************************** +* * +* Paramètres : die = entrée à libérer de la mémoire. * +* * +* Description : Supprime les éléments mis en place pour une entrée d'info. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void delete_dwarf_die(dw_die *die) +{ + size_t i; /* Boucle de parcours */ + + if (die->values != NULL) + free(die->values); + + for (i = 0; i < die->children_count; i++) + delete_dwarf_die(die->children[i]); + + if (die->children != NULL) + free(die->children); + + free(die); + +} + + +/****************************************************************************** +* * +* Paramètres : die = entrée à consulter. * +* * +* Description : Fournit un lien vers l'abréviation de représentation. * +* * +* Retour : Structure de représentation en place. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const dw_abbrev *dw_die_get_abbrev(const dw_die *die) +{ + return die->abbrev; + +} + + +/****************************************************************************** +* * +* Paramètres : die = entrée à consulter. * +* index = indice de cet attribut dans l'ensemble. * +* * +* Description : Fournit un lien vers l'abréviation de représentation. * +* * +* Retour : Valeur recherchée ou NULL en cas d'erreur. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const dw_form_value *dw_die_peek_value(const dw_die *die, size_t index) +{ + dw_form_value *result; /* Valeur ciblée à retourner */ + + if (index >= dwarf_abbreviation_count_attribs(die->abbrev)) + return NULL; + + result = &die->values[index].value; + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : die = entrée d'information à consulter. * +* attrib = désignation de l'attribut à retrouver. * +* form = type de valeur attendu pour un attribut donné. [OUT]* +* * +* Description : Fournit un lien vers l'abréviation de représentation. * +* * +* Retour : Valeur recherchée ou NULL en cas d'erreur. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const dw_form_value *dw_die_peek_extended_value(const dw_die *die, DwarfAttrib attrib, DwarfForm *form) +{ + const dw_form_value *result; /* Valeur ciblée à retourner */ + size_t index; /* Indice d'élément à relire */ + bool status; /* Bilan d'une récupération */ + + status = dwarf_abbreviation_get_attrib_index(die->abbrev, attrib, &index); + if (!status) return NULL; + + status = dwarf_abbreviation_get_form_for_index(die->abbrev, index, form); + if (!status) return NULL; + + result = dw_die_peek_value(die, index); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : die = entrée à consulter. * +* * +* Description : Indique si une entrée de débogage possède des enfants. * +* * +* Retour : true ou false selon la situation. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool dw_die_has_children(const dw_die *die) +{ + return die->has_children; + +} + + +/****************************************************************************** +* * +* Paramètres : die = entrée à consulter. * +* * +* Description : Indique si une entrée de débogage possède des enfants. * +* * +* Retour : true ou false selon la situation. * +* * +* Remarques : - * +* * +******************************************************************************/ + +void dw_die_append_child(dw_die *die, dw_die *child) +{ + assert(die->has_children); + + die->children = (dw_die **)realloc(die->children, ++die->children_count * sizeof(dw_die *)); + + die->children[die->children_count - 1] = child; + +} + + + +/* ---------------------------------------------------------------------------------- */ +/* TRAITEMENT PAR ENSEMBLES */ +/* ---------------------------------------------------------------------------------- */ + + +/****************************************************************************** +* * +* Paramètres : root = entrée première à consulter. * +* visitor = intervention régulière à respecter. * +* data = données quelconques à associer aux visites. * +* * +* Description : Entame une grande tournée de toutes les entrées présentes. * +* * +* Retour : true si l'opération s'est déroulée complètement, false sinon.* +* * +* Remarques : - * +* * +******************************************************************************/ + +bool dw_die_visit(dw_die *root, visit_dies_fc visitor, void *data) +{ + bool result; /* Bilan à retourner */ + size_t i; /* Boucle de parcours */ + + result = visitor(root, data); + + for (i = 0; i < root->children_count && result; i++) + result = dw_die_visit(root->children[i], visitor, data); + + return result; + +} diff --git a/plugins/dwarf/die.h b/plugins/dwarf/die.h new file mode 100644 index 0000000..8bff4a9 --- /dev/null +++ b/plugins/dwarf/die.h @@ -0,0 +1,76 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * die.h - prototypes pour la gestion des entrées renvoyant à des informations de débogage + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_DIE_H +#define _FORMAT_DWARF_DIE_H + + +#include + + +#include "abbrev.h" +#include "dwarf.h" +#include "dwarf_def.h" + + + +/* § 2.1 The Debugging Information Entry (DIE). */ +typedef struct _dw_die dw_die; + + +/* Procède à la lecture de l'en-tête d'une unité de compilation. */ +bool build_dwarf_die(GDwarfFormat *, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die **); + +/* Supprime les éléments mis en place pour une entrée d'info. */ +void delete_dwarf_die(dw_die *); + +/* Fournit un lien vers l'abréviation de représentation. */ +const dw_abbrev *dw_die_get_abbrev(const dw_die *); + +/* Fournit un lien vers l'abréviation de représentation. */ +const dw_form_value *dw_die_peek_value(const dw_die *, size_t); + +/* Fournit un lien vers l'abréviation de représentation. */ +const dw_form_value *dw_die_peek_extended_value(const dw_die *, DwarfAttrib, DwarfForm *); + +/* Indique si une entrée de débogage possède des enfants. */ +bool dw_die_has_children(const dw_die *); + +/* Indique si une entrée de débogage possède des enfants. */ +void dw_die_append_child(dw_die *, dw_die *); + + + +/* ---------------------------- TRAITEMENT PAR ENSEMBLES ---------------------------- */ + + +/* Procédure appelée pour chaque élément recontré pendant une visite. */ +typedef bool (* visit_dies_fc) (const dw_die *, void *); + + +/* Entame une grande tournée de toutes les entrées présentes. */ +bool dw_die_visit(dw_die *, visit_dies_fc, void *); + + + +#endif /* _FORMAT_DWARF_DIE_H */ diff --git a/plugins/dwarf/dwarf-int.c b/plugins/dwarf/dwarf-int.c new file mode 100644 index 0000000..365414b --- /dev/null +++ b/plugins/dwarf/dwarf-int.c @@ -0,0 +1,207 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf-int.c - structures internes du format DWARF + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "dwarf-int.h" + + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* pos = position de début de lecture. [OUT] * +* attr = structure lue à retourner. [OUT] * +* * +* Description : Procède à la lecture d'un attribut d'abréviation DWARF. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_abbrev_attr(const GDwarfFormat *format, vmpa2t *pos, dw_abbrev_raw_attr *attr) +{ + bool result; /* Bilan à retourner */ + const GBinContent *content; /* Contenu binaire à lire */ + + content = G_BIN_FORMAT(format)->content; + + result = g_binary_content_read_uleb128(content, pos, &attr->name); + result &= g_binary_content_read_uleb128(content, pos, &attr->form); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* pos = position de début de lecture. [OUT] * +* decl = structure lue à retourner. [OUT] * +* * +* Description : Procède à la lecture d'une déclaration d'abréviation DWARF. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_abbrev_decl(const GDwarfFormat *format, vmpa2t *pos, dw_abbrev_decl *decl) +{ + bool result; /* Bilan à retourner */ + const GBinContent *content; /* Contenu binaire à lire */ + + content = G_BIN_FORMAT(format)->content; + + result = g_binary_content_read_uleb128(content, pos, &decl->code); + result &= g_binary_content_read_uleb128(content, pos, &decl->tag); + result &= g_binary_content_read_u8(content, pos, &decl->has_children); + + return result; + +} + + + + + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* pos = position de début de lecture. [OUT] * +* endian = boutisme reconnu dans le format. * +* header = en-tête à déterminer. [OUT] * +* * +* Description : Procède à la lecture de l'en-tête d'un contenu binaire DWARF.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_section_header(GBinContent *content, vmpa2t *pos, SourceEndian endian, dw_section_header *header) +{ + bool result; /* Bilan à retourner */ + uint32_t first; /* Premier paquet d'octets */ + bool status; /* Bilan d'opération */ + + result = false; + + status = g_binary_content_read_u32(content, pos, endian, &first); + if (!status) goto rdsh_exit; + + if (first >= 0xfffffff0 && first != 0xffffffff) + goto rdsh_exit; + + if (first == 0xffffffff) + { + result = g_binary_content_read_u64(content, pos, endian, &header->unit_length); + header->is_32b = false; + } + else + { + result = true; + header->unit_length = first; + header->is_32b = true; + } + + result &= g_binary_content_read_u16(content, pos, endian, &header->version); + + rdsh_exit: + + return result; + +} + + + + + + + + + + + + + + + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* pos = position de début de lecture. [OUT] * +* endian = boutisme reconnu dans le format. * +* header = en-tête à déterminer. [OUT] * +* * +* Description : Procède à la lecture de l'en-tête d'une unité de compilation.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_compil_unit_header(GBinContent *content, vmpa2t *pos, SourceEndian endian, dw_compil_unit_header *header) +{ + bool result; /* Bilan à retourner */ + uint32_t val32; /* Premier paquet d'octets */ + bool status; /* Bilan d'opération */ + + result = read_dwarf_section_header(content, pos, endian, (dw_section_header *)header); + if (!result) goto rdcuh_exit; + + if (header->is_32b) + { + status = g_binary_content_read_u32(content, pos, endian, &val32); + if (!status) goto rdcuh_exit; + + header->debug_abbrev_offset = val32; + + } + else + { + status = g_binary_content_read_u64(content, pos, endian, &header->debug_abbrev_offset); + if (!status) goto rdcuh_exit; + + } + + result &= g_binary_content_read_u8(content, pos, &header->address_size); + + rdcuh_exit: + + return result; + +} + + + + + + + diff --git a/plugins/dwarf/dwarf-int.h b/plugins/dwarf/dwarf-int.h new file mode 100644 index 0000000..6f8f921 --- /dev/null +++ b/plugins/dwarf/dwarf-int.h @@ -0,0 +1,185 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf-int.h - prototypes pour les structures internes du format DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_DWARF_INT_H +#define _FORMAT_DWARF_DWARF_INT_H + + +#include "dwarf.h" + + +#include + + + + +#include "../debuggable-int.h" + +#include "abbrev.h" +#include "die.h" +#include "dwarf_def.h" + + + + + +/* Procède à la lecture d'un attribut d'abréviation DWARF. */ +bool read_dwarf_abbrev_attr(const GDwarfFormat *, vmpa2t *, dw_abbrev_raw_attr *); + +/* Procède à la lecture d'une déclaration d'abréviation DWARF. */ +bool read_dwarf_abbrev_decl(const GDwarfFormat *, vmpa2t *, dw_abbrev_decl *); + + + + +/* En-tête présente dans certaines sections */ +typedef struct _dw_section_header +{ + uint64_t unit_length; /* Taille totale sans le champ */ + bool is_32b; /* Le format est-il sur 32b ? */ + + uint16_t version; /* Version de la section */ + +} dw_section_header; + + + + + + +/* Procède à la lecture de l'en-tête d'un contenu binaire ELF. */ +bool read_dwarf_section_header(GBinContent *, vmpa2t *, SourceEndian, dw_section_header *); + + + + + +/* Procède à la lecture de l'en-tête d'une unité de compilation. */ +bool read_dwarf_compil_unit_header(GBinContent *, vmpa2t *, SourceEndian, dw_compil_unit_header *); + + + +///--------------------- + + + + +//------------------------------- + + + + + +/* Lit la valeur correspondant à un type donné. */ +typedef bool (* read_form_value_fc) (const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_form_value *); + + +/* Format de débogage DWARF (instance) */ +struct _GDwarfFormat +{ + GDbgFormat parent; /* A laisser en premier */ + + dw_abbrev *abbreviations; /* Racine des abbréviations */ + + + dw_die *info_die; + + + +}; + +/* Format de débogage DWARF (classe) */ +struct _GDwarfFormatClass +{ + GDbgFormatClass parent; /* A laisser en premier */ + + read_form_value_fc read_form; /* lecture de valeurs formatées*/ + +}; + + + + + +/* Charge de façon générique toutes les informations DWARF. */ +bool g_dwarf_format_load(GDwarfFormat *, GExeFormat *); + + + + + + + + + + + + + + + + +/* Format du DWARF */ +typedef enum _DwarfFormat +{ + DWF_32_BITS, /* Mode 32 bits */ + DWF_64_BITS /* Mode 64 bits */ + +} DwarfFormat; + + + + + +/* Eléments récupérés sur une fonction */ +typedef struct _dw_dbg_function +{ + char *name; /* Nom de la fonction */ + char *prototype; /* Chaîne descriptive */ + + uint64_t low_pc; /* Début de la fonction */ + uint64_t high_pc; /* Fin de la fonction */ + +} dw_dbg_function; + + +#if 0 +/* Description du format DWARF */ +struct _dwarf_format +{ + dbg_format dummy; /* A laisser en premier */ + + DwarfFormat format; /* Format de l'instance */ + + dw_abbrev **abbrevs; /* Liste des abréviations */ + size_t abbrevs_count; /* Nombre de ces abréviations */ + + dw_dbg_function **dbg_functions; /* Liste de fonctions trouvées */ + size_t dbg_fc_count; /* Nombre de ces fonctions */ + +}; +#endif + + + +#endif /* _FORMAT_DWARF_DWARF_INT_H */ diff --git a/plugins/dwarf/dwarf.c b/plugins/dwarf/dwarf.c new file mode 100644 index 0000000..0c0dab8 --- /dev/null +++ b/plugins/dwarf/dwarf.c @@ -0,0 +1,337 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.c - support du format Dwarf + * + * Copyright (C) 2009-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "dwarf.h" + + +#include "abbrev.h" +#include "dwarf-int.h" +#include "info.h" +#include "symbols.h" +#include "../../common/cpp.h" + + + +/* Initialise la classe des formats de débogage DWARF. */ +static void g_dwarf_format_class_init(GDwarfFormatClass *); + +/* Initialise une instance de format de débogage DWARF. */ +static void g_dwarf_format_init(GDwarfFormat *); + +/* Supprime toutes les références externes. */ +static void g_dwarf_format_dispose(GDwarfFormat *); + +/* Procède à la libération totale de la mémoire. */ +static void g_dwarf_format_finalize(GDwarfFormat *); + + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * +* unused = adresse non utilisée ici. * +* key = identifiant de format trouvé ou NULL. [OUT] * +* * +* Description : Indique si le format peut être pris en charge ici. * +* * +* Retour : Conclusion de haut niveau sur la reconnaissance effectuée. * +* * +* Remarques : - * +* * +******************************************************************************/ + +FormatMatchStatus dwarf_is_matching(GBinContent *content, GExeFormat *parent, void *unused, char **key) +{ + FormatMatchStatus result; /* Bilan à renvoyer */ + size_t i; /* Boucle de parcours */ + mrange_t range; /* Couverture d'une section */ + dw_section_header header; /* En-tête DWARF de section */ + bool found; /* Bilan d'une comparaison */ + + static const char *section_names[] = { + ".debug_aranges", + ".debug_frame", + ".debug_info", + ".debug_line", + ".debug_pubnames", + ".debug_pubtypes", + ".debug_types" + }; + + static const uint16_t dwarf_v2_versions[] = { + 2, /* .debug_aranges */ + 1, /* .debug_frame */ + 2, /* .debug_info */ + 2, /* .debug_line */ + 2, /* .debug_pubnames */ + 0, /* .debug_pubtypes */ + 0 /* .debug_types */ + }; + + static const uint16_t dwarf_v3_versions[] = { + 2, /* .debug_aranges */ + 3, /* .debug_frame */ + 3, /* .debug_info */ + 3, /* .debug_line */ + 2, /* .debug_pubnames */ + 2, /* .debug_pubtypes */ + 0 /* .debug_types */ + }; + + static const uint16_t dwarf_v4_versions[] = { + 2, /* .debug_aranges */ + 4, /* .debug_frame */ + 4, /* .debug_info */ + 4, /* .debug_line */ + 2, /* .debug_pubnames */ + 2, /* .debug_pubtypes */ + 4 /* .debug_types */ + }; + + uint16_t current_versions[] = { + 0, /* .debug_aranges */ + 0, /* .debug_frame */ + 0, /* .debug_info */ + 0, /* .debug_line */ + 0, /* .debug_pubnames */ + 0, /* .debug_pubtypes */ + 0 /* .debug_types */ + }; + + result = FMS_UNKNOWN; + + if (parent == NULL) + return FMS_UNKNOWN; + return FMS_UNKNOWN; + *key = strdup("dwarf_v4"); + return FMS_MATCHED; + + /* Lecture des indices présents */ + + for (i = 0; i < ARRAY_SIZE(section_names); i++) + { + if (!g_exe_format_get_section_range_by_name(parent, section_names[i], &range)) + continue; + + if (!read_dwarf_section_header(content, get_mrange_addr(&range), SRE_LITTLE /* FIXME */, &header)) + continue; + + current_versions[i] = header.version; + + } + + /* Détermination d'une version bien identifiée */ + + bool check_dwarf_version(const uint16_t *ref, const uint16_t *cur, size_t count) + { + bool equal; + size_t k; + + equal = true; + + for (k = 0; k < count && equal; k++) + printf(" -> %hhu vs %hhu\n", ref[k], cur[k]); + + for (k = 0; k < count && equal; k++) + equal = (cur[k] == 0) || (ref[k] == cur[k]); + + return equal; + + } + + /** + * Un fichier DWARF sans section sera vu comme un fichier DWARF de + * dernière génération. + * Ce qui n'est pas très grave car rien ne sera chargé par la suite, + * du fait de l'absence de section, donc il n'y aura pas d'incompatibilité. + */ + + printf("---dwarf v4\n"); + + found = check_dwarf_version(dwarf_v4_versions, current_versions, ARRAY_SIZE(section_names)); + + if (found) + { + result = FMS_MATCHED; + *key = strdup("dwarf_v4"); + } + + if (result == FMS_UNKNOWN) + { + printf("---dwarf v3\n"); + + found = check_dwarf_version(dwarf_v3_versions, current_versions, ARRAY_SIZE(section_names)); + + if (found) + { + result = FMS_MATCHED; + *key = strdup("dwarf_v3"); + } + + } + + if (result == FMS_UNKNOWN) + { + printf("---dwarf v2\n"); + + found = check_dwarf_version(dwarf_v2_versions, current_versions, ARRAY_SIZE(section_names)); + + if (found) + { + result = FMS_MATCHED; + *key = strdup("dwarf_v2"); + } + + } + + return result; + +} + + +/* Indique le type défini pour un format de débogage générique. */ +G_DEFINE_TYPE(GDwarfFormat, g_dwarf_format, G_TYPE_DBG_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats de débogage DWARF. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarf_format_class_init(GDwarfFormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarf_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_dwarf_format_finalize; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format de débogage DWARF. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarf_format_init(GDwarfFormat *format) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarf_format_dispose(GDwarfFormat *format) +{ + G_OBJECT_CLASS(g_dwarf_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarf_format_finalize(GDwarfFormat *format) +{ + G_OBJECT_CLASS(g_dwarf_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = description du binaire de débogage à compléter. * +* executable = référence vers le binaire exécutable à lier. * +* * +* Description : Charge de façon générique toutes les informations DWARF. * +* * +* Retour : Bilan du chargement : réussi ou non ? * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool g_dwarf_format_load(GDwarfFormat *format, GExeFormat *executable) +{ + bool result; /* Bilan à faire remonter */ + + result = true; + + g_debuggable_format_attach_executable(G_DBG_FORMAT(format), executable); + + printf("Loading abbrev...\n"); + + result &= load_all_dwarf_abbreviations(format); + + printf("Loading debug info...\n"); + + result &= load_dwarf_debug_information(format); + + printf("Done!\n"); + + result &= load_dwarf_symbols(format); + + printf("Got symbols...\n"); + + exit(0); + + return result; + +} + diff --git a/plugins/dwarf/dwarf.h b/plugins/dwarf/dwarf.h new file mode 100644 index 0000000..ad2f008 --- /dev/null +++ b/plugins/dwarf/dwarf.h @@ -0,0 +1,55 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.h - prototypes pour le support du format Dwarf + * + * Copyright (C) 2009-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_DWARF_H +#define _FORMAT_DWARF_DWARF_H + + +#include "../../core/formats.h" + + + +#define G_TYPE_DWARF_FORMAT g_dwarf_format_get_type() +#define G_DWARF_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarf_format_get_type(), GDwarfFormat)) +#define G_IS_DWARF_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarf_format_get_type())) +#define G_DWARF_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARF_FORMAT, GDwarfFormatClass)) +#define G_IS_DWARF_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARF_FORMAT)) +#define G_DWARF_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARF_FORMAT, GDwarfFormatClass)) + + +/* Format de débogage DWARF (instance) */ +typedef struct _GDwarfFormat GDwarfFormat; + +/* Format de débogage DWARF (classe) */ +typedef struct _GDwarfFormatClass GDwarfFormatClass; + + +/* Indique si le format peut être pris en charge ici. */ +FormatMatchStatus dwarf_is_matching(GBinContent *, GExeFormat *, void *, char **); + +/* Indique le type défini pour un format de débogage DWARF. */ +GType g_dwarf_format_get_type(void); + + + +#endif /* _FORMAT_DWARF_DWARF_H */ diff --git a/plugins/dwarf/dwarf_def.h b/plugins/dwarf/dwarf_def.h new file mode 100644 index 0000000..6641576 --- /dev/null +++ b/plugins/dwarf/dwarf_def.h @@ -0,0 +1,830 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf_def.h - liste des constantes utilisées par le format DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_DWARF_DEF_H +#define _FORMAT_DWARF_DWARF_DEF_H + + + +#include + + +#include "../../arch/vmpa.h" +#include "../../common/leb128.h" + + + + +/** + * § 7.5.1.1 Compilation Unit Header. + */ + +/* En-tête présente dans certaines sections */ +typedef struct _dw_compil_unit_header +{ + uint64_t unit_length; /* Taille totale sans le champ */ + bool is_32b; /* Le format est-il sur 32b ? */ + + uint16_t version; /* Version de la section */ + + uint64_t debug_abbrev_offset; /* Emplacement dans la section */ + uint8_t address_size; /* Taille des adresses */ + +} dw_compil_unit_header; + + +/** + * § 7.5.4 Attribute Encodings + */ + +/* Figure 18, Tag encodings, begins here. */ + +typedef enum _DwarfTag +{ + DW_TAG_array_type = 0x01, + DW_TAG_class_type = 0x02, + DW_TAG_entry_point = 0x03, + DW_TAG_enumeration_type = 0x04, + DW_TAG_formal_parameter = 0x05, + DW_TAG_imported_declaration = 0x08, + DW_TAG_label = 0x0a, + DW_TAG_lexical_block = 0x0b, + DW_TAG_member = 0x0d, + DW_TAG_pointer_type = 0x0f, + DW_TAG_reference_type = 0x10, + DW_TAG_compile_unit = 0x11, + DW_TAG_string_type = 0x12, + DW_TAG_structure_type = 0x13, + DW_TAG_subroutine_type = 0x15, + DW_TAG_typedef = 0x16, + DW_TAG_union_type = 0x17, + DW_TAG_unspecified_parameters = 0x18, + DW_TAG_variant = 0x19, + DW_TAG_common_block = 0x1a, + DW_TAG_common_inclusion = 0x1b, + DW_TAG_inheritance = 0x1c, + DW_TAG_inlined_subroutine = 0x1d, + DW_TAG_module = 0x1e, + DW_TAG_ptr_to_member_type = 0x1f, + DW_TAG_set_type = 0x20, + DW_TAG_subrange_type = 0x21, + DW_TAG_with_stmt = 0x22, + DW_TAG_access_declaration = 0x23, + DW_TAG_base_type = 0x24, + DW_TAG_catch_block = 0x25, + DW_TAG_const_type = 0x26, + DW_TAG_constant = 0x27, + DW_TAG_enumerator = 0x28, + DW_TAG_file_type = 0x29, + DW_TAG_friend = 0x2a, + DW_TAG_namelist = 0x2b, + DW_TAG_namelist_item = 0x2c, + DW_TAG_packed_type = 0x2d, + DW_TAG_subprogram = 0x2e, + DW_TAG_template_type_parameter = 0x2f, + DW_TAG_template_value_parameter = 0x30, + DW_TAG_thrown_type = 0x31, + DW_TAG_try_block = 0x32, + DW_TAG_variant_part = 0x33, + DW_TAG_variable = 0x34, + DW_TAG_volatile_type = 0x35, + + DW_TAG_dwarf_procedure = 0x36, + DW_TAG_restrict_type = 0x37, + DW_TAG_interface_type = 0x38, + DW_TAG_namespace = 0x39, + DW_TAG_imported_module = 0x3a, + DW_TAG_unspecified_type = 0x3b, + DW_TAG_partial_unit = 0x3c, + DW_TAG_imported_unit = 0x3d, + DW_TAG_condition = 0x3f, + DW_TAG_shared_type = 0x40, + + /* Nouveautés v.4 */ + + DW_TAG_type_unit = 0x41, + DW_TAG_rvalue_reference_type = 0x42, + DW_TAG_template_alias = 0x43, + + DW_TAG_lo_user = 0x4080, + DW_TAG_hi_user = 0xffff + +} DwarfTag; + +/* Figure 19. Child determination encodings. */ + +#define DW_CHILDREN_no 0x00 +#define DW_CHILDREN_yes 0x01 + +/* Figure 21. Attribute form encodings. */ + +typedef enum _DwarfForm +{ + DW_FORM_invalid = 0x00, + + DW_FORM_addr = 0x01, + DW_FORM_block2 = 0x03, + DW_FORM_block4 = 0x04, + DW_FORM_data2 = 0x05, + DW_FORM_data4 = 0x06, + DW_FORM_data8 = 0x07, + DW_FORM_string = 0x08, + DW_FORM_block = 0x09, + DW_FORM_block1 = 0x0a, + DW_FORM_data1 = 0x0b, + DW_FORM_flag = 0x0c, + DW_FORM_sdata = 0x0d, + DW_FORM_strp = 0x0e, + DW_FORM_udata = 0x0f, + DW_FORM_ref_addr = 0x10, + DW_FORM_ref1 = 0x11, + DW_FORM_ref2 = 0x12, + DW_FORM_ref4 = 0x13, + DW_FORM_ref8 = 0x14, + DW_FORM_ref_udata = 0x15, + DW_FORM_indirect = 0x16, + + /* Nouveautés v4 */ + + DW_FORM_sec_offset = 0x17, + DW_FORM_exprloc = 0x18, + DW_FORM_flag_present = 0x19, + DW_FORM_ref_sig8 = 0x20 + +} DwarfForm; + + + + + + +/* Résumé des différentes valeurs dans DWARF v2 */ +typedef union _dw_v2_form_value +{ + /* DW_FORM_addr */ + virt_t address; + + /* DW_FORM_data[1248] */ + uint8_t data1; + uint16_t data2; + uint32_t data4; + uint64_t data8; + + /* DW_FORM_sdata */ + leb128_t sdata; + + /* DW_FORM_udata */ + uleb128_t udata; + + /* DW_FORM_block[124]? */ + struct + { + const bin_t *start; + phys_t size; + + } block; + + /* DW_FORM_string */ + /* DW_FORM_strp */ + const char *string; + + /* DW_FORM_flag */ + uint8_t flag; + + /* DW_FORM_ref[1248] */ + uint8_t ref1; + uint16_t ref2; + uint32_t ref4; + uint64_t ref8; + + /* DW_FORM_ref_udata */ + uleb128_t ref_udata; + +} dw_v2_form_value; + + +/* Résumé des différentes valeurs dans DWARF v4 */ +typedef union _dw_v4_form_value +{ + dw_v2_form_value v2; + + /* DW_FORM_sec_offset */ + uint64_t sec_offset; + + /* DW_FORM_exprloc */ + struct + { + const bin_t *start; + phys_t size; + + } expr; + + /* DW_FORM_flag_present */ + bool has_flag; + + /* DW_FORM_ref_sig8 */ + uint64_t signature; + +} dw_v4_form_value; + + +/* Résumé des différentes valeurs dans DWARF */ +typedef union _dw_form_value +{ + dw_v2_form_value v2; + dw_v2_form_value v4; + +} dw_form_value; + + + + + + + + + + + + + + + + + + + +/** + * § 7.5.3 Abbreviations Tables. + */ + +/* Description d'un attribut d'une abréviation */ +typedef struct _dw_abbrev_raw_attr +{ + uleb128_t name; /* Désignation de l'attribut */ + uleb128_t form; /* Nature de sa valeur */ + +} dw_abbrev_raw_attr; + +/* En-tête de déclaration d'une abréviation */ +typedef struct _dw_abbrev_decl +{ + uleb128_t code; /* Identifiant attribué */ + uleb128_t tag; /* Identifiant attribué */ + + uint8_t has_children; /* Présence de sous-entrées ? */ + +} dw_abbrev_decl; + + + + + + + + + + +/* Liste des attributs rencontrés */ +typedef enum _DwarfAttrib +{ + DW_AT_sibling = 0x01, + DW_AT_location = 0x02, + DW_AT_name = 0x03, + DW_AT_ordering = 0x09, + DW_AT_byte_size = 0x0b, + DW_AT_bit_offset = 0x0c, + DW_AT_bit_size = 0x0d, + DW_AT_stmt_list = 0x10, + DW_AT_low_pc = 0x11, + DW_AT_high_pc = 0x12, + DW_AT_language = 0x13, + DW_AT_discr = 0x15, + DW_AT_discr_value = 0x16, + DW_AT_visibility = 0x17, + DW_AT_import = 0x18, + DW_AT_string_length = 0x19, + DW_AT_common_reference = 0x1a, + DW_AT_comp_dir = 0x1b, + DW_AT_const_value = 0x1c, + DW_AT_containing_type = 0x1d, + DW_AT_default_value = 0x1e, + DW_AT_inline = 0x20, + DW_AT_is_optional = 0x21, + DW_AT_lower_bound = 0x22, + DW_AT_producer = 0x25, + DW_AT_prototyped = 0x27, + DW_AT_return_addr = 0x2a, + DW_AT_start_scope = 0x2c, + DW_AT_bit_stride = 0x2e, + DW_AT_upper_bound = 0x2f, + DW_AT_abstract_origin = 0x31, + DW_AT_accessibility = 0x32, + DW_AT_address_class = 0x33, + DW_AT_artificial = 0x34, + DW_AT_base_types = 0x35, + DW_AT_calling_convention = 0x36, + DW_AT_count = 0x37, + DW_AT_data_member_location = 0x38, + DW_AT_decl_column = 0x39, + DW_AT_decl_file = 0x3a, + DW_AT_decl_line = 0x3b, + DW_AT_declaration = 0x3c, + DW_AT_discr_list = 0x3d, + DW_AT_encoding = 0x3e, + DW_AT_external = 0x3f, + DW_AT_frame_base = 0x40, + DW_AT_friend = 0x41, + DW_AT_identifier_case = 0x42, + DW_AT_macro_info = 0x43, + DW_AT_namelist_item = 0x44, + DW_AT_priority = 0x45, + DW_AT_segment = 0x46, + DW_AT_specification = 0x47, + DW_AT_static_link = 0x48, + DW_AT_type = 0x49, + DW_AT_use_location = 0x4a, + DW_AT_variable_parameter = 0x4b, + DW_AT_virtuality = 0x4c, + DW_AT_vtable_elem_location = 0x4d, + DW_AT_allocated = 0x4e, + DW_AT_associated = 0x4f, + DW_AT_data_location = 0x50, + DW_AT_byte_stride = 0x51, + DW_AT_entry_pc = 0x52, + DW_AT_use_UTF8 = 0x53, + DW_AT_extension = 0x54, + DW_AT_ranges = 0x55, + DW_AT_trampoline = 0x56, + DW_AT_call_column = 0x57, + DW_AT_call_file = 0x58, + DW_AT_call_line = 0x59, + DW_AT_description = 0x5a, + DW_AT_binary_scale = 0x5b, + DW_AT_decimal_scale = 0x5c, + DW_AT_small = 0x5d, + DW_AT_decimal_sign = 0x5e, + DW_AT_digit_count = 0x5f, + DW_AT_picture_string = 0x60, + DW_AT_mutable = 0x61, + DW_AT_threads_scaled = 0x62, + DW_AT_explicit = 0x63, + DW_AT_object_pointer = 0x64, + DW_AT_endianity = 0x65, + DW_AT_elemental = 0x66, + DW_AT_pure = 0x67, + DW_AT_recursive = 0x68, + + /* Nouveautés v4 */ + + DW_AT_signature = 0x69, + DW_AT_main_subprogram = 0x6a, + DW_AT_data_bit_offset = 0x6b, + DW_AT_const_expr = 0x6c, + DW_AT_enum_class = 0x6d, + DW_AT_linkage_name = 0x6e, + + DW_AT_lo_user = 0x2000, + DW_AT_hi_user = 0x3fff, + +} DwarfAttrib; + + +#define DW_ATTR_invalid 0 /* FIXME */ + + +typedef struct _dw_value +{ + DwarfAttrib attrib; /* Sujet de l'élément */ + dw_form_value value; /* Valeur instanciée associée */ + +} dw_value; + + + + + + + + + + + + + + + +#if 0 + + + + + + + + + + + + + + + +/* Liste des balises rencontrées */ +typedef enum _DwarfTag +{ + DWT_NONE = 0x00, + + DWT_ARRAY_TYPE = 0x01, + DWT_CLASS_TYPE = 0x02, + DWT_ENTRY_POINT = 0x03, + DWT_ENUMERATION_TYPE = 0x04, + DWT_FORMAL_PARAMETER = 0x05, + DWT_IMPORTED_DECLARATION = 0x08, + DWT_LABEL = 0x0a, + DWT_LEXICAL_BLOCK = 0x0b, + DWT_MEMBER = 0x0d, + DWT_POINTER_TYPE = 0x0f, + DWT_REFERENCE_TYPE = 0x10, + DWT_COMPILE_UNIT = 0x11, + DWT_STRING_TYPE = 0x12, + DWT_STRUCTURE_TYPE = 0x13, + DWT_SUBROUTINE_TYPE = 0x15, + DWT_TYPEDEF = 0x16, + DWT_UNION_TYPE = 0x17, + DWT_UNSPECIFIED_PARAMETERS = 0x18, + DWT_VARIANT = 0x19, + DWT_COMMON_BLOCK = 0x1a, + DWT_COMMON_INCLUSION = 0x1b, + DWT_INHERITANCE = 0x1c, + DWT_INLINED_SUBROUTINE = 0x1d, + DWT_MODULE = 0x1e, + DWT_PTR_TO_MEMBER_TYPE = 0x1f, + DWT_SET_TYPE = 0x20, + DWT_SUBRANGE_TYPE = 0x21, + DWT_WITH_STMT = 0x22, + DWT_ACCESS_DECLARATION = 0x23, + DWT_BASE_TYPE = 0x24, + DWT_CATCH_BLOCK = 0x25, + DWT_CONST_TYPE = 0x26, + DWT_CONSTANT = 0x27, + DWT_ENUMERATOR = 0x28, + DWT_FILE_TYPE = 0x29, + DWT_FRIEND = 0x2a, + DWT_NAMELIST = 0x2b, + + DWT_NAMELIST_ITEM = 0x2c, + DWT_PACKED_TYPE = 0x2d, + DWT_SUBPROGRAM = 0x2e, + + DWT_TEMPLATE_TYPE_PARAM = 0x2f, /* DWARF2 */ + DWT_TEMPLATE_TYPE_PARAMETER = 0x2f, /* DWARF3 */ + DWT_TEMPLATE_VALUE_PARAM = 0x30, /* DWARF2 */ + DWT_TEMPLATE_VALUE_PARAMETER = 0x30, /* DWARF3 */ + DWT_THROWN_TYPE = 0x31, + DWT_TRY_BLOCK = 0x32, + DWT_VARIANT_PART = 0x33, + DWT_VARIABLE = 0x34, + DWT_VOLATILE_TYPE = 0x35, + DWT_DWARF_PROCEDURE = 0x36, /* DWARF3 */ + DWT_RESTRICT_TYPE = 0x37, /* DWARF3 */ + DWT_INTERFACE_TYPE = 0x38, /* DWARF3 */ + DWT_NAMESPACE = 0x39, /* DWARF3 */ + DWT_IMPORTED_MODULE = 0x3a, /* DWARF3 */ + DWT_UNSPECIFIED_TYPE = 0x3b, /* DWARF3 */ + DWT_PARTIAL_UNIT = 0x3c, /* DWARF3 */ + DWT_IMPORTED_UNIT = 0x3d, /* DWARF3 */ + + DWT_MUTABLE_TYPE = 0x3e, /* Oublié en faveur des deux suivantes (DWARF3 -> DWARF3f) */ + DWT_CONDITION = 0x3f, /* DWARF3f */ + DWT_SHARED_TYPE = 0x40, /* DWARF3f */ + + DWT_LO_USER = 0x4080, + + DWT_MIPS_LOOP = 0x4081, + + /* Extensions HP */ + + DWT_HP_ARRAY_DESCRIPTOR = 0x4090, + + /* Extensions GNU */ + + DWT_GNU_FORMAT_LABEL = 0x4101, /* Fortran. */ + DWT_GNU_FUNCTION_TEMPLATE = 0x4102, /* C++ */ + DWT_GNU_CLASS_TEMPLATE = 0x4103, /* C++ */ + DWT_GNU_BINCL = 0x4104, + DWT_GNU_EINCL = 0x4105, + + /* Extensions ALTIUM */ + + DWT_ALTIUM_CIRC_TYPE = 0x5101, /* DSP-C/Starcore __circ qualifier */ + DWT_ALTIUM_MWA_CIRC_TYPE = 0x5102, /* Starcore __mwa_circ qualifier */ + DWT_ALTIUM_REV_CARRY_TYPE = 0x5103, /* Starcore __rev_carry qualifier */ + DWT_ALTIUM_ROM = 0x5111, /* M16 __rom qualifier */ + + /* Extensions pour le support UPC */ + + DWT_UPC_SHARED_TYPE = 0x8765, + DWT_UPC_STRICT_TYPE = 0x8766, + DWT_UPC_RELAXED_TYPE = 0x8767, + + /* Extensions PGI (STMicroelectronics) */ + + DWT_PGI_KANJI_TYPE = 0xa000, + DWT_PGI_INTERFACE_BLOCK = 0xa020, + + /* Extensions SUN */ + + DWT_SUN_FUNCTION_TEMPLATE = 0x4201, + DWT_SUN_CLASS_TEMPLATE = 0x4202, + DWT_SUN_STRUCT_TEMPLATE = 0x4203, + DWT_SUN_UNION_TEMPLATE = 0x4204, + DWT_SUN_INDIRECT_INHERITANCE = 0x4205, + DWT_SUN_CODEFLAGS = 0x4206, + DWT_SUN_MEMOP_INFO = 0x4207, + DWT_SUN_OMP_CHILD_FUNC = 0x4208, + DWT_SUN_RTTI_DESCRIPTOR = 0x4209, + DWT_SUN_DTOR_INFO = 0x420a, + DWT_SUN_DTOR = 0x420b, + DWT_SUN_F90_INTERFACE = 0x420c, + DWT_SUN_FORTRAN_VAX_STRUCTURE = 0x420d, + DWT_SUN_HI = 0x42ff, + + DWT_HI_USER = 0xffff + +} DwarfTag; + + +#define DW_CHILDREN_NO 0x00 +#define DW_CHILDREN_YES 0x01 + + +/* Liste des attributs rencontrés */ +typedef enum _DwarfAttrib +{ + DWA_SIBLING = 0x01, + DWA_LOCATION = 0x02, + DWA_NAME = 0x03, + DWA_ORDERING = 0x09, + DWA_SUBSCR_DATA = 0x0a, + DWA_BYTE_SIZE = 0x0b, + DWA_BIT_OFFSET = 0x0c, + DWA_BIT_SIZE = 0x0d, + DWA_ELEMENT_LIST = 0x0f, + DWA_STMT_LIST = 0x10, + DWA_LOW_PC = 0x11, + DWA_HIGH_PC = 0x12, + DWA_LANGUAGE = 0x13, + DWA_MEMBER = 0x14, + DWA_DISCR = 0x15, + DWA_DISCR_VALUE = 0x16, + DWA_VISIBILITY = 0x17, + DWA_IMPORT = 0x18, + DWA_STRING_LENGTH = 0x19, + DWA_COMMON_REFERENCE = 0x1a, + DWA_COMP_DIR = 0x1b, + DWA_CONST_VALUE = 0x1c, + DWA_CONTAINING_TYPE = 0x1d, + DWA_DEFAULT_VALUE = 0x1e, + DWA_INLINE = 0x20, + DWA_IS_OPTIONAL = 0x21, + DWA_LOWER_BOUND = 0x22, + DWA_PRODUCER = 0x25, + DWA_PROTOTYPED = 0x27, + DWA_RETURN_ADDR = 0x2a, + DWA_START_SCOPE = 0x2c, + DWA_BIT_STRIDE = 0x2e, /* DWARF3 */ + DWA_STRIDE_SIZE = 0x2e, /* DWARF2 */ + DWA_UPPER_BOUND = 0x2f, + DWA_ABSTRACT_ORIGIN = 0x31, + DWA_ACCESSIBILITY = 0x32, + DWA_ADDRESS_CLASS = 0x33, + DWA_ARTIFICIAL = 0x34, + DWA_BASE_TYPES = 0x35, + DWA_CALLING_CONVENTION = 0x36, + DWA_COUNT = 0x37, + DWA_DATA_MEMBER_LOCATION = 0x38, + DWA_DECL_COLUMN = 0x39, + DWA_DECL_FILE = 0x3a, + DWA_DECL_LINE = 0x3b, + DWA_DECLARATION = 0x3c, + DWA_DISCR_LIST = 0x3d, + DWA_ENCODING = 0x3e, + DWA_EXTERNAL = 0x3f, + DWA_FRAME_BASE = 0x40, + DWA_FRIEND = 0x41, + DWA_IDENTIFIER_CASE = 0x42, + DWA_MACRO_INFO = 0x43, + DWA_NAMELIST_ITEM = 0x44, + DWA_PRIORITY = 0x45, + DWA_SEGMENT = 0x46, + DWA_SPECIFICATION = 0x47, + DWA_STATIC_LINK = 0x48, + DWA_TYPE = 0x49, + DWA_USE_LOCATION = 0x4a, + DWA_VARIABLE_PARAMETER = 0x4b, + DWA_VIRTUALITY = 0x4c, + DWA_VTABLE_ELEM_LOCATION = 0x4d, + DWA_ALLOCATED = 0x4e, /* DWARF3 */ + DWA_ASSOCIATED = 0x4f, /* DWARF3 */ + DWA_DATA_LOCATION = 0x50, /* DWARF3 */ + DWA_BYTE_STRIDE = 0x51, /* DWARF3f */ + DWA_STRIDE = 0x51, /* DWARF3 (ne pas utiliser) */ + DWA_ENTRY_PC = 0x52, /* DWARF3 */ + DWA_USE_UTF8 = 0x53, /* DWARF3 */ + DWA_EXTENSION = 0x54, /* DWARF3 */ + DWA_RANGES = 0x55, /* DWARF3 */ + DWA_TRAMPOLINE = 0x56, /* DWARF3 */ + DWA_CALL_COLUMN = 0x57, /* DWARF3 */ + DWA_CALL_FILE = 0x58, /* DWARF3 */ + DWA_CALL_LINE = 0x59, /* DWARF3 */ + DWA_DESCRIPTION = 0x5a, /* DWARF3 */ + DWA_BINARY_SCALE = 0x5b, /* DWARF3f */ + DWA_DECIMAL_SCALE = 0x5c, /* DWARF3f */ + DWA_SMALL = 0x5d, /* DWARF3f */ + DWA_DECIMAL_SIGN = 0x5e, /* DWARF3f */ + DWA_DIGIT_COUNT = 0x5f, /* DWARF3f */ + DWA_PICTURE_STRING = 0x60, /* DWARF3f */ + DWA_MUTABLE = 0x61, /* DWARF3f */ + DWA_THREADS_SCALED = 0x62, /* DWARF3f */ + DWA_EXPLICIT = 0x63, /* DWARF3f */ + DWA_OBJECT_POINTER = 0x64, /* DWARF3f */ + DWA_ENDIANITY = 0x65, /* DWARF3f */ + DWA_ELEMENTAL = 0x66, /* DWARF3f */ + DWA_PURE = 0x67, /* DWARF3f */ + DWA_RECURSIVE = 0x68, /* DWARF3f */ + + DWA_LO_USER = 0x2000, + + /* Extension HP */ + + DWA_HP_BLOCK_INDEX = 0x2000, + + /* Extensions MIPS/SGI */ + + DWA_MIPS_FDE = 0x2001, + DWA_MIPS_LOOP_BEGIN = 0x2002, + DWA_MIPS_TAIL_LOOP_BEGIN = 0x2003, + DWA_MIPS_EPILOG_BEGIN = 0x2004, + DWA_MIPS_LOOP_UNROLL_FACTOR = 0x2005, + DWA_MIPS_SOFTWARE_PIPELINE_DEPTH = 0x2006, + DWA_MIPS_LINKAGE_NAME = 0x2007, + DWA_MIPS_STRIDE = 0x2008, + DWA_MIPS_ABSTRACT_NAME = 0x2009, + DWA_MIPS_CLONE_ORIGIN = 0x200a, + DWA_MIPS_HAS_INLINES = 0x200b, + DWA_MIPS_STRIDE_BYTE = 0x200c, + DWA_MIPS_STRIDE_ELEM = 0x200d, + DWA_MIPS_PTR_DOPETYPE = 0x200e, + DWA_MIPS_ALLOCATABLE_DOPETYPE = 0x200f, + DWA_MIPS_ASSUMED_SHAPE_DOPETYPE = 0x2010, + DWA_MIPS_ASSUMED_SIZE = 0x2011, + + /* Extensions HP */ + + DWA_HP_unmodifiable = 0x2001, /* conflit : MIPS */ + DWA_HP_actuals_stmt_list = 0x2010, /* conflit : MIPS */ + DWA_HP_proc_per_section = 0x2011, /* conflit : MIPS */ + DWA_HP_raw_data_ptr = 0x2012, + DWA_HP_pass_by_reference = 0x2013, + DWA_HP_opt_level = 0x2014, + DWA_HP_prof_version_id = 0x2015, + DWA_HP_opt_flags = 0x2016, + DWA_HP_cold_region_low_pc = 0x2017, + DWA_HP_cold_region_high_pc = 0x2018, + DWA_HP_all_variables_modifiable = 0x2019, + DWA_HP_linkage_name = 0x201a, + DWA_HP_prof_flags = 0x201b, + + /* Extensions GNU */ + + DWA_GNU_SF_NAMES = 0x2101, + DWA_GNU_SRC_INFO = 0x2102, + DWA_GNU_MAC_INFO = 0x2103, + DWA_GNU_SRC_COORDS = 0x2104, + DWA_GNU_BODY_BEGIN = 0x2105, + DWA_GNU_BODY_END = 0x2106, + DWA_GNU_VECTOR = 0x2107, + + /* Extensions SUN */ + + DWA_SUN_TEMPLATE = 0x2201, + DWA_SUN_RTNBEG_PD_ADDRESS = 0x2201, + DWA_SUN_ALIGNMENT = 0x2202, + DWA_SUN_VTABLE = 0x2203, + DWA_SUN_COUNT_GUARANTEE = 0x2204, + DWA_SUN_COMMAND_LINE = 0x2205, + DWA_SUN_VBASE = 0x2206, + DWA_SUN_COMPILE_OPTIONS = 0x2207, + DWA_SUN_LANGUAGE = 0x2208, + DWA_SUN_BROWSER_FILE = 0x2209, + DWA_SUN_VTABLE_ABI = 0x2210, + DWA_SUN_FUNC_OFFSETS = 0x2211, + DWA_SUN_CF_KIND = 0x2212, + DWA_SUN_VTABLE_INDEX = 0x2213, + DWA_SUN_OMP_TPRIV_ADDR = 0x2214, + DWA_SUN_OMP_CHILD_FUNC = 0x2215, + DWA_SUN_FUNC_OFFSET = 0x2216, + DWA_SUN_MEMOP_TYPE_REF = 0x2217, + DWA_SUN_PROFILE_ID = 0x2218, + DWA_SUN_MEMOP_SIGNATURE = 0x2219, + DWA_SUN_OBJ_DIR = 0x2220, + DWA_SUN_OBJ_FILE = 0x2221, + DWA_SUN_ORIGINAL_NAME = 0x2222, + DWA_SUN_HWCPROF_SIGNATURE = 0x2223, + DWA_SUN_AMD64_PARMDUMP = 0x2224, + DWA_SUN_PART_LINK_NAME = 0x2225, + DWA_SUN_LINK_NAME = 0x2226, + DWA_SUN_PASS_WITH_CONST = 0x2227, + DWA_SUN_RETURN_WITH_CONST = 0x2228, + DWA_SUN_IMPORT_BY_NAME = 0x2229, + DWA_SUN_F90_POINTER = 0x222a, + DWA_SUN_PASS_BY_REF = 0x222b, + DWA_SUN_F90_ALLOCATABLE = 0x222c, + DWA_SUN_F90_ASSUMED_SHAPE_ARRAY = 0x222d, + DWA_SUN_C_VLA = 0x222e, + DWA_SUN_RETURN_VALUE_PTR = 0x2230, + DWA_SUN_DTOR_START = 0x2231, + DWA_SUN_DTOR_LENGTH = 0x2232, + DWA_SUN_DTOR_STATE_INITIAL = 0x2233, + DWA_SUN_DTOR_STATE_FINAL = 0x2234, + DWA_SUN_DTOR_STATE_DELTAS = 0x2235, + DWA_SUN_IMPORT_BY_LNAME = 0x2236, + DWA_SUN_F90_USE_ONLY = 0x2237, + DWA_SUN_NAMELIST_SPEC = 0x2238, + DWA_SUN_IS_OMP_CHILD_FUNC = 0x2239, + DWA_SUN_FORTRAN_MAIN_ALIAS = 0x223a, + DWA_SUN_FORTRAN_BASED = 0x223b, + + /* Extensions ALTIUM */ + + DWA_ALTIUM_LOCLIST = 0x2300, + + /* Extensions PGI (STMicroelectronics) */ + + DWA_PGI_LBASE = 0x3a00, + DWA_PGI_SOFFSET = 0x3a01, + DWA_PGI_LSTRIDE = 0x3a02, + + /* Extensions pour le support UPC */ + + DWA_UPC_THREADS_SCALED = 0x3210, + + DWA_HI_USER = 0x3fff + +} DwarfAttrib; + + +/* Liste des types de données */ +typedef enum _DwarfForm +{ + DWF_ADDR = 0x01, + DWF_BLOCK2 = 0x03, + DWF_BLOCK4 = 0x04, + DWF_DATA2 = 0x05, + DWF_DATA4 = 0x06, + DWF_DATA8 = 0x07, + DWF_STRING = 0x08, + DWF_BLOCK = 0x09, + DWF_BLOCK1 = 0x0a, + DWF_DATA1 = 0x0b, + DWF_FLAG = 0x0c, + DWF_SDATA = 0x0d, + DWF_STRP = 0x0e, + DWF_UDATA = 0x0f, + DWF_REF_ADDR = 0x10, + DWF_REF1 = 0x11, + DWF_REF2 = 0x12, + DWF_REF4 = 0x13, + DWF_REF8 = 0x14, + DWF_REF_UDATA = 0x15, + DWF_INDIRECT = 0x16 + +} DwarfForm; + + +#endif + + + +#endif /* _FORMAT_DWARF_DWARF_DEF_H */ diff --git a/plugins/dwarf/form.c b/plugins/dwarf/form.c new file mode 100644 index 0000000..d7922f7 --- /dev/null +++ b/plugins/dwarf/form.c @@ -0,0 +1,113 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * form.h - prototypes pour la transmission des valeurs d'attributs + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "form.h" + + + +/****************************************************************************** +* * +* Paramètres : value = valeur au format Dwarf à consulter. * +* form = nature de la valeur à lire. * +* addr = valeur utilisable en interne récupérée. [OUT] * +* * +* Description : Transcrit une valeur Dwarf brute en adresse virtuelle. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool translate_form_into_address(const dw_form_value *value, DwarfForm form, virt_t *addr) +{ + bool result; /* Bilan à retourner */ + + result = true; + + switch (form) + { + case DW_FORM_addr: + *addr = value->v2.address; + break; + + case DW_FORM_data1: + *addr = value->v2.data1; + break; + + case DW_FORM_data2: + *addr = value->v2.data2; + break; + + case DW_FORM_data4: + *addr = value->v2.data4; + break; + + case DW_FORM_data8: + *addr = value->v2.data8; + break; + + default: + result = false; + break; + + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : value = valeur au format Dwarf à consulter. * +* form = nature de la valeur à lire. * +* * +* Description : Transcrit une valeur Dwarf brute en chaîne de caractères. * +* * +* Retour : Bilan de l'opération : chaîne de caractères ou NULL si échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +const char *translate_form_into_string(const dw_form_value *value, DwarfForm form) +{ + const char *result; /* Valeur et bilan à retourner */ + + switch (form) + { + case DW_FORM_string: + case DW_FORM_strp: + result = value->v2.string; + break; + + default: + result = NULL; + break; + + } + + return result; + +} diff --git a/plugins/dwarf/form.h b/plugins/dwarf/form.h new file mode 100644 index 0000000..bdef9b3 --- /dev/null +++ b/plugins/dwarf/form.h @@ -0,0 +1,40 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * form.h - prototypes pour la transmission des valeurs d'attributs + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_FORM_H +#define _FORMAT_DWARF_FORM_H + + +#include "dwarf_def.h" + + + +/* Transcrit une valeur Dwarf brute en adresse virtuelle. */ +bool translate_form_into_address(const dw_form_value *, DwarfForm, virt_t *); + +/* Transcrit une valeur Dwarf brute en chaîne de caractères. */ +const char *translate_form_into_string(const dw_form_value *, DwarfForm); + + + +#endif /* _FORMAT_DWARF_FORM_H */ diff --git a/plugins/dwarf/info.c b/plugins/dwarf/info.c new file mode 100644 index 0000000..432280e --- /dev/null +++ b/plugins/dwarf/info.c @@ -0,0 +1,853 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * info.c - lecture des informations principales du format DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "info.h" + + +#include "die.h" +#include "dwarf-int.h" +#include "../debuggable-int.h" + + + + + +static bool extract_dies_from_debug_information(GDwarfFormat *format, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die *parent, dw_die **die); + + + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage DWARF à compléter. * +* * +* Description : Charge les informations depuis une section ".debug_info". * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_dwarf_debug_information(GDwarfFormat *format) +{ + bool result; /* Bilan à renvoyer */ + + + + mrange_t range; /* Couverture d'une section */ + vmpa2t end; + vmpa2t iter; /* Tête de lecture mouvante */ + + dw_compil_unit_header header; + dw_die *die; + + + + result = g_exe_format_get_section_range_by_name(G_DBG_FORMAT(format)->executable, ".debug_info", &range); + if (!result) goto lddi_exit; + + copy_vmpa(&iter, get_mrange_addr(&range)); + + + printf("[%d] Passage :: 0x%08llx 0x%08llx\n", + result, + (unsigned long long)range.addr.physical, + (unsigned long long)range.addr.virtual); + + compute_mrange_end_addr(&range, &end); + + while (result) + { + /* Si il n'y a plus rien à lire dans la section... */ + if (cmp_vmpa(&iter, &end) >= 0) break; + + + printf("========================================================================\n"); + printf("========================================================================\n"); + printf("========================================================================\n"); + printf("========================================================================\n"); + printf("\n"); + printf("HEADER START :: 0x%x\n", (unsigned int)iter.physical); + + + result = read_dwarf_compil_unit_header(G_BIN_FORMAT(format)->content, &iter, + SRE_LITTLE /* FIXME */, &header); + if (!result) break; + + printf("[%d] header :: addr size=%hhu\n", result, header.address_size); + + + result = extract_dies_from_debug_information(format, &iter, + SRE_LITTLE /* FIXME */, &header, + NULL, &die); + + + + } + + + format->info_die = die; + + + lddi_exit: + + return result; + +} + + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage DWARF à compléter. * +* pos = position de début de lecture. [OUT] * +* endian = boutisme reconnu dans le format. * +* header = en-tête de description de l'unité à traiter. * +* parent = entrée parent de rattachement ou NULL si racine. * +* die = emplacement de stockage de l'entrée. [OUT] * +* * +* Description : Procède à la lecture de l'en-tête d'un contenu binaire DWARF.* +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool extract_dies_from_debug_information(GDwarfFormat *format, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die *parent, dw_die **die) +{ + bool result; /* Bilan à faire remonter */ + dw_die *child; /* Entrée subordonnée à charger*/ + + printf("==================================\n"); + printf("=== version : 0x%hx\n", header->version); + printf("=== offset abbrev : 0x%llx\n", (unsigned long long)header->debug_abbrev_offset); + printf("==================================\n"); + + + phys_t start = 0x1039; + + printf("start :: 0x%x\n", (unsigned int)(pos->physical - start)); + printf("start :: 0x%x\n", (unsigned int)(0x0 + pos->physical)); + + result = build_dwarf_die(format, pos, SRE_LITTLE /* FIXME */, header, die); + if (*die == NULL) return result; + + if (parent != NULL) + dw_die_append_child(parent, *die); + + if (dw_die_has_children(*die)) + { + printf("<<<< children >>>>\n"); + + printf("next :: 0x%x\n", (unsigned int)(pos->physical - start)); + + while (result) + { + result = extract_dies_from_debug_information(format, pos, endian, header, *die, &child); + + if (!result) + delete_dwarf_die(*die); + + /* Entrée avec un code nul -> fin */ + if (child == NULL) break; + + } + + } + + return result; + +} + + + + + + + +#if 0 +#include +#include + + +#include "abbrev.h" +#include "dwarf-int.h" +#include "utils.h" + + +/* Informations utiles d'une unité de compilation */ +typedef struct _compil_unit +{ + off_t startpos; /* Position de début d'unité */ + off_t endpos; /* Position d'unité suivante */ + + off_t offset; /* Position dans les abréviat° */ + uint8_t ptrsize; /* Taille des adresses mémoire */ + +} compil_unit; + + + +#define _(str) str + + +/* Procède à la lecture d'une unité de compilation. */ +bool read_dwarf_compilation_unit(dwarf_format *, off_t *, compil_unit *); + +/* Récupère toutes les déclarations DWARF utiles trouvées. */ +bool parse_dwarf_compilation_unit(dwarf_format *, off_t *, const compil_unit *); + +/* Enregistre toutes les déclarations de fonction trouvées. */ +dw_dbg_function *look_for_dwarf_subprograms(dwarf_format *, const dw_abbrev *, off_t *, const compil_unit *); + +/* Obtient la description humaine d'un type. */ +char *resolve_dwarf_function_type(dwarf_format *, const dw_abbrev *, const off_t *, const compil_unit *); + + + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* * +* Description : Charge les informations trouvées dans un DWARF. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_dwarf_information(dwarf_format *format) +{ + bool result; /* Bilan à renvoyer */ + + + + + off_t offset; + off_t start; + off_t size; + + bool test; + + int i; + + + compil_unit cu; + + + + result = true; + + test = find_exe_section(DBG_FORMAT(format)->e_format, ".debug_info", &start, &size, NULL); + + offset = start; + + + printf(" -> offset=%d size=%d\n", offset, size); + + + + for (i = 0; i < size; i++) + { + if (i % 25 == 0) printf("\n"); + printf("0x%02hhx ", DBG_FORMAT(format)->content[offset + i]); + } + + printf("\n"); + + + + while (offset < (start + size) && result) + { + printf("-------------\n"); + + result = read_dwarf_compilation_unit(format, &offset, &cu); + + if (result) + parse_dwarf_compilation_unit(format, &offset, &cu); + + } + + + printf("##############\nRegistered functions:\n"); + + for (i = 0; i < format->dbg_fc_count; i++) + printf(" > [0x%08llx] %s\n", format->dbg_functions[i]->low_pc, format->dbg_functions[i]->prototype); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à effacer. * +* * +* Description : Décharge les informations trouvées dans un DWARF. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void unload_dwarf_information(dwarf_format *format) +{ + + + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* cu = unité de compilation lue. [OUT] * +* * +* Description : Procède à la lecture d'une unité de compilation. * +* * +* Retour : true en cas de succès de la lecture, false sinon. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_compilation_unit(dwarf_format *format, off_t *pos, compil_unit *cu) +{ + off_t ulength; /* Taille de l'unité */ + uint16_t version; /* Version du format DWARF */ + + cu->startpos = *pos; + + if (!read_unit_length(format, pos, &ulength)) + return false; + + cu->endpos = *pos + ulength; + + if (!read_uhalf(format, pos, &version)) + return false; + + if (version > 3) return false; + + if (!read_abbrev_offset(format, pos, &cu->offset)) + return false; + + if (!read_address_size(format, pos, &cu->ptrsize)) + return false; + + return true; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* cu = unité de compilation courante. * +* * +* Description : Récupère toutes les déclarations DWARF utiles trouvées. * +* * +* Retour : true en cas de succès de la lecture, false sinon. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool parse_dwarf_compilation_unit(dwarf_format *format, off_t *pos, const compil_unit *cu) +{ + bool result; /* Bilan à retourner */ + const dw_abbrev *abbrev; /* Abréviation rencontrée */ + dw_dbg_function *function; /* Nouvelle fonction lue */ + + + + result = true; + + while (*pos < cu->endpos && result) + { + + + printf(" =+> Cur :: 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx\n", + DBG_FORMAT(format)->content[*pos], + DBG_FORMAT(format)->content[*pos + 1], + DBG_FORMAT(format)->content[*pos + 2], + DBG_FORMAT(format)->content[*pos + 3], + DBG_FORMAT(format)->content[*pos + 4]); + + + + abbrev = find_dwarf_abbreviations(format, &cu->offset, pos); + + if (abbrev == NULL) + break; + + + + printf(" --> %p\n", abbrev); + + printf(" == 0x%02x (matched ? %d)\n", abbrev->tag, abbrev->tag == DWT_SUBPROGRAM); + + + + switch (abbrev->tag) + { + case DWT_SUBPROGRAM: + function = look_for_dwarf_subprograms(format, abbrev, pos, cu); + + if (function != NULL) + { + format->dbg_functions = (dw_dbg_function **)realloc(format->dbg_functions, ++format->dbg_fc_count * sizeof(dw_dbg_function *)); + format->dbg_functions[format->dbg_fc_count - 1] = function; + } + else result = false; + + break; + + default: + break; + + } + + + + + + + + + + + + + if (!skip_dwarf_abbrev(format, pos, abbrev)) + printf("error skipping :(\n"); + + + } + + + printf(" =+> Next :: 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx\n", + DBG_FORMAT(format)->content[*pos], + DBG_FORMAT(format)->content[*pos + 1], + DBG_FORMAT(format)->content[*pos + 2], + DBG_FORMAT(format)->content[*pos + 3], + DBG_FORMAT(format)->content[*pos + 4]); + + + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* abbrev = abréviation trouvée à traiter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* cu = unité de compilation courante. * +* * +* Description : Enregistre toutes les déclarations de fonction trouvées. * +* * +* Retour : Fonction chargée en mémoire ou NULL en cas d'échec. * +* * +* Remarques : - * +* * +******************************************************************************/ + +dw_dbg_function *look_for_dwarf_subprograms(dwarf_format *format, const dw_abbrev *abbrev, off_t *pos, const compil_unit *cu) +{ + dw_dbg_function *result; /* Structure à retourner */ + uint32_t type_pos; /* Décalage p/r au pt courant */ + off_t subpos; /* Sous-position de lecture #1 */ + const dw_abbrev *subabbrev; /* Abréviation fille à lire */ + char *retstr; /* Elément du prototype */ + char *prototype; /* Stockage temporaire */ + size_t proto_len; /* Taille du prototype */ + bool is_pointer; /* Mémorise le type 'pointeur' */ + uint64_t index; /* Index de la fonction */ + bool first_arg; /* Marque le 1er argument */ + off_t subpos2; /* Sous-position de lecture #2 */ + const dw_abbrev *subabbrev2; /* Abréviation fille à lire #2 */ + + result = (dw_dbg_function *)calloc(1, sizeof(dw_dbg_function)); + + /* Récupération des informations de base */ + + if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_NAME, &result->name)) + goto lfds_error; + + if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_LOW_PC, &result->low_pc)) + goto lfds_error; + + if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_HIGH_PC, &result->high_pc)) + goto lfds_error; + + /* Type de la fonction */ + + if (test_dwarf_abbrev_attribute(abbrev, DWA_TYPE)) + { + if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_TYPE, &type_pos)) + goto lfds_error; + + subpos = cu->startpos + type_pos; + + subabbrev = find_dwarf_abbreviations(format, &cu->offset, &subpos); + + retstr = resolve_dwarf_function_type(format, subabbrev, &subpos, cu); + + } + else retstr = strdup("void"); + + if (retstr == NULL) + { + proto_len = 3; + prototype = (char *)calloc(proto_len + 1, sizeof(char)); + strcat(prototype, "???"); + + is_pointer = false; + + } + else + { + proto_len = strlen(retstr); + prototype = (char *)calloc(proto_len + 1, sizeof(char)); + strcat(prototype, retstr); + + is_pointer = (retstr[strlen(retstr) - 1] == '*'); + + free(retstr); + + } + + /* On saute l'abréviation de la déclaration de fonction... */ + + subpos = *pos; + + if (!read_uleb128(format, &subpos, &index, true)) + goto lfds_error; + + if (!skip_dwarf_abbrev(format, &subpos, abbrev)) + goto lfds_error; + + /* Lecture des différents arguments */ + + proto_len += (!is_pointer ? 1 : 0) + strlen(result->name) + 1; + prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); + if (!is_pointer) strcat(prototype, " "); + strcat(prototype, result->name); + strcat(prototype, "("); + + first_arg = true; + + while (1) + { + subabbrev = find_dwarf_abbreviations(format, &cu->offset, &subpos); + if (subabbrev == NULL) goto exit_loop; + + switch (subabbrev->tag) + { + case DWT_UNSPECIFIED_PARAMETERS: + + /* Virgule de séparation */ + + if (first_arg) first_arg = false; + else + { + proto_len += 2; + prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); + strcat(prototype, ", "); + } + + /* Marque de l'absence de type */ + + proto_len += 3; + prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); + strcat(prototype, "..."); + + break; + + case DWT_FORMAL_PARAMETER: + + if (!read_dwarf_abbrev_attribute(format, &subpos, false, subabbrev, DWA_TYPE, &type_pos)) + goto lfds_error; + + subpos2 = cu->startpos + type_pos; + + subabbrev2 = find_dwarf_abbreviations(format, &cu->offset, &subpos2); + + retstr = resolve_dwarf_function_type(format, subabbrev2, &subpos2, cu); + + /* Virgule de séparation */ + + if (first_arg) first_arg = false; + else + { + proto_len += 2; + prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); + strcat(prototype, ", "); + } + + /* Type de l'argument */ + + if (retstr == NULL) + { + proto_len += 3; + prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); + strcat(prototype, "???"); + + is_pointer = false; + + } + else + { + proto_len += strlen(retstr); + prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); + strcat(prototype, retstr); + + is_pointer = (retstr[strlen(retstr) - 1] == '*'); + + free(retstr); + + } + + /* Nom de l'argument */ + + if (test_dwarf_abbrev_attribute(abbrev, DWA_NAME)) + { + if (!read_dwarf_abbrev_attribute(format, &subpos, false, subabbrev, DWA_NAME, &retstr)) + goto lfds_error; + } + else retstr = strdup(_("[no name]")); + + if (retstr != NULL) + { + proto_len += strlen(retstr) + (!is_pointer ? 1 : 0) + 1; + prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); + if (!is_pointer) strcat(prototype, " "); + strcat(prototype, retstr); + + free(retstr); + + } + + break; + + default: + goto exit_loop; + break; + + } + + if (!skip_dwarf_abbrev(format, &subpos, subabbrev)) + goto lfds_error; + + } + + exit_loop: + + proto_len += 1; + prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); + strcat(prototype, ")"); + + result->prototype = prototype; + + return result; + + lfds_error: + + if (result->name != NULL) free(result->name); + if (result->prototype != NULL) free(result->prototype); + + free(result); + + return NULL; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* abbrev = abréviation associée au type. * +* pos = tête de lecture à avoir sous le coude. * +* cu = unité de compilation courante. * +* * +* Description : Obtient la description humaine d'un type. * +* * +* Retour : Chaîne de caractères en cas de succès, NULL sinon. * +* * +* Remarques : - * +* * +******************************************************************************/ + +char *resolve_dwarf_function_type(dwarf_format *format, const dw_abbrev *abbrev, const off_t *pos, const compil_unit *cu) +{ + char *result; /* Description à retourner */ + off_t oldpos; /* Conservation de l'indice */ + uint32_t type_pos; /* Sous-type détecté */ + uint64_t index; /* Indice de l'abréviation... */ + const dw_abbrev *subabbrev; /* ... et abréviation associée */ + size_t len; /* Longeur d'un résultat */ + + result = NULL; + oldpos = *pos; + + switch (abbrev->tag) + { + /* 0x04 */ + case DWT_ENUMERATION_TYPE: + + oldpos = *pos; + read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result); + + if (result != NULL) + { + len = strlen(result); + + result = (char *)realloc(result, (strlen("enum ") + len + 1) * sizeof(char)); + memmove(&result[strlen("enum ")], result, len); + memcpy(result, "enum ", strlen("enum ")); + + } + + break; + + /* 0x0f */ + case DWT_POINTER_TYPE: + + if (test_dwarf_abbrev_attribute(abbrev, DWA_TYPE)) + { + if (!read_dwarf_abbrev_attribute(format, &oldpos, true, abbrev, DWA_TYPE, &type_pos)) + return NULL; + + oldpos = cu->startpos + type_pos; + + subabbrev = find_dwarf_abbreviations(format, &cu->offset, &oldpos); + + result = resolve_dwarf_function_type(format, subabbrev, &oldpos, cu); + + } + else result = strdup("void"); + + if (result != NULL) + { + len = strlen(result); + + if (result[len - 1] == '*') + { + result = (char *)realloc(result, (len + 2) * sizeof(char)); + result[len] = '*'; + } + else + { + result = (char *)realloc(result, (len + 3) * sizeof(char)); + strcat(result, " *"); + } + + } + + break; + + /* 0x13 */ + case DWT_STRUCTURE_TYPE: + + oldpos = *pos; + read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result); + + if (result != NULL) + { + len = strlen(result); + + result = (char *)realloc(result, (strlen("struct ") + len + 1) * sizeof(char)); + memmove(&result[strlen("struct ")], result, len); + memcpy(result, "struct ", strlen("struct ")); + + } + + break; + + /* 0x16 */ + case DWT_TYPEDEF: + oldpos = *pos; + read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result); + break; + + /* 0x24 */ + case DWT_BASE_TYPE: + oldpos = *pos; + read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result); + break; + + /* 0x26 */ + case DWT_CONST_TYPE: + + + + if (read_dwarf_abbrev_attribute(format, &oldpos, true, abbrev, DWA_TYPE, &type_pos)) + printf(" ## sub type :: 0x%08x\n", type_pos); + else printf(" error: no type\n"); + + oldpos = cu->startpos + type_pos; + + + + + + + subabbrev = find_dwarf_abbreviations(format, &cu->offset, &oldpos); + printf("subabbrev == %p\n", subabbrev); + + + + + result = resolve_dwarf_function_type(format, subabbrev, &oldpos, cu); + + if (result != NULL) + { + len = strlen(result); + + result = (char *)realloc(result, (strlen("const ") + len + 1) * sizeof(char)); + memmove(&result[strlen("const ")], result, len); + memcpy(result, "const ", strlen("const ")); + + } + + break; + + default: + printf("### NOT HANDLED ### Tag :: 0x%02x\n", abbrev->tag); + break; + + } + + return result; + +} +#endif diff --git a/plugins/dwarf/info.h b/plugins/dwarf/info.h new file mode 100644 index 0000000..76220e5 --- /dev/null +++ b/plugins/dwarf/info.h @@ -0,0 +1,63 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * info.h - prototypes pour la lecture des informations principales du format DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_INFO_H +#define _FORMAT_DWARF_INFO_H + + +#include + + +#include "dwarf.h" + + + +/* Charge les informations depuis une section ".debug_info". */ +bool load_dwarf_debug_information(GDwarfFormat *); + + + + + + + + +#if 0 + +#include + + +#include "d_dwarf.h" + + + +/* Charge les informations trouvées dans un DWARF. */ +bool load_dwarf_information(dwarf_format *); + +/* Décharge les informations trouvées dans un DWARF. */ +void unload_dwarf_information(dwarf_format *); +#endif + + + +#endif /* _FORMAT_DWARF_INFO_H */ diff --git a/plugins/dwarf/symbols.c b/plugins/dwarf/symbols.c new file mode 100644 index 0000000..3ddfb96 --- /dev/null +++ b/plugins/dwarf/symbols.c @@ -0,0 +1,316 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * symbols.c - gestion des symboles d'un DWARF + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "symbols.h" + + +#include "die.h" +#include "dwarf-int.h" +#include "form.h" +#include "../../core/params.h" +#include "../../mangling/demangler.h" + + + +/* Charge les informations d'une routine en tant que symbole. */ +static bool load_routine_as_symbol_from_dwarf(GDwarfFormat *, const dw_die *, const dw_abbrev *, bool); + +/* Charge les informations d'un objet en tant que symbole. */ +static bool load_object_as_symbol_from_dwarf(GDwarfFormat *, const dw_die *, const dw_abbrev *, bool); + + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* die = entrée d'informations de débogage à utiliser. * +* abbrev = abréviation déjà chargée sur laquelle s'appuyer. * +* use_virt = oriente le choix de la distinction ultime. * +* * +* Description : Charge les informations d'une routine en tant que symbole. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool load_routine_as_symbol_from_dwarf(GDwarfFormat *format, const dw_die *die, const dw_abbrev *abbrev, bool use_virt) +{ + DwarfForm form; /* Type d'une valeur d'attribut*/ + const dw_form_value *value; /* Valeur concrète d'attribut */ + virt_t virt; /* Adresse virtuelle de départ */ + bool status; /* Bilan d'une récupération */ + virt_t len; /* Taille de la zone couverte */ + vmpa2t addr; /* Localisation complète */ + mrange_t range; /* Espace de couverture total */ + const char *name; /* Désignation humaine */ + char alt_name[6 + VMPA_MAX_LEN]; /* Nom abstrait de substitution*/ + GBinRoutine *routine; /* Nouvelle routine trouvée */ + GBinSymbol *symbol; /* Nouveau symbole construit */ + + /* Surface couverte */ + + value = dw_die_peek_extended_value(die, DW_AT_low_pc, &form); + if (value == NULL) goto lrasfd_bad_start; + + status = translate_form_into_address(value, form, &virt); + if (!status) goto lrasfd_bad_start; + + value = dw_die_peek_extended_value(die, DW_AT_high_pc, &form); + if (value == NULL) goto lrasfd_bad_start; + + status &= translate_form_into_address(value, form, &len); + if (!status) goto lrasfd_bad_start; + + if (!g_exe_format_translate_address_into_vmpa(G_DBG_FORMAT(format)->executable, virt, &addr)) + init_vmpa(&addr, VMPA_NO_PHYSICAL, virt); + + init_mrange(&range, &addr, len); + + /* Désignation humaine */ + + value = dw_die_peek_extended_value(die, DW_AT_name, &form); + if (value == NULL) goto lrasfd_bad_name; + + name = translate_form_into_string(value, form); + + if (name == NULL) + { + strcpy(alt_name, "func_"); + + if (use_virt) + vmpa2_virt_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL); + else + vmpa2_phys_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL); + + name = alt_name; + + } + + /* Intégration en bonne et due forme */ + + routine = g_binary_format_decode_routine(G_BIN_FORMAT(format), name); + symbol = G_BIN_SYMBOL(routine); + + g_binary_symbol_set_range(symbol, &range); + + g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol); + + + + + printf(" --> [valid ?= %d] start @ 0x%08llx\n", status, virt); + printf(" --> [valid ?= %d] len = 0x%08llx\n", status, len); + printf(" --> [valid ?= %d] name = '%s'\n", status, name); + + + return true; + + lrasfd_bad_start: + lrasfd_bad_name: + + return false; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* die = entrée d'informations de débogage à utiliser. * +* abbrev = abréviation déjà chargée sur laquelle s'appuyer. * +* use_virt = oriente le choix de la distinction ultime. * +* * +* Description : Charge les informations d'un objet en tant que symbole. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static bool load_object_as_symbol_from_dwarf(GDwarfFormat *format, const dw_die *die, const dw_abbrev *abbrev, bool use_virt) +{ + DwarfForm form; /* Type d'une valeur d'attribut*/ + const dw_form_value *value; /* Valeur concrète d'attribut */ + virt_t virt; /* Adresse virtuelle de départ */ + bool status; /* Bilan d'une récupération */ + virt_t len; /* Taille de la zone couverte */ + vmpa2t addr; /* Localisation complète */ + mrange_t range; /* Espace de couverture total */ + const char *name; /* Désignation humaine */ + char alt_name[5 + VMPA_MAX_LEN]; /* Nom abstrait de substitution*/ + GBinRoutine *routine; /* Nouvelle routine trouvée */ + GBinSymbol *symbol; /* Nouveau symbole construit */ + + /* Surface couverte */ + + + + + + + /* + value = dw_die_peek_extended_value(die, DW_AT_low_pc, &form); + if (value == NULL) goto lrasfd_bad_start; + + status = translate_form_into_address(value, form, &virt); + if (!status) goto lrasfd_bad_start; + + value = dw_die_peek_extended_value(die, DW_AT_high_pc, &form); + if (value == NULL) goto lrasfd_bad_start; + + status &= translate_form_into_address(value, form, &len); + if (!status) goto lrasfd_bad_start; + + if (!g_exe_format_translate_address_into_vmpa(G_DBG_FORMAT(format)->executable, virt, &addr)) + init_vmpa(&addr, VMPA_NO_PHYSICAL, virt); + + init_mrange(&range, &addr, len); + */ + + + + + + /* Désignation humaine */ + + value = dw_die_peek_extended_value(die, DW_AT_name, &form); + if (value == NULL) goto lrasfd_bad_name; + + name = translate_form_into_string(value, form); + + if (name == NULL) + { + strcpy(alt_name, "obj_"); + + if (use_virt) + vmpa2_virt_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL); + else + vmpa2_phys_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL); + + name = alt_name; + + } + + /* Intégration en bonne et due forme */ + + /* + routine = try_to_demangle_routine(name); + + g_binary_symbol_set_range(G_BIN_SYMBOL(routine), &range); + + symbol = g_binary_symbol_new(NULL, STP_OBJECT); + g_binary_symbol_attach_routine(symbol, routine); + + g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol); + */ + + + + //printf(" --> [valid ?= %d] start @ 0x%08llx\n", status, virt); + //printf(" --> [valid ?= %d] len = 0x%08llx\n", status, len); + //printf(" --> [valid ?= %d] name = '%s'\n", status, name); + + + return true; + + lrasfd_bad_start: + lrasfd_bad_name: + + return false; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* * +* Description : Charge en mémoire la liste humaine des symboles. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_dwarf_symbols(GDwarfFormat *format) +{ + bool result; /* Bilan à retourner */ + bool no_name; /* Choix de construction de nom*/ + + typedef struct _die_visit_info + { + GDwarfFormat *format; + bool use_virt; + + } die_visit_info; + + die_visit_info vinfo; /* Information pour visiteur */ + + + bool catch_dwarf_symbol(const dw_die *die, die_visit_info *info) + { + const dw_abbrev *abbrev; /* Lien vers la représentation */ + DwarfTag tag; /* Etiquette à analyser */ + bool status; /* Bilan d'un chargement */ + + abbrev = dw_die_get_abbrev(die); + tag = dwarf_abbreviation_get_tag(abbrev); + + switch (tag) + { + case DW_TAG_subprogram: + printf(" DIE ==> %p -> %p // tag = %x\n", die, abbrev, tag); + status = load_routine_as_symbol_from_dwarf(info->format, die, abbrev, info->use_virt); + break; + + case DW_TAG_variable: + printf(" DIE ==> %p -> %p // tag = %x\n", die, abbrev, tag); + status = load_object_as_symbol_from_dwarf(info->format, die, abbrev, info->use_virt); + break; + + default: + status = true; + break; + + } + + return status; + + } + + + if (!g_generic_config_get_value(get_main_configuration(), MPK_FORMAT_NO_NAME, &no_name)) + return false; + + vinfo.format = format; + vinfo.use_virt = no_name; + + result = dw_die_visit(format->info_die, (visit_dies_fc)catch_dwarf_symbol, &vinfo); + + return result; + +} diff --git a/plugins/dwarf/symbols.h b/plugins/dwarf/symbols.h new file mode 100644 index 0000000..128f00c --- /dev/null +++ b/plugins/dwarf/symbols.h @@ -0,0 +1,40 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * symbols.h - prototypes pour la gestion des symboles d'un DWARF + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_SYMBOLS_H +#define _FORMAT_DWARF_SYMBOLS_H + + +#include + + +#include "dwarf.h" + + + +/* Charge en mémoire la liste humaine des symboles. */ +bool load_dwarf_symbols(GDwarfFormat *); + + + +#endif /* _FORMAT_DWARF_SYMBOLS_H */ diff --git a/plugins/dwarf/utils.c b/plugins/dwarf/utils.c new file mode 100644 index 0000000..b767970 --- /dev/null +++ b/plugins/dwarf/utils.c @@ -0,0 +1,304 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * utils.h - prototypes pour les fonctions d'aisance vis à vis du format DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "utils.h" + + +#include + + +#include "dwarf-int.h" + + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à consulter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* value = valeur au format LEB128 lue. [OUT] * +* update = indique si la position est à mettre à jour. * +* * +* Description : Lit une valeur Little Endian Base 128 signée. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : En cas d'échec, la tête de lecture est indéterminée. * +* * +******************************************************************************/ + +bool read_leb128(dwarf_format *format, off_t *pos, int64_t *value, bool update) +{ + off_t curpos; /* Tête de lecture effective */ + int shift; /* Décalage à appliquer */ + off_t i; /* Boucle de parcours */ + + curpos = *pos; + shift = 0; + *value = 0; + + for (i = 0; i < 8; i++) + { + /* On évite les débordements... */ + if (curpos >= DBG_FORMAT(format)->length) return false; + + *value |= (DBG_FORMAT(format)->content[curpos] & 0x7f) << shift; + + shift += 7; + curpos++; + + if ((DBG_FORMAT(format)->content[*pos + i] & 0x80) == 0x00) break; + + } + + if ((shift < 64) && (DBG_FORMAT(format)->content[curpos - 1] & 0x40) == 0x40) + *value |= - (1 << shift); + + if (update) *pos = curpos; + + return (i < 8); + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à consulter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* value = valeur au format LEB128 lue. [OUT] * +* update = indique si la position est à mettre à jour. * +* * +* Description : Lit une valeur Little Endian Base 128 non signée. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : En cas d'échec, la tête de lecture est indéterminée. * +* * +******************************************************************************/ + +bool read_uleb128(dwarf_format *format, off_t *pos, uint64_t *value, bool update) +{ + off_t curpos; /* Tête de lecture effective */ + int shift; /* Décalage à appliquer */ + off_t i; /* Boucle de parcours */ + + curpos = *pos; + shift = 0; + *value = 0; + + for (i = 0; i < 8; i++) + { + /* On évite les débordements... */ + if (curpos >= DBG_FORMAT(format)->length) return false; + + *value |= (DBG_FORMAT(format)->content[curpos] & 0x7f) << shift; + + shift += 7; + curpos++; + + if ((DBG_FORMAT(format)->content[*pos + i] & 0x80) == 0x00) break; + + } + + if (update) *pos = curpos; + + return (i < 8); + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à consulter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* value = valeur entière lue. [OUT] * +* * +* Description : Lit une valeur représentant une longueur d'unité. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : Un peu sale : la sortie est signée et dépend du système, * +* alors que la valeur est non signée et dépend de la cible. * +* * +******************************************************************************/ + +bool read_unit_length(dwarf_format *format, off_t *pos, off_t *value) +{ + bool result; /* Bilan à retourner */ + uint32_t val32; /* Entier sur 4 octets */ + uint64_t val64; /* Entier sur 8 octets */ + + /* FIXME : Endian... */ + + if (format->format == DWF_32_BITS) + { + result = ((*pos + 4) <= DBG_FORMAT(format)->length); + + if (result) + { + memcpy(&val32, &DBG_FORMAT(format)->content[*pos], 4); + (*pos) += 4; + + *value = val32; + + } + + } + else + { + result = ((*pos + 4 + 8) <= DBG_FORMAT(format)->length); + + if (result) + { + memcpy(&val64, &DBG_FORMAT(format)->content[*pos + 4], 8); + (*pos) += 4 + 8; + + *value = val64; + + } + + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à consulter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* value = valeur entière non signée lue. [OUT] * +* * +* Description : Lit une valeur non signée sur deux octets. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_uhalf(dwarf_format *format, off_t *pos, uint16_t *value) +{ + bool result; /* Bilan à retourner */ + + /* FIXME : Endian... */ + + result = ((*pos + 2) <= DBG_FORMAT(format)->length); + + if (result) + { + memcpy(value, &DBG_FORMAT(format)->content[*pos], 2); + (*pos) += 2; + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à consulter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* value = valeur entière lue. [OUT] * +* * +* Description : Lit une valeur indiquant une position dans les abréviations. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : Un peu sale : la sortie est signée et dépend du système, * +* alors que la valeur est non signée et dépend de la cible. * +* * +******************************************************************************/ + +bool read_abbrev_offset(dwarf_format *format, off_t *pos, off_t *value) +{ + bool result; /* Bilan à retourner */ + uint32_t val32; /* Entier sur 4 octets */ + uint64_t val64; /* Entier sur 8 octets */ + + /* FIXME : Endian... */ + + if (format->format == DWF_32_BITS) + { + result = ((*pos + 4) <= DBG_FORMAT(format)->length); + + if (result) + { + memcpy(&val32, &DBG_FORMAT(format)->content[*pos], 4); + (*pos) += 4; + + *value = val32; + + } + + } + else + { + result = ((*pos + 8) <= DBG_FORMAT(format)->length); + + if (result) + { + memcpy(&val64, &DBG_FORMAT(format)->content[*pos], 8); + (*pos) += 8; + + *value = val64; + + } + + } + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à consulter. * +* pos = tête de lecture à mettre à jour. [OUT] * +* value = valeur entière non signée lue. [OUT] * +* * +* Description : Lit une valeur indiquant la taille des adresses mémoire. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_address_size(dwarf_format *format, off_t *pos, uint8_t *value) +{ + bool result; /* Bilan à retourner */ + + result = ((*pos + 1) <= DBG_FORMAT(format)->length); + + if (result) + { + *value = DBG_FORMAT(format)->content[*pos]; + (*pos)++; + } + + return result; + +} diff --git a/plugins/dwarf/utils.h b/plugins/dwarf/utils.h new file mode 100644 index 0000000..6727082 --- /dev/null +++ b/plugins/dwarf/utils.h @@ -0,0 +1,56 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * utils.h - prototypes pour les fonctions d'aisance vis à vis du format DWARF + * + * Copyright (C) 2008-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_UTILS_H +#define _FORMAT_DWARF_UTILS_H + + +#include +#include + + +#include "d_dwarf.h" + + + +/* Lit une valeur Little Endian Base 128 signée. */ +bool read_leb128(dwarf_format *, off_t *, int64_t *, bool); + +/* Lit une valeur Little Endian Base 128 non signée. */ +bool read_uleb128(dwarf_format *, off_t *, uint64_t *, bool); + +/* Lit une valeur représentant une longueur d'unité. */ +bool read_unit_length(dwarf_format *, off_t *, off_t *); + +/* Lit une valeur non signée sur deux octets. */ +bool read_uhalf(dwarf_format *, off_t *, uint16_t *); + +/* Lit une valeur indiquant une position dans les abréviations. */ +bool read_abbrev_offset(dwarf_format *, off_t *, off_t *); + +/* Lit une valeur indiquant la taille des adresses mémoire. */ +bool read_address_size(dwarf_format *, off_t *, uint8_t *); + + + +#endif /* _FORMAT_DWARF_UTILS_H */ diff --git a/plugins/dwarf/v2/Makefile.am b/plugins/dwarf/v2/Makefile.am new file mode 100644 index 0000000..d1fc563 --- /dev/null +++ b/plugins/dwarf/v2/Makefile.am @@ -0,0 +1,18 @@ + +noinst_LTLIBRARIES = libformatdwarfv2.la + +libformatdwarfv2_la_SOURCES = \ + dwarf.h dwarf.c \ + form.h form.c + +libformatdwarfv2_la_LDFLAGS = $(LIBGTK_LIBS) + + +devdir = $(includedir)/chrysalide/$(subdir:src/%=%) + +dev_HEADERS = $(libformatdwarfv2_la_SOURCES:%c=) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/dwarf/v2/dwarf.c b/plugins/dwarf/v2/dwarf.c new file mode 100644 index 0000000..8f794bf --- /dev/null +++ b/plugins/dwarf/v2/dwarf.c @@ -0,0 +1,180 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.c - support du format DWARF v2 + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "dwarf.h" + + +#include "../dwarf-int.h" + + +#include "form.h" + + + +/* Format de débogage DWARF v2 (instance) */ +struct _GDwarfV2Format +{ + GDwarfFormat parent; /* A laisser en premier */ + +}; + +/* Format de débogage DWARF v2 (classe) */ +struct _GDwarfV2FormatClass +{ + GDwarfFormatClass parent; /* A laisser en premier */ + +}; + + +/* Initialise la classe des formats de débogage DWARF v2. */ +static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *); + +/* Initialise une instance de format de débogage DWARF v2. */ +static void g_dwarfv2_format_init(GDwarfV2Format *); + +/* Supprime toutes les références externes. */ +static void g_dwarfv2_format_dispose(GDwarfV2Format *); + +/* Procède à la libération totale de la mémoire. */ +static void g_dwarfv2_format_finalize(GDwarfV2Format *); + + + +/* Indique le type défini pour un format de débogage DWARF v2. */ +G_DEFINE_TYPE(GDwarfV2Format, g_dwarfv2_format, G_TYPE_DWARF_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats de débogage DWARF v2. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + GDwarfFormatClass *dwarf; /* Version parente de la classe*/ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv2_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_dwarfv2_format_finalize; + + dwarf = G_DWARF_FORMAT_CLASS(klass); + + dwarf->read_form = (read_form_value_fc)read_dwarf_v2_form_value; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format de débogage DWARF v2. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_init(GDwarfV2Format *format) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_dispose(GDwarfV2Format *format) +{ + G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_finalize(GDwarfV2Format *format) +{ + G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * + status = barre de statut à tenir informée. * +* * +* Description : Prend en charge un nouveau format DWARF (v2). * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinFormat *g_dwarfv2_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) +{ + GDwarfV2Format *result; /* Structure à retourner */ + + result = g_object_new(G_TYPE_DWARFV2_FORMAT, NULL); + + + + g_binary_format_set_content(G_BIN_FORMAT(result), content); + + + + return G_BIN_FORMAT(result); + +} diff --git a/plugins/dwarf/v2/dwarf.h b/plugins/dwarf/v2/dwarf.h new file mode 100644 index 0000000..f3b3501 --- /dev/null +++ b/plugins/dwarf/v2/dwarf.h @@ -0,0 +1,58 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.h - prototypes pour le support du format DWARF v2 + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_V2_DWARF_H +#define _FORMAT_DWARF_V2_DWARF_H + + +#include + + +#include "../../../core/formats.h" + + + +#define G_TYPE_DWARFV2_FORMAT g_dwarfv2_format_get_type() +#define G_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv2_format_get_type(), GDwarfV2Format)) +#define G_IS_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv2_format_get_type())) +#define G_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) +#define G_IS_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV2_FORMAT)) +#define G_DWARFV2_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) + + +/* Format de débogage DWARF v2 (instance) */ +typedef struct _GDwarfV2Format GDwarfV2Format; + +/* Format de débogage DWARF v2 (classe) */ +typedef struct _GDwarfV2FormatClass GDwarfV2FormatClass; + + +/* Indique le type défini pour un format de débogage DWARF v2. */ +GType g_dwarfv2_format_get_type(void); + +/* Prend en charge un nouveau format DWARF (v2). */ +GBinFormat *g_dwarfv2_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); + + + +#endif /* _FORMAT_DWARF_V2_DWARF_H */ diff --git a/plugins/dwarf/v2/form.c b/plugins/dwarf/v2/form.c new file mode 100644 index 0000000..7e012b7 --- /dev/null +++ b/plugins/dwarf/v2/form.c @@ -0,0 +1,276 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * form.c - chargement en mémoire des valeurs d'attributs + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "form.h" + + +#include "../dwarf-int.h" + + + +/****************************************************************************** +* * +* Paramètres : format = contenu binaire de débogage à parcourir. * +* cu = unité de compilation parente. * +* form = nature de la valeur à lire. * +* pos = tête de lecture au sein des données. [OUT] * +* value = valeur au format donné lue. [OUT] * +* * +* Description : Lit la valeur correspondant à un type donné. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_v2_form_value(const GDwarfFormat *format, const dw_compil_unit_header *cu, DwarfForm form, vmpa2t *pos, dw_v2_form_value *value) +{ + bool result; /* Bilan de lecture à renvoyer */ + GBinContent *content; /* Contenu binaire à parcourir */ + SourceEndian endian; /* Boutisme des enregistrements*/ + GExeFormat *exe; /* Format d'exécutable rattaché*/ + const bin_t *tmp; /* Données quelconques */ + uint8_t tmp8; /* Données sur 8 bits */ + uint16_t tmp16; /* Données sur 16 bits */ + uint32_t tmp32; /* Données sur 32 bits */ + uint64_t tmp64; /* Données sur 64 bits */ + uleb128_t tmpuleb; /* Données sur xxx bits */ + phys_t offset; /* Décalage à appliquer */ + mrange_t range; /* Couverture d'une section */ + vmpa2t iter; /* Point de lecture parallèle */ + + content = G_BIN_FORMAT(format)->content; + endian = g_binary_format_get_endianness(G_BIN_FORMAT(format)); + exe = G_DBG_FORMAT(format)->executable; + + switch (form) + { + case DW_FORM_addr: + + switch (cu->address_size) + { + case 2: + result = g_binary_content_read_u16(content, pos, endian, &tmp16); + if (result) value->address = tmp16; + break; + case 4: + result = g_binary_content_read_u32(content, pos, endian, &tmp32); + if (result) value->address = tmp32; + break; + case 8: + result = g_binary_content_read_u64(content, pos, endian, &tmp64); + if (result) value->address = tmp64; + break; + default: + result = false; + break; + } + break; + + case DW_FORM_block2: + result = g_binary_content_read_u16(content, pos, endian, &tmp16); + if (result) + { + value->block.size = tmp16; + goto block_finish; + } + break; + + case DW_FORM_block4: + result = g_binary_content_read_u32(content, pos, endian, &tmp32); + if (result) + { + value->block.size = tmp32; + goto block_finish; + } + break; + + case DW_FORM_data2: + result = g_binary_content_read_u16(content, pos, endian, &value->data2); + break; + + case DW_FORM_data4: + result = g_binary_content_read_u32(content, pos, endian, &value->data4); + break; + + case DW_FORM_data8: + result = g_binary_content_read_u64(content, pos, endian, &value->data8); + break; + + case DW_FORM_string: + + tmp = g_binary_content_get_raw_access(content, pos, 1); + result = (tmp != NULL); + + if (result) + { + value->string = (const char *)tmp; + + while (result && *tmp != '\0') + { + tmp = g_binary_content_get_raw_access(content, pos, 1); + result = (tmp != NULL); + } + + } + + break; + + case DW_FORM_block: + + tmpuleb = 0; /* Pour GCC */ + + result = g_binary_content_read_uleb128(content, pos, &tmpuleb); + if (!result) break; + + value->block.size = tmpuleb; + + block_finish: + + value->block.start = g_binary_content_get_raw_access(content, pos, value->block.size); + + result = (value->block.start != NULL); + break; + + case DW_FORM_block1: + result = g_binary_content_read_u8(content, pos, &tmp8); + if (result) + { + value->block.size = tmp8; + goto block_finish; + } + break; + + case DW_FORM_data1: + result = g_binary_content_read_u8(content, pos, &value->data1); + break; + + case DW_FORM_flag: + result = g_binary_content_read_u8(content, pos, &value->flag); + break; + + case DW_FORM_sdata: + result = g_binary_content_read_leb128(content, pos, &value->sdata); + break; + + case DW_FORM_strp: + + /* Définition des positions */ + + if (cu->is_32b) + { + result = g_binary_content_read_u32(content, pos, endian, &tmp32); + offset = tmp32; + } + else + { + result = g_binary_content_read_u64(content, pos, endian, &tmp64); + offset = tmp64; + } + + /* Lecture dans la section adaptée */ + + if (result) + result = g_exe_format_get_section_range_by_name(exe, ".debug_str", &range); + + if (result) + { + copy_vmpa(&iter, get_mrange_addr(&range)); + + result = g_binary_content_seek(content, &iter, offset); + + if (!result) + break; + + tmp = g_binary_content_get_raw_access(content, &iter, 1); + result = (tmp != NULL); + + if (result) + { + value->string = (const char *)tmp; + + while (result && *tmp != '\0') + { + tmp = g_binary_content_get_raw_access(content, &iter, 1); + result = (tmp != NULL); + } + + } + + } + + break; + + case DW_FORM_udata: + result = g_binary_content_read_uleb128(content, pos, &value->udata); + break; + + + + + + + + + + + + case DW_FORM_ref1: + result = g_binary_content_read_u8(content, pos, &value->ref1); + break; + + case DW_FORM_ref2: + result = g_binary_content_read_u16(content, pos, endian, &value->ref2); + break; + + case DW_FORM_ref4: + result = g_binary_content_read_u32(content, pos, endian, &value->ref4); + break; + + case DW_FORM_ref8: + result = g_binary_content_read_u64(content, pos, endian, &value->ref8); + break; + + case DW_FORM_ref_udata: + result = g_binary_content_read_uleb128(content, pos, &value->ref_udata); + break; + + + + + + + + + + + default: + result = false; + break; + + } + + return result; + +} diff --git a/plugins/dwarf/v2/form.h b/plugins/dwarf/v2/form.h new file mode 100644 index 0000000..a124e67 --- /dev/null +++ b/plugins/dwarf/v2/form.h @@ -0,0 +1,39 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * form.h - prototypes pour le chargement en mémoire des valeurs d'attributs + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_V2_FORM_H +#define _FORMAT_DWARF_V2_FORM_H + + +#include "../dwarf.h" +#include "../dwarf_def.h" +#include "../../../analysis/content.h" + + + +/* Lit la valeur correspondant à un type donné. */ +bool read_dwarf_v2_form_value(const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_v2_form_value *); + + + +#endif /* _FORMAT_DWARF_V2_FORM_H */ diff --git a/plugins/dwarf/v3/Makefile.am b/plugins/dwarf/v3/Makefile.am new file mode 100644 index 0000000..f6c12c3 --- /dev/null +++ b/plugins/dwarf/v3/Makefile.am @@ -0,0 +1,17 @@ + +noinst_LTLIBRARIES = libformatdwarfv3.la + +libformatdwarfv3_la_SOURCES = \ + dwarf.h dwarf.c + +libformatdwarfv3_la_LDFLAGS = $(LIBGTK_LIBS) + + +devdir = $(includedir)/chrysalide/$(subdir:src/%=%) + +dev_HEADERS = $(libformatdwarfv3_la_SOURCES:%c=) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/dwarf/v3/dwarf.c b/plugins/dwarf/v3/dwarf.c new file mode 100644 index 0000000..942c289 --- /dev/null +++ b/plugins/dwarf/v3/dwarf.c @@ -0,0 +1,172 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.c - support du format DWARF v3 + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "dwarf.h" + + +#include "../dwarf-int.h" + + + +/* Format de débogage DWARF v3 (instance) */ +struct _GDwarfV3Format +{ + GDwarfFormat parent; /* A laisser en premier */ + +}; + +/* Format de débogage DWARF v3 (classe) */ +struct _GDwarfV3FormatClass +{ + GDwarfFormatClass parent; /* A laisser en premier */ + +}; + + +/* Initialise la classe des formats de débogage DWARF v3. */ +static void g_dwarfv3_format_class_init(GDwarfV3FormatClass *); + +/* Initialise une instance de format de débogage DWARF v3. */ +static void g_dwarfv3_format_init(GDwarfV3Format *); + +/* Supprime toutes les références externes. */ +static void g_dwarfv3_format_dispose(GDwarfV3Format *); + +/* Procède à la libération totale de la mémoire. */ +static void g_dwarfv3_format_finalize(GDwarfV3Format *); + + + +/* Indique le type défini pour un format de débogage DWARF v3. */ +G_DEFINE_TYPE(GDwarfV3Format, g_dwarfv3_format, G_TYPE_DWARF_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats de débogage DWARF v3. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv3_format_class_init(GDwarfV3FormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv3_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_dwarfv3_format_finalize; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format de débogage DWARF v3. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv3_format_init(GDwarfV3Format *format) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv3_format_dispose(GDwarfV3Format *format) +{ + G_OBJECT_CLASS(g_dwarfv3_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv3_format_finalize(GDwarfV3Format *format) +{ + G_OBJECT_CLASS(g_dwarfv3_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * + status = barre de statut à tenir informée. * +* * +* Description : Prend en charge un nouveau format DWARF (v3). * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinFormat *g_dwarfv3_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) +{ + GDwarfV3Format *result; /* Structure à retourner */ + + result = g_object_new(G_TYPE_DWARFV3_FORMAT, NULL); + + + + g_binary_format_set_content(G_BIN_FORMAT(result), content); + + + + return G_BIN_FORMAT(result); + +} diff --git a/plugins/dwarf/v3/dwarf.h b/plugins/dwarf/v3/dwarf.h new file mode 100644 index 0000000..5042b89 --- /dev/null +++ b/plugins/dwarf/v3/dwarf.h @@ -0,0 +1,58 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.h - prototypes pour le support du format DWARF v3 + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_V3_DWARF_H +#define _FORMAT_DWARF_V3_DWARF_H + + +#include + + +#include "../../../core/formats.h" + + + +#define G_TYPE_DWARFV3_FORMAT g_dwarfv3_format_get_type() +#define G_DWARFV3_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv3_format_get_type(), GDwarfV3Format)) +#define G_IS_DWARFV3_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv3_format_get_type())) +#define G_DWARFV3_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV3_FORMAT, GDwarfV3FormatClass)) +#define G_IS_DWARFV3_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV3_FORMAT)) +#define G_DWARFV3_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV3_FORMAT, GDwarfV3FormatClass)) + + +/* Format de débogage DWARF v3 (instance) */ +typedef struct _GDwarfV3Format GDwarfV3Format; + +/* Format de débogage DWARF v3 (classe) */ +typedef struct _GDwarfV3FormatClass GDwarfV3FormatClass; + + +/* Indique le type défini pour un format de débogage DWARF v3. */ +GType g_dwarfv3_format_get_type(void); + +/* Prend en charge un nouveau format DWARF (v3). */ +GBinFormat *g_dwarfv3_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); + + + +#endif /* _FORMAT_DWARF_V3_DWARF_H */ diff --git a/plugins/dwarf/v4/Makefile.am b/plugins/dwarf/v4/Makefile.am new file mode 100644 index 0000000..ca77923 --- /dev/null +++ b/plugins/dwarf/v4/Makefile.am @@ -0,0 +1,18 @@ + +noinst_LTLIBRARIES = libformatdwarfv4.la + +libformatdwarfv4_la_SOURCES = \ + dwarf.h dwarf.c \ + form.h form.c + +libformatdwarfv4_la_LDFLAGS = $(LIBGTK_LIBS) + + +devdir = $(includedir)/chrysalide/$(subdir:src/%=%) + +dev_HEADERS = $(libformatdwarfv4_la_SOURCES:%c=) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/plugins/dwarf/v4/dwarf.c b/plugins/dwarf/v4/dwarf.c new file mode 100644 index 0000000..a220aff --- /dev/null +++ b/plugins/dwarf/v4/dwarf.c @@ -0,0 +1,182 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.c - support du format DWARF v4 + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "dwarf.h" + + +#include "../dwarf-int.h" + + +#include "form.h" + + + +/* Format de débogage DWARF v4 (instance) */ +struct _GDwarfV4Format +{ + GDwarfFormat parent; /* A laisser en premier */ + +}; + +/* Format de débogage DWARF v4 (classe) */ +struct _GDwarfV4FormatClass +{ + GDwarfFormatClass parent; /* A laisser en premier */ + +}; + + +/* Initialise la classe des formats de débogage DWARF v4. */ +static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *); + +/* Initialise une instance de format de débogage DWARF v4. */ +static void g_dwarfv4_format_init(GDwarfV4Format *); + +/* Supprime toutes les références externes. */ +static void g_dwarfv4_format_dispose(GDwarfV4Format *); + +/* Procède à la libération totale de la mémoire. */ +static void g_dwarfv4_format_finalize(GDwarfV4Format *); + + + +/* Indique le type défini pour un format de débogage DWARF v4. */ +G_DEFINE_TYPE(GDwarfV4Format, g_dwarfv4_format, G_TYPE_DWARF_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats de débogage DWARF v4. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + GDwarfFormatClass *dwarf; /* Version parente de la classe*/ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv4_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_dwarfv4_format_finalize; + + dwarf = G_DWARF_FORMAT_CLASS(klass); + + dwarf->read_form = (read_form_value_fc)read_dwarf_v4_form_value; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format de débogage DWARF v4. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv4_format_init(GDwarfV4Format *format) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv4_format_dispose(GDwarfV4Format *format) +{ + G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv4_format_finalize(GDwarfV4Format *format) +{ + G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * + status = barre de statut à tenir informée. * +* * +* Description : Prend en charge un nouveau format DWARF (v4). * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinFormat *g_dwarfv4_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) +{ + GDwarfV4Format *result; /* Structure à retourner */ + + result = g_object_new(G_TYPE_DWARFV4_FORMAT, NULL); + + g_binary_format_set_content(G_BIN_FORMAT(result), content); + + if (!g_dwarf_format_load(G_DWARF_FORMAT(result), parent)) + { + g_object_unref(G_OBJECT(result)); + result = NULL; + } + + return G_BIN_FORMAT(result); + +} diff --git a/plugins/dwarf/v4/dwarf.h b/plugins/dwarf/v4/dwarf.h new file mode 100644 index 0000000..89135e3 --- /dev/null +++ b/plugins/dwarf/v4/dwarf.h @@ -0,0 +1,58 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.h - prototypes pour le support du format DWARF v4 + * + * Copyright (C) 2015-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_V4_DWARF_H +#define _FORMAT_DWARF_V4_DWARF_H + + +#include + + +#include "../../../core/formats.h" + + + +#define G_TYPE_DWARFV4_FORMAT g_dwarfv4_format_get_type() +#define G_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv4_format_get_type(), GDwarfV4Format)) +#define G_IS_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv4_format_get_type())) +#define G_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass)) +#define G_IS_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV4_FORMAT)) +#define G_DWARFV4_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass)) + + +/* Format de débogage DWARF v4 (instance) */ +typedef struct _GDwarfV4Format GDwarfV4Format; + +/* Format de débogage DWARF v4 (classe) */ +typedef struct _GDwarfV4FormatClass GDwarfV4FormatClass; + + +/* Indique le type défini pour un format de débogage DWARF v4. */ +GType g_dwarfv4_format_get_type(void); + +/* Prend en charge un nouveau format DWARF (v4). */ +GBinFormat *g_dwarfv4_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); + + + +#endif /* _FORMAT_DWARF_V4_DWARF_H */ diff --git a/plugins/dwarf/v4/form.c b/plugins/dwarf/v4/form.c new file mode 100644 index 0000000..80dbf1e --- /dev/null +++ b/plugins/dwarf/v4/form.c @@ -0,0 +1,106 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * form.c - chargement en mémoire des valeurs d'attributs + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#include "form.h" + + +#include "../dwarf-int.h" +#include "../v2/form.h" + + + +/****************************************************************************** +* * +* Paramètres : format = contenu binaire de débogage à parcourir. * +* cu = unité de compilation parente. * +* form = nature de la valeur à lire. * +* pos = tête de lecture au sein des données. [OUT] * +* value = valeur au format donné lue. [OUT] * +* * +* Description : Lit la valeur correspondant à un type donné. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_v4_form_value(const GDwarfFormat *format, const dw_compil_unit_header *cu, DwarfForm form, vmpa2t *pos, dw_v4_form_value *value) +{ + bool result; /* Bilan de lecture à renvoyer */ + GBinContent *content; /* Contenu binaire à parcourir */ + SourceEndian endian; /* Boutisme des enregistrements*/ + uint32_t tmp32; /* Données sur 32 bits */ + uint64_t tmp64; /* Données sur 64 bits */ + uleb128_t tmpuleb; /* Données sur xxx bits */ + + content = G_BIN_FORMAT(format)->content; + endian = g_binary_format_get_endianness(G_BIN_FORMAT(format)); + + switch (form) + { + case DW_FORM_sec_offset: + + if (cu->is_32b) + { + result = g_binary_content_read_u32(content, pos, endian, &tmp32); + tmp64 = tmp32; + } + else + result = g_binary_content_read_u64(content, pos, endian, &tmp64); + + value->sec_offset = tmp64; + break; + + case DW_FORM_exprloc: + + tmpuleb = 0; /* Pour GCC */ + + result = g_binary_content_read_uleb128(content, pos, &tmpuleb); + if (!result) break; + + value->expr.size = tmpuleb; + + value->expr.start = g_binary_content_get_raw_access(content, pos, value->expr.size); + result = (value->expr.start != NULL); + + break; + + case DW_FORM_flag_present: + result = true; + value->has_flag = true; + break; + + case DW_FORM_ref_sig8: + result = g_binary_content_read_u64(content, pos, endian, &value->signature); + break; + + default: + result = read_dwarf_v2_form_value(format, cu, form, pos, &value->v2); + break; + + } + + return result; + +} diff --git a/plugins/dwarf/v4/form.h b/plugins/dwarf/v4/form.h new file mode 100644 index 0000000..053b693 --- /dev/null +++ b/plugins/dwarf/v4/form.h @@ -0,0 +1,39 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * form.h - prototypes pour le chargement en mémoire des valeurs d'attributs + * + * Copyright (C) 2016-2017 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * Chrysalide is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * Chrysalide is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Chrysalide. If not, see . + */ + + +#ifndef _FORMAT_DWARF_V4_FORM_H +#define _FORMAT_DWARF_V4_FORM_H + + +#include "../dwarf.h" +#include "../dwarf_def.h" +#include "../../../analysis/content.h" + + + +/* Lit la valeur correspondant à un type donné. */ +bool read_dwarf_v4_form_value(const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_v4_form_value *); + + + +#endif /* _FORMAT_DWARF_V4_FORM_H */ diff --git a/src/format/Makefile.am b/src/format/Makefile.am index 24f03da..841bf12 100644 --- a/src/format/Makefile.am +++ b/src/format/Makefile.am @@ -31,4 +31,4 @@ AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) -# SUBDIRS = dwarf java pe +# SUBDIRS = java pe diff --git a/src/format/dwarf/Makefile.am b/src/format/dwarf/Makefile.am deleted file mode 100644 index 3020643..0000000 --- a/src/format/dwarf/Makefile.am +++ /dev/null @@ -1,39 +0,0 @@ - -noinst_LTLIBRARIES = libformatdwarf.la - -libformatdwarf_la_SOURCES = \ - abbrev.h abbrev.c \ - die.h die.c \ - dwarf.h dwarf.c \ - dwarf-int.h dwarf-int.c \ - dwarf_def.h \ - form.h form.c \ - info.h info.c \ - symbols.h symbols.c - -# libformatdwarf_la_SOURCES = \ -# abbrev.h abbrev.c \ -# dwarf.h dwarf.c \ -# d_dwarf.h d_dwarf.c \ -# dwarf_def.h \ -# info.h info.c \ -# utils.h utils.c - -libformatdwarf_la_LIBADD = \ - v2/libformatdwarfv2.la \ - v3/libformatdwarfv3.la \ - v4/libformatdwarfv4.la - -libformatdwarf_la_LDFLAGS = $(LIBGTK_LIBS) - - -devdir = $(includedir)/chrysalide/$(subdir:src/%=%) - -dev_HEADERS = $(libformatdwarf_la_SOURCES:%c=) - - -AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) - -AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) - -SUBDIRS = v2 v3 v4 diff --git a/src/format/dwarf/abbrev.c b/src/format/dwarf/abbrev.c deleted file mode 100644 index f214430..0000000 --- a/src/format/dwarf/abbrev.c +++ /dev/null @@ -1,1390 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * abbrev.c - manipulation des abréviation DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "abbrev.h" - - -#include - - -#include "dwarf-int.h" - - - - - -/* Description d'un attribut d'une abréviation */ -typedef struct _dw_abbrev_attr -{ - DwarfAttrib name; /* Sujet de l'élément */ - DwarfForm form; /* Représentation */ - -} dw_abbrev_attr; - - -/* Description d'une abréviation */ -struct _dw_abbrev -{ - uleb128_t code; /* Identifiant attribué */ - DwarfTag tag; /* Sujet de l'élément */ - - dw_abbrev_attr *attribs; /* Liste des attributs */ - size_t attribs_count; /* Nombre de ces attributs */ - - struct _dw_abbrev **children; /* Liste des sous-éléments */ - size_t children_count; /* Nombre de ces enfants */ - -}; - - - - - -/* Procède à la conversion de base d'une abréviation DWARF. */ -static bool check_abbreviation_decl(const GDwarfFormat *, const dw_abbrev_decl *, dw_abbrev *); - -/* Procède à la conversion d'un attribut d'abréviation DWARF. */ -static bool check_abbreviation_attrib(const GDwarfFormat *, const dw_abbrev_raw_attr *, dw_abbrev_attr *); - - - - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à constituer. * -* * -* Description : Charge toutes les abbréviations présentes dans un DWARF. * -* * -* Retour : Bilan de l'opération, potentiellement un succès sans sortie. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool load_all_dwarf_abbreviations(GDwarfFormat *format) -{ - bool result; /* Bilan à faire remonter */ - mrange_t range; /* Couverture d'une section */ - vmpa2t *pos; /* Position de tête de lecture */ - - result = g_exe_format_get_section_range_by_name(G_DBG_FORMAT(format)->executable, ".debug_abbrev", &range); - - pos = get_mrange_addr(&range); - - printf("start :: 0x%08x\n", (unsigned int)pos->physical); - - result &= load_dwarf_abbreviation(format, pos, &format->abbreviations); - - printf("abbrevs :: %p\n", format->abbreviations); - - if (format->abbreviations != NULL) - printf(" -> children : %zu\n", format->abbreviations->children_count); - else - printf(" -> (nothing)\n"); - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à consulter. * -* pos = tête de lecture à faire évoluer. * -* abbrev = abréviation lue et complète, NULL si aucune. [OUT] * -* * -* Description : Charge une abréviation valide pour un DWARF en mémoire. * -* * -* Retour : Bilan de l'opération, potentiellement un succès sans sortie. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool load_dwarf_abbreviation(const GDwarfFormat *format, vmpa2t *pos, dw_abbrev **abbrev) -{ - dw_abbrev_decl decl; /* En-tête d'abréviation */ - bool status; /* Bilan d'une lecture */ - dw_abbrev_raw_attr attr; /* Attribut de l'abréviation */ - dw_abbrev *child; /* Rejeton à intégrer */ - - *abbrev = NULL; - - /** - * Cette routine est la transcription du paragraphe 7.5.3 ("Abbreviations Tables"), - * de la quatrième version de la définition du format DWARF. - * - * La spécification précise : - * - * As mentioned in Section 2.3, each chain of sibling entries is terminated by a null entry. - * - * Cependant, ce formalisme n'est pas constaté dans la pratique. D'ailleurs, readelf - * comporte le commentaire suivant dans le fichier 'dwarf_reader.cc' : - * - * Read the abbrev code. A zero here indicates the end of the abbrev table. - * - */ - - if (!read_dwarf_abbrev_decl(format, pos, &decl)) - goto lda_bad_exit; - - if (decl.code == 0) - goto lda_exit; - - *abbrev = (dw_abbrev *)calloc(1, sizeof(dw_abbrev)); - - if (!check_abbreviation_decl(format, &decl, *abbrev)) - goto lda_bad_exit; - - /* Chargement des attributs */ - - for (;;) - { - status = read_dwarf_abbrev_attr(format, pos, &attr); - if (!status) goto lda_bad_exit; - - printf(" -- [0x%llx] [0x%llx] name = %u\tform = %u\n", - (unsigned long long)pos->physical, - (unsigned long long)decl.code, - (unsigned int)attr.name, (unsigned int)attr.form); - - if (attr.name == DW_ATTR_invalid && attr.form == DW_FORM_invalid) - break; - - (*abbrev)->attribs_count++; - (*abbrev)->attribs = (dw_abbrev_attr *)realloc((*abbrev)->attribs, - (*abbrev)->attribs_count * sizeof(dw_abbrev_attr)); - - status = check_abbreviation_attrib(format, &attr, - &(*abbrev)->attribs[(*abbrev)->attribs_count - 1]); - if (!status) goto lda_bad_exit; - - } - - /* Chargement des enfants */ - - printf(" || children ? %d vs %d\n", (int)decl.has_children, (int)DW_CHILDREN_yes); - - if (decl.has_children == DW_CHILDREN_yes) - for (;;) - { - status = load_dwarf_abbreviation(format, pos, &child); - if (!status) goto lda_bad_exit; - - if (child == NULL) - break; - - (*abbrev)->children_count++; - (*abbrev)->children = (dw_abbrev **)realloc((*abbrev)->children, - (*abbrev)->children_count * sizeof(dw_abbrev)); - - (*abbrev)->children[(*abbrev)->children_count - 1] = child; - - } - - lda_exit: - - return true; - - lda_bad_exit: - - free_dwarf_abbreviation(*abbrev); - - return false; - -} - - -/****************************************************************************** -* * -* Paramètres : abbrev = abréviation chargée en mémoire à traiter. * -* * -* Description : Supprime de la mémoire toute trace d'une abréviation DWARF. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -void free_dwarf_abbreviation(dw_abbrev *abbrev) -{ - size_t i; /* Boucle de parcours */ - - if (abbrev->attribs != NULL) - free(abbrev->attribs); - - if (abbrev->children != NULL) - { - for (i = 0; i < abbrev->children_count; i++) - free_dwarf_abbreviation(abbrev->children[i]); - - free(abbrev->attribs); - - } - - free(abbrev); - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations chargées à consulter. * -* decl = structure brute dont le contenu est à valider. * -* abbrev = abréviation à constituer à partir du brut. [OUT] * -* * -* Description : Procède à la conversion de base d'une abréviation DWARF. * -* * -* Retour : Validité confirmée ou non. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool check_abbreviation_decl(const GDwarfFormat *format, const dw_abbrev_decl *decl, dw_abbrev *abbrev) -{ - bool result; /* Validité à retourner */ - - result = (decl->has_children == DW_CHILDREN_no - || decl->has_children == DW_CHILDREN_yes); - - - /* TODO : vérifier les bornes de 'tag' */ - - - if (result) - { - abbrev->code = decl->code; - abbrev->tag = decl->tag; - } - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations chargées à consulter. * -* decl = structure brute dont le contenu est à valider. * -* abbrev = abréviation à constituer à partir du brut. [OUT] * -* * -* Description : Procède à la conversion d'un attribut d'abréviation DWARF. * -* * -* Retour : Validité confirmée ou non. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool check_abbreviation_attrib(const GDwarfFormat *format, const dw_abbrev_raw_attr *attr, dw_abbrev_attr *attrib) -{ - bool result; /* Validité à retourner */ - - result = true; - - - /* TODO : vérifier les bornes de 'name' et 'form' */ - - - if (result) - { - attrib->name = attr->name; - attrib->form = attr->form; - - - - } - - return result; - -} - - - - - - - - -/****************************************************************************** -* * -* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * -* * -* Description : Fournit l'étiquette associée à l'ensemble des attributs. * -* * -* Retour : Etiquette officielle de l'ensemble représenté. * -* * -* Remarques : - * -* * -******************************************************************************/ - -DwarfTag dwarf_abbreviation_get_tag(const dw_abbrev *abbrev) -{ - return abbrev->tag; - -} - - -/****************************************************************************** -* * -* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * -* * -* Description : Compte le nombre d'attributs présents dans une abréviation. * -* * -* Retour : Quantité d'attributs pris en compte dans l'abréviation. * -* * -* Remarques : - * -* * -******************************************************************************/ - -size_t dwarf_abbreviation_count_attribs(const dw_abbrev *abbrev) -{ - return abbrev->attribs_count; - -} - - -/****************************************************************************** -* * -* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * -* attrib = désignation de l'attribut à retrouver. * -* index = indice de cet attribut dans l'ensemble. [OUT] * -* * -* Description : Recherche un attribut dans une abréviation. * -* * -* Retour : Indication sur le bilan des recherches. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool dwarf_abbreviation_get_attrib_index(const dw_abbrev *abbrev, DwarfAttrib attrib, size_t *index) -{ - bool result; /* Etat de validité à renvoyer */ - size_t i; /* Boucle de parcours */ - - for (i = 0; i < abbrev->attribs_count; i++) - if (abbrev->attribs[i].name == attrib) - break; - - if (i < abbrev->attribs_count) - { - result = true; - *index = i; - } - else - result = false; - - return result; - -} - - - - - - -/****************************************************************************** -* * -* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * -* attrib = désignation de l'attribut à retrouver. * -* index = indice de cet attribut dans l'ensemble. * -* form = type de valeur attendu pour un attribut donné. [OUT]* -* * -* Description : Détermine le type d'un attribut dans une abréviation. * -* * -* Retour : Indication sur le bilan des accès. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool dwarf_abbreviation_get_form_for_index(const dw_abbrev *abbrev, size_t index, DwarfForm *form) -{ - if (index >= abbrev->attribs_count) - return false; - - *form = abbrev->attribs[index].form; - - return true; - -} - - - - - - -/****************************************************************************** -* * -* Paramètres : abbrev = abréviation chargée en mémoire à consulter. * -* * -* Description : Indique si une abbréviation comporte des sous-définitions. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool dwarf_abbreviation_has_children(const dw_abbrev *abbrev) -{ - return (abbrev->children_count > 0); - -} - - - - - - - - - - - - - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à consulter. * -* code = identifiant de l'abbréviation recherchée. * -* * -* Description : Recherche une abréviation DWARF donnée. * -* * -* Retour : Adresse d'une abréviation ou NULL en cas d'échec. * -* * -* Remarques : - * -* * -******************************************************************************/ - -const dw_abbrev *find_dwarf_abbreviations(const GDwarfFormat *format, uleb128_t code) -{ - const dw_abbrev *result; /* Trouvaille à retourner */ - - if (format->abbreviations->code == code) - result = format->abbreviations; - - else - { - const dw_abbrev *_find_dwarf_abbreviations(const dw_abbrev *abbrev, uleb128_t c) - { - const dw_abbrev *found; /* Trouvaille à retourner */ - size_t i; /* Boucle de parcours */ - - if (abbrev->code == c) - found = abbrev; - else - { - found = NULL; - - for (i = 0; i < abbrev->children_count && found == NULL; i++) - found = _find_dwarf_abbreviations(abbrev->children[i], c); - - } - - return found; - - } - - result = _find_dwarf_abbreviations(format->abbreviations, code); - - } - - return result; - -} - - - - - - - - - -/****************************************************************************** -* * -* Paramètres : format = contenu binaire de débogage à parcourir. * -* cu = unité de compilation parente. * -* form = nature de la valeur à lire. * -* pos = tête de lecture au sein des données. [OUT] * -* value = valeur au format donné lue. [OUT] * -* * -* Description : Lit la valeur correspondant à un type donné. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -dw_value *translate_abbreviation_attributes(const GDwarfFormat *format, const dw_abbrev *abbrev, const dw_compil_unit_header *cu, vmpa2t *pos) -{ - dw_value *result; /* Valeurs lues retournées */ - size_t i; /* Boucle de parcours */ - bool status; /* Bilan d'une lecture */ - - result = (dw_value *)calloc(abbrev->attribs_count, sizeof(dw_value)); - - for (i = 0; i < abbrev->attribs_count; i++) - { - result[i].attrib = abbrev->attribs[i].name; - - printf("-- loading attrib %x (%u) -- form = %x (%u) -- pos = %llx --\n", - (unsigned int)abbrev->attribs[i].name, - (unsigned int)abbrev->attribs[i].name, - (unsigned int)abbrev->attribs[i].form, - (unsigned int)abbrev->attribs[i].form, - (unsigned long long)(pos->physical - 0x1039)); - - status = G_DWARF_FORMAT_GET_CLASS(format)->read_form(format, cu, - abbrev->attribs[i].form, pos, &result[i].value); - if (!status) printf("[%zu] failed for %x\n", i, abbrev->attribs[i].form); - if (status) printf("[%zu] success for %x\n", i, abbrev->attribs[i].form); - printf(" current pos :: %llx\n", (unsigned long long)(pos->physical - 0x1039)); - if (!status) break; - - } - - if (i != abbrev->attribs_count) - { - free(result); - result = NULL; - } - - return result; - -} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -#if 0 - -#include -#include -#include - - -#include "utils.h" - - - -#include - - - -/* Libère de la mémoire une abréviation DWARF. */ -void free_dwarf_abbrev(dw_abbrev *); - -/* Charge une abréviations DWARF. */ -dw_abbrev *read_dwarf_abbreviations(dwarf_format *, off_t *, uint64_t *); - -/* Recherche une abréviation DWARF donnée. */ -const dw_abbrev *_find_dwarf_abbreviations(const dw_abbrev *, uint8_t *); - -/* Lit la valeur d'un attribut DWARF. */ -bool _read_dwarf_abbrev_attribute(dwarf_format *, off_t *, DwarfForm, ...); - - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* * -* Description : Charge les abréviations trouvées pour un DWARF. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool load_dwarf_abbreviations(dwarf_format *format) -{ - bool result; /* Bilan à renvoyer */ - - - - - off_t offset; - off_t start; - off_t size; - - bool test; - - int i; - - - dw_abbrev *abbrev; - uint64_t index; - - printf("Searching...\n"); - - - result = true; - - test = find_exe_section(DBG_FORMAT(format)->e_format, ".debug_abbrev", &start, &size, NULL); - - offset = start; - - - printf(" -> offset=%d size=%d\n", offset, size); - - - - for (i = 0; i < size; i++) - { - if (i % 10 == 0) printf("\n"); - printf("0x%02hhx ", DBG_FORMAT(format)->content[offset + i]); - } - - printf("\n"); - - - - - while (offset < (start + size)) - { - abbrev = read_dwarf_abbreviations(format, &offset, &index); - - offset++; /* 0x00 */ - - printf("abbrev :: %p\n", abbrev); - - if (abbrev != NULL) - { - abbrev->offset -= start; - - format->abbrevs = (dw_abbrev **)realloc(format->abbrevs, ++format->abbrevs_count * sizeof(dw_abbrev *)); - format->abbrevs[format->abbrevs_count - 1] = abbrev; - - printf(" %d attribs, %d children\n", abbrev->attribs_count, abbrev->children_count); - - } - else - { - unload_dwarf_abbreviations(format); - result = false; - break; - } - - } - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à effacer. * -* * -* Description : Décharge les abréviations trouvées pour un DWARF. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -void unload_dwarf_abbreviations(dwarf_format *format) -{ - size_t i; /* Boucle de parcours */ - - for (i = 0; i < format->abbrevs_count; i++) - free_dwarf_abbrev(format->abbrevs[i]); - -} - - -/****************************************************************************** -* * -* Paramètres : abbrev = élément à supprimer de la mémoire. * -* * -* Description : Libère de la mémoire une abréviation DWARF. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -void free_dwarf_abbrev(dw_abbrev *abbrev) -{ - size_t i; /* Boucle de parcours */ - - for (i = 0; i < abbrev->children_count; i++) - free_dwarf_abbrev(abbrev->children[i]); - - free(abbrev->attribs); - free(abbrev->children); - - free(abbrev); - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* index = code de l'abréviation. [OUT] * -* * -* Description : Charge une abréviation DWARF. * -* * -* Retour : Adresse d'une abréviation ou NULL en cas d'échec. * -* * -* Remarques : - * -* * -******************************************************************************/ - -dw_abbrev *read_dwarf_abbreviations(dwarf_format *format, off_t *pos, uint64_t *index) -{ - dw_abbrev *result; /* Abréviation à retourner */ - bool has_children; /* Indique la présence de fils */ - uint64_t value1; /* Valeur quelconque lue #1 */ - uint64_t value2; /* Valeur quelconque lue #2 */ - uint64_t sub_index; /* Indice d'un sous-élément */ - dw_abbrev *child; /* Sous-élément à intégrer */ - - result = (dw_abbrev *)calloc(1, sizeof(dw_abbrev)); - - result->offset = *pos; - - /* Code de l'élément */ - if (!read_uleb128(format, pos, index, true)) goto rda_error; - - if (!read_uleb128(format, pos, &value1, true)) goto rda_error; - result->tag = value1; - - printf(" --ta :: 0x%02llx\n", value1); - - if (*pos >= DBG_FORMAT(format)->length) goto rda_error; - has_children = (DBG_FORMAT(format)->content[(*pos)++] == DW_CHILDREN_YES); - - printf(" --ch ? %d\n", has_children); - - /* Liste des attributs */ - - while (DBG_FORMAT(format)->content[*pos] != 0x00) - { - if (!read_uleb128(format, pos, &value1, true)) goto rda_error; - if (!read_uleb128(format, pos, &value2, true)) goto rda_error; - - result->attribs = (dw_abbrev_attr *)realloc(result->attribs, ++result->attribs_count * sizeof(dw_abbrev_attr)); - - result->attribs[result->attribs_count - 1].attrib = value1; - result->attribs[result->attribs_count - 1].form = value2; - - } - - (*pos) += 2; /* 0x00 0x00 */ - - /* Chargement des sous-éléments */ - - if (has_children) - while (DBG_FORMAT(format)->content[*pos] != 0x00) - { - child = read_dwarf_abbreviations(format, pos, &sub_index); - - if (child == NULL) goto rda_error; - - if ((sub_index - *index - 1) != result->children_count) goto rda_error; - - result->children = (dw_abbrev **)realloc(result->children, ++result->children_count * sizeof(dw_abbrev *)); - - result->children[result->children_count - 1] = child; - - } - - return result; - - rda_error: - - free_dwarf_abbrev(result); - - return NULL; - -} - - -/****************************************************************************** -* * -* Paramètres : abbrev = abréviation racine à parcourir. * -* index = code de l'abréviation. [OUT] * -* * -* Description : Recherche une abréviation DWARF donnée. * -* * -* Retour : Adresse d'une abréviation ou NULL en cas d'échec. * -* * -* Remarques : - * -* * -******************************************************************************/ - -const dw_abbrev *_find_dwarf_abbreviations(const dw_abbrev *abbrev, uint8_t *index) -{ - const dw_abbrev *result; /* Structure à retourner */ - size_t i; /* Boucle de parcours */ - - result = NULL; - - if (*index == 0) result = abbrev; - else - for (i = 0; i < abbrev->children_count && result == NULL; i++) - { - (*index)--; - result = _find_dwarf_abbreviations(abbrev->children[i], index); - } - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à consulter. * -* offset = position dans les abréviations. * -* pos = position dans le flux binaire courant. [OUT] * -* * -* Description : Recherche une abréviation DWARF donnée. * -* * -* Retour : Adresse d'une abréviation ou NULL en cas d'échec. * -* * -* Remarques : - * -* * -******************************************************************************/ - -const dw_abbrev *find_dwarf_abbreviations(dwarf_format *format, const off_t *offset, off_t *pos) -{ - const dw_abbrev *result; /* Structure à retourner */ - uint64_t index; /* Code de l'abréviation */ - size_t i; /* Boucle de parcours */ - - result = NULL; - - do - { - if (!read_uleb128(format, pos, &index, true)) - { - printf("error skipping padding...\n"); - return NULL; - } - } - while (index == 0); - - for (i = 0; i < format->abbrevs_count; i++) - if (format->abbrevs[i]->offset == *offset) break; - - if (i < format->abbrevs_count) - { - index--; - result = _find_dwarf_abbreviations(format->abbrevs[i], &index); - } - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : abbrev = informations à parcourir. * -* attrib = attribut visé par la lecture. * -* * -* Description : Indique la présence ou l'absence d'un attribut donné. * -* * -* Retour : true si l'attribut est présent, false sinon. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool test_dwarf_abbrev_attribute(const dw_abbrev *abbrev, DwarfAttrib attrib) -{ - bool result; /* Bilan à retourner */ - size_t i; /* Boucle de parcours */ - - result = false; - - for (i = 0; i < abbrev->attribs_count && !result; i++) - result = (abbrev->attribs[i].attrib == attrib); - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* form = format des données à lire. * -* ... = lieu d'enregistrement ou NULL. [OUT] * -* * -* Description : Lit la valeur d'un attribut DWARF. * -* * -* Retour : true si la lecture est un succès, false sinon. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool _read_dwarf_abbrev_attribute(dwarf_format *format, off_t *pos, DwarfForm form, ...) -{ - bool result; /* Bilan à revoyer */ - va_list ap; /* Adresse fournie en dernier */ - uint8_t *val8; /* Données sur 8 bits */ - uint16_t *val16; /* Données sur 16 bits */ - uint32_t *val32; /* Données sur 32 bits */ - uint64_t *val64; /* Données sur 64 bits */ - uint64_t *sval64; /* Données sur 64 bits (signée)*/ - bool *boolval; /* Valeur booléenne */ - uint8_t tmp8; /* Données sur 8 bits */ - uint16_t tmp16; /* Données sur 16 bits */ - uint32_t tmp32; /* Données sur 32 bits */ - uint64_t tmp64; /* Données sur 64 bits */ - uint64_t stmp64; /* Données sur 64 bits (signée)*/ - uint64_t size_to_read; /* Nombre d'octets à lire */ - off_t offset; /* Décalage dans une zone */ - char **strval; /* Chaîne de caractères */ - size_t length; /* Taille d'une chaîne */ - - va_start(ap, form); - - switch (form) - { - case DWF_ADDR: - result = ((*pos + (format->format == DWF_32_BITS ? 4 : 8)) <= DBG_FORMAT(format)->length); - if (result) - { - val64 = va_arg(ap, uint64_t *); - if (val64 != NULL) - { - if (format->format == DWF_32_BITS) - { - memcpy(&tmp32, &DBG_FORMAT(format)->content[*pos], 4); - *val64 = tmp32; - } - else memcpy(val64, &DBG_FORMAT(format)->content[*pos], 8); - } - *pos += (format->format == DWF_32_BITS ? 4 : 8); - } - break; - - case DWF_BLOCK2: - result = ((*pos + 2) <= DBG_FORMAT(format)->length); - if (result) - { - memcpy(&tmp16, &DBG_FORMAT(format)->content[*pos], 2); - size_to_read = tmp16; - /* ... */ - *pos += 2 + size_to_read; - } - break; - - case DWF_BLOCK4: - result = ((*pos + 4) <= DBG_FORMAT(format)->length); - if (result) - { - memcpy(&tmp32, &DBG_FORMAT(format)->content[*pos], 4); - size_to_read = tmp32; - /* ... */ - *pos += 4 + size_to_read; - } - break; - - case DWF_DATA2: - result = ((*pos + 2) <= DBG_FORMAT(format)->length); - if (result) - { - val16 = va_arg(ap, uint16_t *); - if (val16 != NULL) memcpy(val16, &DBG_FORMAT(format)->content[*pos], 2); - *pos += 2; - } - break; - - case DWF_DATA4: - result = ((*pos + 4) <= DBG_FORMAT(format)->length); - if (result) - { - val32 = va_arg(ap, uint32_t *); - if (val32 != NULL) memcpy(val32, &DBG_FORMAT(format)->content[*pos], 4); - *pos += 4; - } - break; - - case DWF_DATA8: - result = ((*pos + 8) <= DBG_FORMAT(format)->length); - if (result) - { - val64 = va_arg(ap, uint64_t *); - if (val64 != NULL) memcpy(val64, &DBG_FORMAT(format)->content[*pos], 8); - *pos += 8; - } - break; - - case DWF_STRING: - result = ((*pos + 1) <= DBG_FORMAT(format)->length); - if (result) - { - strval = va_arg(ap, char **); - if (strval != NULL) *strval = (char *)calloc(1, sizeof(char)); - length = 0; - - while (result) - { - if (DBG_FORMAT(format)->content[*pos] == '\0') break; - - length++; - - if (strval != NULL) - { - *strval = (char *)realloc(*strval, (length + 1) * sizeof(char)); - (*strval)[length - 1] = DBG_FORMAT(format)->content[*pos]; - } - - result = ((*pos + 1) <= DBG_FORMAT(format)->length); - if (!result) break; - - (*pos)++; - - } - - result = ((*pos + 1) <= DBG_FORMAT(format)->length); - - if (result) - { - (*pos)++; - - if (strval != NULL) - (*strval)[length] = 0; - - } - else if (strval != NULL) - { - free(*strval); - *strval = NULL; - } - - } - - break; - - case DWF_BLOCK: - result = read_uleb128(format, pos, &size_to_read, true); - result &= ((*pos + size_to_read) <= DBG_FORMAT(format)->length); - if (result) - { - /* ... */ - *pos += size_to_read; - } - break; - - case DWF_BLOCK1: - result = ((*pos + 1) <= DBG_FORMAT(format)->length); - if (result) - { - memcpy(&tmp8, &DBG_FORMAT(format)->content[*pos], 1); - size_to_read = tmp8; - /* ... */ - *pos += 1 + size_to_read; - } - break; - - case DWF_DATA1: - result = ((*pos + 1) <= DBG_FORMAT(format)->length); - if (result) - { - val8 = va_arg(ap, uint8_t *); - if (val8 != NULL) memcpy(val8, &DBG_FORMAT(format)->content[*pos], 1); - *pos += 1; - } - break; - - case DWF_FLAG: - result = ((*pos + 1) <= DBG_FORMAT(format)->length); - if (result) - { - boolval = va_arg(ap, bool *); - if (boolval != NULL) *boolval = (DBG_FORMAT(format)->content[*pos] != 0x00); - *pos += 1; - } - break; - - case DWF_SDATA: - sval64 = va_arg(ap, int64_t *); - if (sval64 == NULL) sval64 = &stmp64; - result = read_uleb128(format, pos, sval64, true); - break; - - case DWF_STRP: - result = read_abbrev_offset(format, pos, &offset); - if (result) - { - if (va_arg(ap, bool *) != NULL) - { - printf("TODO\n"); - exit(0); - } - /* - boolval = va_arg(ap, bool *); - if (boolval != NULL) *boolval = (DBG_FORMAT(format)->content[*pos] != 0x00); - */ - } - break; - - case DWF_UDATA: - val64 = va_arg(ap, uint64_t *); - if (val64 == NULL) val64 = &tmp64; - result = read_uleb128(format, pos, val64, true); - break; - - case DWF_REF_ADDR: - result = ((*pos + 4) <= DBG_FORMAT(format)->length); - - printf("bad at %d\n", __LINE__); exit(0); - - break; - - - case DWF_REF1: - result = ((*pos + 1) <= DBG_FORMAT(format)->length); - if (result) - { - val8 = va_arg(ap, uint8_t *); - if (val8 != NULL) memcpy(val8, &DBG_FORMAT(format)->content[*pos], 1); - *pos += 1; - } - break; - - case DWF_REF2: - result = ((*pos + 2) <= DBG_FORMAT(format)->length); - if (result) - { - val16 = va_arg(ap, uint16_t *); - if (val16 != NULL) memcpy(val16, &DBG_FORMAT(format)->content[*pos], 2); - *pos += 2; - } - break; - - case DWF_REF4: - result = ((*pos + 4) <= DBG_FORMAT(format)->length); - if (result) - { - val32 = va_arg(ap, uint32_t *); - if (val32 != NULL) memcpy(val32, &DBG_FORMAT(format)->content[*pos], 4); - *pos += 4; - } - break; - - case DWF_REF8: - result = ((*pos + 8) <= DBG_FORMAT(format)->length); - if (result) - { - val64 = va_arg(ap, uint64_t *); - if (val64 != NULL) memcpy(val64, &DBG_FORMAT(format)->content[*pos], 8); - *pos += 8; - } - break; - - case DWF_REF_UDATA: - result = ((*pos + 4) <= DBG_FORMAT(format)->length); - - printf("bad at %d\n", __LINE__); exit(0); - - break; - - - case DWF_INDIRECT: - result = ((*pos + 4) <= DBG_FORMAT(format)->length); - - printf("bad at %d\n", __LINE__); exit(0); - - break; - - - - - default: - result = false; - break; - - } - - va_end(ap); - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* update = indique si la position est à mettre à jour. * -* abbrev = informations à parcourir. * -* attrib = attribut visé par la lecture. * -* ... = lieu d'enregistrement ou NULL. [OUT] * -* * -* Description : Lit la valeur d'un attribut DWARF. * -* * -* Retour : true si la lecture est un succès, false sinon. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_abbrev_attribute(dwarf_format *format, off_t *pos, bool update, const dw_abbrev *abbrev, DwarfAttrib attrib, ...) -{ - bool result; /* Bilan à retourner */ - off_t curpos; /* Tête de lecture effective */ - size_t i; /* Boucle de parcours */ - va_list ap; /* Adresse fournie en dernier */ - - result = true; - - curpos = *pos; - - for (i = 0; i < abbrev->attribs_count && result; i++) - if (abbrev->attribs[i].attrib == attrib) break; - else result = _read_dwarf_abbrev_attribute(format, &curpos, abbrev->attribs[i].form, NULL); - - if (result) - { - va_start(ap, attrib); - - if (i < abbrev->attribs_count) - result = _read_dwarf_abbrev_attribute(format, &curpos, abbrev->attribs[i].form, va_arg(ap, void *)); - else - result = false; - - va_end(ap); - - } - - if (result && update) *pos = curpos; - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* abbrev = informations à survoler. * -* * -* Description : Fait avancer la tête de lecture d'une seule abréviation. * -* * -* Retour : true si l'opération est un succès, false sinon. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool skip_dwarf_abbrev(dwarf_format *format, off_t *pos, const dw_abbrev *abbrev) -{ - bool result; /* Bilan à revoyer */ - size_t i; /* Boucle de parcours */ - uint64_t index; /* Code de padding */ - - result = true; - - /* Ecartement du corps */ - - for (i = 0; i < abbrev->attribs_count && result; i++) - result = _read_dwarf_abbrev_attribute(format, pos, abbrev->attribs[i].form, NULL); - - /* Ecartement du padding */ - - do - { - if (!read_uleb128(format, pos, &index, false)) - { - printf("error skipping padding...\n"); - return false; - } - - if (index == 0) - read_uleb128(format, pos, &index, true); - - } - while (index == 0); - - return result; - -} - -#endif diff --git a/src/format/dwarf/abbrev.h b/src/format/dwarf/abbrev.h deleted file mode 100644 index b5fe3be..0000000 --- a/src/format/dwarf/abbrev.h +++ /dev/null @@ -1,126 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * abbrev.h - prototypes pour la manipulation des abréviation DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_ABBREV_H -#define _FORMAT_DWARF_ABBREV_H - - -#include - - -#include "dwarf.h" -#include "dwarf_def.h" - - - - -/* Description d'une abréviation */ -typedef struct _dw_abbrev dw_abbrev; - - - - - - - -/* Charge toutes les abbréviations présentes dans un DWARF. */ -bool load_all_dwarf_abbreviations(GDwarfFormat *); - -/* Charge une abréviation valide pour un DWARF en mémoire. */ -bool load_dwarf_abbreviation(const GDwarfFormat *, vmpa2t *, dw_abbrev **); - -/* Supprime de la mémoire toute trace d'une abréviation DWARF. */ -void free_dwarf_abbreviation(dw_abbrev *); - -/* Fournit l'étiquette associée à l'ensemble des attributs. */ -DwarfTag dwarf_abbreviation_get_tag(const dw_abbrev *); - -/* Compte le nombre d'attributs présents dans une abréviation. */ -size_t dwarf_abbreviation_count_attribs(const dw_abbrev *); - -/* Recherche un attribut dans une abréviation. */ -bool dwarf_abbreviation_get_attrib_index(const dw_abbrev *, DwarfAttrib, size_t *); - - -/* Détermine le type d'un attribut dans une abréviation. */ -bool dwarf_abbreviation_get_form_for_index(const dw_abbrev *, size_t, DwarfForm *); - - -/* Indique si une abbréviation comporte des sous-définitions. */ -bool dwarf_abbreviation_has_children(const dw_abbrev *); - - - -/* Recherche une abréviation DWARF donnée. */ -const dw_abbrev *find_dwarf_abbreviations(const GDwarfFormat *, uleb128_t); - -/* Lit la valeur correspondant à un type donné. */ -dw_value *translate_abbreviation_attributes(const GDwarfFormat *, const dw_abbrev *, const dw_compil_unit_header *, vmpa2t *); - - - - - - - - - - - - - -#if 0 - - -#include - - -#include "d_dwarf.h" -#include "dwarf-int.h" - - - -/* Charge les abréviations trouvées pour un DWARF. */ -bool load_dwarf_abbreviations(dwarf_format *); - -/* Décharge les abréviations trouvées pour un DWARF. */ -void unload_dwarf_abbreviations(dwarf_format *); - -/* Recherche une abréviation DWARF donnée. */ -const dw_abbrev *find_dwarf_abbreviations(dwarf_format *, const off_t *, off_t *); - -/* Indique la présence ou l'absence d'un attribut donné. */ -bool test_dwarf_abbrev_attribute(const dw_abbrev *, DwarfAttrib); - -/* Lit la valeur d'un attribut DWARF. */ -bool read_dwarf_abbrev_attribute(dwarf_format *, off_t *, bool, const dw_abbrev *, DwarfAttrib, ...); - -/* Fait avancer la tête de lecture d'une seule abréviation. */ -bool skip_dwarf_abbrev(dwarf_format *, off_t *, const dw_abbrev *); - - -#endif - - - -#endif /* _FORMAT_DWARF_ABBREV_H */ diff --git a/src/format/dwarf/d_dwarf.c b/src/format/dwarf/d_dwarf.c deleted file mode 100644 index 67ab955..0000000 --- a/src/format/dwarf/d_dwarf.c +++ /dev/null @@ -1,114 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * d_dwarf.c - support du format DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "d_dwarf.h" - - -#include - - -#include "abbrev.h" -#include "dwarf-int.h" -#include "info.h" - - - - - - - -/****************************************************************************** -* * -* Paramètres : content = contenu binaire à parcourir. * -* length = taille du contenu en question. * -* e_format = gestionnaire global (partie exécutable). * -* * -* Description : Prend en charge un nouveau DWARF. * -* * -* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* -* * -* Remarques : - * -* * -******************************************************************************/ - -dwarf_format *load_dwarf(const uint8_t *content, off_t length, exe_format *e_format) -{ - dwarf_format *result; /* Structure à retourner */ - bool test; /* Bilan d'une initialisation */ - - result = (dwarf_format *)calloc(1, sizeof(dwarf_format)); - - DBG_FORMAT(result)->content = content; - DBG_FORMAT(result)->length = length; - - DBG_FORMAT(result)->e_format = e_format; - - result->format = DWF_32_BITS; - - test = load_dwarf_abbreviations(result); - - test = load_dwarf_information(result); - - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations chargées à consulter. * -* comments = liste des commentaires à insérer. [OUT] * -* offsets = liste des indices des commentaires. [OUT] * -* * -* Description : Récupère tous les commentaires à insérer dans le code. * -* * -* Retour : Nombre d'éléments mis en place. * -* * -* Remarques : - * -* * -******************************************************************************/ - -size_t get_dwarf_comments(const dwarf_format *format, const char ***comments, uint64_t **offsets) -{ - size_t result; /* Quantité à retourner */ - size_t i; /* Boucle de parcours */ - - result = format->dbg_fc_count; - - if (result > 0) - { - *comments = (char **)calloc(result, sizeof(char *)); - *offsets = (uint64_t *)calloc(result, sizeof(uint64_t)); - - for (i = 0; i < result; i++) - { - (*comments)[i] = format->dbg_functions[i]->prototype; - (*offsets)[i] = format->dbg_functions[i]->low_pc; - } - - } - - return result; - -} diff --git a/src/format/dwarf/d_dwarf.h b/src/format/dwarf/d_dwarf.h deleted file mode 100644 index 4b699ca..0000000 --- a/src/format/dwarf/d_dwarf.h +++ /dev/null @@ -1,50 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * d_dwarf.h - prototypes pour le support du format DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_DWARF_H -#define _FORMAT_DWARF_DWARF_H - - -#include -#include - - -#include "../exe_format.h" - - - -/* Description du format DWARF */ -typedef struct _dwarf_format dwarf_format; - - - -/* Prend en charge un nouveau DWARF. */ -dwarf_format *load_dwarf(const uint8_t *, off_t, exe_format *); - -/* Récupère tous les commentaires à insérer dans le code. */ -size_t get_dwarf_comments(const dwarf_format *, const char ***, uint64_t **); - - - - -#endif /* _FORMAT_DWARF_DWARF_H */ diff --git a/src/format/dwarf/die.c b/src/format/dwarf/die.c deleted file mode 100644 index 0c1887c..0000000 --- a/src/format/dwarf/die.c +++ /dev/null @@ -1,303 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * die.c - gestion des entrées renvoyant à des informations de débogage - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "die.h" - - -#include -#include - - -#include "dwarf-int.h" - - - -/** - * § 2.1 The Debugging Information Entry (DIE). - */ - -typedef struct _dw_die -{ - unsigned int level; /* Niveau hiérarchique */ - phys_t offset; /* Position dans le flux */ - - const dw_abbrev *abbrev; /* Lien vers la représentation */ - - dw_value *values; /* Liste des valeurs associées */ - - bool has_children; /* Feuille ou noeud de l'arbre */ - struct _dw_die **children; /* Liste d'éventuels enfants */ - size_t children_count; /* Taille de cette liste */ - -} dw_die; - - - -/****************************************************************************** -* * -* Paramètres : format = informations chargées à consulter. * -* pos = position de début de lecture. [OUT] * -* endian = boutisme reconnu dans le format. * -* header = en-tête de description de l'unité à traiter. * -* die = emplacement de stockage de l'entrée ou NULL. [OUT] * -* * -* Description : Procède à la lecture de l'en-tête d'une unité de compilation.* -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : Le format autorise à ne rien produire ici légitimement. * -* * -******************************************************************************/ - -bool build_dwarf_die(GDwarfFormat *format, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die **die) -{ - uleb128_t code; /* Code de la description liée */ - bool status; /* Bilan de la lecture */ - const dw_abbrev *abbrev; /* Lien vers la représentation */ - dw_value *values; /* Liste des valeurs associées */ - - *die = NULL; - - /** - * § 7.5.2 Debugging Information Entry. - */ - - status = g_binary_content_read_uleb128(G_BIN_FORMAT(format)->content, pos, &code); - if (!status) return false; - - printf("[ok] code = 0x%llx\n", (unsigned long long)code); - - if (code == 0) return true; - - abbrev = find_dwarf_abbreviations(format, code); - - printf("[ok] abbrev = %p\n", abbrev); - - printf("----------------------\n"); - - - values = translate_abbreviation_attributes(format, abbrev, header, pos); - if (values == NULL) return false; - - printf("[ok] values = %p\n", values); - - - - *die = (dw_die *)calloc(1, sizeof(dw_die)); - - (*die)->abbrev = abbrev; - - (*die)->values = values; - - (*die)->has_children = dwarf_abbreviation_has_children(abbrev); - - - return true; - -} - - -/****************************************************************************** -* * -* Paramètres : die = entrée à libérer de la mémoire. * -* * -* Description : Supprime les éléments mis en place pour une entrée d'info. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -void delete_dwarf_die(dw_die *die) -{ - size_t i; /* Boucle de parcours */ - - if (die->values != NULL) - free(die->values); - - for (i = 0; i < die->children_count; i++) - delete_dwarf_die(die->children[i]); - - if (die->children != NULL) - free(die->children); - - free(die); - -} - - -/****************************************************************************** -* * -* Paramètres : die = entrée à consulter. * -* * -* Description : Fournit un lien vers l'abréviation de représentation. * -* * -* Retour : Structure de représentation en place. * -* * -* Remarques : - * -* * -******************************************************************************/ - -const dw_abbrev *dw_die_get_abbrev(const dw_die *die) -{ - return die->abbrev; - -} - - -/****************************************************************************** -* * -* Paramètres : die = entrée à consulter. * -* index = indice de cet attribut dans l'ensemble. * -* * -* Description : Fournit un lien vers l'abréviation de représentation. * -* * -* Retour : Valeur recherchée ou NULL en cas d'erreur. * -* * -* Remarques : - * -* * -******************************************************************************/ - -const dw_form_value *dw_die_peek_value(const dw_die *die, size_t index) -{ - dw_form_value *result; /* Valeur ciblée à retourner */ - - if (index >= dwarf_abbreviation_count_attribs(die->abbrev)) - return NULL; - - result = &die->values[index].value; - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : die = entrée d'information à consulter. * -* attrib = désignation de l'attribut à retrouver. * -* form = type de valeur attendu pour un attribut donné. [OUT]* -* * -* Description : Fournit un lien vers l'abréviation de représentation. * -* * -* Retour : Valeur recherchée ou NULL en cas d'erreur. * -* * -* Remarques : - * -* * -******************************************************************************/ - -const dw_form_value *dw_die_peek_extended_value(const dw_die *die, DwarfAttrib attrib, DwarfForm *form) -{ - const dw_form_value *result; /* Valeur ciblée à retourner */ - size_t index; /* Indice d'élément à relire */ - bool status; /* Bilan d'une récupération */ - - status = dwarf_abbreviation_get_attrib_index(die->abbrev, attrib, &index); - if (!status) return NULL; - - status = dwarf_abbreviation_get_form_for_index(die->abbrev, index, form); - if (!status) return NULL; - - result = dw_die_peek_value(die, index); - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : die = entrée à consulter. * -* * -* Description : Indique si une entrée de débogage possède des enfants. * -* * -* Retour : true ou false selon la situation. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool dw_die_has_children(const dw_die *die) -{ - return die->has_children; - -} - - -/****************************************************************************** -* * -* Paramètres : die = entrée à consulter. * -* * -* Description : Indique si une entrée de débogage possède des enfants. * -* * -* Retour : true ou false selon la situation. * -* * -* Remarques : - * -* * -******************************************************************************/ - -void dw_die_append_child(dw_die *die, dw_die *child) -{ - assert(die->has_children); - - die->children = (dw_die **)realloc(die->children, ++die->children_count * sizeof(dw_die *)); - - die->children[die->children_count - 1] = child; - -} - - - -/* ---------------------------------------------------------------------------------- */ -/* TRAITEMENT PAR ENSEMBLES */ -/* ---------------------------------------------------------------------------------- */ - - -/****************************************************************************** -* * -* Paramètres : root = entrée première à consulter. * -* visitor = intervention régulière à respecter. * -* data = données quelconques à associer aux visites. * -* * -* Description : Entame une grande tournée de toutes les entrées présentes. * -* * -* Retour : true si l'opération s'est déroulée complètement, false sinon.* -* * -* Remarques : - * -* * -******************************************************************************/ - -bool dw_die_visit(dw_die *root, visit_dies_fc visitor, void *data) -{ - bool result; /* Bilan à retourner */ - size_t i; /* Boucle de parcours */ - - result = visitor(root, data); - - for (i = 0; i < root->children_count && result; i++) - result = dw_die_visit(root->children[i], visitor, data); - - return result; - -} diff --git a/src/format/dwarf/die.h b/src/format/dwarf/die.h deleted file mode 100644 index 8bff4a9..0000000 --- a/src/format/dwarf/die.h +++ /dev/null @@ -1,76 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * die.h - prototypes pour la gestion des entrées renvoyant à des informations de débogage - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_DIE_H -#define _FORMAT_DWARF_DIE_H - - -#include - - -#include "abbrev.h" -#include "dwarf.h" -#include "dwarf_def.h" - - - -/* § 2.1 The Debugging Information Entry (DIE). */ -typedef struct _dw_die dw_die; - - -/* Procède à la lecture de l'en-tête d'une unité de compilation. */ -bool build_dwarf_die(GDwarfFormat *, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die **); - -/* Supprime les éléments mis en place pour une entrée d'info. */ -void delete_dwarf_die(dw_die *); - -/* Fournit un lien vers l'abréviation de représentation. */ -const dw_abbrev *dw_die_get_abbrev(const dw_die *); - -/* Fournit un lien vers l'abréviation de représentation. */ -const dw_form_value *dw_die_peek_value(const dw_die *, size_t); - -/* Fournit un lien vers l'abréviation de représentation. */ -const dw_form_value *dw_die_peek_extended_value(const dw_die *, DwarfAttrib, DwarfForm *); - -/* Indique si une entrée de débogage possède des enfants. */ -bool dw_die_has_children(const dw_die *); - -/* Indique si une entrée de débogage possède des enfants. */ -void dw_die_append_child(dw_die *, dw_die *); - - - -/* ---------------------------- TRAITEMENT PAR ENSEMBLES ---------------------------- */ - - -/* Procédure appelée pour chaque élément recontré pendant une visite. */ -typedef bool (* visit_dies_fc) (const dw_die *, void *); - - -/* Entame une grande tournée de toutes les entrées présentes. */ -bool dw_die_visit(dw_die *, visit_dies_fc, void *); - - - -#endif /* _FORMAT_DWARF_DIE_H */ diff --git a/src/format/dwarf/dwarf-int.c b/src/format/dwarf/dwarf-int.c deleted file mode 100644 index 365414b..0000000 --- a/src/format/dwarf/dwarf-int.c +++ /dev/null @@ -1,207 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf-int.c - structures internes du format DWARF - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "dwarf-int.h" - - - -/****************************************************************************** -* * -* Paramètres : format = informations chargées à consulter. * -* pos = position de début de lecture. [OUT] * -* attr = structure lue à retourner. [OUT] * -* * -* Description : Procède à la lecture d'un attribut d'abréviation DWARF. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_abbrev_attr(const GDwarfFormat *format, vmpa2t *pos, dw_abbrev_raw_attr *attr) -{ - bool result; /* Bilan à retourner */ - const GBinContent *content; /* Contenu binaire à lire */ - - content = G_BIN_FORMAT(format)->content; - - result = g_binary_content_read_uleb128(content, pos, &attr->name); - result &= g_binary_content_read_uleb128(content, pos, &attr->form); - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations chargées à consulter. * -* pos = position de début de lecture. [OUT] * -* decl = structure lue à retourner. [OUT] * -* * -* Description : Procède à la lecture d'une déclaration d'abréviation DWARF. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_abbrev_decl(const GDwarfFormat *format, vmpa2t *pos, dw_abbrev_decl *decl) -{ - bool result; /* Bilan à retourner */ - const GBinContent *content; /* Contenu binaire à lire */ - - content = G_BIN_FORMAT(format)->content; - - result = g_binary_content_read_uleb128(content, pos, &decl->code); - result &= g_binary_content_read_uleb128(content, pos, &decl->tag); - result &= g_binary_content_read_u8(content, pos, &decl->has_children); - - return result; - -} - - - - - - -/****************************************************************************** -* * -* Paramètres : format = informations chargées à consulter. * -* pos = position de début de lecture. [OUT] * -* endian = boutisme reconnu dans le format. * -* header = en-tête à déterminer. [OUT] * -* * -* Description : Procède à la lecture de l'en-tête d'un contenu binaire DWARF.* -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_section_header(GBinContent *content, vmpa2t *pos, SourceEndian endian, dw_section_header *header) -{ - bool result; /* Bilan à retourner */ - uint32_t first; /* Premier paquet d'octets */ - bool status; /* Bilan d'opération */ - - result = false; - - status = g_binary_content_read_u32(content, pos, endian, &first); - if (!status) goto rdsh_exit; - - if (first >= 0xfffffff0 && first != 0xffffffff) - goto rdsh_exit; - - if (first == 0xffffffff) - { - result = g_binary_content_read_u64(content, pos, endian, &header->unit_length); - header->is_32b = false; - } - else - { - result = true; - header->unit_length = first; - header->is_32b = true; - } - - result &= g_binary_content_read_u16(content, pos, endian, &header->version); - - rdsh_exit: - - return result; - -} - - - - - - - - - - - - - - - - -/****************************************************************************** -* * -* Paramètres : format = informations chargées à consulter. * -* pos = position de début de lecture. [OUT] * -* endian = boutisme reconnu dans le format. * -* header = en-tête à déterminer. [OUT] * -* * -* Description : Procède à la lecture de l'en-tête d'une unité de compilation.* -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_compil_unit_header(GBinContent *content, vmpa2t *pos, SourceEndian endian, dw_compil_unit_header *header) -{ - bool result; /* Bilan à retourner */ - uint32_t val32; /* Premier paquet d'octets */ - bool status; /* Bilan d'opération */ - - result = read_dwarf_section_header(content, pos, endian, (dw_section_header *)header); - if (!result) goto rdcuh_exit; - - if (header->is_32b) - { - status = g_binary_content_read_u32(content, pos, endian, &val32); - if (!status) goto rdcuh_exit; - - header->debug_abbrev_offset = val32; - - } - else - { - status = g_binary_content_read_u64(content, pos, endian, &header->debug_abbrev_offset); - if (!status) goto rdcuh_exit; - - } - - result &= g_binary_content_read_u8(content, pos, &header->address_size); - - rdcuh_exit: - - return result; - -} - - - - - - - diff --git a/src/format/dwarf/dwarf-int.h b/src/format/dwarf/dwarf-int.h deleted file mode 100644 index 6f8f921..0000000 --- a/src/format/dwarf/dwarf-int.h +++ /dev/null @@ -1,185 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf-int.h - prototypes pour les structures internes du format DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_DWARF_INT_H -#define _FORMAT_DWARF_DWARF_INT_H - - -#include "dwarf.h" - - -#include - - - - -#include "../debuggable-int.h" - -#include "abbrev.h" -#include "die.h" -#include "dwarf_def.h" - - - - - -/* Procède à la lecture d'un attribut d'abréviation DWARF. */ -bool read_dwarf_abbrev_attr(const GDwarfFormat *, vmpa2t *, dw_abbrev_raw_attr *); - -/* Procède à la lecture d'une déclaration d'abréviation DWARF. */ -bool read_dwarf_abbrev_decl(const GDwarfFormat *, vmpa2t *, dw_abbrev_decl *); - - - - -/* En-tête présente dans certaines sections */ -typedef struct _dw_section_header -{ - uint64_t unit_length; /* Taille totale sans le champ */ - bool is_32b; /* Le format est-il sur 32b ? */ - - uint16_t version; /* Version de la section */ - -} dw_section_header; - - - - - - -/* Procède à la lecture de l'en-tête d'un contenu binaire ELF. */ -bool read_dwarf_section_header(GBinContent *, vmpa2t *, SourceEndian, dw_section_header *); - - - - - -/* Procède à la lecture de l'en-tête d'une unité de compilation. */ -bool read_dwarf_compil_unit_header(GBinContent *, vmpa2t *, SourceEndian, dw_compil_unit_header *); - - - -///--------------------- - - - - -//------------------------------- - - - - - -/* Lit la valeur correspondant à un type donné. */ -typedef bool (* read_form_value_fc) (const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_form_value *); - - -/* Format de débogage DWARF (instance) */ -struct _GDwarfFormat -{ - GDbgFormat parent; /* A laisser en premier */ - - dw_abbrev *abbreviations; /* Racine des abbréviations */ - - - dw_die *info_die; - - - -}; - -/* Format de débogage DWARF (classe) */ -struct _GDwarfFormatClass -{ - GDbgFormatClass parent; /* A laisser en premier */ - - read_form_value_fc read_form; /* lecture de valeurs formatées*/ - -}; - - - - - -/* Charge de façon générique toutes les informations DWARF. */ -bool g_dwarf_format_load(GDwarfFormat *, GExeFormat *); - - - - - - - - - - - - - - - - -/* Format du DWARF */ -typedef enum _DwarfFormat -{ - DWF_32_BITS, /* Mode 32 bits */ - DWF_64_BITS /* Mode 64 bits */ - -} DwarfFormat; - - - - - -/* Eléments récupérés sur une fonction */ -typedef struct _dw_dbg_function -{ - char *name; /* Nom de la fonction */ - char *prototype; /* Chaîne descriptive */ - - uint64_t low_pc; /* Début de la fonction */ - uint64_t high_pc; /* Fin de la fonction */ - -} dw_dbg_function; - - -#if 0 -/* Description du format DWARF */ -struct _dwarf_format -{ - dbg_format dummy; /* A laisser en premier */ - - DwarfFormat format; /* Format de l'instance */ - - dw_abbrev **abbrevs; /* Liste des abréviations */ - size_t abbrevs_count; /* Nombre de ces abréviations */ - - dw_dbg_function **dbg_functions; /* Liste de fonctions trouvées */ - size_t dbg_fc_count; /* Nombre de ces fonctions */ - -}; -#endif - - - -#endif /* _FORMAT_DWARF_DWARF_INT_H */ diff --git a/src/format/dwarf/dwarf.c b/src/format/dwarf/dwarf.c deleted file mode 100644 index 0c0dab8..0000000 --- a/src/format/dwarf/dwarf.c +++ /dev/null @@ -1,337 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.c - support du format Dwarf - * - * Copyright (C) 2009-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "dwarf.h" - - -#include "abbrev.h" -#include "dwarf-int.h" -#include "info.h" -#include "symbols.h" -#include "../../common/cpp.h" - - - -/* Initialise la classe des formats de débogage DWARF. */ -static void g_dwarf_format_class_init(GDwarfFormatClass *); - -/* Initialise une instance de format de débogage DWARF. */ -static void g_dwarf_format_init(GDwarfFormat *); - -/* Supprime toutes les références externes. */ -static void g_dwarf_format_dispose(GDwarfFormat *); - -/* Procède à la libération totale de la mémoire. */ -static void g_dwarf_format_finalize(GDwarfFormat *); - - - -/****************************************************************************** -* * -* Paramètres : content = contenu binaire à parcourir. * -* parent = éventuel format exécutable déjà chargé. * -* unused = adresse non utilisée ici. * -* key = identifiant de format trouvé ou NULL. [OUT] * -* * -* Description : Indique si le format peut être pris en charge ici. * -* * -* Retour : Conclusion de haut niveau sur la reconnaissance effectuée. * -* * -* Remarques : - * -* * -******************************************************************************/ - -FormatMatchStatus dwarf_is_matching(GBinContent *content, GExeFormat *parent, void *unused, char **key) -{ - FormatMatchStatus result; /* Bilan à renvoyer */ - size_t i; /* Boucle de parcours */ - mrange_t range; /* Couverture d'une section */ - dw_section_header header; /* En-tête DWARF de section */ - bool found; /* Bilan d'une comparaison */ - - static const char *section_names[] = { - ".debug_aranges", - ".debug_frame", - ".debug_info", - ".debug_line", - ".debug_pubnames", - ".debug_pubtypes", - ".debug_types" - }; - - static const uint16_t dwarf_v2_versions[] = { - 2, /* .debug_aranges */ - 1, /* .debug_frame */ - 2, /* .debug_info */ - 2, /* .debug_line */ - 2, /* .debug_pubnames */ - 0, /* .debug_pubtypes */ - 0 /* .debug_types */ - }; - - static const uint16_t dwarf_v3_versions[] = { - 2, /* .debug_aranges */ - 3, /* .debug_frame */ - 3, /* .debug_info */ - 3, /* .debug_line */ - 2, /* .debug_pubnames */ - 2, /* .debug_pubtypes */ - 0 /* .debug_types */ - }; - - static const uint16_t dwarf_v4_versions[] = { - 2, /* .debug_aranges */ - 4, /* .debug_frame */ - 4, /* .debug_info */ - 4, /* .debug_line */ - 2, /* .debug_pubnames */ - 2, /* .debug_pubtypes */ - 4 /* .debug_types */ - }; - - uint16_t current_versions[] = { - 0, /* .debug_aranges */ - 0, /* .debug_frame */ - 0, /* .debug_info */ - 0, /* .debug_line */ - 0, /* .debug_pubnames */ - 0, /* .debug_pubtypes */ - 0 /* .debug_types */ - }; - - result = FMS_UNKNOWN; - - if (parent == NULL) - return FMS_UNKNOWN; - return FMS_UNKNOWN; - *key = strdup("dwarf_v4"); - return FMS_MATCHED; - - /* Lecture des indices présents */ - - for (i = 0; i < ARRAY_SIZE(section_names); i++) - { - if (!g_exe_format_get_section_range_by_name(parent, section_names[i], &range)) - continue; - - if (!read_dwarf_section_header(content, get_mrange_addr(&range), SRE_LITTLE /* FIXME */, &header)) - continue; - - current_versions[i] = header.version; - - } - - /* Détermination d'une version bien identifiée */ - - bool check_dwarf_version(const uint16_t *ref, const uint16_t *cur, size_t count) - { - bool equal; - size_t k; - - equal = true; - - for (k = 0; k < count && equal; k++) - printf(" -> %hhu vs %hhu\n", ref[k], cur[k]); - - for (k = 0; k < count && equal; k++) - equal = (cur[k] == 0) || (ref[k] == cur[k]); - - return equal; - - } - - /** - * Un fichier DWARF sans section sera vu comme un fichier DWARF de - * dernière génération. - * Ce qui n'est pas très grave car rien ne sera chargé par la suite, - * du fait de l'absence de section, donc il n'y aura pas d'incompatibilité. - */ - - printf("---dwarf v4\n"); - - found = check_dwarf_version(dwarf_v4_versions, current_versions, ARRAY_SIZE(section_names)); - - if (found) - { - result = FMS_MATCHED; - *key = strdup("dwarf_v4"); - } - - if (result == FMS_UNKNOWN) - { - printf("---dwarf v3\n"); - - found = check_dwarf_version(dwarf_v3_versions, current_versions, ARRAY_SIZE(section_names)); - - if (found) - { - result = FMS_MATCHED; - *key = strdup("dwarf_v3"); - } - - } - - if (result == FMS_UNKNOWN) - { - printf("---dwarf v2\n"); - - found = check_dwarf_version(dwarf_v2_versions, current_versions, ARRAY_SIZE(section_names)); - - if (found) - { - result = FMS_MATCHED; - *key = strdup("dwarf_v2"); - } - - } - - return result; - -} - - -/* Indique le type défini pour un format de débogage générique. */ -G_DEFINE_TYPE(GDwarfFormat, g_dwarf_format, G_TYPE_DBG_FORMAT); - - -/****************************************************************************** -* * -* Paramètres : klass = classe à initialiser. * -* * -* Description : Initialise la classe des formats de débogage DWARF. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarf_format_class_init(GDwarfFormatClass *klass) -{ - GObjectClass *object; /* Autre version de la classe */ - - object = G_OBJECT_CLASS(klass); - - object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarf_format_dispose; - object->finalize = (GObjectFinalizeFunc)g_dwarf_format_finalize; - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance à initialiser. * -* * -* Description : Initialise une instance de format de débogage DWARF. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarf_format_init(GDwarfFormat *format) -{ - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Supprime toutes les références externes. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarf_format_dispose(GDwarfFormat *format) -{ - G_OBJECT_CLASS(g_dwarf_format_parent_class)->dispose(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Procède à la libération totale de la mémoire. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarf_format_finalize(GDwarfFormat *format) -{ - G_OBJECT_CLASS(g_dwarf_format_parent_class)->finalize(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : format = description du binaire de débogage à compléter. * -* executable = référence vers le binaire exécutable à lier. * -* * -* Description : Charge de façon générique toutes les informations DWARF. * -* * -* Retour : Bilan du chargement : réussi ou non ? * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool g_dwarf_format_load(GDwarfFormat *format, GExeFormat *executable) -{ - bool result; /* Bilan à faire remonter */ - - result = true; - - g_debuggable_format_attach_executable(G_DBG_FORMAT(format), executable); - - printf("Loading abbrev...\n"); - - result &= load_all_dwarf_abbreviations(format); - - printf("Loading debug info...\n"); - - result &= load_dwarf_debug_information(format); - - printf("Done!\n"); - - result &= load_dwarf_symbols(format); - - printf("Got symbols...\n"); - - exit(0); - - return result; - -} - diff --git a/src/format/dwarf/dwarf.h b/src/format/dwarf/dwarf.h deleted file mode 100644 index ad2f008..0000000 --- a/src/format/dwarf/dwarf.h +++ /dev/null @@ -1,55 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.h - prototypes pour le support du format Dwarf - * - * Copyright (C) 2009-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_DWARF_H -#define _FORMAT_DWARF_DWARF_H - - -#include "../../core/formats.h" - - - -#define G_TYPE_DWARF_FORMAT g_dwarf_format_get_type() -#define G_DWARF_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarf_format_get_type(), GDwarfFormat)) -#define G_IS_DWARF_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarf_format_get_type())) -#define G_DWARF_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARF_FORMAT, GDwarfFormatClass)) -#define G_IS_DWARF_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARF_FORMAT)) -#define G_DWARF_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARF_FORMAT, GDwarfFormatClass)) - - -/* Format de débogage DWARF (instance) */ -typedef struct _GDwarfFormat GDwarfFormat; - -/* Format de débogage DWARF (classe) */ -typedef struct _GDwarfFormatClass GDwarfFormatClass; - - -/* Indique si le format peut être pris en charge ici. */ -FormatMatchStatus dwarf_is_matching(GBinContent *, GExeFormat *, void *, char **); - -/* Indique le type défini pour un format de débogage DWARF. */ -GType g_dwarf_format_get_type(void); - - - -#endif /* _FORMAT_DWARF_DWARF_H */ diff --git a/src/format/dwarf/dwarf_def.h b/src/format/dwarf/dwarf_def.h deleted file mode 100644 index 6641576..0000000 --- a/src/format/dwarf/dwarf_def.h +++ /dev/null @@ -1,830 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf_def.h - liste des constantes utilisées par le format DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_DWARF_DEF_H -#define _FORMAT_DWARF_DWARF_DEF_H - - - -#include - - -#include "../../arch/vmpa.h" -#include "../../common/leb128.h" - - - - -/** - * § 7.5.1.1 Compilation Unit Header. - */ - -/* En-tête présente dans certaines sections */ -typedef struct _dw_compil_unit_header -{ - uint64_t unit_length; /* Taille totale sans le champ */ - bool is_32b; /* Le format est-il sur 32b ? */ - - uint16_t version; /* Version de la section */ - - uint64_t debug_abbrev_offset; /* Emplacement dans la section */ - uint8_t address_size; /* Taille des adresses */ - -} dw_compil_unit_header; - - -/** - * § 7.5.4 Attribute Encodings - */ - -/* Figure 18, Tag encodings, begins here. */ - -typedef enum _DwarfTag -{ - DW_TAG_array_type = 0x01, - DW_TAG_class_type = 0x02, - DW_TAG_entry_point = 0x03, - DW_TAG_enumeration_type = 0x04, - DW_TAG_formal_parameter = 0x05, - DW_TAG_imported_declaration = 0x08, - DW_TAG_label = 0x0a, - DW_TAG_lexical_block = 0x0b, - DW_TAG_member = 0x0d, - DW_TAG_pointer_type = 0x0f, - DW_TAG_reference_type = 0x10, - DW_TAG_compile_unit = 0x11, - DW_TAG_string_type = 0x12, - DW_TAG_structure_type = 0x13, - DW_TAG_subroutine_type = 0x15, - DW_TAG_typedef = 0x16, - DW_TAG_union_type = 0x17, - DW_TAG_unspecified_parameters = 0x18, - DW_TAG_variant = 0x19, - DW_TAG_common_block = 0x1a, - DW_TAG_common_inclusion = 0x1b, - DW_TAG_inheritance = 0x1c, - DW_TAG_inlined_subroutine = 0x1d, - DW_TAG_module = 0x1e, - DW_TAG_ptr_to_member_type = 0x1f, - DW_TAG_set_type = 0x20, - DW_TAG_subrange_type = 0x21, - DW_TAG_with_stmt = 0x22, - DW_TAG_access_declaration = 0x23, - DW_TAG_base_type = 0x24, - DW_TAG_catch_block = 0x25, - DW_TAG_const_type = 0x26, - DW_TAG_constant = 0x27, - DW_TAG_enumerator = 0x28, - DW_TAG_file_type = 0x29, - DW_TAG_friend = 0x2a, - DW_TAG_namelist = 0x2b, - DW_TAG_namelist_item = 0x2c, - DW_TAG_packed_type = 0x2d, - DW_TAG_subprogram = 0x2e, - DW_TAG_template_type_parameter = 0x2f, - DW_TAG_template_value_parameter = 0x30, - DW_TAG_thrown_type = 0x31, - DW_TAG_try_block = 0x32, - DW_TAG_variant_part = 0x33, - DW_TAG_variable = 0x34, - DW_TAG_volatile_type = 0x35, - - DW_TAG_dwarf_procedure = 0x36, - DW_TAG_restrict_type = 0x37, - DW_TAG_interface_type = 0x38, - DW_TAG_namespace = 0x39, - DW_TAG_imported_module = 0x3a, - DW_TAG_unspecified_type = 0x3b, - DW_TAG_partial_unit = 0x3c, - DW_TAG_imported_unit = 0x3d, - DW_TAG_condition = 0x3f, - DW_TAG_shared_type = 0x40, - - /* Nouveautés v.4 */ - - DW_TAG_type_unit = 0x41, - DW_TAG_rvalue_reference_type = 0x42, - DW_TAG_template_alias = 0x43, - - DW_TAG_lo_user = 0x4080, - DW_TAG_hi_user = 0xffff - -} DwarfTag; - -/* Figure 19. Child determination encodings. */ - -#define DW_CHILDREN_no 0x00 -#define DW_CHILDREN_yes 0x01 - -/* Figure 21. Attribute form encodings. */ - -typedef enum _DwarfForm -{ - DW_FORM_invalid = 0x00, - - DW_FORM_addr = 0x01, - DW_FORM_block2 = 0x03, - DW_FORM_block4 = 0x04, - DW_FORM_data2 = 0x05, - DW_FORM_data4 = 0x06, - DW_FORM_data8 = 0x07, - DW_FORM_string = 0x08, - DW_FORM_block = 0x09, - DW_FORM_block1 = 0x0a, - DW_FORM_data1 = 0x0b, - DW_FORM_flag = 0x0c, - DW_FORM_sdata = 0x0d, - DW_FORM_strp = 0x0e, - DW_FORM_udata = 0x0f, - DW_FORM_ref_addr = 0x10, - DW_FORM_ref1 = 0x11, - DW_FORM_ref2 = 0x12, - DW_FORM_ref4 = 0x13, - DW_FORM_ref8 = 0x14, - DW_FORM_ref_udata = 0x15, - DW_FORM_indirect = 0x16, - - /* Nouveautés v4 */ - - DW_FORM_sec_offset = 0x17, - DW_FORM_exprloc = 0x18, - DW_FORM_flag_present = 0x19, - DW_FORM_ref_sig8 = 0x20 - -} DwarfForm; - - - - - - -/* Résumé des différentes valeurs dans DWARF v2 */ -typedef union _dw_v2_form_value -{ - /* DW_FORM_addr */ - virt_t address; - - /* DW_FORM_data[1248] */ - uint8_t data1; - uint16_t data2; - uint32_t data4; - uint64_t data8; - - /* DW_FORM_sdata */ - leb128_t sdata; - - /* DW_FORM_udata */ - uleb128_t udata; - - /* DW_FORM_block[124]? */ - struct - { - const bin_t *start; - phys_t size; - - } block; - - /* DW_FORM_string */ - /* DW_FORM_strp */ - const char *string; - - /* DW_FORM_flag */ - uint8_t flag; - - /* DW_FORM_ref[1248] */ - uint8_t ref1; - uint16_t ref2; - uint32_t ref4; - uint64_t ref8; - - /* DW_FORM_ref_udata */ - uleb128_t ref_udata; - -} dw_v2_form_value; - - -/* Résumé des différentes valeurs dans DWARF v4 */ -typedef union _dw_v4_form_value -{ - dw_v2_form_value v2; - - /* DW_FORM_sec_offset */ - uint64_t sec_offset; - - /* DW_FORM_exprloc */ - struct - { - const bin_t *start; - phys_t size; - - } expr; - - /* DW_FORM_flag_present */ - bool has_flag; - - /* DW_FORM_ref_sig8 */ - uint64_t signature; - -} dw_v4_form_value; - - -/* Résumé des différentes valeurs dans DWARF */ -typedef union _dw_form_value -{ - dw_v2_form_value v2; - dw_v2_form_value v4; - -} dw_form_value; - - - - - - - - - - - - - - - - - - - -/** - * § 7.5.3 Abbreviations Tables. - */ - -/* Description d'un attribut d'une abréviation */ -typedef struct _dw_abbrev_raw_attr -{ - uleb128_t name; /* Désignation de l'attribut */ - uleb128_t form; /* Nature de sa valeur */ - -} dw_abbrev_raw_attr; - -/* En-tête de déclaration d'une abréviation */ -typedef struct _dw_abbrev_decl -{ - uleb128_t code; /* Identifiant attribué */ - uleb128_t tag; /* Identifiant attribué */ - - uint8_t has_children; /* Présence de sous-entrées ? */ - -} dw_abbrev_decl; - - - - - - - - - - -/* Liste des attributs rencontrés */ -typedef enum _DwarfAttrib -{ - DW_AT_sibling = 0x01, - DW_AT_location = 0x02, - DW_AT_name = 0x03, - DW_AT_ordering = 0x09, - DW_AT_byte_size = 0x0b, - DW_AT_bit_offset = 0x0c, - DW_AT_bit_size = 0x0d, - DW_AT_stmt_list = 0x10, - DW_AT_low_pc = 0x11, - DW_AT_high_pc = 0x12, - DW_AT_language = 0x13, - DW_AT_discr = 0x15, - DW_AT_discr_value = 0x16, - DW_AT_visibility = 0x17, - DW_AT_import = 0x18, - DW_AT_string_length = 0x19, - DW_AT_common_reference = 0x1a, - DW_AT_comp_dir = 0x1b, - DW_AT_const_value = 0x1c, - DW_AT_containing_type = 0x1d, - DW_AT_default_value = 0x1e, - DW_AT_inline = 0x20, - DW_AT_is_optional = 0x21, - DW_AT_lower_bound = 0x22, - DW_AT_producer = 0x25, - DW_AT_prototyped = 0x27, - DW_AT_return_addr = 0x2a, - DW_AT_start_scope = 0x2c, - DW_AT_bit_stride = 0x2e, - DW_AT_upper_bound = 0x2f, - DW_AT_abstract_origin = 0x31, - DW_AT_accessibility = 0x32, - DW_AT_address_class = 0x33, - DW_AT_artificial = 0x34, - DW_AT_base_types = 0x35, - DW_AT_calling_convention = 0x36, - DW_AT_count = 0x37, - DW_AT_data_member_location = 0x38, - DW_AT_decl_column = 0x39, - DW_AT_decl_file = 0x3a, - DW_AT_decl_line = 0x3b, - DW_AT_declaration = 0x3c, - DW_AT_discr_list = 0x3d, - DW_AT_encoding = 0x3e, - DW_AT_external = 0x3f, - DW_AT_frame_base = 0x40, - DW_AT_friend = 0x41, - DW_AT_identifier_case = 0x42, - DW_AT_macro_info = 0x43, - DW_AT_namelist_item = 0x44, - DW_AT_priority = 0x45, - DW_AT_segment = 0x46, - DW_AT_specification = 0x47, - DW_AT_static_link = 0x48, - DW_AT_type = 0x49, - DW_AT_use_location = 0x4a, - DW_AT_variable_parameter = 0x4b, - DW_AT_virtuality = 0x4c, - DW_AT_vtable_elem_location = 0x4d, - DW_AT_allocated = 0x4e, - DW_AT_associated = 0x4f, - DW_AT_data_location = 0x50, - DW_AT_byte_stride = 0x51, - DW_AT_entry_pc = 0x52, - DW_AT_use_UTF8 = 0x53, - DW_AT_extension = 0x54, - DW_AT_ranges = 0x55, - DW_AT_trampoline = 0x56, - DW_AT_call_column = 0x57, - DW_AT_call_file = 0x58, - DW_AT_call_line = 0x59, - DW_AT_description = 0x5a, - DW_AT_binary_scale = 0x5b, - DW_AT_decimal_scale = 0x5c, - DW_AT_small = 0x5d, - DW_AT_decimal_sign = 0x5e, - DW_AT_digit_count = 0x5f, - DW_AT_picture_string = 0x60, - DW_AT_mutable = 0x61, - DW_AT_threads_scaled = 0x62, - DW_AT_explicit = 0x63, - DW_AT_object_pointer = 0x64, - DW_AT_endianity = 0x65, - DW_AT_elemental = 0x66, - DW_AT_pure = 0x67, - DW_AT_recursive = 0x68, - - /* Nouveautés v4 */ - - DW_AT_signature = 0x69, - DW_AT_main_subprogram = 0x6a, - DW_AT_data_bit_offset = 0x6b, - DW_AT_const_expr = 0x6c, - DW_AT_enum_class = 0x6d, - DW_AT_linkage_name = 0x6e, - - DW_AT_lo_user = 0x2000, - DW_AT_hi_user = 0x3fff, - -} DwarfAttrib; - - -#define DW_ATTR_invalid 0 /* FIXME */ - - -typedef struct _dw_value -{ - DwarfAttrib attrib; /* Sujet de l'élément */ - dw_form_value value; /* Valeur instanciée associée */ - -} dw_value; - - - - - - - - - - - - - - - -#if 0 - - - - - - - - - - - - - - - -/* Liste des balises rencontrées */ -typedef enum _DwarfTag -{ - DWT_NONE = 0x00, - - DWT_ARRAY_TYPE = 0x01, - DWT_CLASS_TYPE = 0x02, - DWT_ENTRY_POINT = 0x03, - DWT_ENUMERATION_TYPE = 0x04, - DWT_FORMAL_PARAMETER = 0x05, - DWT_IMPORTED_DECLARATION = 0x08, - DWT_LABEL = 0x0a, - DWT_LEXICAL_BLOCK = 0x0b, - DWT_MEMBER = 0x0d, - DWT_POINTER_TYPE = 0x0f, - DWT_REFERENCE_TYPE = 0x10, - DWT_COMPILE_UNIT = 0x11, - DWT_STRING_TYPE = 0x12, - DWT_STRUCTURE_TYPE = 0x13, - DWT_SUBROUTINE_TYPE = 0x15, - DWT_TYPEDEF = 0x16, - DWT_UNION_TYPE = 0x17, - DWT_UNSPECIFIED_PARAMETERS = 0x18, - DWT_VARIANT = 0x19, - DWT_COMMON_BLOCK = 0x1a, - DWT_COMMON_INCLUSION = 0x1b, - DWT_INHERITANCE = 0x1c, - DWT_INLINED_SUBROUTINE = 0x1d, - DWT_MODULE = 0x1e, - DWT_PTR_TO_MEMBER_TYPE = 0x1f, - DWT_SET_TYPE = 0x20, - DWT_SUBRANGE_TYPE = 0x21, - DWT_WITH_STMT = 0x22, - DWT_ACCESS_DECLARATION = 0x23, - DWT_BASE_TYPE = 0x24, - DWT_CATCH_BLOCK = 0x25, - DWT_CONST_TYPE = 0x26, - DWT_CONSTANT = 0x27, - DWT_ENUMERATOR = 0x28, - DWT_FILE_TYPE = 0x29, - DWT_FRIEND = 0x2a, - DWT_NAMELIST = 0x2b, - - DWT_NAMELIST_ITEM = 0x2c, - DWT_PACKED_TYPE = 0x2d, - DWT_SUBPROGRAM = 0x2e, - - DWT_TEMPLATE_TYPE_PARAM = 0x2f, /* DWARF2 */ - DWT_TEMPLATE_TYPE_PARAMETER = 0x2f, /* DWARF3 */ - DWT_TEMPLATE_VALUE_PARAM = 0x30, /* DWARF2 */ - DWT_TEMPLATE_VALUE_PARAMETER = 0x30, /* DWARF3 */ - DWT_THROWN_TYPE = 0x31, - DWT_TRY_BLOCK = 0x32, - DWT_VARIANT_PART = 0x33, - DWT_VARIABLE = 0x34, - DWT_VOLATILE_TYPE = 0x35, - DWT_DWARF_PROCEDURE = 0x36, /* DWARF3 */ - DWT_RESTRICT_TYPE = 0x37, /* DWARF3 */ - DWT_INTERFACE_TYPE = 0x38, /* DWARF3 */ - DWT_NAMESPACE = 0x39, /* DWARF3 */ - DWT_IMPORTED_MODULE = 0x3a, /* DWARF3 */ - DWT_UNSPECIFIED_TYPE = 0x3b, /* DWARF3 */ - DWT_PARTIAL_UNIT = 0x3c, /* DWARF3 */ - DWT_IMPORTED_UNIT = 0x3d, /* DWARF3 */ - - DWT_MUTABLE_TYPE = 0x3e, /* Oublié en faveur des deux suivantes (DWARF3 -> DWARF3f) */ - DWT_CONDITION = 0x3f, /* DWARF3f */ - DWT_SHARED_TYPE = 0x40, /* DWARF3f */ - - DWT_LO_USER = 0x4080, - - DWT_MIPS_LOOP = 0x4081, - - /* Extensions HP */ - - DWT_HP_ARRAY_DESCRIPTOR = 0x4090, - - /* Extensions GNU */ - - DWT_GNU_FORMAT_LABEL = 0x4101, /* Fortran. */ - DWT_GNU_FUNCTION_TEMPLATE = 0x4102, /* C++ */ - DWT_GNU_CLASS_TEMPLATE = 0x4103, /* C++ */ - DWT_GNU_BINCL = 0x4104, - DWT_GNU_EINCL = 0x4105, - - /* Extensions ALTIUM */ - - DWT_ALTIUM_CIRC_TYPE = 0x5101, /* DSP-C/Starcore __circ qualifier */ - DWT_ALTIUM_MWA_CIRC_TYPE = 0x5102, /* Starcore __mwa_circ qualifier */ - DWT_ALTIUM_REV_CARRY_TYPE = 0x5103, /* Starcore __rev_carry qualifier */ - DWT_ALTIUM_ROM = 0x5111, /* M16 __rom qualifier */ - - /* Extensions pour le support UPC */ - - DWT_UPC_SHARED_TYPE = 0x8765, - DWT_UPC_STRICT_TYPE = 0x8766, - DWT_UPC_RELAXED_TYPE = 0x8767, - - /* Extensions PGI (STMicroelectronics) */ - - DWT_PGI_KANJI_TYPE = 0xa000, - DWT_PGI_INTERFACE_BLOCK = 0xa020, - - /* Extensions SUN */ - - DWT_SUN_FUNCTION_TEMPLATE = 0x4201, - DWT_SUN_CLASS_TEMPLATE = 0x4202, - DWT_SUN_STRUCT_TEMPLATE = 0x4203, - DWT_SUN_UNION_TEMPLATE = 0x4204, - DWT_SUN_INDIRECT_INHERITANCE = 0x4205, - DWT_SUN_CODEFLAGS = 0x4206, - DWT_SUN_MEMOP_INFO = 0x4207, - DWT_SUN_OMP_CHILD_FUNC = 0x4208, - DWT_SUN_RTTI_DESCRIPTOR = 0x4209, - DWT_SUN_DTOR_INFO = 0x420a, - DWT_SUN_DTOR = 0x420b, - DWT_SUN_F90_INTERFACE = 0x420c, - DWT_SUN_FORTRAN_VAX_STRUCTURE = 0x420d, - DWT_SUN_HI = 0x42ff, - - DWT_HI_USER = 0xffff - -} DwarfTag; - - -#define DW_CHILDREN_NO 0x00 -#define DW_CHILDREN_YES 0x01 - - -/* Liste des attributs rencontrés */ -typedef enum _DwarfAttrib -{ - DWA_SIBLING = 0x01, - DWA_LOCATION = 0x02, - DWA_NAME = 0x03, - DWA_ORDERING = 0x09, - DWA_SUBSCR_DATA = 0x0a, - DWA_BYTE_SIZE = 0x0b, - DWA_BIT_OFFSET = 0x0c, - DWA_BIT_SIZE = 0x0d, - DWA_ELEMENT_LIST = 0x0f, - DWA_STMT_LIST = 0x10, - DWA_LOW_PC = 0x11, - DWA_HIGH_PC = 0x12, - DWA_LANGUAGE = 0x13, - DWA_MEMBER = 0x14, - DWA_DISCR = 0x15, - DWA_DISCR_VALUE = 0x16, - DWA_VISIBILITY = 0x17, - DWA_IMPORT = 0x18, - DWA_STRING_LENGTH = 0x19, - DWA_COMMON_REFERENCE = 0x1a, - DWA_COMP_DIR = 0x1b, - DWA_CONST_VALUE = 0x1c, - DWA_CONTAINING_TYPE = 0x1d, - DWA_DEFAULT_VALUE = 0x1e, - DWA_INLINE = 0x20, - DWA_IS_OPTIONAL = 0x21, - DWA_LOWER_BOUND = 0x22, - DWA_PRODUCER = 0x25, - DWA_PROTOTYPED = 0x27, - DWA_RETURN_ADDR = 0x2a, - DWA_START_SCOPE = 0x2c, - DWA_BIT_STRIDE = 0x2e, /* DWARF3 */ - DWA_STRIDE_SIZE = 0x2e, /* DWARF2 */ - DWA_UPPER_BOUND = 0x2f, - DWA_ABSTRACT_ORIGIN = 0x31, - DWA_ACCESSIBILITY = 0x32, - DWA_ADDRESS_CLASS = 0x33, - DWA_ARTIFICIAL = 0x34, - DWA_BASE_TYPES = 0x35, - DWA_CALLING_CONVENTION = 0x36, - DWA_COUNT = 0x37, - DWA_DATA_MEMBER_LOCATION = 0x38, - DWA_DECL_COLUMN = 0x39, - DWA_DECL_FILE = 0x3a, - DWA_DECL_LINE = 0x3b, - DWA_DECLARATION = 0x3c, - DWA_DISCR_LIST = 0x3d, - DWA_ENCODING = 0x3e, - DWA_EXTERNAL = 0x3f, - DWA_FRAME_BASE = 0x40, - DWA_FRIEND = 0x41, - DWA_IDENTIFIER_CASE = 0x42, - DWA_MACRO_INFO = 0x43, - DWA_NAMELIST_ITEM = 0x44, - DWA_PRIORITY = 0x45, - DWA_SEGMENT = 0x46, - DWA_SPECIFICATION = 0x47, - DWA_STATIC_LINK = 0x48, - DWA_TYPE = 0x49, - DWA_USE_LOCATION = 0x4a, - DWA_VARIABLE_PARAMETER = 0x4b, - DWA_VIRTUALITY = 0x4c, - DWA_VTABLE_ELEM_LOCATION = 0x4d, - DWA_ALLOCATED = 0x4e, /* DWARF3 */ - DWA_ASSOCIATED = 0x4f, /* DWARF3 */ - DWA_DATA_LOCATION = 0x50, /* DWARF3 */ - DWA_BYTE_STRIDE = 0x51, /* DWARF3f */ - DWA_STRIDE = 0x51, /* DWARF3 (ne pas utiliser) */ - DWA_ENTRY_PC = 0x52, /* DWARF3 */ - DWA_USE_UTF8 = 0x53, /* DWARF3 */ - DWA_EXTENSION = 0x54, /* DWARF3 */ - DWA_RANGES = 0x55, /* DWARF3 */ - DWA_TRAMPOLINE = 0x56, /* DWARF3 */ - DWA_CALL_COLUMN = 0x57, /* DWARF3 */ - DWA_CALL_FILE = 0x58, /* DWARF3 */ - DWA_CALL_LINE = 0x59, /* DWARF3 */ - DWA_DESCRIPTION = 0x5a, /* DWARF3 */ - DWA_BINARY_SCALE = 0x5b, /* DWARF3f */ - DWA_DECIMAL_SCALE = 0x5c, /* DWARF3f */ - DWA_SMALL = 0x5d, /* DWARF3f */ - DWA_DECIMAL_SIGN = 0x5e, /* DWARF3f */ - DWA_DIGIT_COUNT = 0x5f, /* DWARF3f */ - DWA_PICTURE_STRING = 0x60, /* DWARF3f */ - DWA_MUTABLE = 0x61, /* DWARF3f */ - DWA_THREADS_SCALED = 0x62, /* DWARF3f */ - DWA_EXPLICIT = 0x63, /* DWARF3f */ - DWA_OBJECT_POINTER = 0x64, /* DWARF3f */ - DWA_ENDIANITY = 0x65, /* DWARF3f */ - DWA_ELEMENTAL = 0x66, /* DWARF3f */ - DWA_PURE = 0x67, /* DWARF3f */ - DWA_RECURSIVE = 0x68, /* DWARF3f */ - - DWA_LO_USER = 0x2000, - - /* Extension HP */ - - DWA_HP_BLOCK_INDEX = 0x2000, - - /* Extensions MIPS/SGI */ - - DWA_MIPS_FDE = 0x2001, - DWA_MIPS_LOOP_BEGIN = 0x2002, - DWA_MIPS_TAIL_LOOP_BEGIN = 0x2003, - DWA_MIPS_EPILOG_BEGIN = 0x2004, - DWA_MIPS_LOOP_UNROLL_FACTOR = 0x2005, - DWA_MIPS_SOFTWARE_PIPELINE_DEPTH = 0x2006, - DWA_MIPS_LINKAGE_NAME = 0x2007, - DWA_MIPS_STRIDE = 0x2008, - DWA_MIPS_ABSTRACT_NAME = 0x2009, - DWA_MIPS_CLONE_ORIGIN = 0x200a, - DWA_MIPS_HAS_INLINES = 0x200b, - DWA_MIPS_STRIDE_BYTE = 0x200c, - DWA_MIPS_STRIDE_ELEM = 0x200d, - DWA_MIPS_PTR_DOPETYPE = 0x200e, - DWA_MIPS_ALLOCATABLE_DOPETYPE = 0x200f, - DWA_MIPS_ASSUMED_SHAPE_DOPETYPE = 0x2010, - DWA_MIPS_ASSUMED_SIZE = 0x2011, - - /* Extensions HP */ - - DWA_HP_unmodifiable = 0x2001, /* conflit : MIPS */ - DWA_HP_actuals_stmt_list = 0x2010, /* conflit : MIPS */ - DWA_HP_proc_per_section = 0x2011, /* conflit : MIPS */ - DWA_HP_raw_data_ptr = 0x2012, - DWA_HP_pass_by_reference = 0x2013, - DWA_HP_opt_level = 0x2014, - DWA_HP_prof_version_id = 0x2015, - DWA_HP_opt_flags = 0x2016, - DWA_HP_cold_region_low_pc = 0x2017, - DWA_HP_cold_region_high_pc = 0x2018, - DWA_HP_all_variables_modifiable = 0x2019, - DWA_HP_linkage_name = 0x201a, - DWA_HP_prof_flags = 0x201b, - - /* Extensions GNU */ - - DWA_GNU_SF_NAMES = 0x2101, - DWA_GNU_SRC_INFO = 0x2102, - DWA_GNU_MAC_INFO = 0x2103, - DWA_GNU_SRC_COORDS = 0x2104, - DWA_GNU_BODY_BEGIN = 0x2105, - DWA_GNU_BODY_END = 0x2106, - DWA_GNU_VECTOR = 0x2107, - - /* Extensions SUN */ - - DWA_SUN_TEMPLATE = 0x2201, - DWA_SUN_RTNBEG_PD_ADDRESS = 0x2201, - DWA_SUN_ALIGNMENT = 0x2202, - DWA_SUN_VTABLE = 0x2203, - DWA_SUN_COUNT_GUARANTEE = 0x2204, - DWA_SUN_COMMAND_LINE = 0x2205, - DWA_SUN_VBASE = 0x2206, - DWA_SUN_COMPILE_OPTIONS = 0x2207, - DWA_SUN_LANGUAGE = 0x2208, - DWA_SUN_BROWSER_FILE = 0x2209, - DWA_SUN_VTABLE_ABI = 0x2210, - DWA_SUN_FUNC_OFFSETS = 0x2211, - DWA_SUN_CF_KIND = 0x2212, - DWA_SUN_VTABLE_INDEX = 0x2213, - DWA_SUN_OMP_TPRIV_ADDR = 0x2214, - DWA_SUN_OMP_CHILD_FUNC = 0x2215, - DWA_SUN_FUNC_OFFSET = 0x2216, - DWA_SUN_MEMOP_TYPE_REF = 0x2217, - DWA_SUN_PROFILE_ID = 0x2218, - DWA_SUN_MEMOP_SIGNATURE = 0x2219, - DWA_SUN_OBJ_DIR = 0x2220, - DWA_SUN_OBJ_FILE = 0x2221, - DWA_SUN_ORIGINAL_NAME = 0x2222, - DWA_SUN_HWCPROF_SIGNATURE = 0x2223, - DWA_SUN_AMD64_PARMDUMP = 0x2224, - DWA_SUN_PART_LINK_NAME = 0x2225, - DWA_SUN_LINK_NAME = 0x2226, - DWA_SUN_PASS_WITH_CONST = 0x2227, - DWA_SUN_RETURN_WITH_CONST = 0x2228, - DWA_SUN_IMPORT_BY_NAME = 0x2229, - DWA_SUN_F90_POINTER = 0x222a, - DWA_SUN_PASS_BY_REF = 0x222b, - DWA_SUN_F90_ALLOCATABLE = 0x222c, - DWA_SUN_F90_ASSUMED_SHAPE_ARRAY = 0x222d, - DWA_SUN_C_VLA = 0x222e, - DWA_SUN_RETURN_VALUE_PTR = 0x2230, - DWA_SUN_DTOR_START = 0x2231, - DWA_SUN_DTOR_LENGTH = 0x2232, - DWA_SUN_DTOR_STATE_INITIAL = 0x2233, - DWA_SUN_DTOR_STATE_FINAL = 0x2234, - DWA_SUN_DTOR_STATE_DELTAS = 0x2235, - DWA_SUN_IMPORT_BY_LNAME = 0x2236, - DWA_SUN_F90_USE_ONLY = 0x2237, - DWA_SUN_NAMELIST_SPEC = 0x2238, - DWA_SUN_IS_OMP_CHILD_FUNC = 0x2239, - DWA_SUN_FORTRAN_MAIN_ALIAS = 0x223a, - DWA_SUN_FORTRAN_BASED = 0x223b, - - /* Extensions ALTIUM */ - - DWA_ALTIUM_LOCLIST = 0x2300, - - /* Extensions PGI (STMicroelectronics) */ - - DWA_PGI_LBASE = 0x3a00, - DWA_PGI_SOFFSET = 0x3a01, - DWA_PGI_LSTRIDE = 0x3a02, - - /* Extensions pour le support UPC */ - - DWA_UPC_THREADS_SCALED = 0x3210, - - DWA_HI_USER = 0x3fff - -} DwarfAttrib; - - -/* Liste des types de données */ -typedef enum _DwarfForm -{ - DWF_ADDR = 0x01, - DWF_BLOCK2 = 0x03, - DWF_BLOCK4 = 0x04, - DWF_DATA2 = 0x05, - DWF_DATA4 = 0x06, - DWF_DATA8 = 0x07, - DWF_STRING = 0x08, - DWF_BLOCK = 0x09, - DWF_BLOCK1 = 0x0a, - DWF_DATA1 = 0x0b, - DWF_FLAG = 0x0c, - DWF_SDATA = 0x0d, - DWF_STRP = 0x0e, - DWF_UDATA = 0x0f, - DWF_REF_ADDR = 0x10, - DWF_REF1 = 0x11, - DWF_REF2 = 0x12, - DWF_REF4 = 0x13, - DWF_REF8 = 0x14, - DWF_REF_UDATA = 0x15, - DWF_INDIRECT = 0x16 - -} DwarfForm; - - -#endif - - - -#endif /* _FORMAT_DWARF_DWARF_DEF_H */ diff --git a/src/format/dwarf/form.c b/src/format/dwarf/form.c deleted file mode 100644 index d7922f7..0000000 --- a/src/format/dwarf/form.c +++ /dev/null @@ -1,113 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * form.h - prototypes pour la transmission des valeurs d'attributs - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "form.h" - - - -/****************************************************************************** -* * -* Paramètres : value = valeur au format Dwarf à consulter. * -* form = nature de la valeur à lire. * -* addr = valeur utilisable en interne récupérée. [OUT] * -* * -* Description : Transcrit une valeur Dwarf brute en adresse virtuelle. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool translate_form_into_address(const dw_form_value *value, DwarfForm form, virt_t *addr) -{ - bool result; /* Bilan à retourner */ - - result = true; - - switch (form) - { - case DW_FORM_addr: - *addr = value->v2.address; - break; - - case DW_FORM_data1: - *addr = value->v2.data1; - break; - - case DW_FORM_data2: - *addr = value->v2.data2; - break; - - case DW_FORM_data4: - *addr = value->v2.data4; - break; - - case DW_FORM_data8: - *addr = value->v2.data8; - break; - - default: - result = false; - break; - - } - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : value = valeur au format Dwarf à consulter. * -* form = nature de la valeur à lire. * -* * -* Description : Transcrit une valeur Dwarf brute en chaîne de caractères. * -* * -* Retour : Bilan de l'opération : chaîne de caractères ou NULL si échec.* -* * -* Remarques : - * -* * -******************************************************************************/ - -const char *translate_form_into_string(const dw_form_value *value, DwarfForm form) -{ - const char *result; /* Valeur et bilan à retourner */ - - switch (form) - { - case DW_FORM_string: - case DW_FORM_strp: - result = value->v2.string; - break; - - default: - result = NULL; - break; - - } - - return result; - -} diff --git a/src/format/dwarf/form.h b/src/format/dwarf/form.h deleted file mode 100644 index bdef9b3..0000000 --- a/src/format/dwarf/form.h +++ /dev/null @@ -1,40 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * form.h - prototypes pour la transmission des valeurs d'attributs - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_FORM_H -#define _FORMAT_DWARF_FORM_H - - -#include "dwarf_def.h" - - - -/* Transcrit une valeur Dwarf brute en adresse virtuelle. */ -bool translate_form_into_address(const dw_form_value *, DwarfForm, virt_t *); - -/* Transcrit une valeur Dwarf brute en chaîne de caractères. */ -const char *translate_form_into_string(const dw_form_value *, DwarfForm); - - - -#endif /* _FORMAT_DWARF_FORM_H */ diff --git a/src/format/dwarf/info.c b/src/format/dwarf/info.c deleted file mode 100644 index 432280e..0000000 --- a/src/format/dwarf/info.c +++ /dev/null @@ -1,853 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * info.c - lecture des informations principales du format DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "info.h" - - -#include "die.h" -#include "dwarf-int.h" -#include "../debuggable-int.h" - - - - - -static bool extract_dies_from_debug_information(GDwarfFormat *format, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die *parent, dw_die **die); - - - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage DWARF à compléter. * -* * -* Description : Charge les informations depuis une section ".debug_info". * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool load_dwarf_debug_information(GDwarfFormat *format) -{ - bool result; /* Bilan à renvoyer */ - - - - mrange_t range; /* Couverture d'une section */ - vmpa2t end; - vmpa2t iter; /* Tête de lecture mouvante */ - - dw_compil_unit_header header; - dw_die *die; - - - - result = g_exe_format_get_section_range_by_name(G_DBG_FORMAT(format)->executable, ".debug_info", &range); - if (!result) goto lddi_exit; - - copy_vmpa(&iter, get_mrange_addr(&range)); - - - printf("[%d] Passage :: 0x%08llx 0x%08llx\n", - result, - (unsigned long long)range.addr.physical, - (unsigned long long)range.addr.virtual); - - compute_mrange_end_addr(&range, &end); - - while (result) - { - /* Si il n'y a plus rien à lire dans la section... */ - if (cmp_vmpa(&iter, &end) >= 0) break; - - - printf("========================================================================\n"); - printf("========================================================================\n"); - printf("========================================================================\n"); - printf("========================================================================\n"); - printf("\n"); - printf("HEADER START :: 0x%x\n", (unsigned int)iter.physical); - - - result = read_dwarf_compil_unit_header(G_BIN_FORMAT(format)->content, &iter, - SRE_LITTLE /* FIXME */, &header); - if (!result) break; - - printf("[%d] header :: addr size=%hhu\n", result, header.address_size); - - - result = extract_dies_from_debug_information(format, &iter, - SRE_LITTLE /* FIXME */, &header, - NULL, &die); - - - - } - - - format->info_die = die; - - - lddi_exit: - - return result; - -} - - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage DWARF à compléter. * -* pos = position de début de lecture. [OUT] * -* endian = boutisme reconnu dans le format. * -* header = en-tête de description de l'unité à traiter. * -* parent = entrée parent de rattachement ou NULL si racine. * -* die = emplacement de stockage de l'entrée. [OUT] * -* * -* Description : Procède à la lecture de l'en-tête d'un contenu binaire DWARF.* -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool extract_dies_from_debug_information(GDwarfFormat *format, vmpa2t *pos, SourceEndian endian, const dw_compil_unit_header *header, dw_die *parent, dw_die **die) -{ - bool result; /* Bilan à faire remonter */ - dw_die *child; /* Entrée subordonnée à charger*/ - - printf("==================================\n"); - printf("=== version : 0x%hx\n", header->version); - printf("=== offset abbrev : 0x%llx\n", (unsigned long long)header->debug_abbrev_offset); - printf("==================================\n"); - - - phys_t start = 0x1039; - - printf("start :: 0x%x\n", (unsigned int)(pos->physical - start)); - printf("start :: 0x%x\n", (unsigned int)(0x0 + pos->physical)); - - result = build_dwarf_die(format, pos, SRE_LITTLE /* FIXME */, header, die); - if (*die == NULL) return result; - - if (parent != NULL) - dw_die_append_child(parent, *die); - - if (dw_die_has_children(*die)) - { - printf("<<<< children >>>>\n"); - - printf("next :: 0x%x\n", (unsigned int)(pos->physical - start)); - - while (result) - { - result = extract_dies_from_debug_information(format, pos, endian, header, *die, &child); - - if (!result) - delete_dwarf_die(*die); - - /* Entrée avec un code nul -> fin */ - if (child == NULL) break; - - } - - } - - return result; - -} - - - - - - - -#if 0 -#include -#include - - -#include "abbrev.h" -#include "dwarf-int.h" -#include "utils.h" - - -/* Informations utiles d'une unité de compilation */ -typedef struct _compil_unit -{ - off_t startpos; /* Position de début d'unité */ - off_t endpos; /* Position d'unité suivante */ - - off_t offset; /* Position dans les abréviat° */ - uint8_t ptrsize; /* Taille des adresses mémoire */ - -} compil_unit; - - - -#define _(str) str - - -/* Procède à la lecture d'une unité de compilation. */ -bool read_dwarf_compilation_unit(dwarf_format *, off_t *, compil_unit *); - -/* Récupère toutes les déclarations DWARF utiles trouvées. */ -bool parse_dwarf_compilation_unit(dwarf_format *, off_t *, const compil_unit *); - -/* Enregistre toutes les déclarations de fonction trouvées. */ -dw_dbg_function *look_for_dwarf_subprograms(dwarf_format *, const dw_abbrev *, off_t *, const compil_unit *); - -/* Obtient la description humaine d'un type. */ -char *resolve_dwarf_function_type(dwarf_format *, const dw_abbrev *, const off_t *, const compil_unit *); - - - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* * -* Description : Charge les informations trouvées dans un DWARF. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool load_dwarf_information(dwarf_format *format) -{ - bool result; /* Bilan à renvoyer */ - - - - - off_t offset; - off_t start; - off_t size; - - bool test; - - int i; - - - compil_unit cu; - - - - result = true; - - test = find_exe_section(DBG_FORMAT(format)->e_format, ".debug_info", &start, &size, NULL); - - offset = start; - - - printf(" -> offset=%d size=%d\n", offset, size); - - - - for (i = 0; i < size; i++) - { - if (i % 25 == 0) printf("\n"); - printf("0x%02hhx ", DBG_FORMAT(format)->content[offset + i]); - } - - printf("\n"); - - - - while (offset < (start + size) && result) - { - printf("-------------\n"); - - result = read_dwarf_compilation_unit(format, &offset, &cu); - - if (result) - parse_dwarf_compilation_unit(format, &offset, &cu); - - } - - - printf("##############\nRegistered functions:\n"); - - for (i = 0; i < format->dbg_fc_count; i++) - printf(" > [0x%08llx] %s\n", format->dbg_functions[i]->low_pc, format->dbg_functions[i]->prototype); - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à effacer. * -* * -* Description : Décharge les informations trouvées dans un DWARF. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -void unload_dwarf_information(dwarf_format *format) -{ - - - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* cu = unité de compilation lue. [OUT] * -* * -* Description : Procède à la lecture d'une unité de compilation. * -* * -* Retour : true en cas de succès de la lecture, false sinon. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_compilation_unit(dwarf_format *format, off_t *pos, compil_unit *cu) -{ - off_t ulength; /* Taille de l'unité */ - uint16_t version; /* Version du format DWARF */ - - cu->startpos = *pos; - - if (!read_unit_length(format, pos, &ulength)) - return false; - - cu->endpos = *pos + ulength; - - if (!read_uhalf(format, pos, &version)) - return false; - - if (version > 3) return false; - - if (!read_abbrev_offset(format, pos, &cu->offset)) - return false; - - if (!read_address_size(format, pos, &cu->ptrsize)) - return false; - - return true; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* cu = unité de compilation courante. * -* * -* Description : Récupère toutes les déclarations DWARF utiles trouvées. * -* * -* Retour : true en cas de succès de la lecture, false sinon. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool parse_dwarf_compilation_unit(dwarf_format *format, off_t *pos, const compil_unit *cu) -{ - bool result; /* Bilan à retourner */ - const dw_abbrev *abbrev; /* Abréviation rencontrée */ - dw_dbg_function *function; /* Nouvelle fonction lue */ - - - - result = true; - - while (*pos < cu->endpos && result) - { - - - printf(" =+> Cur :: 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx\n", - DBG_FORMAT(format)->content[*pos], - DBG_FORMAT(format)->content[*pos + 1], - DBG_FORMAT(format)->content[*pos + 2], - DBG_FORMAT(format)->content[*pos + 3], - DBG_FORMAT(format)->content[*pos + 4]); - - - - abbrev = find_dwarf_abbreviations(format, &cu->offset, pos); - - if (abbrev == NULL) - break; - - - - printf(" --> %p\n", abbrev); - - printf(" == 0x%02x (matched ? %d)\n", abbrev->tag, abbrev->tag == DWT_SUBPROGRAM); - - - - switch (abbrev->tag) - { - case DWT_SUBPROGRAM: - function = look_for_dwarf_subprograms(format, abbrev, pos, cu); - - if (function != NULL) - { - format->dbg_functions = (dw_dbg_function **)realloc(format->dbg_functions, ++format->dbg_fc_count * sizeof(dw_dbg_function *)); - format->dbg_functions[format->dbg_fc_count - 1] = function; - } - else result = false; - - break; - - default: - break; - - } - - - - - - - - - - - - - if (!skip_dwarf_abbrev(format, pos, abbrev)) - printf("error skipping :(\n"); - - - } - - - printf(" =+> Next :: 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx 0x%02hhx\n", - DBG_FORMAT(format)->content[*pos], - DBG_FORMAT(format)->content[*pos + 1], - DBG_FORMAT(format)->content[*pos + 2], - DBG_FORMAT(format)->content[*pos + 3], - DBG_FORMAT(format)->content[*pos + 4]); - - - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* abbrev = abréviation trouvée à traiter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* cu = unité de compilation courante. * -* * -* Description : Enregistre toutes les déclarations de fonction trouvées. * -* * -* Retour : Fonction chargée en mémoire ou NULL en cas d'échec. * -* * -* Remarques : - * -* * -******************************************************************************/ - -dw_dbg_function *look_for_dwarf_subprograms(dwarf_format *format, const dw_abbrev *abbrev, off_t *pos, const compil_unit *cu) -{ - dw_dbg_function *result; /* Structure à retourner */ - uint32_t type_pos; /* Décalage p/r au pt courant */ - off_t subpos; /* Sous-position de lecture #1 */ - const dw_abbrev *subabbrev; /* Abréviation fille à lire */ - char *retstr; /* Elément du prototype */ - char *prototype; /* Stockage temporaire */ - size_t proto_len; /* Taille du prototype */ - bool is_pointer; /* Mémorise le type 'pointeur' */ - uint64_t index; /* Index de la fonction */ - bool first_arg; /* Marque le 1er argument */ - off_t subpos2; /* Sous-position de lecture #2 */ - const dw_abbrev *subabbrev2; /* Abréviation fille à lire #2 */ - - result = (dw_dbg_function *)calloc(1, sizeof(dw_dbg_function)); - - /* Récupération des informations de base */ - - if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_NAME, &result->name)) - goto lfds_error; - - if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_LOW_PC, &result->low_pc)) - goto lfds_error; - - if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_HIGH_PC, &result->high_pc)) - goto lfds_error; - - /* Type de la fonction */ - - if (test_dwarf_abbrev_attribute(abbrev, DWA_TYPE)) - { - if (!read_dwarf_abbrev_attribute(format, pos, false, abbrev, DWA_TYPE, &type_pos)) - goto lfds_error; - - subpos = cu->startpos + type_pos; - - subabbrev = find_dwarf_abbreviations(format, &cu->offset, &subpos); - - retstr = resolve_dwarf_function_type(format, subabbrev, &subpos, cu); - - } - else retstr = strdup("void"); - - if (retstr == NULL) - { - proto_len = 3; - prototype = (char *)calloc(proto_len + 1, sizeof(char)); - strcat(prototype, "???"); - - is_pointer = false; - - } - else - { - proto_len = strlen(retstr); - prototype = (char *)calloc(proto_len + 1, sizeof(char)); - strcat(prototype, retstr); - - is_pointer = (retstr[strlen(retstr) - 1] == '*'); - - free(retstr); - - } - - /* On saute l'abréviation de la déclaration de fonction... */ - - subpos = *pos; - - if (!read_uleb128(format, &subpos, &index, true)) - goto lfds_error; - - if (!skip_dwarf_abbrev(format, &subpos, abbrev)) - goto lfds_error; - - /* Lecture des différents arguments */ - - proto_len += (!is_pointer ? 1 : 0) + strlen(result->name) + 1; - prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); - if (!is_pointer) strcat(prototype, " "); - strcat(prototype, result->name); - strcat(prototype, "("); - - first_arg = true; - - while (1) - { - subabbrev = find_dwarf_abbreviations(format, &cu->offset, &subpos); - if (subabbrev == NULL) goto exit_loop; - - switch (subabbrev->tag) - { - case DWT_UNSPECIFIED_PARAMETERS: - - /* Virgule de séparation */ - - if (first_arg) first_arg = false; - else - { - proto_len += 2; - prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); - strcat(prototype, ", "); - } - - /* Marque de l'absence de type */ - - proto_len += 3; - prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); - strcat(prototype, "..."); - - break; - - case DWT_FORMAL_PARAMETER: - - if (!read_dwarf_abbrev_attribute(format, &subpos, false, subabbrev, DWA_TYPE, &type_pos)) - goto lfds_error; - - subpos2 = cu->startpos + type_pos; - - subabbrev2 = find_dwarf_abbreviations(format, &cu->offset, &subpos2); - - retstr = resolve_dwarf_function_type(format, subabbrev2, &subpos2, cu); - - /* Virgule de séparation */ - - if (first_arg) first_arg = false; - else - { - proto_len += 2; - prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); - strcat(prototype, ", "); - } - - /* Type de l'argument */ - - if (retstr == NULL) - { - proto_len += 3; - prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); - strcat(prototype, "???"); - - is_pointer = false; - - } - else - { - proto_len += strlen(retstr); - prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); - strcat(prototype, retstr); - - is_pointer = (retstr[strlen(retstr) - 1] == '*'); - - free(retstr); - - } - - /* Nom de l'argument */ - - if (test_dwarf_abbrev_attribute(abbrev, DWA_NAME)) - { - if (!read_dwarf_abbrev_attribute(format, &subpos, false, subabbrev, DWA_NAME, &retstr)) - goto lfds_error; - } - else retstr = strdup(_("[no name]")); - - if (retstr != NULL) - { - proto_len += strlen(retstr) + (!is_pointer ? 1 : 0) + 1; - prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); - if (!is_pointer) strcat(prototype, " "); - strcat(prototype, retstr); - - free(retstr); - - } - - break; - - default: - goto exit_loop; - break; - - } - - if (!skip_dwarf_abbrev(format, &subpos, subabbrev)) - goto lfds_error; - - } - - exit_loop: - - proto_len += 1; - prototype = (char *)realloc(prototype, (proto_len + 1) * sizeof(char)); - strcat(prototype, ")"); - - result->prototype = prototype; - - return result; - - lfds_error: - - if (result->name != NULL) free(result->name); - if (result->prototype != NULL) free(result->prototype); - - free(result); - - return NULL; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à compléter. * -* abbrev = abréviation associée au type. * -* pos = tête de lecture à avoir sous le coude. * -* cu = unité de compilation courante. * -* * -* Description : Obtient la description humaine d'un type. * -* * -* Retour : Chaîne de caractères en cas de succès, NULL sinon. * -* * -* Remarques : - * -* * -******************************************************************************/ - -char *resolve_dwarf_function_type(dwarf_format *format, const dw_abbrev *abbrev, const off_t *pos, const compil_unit *cu) -{ - char *result; /* Description à retourner */ - off_t oldpos; /* Conservation de l'indice */ - uint32_t type_pos; /* Sous-type détecté */ - uint64_t index; /* Indice de l'abréviation... */ - const dw_abbrev *subabbrev; /* ... et abréviation associée */ - size_t len; /* Longeur d'un résultat */ - - result = NULL; - oldpos = *pos; - - switch (abbrev->tag) - { - /* 0x04 */ - case DWT_ENUMERATION_TYPE: - - oldpos = *pos; - read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result); - - if (result != NULL) - { - len = strlen(result); - - result = (char *)realloc(result, (strlen("enum ") + len + 1) * sizeof(char)); - memmove(&result[strlen("enum ")], result, len); - memcpy(result, "enum ", strlen("enum ")); - - } - - break; - - /* 0x0f */ - case DWT_POINTER_TYPE: - - if (test_dwarf_abbrev_attribute(abbrev, DWA_TYPE)) - { - if (!read_dwarf_abbrev_attribute(format, &oldpos, true, abbrev, DWA_TYPE, &type_pos)) - return NULL; - - oldpos = cu->startpos + type_pos; - - subabbrev = find_dwarf_abbreviations(format, &cu->offset, &oldpos); - - result = resolve_dwarf_function_type(format, subabbrev, &oldpos, cu); - - } - else result = strdup("void"); - - if (result != NULL) - { - len = strlen(result); - - if (result[len - 1] == '*') - { - result = (char *)realloc(result, (len + 2) * sizeof(char)); - result[len] = '*'; - } - else - { - result = (char *)realloc(result, (len + 3) * sizeof(char)); - strcat(result, " *"); - } - - } - - break; - - /* 0x13 */ - case DWT_STRUCTURE_TYPE: - - oldpos = *pos; - read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result); - - if (result != NULL) - { - len = strlen(result); - - result = (char *)realloc(result, (strlen("struct ") + len + 1) * sizeof(char)); - memmove(&result[strlen("struct ")], result, len); - memcpy(result, "struct ", strlen("struct ")); - - } - - break; - - /* 0x16 */ - case DWT_TYPEDEF: - oldpos = *pos; - read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result); - break; - - /* 0x24 */ - case DWT_BASE_TYPE: - oldpos = *pos; - read_dwarf_abbrev_attribute(format, &oldpos, true /* ??? */, abbrev, DWA_NAME, &result); - break; - - /* 0x26 */ - case DWT_CONST_TYPE: - - - - if (read_dwarf_abbrev_attribute(format, &oldpos, true, abbrev, DWA_TYPE, &type_pos)) - printf(" ## sub type :: 0x%08x\n", type_pos); - else printf(" error: no type\n"); - - oldpos = cu->startpos + type_pos; - - - - - - - subabbrev = find_dwarf_abbreviations(format, &cu->offset, &oldpos); - printf("subabbrev == %p\n", subabbrev); - - - - - result = resolve_dwarf_function_type(format, subabbrev, &oldpos, cu); - - if (result != NULL) - { - len = strlen(result); - - result = (char *)realloc(result, (strlen("const ") + len + 1) * sizeof(char)); - memmove(&result[strlen("const ")], result, len); - memcpy(result, "const ", strlen("const ")); - - } - - break; - - default: - printf("### NOT HANDLED ### Tag :: 0x%02x\n", abbrev->tag); - break; - - } - - return result; - -} -#endif diff --git a/src/format/dwarf/info.h b/src/format/dwarf/info.h deleted file mode 100644 index 76220e5..0000000 --- a/src/format/dwarf/info.h +++ /dev/null @@ -1,63 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * info.h - prototypes pour la lecture des informations principales du format DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_INFO_H -#define _FORMAT_DWARF_INFO_H - - -#include - - -#include "dwarf.h" - - - -/* Charge les informations depuis une section ".debug_info". */ -bool load_dwarf_debug_information(GDwarfFormat *); - - - - - - - - -#if 0 - -#include - - -#include "d_dwarf.h" - - - -/* Charge les informations trouvées dans un DWARF. */ -bool load_dwarf_information(dwarf_format *); - -/* Décharge les informations trouvées dans un DWARF. */ -void unload_dwarf_information(dwarf_format *); -#endif - - - -#endif /* _FORMAT_DWARF_INFO_H */ diff --git a/src/format/dwarf/symbols.c b/src/format/dwarf/symbols.c deleted file mode 100644 index 3ddfb96..0000000 --- a/src/format/dwarf/symbols.c +++ /dev/null @@ -1,316 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * symbols.c - gestion des symboles d'un DWARF - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "symbols.h" - - -#include "die.h" -#include "dwarf-int.h" -#include "form.h" -#include "../../core/params.h" -#include "../../mangling/demangler.h" - - - -/* Charge les informations d'une routine en tant que symbole. */ -static bool load_routine_as_symbol_from_dwarf(GDwarfFormat *, const dw_die *, const dw_abbrev *, bool); - -/* Charge les informations d'un objet en tant que symbole. */ -static bool load_object_as_symbol_from_dwarf(GDwarfFormat *, const dw_die *, const dw_abbrev *, bool); - - - -/****************************************************************************** -* * -* Paramètres : format = description de l'exécutable à compléter. * -* die = entrée d'informations de débogage à utiliser. * -* abbrev = abréviation déjà chargée sur laquelle s'appuyer. * -* use_virt = oriente le choix de la distinction ultime. * -* * -* Description : Charge les informations d'une routine en tant que symbole. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool load_routine_as_symbol_from_dwarf(GDwarfFormat *format, const dw_die *die, const dw_abbrev *abbrev, bool use_virt) -{ - DwarfForm form; /* Type d'une valeur d'attribut*/ - const dw_form_value *value; /* Valeur concrète d'attribut */ - virt_t virt; /* Adresse virtuelle de départ */ - bool status; /* Bilan d'une récupération */ - virt_t len; /* Taille de la zone couverte */ - vmpa2t addr; /* Localisation complète */ - mrange_t range; /* Espace de couverture total */ - const char *name; /* Désignation humaine */ - char alt_name[6 + VMPA_MAX_LEN]; /* Nom abstrait de substitution*/ - GBinRoutine *routine; /* Nouvelle routine trouvée */ - GBinSymbol *symbol; /* Nouveau symbole construit */ - - /* Surface couverte */ - - value = dw_die_peek_extended_value(die, DW_AT_low_pc, &form); - if (value == NULL) goto lrasfd_bad_start; - - status = translate_form_into_address(value, form, &virt); - if (!status) goto lrasfd_bad_start; - - value = dw_die_peek_extended_value(die, DW_AT_high_pc, &form); - if (value == NULL) goto lrasfd_bad_start; - - status &= translate_form_into_address(value, form, &len); - if (!status) goto lrasfd_bad_start; - - if (!g_exe_format_translate_address_into_vmpa(G_DBG_FORMAT(format)->executable, virt, &addr)) - init_vmpa(&addr, VMPA_NO_PHYSICAL, virt); - - init_mrange(&range, &addr, len); - - /* Désignation humaine */ - - value = dw_die_peek_extended_value(die, DW_AT_name, &form); - if (value == NULL) goto lrasfd_bad_name; - - name = translate_form_into_string(value, form); - - if (name == NULL) - { - strcpy(alt_name, "func_"); - - if (use_virt) - vmpa2_virt_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL); - else - vmpa2_phys_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL); - - name = alt_name; - - } - - /* Intégration en bonne et due forme */ - - routine = g_binary_format_decode_routine(G_BIN_FORMAT(format), name); - symbol = G_BIN_SYMBOL(routine); - - g_binary_symbol_set_range(symbol, &range); - - g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol); - - - - - printf(" --> [valid ?= %d] start @ 0x%08llx\n", status, virt); - printf(" --> [valid ?= %d] len = 0x%08llx\n", status, len); - printf(" --> [valid ?= %d] name = '%s'\n", status, name); - - - return true; - - lrasfd_bad_start: - lrasfd_bad_name: - - return false; - -} - - -/****************************************************************************** -* * -* Paramètres : format = description de l'exécutable à compléter. * -* die = entrée d'informations de débogage à utiliser. * -* abbrev = abréviation déjà chargée sur laquelle s'appuyer. * -* use_virt = oriente le choix de la distinction ultime. * -* * -* Description : Charge les informations d'un objet en tant que symbole. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -static bool load_object_as_symbol_from_dwarf(GDwarfFormat *format, const dw_die *die, const dw_abbrev *abbrev, bool use_virt) -{ - DwarfForm form; /* Type d'une valeur d'attribut*/ - const dw_form_value *value; /* Valeur concrète d'attribut */ - virt_t virt; /* Adresse virtuelle de départ */ - bool status; /* Bilan d'une récupération */ - virt_t len; /* Taille de la zone couverte */ - vmpa2t addr; /* Localisation complète */ - mrange_t range; /* Espace de couverture total */ - const char *name; /* Désignation humaine */ - char alt_name[5 + VMPA_MAX_LEN]; /* Nom abstrait de substitution*/ - GBinRoutine *routine; /* Nouvelle routine trouvée */ - GBinSymbol *symbol; /* Nouveau symbole construit */ - - /* Surface couverte */ - - - - - - - /* - value = dw_die_peek_extended_value(die, DW_AT_low_pc, &form); - if (value == NULL) goto lrasfd_bad_start; - - status = translate_form_into_address(value, form, &virt); - if (!status) goto lrasfd_bad_start; - - value = dw_die_peek_extended_value(die, DW_AT_high_pc, &form); - if (value == NULL) goto lrasfd_bad_start; - - status &= translate_form_into_address(value, form, &len); - if (!status) goto lrasfd_bad_start; - - if (!g_exe_format_translate_address_into_vmpa(G_DBG_FORMAT(format)->executable, virt, &addr)) - init_vmpa(&addr, VMPA_NO_PHYSICAL, virt); - - init_mrange(&range, &addr, len); - */ - - - - - - /* Désignation humaine */ - - value = dw_die_peek_extended_value(die, DW_AT_name, &form); - if (value == NULL) goto lrasfd_bad_name; - - name = translate_form_into_string(value, form); - - if (name == NULL) - { - strcpy(alt_name, "obj_"); - - if (use_virt) - vmpa2_virt_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL); - else - vmpa2_phys_to_string(&addr, MDS_UNDEFINED, alt_name + 5, NULL); - - name = alt_name; - - } - - /* Intégration en bonne et due forme */ - - /* - routine = try_to_demangle_routine(name); - - g_binary_symbol_set_range(G_BIN_SYMBOL(routine), &range); - - symbol = g_binary_symbol_new(NULL, STP_OBJECT); - g_binary_symbol_attach_routine(symbol, routine); - - g_binary_format_add_symbol(G_BIN_FORMAT(format), symbol); - */ - - - - //printf(" --> [valid ?= %d] start @ 0x%08llx\n", status, virt); - //printf(" --> [valid ?= %d] len = 0x%08llx\n", status, len); - //printf(" --> [valid ?= %d] name = '%s'\n", status, name); - - - return true; - - lrasfd_bad_start: - lrasfd_bad_name: - - return false; - -} - - -/****************************************************************************** -* * -* Paramètres : format = description de l'exécutable à compléter. * -* * -* Description : Charge en mémoire la liste humaine des symboles. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool load_dwarf_symbols(GDwarfFormat *format) -{ - bool result; /* Bilan à retourner */ - bool no_name; /* Choix de construction de nom*/ - - typedef struct _die_visit_info - { - GDwarfFormat *format; - bool use_virt; - - } die_visit_info; - - die_visit_info vinfo; /* Information pour visiteur */ - - - bool catch_dwarf_symbol(const dw_die *die, die_visit_info *info) - { - const dw_abbrev *abbrev; /* Lien vers la représentation */ - DwarfTag tag; /* Etiquette à analyser */ - bool status; /* Bilan d'un chargement */ - - abbrev = dw_die_get_abbrev(die); - tag = dwarf_abbreviation_get_tag(abbrev); - - switch (tag) - { - case DW_TAG_subprogram: - printf(" DIE ==> %p -> %p // tag = %x\n", die, abbrev, tag); - status = load_routine_as_symbol_from_dwarf(info->format, die, abbrev, info->use_virt); - break; - - case DW_TAG_variable: - printf(" DIE ==> %p -> %p // tag = %x\n", die, abbrev, tag); - status = load_object_as_symbol_from_dwarf(info->format, die, abbrev, info->use_virt); - break; - - default: - status = true; - break; - - } - - return status; - - } - - - if (!g_generic_config_get_value(get_main_configuration(), MPK_FORMAT_NO_NAME, &no_name)) - return false; - - vinfo.format = format; - vinfo.use_virt = no_name; - - result = dw_die_visit(format->info_die, (visit_dies_fc)catch_dwarf_symbol, &vinfo); - - return result; - -} diff --git a/src/format/dwarf/symbols.h b/src/format/dwarf/symbols.h deleted file mode 100644 index 128f00c..0000000 --- a/src/format/dwarf/symbols.h +++ /dev/null @@ -1,40 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * symbols.h - prototypes pour la gestion des symboles d'un DWARF - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_SYMBOLS_H -#define _FORMAT_DWARF_SYMBOLS_H - - -#include - - -#include "dwarf.h" - - - -/* Charge en mémoire la liste humaine des symboles. */ -bool load_dwarf_symbols(GDwarfFormat *); - - - -#endif /* _FORMAT_DWARF_SYMBOLS_H */ diff --git a/src/format/dwarf/utils.c b/src/format/dwarf/utils.c deleted file mode 100644 index b767970..0000000 --- a/src/format/dwarf/utils.c +++ /dev/null @@ -1,304 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * utils.h - prototypes pour les fonctions d'aisance vis à vis du format DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "utils.h" - - -#include - - -#include "dwarf-int.h" - - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à consulter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* value = valeur au format LEB128 lue. [OUT] * -* update = indique si la position est à mettre à jour. * -* * -* Description : Lit une valeur Little Endian Base 128 signée. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : En cas d'échec, la tête de lecture est indéterminée. * -* * -******************************************************************************/ - -bool read_leb128(dwarf_format *format, off_t *pos, int64_t *value, bool update) -{ - off_t curpos; /* Tête de lecture effective */ - int shift; /* Décalage à appliquer */ - off_t i; /* Boucle de parcours */ - - curpos = *pos; - shift = 0; - *value = 0; - - for (i = 0; i < 8; i++) - { - /* On évite les débordements... */ - if (curpos >= DBG_FORMAT(format)->length) return false; - - *value |= (DBG_FORMAT(format)->content[curpos] & 0x7f) << shift; - - shift += 7; - curpos++; - - if ((DBG_FORMAT(format)->content[*pos + i] & 0x80) == 0x00) break; - - } - - if ((shift < 64) && (DBG_FORMAT(format)->content[curpos - 1] & 0x40) == 0x40) - *value |= - (1 << shift); - - if (update) *pos = curpos; - - return (i < 8); - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à consulter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* value = valeur au format LEB128 lue. [OUT] * -* update = indique si la position est à mettre à jour. * -* * -* Description : Lit une valeur Little Endian Base 128 non signée. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : En cas d'échec, la tête de lecture est indéterminée. * -* * -******************************************************************************/ - -bool read_uleb128(dwarf_format *format, off_t *pos, uint64_t *value, bool update) -{ - off_t curpos; /* Tête de lecture effective */ - int shift; /* Décalage à appliquer */ - off_t i; /* Boucle de parcours */ - - curpos = *pos; - shift = 0; - *value = 0; - - for (i = 0; i < 8; i++) - { - /* On évite les débordements... */ - if (curpos >= DBG_FORMAT(format)->length) return false; - - *value |= (DBG_FORMAT(format)->content[curpos] & 0x7f) << shift; - - shift += 7; - curpos++; - - if ((DBG_FORMAT(format)->content[*pos + i] & 0x80) == 0x00) break; - - } - - if (update) *pos = curpos; - - return (i < 8); - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à consulter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* value = valeur entière lue. [OUT] * -* * -* Description : Lit une valeur représentant une longueur d'unité. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : Un peu sale : la sortie est signée et dépend du système, * -* alors que la valeur est non signée et dépend de la cible. * -* * -******************************************************************************/ - -bool read_unit_length(dwarf_format *format, off_t *pos, off_t *value) -{ - bool result; /* Bilan à retourner */ - uint32_t val32; /* Entier sur 4 octets */ - uint64_t val64; /* Entier sur 8 octets */ - - /* FIXME : Endian... */ - - if (format->format == DWF_32_BITS) - { - result = ((*pos + 4) <= DBG_FORMAT(format)->length); - - if (result) - { - memcpy(&val32, &DBG_FORMAT(format)->content[*pos], 4); - (*pos) += 4; - - *value = val32; - - } - - } - else - { - result = ((*pos + 4 + 8) <= DBG_FORMAT(format)->length); - - if (result) - { - memcpy(&val64, &DBG_FORMAT(format)->content[*pos + 4], 8); - (*pos) += 4 + 8; - - *value = val64; - - } - - } - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à consulter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* value = valeur entière non signée lue. [OUT] * -* * -* Description : Lit une valeur non signée sur deux octets. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_uhalf(dwarf_format *format, off_t *pos, uint16_t *value) -{ - bool result; /* Bilan à retourner */ - - /* FIXME : Endian... */ - - result = ((*pos + 2) <= DBG_FORMAT(format)->length); - - if (result) - { - memcpy(value, &DBG_FORMAT(format)->content[*pos], 2); - (*pos) += 2; - } - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à consulter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* value = valeur entière lue. [OUT] * -* * -* Description : Lit une valeur indiquant une position dans les abréviations. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : Un peu sale : la sortie est signée et dépend du système, * -* alors que la valeur est non signée et dépend de la cible. * -* * -******************************************************************************/ - -bool read_abbrev_offset(dwarf_format *format, off_t *pos, off_t *value) -{ - bool result; /* Bilan à retourner */ - uint32_t val32; /* Entier sur 4 octets */ - uint64_t val64; /* Entier sur 8 octets */ - - /* FIXME : Endian... */ - - if (format->format == DWF_32_BITS) - { - result = ((*pos + 4) <= DBG_FORMAT(format)->length); - - if (result) - { - memcpy(&val32, &DBG_FORMAT(format)->content[*pos], 4); - (*pos) += 4; - - *value = val32; - - } - - } - else - { - result = ((*pos + 8) <= DBG_FORMAT(format)->length); - - if (result) - { - memcpy(&val64, &DBG_FORMAT(format)->content[*pos], 8); - (*pos) += 8; - - *value = val64; - - } - - } - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = informations de débogage à consulter. * -* pos = tête de lecture à mettre à jour. [OUT] * -* value = valeur entière non signée lue. [OUT] * -* * -* Description : Lit une valeur indiquant la taille des adresses mémoire. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_address_size(dwarf_format *format, off_t *pos, uint8_t *value) -{ - bool result; /* Bilan à retourner */ - - result = ((*pos + 1) <= DBG_FORMAT(format)->length); - - if (result) - { - *value = DBG_FORMAT(format)->content[*pos]; - (*pos)++; - } - - return result; - -} diff --git a/src/format/dwarf/utils.h b/src/format/dwarf/utils.h deleted file mode 100644 index 6727082..0000000 --- a/src/format/dwarf/utils.h +++ /dev/null @@ -1,56 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * utils.h - prototypes pour les fonctions d'aisance vis à vis du format DWARF - * - * Copyright (C) 2008-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_UTILS_H -#define _FORMAT_DWARF_UTILS_H - - -#include -#include - - -#include "d_dwarf.h" - - - -/* Lit une valeur Little Endian Base 128 signée. */ -bool read_leb128(dwarf_format *, off_t *, int64_t *, bool); - -/* Lit une valeur Little Endian Base 128 non signée. */ -bool read_uleb128(dwarf_format *, off_t *, uint64_t *, bool); - -/* Lit une valeur représentant une longueur d'unité. */ -bool read_unit_length(dwarf_format *, off_t *, off_t *); - -/* Lit une valeur non signée sur deux octets. */ -bool read_uhalf(dwarf_format *, off_t *, uint16_t *); - -/* Lit une valeur indiquant une position dans les abréviations. */ -bool read_abbrev_offset(dwarf_format *, off_t *, off_t *); - -/* Lit une valeur indiquant la taille des adresses mémoire. */ -bool read_address_size(dwarf_format *, off_t *, uint8_t *); - - - -#endif /* _FORMAT_DWARF_UTILS_H */ diff --git a/src/format/dwarf/v2/Makefile.am b/src/format/dwarf/v2/Makefile.am deleted file mode 100644 index d1fc563..0000000 --- a/src/format/dwarf/v2/Makefile.am +++ /dev/null @@ -1,18 +0,0 @@ - -noinst_LTLIBRARIES = libformatdwarfv2.la - -libformatdwarfv2_la_SOURCES = \ - dwarf.h dwarf.c \ - form.h form.c - -libformatdwarfv2_la_LDFLAGS = $(LIBGTK_LIBS) - - -devdir = $(includedir)/chrysalide/$(subdir:src/%=%) - -dev_HEADERS = $(libformatdwarfv2_la_SOURCES:%c=) - - -AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) - -AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/src/format/dwarf/v2/dwarf.c b/src/format/dwarf/v2/dwarf.c deleted file mode 100644 index 8f794bf..0000000 --- a/src/format/dwarf/v2/dwarf.c +++ /dev/null @@ -1,180 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.c - support du format DWARF v2 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "dwarf.h" - - -#include "../dwarf-int.h" - - -#include "form.h" - - - -/* Format de débogage DWARF v2 (instance) */ -struct _GDwarfV2Format -{ - GDwarfFormat parent; /* A laisser en premier */ - -}; - -/* Format de débogage DWARF v2 (classe) */ -struct _GDwarfV2FormatClass -{ - GDwarfFormatClass parent; /* A laisser en premier */ - -}; - - -/* Initialise la classe des formats de débogage DWARF v2. */ -static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *); - -/* Initialise une instance de format de débogage DWARF v2. */ -static void g_dwarfv2_format_init(GDwarfV2Format *); - -/* Supprime toutes les références externes. */ -static void g_dwarfv2_format_dispose(GDwarfV2Format *); - -/* Procède à la libération totale de la mémoire. */ -static void g_dwarfv2_format_finalize(GDwarfV2Format *); - - - -/* Indique le type défini pour un format de débogage DWARF v2. */ -G_DEFINE_TYPE(GDwarfV2Format, g_dwarfv2_format, G_TYPE_DWARF_FORMAT); - - -/****************************************************************************** -* * -* Paramètres : klass = classe à initialiser. * -* * -* Description : Initialise la classe des formats de débogage DWARF v2. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *klass) -{ - GObjectClass *object; /* Autre version de la classe */ - GDwarfFormatClass *dwarf; /* Version parente de la classe*/ - - object = G_OBJECT_CLASS(klass); - - object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv2_format_dispose; - object->finalize = (GObjectFinalizeFunc)g_dwarfv2_format_finalize; - - dwarf = G_DWARF_FORMAT_CLASS(klass); - - dwarf->read_form = (read_form_value_fc)read_dwarf_v2_form_value; - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance à initialiser. * -* * -* Description : Initialise une instance de format de débogage DWARF v2. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv2_format_init(GDwarfV2Format *format) -{ - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Supprime toutes les références externes. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv2_format_dispose(GDwarfV2Format *format) -{ - G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->dispose(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Procède à la libération totale de la mémoire. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv2_format_finalize(GDwarfV2Format *format) -{ - G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->finalize(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : content = contenu binaire à parcourir. * -* parent = éventuel format exécutable déjà chargé. * - status = barre de statut à tenir informée. * -* * -* Description : Prend en charge un nouveau format DWARF (v2). * -* * -* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* -* * -* Remarques : - * -* * -******************************************************************************/ - -GBinFormat *g_dwarfv2_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) -{ - GDwarfV2Format *result; /* Structure à retourner */ - - result = g_object_new(G_TYPE_DWARFV2_FORMAT, NULL); - - - - g_binary_format_set_content(G_BIN_FORMAT(result), content); - - - - return G_BIN_FORMAT(result); - -} diff --git a/src/format/dwarf/v2/dwarf.h b/src/format/dwarf/v2/dwarf.h deleted file mode 100644 index f3b3501..0000000 --- a/src/format/dwarf/v2/dwarf.h +++ /dev/null @@ -1,58 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.h - prototypes pour le support du format DWARF v2 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_V2_DWARF_H -#define _FORMAT_DWARF_V2_DWARF_H - - -#include - - -#include "../../../core/formats.h" - - - -#define G_TYPE_DWARFV2_FORMAT g_dwarfv2_format_get_type() -#define G_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv2_format_get_type(), GDwarfV2Format)) -#define G_IS_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv2_format_get_type())) -#define G_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) -#define G_IS_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV2_FORMAT)) -#define G_DWARFV2_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) - - -/* Format de débogage DWARF v2 (instance) */ -typedef struct _GDwarfV2Format GDwarfV2Format; - -/* Format de débogage DWARF v2 (classe) */ -typedef struct _GDwarfV2FormatClass GDwarfV2FormatClass; - - -/* Indique le type défini pour un format de débogage DWARF v2. */ -GType g_dwarfv2_format_get_type(void); - -/* Prend en charge un nouveau format DWARF (v2). */ -GBinFormat *g_dwarfv2_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); - - - -#endif /* _FORMAT_DWARF_V2_DWARF_H */ diff --git a/src/format/dwarf/v2/form.c b/src/format/dwarf/v2/form.c deleted file mode 100644 index 7e012b7..0000000 --- a/src/format/dwarf/v2/form.c +++ /dev/null @@ -1,276 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * form.c - chargement en mémoire des valeurs d'attributs - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "form.h" - - -#include "../dwarf-int.h" - - - -/****************************************************************************** -* * -* Paramètres : format = contenu binaire de débogage à parcourir. * -* cu = unité de compilation parente. * -* form = nature de la valeur à lire. * -* pos = tête de lecture au sein des données. [OUT] * -* value = valeur au format donné lue. [OUT] * -* * -* Description : Lit la valeur correspondant à un type donné. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_v2_form_value(const GDwarfFormat *format, const dw_compil_unit_header *cu, DwarfForm form, vmpa2t *pos, dw_v2_form_value *value) -{ - bool result; /* Bilan de lecture à renvoyer */ - GBinContent *content; /* Contenu binaire à parcourir */ - SourceEndian endian; /* Boutisme des enregistrements*/ - GExeFormat *exe; /* Format d'exécutable rattaché*/ - const bin_t *tmp; /* Données quelconques */ - uint8_t tmp8; /* Données sur 8 bits */ - uint16_t tmp16; /* Données sur 16 bits */ - uint32_t tmp32; /* Données sur 32 bits */ - uint64_t tmp64; /* Données sur 64 bits */ - uleb128_t tmpuleb; /* Données sur xxx bits */ - phys_t offset; /* Décalage à appliquer */ - mrange_t range; /* Couverture d'une section */ - vmpa2t iter; /* Point de lecture parallèle */ - - content = G_BIN_FORMAT(format)->content; - endian = g_binary_format_get_endianness(G_BIN_FORMAT(format)); - exe = G_DBG_FORMAT(format)->executable; - - switch (form) - { - case DW_FORM_addr: - - switch (cu->address_size) - { - case 2: - result = g_binary_content_read_u16(content, pos, endian, &tmp16); - if (result) value->address = tmp16; - break; - case 4: - result = g_binary_content_read_u32(content, pos, endian, &tmp32); - if (result) value->address = tmp32; - break; - case 8: - result = g_binary_content_read_u64(content, pos, endian, &tmp64); - if (result) value->address = tmp64; - break; - default: - result = false; - break; - } - break; - - case DW_FORM_block2: - result = g_binary_content_read_u16(content, pos, endian, &tmp16); - if (result) - { - value->block.size = tmp16; - goto block_finish; - } - break; - - case DW_FORM_block4: - result = g_binary_content_read_u32(content, pos, endian, &tmp32); - if (result) - { - value->block.size = tmp32; - goto block_finish; - } - break; - - case DW_FORM_data2: - result = g_binary_content_read_u16(content, pos, endian, &value->data2); - break; - - case DW_FORM_data4: - result = g_binary_content_read_u32(content, pos, endian, &value->data4); - break; - - case DW_FORM_data8: - result = g_binary_content_read_u64(content, pos, endian, &value->data8); - break; - - case DW_FORM_string: - - tmp = g_binary_content_get_raw_access(content, pos, 1); - result = (tmp != NULL); - - if (result) - { - value->string = (const char *)tmp; - - while (result && *tmp != '\0') - { - tmp = g_binary_content_get_raw_access(content, pos, 1); - result = (tmp != NULL); - } - - } - - break; - - case DW_FORM_block: - - tmpuleb = 0; /* Pour GCC */ - - result = g_binary_content_read_uleb128(content, pos, &tmpuleb); - if (!result) break; - - value->block.size = tmpuleb; - - block_finish: - - value->block.start = g_binary_content_get_raw_access(content, pos, value->block.size); - - result = (value->block.start != NULL); - break; - - case DW_FORM_block1: - result = g_binary_content_read_u8(content, pos, &tmp8); - if (result) - { - value->block.size = tmp8; - goto block_finish; - } - break; - - case DW_FORM_data1: - result = g_binary_content_read_u8(content, pos, &value->data1); - break; - - case DW_FORM_flag: - result = g_binary_content_read_u8(content, pos, &value->flag); - break; - - case DW_FORM_sdata: - result = g_binary_content_read_leb128(content, pos, &value->sdata); - break; - - case DW_FORM_strp: - - /* Définition des positions */ - - if (cu->is_32b) - { - result = g_binary_content_read_u32(content, pos, endian, &tmp32); - offset = tmp32; - } - else - { - result = g_binary_content_read_u64(content, pos, endian, &tmp64); - offset = tmp64; - } - - /* Lecture dans la section adaptée */ - - if (result) - result = g_exe_format_get_section_range_by_name(exe, ".debug_str", &range); - - if (result) - { - copy_vmpa(&iter, get_mrange_addr(&range)); - - result = g_binary_content_seek(content, &iter, offset); - - if (!result) - break; - - tmp = g_binary_content_get_raw_access(content, &iter, 1); - result = (tmp != NULL); - - if (result) - { - value->string = (const char *)tmp; - - while (result && *tmp != '\0') - { - tmp = g_binary_content_get_raw_access(content, &iter, 1); - result = (tmp != NULL); - } - - } - - } - - break; - - case DW_FORM_udata: - result = g_binary_content_read_uleb128(content, pos, &value->udata); - break; - - - - - - - - - - - - case DW_FORM_ref1: - result = g_binary_content_read_u8(content, pos, &value->ref1); - break; - - case DW_FORM_ref2: - result = g_binary_content_read_u16(content, pos, endian, &value->ref2); - break; - - case DW_FORM_ref4: - result = g_binary_content_read_u32(content, pos, endian, &value->ref4); - break; - - case DW_FORM_ref8: - result = g_binary_content_read_u64(content, pos, endian, &value->ref8); - break; - - case DW_FORM_ref_udata: - result = g_binary_content_read_uleb128(content, pos, &value->ref_udata); - break; - - - - - - - - - - - default: - result = false; - break; - - } - - return result; - -} diff --git a/src/format/dwarf/v2/form.h b/src/format/dwarf/v2/form.h deleted file mode 100644 index a124e67..0000000 --- a/src/format/dwarf/v2/form.h +++ /dev/null @@ -1,39 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * form.h - prototypes pour le chargement en mémoire des valeurs d'attributs - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_V2_FORM_H -#define _FORMAT_DWARF_V2_FORM_H - - -#include "../dwarf.h" -#include "../dwarf_def.h" -#include "../../../analysis/content.h" - - - -/* Lit la valeur correspondant à un type donné. */ -bool read_dwarf_v2_form_value(const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_v2_form_value *); - - - -#endif /* _FORMAT_DWARF_V2_FORM_H */ diff --git a/src/format/dwarf/v3/Makefile.am b/src/format/dwarf/v3/Makefile.am deleted file mode 100644 index f6c12c3..0000000 --- a/src/format/dwarf/v3/Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ - -noinst_LTLIBRARIES = libformatdwarfv3.la - -libformatdwarfv3_la_SOURCES = \ - dwarf.h dwarf.c - -libformatdwarfv3_la_LDFLAGS = $(LIBGTK_LIBS) - - -devdir = $(includedir)/chrysalide/$(subdir:src/%=%) - -dev_HEADERS = $(libformatdwarfv3_la_SOURCES:%c=) - - -AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) - -AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/src/format/dwarf/v3/dwarf.c b/src/format/dwarf/v3/dwarf.c deleted file mode 100644 index 942c289..0000000 --- a/src/format/dwarf/v3/dwarf.c +++ /dev/null @@ -1,172 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.c - support du format DWARF v3 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "dwarf.h" - - -#include "../dwarf-int.h" - - - -/* Format de débogage DWARF v3 (instance) */ -struct _GDwarfV3Format -{ - GDwarfFormat parent; /* A laisser en premier */ - -}; - -/* Format de débogage DWARF v3 (classe) */ -struct _GDwarfV3FormatClass -{ - GDwarfFormatClass parent; /* A laisser en premier */ - -}; - - -/* Initialise la classe des formats de débogage DWARF v3. */ -static void g_dwarfv3_format_class_init(GDwarfV3FormatClass *); - -/* Initialise une instance de format de débogage DWARF v3. */ -static void g_dwarfv3_format_init(GDwarfV3Format *); - -/* Supprime toutes les références externes. */ -static void g_dwarfv3_format_dispose(GDwarfV3Format *); - -/* Procède à la libération totale de la mémoire. */ -static void g_dwarfv3_format_finalize(GDwarfV3Format *); - - - -/* Indique le type défini pour un format de débogage DWARF v3. */ -G_DEFINE_TYPE(GDwarfV3Format, g_dwarfv3_format, G_TYPE_DWARF_FORMAT); - - -/****************************************************************************** -* * -* Paramètres : klass = classe à initialiser. * -* * -* Description : Initialise la classe des formats de débogage DWARF v3. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv3_format_class_init(GDwarfV3FormatClass *klass) -{ - GObjectClass *object; /* Autre version de la classe */ - - object = G_OBJECT_CLASS(klass); - - object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv3_format_dispose; - object->finalize = (GObjectFinalizeFunc)g_dwarfv3_format_finalize; - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance à initialiser. * -* * -* Description : Initialise une instance de format de débogage DWARF v3. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv3_format_init(GDwarfV3Format *format) -{ - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Supprime toutes les références externes. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv3_format_dispose(GDwarfV3Format *format) -{ - G_OBJECT_CLASS(g_dwarfv3_format_parent_class)->dispose(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Procède à la libération totale de la mémoire. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv3_format_finalize(GDwarfV3Format *format) -{ - G_OBJECT_CLASS(g_dwarfv3_format_parent_class)->finalize(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : content = contenu binaire à parcourir. * -* parent = éventuel format exécutable déjà chargé. * - status = barre de statut à tenir informée. * -* * -* Description : Prend en charge un nouveau format DWARF (v3). * -* * -* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* -* * -* Remarques : - * -* * -******************************************************************************/ - -GBinFormat *g_dwarfv3_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) -{ - GDwarfV3Format *result; /* Structure à retourner */ - - result = g_object_new(G_TYPE_DWARFV3_FORMAT, NULL); - - - - g_binary_format_set_content(G_BIN_FORMAT(result), content); - - - - return G_BIN_FORMAT(result); - -} diff --git a/src/format/dwarf/v3/dwarf.h b/src/format/dwarf/v3/dwarf.h deleted file mode 100644 index 5042b89..0000000 --- a/src/format/dwarf/v3/dwarf.h +++ /dev/null @@ -1,58 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.h - prototypes pour le support du format DWARF v3 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_V3_DWARF_H -#define _FORMAT_DWARF_V3_DWARF_H - - -#include - - -#include "../../../core/formats.h" - - - -#define G_TYPE_DWARFV3_FORMAT g_dwarfv3_format_get_type() -#define G_DWARFV3_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv3_format_get_type(), GDwarfV3Format)) -#define G_IS_DWARFV3_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv3_format_get_type())) -#define G_DWARFV3_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV3_FORMAT, GDwarfV3FormatClass)) -#define G_IS_DWARFV3_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV3_FORMAT)) -#define G_DWARFV3_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV3_FORMAT, GDwarfV3FormatClass)) - - -/* Format de débogage DWARF v3 (instance) */ -typedef struct _GDwarfV3Format GDwarfV3Format; - -/* Format de débogage DWARF v3 (classe) */ -typedef struct _GDwarfV3FormatClass GDwarfV3FormatClass; - - -/* Indique le type défini pour un format de débogage DWARF v3. */ -GType g_dwarfv3_format_get_type(void); - -/* Prend en charge un nouveau format DWARF (v3). */ -GBinFormat *g_dwarfv3_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); - - - -#endif /* _FORMAT_DWARF_V3_DWARF_H */ diff --git a/src/format/dwarf/v4/Makefile.am b/src/format/dwarf/v4/Makefile.am deleted file mode 100644 index ca77923..0000000 --- a/src/format/dwarf/v4/Makefile.am +++ /dev/null @@ -1,18 +0,0 @@ - -noinst_LTLIBRARIES = libformatdwarfv4.la - -libformatdwarfv4_la_SOURCES = \ - dwarf.h dwarf.c \ - form.h form.c - -libformatdwarfv4_la_LDFLAGS = $(LIBGTK_LIBS) - - -devdir = $(includedir)/chrysalide/$(subdir:src/%=%) - -dev_HEADERS = $(libformatdwarfv4_la_SOURCES:%c=) - - -AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) - -AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/src/format/dwarf/v4/dwarf.c b/src/format/dwarf/v4/dwarf.c deleted file mode 100644 index a220aff..0000000 --- a/src/format/dwarf/v4/dwarf.c +++ /dev/null @@ -1,182 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.c - support du format DWARF v4 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "dwarf.h" - - -#include "../dwarf-int.h" - - -#include "form.h" - - - -/* Format de débogage DWARF v4 (instance) */ -struct _GDwarfV4Format -{ - GDwarfFormat parent; /* A laisser en premier */ - -}; - -/* Format de débogage DWARF v4 (classe) */ -struct _GDwarfV4FormatClass -{ - GDwarfFormatClass parent; /* A laisser en premier */ - -}; - - -/* Initialise la classe des formats de débogage DWARF v4. */ -static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *); - -/* Initialise une instance de format de débogage DWARF v4. */ -static void g_dwarfv4_format_init(GDwarfV4Format *); - -/* Supprime toutes les références externes. */ -static void g_dwarfv4_format_dispose(GDwarfV4Format *); - -/* Procède à la libération totale de la mémoire. */ -static void g_dwarfv4_format_finalize(GDwarfV4Format *); - - - -/* Indique le type défini pour un format de débogage DWARF v4. */ -G_DEFINE_TYPE(GDwarfV4Format, g_dwarfv4_format, G_TYPE_DWARF_FORMAT); - - -/****************************************************************************** -* * -* Paramètres : klass = classe à initialiser. * -* * -* Description : Initialise la classe des formats de débogage DWARF v4. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *klass) -{ - GObjectClass *object; /* Autre version de la classe */ - GDwarfFormatClass *dwarf; /* Version parente de la classe*/ - - object = G_OBJECT_CLASS(klass); - - object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv4_format_dispose; - object->finalize = (GObjectFinalizeFunc)g_dwarfv4_format_finalize; - - dwarf = G_DWARF_FORMAT_CLASS(klass); - - dwarf->read_form = (read_form_value_fc)read_dwarf_v4_form_value; - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance à initialiser. * -* * -* Description : Initialise une instance de format de débogage DWARF v4. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv4_format_init(GDwarfV4Format *format) -{ - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Supprime toutes les références externes. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv4_format_dispose(GDwarfV4Format *format) -{ - G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->dispose(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : format = instance d'objet GLib à traiter. * -* * -* Description : Procède à la libération totale de la mémoire. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -static void g_dwarfv4_format_finalize(GDwarfV4Format *format) -{ - G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->finalize(G_OBJECT(format)); - -} - - -/****************************************************************************** -* * -* Paramètres : content = contenu binaire à parcourir. * -* parent = éventuel format exécutable déjà chargé. * - status = barre de statut à tenir informée. * -* * -* Description : Prend en charge un nouveau format DWARF (v4). * -* * -* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* -* * -* Remarques : - * -* * -******************************************************************************/ - -GBinFormat *g_dwarfv4_format_new(GBinContent *content, GExeFormat *parent, GtkStatusStack *status) -{ - GDwarfV4Format *result; /* Structure à retourner */ - - result = g_object_new(G_TYPE_DWARFV4_FORMAT, NULL); - - g_binary_format_set_content(G_BIN_FORMAT(result), content); - - if (!g_dwarf_format_load(G_DWARF_FORMAT(result), parent)) - { - g_object_unref(G_OBJECT(result)); - result = NULL; - } - - return G_BIN_FORMAT(result); - -} diff --git a/src/format/dwarf/v4/dwarf.h b/src/format/dwarf/v4/dwarf.h deleted file mode 100644 index 89135e3..0000000 --- a/src/format/dwarf/v4/dwarf.h +++ /dev/null @@ -1,58 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dwarf.h - prototypes pour le support du format DWARF v4 - * - * Copyright (C) 2015-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_V4_DWARF_H -#define _FORMAT_DWARF_V4_DWARF_H - - -#include - - -#include "../../../core/formats.h" - - - -#define G_TYPE_DWARFV4_FORMAT g_dwarfv4_format_get_type() -#define G_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv4_format_get_type(), GDwarfV4Format)) -#define G_IS_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv4_format_get_type())) -#define G_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass)) -#define G_IS_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV4_FORMAT)) -#define G_DWARFV4_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass)) - - -/* Format de débogage DWARF v4 (instance) */ -typedef struct _GDwarfV4Format GDwarfV4Format; - -/* Format de débogage DWARF v4 (classe) */ -typedef struct _GDwarfV4FormatClass GDwarfV4FormatClass; - - -/* Indique le type défini pour un format de débogage DWARF v4. */ -GType g_dwarfv4_format_get_type(void); - -/* Prend en charge un nouveau format DWARF (v4). */ -GBinFormat *g_dwarfv4_format_new(GBinContent *, GExeFormat *, GtkStatusStack *); - - - -#endif /* _FORMAT_DWARF_V4_DWARF_H */ diff --git a/src/format/dwarf/v4/form.c b/src/format/dwarf/v4/form.c deleted file mode 100644 index 80dbf1e..0000000 --- a/src/format/dwarf/v4/form.c +++ /dev/null @@ -1,106 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * form.c - chargement en mémoire des valeurs d'attributs - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#include "form.h" - - -#include "../dwarf-int.h" -#include "../v2/form.h" - - - -/****************************************************************************** -* * -* Paramètres : format = contenu binaire de débogage à parcourir. * -* cu = unité de compilation parente. * -* form = nature de la valeur à lire. * -* pos = tête de lecture au sein des données. [OUT] * -* value = valeur au format donné lue. [OUT] * -* * -* Description : Lit la valeur correspondant à un type donné. * -* * -* Retour : Bilan de l'opération. * -* * -* Remarques : - * -* * -******************************************************************************/ - -bool read_dwarf_v4_form_value(const GDwarfFormat *format, const dw_compil_unit_header *cu, DwarfForm form, vmpa2t *pos, dw_v4_form_value *value) -{ - bool result; /* Bilan de lecture à renvoyer */ - GBinContent *content; /* Contenu binaire à parcourir */ - SourceEndian endian; /* Boutisme des enregistrements*/ - uint32_t tmp32; /* Données sur 32 bits */ - uint64_t tmp64; /* Données sur 64 bits */ - uleb128_t tmpuleb; /* Données sur xxx bits */ - - content = G_BIN_FORMAT(format)->content; - endian = g_binary_format_get_endianness(G_BIN_FORMAT(format)); - - switch (form) - { - case DW_FORM_sec_offset: - - if (cu->is_32b) - { - result = g_binary_content_read_u32(content, pos, endian, &tmp32); - tmp64 = tmp32; - } - else - result = g_binary_content_read_u64(content, pos, endian, &tmp64); - - value->sec_offset = tmp64; - break; - - case DW_FORM_exprloc: - - tmpuleb = 0; /* Pour GCC */ - - result = g_binary_content_read_uleb128(content, pos, &tmpuleb); - if (!result) break; - - value->expr.size = tmpuleb; - - value->expr.start = g_binary_content_get_raw_access(content, pos, value->expr.size); - result = (value->expr.start != NULL); - - break; - - case DW_FORM_flag_present: - result = true; - value->has_flag = true; - break; - - case DW_FORM_ref_sig8: - result = g_binary_content_read_u64(content, pos, endian, &value->signature); - break; - - default: - result = read_dwarf_v2_form_value(format, cu, form, pos, &value->v2); - break; - - } - - return result; - -} diff --git a/src/format/dwarf/v4/form.h b/src/format/dwarf/v4/form.h deleted file mode 100644 index 053b693..0000000 --- a/src/format/dwarf/v4/form.h +++ /dev/null @@ -1,39 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * form.h - prototypes pour le chargement en mémoire des valeurs d'attributs - * - * Copyright (C) 2016-2017 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * Chrysalide is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * Chrysalide is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Chrysalide. If not, see . - */ - - -#ifndef _FORMAT_DWARF_V4_FORM_H -#define _FORMAT_DWARF_V4_FORM_H - - -#include "../dwarf.h" -#include "../dwarf_def.h" -#include "../../../analysis/content.h" - - - -/* Lit la valeur correspondant à un type donné. */ -bool read_dwarf_v4_form_value(const GDwarfFormat *, const dw_compil_unit_header *, DwarfForm, vmpa2t *, dw_v4_form_value *); - - - -#endif /* _FORMAT_DWARF_V4_FORM_H */ -- cgit v0.11.2-87-g4458