From 7abda358d11810e464f2bf51f8333836ddc17e90 Mon Sep 17 00:00:00 2001 From: Cyrille Bagard Date: Tue, 18 Sep 2018 09:08:35 +0200 Subject: Updated the API used to load binary contents. --- plugins/dex/core.c | 2 + plugins/elf/core.c | 2 + plugins/pychrysalide/analysis/loading.c | 97 +++++++++++++++++++++++++++++++++ plugins/pychrysalide/plugin.c | 16 +++++- plugins/pychrysalide/pychrysa.c | 4 ++ src/analysis/loading.c | 2 + 6 files changed, 121 insertions(+), 2 deletions(-) diff --git a/plugins/dex/core.c b/plugins/dex/core.c index a0bea80..6bdb9d5 100644 --- a/plugins/dex/core.c +++ b/plugins/dex/core.c @@ -95,6 +95,8 @@ G_MODULE_EXPORT void chrysalide_plugin_handle_binary_content(const GPluginModule g_content_resolver_add_detected(resolver, wid, loaded); g_object_unref(G_OBJECT(resolver)); + g_object_unref(G_OBJECT(loaded)); + } } diff --git a/plugins/elf/core.c b/plugins/elf/core.c index 1fefa69..6b7810e 100644 --- a/plugins/elf/core.c +++ b/plugins/elf/core.c @@ -95,6 +95,8 @@ G_MODULE_EXPORT void chrysalide_plugin_handle_binary_content(const GPluginModule g_content_resolver_add_detected(resolver, wid, loaded); g_object_unref(G_OBJECT(resolver)); + g_object_unref(G_OBJECT(loaded)); + } } diff --git a/plugins/pychrysalide/analysis/loading.c b/plugins/pychrysalide/analysis/loading.c index 77ff7fa..44930cd 100644 --- a/plugins/pychrysalide/analysis/loading.c +++ b/plugins/pychrysalide/analysis/loading.c @@ -31,6 +31,8 @@ #include +#include "content.h" +#include "loaded.h" #include "../access.h" #include "../helpers.h" @@ -39,10 +41,18 @@ /* --------------------- EXPLORATION NON BLOQUANTE DES CONTENUS --------------------- */ +/* Ajoute un nouveau contenu découvert au crédit d'un groupe. */ +static PyObject *py_content_explorer_populate_group(PyObject *, PyObject *); + + /* ------------------- RESOLUTION DE CONTENUS BINAIRES EN CHARGES ------------------- */ +/* Intègre un contenu chargé dans les résultats. */ +static PyObject *py_content_resolver_add_detected(PyObject *, PyObject *); + + /* ---------------------------------------------------------------------------------- */ /* EXPLORATION NON BLOQUANTE DES CONTENUS */ @@ -51,6 +61,44 @@ /****************************************************************************** * * +* Paramètres : self = classe représentant un binaire. * +* args = arguments fournis à l'appel. * +* * +* Description : Ajoute un nouveau contenu découvert au crédit d'un groupe. * +* * +* Retour : None. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_content_explorer_populate_group(PyObject *self, PyObject *args) +{ + PyObject *result; /* Valeur à retourner */ + unsigned long long wid; /* Identifiant de groupe */ + PyObject *content_obj; /* Nouveau contenu Python */ + int ret; /* Bilan de lecture des args. */ + GContentExplorer *explorer; /* Explorateur à manipuler */ + GBinContent *content; /* Contenu nouveau au final */ + + ret = PyArg_ParseTuple(args, "KO!", &wid, get_python_binary_content_type(), &content_obj); + if (!ret) Py_RETURN_NONE; + + explorer = G_CONTENT_EXPLORER(pygobject_get(self)); + content = G_BIN_CONTENT(pygobject_get(content_obj)); + + g_content_explorer_populate_group(explorer, wid, content); + + result = Py_None; + Py_INCREF(result); + + return result; + +} + + +/****************************************************************************** +* * * Paramètres : - * * * * Description : Fournit un accès à une définition de type à diffuser. * @@ -64,6 +112,11 @@ PyTypeObject *get_python_content_explorer_type(void) { static PyMethodDef py_content_explorer_methods[] = { + { + "populate_group", py_content_explorer_populate_group, + METH_VARARGS, + "populate_group($self, wid, content, /)\n--\n\nPush a new binary content into the list to explore." + }, { NULL } }; @@ -135,6 +188,44 @@ bool ensure_python_content_explorer_is_registered(void) /****************************************************************************** * * +* Paramètres : self = classe représentant un binaire. * +* args = arguments fournis à l'appel. * +* * +* Description : Intègre un contenu chargé dans les résultats. * +* * +* Retour : None. * +* * +* Remarques : - * +* * +******************************************************************************/ + +static PyObject *py_content_resolver_add_detected(PyObject *self, PyObject *args) +{ + PyObject *result; /* Valeur à retourner */ + unsigned long long wid; /* Identifiant de groupe */ + PyObject *loaded_obj; /* Contenu chargé en Python */ + int ret; /* Bilan de lecture des args. */ + GContentResolver *resolver; /* Résolveur à manipuler */ + GLoadedContent *loaded; /* Contenu chargé au final */ + + ret = PyArg_ParseTuple(args, "KO!", &wid, get_python_loaded_content_type(), &loaded_obj); + if (!ret) Py_RETURN_NONE; + + resolver = G_CONTENT_RESOLVER(pygobject_get(self)); + loaded = G_LOADED_CONTENT(pygobject_get(loaded_obj)); + + g_content_resolver_add_detected(resolver, wid, loaded); + + result = Py_None; + Py_INCREF(result); + + return result; + +} + + +/****************************************************************************** +* * * Paramètres : - * * * * Description : Fournit un accès à une définition de type à diffuser. * @@ -148,6 +239,12 @@ bool ensure_python_content_explorer_is_registered(void) PyTypeObject *get_python_content_resolver_type(void) { static PyMethodDef py_content_resolver_methods[] = { + + { + "add_detected", py_content_resolver_add_detected, + METH_VARARGS, + "add_detected($self, wid, loaded, /)\n--\n\nAdd a binary content as loaded content ready to get analyzed." + }, { NULL } }; diff --git a/plugins/pychrysalide/plugin.c b/plugins/pychrysalide/plugin.c index cc69dd7..b957eff 100644 --- a/plugins/pychrysalide/plugin.c +++ b/plugins/pychrysalide/plugin.c @@ -169,7 +169,14 @@ static void g_python_plugin_init(GPythonPlugin *plugin) static void g_python_plugin_dispose(GPythonPlugin *plugin) { - Py_DECREF(plugin->instance); + PyGILState_STATE gstate; /* Sauvegarde d'environnement */ + + gstate = PyGILState_Ensure(); + + Py_XDECREF(plugin->instance); + plugin->instance = NULL; + + PyGILState_Release(gstate); G_OBJECT_CLASS(g_python_plugin_parent_class)->dispose(G_OBJECT(plugin)); @@ -653,6 +660,9 @@ static void g_python_plugin_handle_binary_content(const GPythonPlugin *plugin, P { PyObject *args; /* Arguments pour l'appel */ PyObject *value; /* Valeurs obtenues */ + PyGILState_STATE gstate; /* Sauvegarde d'environnement */ + + gstate = PyGILState_Ensure(); args = PyTuple_New(4); @@ -661,11 +671,13 @@ static void g_python_plugin_handle_binary_content(const GPythonPlugin *plugin, P PyTuple_SetItem(args, 2, PyLong_FromUnsignedLong(wid)); PyTuple_SetItem(args, 3, pygobject_new(G_OBJECT(status))); - value = run_python_method(plugin->instance, "handle_binary_content", args); + value = run_python_method(plugin->instance, "handle_content", args); Py_XDECREF(value); Py_DECREF(args); + PyGILState_Release(gstate); + } diff --git a/plugins/pychrysalide/pychrysa.c b/plugins/pychrysalide/pychrysa.c index 8c93448..dd6f576 100644 --- a/plugins/pychrysalide/pychrysa.c +++ b/plugins/pychrysalide/pychrysa.c @@ -579,12 +579,16 @@ G_MODULE_EXPORT bool chrysalide_plugin_init(GPluginModule *plugin) Py_Initialize(); + PyEval_InitThreads(); + PySys_SetArgv(0, (wchar_t *[]) { NULL }); _chrysalide_module = PyImport_ImportModule("pychrysalide"); result = load_python_plugins(plugin); + PyEval_ReleaseLock(); + cpi_done: return result; diff --git a/src/analysis/loading.c b/src/analysis/loading.c index 7e2f9ee..3a53657 100644 --- a/src/analysis/loading.c +++ b/src/analysis/loading.c @@ -827,6 +827,7 @@ void g_content_explorer_populate_group(GContentExplorer *explorer, wgroup_id_t w group->contents = (GBinContent **)realloc(group->contents, ++group->count * sizeof(GBinContent *)); group->contents[group->count - 1] = content; + g_object_ref(G_OBJECT(content)); /* Relancement des explorations */ @@ -1426,6 +1427,7 @@ void g_content_resolver_add_detected(GContentResolver *resolver, wgroup_id_t wid group->loaded = (GLoadedContent **)realloc(group->loaded, ++group->count * sizeof(GLoadedContent *)); group->loaded[group->count - 1] = loaded; + g_object_ref(G_OBJECT(loaded)); g_mutex_unlock(&resolver->mutex); -- cgit v0.11.2-87-g4458