From 904476ddf621d9513bf90a3fa396d2e6c1ea2952 Mon Sep 17 00:00:00 2001 From: Cyrille Bagard Date: Fri, 8 Aug 2008 09:28:16 +0000 Subject: Prepared to handle the DWARF debug format. git-svn-id: svn://svn.gna.org/svn/chrysalide/trunk@15 abbe820e-26c8-41b2-8c08-b7b2b41f8b0a --- ChangeLog | 50 ++++++++++++++ configure.ac | 1 + src/Makefile.am | 2 +- src/binary.c | 28 ++++++-- src/format/Makefile.am | 19 +++++- src/format/dbg_format-int.h | 55 +++++++++++++++ src/format/dbg_format.c | 91 +++++++++++++++++++++++++ src/format/dbg_format.h | 41 ++++++++++++ src/format/dwarf/Makefile.am | 15 +++++ src/format/dwarf/abbrev.c | 93 ++++++++++++++++++++++++++ src/format/dwarf/abbrev.h | 41 ++++++++++++ src/format/dwarf/d_dwarf.c | 75 +++++++++++++++++++++ src/format/dwarf/d_dwarf.h | 48 +++++++++++++ src/format/dwarf/dwarf-int.h | 46 +++++++++++++ src/format/elf/Makefile.am | 4 +- src/format/elf/e_elf.c | 72 ++++++++++++++++++++ src/format/elf/e_elf.h | 48 +++++++++++++ src/format/elf/elf-int.h | 55 +++++++++++++++ src/format/elf/format_elf.c | 126 ---------------------------------- src/format/elf/format_elf.h | 40 ----------- src/format/elf/section.c | 156 +++++++++++++++++++++++++++++++++++++++++++ src/format/elf/section.h | 40 +++++++++++ src/format/exe_format-int.h | 54 +++++++++++++++ src/format/exe_format.c | 53 +++++++++++++++ src/format/exe_format.h | 46 +++++++++++++ 25 files changed, 1125 insertions(+), 174 deletions(-) create mode 100644 src/format/dbg_format-int.h create mode 100644 src/format/dbg_format.c create mode 100644 src/format/dbg_format.h create mode 100644 src/format/dwarf/Makefile.am create mode 100644 src/format/dwarf/abbrev.c create mode 100644 src/format/dwarf/abbrev.h create mode 100644 src/format/dwarf/d_dwarf.c create mode 100644 src/format/dwarf/d_dwarf.h create mode 100644 src/format/dwarf/dwarf-int.h create mode 100644 src/format/elf/e_elf.c create mode 100644 src/format/elf/e_elf.h create mode 100644 src/format/elf/elf-int.h delete mode 100644 src/format/elf/format_elf.c delete mode 100644 src/format/elf/format_elf.h create mode 100644 src/format/elf/section.c create mode 100644 src/format/elf/section.h create mode 100644 src/format/exe_format-int.h create mode 100644 src/format/exe_format.c create mode 100644 src/format/exe_format.h diff --git a/ChangeLog b/ChangeLog index 0fd5aee..ea6ec80 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,53 @@ +2008-08-08 Cyrille Bagard + + * configure.ac: + Add src/format/dwarf/Makefile to the list of files to create. + + * src/binary.c: + Update the way data is loaded. + + * src/format/dbg_format.c: + * src/format/dbg_format.h: + * src/format/dbg_format-int.h: + New entries: define a generic interface for debug formats. + + * src/format/dwarf/abbrev.c: + * src/format/dwarf/abbrev.h: + * src/format/dwarf/d_dwarf.c: + * src/format/dwarf/d_dwarf.h: + * src/format/dwarf/dwarf-int.h: + * src/format/dwarf/Makefile.am: + New entries: prepare to handle the DWARF debug format. + + * src/format/elf/e_elf.c: + * src/format/elf/e_elf.h: + * src/format/elf/elf-int.h: + New entries: better handle the ELF format. + + * src/format/elf/format_elf.c: + * src/format/elf/format_elf.h: + Deleted entries: renamed to e_elf.[ch]. + + * src/format/elf/Makefile.am: + Add e_elf.[ch], elf-int.h and section.[ch] to libformatelf_a_SOURCES. + Remove format_elf.[ch]. + + * src/format/elf/section.c: + * src/format/elf/section.h: + New entries: read sections in an ELF file. + + * src/format/exe_format.c: + * src/format/exe_format.h: + * src/format/exe_format-int.h: + New entries: define a generic interface for executable formats. + + * src/format/Makefile.am: + Add dwarf to SUBDIRS and exe_format.[ch], exe_format-int.h, + dbg_format.[ch], dbg_format-int.h to libformat_a_SOURCES. + + * src/Makefile.am: + Add format/libformat.a and format/dwarf/libformatdwarf.a to openida_LDADD. + 2008-08-05 Cyrille Bagard * src/gtksnippet.c: diff --git a/configure.ac b/configure.ac index e8c7f2b..76c502f 100644 --- a/configure.ac +++ b/configure.ac @@ -184,6 +184,7 @@ AC_CONFIG_FILES([Makefile src/arch/Makefile src/arch/x86/Makefile src/format/Makefile + src/format/dwarf/Makefile src/format/elf/Makefile]) AC_OUTPUT diff --git a/src/Makefile.am b/src/Makefile.am index aaa1ff3..2fd7fb8 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -17,7 +17,7 @@ AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) openida_LDFLAGS = $(LIBGTK_LIBS) -L/usr/X11R6/lib -ldl $(LIBXML_LIBS) `pkg-config --libs gthread-2.0` -openida_LDADD = $(LIBINTL) arch/libarch.a arch/x86/libarchx86.a format/elf/libformatelf.a +openida_LDADD = $(LIBINTL) arch/libarch.a arch/x86/libarchx86.a format/libformat.a format/dwarf/libformatdwarf.a format/elf/libformatelf.a SUBDIRS = arch format diff --git a/src/binary.c b/src/binary.c index 73960ac..9c0fefb 100644 --- a/src/binary.c +++ b/src/binary.c @@ -35,9 +35,16 @@ #include "arch/processor.h" -#include "format/elf/format_elf.h" +#include "format/dbg_format.h" +#include "format/exe_format.h" +#include "format/elf/e_elf.h" +#include "format/dwarf/d_dwarf.h" + + + +extern bool find_line_info(const uint8_t *content, off_t *size); /* Charge en mémoire le contenu d'un fichier. */ @@ -107,11 +114,12 @@ uint8_t *map_binary_file(const char *filename, size_t *length) void fill_snippet(GtkSnippet *snippet) { - size_t length; + off_t length; uint8_t *bin_data; int ret; - + exe_format *format; + dbg_format *dformat; asm_processor *proc; asm_instr *instr; @@ -140,10 +148,20 @@ void fill_snippet(GtkSnippet *snippet) printf(" ~~ bin_data ~~ :: %p (%d)\n", bin_data, length); - if (bin_data != NULL) - find_text_data(bin_data, &pos, &len, &base); + if (bin_data == NULL) return; + + + format = load_elf(bin_data, length); + dformat = load_dwarf(bin_data, length, format); + + find_exe_section(format, ".text", &pos, &len, &base); + + + /*find_line_info(bin_data, &len);*/ + printf("Exiting...\n"); + exit(0); offset = base; diff --git a/src/format/Makefile.am b/src/format/Makefile.am index 99afa2e..acc849b 100644 --- a/src/format/Makefile.am +++ b/src/format/Makefile.am @@ -1,2 +1,19 @@ -SUBDIRS = elf +lib_LIBRARIES = libformat.a + +libformat_a_SOURCES = \ + exe_format.h exe_format.c \ + exe_format-int.h \ + dbg_format.h dbg_format.c \ + dbg_format-int.h + +libformat_a_CFLAGS = $(AM_CFLAGS) + + +INCLUDES = + +AM_CPPFLAGS = + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) + +SUBDIRS = dwarf elf diff --git a/src/format/dbg_format-int.h b/src/format/dbg_format-int.h new file mode 100644 index 0000000..2d79161 --- /dev/null +++ b/src/format/dbg_format-int.h @@ -0,0 +1,55 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * dbg_format-int.h - prototypes utiles aux formats de débogage + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DBG_FORMAT_INT_H +#define _FORMAT_DBG_FORMAT_INT_H + + +#include +#include + + +#include "../dbg_format.h" +#include "../exe_format.h" + + + + + +/* Structure minimale d'un format de débogage */ +struct _dbg_format{ + + const uint8_t *content; /* Contenu binaire à étudier */ + off_t length; /* Taille de ce contenu */ + + exe_format *e_format; /* Gestionnaire d'exécutable */ + + +}; + + +#define DBG_FORMAT(f) ((dbg_format *)f) + + + +#endif /* _FORMAT_DBG_FORMAT_INT_H */ diff --git a/src/format/dbg_format.c b/src/format/dbg_format.c new file mode 100644 index 0000000..fac216d --- /dev/null +++ b/src/format/dbg_format.c @@ -0,0 +1,91 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * dbg_format.c - support des formats de débogage + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "dbg_format.h" + + +#include + + + +/* liste de tous les formats de débogage enregistrés */ +typedef struct _dbg_formats +{ + dbg_format **list; /* Série d'éléments */ + size_t count; /* Nombre de ces éléments */ + +} dbg_formats; + + +/* Fournit la liste des formats de débogage enregistrés. */ +dbg_formats *get_debug_formats(void); + + + +/****************************************************************************** +* * +* Paramètres : - * +* * +* Description : Fournit la liste des formats de débogage enregistrés. * +* * +* Retour : Liste des formats enregistrés. * +* * +* Remarques : - * +* * +******************************************************************************/ + +dbg_formats *get_debug_formats(void) +{ + static dbg_formats *result = NULL; /* Liste à retourner */ + + if (result == NULL) + result = (dbg_formats *)calloc(1, sizeof(dbg_formats)); + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = nouvel élément à inscrire dans l'ensemble. * +* * +* Description : Ajoute un nouveau format de débogage à la liste supportée. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +void register_debug_format(dbg_format *format) +{ + dbg_formats *formats; /* Liste à compléter */ + + formats = get_debug_formats(); + + formats->list = (dbg_format **)realloc(formats->list, ++formats->count * sizeof(dbg_format *)); + formats->list[formats->count - 1] = format; + +} + diff --git a/src/format/dbg_format.h b/src/format/dbg_format.h new file mode 100644 index 0000000..e00a494 --- /dev/null +++ b/src/format/dbg_format.h @@ -0,0 +1,41 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * dbg_format.h - prototypes pour le support des formats de débogage + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DBG_FORMAT_H +#define _FORMAT_DBG_FORMAT_H + + +/* Structure minimale d'un format de débogage */ +typedef struct _dbg_format dbg_format; + + + +/* Ajoute un nouveau format de débogage à la liste supportée. */ +void register_debug_format(dbg_format *); + + + + + + +#endif /* _FORMAT_DBG_FORMAT_H */ diff --git a/src/format/dwarf/Makefile.am b/src/format/dwarf/Makefile.am new file mode 100644 index 0000000..d9a3ca6 --- /dev/null +++ b/src/format/dwarf/Makefile.am @@ -0,0 +1,15 @@ + +lib_LIBRARIES = libformatdwarf.a + +libformatdwarf_a_SOURCES = \ + abbrev.h abbrev.c \ + d_dwarf.h d_dwarf.c + +libformatdwarf_a_CFLAGS = $(AM_CFLAGS) + + +INCLUDES = + +AM_CPPFLAGS = + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) diff --git a/src/format/dwarf/abbrev.c b/src/format/dwarf/abbrev.c new file mode 100644 index 0000000..8cf5dcd --- /dev/null +++ b/src/format/dwarf/abbrev.c @@ -0,0 +1,93 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * abbrev.c - manipulation des abréviation DWARF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "abbrev.h" + + +#include + + +#include "dwarf-int.h" + + + + + + + + +/****************************************************************************** +* * +* Paramètres : format = informations de débogage à compléter. * +* * +* Description : Charge les abréviations trouvés pour un DWARF. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool load_dwarf_abbreviations(dwarf_format *format) +{ + + + + + + off_t offset; + off_t size; + + bool test; + + int i; + + + printf("Searching...\n"); + + + test = find_exe_section(DBG_FORMAT(format)->e_format, ".debug_abbrev", &offset, &size, NULL); + + + + + printf(" -> offset=%d size=%d\n", offset, size); + + + for (i = 0; i < size; i++) + { + if (i % 10 == 0) printf("\n"); + printf("0x%02hhx ", DBG_FORMAT(format)->content[offset + i]); + } + + printf("\n"); + + + + + + + + +} + diff --git a/src/format/dwarf/abbrev.h b/src/format/dwarf/abbrev.h new file mode 100644 index 0000000..a949be9 --- /dev/null +++ b/src/format/dwarf/abbrev.h @@ -0,0 +1,41 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * abbrev.h - prototypes pour la manipulation des abréviation DWARF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DWARF_ABBREV_H +#define _FORMAT_DWARF_ABBREV_H + + +#include + + +#include "d_dwarf.h" + + + +/* Charge les abréviations trouvés pour un DWARF. */ +bool load_dwarf_abbreviations(dwarf_format *); + + + + +#endif /* _FORMAT_DWARF_ABBREV_H */ diff --git a/src/format/dwarf/d_dwarf.c b/src/format/dwarf/d_dwarf.c new file mode 100644 index 0000000..7537e34 --- /dev/null +++ b/src/format/dwarf/d_dwarf.c @@ -0,0 +1,75 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * d_dwarf.c - support du format DWARF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "d_dwarf.h" + + +#include + + +#include "abbrev.h" +#include "dwarf-int.h" + + + + + + + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* length = taille du contenu en question. * +* e_format = gestionnaire global (partie exécutable). * +* * +* Description : Prend en charge un nouveau DWARF. * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +dwarf_format *load_dwarf(const uint8_t *content, off_t length, exe_format *e_format) +{ + dwarf_format *result; /* Structure à retourner */ + bool test; /* Bilan d'une initialisation */ + + result = (dwarf_format *)calloc(1, sizeof(dwarf_format)); + + DBG_FORMAT(result)->content = content; + DBG_FORMAT(result)->length = length; + + DBG_FORMAT(result)->e_format = e_format; + + + test = load_dwarf_abbreviations(result); + + + return result; + +} + + + diff --git a/src/format/dwarf/d_dwarf.h b/src/format/dwarf/d_dwarf.h new file mode 100644 index 0000000..d432d5a --- /dev/null +++ b/src/format/dwarf/d_dwarf.h @@ -0,0 +1,48 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * d_dwarf.h - prototypes pour le support du format DWARF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DWARF_DWARF_H +#define _FORMAT_DWARF_DWARF_H + + +#include +#include + + +#include "../exe_format.h" + + + +/* Description du format DWARF */ +typedef struct _dwarf_format dwarf_format; + + + +/* Prend en charge un nouveau DWARF. */ +dwarf_format *load_dwarf(const uint8_t *, off_t, exe_format *); + + + + + +#endif /* _FORMAT_DWARF_DWARF_H */ diff --git a/src/format/dwarf/dwarf-int.h b/src/format/dwarf/dwarf-int.h new file mode 100644 index 0000000..e3bb212 --- /dev/null +++ b/src/format/dwarf/dwarf-int.h @@ -0,0 +1,46 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * dwarf-int.h - prototypes pour les structures internes du format DWARF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DWARF_DWARF_INT_H +#define _FORMAT_DWARF_DWARF_INT_H + + + + +#include "../dbg_format-int.h" + + + +/* Description du format DWARF */ +struct _dwarf_format +{ + dbg_format dummy; /* A laisser en premier */ + + + +}; + + + + +#endif /* _FORMAT_DWARF_DWARF_INT_H */ diff --git a/src/format/elf/Makefile.am b/src/format/elf/Makefile.am index 3cf5f1c..cb5682d 100644 --- a/src/format/elf/Makefile.am +++ b/src/format/elf/Makefile.am @@ -2,7 +2,9 @@ lib_LIBRARIES = libformatelf.a libformatelf_a_SOURCES = \ - format_elf.h format_elf.c + e_elf.h e_elf.c \ + elf-int.h \ + section.h section.c libformatelf_a_CFLAGS = $(AM_CFLAGS) diff --git a/src/format/elf/e_elf.c b/src/format/elf/e_elf.c new file mode 100644 index 0000000..1c08cf3 --- /dev/null +++ b/src/format/elf/e_elf.c @@ -0,0 +1,72 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * e_elf.c - support du format ELF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "e_elf.h" + + +#include +#include + + +#include "elf-int.h" +#include "section.h" + + + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* length = taille du contenu en question. * +* * +* Description : Prend en charge un nouvel ELF. * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +elf_format *load_elf(const uint8_t *content, off_t length) +{ + elf_format *result; /* Structure à retourner */ + bool test; /* Bilan d'une initialisation */ + + result = (elf_format *)calloc(1, sizeof(elf_format)); + + EXE_FORMAT(result)->content = content; + EXE_FORMAT(result)->length = length; + + EXE_FORMAT(result)->find_section = (find_section_fc)find_elf_section; + + memcpy(&result->header, content, sizeof(Elf32_Ehdr)); + + + test = read_elf_section_names(result); + + printf("ok ? %d\n", test); + + + return result; + +} diff --git a/src/format/elf/e_elf.h b/src/format/elf/e_elf.h new file mode 100644 index 0000000..fabee77 --- /dev/null +++ b/src/format/elf/e_elf.h @@ -0,0 +1,48 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * e_elf.h - prototypes pour le support du format ELF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_ELF_ELF_H +#define _FORMAT_ELF_ELF_H + + +#include +#include +#include + + + +/* Description du format ELF */ +typedef struct _elf_format elf_format; + + + +/* Prend en charge un nouvel ELF. */ +elf_format *load_elf(const uint8_t *, off_t); + + + + + + + +#endif /* _FORMAT_ELF_ELF_H */ diff --git a/src/format/elf/elf-int.h b/src/format/elf/elf-int.h new file mode 100644 index 0000000..0fd325f --- /dev/null +++ b/src/format/elf/elf-int.h @@ -0,0 +1,55 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * elf-int.h - prototypes pour les structures internes du format ELF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_ELF_ELF_INT_H +#define _FORMAT_ELF_ELF_INT_H + + + +#include +#include + + +#include "../exe_format-int.h" + + + + +/* Description du format ELF */ +struct _elf_format +{ + exe_format dummy; /* A laisser en premier */ + + Elf32_Ehdr header; /* En-tête du format */ + + char *sec_names; /* Noms des sections */ + size_t sec_size; /* Taille de ces définitions */ + + +}; + + + + + +#endif /* _FORMAT_ELF_ELF_INT_H */ diff --git a/src/format/elf/format_elf.c b/src/format/elf/format_elf.c deleted file mode 100644 index 9f929fb..0000000 --- a/src/format/elf/format_elf.c +++ /dev/null @@ -1,126 +0,0 @@ - -/* OpenIDA - Outil d'analyse de fichiers binaires - * format_elf.c - support du format ELF - * - * Copyright (C) 2008 Cyrille Bagard - * - * This file is part of OpenIDA. - * - * OpenIDA is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * OpenIDA is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see . - */ - - -#include "elf.h" - - - - - - - - - - -#include -#include -#include -#include -#include -#include -#include - - -char *read_section_names(const uint8_t *content, Elf32_Off offset) -{ - char *result; - Elf32_Shdr section; - - result = NULL; - - memcpy(§ion, &content[offset], sizeof(Elf32_Shdr)); - - result = (char *)calloc(section.sh_size + 1, sizeof(char)); - - memcpy(result, &content[section.sh_offset], section.sh_size); - - return result; - -} - - -bool find_target_section(const uint8_t *content, const char *target, const char *names, Elf32_Off offset, Elf32_Shdr *data) -{ - bool result; - Elf32_Shdr section; - - result = false; - - memcpy(§ion, &content[offset], sizeof(Elf32_Shdr)); - - result = (strcmp(target, &names[section.sh_name]) == 0); - - if (result) - { - printf("section: %s (0x%08x)\n", &names[section.sh_name], section.sh_addr); - *data = section; - } - - return result; - -} - - - -bool find_text_data(const uint8_t *content, off_t *offset, off_t *size, uint64_t *voffset) -{ - bool result; - Elf32_Ehdr header; - char *names; - Elf32_Half i; - Elf32_Shdr data; - - result = false; - - memcpy(&header, content, sizeof(Elf32_Ehdr)); - - names = read_section_names(content, header.e_shoff + header.e_shentsize * header.e_shstrndx); - if (names == NULL) - { - fprintf(stderr, "no section header string table\n"); - return NULL; - } - - for (i = 0; i < header.e_shnum; i++) - { - if (i == header.e_shstrndx) continue; - - if (find_target_section(content, ".text", names, header.e_shoff + header.e_shentsize * i, &data)) - { - printf("Find it !\n"); - - *offset = data.sh_offset; - *size = data.sh_size; - *voffset = data.sh_addr; - - result = true; - - } - - } - - free(names); - - return result; - -} diff --git a/src/format/elf/format_elf.h b/src/format/elf/format_elf.h deleted file mode 100644 index 742d036..0000000 --- a/src/format/elf/format_elf.h +++ /dev/null @@ -1,40 +0,0 @@ - -/* OpenIDA - Outil d'analyse de fichiers binaires - * format_elf.h - prototypes pour le support du format ELF - * - * Copyright (C) 2008 Cyrille Bagard - * - * This file is part of OpenIDA. - * - * OpenIDA is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * OpenIDA is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see . - */ - - -#ifndef _FORMAT_ELF_H -#define _FORMAT_ELF_H - - - -#include -#include -#include - - - -bool find_text_data(const uint8_t *content, off_t *, off_t *, uint64_t *); - - - - -#endif /* _FORMAT_ELF_H */ diff --git a/src/format/elf/section.c b/src/format/elf/section.c new file mode 100644 index 0000000..a055f47 --- /dev/null +++ b/src/format/elf/section.c @@ -0,0 +1,156 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * section.h - prototypes pour la gestion des sections d'un ELF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "section.h" + + +#include +#include + + +#include "elf-int.h" + + + +/* Teste si une section correspond à celle recherchée. */ +bool find_target_elf_section(const elf_format *, const char *, Elf32_Off, Elf32_Shdr *); + + + + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à compléter. * +* * +* Description : Charge en mémoire la liste humaine des sections. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_elf_section_names(elf_format *format) +{ + off_t offset; /* Position des données */ + Elf32_Shdr section; /* Section visée */ + + offset = format->header.e_shoff + format->header.e_shentsize * format->header.e_shstrndx; + if ((offset + sizeof(Elf32_Shdr)) >= EXE_FORMAT(format)->length) return false; + + memcpy(§ion, &EXE_FORMAT(format)->content[offset], sizeof(Elf32_Shdr)); + + if ((section.sh_offset + section.sh_size) >= EXE_FORMAT(format)->length) return false; + + format->sec_names = (char *)calloc(section.sh_size + 1, sizeof(char)); + format->sec_size = section.sh_size; + + memcpy(format->sec_names, &EXE_FORMAT(format)->content[section.sh_offset], section.sh_size); + + return true; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* target = nom de la section recherchée. * +* offset = position de la section à tester. * +* data = description de la section trouvée. [OUT] * +* * +* Description : Teste si une section correspond à celle recherchée. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool find_target_elf_section(const elf_format *format, const char *target, Elf32_Off offset, Elf32_Shdr *data) +{ + bool result; /* Conclusion à retourner */ + Elf32_Shdr section; /* Section à analyser */ + + result = false; + + if ((offset + sizeof(Elf32_Shdr)) >= EXE_FORMAT(format)->length) return false; + + memcpy(§ion, &EXE_FORMAT(format)->content[offset], sizeof(Elf32_Shdr)); + + result = (strcmp(target, &format->sec_names[section.sh_name]) == 0); + + if (result) *data = section; + + return result; + +} + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* target = nom de la section recherchée. * +* offset = position de la section trouvée. [OUT] * +* size = taille de la section trouvée. [OUT] * +* voffset = adresse virtuelle de la section trouvée. [OUT] * +* * +* Description : Recherche une section donnée au sein de binaire. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool find_elf_section(const elf_format *format, const char *target, off_t *offset, off_t *size, uint64_t *voffset) +{ + bool result; + Elf32_Half i; + Elf32_Shdr data; + + result = false; + + for (i = 0; i < format->header.e_shnum; i++) + { + if (i == format->header.e_shstrndx) continue; + + if (find_target_elf_section(format, target, + format->header.e_shoff + format->header.e_shentsize * i, &data)) + { + *offset = data.sh_offset; + *size = data.sh_size; + + if (voffset != NULL) + *voffset = data.sh_addr; + + result = true; + + } + + } + + return result; + +} diff --git a/src/format/elf/section.h b/src/format/elf/section.h new file mode 100644 index 0000000..b84fe76 --- /dev/null +++ b/src/format/elf/section.h @@ -0,0 +1,40 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * section.h - prototypes pour la gestion des sections d'un ELF + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_ELF_SECTION_H +#define _FORMAT_ELF_SECTION_H + + +#include "e_elf.h" + + + +/* Charge en mémoire la liste humaine des sections. */ +bool read_elf_section_names(elf_format *); + +/* Recherche une section donnée au sein de binaire. */ +bool find_elf_section(const elf_format *, const char *, off_t *, off_t *, uint64_t *); + + + +#endif /* _FORMAT_ELF_SECTION_H */ diff --git a/src/format/exe_format-int.h b/src/format/exe_format-int.h new file mode 100644 index 0000000..a8333de --- /dev/null +++ b/src/format/exe_format-int.h @@ -0,0 +1,54 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * exe_format-int.h - prototypes utiles aux formats d'exécutables + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_EXE_FORMAT_INT_H +#define _FORMAT_EXE_FORMAT_INT_H + + +#include "exe_format.h" + + + +/* Recherche une section donnée au sein de binaire. */ +typedef bool (* find_section_fc) (const exe_format *, const char *, off_t *, off_t *, uint64_t *); + + + +/* Support générique d'un format d'exécutable */ +struct _exe_format +{ + const uint8_t *content; /* Contenu binaire à étudier */ + off_t length; /* Taille de ce contenu */ + + find_section_fc find_section; /* Recherche d'une section */ + +}; + + +#define EXE_FORMAT(f) ((exe_format *)f) + + + + + +#endif /* _FORMAT_EXE_FORMAT_INT_H */ diff --git a/src/format/exe_format.c b/src/format/exe_format.c new file mode 100644 index 0000000..48a4d4c --- /dev/null +++ b/src/format/exe_format.c @@ -0,0 +1,53 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * exe_format.h - support des formats d'exécutables + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "exe_format.h" + + +#include "exe_format-int.h" + + + + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* target = nom de la section recherchée. * +* offset = position de la section trouvée. [OUT] * +* size = taille de la section trouvée. [OUT] * +* voffset = adresse virtuelle de la section trouvée. [OUT] * +* * +* Description : Recherche une section donnée au sein de binaire. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool find_exe_section(const exe_format *format, const char *target, off_t *offset, off_t *size, uint64_t *voffset) +{ + return format->find_section(format, target, offset, size, voffset); + +} diff --git a/src/format/exe_format.h b/src/format/exe_format.h new file mode 100644 index 0000000..0ec727b --- /dev/null +++ b/src/format/exe_format.h @@ -0,0 +1,46 @@ + +/* OpenIDA - Outil d'analyse de fichiers binaires + * exe_format.h - prototypes pour le support des formats d'exécutables + * + * Copyright (C) 2008 Cyrille Bagard + * + * This file is part of OpenIDA. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_EXE_FORMAT_H +#define _FORMAT_EXE_FORMAT_H + + +#include +#include +#include + + + +/* Support générique d'un format d'exécutable */ +typedef struct _exe_format exe_format; + + + + +/* Recherche une section donnée au sein de binaire. */ +bool find_exe_section(const exe_format *, const char *, off_t *, off_t *, uint64_t *); + + + + +#endif /* _FORMAT_EXE_FORMAT_H */ -- cgit v0.11.2-87-g4458