From 4b2f65ed2125cd7b6ef598cf02738f6c839d8935 Mon Sep 17 00:00:00 2001 From: Cyrille Bagard Date: Wed, 12 Aug 2015 19:05:31 +0000 Subject: Extended the loading process of binary formats to prepare the DWARF support. git-svn-id: svn://svn.gna.org/svn/chrysalide/trunk@568 abbe820e-26c8-41b2-8c08-b7b2b41f8b0a --- ChangeLog | 71 ++++++++++++- configure.ac | 3 + plugins/mobicore/mclf.c | 17 +-- plugins/mobicore/mclf.h | 5 +- plugins/mobicore/mobicore.c | 8 +- plugins/pychrysa/format/elf/elf.c | 2 +- plugins/ropgadgets/select.c | 4 +- src/analysis/binaries/file.c | 18 +++- src/analysis/binary-int.h | 1 + src/analysis/binary.h | 1 + src/core/formats.c | 198 +++++++++++++++++++++++++---------- src/core/formats.h | 15 ++- src/format/Makefile.am | 25 +---- src/format/dbg_format-int.h | 55 ---------- src/format/dbg_format.c | 91 ---------------- src/format/dbg_format.h | 41 -------- src/format/debuggable-int.h | 51 +++++++++ src/format/debuggable.c | 88 ++++++++++++++++ src/format/debuggable.h | 52 ++++++++++ src/format/dwarf/Makefile.am | 10 +- src/format/dwarf/dwarf-int.c | 75 ++++++++++++++ src/format/dwarf/dwarf-int.h | 80 +++++++++++++- src/format/dwarf/dwarf.c | 212 +++++++++++++++++++++++++++++++++++--- src/format/dwarf/dwarf.h | 23 ++++- src/format/dwarf/v2/Makefile.am | 12 +++ src/format/dwarf/v2/dwarf.c | 171 ++++++++++++++++++++++++++++++ src/format/dwarf/v2/dwarf.h | 59 +++++++++++ src/format/dwarf/v3/Makefile.am | 12 +++ src/format/dwarf/v3/dwarf.c | 171 ++++++++++++++++++++++++++++++ src/format/dwarf/v3/dwarf.h | 59 +++++++++++ src/format/dwarf/v4/Makefile.am | 12 +++ src/format/dwarf/v4/dwarf.c | 171 ++++++++++++++++++++++++++++++ src/format/dwarf/v4/dwarf.h | 59 +++++++++++ src/format/elf/elf.c | 57 ++++++++-- src/format/elf/elf.h | 5 +- src/format/executable-int.h | 5 + src/format/executable.c | 25 +++++ src/format/executable.h | 4 + 38 files changed, 1649 insertions(+), 319 deletions(-) create mode 100644 src/format/debuggable-int.h create mode 100644 src/format/debuggable.c create mode 100644 src/format/debuggable.h create mode 100644 src/format/dwarf/dwarf-int.c create mode 100644 src/format/dwarf/v2/Makefile.am create mode 100644 src/format/dwarf/v2/dwarf.c create mode 100644 src/format/dwarf/v2/dwarf.h create mode 100644 src/format/dwarf/v3/Makefile.am create mode 100644 src/format/dwarf/v3/dwarf.c create mode 100644 src/format/dwarf/v3/dwarf.h create mode 100644 src/format/dwarf/v4/Makefile.am create mode 100644 src/format/dwarf/v4/dwarf.c create mode 100644 src/format/dwarf/v4/dwarf.h diff --git a/ChangeLog b/ChangeLog index 40d1932..862bee6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,72 @@ +15-08-12 Cyrille Bagard + + * configure.ac: + Add the new Makefiles from the 'src/format/dwarf/v[234]' directories. + + * plugins/mobicore/mclf.c: + * plugins/mobicore/mclf.h: + * plugins/mobicore/mobicore.c: + * plugins/pychrysa/format/elf/elf.c: + * plugins/ropgadgets/select.c: + Update code. + + * src/analysis/binaries/file.c: + Update code and load an optional debug format for the current format. + + * src/analysis/binary.h: + * src/analysis/binary-int.h: + Update code. + + * src/core/formats.c: + * src/core/formats.h: + Extend the loading process of binary formats to prepare the DWARF support. + + * src/format/dbg_format.c: + * src/format/dbg_format.h: + * src/format/dbg_format-int.h: + Deleted entries. + + * src/format/debuggable.c: + * src/format/debuggable.h: + * src/format/debuggable-int.h: + New entries: define a format for debug. + + * src/format/dwarf/dwarf.c: + * src/format/dwarf/dwarf.h: + Define the common base for all DWARF format versions. + + * src/format/dwarf/dwarf-int.c: + New entries: decode some DWARF basic headers. + + * src/format/dwarf/dwarf-int.h: + * src/format/dwarf/Makefile.am: + Update code to support all kinds of DWARF versions. + + * src/format/dwarf/v2/dwarf.c: + * src/format/dwarf/v2/dwarf.h: + * src/format/dwarf/v2/Makefile.am: + * src/format/dwarf/v3/dwarf.c: + * src/format/dwarf/v3/dwarf.h: + * src/format/dwarf/v3/Makefile.am: + * src/format/dwarf/v4/dwarf.c: + * src/format/dwarf/v4/dwarf.h: + * src/format/dwarf/v4/Makefile.am: + New entries: create initial support for all DWARF versions. + + * src/format/elf/elf.c: + * src/format/elf/elf.h: + Update code. + + * src/format/executable.c: + * src/format/executable.h: + * src/format/executable-int.h: + Provide ranges of named binary sections. + + * src/format/Makefile.am: + Add the 'debuggable*[ch]' files to libformat_la_SOURCES, the + 'elf/libformatelf.la' archive to libformat_la_LIBADD, the 'dwarf' + directory to SUBDIRS and clean the Makefile. + 15-08-05 Cyrille Bagard * src/analysis/db/collection.c: @@ -716,7 +785,7 @@ 15-05-11 Cyrille Bagard - * configure.ac; + * configure.ac: Add the new Makefile from the 'plugins/ropgadgets' directory. * plugins/Makefile.am: diff --git a/configure.ac b/configure.ac index eed6c5b..a2ac711 100644 --- a/configure.ac +++ b/configure.ac @@ -334,6 +334,9 @@ AC_CONFIG_FILES([Makefile src/format/Makefile src/format/dex/Makefile src/format/dwarf/Makefile + src/format/dwarf/v2/Makefile + src/format/dwarf/v3/Makefile + src/format/dwarf/v4/Makefile src/format/elf/Makefile src/format/java/Makefile src/format/mangling/Makefile diff --git a/plugins/mobicore/mclf.c b/plugins/mobicore/mclf.c index 245508f..829a488 100644 --- a/plugins/mobicore/mclf.c +++ b/plugins/mobicore/mclf.c @@ -55,26 +55,30 @@ static void g_mclf_format_refine_portions(const GMCLFFormat *, GBinPortion *); /****************************************************************************** * * * Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * * * * Description : Indique si le format peut être pris en charge ici. * * * -* Retour : true si la réponse est positive, false sinon. * +* Retour : Désignation du format reconnu ou NULL si aucun. * * * * Remarques : - * * * ******************************************************************************/ -bool mclf_is_matching(GBinContent *content) +const char *mclf_is_matching(GBinContent *content, GExeFormat *parent) { - bool result; /* Bilan à faire connaître */ + const char *result; /* Format détecté à renvoyer */ vmpa2t addr; /* Tête de lecture initiale */ + bool status; /* Bilan des accès mémoire */ char magic[4]; /* Idenfiant standard */ init_vmpa(&addr, 0, VMPA_NO_VIRTUAL); - result = g_binary_content_get_raw(content, &addr, 4, (bin_t *)magic); + status = g_binary_content_get_raw(content, &addr, 4, (bin_t *)magic); - result &= (memcmp(magic, MC_SERVICE_HEADER_MAGIC_STR, 4) == 0); + status &= (memcmp(magic, MC_SERVICE_HEADER_MAGIC_STR, 4) == 0); + + result = status ? "mclf" : NULL; return result; @@ -130,6 +134,7 @@ static void g_mclf_format_init(GMCLFFormat *format) /****************************************************************************** * * * Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * * * * Description : Prend en charge un nouveau format MCLF. * * * @@ -139,7 +144,7 @@ static void g_mclf_format_init(GMCLFFormat *format) * * ******************************************************************************/ -GBinFormat *g_mclf_format_new(GBinContent *content) +GBinFormat *g_mclf_format_new(GBinContent *content, GExeFormat *parent) { GMCLFFormat *result; /* Structure à retourner */ diff --git a/plugins/mobicore/mclf.h b/plugins/mobicore/mclf.h index c2752b8..5ac0926 100644 --- a/plugins/mobicore/mclf.h +++ b/plugins/mobicore/mclf.h @@ -30,6 +30,7 @@ #include +#include #include @@ -50,13 +51,13 @@ typedef struct _GMCLFFormatClass GMCLFFormatClass; /* Indique si le format peut être pris en charge ici. */ -bool mclf_is_matching(GBinContent *); +const char *mclf_is_matching(GBinContent *, GExeFormat *); /* Indique le type défini pour un format d'exécutable MCLF. */ GType g_mclf_format_get_type(void); /* Prend en charge un nouveau format MCLF. */ -GBinFormat *g_mclf_format_new(GBinContent *); +GBinFormat *g_mclf_format_new(GBinContent *, GExeFormat *); diff --git a/plugins/mobicore/mobicore.c b/plugins/mobicore/mobicore.c index 15bc0a1..087297b 100644 --- a/plugins/mobicore/mobicore.c +++ b/plugins/mobicore/mobicore.c @@ -54,9 +54,9 @@ G_MODULE_EXPORT bool chrysalide_plugin_init(GPluginModule *plugin, GObject *ref) { bool result; /* Bilan à retourner */ - printf("Loaded !\n"); + result &= register_format_matcher(mclf_is_matching); - result = register_format_type("mclf", "MobiCore Load Format", mclf_is_matching, g_mclf_format_new); + result = register_format_loader("mclf", "MobiCore Load Format", g_mclf_format_new); return result; @@ -78,8 +78,6 @@ G_MODULE_EXPORT bool chrysalide_plugin_init(GPluginModule *plugin, GObject *ref) G_MODULE_EXPORT void chrysalide_plugin_exit(GPluginModule *plugin, GObject *ref) { - - printf("Unloaded !\n"); - + /* TODO */ } diff --git a/plugins/pychrysa/format/elf/elf.c b/plugins/pychrysa/format/elf/elf.c index 87988ee..a292c91 100644 --- a/plugins/pychrysa/format/elf/elf.c +++ b/plugins/pychrysa/format/elf/elf.c @@ -70,7 +70,7 @@ static PyObject *py_elf_format_new(PyTypeObject *type, PyObject *args, PyObject if (!ret) return NULL; content = G_BIN_CONTENT(pygobject_get(content_obj)); - format = g_elf_format_new(content); + format = g_elf_format_new(content, NULL); result = pygobject_new(G_OBJECT(format)); diff --git a/plugins/ropgadgets/select.c b/plugins/ropgadgets/select.c index 826682c..514b6ca 100644 --- a/plugins/ropgadgets/select.c +++ b/plugins/ropgadgets/select.c @@ -1337,7 +1337,7 @@ static GBinFormat *load_external_format_for_rop_gadgets(GObject *ref) /* Récupération du format de fichier associé */ - target = find_matching_format(content); + target = find_matching_format(content, NULL); desc = get_binary_format_name(target); if (desc == NULL) @@ -1347,7 +1347,7 @@ static GBinFormat *load_external_format_for_rop_gadgets(GObject *ref) goto leffrg_error; } - result = load_new_named_format(target, content); + result = load_new_named_format(target, content, NULL); if (result == NULL) { diff --git a/src/analysis/binaries/file.c b/src/analysis/binaries/file.c index c946572..75f2c18 100644 --- a/src/analysis/binaries/file.c +++ b/src/analysis/binaries/file.c @@ -173,7 +173,7 @@ GLoadedBinary *g_file_binary_new_from_file(const char *filename) content = g_binary_content_new_from_file(filename); if (content == NULL) goto lbf_error; - target = find_matching_format(content); + target = find_matching_format(content, NULL); desc = get_binary_format_name(target); if (desc == NULL) @@ -185,7 +185,7 @@ GLoadedBinary *g_file_binary_new_from_file(const char *filename) else log_variadic_message(LMT_INFO, _("Detected format: %s"), desc); - loaded->format = G_EXE_FORMAT(load_new_named_format(target, content)); + loaded->format = G_EXE_FORMAT(load_new_named_format(target, content, NULL)); if (loaded->format == NULL) { @@ -194,6 +194,20 @@ GLoadedBinary *g_file_binary_new_from_file(const char *filename) goto lbf_error; } + target = find_matching_format(content, loaded->format); + desc = get_binary_format_name(target); + + if (desc != NULL) + { + log_variadic_message(LMT_INFO, _("Detected debug format: %s"), desc); + + loaded->debug = G_DBG_FORMAT(load_new_named_format(target, content, loaded->format)); + + if (loaded->debug == NULL) + log_simple_message(LMT_ERROR, _("Error while loading the debug information for binary")); + + } + target = g_exe_format_get_target_machine(loaded->format); desc = get_arch_processor_name(target); diff --git a/src/analysis/binary-int.h b/src/analysis/binary-int.h index 64a957d..4bfb14e 100644 --- a/src/analysis/binary-int.h +++ b/src/analysis/binary-int.h @@ -61,6 +61,7 @@ struct _GLoadedBinary get_binary_name_fc get_name; /* Obtention d'une description */ GExeFormat *format; /* Format du binaire */ + GDbgFormat *debug; /* Informations de débogage */ GArchProcessor *proc; /* Architecture du binaire */ GArchInstruction *instrs; /* Instructions d'assemblage */ diff --git a/src/analysis/binary.h b/src/analysis/binary.h index 768f53a..6b7d338 100644 --- a/src/analysis/binary.h +++ b/src/analysis/binary.h @@ -33,6 +33,7 @@ #include "db/protocol.h" #include "../arch/processor.h" #include "../common/xml.h" +#include "../format/debuggable.h" #include "../format/executable.h" #include "../glibext/gcodebuffer.h" diff --git a/src/core/formats.c b/src/core/formats.c index 9ff31b2..891fc12 100644 --- a/src/core/formats.c +++ b/src/core/formats.c @@ -29,41 +29,99 @@ #include +#include "../format/dwarf/dwarf.h" +#include "../format/dwarf/v2/dwarf.h" +#include "../format/dwarf/v3/dwarf.h" +#include "../format/dwarf/v4/dwarf.h" #include "../format/elf/elf.h" +/* Eléments pour détection */ +typedef struct _format_matcher_t +{ + format_match_fc func; /* Recherche de correspondance */ + +} format_matcher_t; + + /* Caractéristiques d'un processeur */ -typedef struct _format_t +typedef struct _format_loader_t { char *key; /* Clef pour un accès rapide */ char *name; /* Désignation humaine */ - format_match_fc is_matching; /* Recherche de correspondance */ - format_load_fc load; /* Procédure de chargement */ + format_load_fc func; /* Procédure de chargement */ -} format_t; +} format_loader_t; +/* Mémorisation des détections de format enregistrées */ +static format_matcher_t *_formats_matchers = NULL; +static size_t _formats_matchers_count = 0; + /* Mémorisation des types de formats enregistrés */ -static format_t *_formats_definitions = NULL; -static size_t _formats_definitions_count = 0; +static format_loader_t *_formats_loaders = NULL; +static size_t _formats_loaders_count = 0; /* Verrou pour des accès atomiques */ -/* ... */ +static GRWLock _formats_lock; /* Retrouve l'enregistrement correspondant à une architecture. */ -static format_t *find_format_by_key(const char *); +static format_loader_t *find_format_by_key(const char *); + + + +/****************************************************************************** +* * +* Paramètres : func = procédure de détection à utiliser. * +* * +* Description : Enregistre un détection de format(s) binaire(s). * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool register_format_matcher(format_match_fc func) +{ + bool result; /* Bilan à retourner */ + size_t i; /* Boucle de parcours */ + format_matcher_t *new; /* Nouvel élément à définir */ + + g_rw_lock_writer_lock(&_formats_lock); + + for (i = 0; i < _formats_matchers_count; i++) + if (_formats_matchers[i].func == func) + break; + + result = (i == _formats_matchers_count); + + if (result) + { + _formats_matchers = (format_matcher_t *)realloc(_formats_matchers, + ++_formats_matchers_count * sizeof(format_matcher_t)); + new = &_formats_matchers[_formats_matchers_count - 1]; + + new->func = func; + + } + + g_rw_lock_writer_unlock(&_formats_lock); + + return result; + +} /****************************************************************************** * * -* Paramètres : key = désignation rapide et interne d'un format. * -* name = désignation humaine au format de binaire. * -* is_matching = procédure de détection associée. * -* load = procédure de chargement associée. * +* Paramètres : key = désignation rapide et interne d'un format. * +* name = désignation humaine au format de binaire. * +* func = procédure de chargement associée. * * * * Description : Enregistre un format de contenu binaire donné. * * * @@ -73,28 +131,37 @@ static format_t *find_format_by_key(const char *); * * ******************************************************************************/ -bool register_format_type(const char *key, const char *name, format_match_fc is_matching, format_load_fc load) +bool register_format_loader(const char *key, const char *name, format_load_fc func) { - format_t *new; /* Nouvel élément à définir */ + bool result; /* Bilan à retourner */ + size_t i; /* Boucle de parcours */ + format_loader_t *new; /* Nouvel élément à définir */ - /* TODO : if find()... -> unref(), ret false */ + g_rw_lock_writer_lock(&_formats_lock); - /* TODO : lock */ + for (i = 0; i < _formats_loaders_count; i++) + if (strcmp(_formats_loaders[i].key, key) == 0 && strcmp(_formats_loaders[i].name, name) == 0) + break; + + result = (i == _formats_loaders_count); + + if (result) + { + _formats_loaders = (format_loader_t *)realloc(_formats_loaders, + ++_formats_loaders_count * sizeof(format_loader_t)); - _formats_definitions = (format_t *)realloc(_formats_definitions, - ++_formats_definitions_count * sizeof(format_t)); + new = &_formats_loaders[_formats_loaders_count - 1]; - new = &_formats_definitions[_formats_definitions_count - 1]; + new->key = strdup(key); + new->name = strdup(name); - new->key = strdup(key); - new->name = strdup(name); + new->func = func; - new->is_matching = is_matching; - new->load = load; + } - /* TODO : unlock */ + g_rw_lock_writer_unlock(&_formats_lock); - return true; + return result; } @@ -117,7 +184,24 @@ bool load_hard_coded_formats_definitions(void) result = true; - result &= register_format_type("elf", "Executable and Linkable Format", elf_is_matching, g_elf_format_new); + /* Détections */ + + result &= register_format_matcher(dwarf_is_matching); + + result &= register_format_matcher(elf_is_matching); + + /* Chargements */ + + result &= register_format_loader("dwarf_v2", "Debugging With Arbitrary Record Formats (v2)", + g_dwarfv2_format_new); + + result &= register_format_loader("dwarf_v3", "Debugging With Arbitrary Record Formats (v3)", + g_dwarfv3_format_new); + + result &= register_format_loader("dwarf_v4", "Debugging With Arbitrary Record Formats (v4)", + g_dwarfv4_format_new); + + result &= register_format_loader("elf", "Executable and Linkable Format", g_elf_format_new); return result; @@ -140,17 +224,23 @@ void unload_formats_definitions(void) { size_t i; /* Boucle de parcours */ - for (i = 0; i < _formats_definitions_count; i++) + if (_formats_matchers != NULL) + free(_formats_matchers); + + _formats_matchers = NULL; + _formats_matchers_count = 0; + + for (i = 0; i < _formats_loaders_count; i++) { - free(_formats_definitions[i].key); - free(_formats_definitions[i].name); + free(_formats_loaders[i].key); + free(_formats_loaders[i].name); } - if (_formats_definitions != NULL) - free(_formats_definitions); + if (_formats_loaders != NULL) + free(_formats_loaders); - _formats_definitions = NULL; - _formats_definitions_count = 0; + _formats_loaders = NULL; + _formats_loaders_count = 0; } @@ -167,9 +257,9 @@ void unload_formats_definitions(void) * * ******************************************************************************/ -static format_t *find_format_by_key(const char *key) +static format_loader_t *find_format_by_key(const char *key) { - format_t *result; /* Trouvaille à retourner */ + format_loader_t *result; /* Trouvaille à retourner */ size_t i; /* Boucle de parcours */ /** @@ -179,9 +269,9 @@ static format_t *find_format_by_key(const char *key) result = NULL; if (key != NULL) - for (i = 0; i < _formats_definitions_count; i++) - if (strcmp(_formats_definitions[i].key, key) == 0) - result = &_formats_definitions[i]; + for (i = 0; i < _formats_loaders_count; i++) + if (strcmp(_formats_loaders[i].key, key) == 0) + result = &_formats_loaders[i]; return result; @@ -203,9 +293,9 @@ static format_t *find_format_by_key(const char *key) const char *get_binary_format_name(const char *key) { const char *result; /* Description à retourner */ - format_t *def; /* Définition d'architecture */ + format_loader_t *def; /* Définition d'architecture */ - /* TODO : lock */ + g_rw_lock_reader_lock(&_formats_lock); def = find_format_by_key(key); @@ -214,7 +304,7 @@ const char *get_binary_format_name(const char *key) else result = def->name; - /* TODO : unlock */ + g_rw_lock_reader_unlock(&_formats_lock); return result; @@ -224,6 +314,7 @@ const char *get_binary_format_name(const char *key) /****************************************************************************** * * * Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * * * * Description : Identifie un format binaire par son contenu. * * * @@ -233,26 +324,21 @@ const char *get_binary_format_name(const char *key) * * ******************************************************************************/ -const char *find_matching_format(GBinContent *content) +const char *find_matching_format(GBinContent *content, GExeFormat *parent) { const char *result; /* Identifiant à retourner */ size_t i; /* Boucle de parcours */ - format_t *def; /* Définition d'architecture */ result = NULL; - /* TODO : lock */ + g_rw_lock_reader_lock(&_formats_lock); - for (i = 0; i < _formats_definitions_count && result == NULL; i++) + for (i = 0; i < _formats_matchers_count && result == NULL; i++) { - def = &_formats_definitions[i]; - - if (def->is_matching(content)) - result = def->key; - + result = _formats_matchers[i].func(content, parent); } - /* TODO : unlock */ + g_rw_lock_reader_unlock(&_formats_lock); return result; @@ -272,21 +358,21 @@ const char *find_matching_format(GBinContent *content) * * ******************************************************************************/ -GBinFormat *load_new_named_format(const char *key, GBinContent *content) +GBinFormat *load_new_named_format(const char *key, GBinContent *content, GExeFormat *parent) { GBinFormat *result; /* Instance à retourner */ - format_t *def; /* Définition d'architecture */ + format_loader_t *def; /* Définition d'architecture */ - /* TODO : lock */ + g_rw_lock_reader_lock(&_formats_lock); def = find_format_by_key(key); if (def == NULL) result = NULL; else - result = def->load(content); + result = def->func(content, parent); - /* TODO : unlock */ + g_rw_lock_reader_unlock(&_formats_lock); return result; diff --git a/src/core/formats.h b/src/core/formats.h index bc16f01..8857217 100644 --- a/src/core/formats.h +++ b/src/core/formats.h @@ -30,17 +30,22 @@ #include "../format/format.h" +#include "../format/executable.h" + /* Indication à propos du support d'un format */ -typedef bool (* format_match_fc) (GBinContent *); +typedef const char * (* format_match_fc) (GBinContent *, GExeFormat *); /* Méthode de chargement d'un format */ -typedef GBinFormat * (* format_load_fc) (GBinContent *); +typedef GBinFormat * (* format_load_fc) (GBinContent *, GExeFormat *); + +/* Enregistre un détection de format(s) binaire(s). */ +bool register_format_matcher(format_match_fc); /* Enregistre un format de contenu binaire donné. */ -bool register_format_type(const char *, const char *, format_match_fc, format_load_fc); +bool register_format_loader(const char *, const char *, format_load_fc); /* Charge les définitions de formats "natifs". */ bool load_hard_coded_formats_definitions(void); @@ -52,10 +57,10 @@ void unload_formats_definitions(void); const char *get_binary_format_name(const char *); /* Identifie un format binaire par son contenu. */ -const char *find_matching_format(GBinContent *); +const char *find_matching_format(GBinContent *, GExeFormat *); /* Charge le format binaire correspondant à un type. */ -GBinFormat *load_new_named_format(const char *, GBinContent *); +GBinFormat *load_new_named_format(const char *, GBinContent *, GExeFormat *); diff --git a/src/format/Makefile.am b/src/format/Makefile.am index b0fda82..a3402ee 100644 --- a/src/format/Makefile.am +++ b/src/format/Makefile.am @@ -2,38 +2,22 @@ noinst_LTLIBRARIES = libformat.la libformat_la_SOURCES = \ + debuggable-int.h \ + debuggable.h debuggable.c \ executable-int.h \ executable.h executable.c \ format-int.h \ format.h format.c \ symbol.h symbol.c -# libformat_la_SOURCES = \ -# exe_format.h exe_format.c \ -# exe_format-int.h \ -# executable-int.h \ -# executable.h executable.c \ -# format-int.h \ -# format.h format.c \ -# dbg_format.h dbg_format.c \ -# dbg_format-int.h \ -# part.h part.c - libformat_la_LIBADD = \ dex/libformatdex.la \ + dwarf/libformatdwarf.la \ elf/libformatelf.la \ java/libformatjava.la \ mangling/libformatmangling.la \ pe/libformatpe.la -# libformat_la_LIBADD = \ -# dex/libformatdex.la \ -# dwarf/libformatdwarf.la \ -# elf/libformatelf.la \ -# java/libformatjava.la \ -# mangling/libformatmangling.la \ -# pe/libformatpe.la - libformat_la_LDFLAGS = @@ -41,5 +25,4 @@ AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) -SUBDIRS = dex elf java mangling pe -#SUBDIRS = dex dwarf elf java mangling pe +SUBDIRS = dex dwarf elf java mangling pe diff --git a/src/format/dbg_format-int.h b/src/format/dbg_format-int.h index 2767654..e69de29 100644 --- a/src/format/dbg_format-int.h +++ b/src/format/dbg_format-int.h @@ -1,55 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dbg_format-int.h - prototypes utiles aux formats de débogage - * - * Copyright (C) 2008 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * OpenIDA is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * OpenIDA is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see . - */ - - -#ifndef _FORMAT_DBG_FORMAT_INT_H -#define _FORMAT_DBG_FORMAT_INT_H - - -#include -#include - - -#include "../dbg_format.h" -#include "../exe_format.h" - - - - - -/* Structure minimale d'un format de débogage */ -struct _dbg_format{ - - const uint8_t *content; /* Contenu binaire à étudier */ - off_t length; /* Taille de ce contenu */ - - exe_format *e_format; /* Gestionnaire d'exécutable */ - - -}; - - -#define DBG_FORMAT(f) ((dbg_format *)f) - - - -#endif /* _FORMAT_DBG_FORMAT_INT_H */ diff --git a/src/format/dbg_format.c b/src/format/dbg_format.c index 3a36049..e69de29 100644 --- a/src/format/dbg_format.c +++ b/src/format/dbg_format.c @@ -1,91 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dbg_format.c - support des formats de débogage - * - * Copyright (C) 2008 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * OpenIDA is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * OpenIDA is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see . - */ - - -#include "dbg_format.h" - - -#include - - - -/* liste de tous les formats de débogage enregistrés */ -typedef struct _dbg_formats -{ - dbg_format **list; /* Série d'éléments */ - size_t count; /* Nombre de ces éléments */ - -} dbg_formats; - - -/* Fournit la liste des formats de débogage enregistrés. */ -dbg_formats *get_debug_formats(void); - - - -/****************************************************************************** -* * -* Paramètres : - * -* * -* Description : Fournit la liste des formats de débogage enregistrés. * -* * -* Retour : Liste des formats enregistrés. * -* * -* Remarques : - * -* * -******************************************************************************/ - -dbg_formats *get_debug_formats(void) -{ - static dbg_formats *result = NULL; /* Liste à retourner */ - - if (result == NULL) - result = (dbg_formats *)calloc(1, sizeof(dbg_formats)); - - return result; - -} - - -/****************************************************************************** -* * -* Paramètres : format = nouvel élément à inscrire dans l'ensemble. * -* * -* Description : Ajoute un nouveau format de débogage à la liste supportée. * -* * -* Retour : - * -* * -* Remarques : - * -* * -******************************************************************************/ - -void register_debug_format(dbg_format *format) -{ - dbg_formats *formats; /* Liste à compléter */ - - formats = get_debug_formats(); - - formats->list = (dbg_format **)realloc(formats->list, ++formats->count * sizeof(dbg_format *)); - formats->list[formats->count - 1] = format; - -} - diff --git a/src/format/dbg_format.h b/src/format/dbg_format.h index bde76e4..e69de29 100644 --- a/src/format/dbg_format.h +++ b/src/format/dbg_format.h @@ -1,41 +0,0 @@ - -/* Chrysalide - Outil d'analyse de fichiers binaires - * dbg_format.h - prototypes pour le support des formats de débogage - * - * Copyright (C) 2008 Cyrille Bagard - * - * This file is part of Chrysalide. - * - * OpenIDA is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * OpenIDA is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Foobar. If not, see . - */ - - -#ifndef _FORMAT_DBG_FORMAT_H -#define _FORMAT_DBG_FORMAT_H - - -/* Structure minimale d'un format de débogage */ -typedef struct _dbg_format dbg_format; - - - -/* Ajoute un nouveau format de débogage à la liste supportée. */ -void register_debug_format(dbg_format *); - - - - - - -#endif /* _FORMAT_DBG_FORMAT_H */ diff --git a/src/format/debuggable-int.h b/src/format/debuggable-int.h new file mode 100644 index 0000000..855a7bf --- /dev/null +++ b/src/format/debuggable-int.h @@ -0,0 +1,51 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * debuggable-int.h - prototypes utiles aux formats d'exécutables + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DEBUGGABLE_INT_H +#define _FORMAT_DEBUGGABLE_INT_H + + +#include "debuggable.h" + + +#include "format-int.h" + + + +/* Format de débogage générique (instance) */ +struct _GDbgFormat +{ + GBinFormat parent; /* A laisser en premier */ + +}; + +/* Format de débogage générique (classe) */ +struct _GDbgFormatClass +{ + GBinFormatClass parent; /* A laisser en premier */ + +}; + + + +#endif /* _FORMAT_DEBUGGABLE_INT_H */ diff --git a/src/format/debuggable.c b/src/format/debuggable.c new file mode 100644 index 0000000..f66ab96 --- /dev/null +++ b/src/format/debuggable.c @@ -0,0 +1,88 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * debuggable.c - support des formats d'exécutables + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "debuggable.h" + + +#include +#include + + +#include "debuggable-int.h" +#include "format.h" + + + +/* Initialise la classe des formats d'exécutables génériques. */ +static void g_debuggable_format_class_init(GDbgFormatClass *); + +/* Initialise une instance de format d'exécutable générique. */ +static void g_debuggable_format_init(GDbgFormat *); + + + +/* Indique le type défini pour un format de débogage générique. */ +G_DEFINE_TYPE(GDbgFormat, g_debuggable_format, G_TYPE_BIN_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats d'exécutables génériques. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_debuggable_format_class_init(GDbgFormatClass *klass) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format d'exécutable générique. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_debuggable_format_init(GDbgFormat *format) +{ + +} + + + + + + + diff --git a/src/format/debuggable.h b/src/format/debuggable.h new file mode 100644 index 0000000..35ab386 --- /dev/null +++ b/src/format/debuggable.h @@ -0,0 +1,52 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * debuggable.h - prototypes pour le support des formats de débogage + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DEBUGGABLE_H +#define _FORMAT_DEBUGGABLE_H + + +#include + + + +#define G_TYPE_DBG_FORMAT g_debuggable_format_get_type() +#define G_DBG_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_debuggable_format_get_type(), GDbgFormat)) +#define G_IS_DBG_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_debuggable_format_get_type())) +#define G_DBG_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DBG_FORMAT, GDbgFormatClass)) +#define G_IS_DBG_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DBG_FORMAT)) +#define G_DBG_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DBG_FORMAT, GDbgFormatClass)) + + +/* Format de débogage générique (instance) */ +typedef struct _GDbgFormat GDbgFormat; + +/* Format de débogage générique (classe) */ +typedef struct _GDbgFormatClass GDbgFormatClass; + + +/* Indique le type défini pour un format de débogage générique. */ +GType g_debuggable_format_get_type(void); + + + +#endif /* _FORMAT_DEBUGGABLE_H */ diff --git a/src/format/dwarf/Makefile.am b/src/format/dwarf/Makefile.am index 5c92107..e3889c4 100644 --- a/src/format/dwarf/Makefile.am +++ b/src/format/dwarf/Makefile.am @@ -2,7 +2,8 @@ noinst_LTLIBRARIES = libformatdwarf.la libformatdwarf_la_SOURCES = \ - dwarf.h dwarf.c + dwarf.h dwarf.c \ + dwarf-int.h dwarf-int.c # libformatdwarf_la_SOURCES = \ # abbrev.h abbrev.c \ @@ -12,9 +13,16 @@ libformatdwarf_la_SOURCES = \ # info.h info.c \ # utils.h utils.c +libformatdwarf_la_LIBADD = \ + v2/libformatdwarfv2.la \ + v3/libformatdwarfv3.la \ + v4/libformatdwarfv4.la + libformatdwarf_la_LDFLAGS = $(LIBGTK_LIBS) AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) + +SUBDIRS = v2 v3 v4 diff --git a/src/format/dwarf/dwarf-int.c b/src/format/dwarf/dwarf-int.c new file mode 100644 index 0000000..310f926 --- /dev/null +++ b/src/format/dwarf/dwarf-int.c @@ -0,0 +1,75 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf-int.c - structures internes du format DWARF + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "dwarf-int.h" + + + +/****************************************************************************** +* * +* Paramètres : format = informations chargées à consulter. * +* pos = position de début de lecture. [OUT] * +* endian = boutisme reconnu dans le format. * +* header = en-tête à déterminer. [OUT] * +* * +* Description : Procède à la lecture de l'en-tête d'un contenu binaire ELF. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool read_dwarf_section_header(GBinContent *content, vmpa2t *pos, SourceEndian endian, dw_section_header *header) +{ + bool result; /* Bilan à retourner */ + uint32_t first; /* Premier paquet d'octets */ + bool status; /* Bilan d'opération */ + + result = false; + + status = g_binary_content_read_u32(content, pos, endian, &first); + if (!status) goto rdsh_exit; + + if (first >= 0xfffffff0 && first != 0xffffffff) + goto rdsh_exit; + + if (first == 0xffffffff) + { + result = g_binary_content_read_u64(content, pos, endian, &header->unit_length); + header->is_32b = false; + } + else + { + result = true; + header->unit_length = first; + header->is_32b = true; + } + + result &= g_binary_content_read_u16(content, pos, endian, &header->version); + + rdsh_exit: + + return result; + +} diff --git a/src/format/dwarf/dwarf-int.h b/src/format/dwarf/dwarf-int.h index 7999d3a..d3bf14a 100644 --- a/src/format/dwarf/dwarf-int.h +++ b/src/format/dwarf/dwarf-int.h @@ -25,15 +25,89 @@ #define _FORMAT_DWARF_DWARF_INT_H +#include "dwarf.h" -#include "../dbg_format-int.h" +#include + + + + +#include "../debuggable-int.h" #include "dwarf_def.h" + + + +/* En-tête présente dans certaines sections */ +typedef struct _dw_section_header +{ + uint64_t unit_length; /* Taille totale sans le champ */ + bool is_32b; /* Le format est-il sur 32b ? */ + + uint16_t version; /* Version de la section */ + +} dw_section_header; + + + + + + +/* Procède à la lecture de l'en-tête d'un contenu binaire ELF. */ +bool read_dwarf_section_header(GBinContent *, vmpa2t *, SourceEndian, dw_section_header *); + + + + + + + + + + + + + +/* Format de débogage DWARF (instance) */ +struct _GDwarfFormat +{ + GDbgFormat parent; /* A laisser en premier */ + +}; + +/* Format de débogage DWARF (classe) */ +struct _GDwarfFormatClass +{ + GDbgFormatClass parent; /* A laisser en premier */ + +}; + + + + + + + + + + + + + + + + + + + + + + /* Format du DWARF */ typedef enum _DwarfFormat { @@ -81,7 +155,7 @@ typedef struct _dw_dbg_function } dw_dbg_function; - +#if 0 /* Description du format DWARF */ struct _dwarf_format { @@ -96,7 +170,7 @@ struct _dwarf_format size_t dbg_fc_count; /* Nombre de ces fonctions */ }; - +#endif diff --git a/src/format/dwarf/dwarf.c b/src/format/dwarf/dwarf.c index c7b1c23..db8335b 100644 --- a/src/format/dwarf/dwarf.c +++ b/src/format/dwarf/dwarf.c @@ -24,63 +24,245 @@ #include "dwarf.h" +#include "dwarf-int.h" +#include "../../common/cpp.h" +/* Initialise la classe des formats de débogage DWARF. */ +static void g_dwarf_format_class_init(GDwarfFormatClass *); +/* Initialise une instance de format de débogage DWARF. */ +static void g_dwarf_format_init(GDwarfFormat *); +/* Supprime toutes les références externes. */ +static void g_dwarf_format_dispose(GDwarfFormat *); +/* Procède à la libération totale de la mémoire. */ +static void g_dwarf_format_finalize(GDwarfFormat *); +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * +* * +* Description : Indique si le format peut être pris en charge ici. * +* * +* Retour : Désignation du format reconnu ou NULL si aucun. * +* * +* Remarques : - * +* * +******************************************************************************/ + +const char *dwarf_is_matching(GBinContent *content, GExeFormat *parent) +{ + const char *result; /* Format détecté à renvoyer */ + size_t i; /* Boucle de parcours */ + mrange_t range; /* Couverture d'une section */ + dw_section_header header; /* En-tête DWARF de section */ + bool found; /* Bilan d'une comparaison */ + + static const char *section_names[] = { + ".debug_aranges", + ".debug_frame", + ".debug_info", + ".debug_line", + ".debug_pubnames", + ".debug_pubtypes", + ".debug_types" + }; + + static const uint16_t dwarf_v2_versions[] = { + 2, /* .debug_aranges */ + 1, /* .debug_frame */ + 2, /* .debug_info */ + 2, /* .debug_line */ + 2, /* .debug_pubnames */ + 0, /* .debug_pubtypes */ + 0 /* .debug_types */ + }; + + static const uint16_t dwarf_v3_versions[] = { + 2, /* .debug_aranges */ + 3, /* .debug_frame */ + 3, /* .debug_info */ + 3, /* .debug_line */ + 2, /* .debug_pubnames */ + 2, /* .debug_pubtypes */ + 0 /* .debug_types */ + }; + + static const uint16_t dwarf_v4_versions[] = { + 2, /* .debug_aranges */ + 4, /* .debug_frame */ + 4, /* .debug_info */ + 4, /* .debug_line */ + 2, /* .debug_pubnames */ + 2, /* .debug_pubtypes */ + 4 /* .debug_types */ + }; + + uint16_t current_versions[] = { + 0, /* .debug_aranges */ + 0, /* .debug_frame */ + 0, /* .debug_info */ + 0, /* .debug_line */ + 0, /* .debug_pubnames */ + 0, /* .debug_pubtypes */ + 0 /* .debug_types */ + }; + + result = NULL; + + if (parent == NULL) + return NULL; + + /* Lecture des indices présents */ + + for (i = 0; i < ARRAY_SIZE(section_names); i++) + { + if (!g_exe_format_get_section_range_by_name(parent, section_names[i], &range)) + continue; + + if (!read_dwarf_section_header(content, get_mrange_addr(&range), SRE_LITTLE /* FIXME */, &header)) + continue; + + current_versions[i] = header.version; + + } + + /* Détermination d'une version bien identifiée */ + + bool check_dwarf_version(const uint16_t *ref, const uint16_t *cur, size_t count) + { + bool equal; + size_t k; + + equal = true; + + for (k = 0; k < count && equal; k++) + equal = (cur[k] == 0) || (ref[k] == cur[k]); + + return equal; + + } + + /** + * Un fichier DWARF sans section sera vu comme un fichier DWARF de + * dernière génération. + * Ce qui n'est pas très grave car rien ne sera chargé par la suite, + * du fait de l'absence de section, donc il n'y aura pas d'incompatibilité. + */ + + found = check_dwarf_version(dwarf_v4_versions, current_versions, ARRAY_SIZE(section_names)); + + if (found) + result = "dwarf_v4"; + + if (result == NULL) + { + found = check_dwarf_version(dwarf_v3_versions, current_versions, ARRAY_SIZE(section_names)); + + if (found) + result = "dwarf_v3"; + } + + if (result == NULL) + { + found = check_dwarf_version(dwarf_v2_versions, current_versions, ARRAY_SIZE(section_names)); + + if (found) + result = "dwarf_v2"; + + } + + return result; + +} + + +/* Indique le type défini pour un format de débogage générique. */ +G_DEFINE_TYPE(GDwarfFormat, g_dwarf_format, G_TYPE_DBG_FORMAT); /****************************************************************************** * * -* Paramètres : type = type de format recherché. * -* content = contenu binaire à parcourir. * -* length = taille du contenu en question. * +* Paramètres : klass = classe à initialiser. * * * -* Description : Indique si le format peut être pris en charge ici. * +* Description : Initialise la classe des formats de débogage DWARF. * * * -* Retour : true si la réponse est positive, false sinon. * +* Retour : - * * * * Remarques : - * * * ******************************************************************************/ -bool dwarf_is_matching(GBinContent *) +static void g_dwarf_format_class_init(GDwarfFormatClass *klass) { - bool result; /* Bilan à faire connaître */ + GObjectClass *object; /* Autre version de la classe */ - result = false; + object = G_OBJECT_CLASS(klass); - return result; + object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarf_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_dwarf_format_finalize; } /****************************************************************************** * * -* Paramètres : content = contenu binaire à parcourir. * -* length = taille du contenu en question. * +* Paramètres : format = instance à initialiser. * * * -* Description : Prend en charge un nouveau format Dwarf. * +* Description : Initialise une instance de format de débogage DWARF. * * * -* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* Retour : - * * * * Remarques : - * * * ******************************************************************************/ -GBinFormat *g_dwarf_format_new(const bin_t *content, off_t length) +static void g_dwarf_format_init(GDwarfFormat *format) { +} - return NULL; +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ +static void g_dwarf_format_dispose(GDwarfFormat *format) +{ + G_OBJECT_CLASS(g_dwarf_format_parent_class)->dispose(G_OBJECT(format)); +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarf_format_finalize(GDwarfFormat *format) +{ + G_OBJECT_CLASS(g_dwarf_format_parent_class)->finalize(G_OBJECT(format)); } diff --git a/src/format/dwarf/dwarf.h b/src/format/dwarf/dwarf.h index 2e32c8e..a5e988b 100644 --- a/src/format/dwarf/dwarf.h +++ b/src/format/dwarf/dwarf.h @@ -25,15 +25,30 @@ #define _FORMAT_DWARF_DWARF_H -#include "../format.h" +#include "../executable.h" +#define G_TYPE_DWARF_FORMAT g_dwarf_format_get_type() +#define G_DWARF_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarf_format_get_type(), GDwarfFormat)) +#define G_IS_DWARF_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarf_format_get_type())) +#define G_DWARF_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARF_FORMAT, GDwarfFormatClass)) +#define G_IS_DWARF_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARF_FORMAT)) +#define G_DWARF_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARF_FORMAT, GDwarfFormatClass)) + + +/* Format de débogage DWARF (instance) */ +typedef struct _GDwarfFormat GDwarfFormat; + +/* Format de débogage DWARF (classe) */ +typedef struct _GDwarfFormatClass GDwarfFormatClass; + + /* Indique si le format peut être pris en charge ici. */ -bool dwarf_is_matching(GBinContent *); +const char *dwarf_is_matching(GBinContent *, GExeFormat *); -/* Prend en charge un nouveau format Dwarf. */ -GBinFormat *g_dwarf_format_new(const bin_t *, off_t); +/* Indique le type défini pour un format de débogage DWARF. */ +GType g_dwarf_format_get_type(void); diff --git a/src/format/dwarf/v2/Makefile.am b/src/format/dwarf/v2/Makefile.am new file mode 100644 index 0000000..54e7719 --- /dev/null +++ b/src/format/dwarf/v2/Makefile.am @@ -0,0 +1,12 @@ + +noinst_LTLIBRARIES = libformatdwarfv2.la + +libformatdwarfv2_la_SOURCES = \ + dwarf.h dwarf.c + +libformatdwarfv2_la_LDFLAGS = $(LIBGTK_LIBS) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/src/format/dwarf/v2/dwarf.c b/src/format/dwarf/v2/dwarf.c new file mode 100644 index 0000000..73e4e04 --- /dev/null +++ b/src/format/dwarf/v2/dwarf.c @@ -0,0 +1,171 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.c - support du format DWARF v2 + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "dwarf.h" + + +#include "../dwarf-int.h" + + + +/* Format de débogage DWARF v2 (instance) */ +struct _GDwarfV2Format +{ + GDwarfFormat parent; /* A laisser en premier */ + +}; + +/* Format de débogage DWARF v2 (classe) */ +struct _GDwarfV2FormatClass +{ + GDwarfFormatClass parent; /* A laisser en premier */ + +}; + + +/* Initialise la classe des formats de débogage DWARF v2. */ +static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *); + +/* Initialise une instance de format de débogage DWARF v2. */ +static void g_dwarfv2_format_init(GDwarfV2Format *); + +/* Supprime toutes les références externes. */ +static void g_dwarfv2_format_dispose(GDwarfV2Format *); + +/* Procède à la libération totale de la mémoire. */ +static void g_dwarfv2_format_finalize(GDwarfV2Format *); + + + +/* Indique le type défini pour un format de débogage DWARF v2. */ +G_DEFINE_TYPE(GDwarfV2Format, g_dwarfv2_format, G_TYPE_DWARF_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats de débogage DWARF v2. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_class_init(GDwarfV2FormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv2_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_dwarfv2_format_finalize; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format de débogage DWARF v2. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_init(GDwarfV2Format *format) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_dispose(GDwarfV2Format *format) +{ + G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv2_format_finalize(GDwarfV2Format *format) +{ + G_OBJECT_CLASS(g_dwarfv2_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * +* * +* Description : Prend en charge un nouveau format DWARF (v2). * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinFormat *g_dwarfv2_format_new(GBinContent *content, GExeFormat *parent) +{ + GDwarfV2Format *result; /* Structure à retourner */ + + result = g_object_new(G_TYPE_DWARFV2_FORMAT, NULL); + + + + g_binary_format_set_content(G_BIN_FORMAT(result), content); + + + + return G_BIN_FORMAT(result); + +} diff --git a/src/format/dwarf/v2/dwarf.h b/src/format/dwarf/v2/dwarf.h new file mode 100644 index 0000000..360a2e6 --- /dev/null +++ b/src/format/dwarf/v2/dwarf.h @@ -0,0 +1,59 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.h - prototypes pour le support du format DWARF v2 + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DWARF_V2_DWARF_H +#define _FORMAT_DWARF_V2_DWARF_H + + +#include + + +#include "../../executable.h" +#include "../../format.h" + + + +#define G_TYPE_DWARFV2_FORMAT g_dwarfv2_format_get_type() +#define G_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv2_format_get_type(), GDwarfV2Format)) +#define G_IS_DWARFV2_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv2_format_get_type())) +#define G_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) +#define G_IS_DWARFV2_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV2_FORMAT)) +#define G_DWARFV2_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV2_FORMAT, GDwarfV2FormatClass)) + + +/* Format de débogage DWARF v2 (instance) */ +typedef struct _GDwarfV2Format GDwarfV2Format; + +/* Format de débogage DWARF v2 (classe) */ +typedef struct _GDwarfV2FormatClass GDwarfV2FormatClass; + + +/* Indique le type défini pour un format de débogage DWARF v2. */ +GType g_dwarfv2_format_get_type(void); + +/* Prend en charge un nouveau format DWARF (v2). */ +GBinFormat *g_dwarfv2_format_new(GBinContent *, GExeFormat *); + + + +#endif /* _FORMAT_DWARF_V2_DWARF_H */ diff --git a/src/format/dwarf/v3/Makefile.am b/src/format/dwarf/v3/Makefile.am new file mode 100644 index 0000000..dd6e9cd --- /dev/null +++ b/src/format/dwarf/v3/Makefile.am @@ -0,0 +1,12 @@ + +noinst_LTLIBRARIES = libformatdwarfv3.la + +libformatdwarfv3_la_SOURCES = \ + dwarf.h dwarf.c + +libformatdwarfv3_la_LDFLAGS = $(LIBGTK_LIBS) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/src/format/dwarf/v3/dwarf.c b/src/format/dwarf/v3/dwarf.c new file mode 100644 index 0000000..d6198f7 --- /dev/null +++ b/src/format/dwarf/v3/dwarf.c @@ -0,0 +1,171 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.c - support du format DWARF v3 + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "dwarf.h" + + +#include "../dwarf-int.h" + + + +/* Format de débogage DWARF v3 (instance) */ +struct _GDwarfV3Format +{ + GDwarfFormat parent; /* A laisser en premier */ + +}; + +/* Format de débogage DWARF v3 (classe) */ +struct _GDwarfV3FormatClass +{ + GDwarfFormatClass parent; /* A laisser en premier */ + +}; + + +/* Initialise la classe des formats de débogage DWARF v3. */ +static void g_dwarfv3_format_class_init(GDwarfV3FormatClass *); + +/* Initialise une instance de format de débogage DWARF v3. */ +static void g_dwarfv3_format_init(GDwarfV3Format *); + +/* Supprime toutes les références externes. */ +static void g_dwarfv3_format_dispose(GDwarfV3Format *); + +/* Procède à la libération totale de la mémoire. */ +static void g_dwarfv3_format_finalize(GDwarfV3Format *); + + + +/* Indique le type défini pour un format de débogage DWARF v3. */ +G_DEFINE_TYPE(GDwarfV3Format, g_dwarfv3_format, G_TYPE_DWARF_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats de débogage DWARF v3. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv3_format_class_init(GDwarfV3FormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv3_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_dwarfv3_format_finalize; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format de débogage DWARF v3. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv3_format_init(GDwarfV3Format *format) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv3_format_dispose(GDwarfV3Format *format) +{ + G_OBJECT_CLASS(g_dwarfv3_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv3_format_finalize(GDwarfV3Format *format) +{ + G_OBJECT_CLASS(g_dwarfv3_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * +* * +* Description : Prend en charge un nouveau format DWARF (v3). * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinFormat *g_dwarfv3_format_new(GBinContent *content, GExeFormat *parent) +{ + GDwarfV3Format *result; /* Structure à retourner */ + + result = g_object_new(G_TYPE_DWARFV3_FORMAT, NULL); + + + + g_binary_format_set_content(G_BIN_FORMAT(result), content); + + + + return G_BIN_FORMAT(result); + +} diff --git a/src/format/dwarf/v3/dwarf.h b/src/format/dwarf/v3/dwarf.h new file mode 100644 index 0000000..2aaf891 --- /dev/null +++ b/src/format/dwarf/v3/dwarf.h @@ -0,0 +1,59 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.h - prototypes pour le support du format DWARF v3 + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DWARF_V3_DWARF_H +#define _FORMAT_DWARF_V3_DWARF_H + + +#include + + +#include "../../executable.h" +#include "../../format.h" + + + +#define G_TYPE_DWARFV3_FORMAT g_dwarfv3_format_get_type() +#define G_DWARFV3_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv3_format_get_type(), GDwarfV3Format)) +#define G_IS_DWARFV3_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv3_format_get_type())) +#define G_DWARFV3_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV3_FORMAT, GDwarfV3FormatClass)) +#define G_IS_DWARFV3_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV3_FORMAT)) +#define G_DWARFV3_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV3_FORMAT, GDwarfV3FormatClass)) + + +/* Format de débogage DWARF v3 (instance) */ +typedef struct _GDwarfV3Format GDwarfV3Format; + +/* Format de débogage DWARF v3 (classe) */ +typedef struct _GDwarfV3FormatClass GDwarfV3FormatClass; + + +/* Indique le type défini pour un format de débogage DWARF v3. */ +GType g_dwarfv3_format_get_type(void); + +/* Prend en charge un nouveau format DWARF (v3). */ +GBinFormat *g_dwarfv3_format_new(GBinContent *, GExeFormat *); + + + +#endif /* _FORMAT_DWARF_V3_DWARF_H */ diff --git a/src/format/dwarf/v4/Makefile.am b/src/format/dwarf/v4/Makefile.am new file mode 100644 index 0000000..fb3bc43 --- /dev/null +++ b/src/format/dwarf/v4/Makefile.am @@ -0,0 +1,12 @@ + +noinst_LTLIBRARIES = libformatdwarfv4.la + +libformatdwarfv4_la_SOURCES = \ + dwarf.h dwarf.c + +libformatdwarfv4_la_LDFLAGS = $(LIBGTK_LIBS) + + +AM_CPPFLAGS = $(LIBGTK_CFLAGS) $(LIBXML_CFLAGS) + +AM_CFLAGS = $(DEBUG_CFLAGS) $(WARNING_FLAGS) $(COMPLIANCE_FLAGS) diff --git a/src/format/dwarf/v4/dwarf.c b/src/format/dwarf/v4/dwarf.c new file mode 100644 index 0000000..164d321 --- /dev/null +++ b/src/format/dwarf/v4/dwarf.c @@ -0,0 +1,171 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.c - support du format DWARF v4 + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#include "dwarf.h" + + +#include "../dwarf-int.h" + + + +/* Format de débogage DWARF v4 (instance) */ +struct _GDwarfV4Format +{ + GDwarfFormat parent; /* A laisser en premier */ + +}; + +/* Format de débogage DWARF v4 (classe) */ +struct _GDwarfV4FormatClass +{ + GDwarfFormatClass parent; /* A laisser en premier */ + +}; + + +/* Initialise la classe des formats de débogage DWARF v4. */ +static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *); + +/* Initialise une instance de format de débogage DWARF v4. */ +static void g_dwarfv4_format_init(GDwarfV4Format *); + +/* Supprime toutes les références externes. */ +static void g_dwarfv4_format_dispose(GDwarfV4Format *); + +/* Procède à la libération totale de la mémoire. */ +static void g_dwarfv4_format_finalize(GDwarfV4Format *); + + + +/* Indique le type défini pour un format de débogage DWARF v4. */ +G_DEFINE_TYPE(GDwarfV4Format, g_dwarfv4_format, G_TYPE_DWARF_FORMAT); + + +/****************************************************************************** +* * +* Paramètres : klass = classe à initialiser. * +* * +* Description : Initialise la classe des formats de débogage DWARF v4. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv4_format_class_init(GDwarfV4FormatClass *klass) +{ + GObjectClass *object; /* Autre version de la classe */ + + object = G_OBJECT_CLASS(klass); + + object->dispose = (GObjectFinalizeFunc/* ! */)g_dwarfv4_format_dispose; + object->finalize = (GObjectFinalizeFunc)g_dwarfv4_format_finalize; + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance à initialiser. * +* * +* Description : Initialise une instance de format de débogage DWARF v4. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv4_format_init(GDwarfV4Format *format) +{ + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Supprime toutes les références externes. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv4_format_dispose(GDwarfV4Format *format) +{ + G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->dispose(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : format = instance d'objet GLib à traiter. * +* * +* Description : Procède à la libération totale de la mémoire. * +* * +* Retour : - * +* * +* Remarques : - * +* * +******************************************************************************/ + +static void g_dwarfv4_format_finalize(GDwarfV4Format *format) +{ + G_OBJECT_CLASS(g_dwarfv4_format_parent_class)->finalize(G_OBJECT(format)); + +} + + +/****************************************************************************** +* * +* Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * +* * +* Description : Prend en charge un nouveau format DWARF (v4). * +* * +* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.* +* * +* Remarques : - * +* * +******************************************************************************/ + +GBinFormat *g_dwarfv4_format_new(GBinContent *content, GExeFormat *parent) +{ + GDwarfV4Format *result; /* Structure à retourner */ + + result = g_object_new(G_TYPE_DWARFV4_FORMAT, NULL); + + + + g_binary_format_set_content(G_BIN_FORMAT(result), content); + + + + return G_BIN_FORMAT(result); + +} diff --git a/src/format/dwarf/v4/dwarf.h b/src/format/dwarf/v4/dwarf.h new file mode 100644 index 0000000..af3c2c4 --- /dev/null +++ b/src/format/dwarf/v4/dwarf.h @@ -0,0 +1,59 @@ + +/* Chrysalide - Outil d'analyse de fichiers binaires + * dwarf.h - prototypes pour le support du format DWARF v4 + * + * Copyright (C) 2015 Cyrille Bagard + * + * This file is part of Chrysalide. + * + * OpenIDA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * OpenIDA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Foobar. If not, see . + */ + + +#ifndef _FORMAT_DWARF_V4_DWARF_H +#define _FORMAT_DWARF_V4_DWARF_H + + +#include + + +#include "../../executable.h" +#include "../../format.h" + + + +#define G_TYPE_DWARFV4_FORMAT g_dwarfv4_format_get_type() +#define G_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), g_dwarfv4_format_get_type(), GDwarfV4Format)) +#define G_IS_DWARFV4_FORMAT(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), g_dwarfv4_format_get_type())) +#define G_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass)) +#define G_IS_DWARFV4_FORMAT_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), G_TYPE_DWARFV4_FORMAT)) +#define G_DWARFV4_FORMAT_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS((obj), G_TYPE_DWARFV4_FORMAT, GDwarfV4FormatClass)) + + +/* Format de débogage DWARF v4 (instance) */ +typedef struct _GDwarfV4Format GDwarfV4Format; + +/* Format de débogage DWARF v4 (classe) */ +typedef struct _GDwarfV4FormatClass GDwarfV4FormatClass; + + +/* Indique le type défini pour un format de débogage DWARF v4. */ +GType g_dwarfv4_format_get_type(void); + +/* Prend en charge un nouveau format DWARF (v4). */ +GBinFormat *g_dwarfv4_format_new(GBinContent *, GExeFormat *); + + + +#endif /* _FORMAT_DWARF_V4_DWARF_H */ diff --git a/src/format/elf/elf.c b/src/format/elf/elf.c index bf5a7a2..7f3af9f 100644 --- a/src/format/elf/elf.c +++ b/src/format/elf/elf.c @@ -75,31 +75,38 @@ static bool g_elf_format_translate_offset_into_vmpa(const GElfFormat *, phys_t, /* Fournit l'emplacement correspondant à une position physique. */ static bool g_elf_format_translate_address_into_vmpa(const GElfFormat *, virt_t, vmpa2t *); +/* Fournit l'emplacement d'une section donnée. */ +bool g_elf_format_get_section_range_by_name(const GElfFormat *, const char *, mrange_t *); + /****************************************************************************** * * * Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * * * * Description : Indique si le format peut être pris en charge ici. * * * -* Retour : true si la réponse est positive, false sinon. * +* Retour : Désignation du format reconnu ou NULL si aucun. * * * * Remarques : - * * * ******************************************************************************/ -bool elf_is_matching(GBinContent *content) +const char *elf_is_matching(GBinContent *content, GExeFormat *parent) { - bool result; /* Bilan à faire connaître */ + const char *result; /* Format détecté à renvoyer */ vmpa2t addr; /* Tête de lecture initiale */ + bool status; /* Bilan des accès mémoire */ char magic[4]; /* Idenfiant standard */ init_vmpa(&addr, 0, VMPA_NO_VIRTUAL); - result = g_binary_content_get_raw(content, &addr, 4, (bin_t *)magic); + status = g_binary_content_get_raw(content, &addr, 4, (bin_t *)magic); + + status &= (memcmp(magic, "\x7f\x45\x4c\x46" /* .ELF */, 4) == 0); - result &= (memcmp(magic, "\x7f\x45\x4c\x46" /* .ELF */, 4) == 0); + result = status ? "elf" : NULL; return result; @@ -137,6 +144,8 @@ static void g_elf_format_class_init(GElfFormatClass *klass) exe->translate_phys = (translate_phys_fc)g_elf_format_translate_offset_into_vmpa; exe->translate_virt = (translate_virt_fc)g_elf_format_translate_address_into_vmpa; + exe->get_range_by_name = (get_range_by_name_fc)g_elf_format_get_section_range_by_name; + } @@ -205,6 +214,7 @@ static void g_elf_format_finalize(GElfFormat *format) /****************************************************************************** * * * Paramètres : content = contenu binaire à parcourir. * +* parent = éventuel format exécutable déjà chargé. * * * * Description : Prend en charge un nouveau format ELF. * * * @@ -214,7 +224,7 @@ static void g_elf_format_finalize(GElfFormat *format) * * ******************************************************************************/ -GBinFormat *g_elf_format_new(GBinContent *content) +GBinFormat *g_elf_format_new(GBinContent *content, GExeFormat *parent) { GElfFormat *result; /* Structure à retourner */ @@ -502,6 +512,41 @@ static bool g_elf_format_translate_address_into_vmpa(const GElfFormat *format, v /****************************************************************************** * * +* Paramètres : format = description de l'exécutable à consulter. * +* name = nom de la section recherchée. * +* range = emplacement en mémoire à renseigner. [OUT] * +* * +* Description : Fournit l'emplacement d'une section donnée. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool g_elf_format_get_section_range_by_name(const GElfFormat *format, const char *name, mrange_t *range) +{ + bool result; /* Bilan à retourner */ + phys_t offset; /* Position physique de section*/ + phys_t size; /* Taille de la section trouvée*/ + virt_t address; /* Adresse virtuelle de section*/ + vmpa2t tmp; /* Adresse à initialiser */ + + result = find_elf_section_content_by_name(format, name, &offset, &size, &address); + + if (result) + { + init_vmpa(&tmp, offset, address); + init_mrange(range, &tmp, size); + } + + return result; + +} + + +/****************************************************************************** +* * * Paramètres : format = informations chargées à consulter. * * * * Description : Présente l'en-tête ELF du format chargé. * diff --git a/src/format/elf/elf.h b/src/format/elf/elf.h index 484cda8..8e9a2cc 100644 --- a/src/format/elf/elf.h +++ b/src/format/elf/elf.h @@ -31,6 +31,7 @@ #include "elf_def.h" +#include "../executable.h" #include "../format.h" @@ -50,13 +51,13 @@ typedef struct _GElfFormatClass GElfFormatClass; /* Indique si le format peut être pris en charge ici. */ -bool elf_is_matching(GBinContent *); +const char *elf_is_matching(GBinContent *, GExeFormat *); /* Indique le type défini pour un format d'exécutable ELF. */ GType g_elf_format_get_type(void); /* Prend en charge un nouveau format ELF. */ -GBinFormat *g_elf_format_new(GBinContent *); +GBinFormat *g_elf_format_new(GBinContent *, GExeFormat *); /* Présente l'en-tête ELF du format chargé. */ const elf_header *g_elf_format_get_header(const GElfFormat *); diff --git a/src/format/executable-int.h b/src/format/executable-int.h index bb46248..704466e 100644 --- a/src/format/executable-int.h +++ b/src/format/executable-int.h @@ -52,6 +52,9 @@ typedef bool (* translate_phys_fc) (const GExeFormat *, phys_t, vmpa2t *); /* Fournit l'emplacement correspondant à une adresse virtuelle. */ typedef bool (* translate_virt_fc) (const GExeFormat *, virt_t, vmpa2t *); +/* Fournit l'emplacement d'une section donnée. */ +typedef bool (* get_range_by_name_fc) (const GExeFormat *, const char *, mrange_t *); + /* Format d'exécutable générique (instance) */ @@ -77,6 +80,8 @@ struct _GExeFormatClass translate_phys_fc translate_phys; /* Correspondance phys -> vmpa */ translate_virt_fc translate_virt; /* Correspondance virt -> vmpa */ + get_range_by_name_fc get_range_by_name; /* Emplacement de sections */ + }; diff --git a/src/format/executable.c b/src/format/executable.c index ab5543a..aae182a 100644 --- a/src/format/executable.c +++ b/src/format/executable.c @@ -305,3 +305,28 @@ bool g_exe_format_translate_address_into_vmpa(const GExeFormat *format, virt_t a return result; } + + +/****************************************************************************** +* * +* Paramètres : format = description de l'exécutable à consulter. * +* name = nom de la section recherchée. * +* range = emplacement en mémoire à renseigner. [OUT] * +* * +* Description : Fournit l'emplacement d'une section donnée. * +* * +* Retour : Bilan de l'opération. * +* * +* Remarques : - * +* * +******************************************************************************/ + +bool g_exe_format_get_section_range_by_name(const GExeFormat *format, const char *name, mrange_t *range) +{ + bool result; /* Bilan à retourner */ + + result = G_EXE_FORMAT_GET_CLASS(format)->get_range_by_name(format, name, range); + + return result; + +} diff --git a/src/format/executable.h b/src/format/executable.h index 8b52ed6..45c736b 100644 --- a/src/format/executable.h +++ b/src/format/executable.h @@ -92,5 +92,9 @@ bool g_exe_format_translate_address_into_vmpa(const GExeFormat *, virt_t, vmpa2t }) +/* Fournit l'emplacement d'une section donnée. */ +bool g_exe_format_get_section_range_by_name(const GExeFormat *, const char *, mrange_t *); + + #endif /* _FORMAT_EXECUTABLE_H */ -- cgit v0.11.2-87-g4458