/* Chrysalide - Outil d'analyse de fichiers binaires * instruction.c - gestion des instructions de la VM Dalvik * * Copyright (C) 2010-2013 Cyrille Bagard * * This file is part of Chrysalide. * * OpenIDA is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * OpenIDA is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with Foobar. If not, see . */ #include "instruction.h" #include "instruction-int.h" #include "decomp/translate.h" #include "operands/register.h" #include "operands/target.h" #include "../instruction-int.h" #include "../register-int.h" /* Initialise la classe des instructions pour Dalvik. */ static void g_dalvik_instruction_class_init(GDalvikInstructionClass *); /* Initialise une instance d'opérande d'architecture Dalvik. */ static void g_dalvik_instruction_init(GDalvikInstruction *); /* Supprime toutes les références externes. */ static void g_dalvik_instruction_dispose(GDalvikInstruction *); /* Procède à la libération totale de la mémoire. */ static void g_dalvik_instruction_finalize(GDalvikInstruction *); /* Liste les registres lus et écrits par l'instruction. */ static void g_dalvik_instruction_get_rw_registers(const GDalvikInstruction *, GArchRegister ***, size_t *, GArchRegister ***, size_t *); /* --------------------- AIDE A LA MISE EN PLACE D'INSTRUCTIONS --------------------- */ /* Répertoire de toutes les instructions Dalvik */ typedef struct _dalvik_instruction { bin_t opcode; /* Opcode de l'instruction */ const char *keyword; /* Mot clef de la commande */ decomp_instr_fc decomp; /* Procédure de décompilation */ } dalvik_instruction; static dalvik_instruction _instructions[DOP_COUNT] = { [DOP_NOP] = { 0x00, "nop", NULL }, [DOP_MOVE] = { 0x01, "move", dalvik_decomp_instr_move }, [DOP_MOVE_FROM_16] = { 0x02, "move/from16" }, [DOP_MOVE_16] = { 0x03, "move/16" }, [DOP_MOVE_WIDE] = { 0x04, "move-wide" }, [DOP_MOVE_WIDE_FROM_16] = { 0x05, "move-wide/from16" }, [DOP_MOVE_WIDE_16] = { 0x06, "move-wide/16" }, [DOP_MOVE_OBJECT] = { 0x07, "move-object", dalvik_decomp_instr_move_object }, [DOP_MOVE_OBJECT_FROM_16] = { 0x08, "move-object/from16" }, [DOP_MOVE_OBJECT_16] = { 0x09, "move-object/16" }, [DOP_MOVE_RESULT] = { 0x0a, "move-result", dalvik_decomp_instr_move_result }, [DOP_MOVE_RESULT_WIDE] = { 0x0b, "move-result-wide", dalvik_decomp_instr_move_result }, [DOP_MOVE_RESULT_OBJECT] = { 0x0c, "move-result-object", dalvik_decomp_instr_move_result }, [DOP_MOVE_EXCEPTION] = { 0x0d, "move-exception" }, [DOP_RETURN_VOID] = { 0x0e, "return-void", dalvik_decomp_instr_return_void }, [DOP_RETURN] = { 0x0f, "return", dalvik_decomp_instr_return }, [DOP_RETURN_WIDE] = { 0x10, "return-wide", dalvik_decomp_instr_return }, [DOP_RETURN_OBJECT] = { 0x11, "return-object", dalvik_decomp_instr_return }, [DOP_CONST_4] = { 0x12, "const/4", dalvik_decomp_instr_const }, [DOP_CONST_16] = { 0x13, "const/16", dalvik_decomp_instr_const }, [DOP_CONST] = { 0x14, "const" }, [DOP_CONST_HIGH16] = { 0x15, "const/high16" }, [DOP_CONST_WIDE_16] = { 0x16, "const-wide/16" }, [DOP_CONST_WIDE_32] = { 0x17, "const-wide/32" }, [DOP_CONST_WIDE] = { 0x18, "const-wide" }, [DOP_CONST_WIDE_HIGH16] = { 0x19, "const-wide/high16" }, [DOP_CONST_STRING] = { 0x1a, "const-string", dalvik_decomp_instr_const_str }, [DOP_CONST_STRING_JUMBO] = { 0x1b, "const-string/jumbo" }, [DOP_CONST_CLASS] = { 0x1c, "const-class" }, [DOP_MONITOR_ENTER] = { 0x1d, "monitor-enter" }, [DOP_MONITOR_EXIT] = { 0x1e, "monitor-exit" }, [DOP_CHECK_CAST] = { 0x1f, "check-cast" }, [DOP_INSTANCE_OF] = { 0x20, "instance-of" }, [DOP_ARRAY_LENGTH] = { 0x21, "array-length", dalvik_decomp_instr_array_length }, [DOP_NEW_INSTANCE] = { 0x22, "new-instance", dalvik_decomp_instr_new_instance }, [DOP_NEW_ARRAY] = { 0x23, "new-array" }, [DOP_FILLED_NEW_ARRAY] = { 0x24, "fill-new-array" }, [DOP_FILLED_NEW_ARRAY_RANGE]= { 0x25, "fill-new-array/range" }, [DOP_FILL_ARRAY_DATA] = { 0x26, "fill-array-data" }, [DOP_THROW] = { 0x27, "throw" }, [DOP_GOTO] = { 0x28, "goto" }, [DOP_GOTO_16] = { 0x29, "goto/16" }, [DOP_GOTO_32] = { 0x2a, "goto/32" }, [DOP_PACKED_SWITCH] = { 0x2b, "packed-switch", dalvik_decomp_instr_switch }, [DOP_SPARSE_SWITCH] = { 0x2c, "sparse-switch", dalvik_decomp_instr_switch }, [DOP_CMPL_FLOAT] = { 0x2d, "cmp-long" }, [DOP_CMPG_FLOAT] = { 0x2e, "cmpg-float" }, [DOP_CMPL_DOUBLE] = { 0x2f, "cmpl-double" }, [DOP_CMPG_DOUBLE] = { 0x30, "cmpg-double" }, [DOP_CMP_LONG] = { 0x31, "cmp-long" }, [DOP_IF_EQ] = { 0x32, "if-eq", dalvik_decomp_instr_if }, [DOP_IF_NE] = { 0x33, "if-ne", dalvik_decomp_instr_if }, [DOP_IF_LT] = { 0x34, "if-lt", dalvik_decomp_instr_if }, [DOP_IF_GE] = { 0x35, "if-ge", dalvik_decomp_instr_if }, [DOP_IF_GT] = { 0x36, "if-gt", dalvik_decomp_instr_if }, [DOP_IF_LE] = { 0x37, "if-le", dalvik_decomp_instr_if }, [DOP_IF_EQZ] = { 0x38, "if-eqz", dalvik_decomp_instr_if_zero }, [DOP_IF_NEZ] = { 0x39, "if-nez", dalvik_decomp_instr_if_zero }, [DOP_IF_LTZ] = { 0x3a, "if-ltz", dalvik_decomp_instr_if_zero }, [DOP_IF_GEZ] = { 0x3b, "if-gez", dalvik_decomp_instr_if_zero }, [DOP_IF_GTZ] = { 0x3c, "if-gtz", dalvik_decomp_instr_if_zero }, [DOP_IF_LEZ] = { 0x3d, "if-lez", dalvik_decomp_instr_if_zero }, [DOP_UNUSED_3E] = { 0x3e, NULL /* unused */ }, [DOP_UNUSED_3F] = { 0x3f, NULL /* unused */ }, [DOP_UNUSED_40] = { 0x40, NULL /* unused */ }, [DOP_UNUSED_41] = { 0x41, NULL /* unused */ }, [DOP_UNUSED_42] = { 0x42, NULL /* unused */ }, [DOP_UNUSED_43] = { 0x43, NULL /* unused */ }, [DOP_AGET] = { 0x44, "aget" }, [DOP_AGET_WIDE] = { 0x45, "aget-wide" }, [DOP_AGET_OBJECT] = { 0x46, "aget-object" }, [DOP_AGET_BOOLEAN] = { 0x47, "aget-boolean" }, [DOP_AGET_BYTE] = { 0x48, "aget-byte", dalvik_decomp_instr_aget }, [DOP_AGET_CHAR] = { 0x49, "aget-char" }, [DOP_AGET_SHORT] = { 0x4a, "aget-short" }, [DOP_APUT] = { 0x4b, "aput" }, [DOP_APUT_WIDE] = { 0x4c, "aput-wide" }, [DOP_APUT_OBJECT] = { 0x4d, "aput-object" }, [DOP_APUT_BOOLEAN] = { 0x4e, "aput-boolean" }, [DOP_APUT_BYTE] = { 0x4f, "aput-byte", dalvik_decomp_instr_aput }, [DOP_APUT_CHAR] = { 0x50, "aput-char" }, [DOP_APUT_SHORT] = { 0x51, "aput-short" }, [DOP_IGET] = { 0x52, "iget", dalvik_decomp_instr_iget }, [DOP_IGET_WIDE] = { 0x53, "iget-wide" }, [DOP_IGET_OBJECT] = { 0x54, "iget-object" }, [DOP_IGET_BOOLEAN] = { 0x55, "iget-boolean" }, [DOP_IGET_BYTE] = { 0x56, "iget-byte" }, [DOP_IGET_CHAR] = { 0x57, "iget-char" }, [DOP_IGET_SHORT] = { 0x58, "iget-short" }, [DOP_IPUT] = { 0x59, "iput", dalvik_decomp_instr_iput }, [DOP_IPUT_WIDE] = { 0x5a, "iput-wide" }, [DOP_IPUT_OBJECT] = { 0x5b, "iput-object" }, [DOP_IPUT_BOOLEAN] = { 0x5c, "iput-boolean" }, [DOP_IPUT_BYTE] = { 0x5d, "iput-byte" }, [DOP_IPUT_CHAR] = { 0x5e, "iput-char" }, [DOP_IPUT_SHORT] = { 0x5f, "iput-short" }, [DOP_SGET] = { 0x60, "sget" }, [DOP_SGET_WIDE] = { 0x61, "sget-wide" }, [DOP_SGET_OBJECT] = { 0x62, "sget-object" }, [DOP_SGET_BOOLEAN] = { 0x63, "sget-boolean" }, [DOP_SGET_BYTE] = { 0x64, "sget-byte" }, [DOP_SGET_CHAR] = { 0x65, "sget-char" }, [DOP_SGET_SHORT] = { 0x66, "sget-short" }, [DOP_SPUT] = { 0x67, "sput" }, [DOP_SPUT_WIDE] = { 0x68, "sput-wide" }, [DOP_SPUT_OBJECT] = { 0x69, "sput-object" }, [DOP_SPUT_BOOLEAN] = { 0x6a, "sput-boolean" }, [DOP_SPUT_BYTE] = { 0x6b, "sput-byte" }, [DOP_SPUT_CHAR] = { 0x6c, "sput-char" }, [DOP_SPUT_SHORT] = { 0x6d, "sput-short" }, [DOP_INVOKE_VIRTUAL] = { 0x6e, "invoke-virtual", dalvik_decomp_instr_invoke_virtual }, [DOP_INVOKE_SUPER] = { 0x6f, "invoke-static" }, [DOP_INVOKE_DIRECT] = { 0x70, "invoke-direct", dalvik_decomp_instr_invoke_direct }, [DOP_INVOKE_STATIC] = { 0x71, "invoke-static", dalvik_decomp_instr_invoke_static }, [DOP_INVOKE_INTERFACE] = { 0x72, "invoke-interface" }, [DOP_UNUSED_73] = { 0x73, NULL /* unused */ }, [DOP_INVOKE_VIRTUAL_RANGE] = { 0x74, "invoke-virtual/range" }, [DOP_INVOKE_SUPER_RANGE] = { 0x75, "invoke-static/range" }, [DOP_INVOKE_DIRECT_RANGE] = { 0x76, "invoke-direct/range" }, [DOP_INVOKE_STATIC_RANGE] = { 0x77, "invoke-static/range" }, [DOP_INVOKE_INTERFACE_RANGE]= { 0x78, "invoke-interface/range" }, [DOP_UNUSED_79] = { 0x79, NULL /* unused */ }, [DOP_UNUSED_7A] = { 0x7a, NULL /* unused */ }, [DOP_NEG_INT] = { 0x7b, "neg-int" }, [DOP_NOT_INT] = { 0x7c, "not-int" }, [DOP_NEG_LONG] = { 0x7d, "neg-long" }, [DOP_NOT_LONG] = { 0x7e, "not-long" }, [DOP_NEG_FLOAT] = { 0x7f, "neg-float" }, [DOP_NEG_DOUBLE] = { 0x80, "neg-double" }, [DOP_TO_INT_LONG] = { 0x81, "int-to-long" }, [DOP_TO_INT_FLOAT] = { 0x82, "int-to-float" }, [DOP_TO_INT_DOUBLE] = { 0x83, "int-to-double" }, [DOP_TO_LONG_INT] = { 0x84, "long-to-int" }, [DOP_TO_LONG_FLOAT] = { 0x85, "long-to-float" }, [DOP_TO_LONG_DOUBLE] = { 0x86, "long-to-double" }, [DOP_TO_FLOAT_INT] = { 0x87, "float-to-int" }, [DOP_TO_FLOAT_LONG] = { 0x88, "float-to-long" }, [DOP_TO_FLOAT_DOUBLE] = { 0x89, "float-to-double" }, [DOP_TO_DOUBLE_INT] = { 0x8a, "double-to-int" }, [DOP_TO_DOUBLE_LONG] = { 0x8b, "double-to-long" }, [DOP_TO_DOUBLE_FLOAT] = { 0x8c, "double-to-float" }, [DOP_TO_INT_BYTE] = { 0x8d, "int-to-byte" }, [DOP_TO_INT_CHAR] = { 0x8e, "int-to-char" }, [DOP_TO_INT_SHORT] = { 0x8f, "int-to-short" }, [DOP_ADD_INT] = { 0x90, "add-int", dalvik_decomp_instr_arithm }, [DOP_SUB_INT] = { 0x91, "sub-int", dalvik_decomp_instr_arithm }, [DOP_MUL_INT] = { 0x92, "mul-int", dalvik_decomp_instr_arithm }, [DOP_DIV_INT] = { 0x93, "div-int", dalvik_decomp_instr_arithm }, [DOP_REM_INT] = { 0x94, "rem-int", dalvik_decomp_instr_arithm }, [DOP_AND_INT] = { 0x95, "and-int", dalvik_decomp_instr_arithm }, [DOP_OR_INT] = { 0x96, "or-int", dalvik_decomp_instr_arithm }, [DOP_XOR_INT] = { 0x97, "xor-int", dalvik_decomp_instr_arithm }, [DOP_SHL_INT] = { 0x98, "shl-int" }, [DOP_SHR_INT] = { 0x99, "shr-int" }, [DOP_USHR_INT] = { 0x9a, "ushr-int" }, [DOP_ADD_LONG] = { 0x9b, "add-long" }, [DOP_SUB_LONG] = { 0x9c, "sub-long" }, [DOP_MUL_LONG] = { 0x9d, "mul-long" }, [DOP_DIV_LONG] = { 0x9e, "div-long" }, [DOP_REM_LONG] = { 0x9f, "rem-long" }, [DOP_AND_LONG] = { 0xa0, "and-long" }, [DOP_OR_LONG] = { 0xa1, "or-long" }, [DOP_XOR_LONG] = { 0xa2, "xor-long" }, [DOP_SHL_LONG] = { 0xa3, "shl-long" }, [DOP_SHR_LONG] = { 0xa4, "shr-long" }, [DOP_USHR_LONG] = { 0xa5, "ushr-long" }, [DOP_ADD_FLOAT] = { 0xa6, "add-float" }, [DOP_SUB_FLOAT] = { 0xa7, "sub-float" }, [DOP_MUL_FLOAT] = { 0xa8, "mul-float" }, [DOP_DIV_FLOAT] = { 0xa9, "div-float" }, [DOP_REM_FLOAT] = { 0xaa, "rem-float" }, [DOP_ADD_DOUBLE] = { 0xab, "add-double" }, [DOP_SUB_DOUBLE] = { 0xac, "sub-double" }, [DOP_MUL_DOUBLE] = { 0xad, "mul-double" }, [DOP_DIV_DOUBLE] = { 0xae, "div-double" }, [DOP_REM_DOUBLE] = { 0xaf, "rem-double" }, [DOP_ADD_INT_2ADDR] = { 0xb0, "add-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_SUB_INT_2ADDR] = { 0xb1, "sub-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_MUL_INT_2ADDR] = { 0xb2, "mul-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_DIV_INT_2ADDR] = { 0xb3, "div-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_REM_INT_2ADDR] = { 0xb4, "rem-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_AND_INT_2ADDR] = { 0xb5, "and-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_OR_INT_2ADDR] = { 0xb6, "or-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_XOR_INT_2ADDR] = { 0xb7, "xor-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_SHL_INT_2ADDR] = { 0xb8, "shl-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_SHR_INT_2ADDR] = { 0xb9, "shr-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_USHR_INT_2ADDR] = { 0xba, "ushr-int/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_ADD_LONG_2ADDR] = { 0xbb, "add-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_SUB_LONG_2ADDR] = { 0xbc, "sub-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_MUL_LONG_2ADDR] = { 0xbd, "mul-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_DIV_LONG_2ADDR] = { 0xbe, "div-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_REM_LONG_2ADDR] = { 0xbf, "rem-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_AND_LONG_2ADDR] = { 0xc0, "and-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_OR_LONG_2ADDR] = { 0xc1, "or-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_XOR_LONG_2ADDR] = { 0xc2, "xor-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_SHL_LONG_2ADDR] = { 0xc3, "shl-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_SHR_LONG_2ADDR] = { 0xc4, "shr-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_USHR_LONG_2ADDR] = { 0xc5, "ushr-long/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_ADD_FLOAT_2ADDR] = { 0xc6, "add-float/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_SUB_FLOAT_2ADDR] = { 0xc7, "sub-float/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_MUL_FLOAT_2ADDR] = { 0xc8, "mul-float/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_DIV_FLOAT_2ADDR] = { 0xc9, "div-float/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_REM_FLOAT_2ADDR] = { 0xca, "rem-float/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_ADD_DOUBLE_2ADDR] = { 0xcb, "add-double/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_SUB_DOUBLE_2ADDR] = { 0xcc, "sub-double/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_MUL_DOUBLE_2ADDR] = { 0xcd, "mul-double/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_DIV_DOUBLE_2ADDR] = { 0xce, "div-double/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_REM_DOUBLE_2ADDR] = { 0xcf, "rem-double/2addr", dalvik_decomp_instr_arithm_2addr }, [DOP_ADD_INT_LIT16] = { 0xd0, "add-int/lit16", dalvik_decomp_instr_arithm_lit }, [DOP_RSUB_INT] = { 0xd1, "rsub-int" }, [DOP_MUL_INT_LIT16] = { 0xd2, "mul-int/lit16", dalvik_decomp_instr_arithm_lit }, [DOP_DIV_INT_LIT16] = { 0xd3, "div-int/lit16", dalvik_decomp_instr_arithm_lit }, [DOP_REM_INT_LIT16] = { 0xd4, "rem-int/lit16", dalvik_decomp_instr_arithm_lit }, [DOP_AND_INT_LIT16] = { 0xd5, "and-int/lit16", dalvik_decomp_instr_arithm_lit }, [DOP_OR_INT_LIT16] = { 0xd6, "or-int/lit16", dalvik_decomp_instr_arithm_lit }, [DOP_XOR_INT_LIT16] = { 0xd7, "xor-int/lit16", dalvik_decomp_instr_arithm_lit }, [DOP_ADD_INT_LIT8] = { 0xd8, "add-int/lit8", dalvik_decomp_instr_arithm_lit }, [DOP_RSUB_INT_LIT8] = { 0xd9, "rsub-int/lit8" }, [DOP_MUL_INT_LIT8] = { 0xda, "mul-int/lit8", dalvik_decomp_instr_arithm_lit }, [DOP_DIV_INT_LIT8] = { 0xdb, "div-int/lit8", dalvik_decomp_instr_arithm_lit }, [DOP_REM_INT_LIT8] = { 0xdc, "rem-int/lit8", dalvik_decomp_instr_arithm_lit }, [DOP_AND_INT_LIT8] = { 0xdd, "and-int/lit8", dalvik_decomp_instr_arithm_lit }, [DOP_OR_INT_LIT8] = { 0xde, "or-int/lit8", dalvik_decomp_instr_arithm_lit }, [DOP_XOR_INT_LIT8] = { 0xdf, "xor-int/lit8", dalvik_decomp_instr_arithm_lit }, [DOP_SHL_INT_LIT8] = { 0xe0, "shl-int/lit8" }, [DOP_SHR_INT_LIT8] = { 0xe1, "shr-int/lit8" }, [DOP_USHR_INT_LIT8] = { 0xe2, "ushr-int/lit8" }, [DOP_UNUSED_E3] = { 0xe3, NULL /* unused */ }, [DOP_UNUSED_E4] = { 0xe4, NULL /* unused */ }, [DOP_UNUSED_E5] = { 0xe5, NULL /* unused */ }, [DOP_UNUSED_E6] = { 0xe6, NULL /* unused */ }, [DOP_UNUSED_E7] = { 0xe7, NULL /* unused */ }, [DOP_UNUSED_E8] = { 0xe8, NULL /* unused */ }, [DOP_UNUSED_E9] = { 0xe9, NULL /* unused */ }, [DOP_UNUSED_EA] = { 0xea, NULL /* unused */ }, [DOP_UNUSED_EB] = { 0xeb, NULL /* unused */ }, [DOP_UNUSED_EC] = { 0xec, NULL /* unused */ }, [DOP_UNUSED_ED] = { 0xed, NULL /* unused */ }, [DOP_UNUSED_EE] = { 0xee, NULL /* unused */ }, [DOP_UNUSED_EF] = { 0xef, NULL /* unused */ }, [DOP_UNUSED_F0] = { 0xf0, NULL /* unused */ }, [DOP_UNUSED_F1] = { 0xf1, NULL /* unused */ }, [DOP_UNUSED_F2] = { 0xf2, NULL /* unused */ }, [DOP_UNUSED_F3] = { 0xf3, NULL /* unused */ }, [DOP_UNUSED_F4] = { 0xf4, NULL /* unused */ }, [DOP_UNUSED_F5] = { 0xf5, NULL /* unused */ }, [DOP_UNUSED_F6] = { 0xf6, NULL /* unused */ }, [DOP_UNUSED_F7] = { 0xf7, NULL /* unused */ }, [DOP_UNUSED_F8] = { 0xf8, NULL /* unused */ }, [DOP_UNUSED_F9] = { 0xf9, NULL /* unused */ }, [DOP_UNUSED_FA] = { 0xfa, NULL /* unused */ }, [DOP_UNUSED_FB] = { 0xfb, NULL /* unused */ }, [DOP_UNUSED_FC] = { 0xfc, NULL /* unused */ }, [DOP_UNUSED_FD] = { 0xfd, NULL /* unused */ }, [DOP_UNUSED_FE] = { 0xfe, NULL /* unused */ }, [DOP_UNUSED_FF] = { 0xff, NULL /* unused */ } }; /* Fournit le nom humain de l'instruction manipulée. */ static const char *dalvik_get_instruction_keyword(const GDalvikInstruction *, AsmSyntax); /* Informe sur une éventuelle référence à une autre instruction. */ static InstructionLinkType dalvik_get_instruction_link(const GDalvikInstruction *, vmpa_t *); /* Indique si l'instruction correspond à un retour de fonction. */ static bool dalvik_instruction_is_return(const GDalvikInstruction *); /* Décompile une instruction de la machine virtuelle Dalvik. */ GDecInstruction *dalvik_instruction_decompile(const GDalvikInstruction *, GDecContext *); /* Indique le type défini pour une instruction d'architecture Dalvik. */ G_DEFINE_TYPE(GDalvikInstruction, g_dalvik_instruction, G_TYPE_ARCH_INSTRUCTION); /****************************************************************************** * * * Paramètres : klass = classe à initialiser. * * * * Description : Initialise la classe des instructions pour Dalvik. * * * * Retour : - * * * * Remarques : - * * * ******************************************************************************/ static void g_dalvik_instruction_class_init(GDalvikInstructionClass *klass) { GObjectClass *object; /* Autre version de la classe */ GArchInstructionClass *instr; /* Encore une autre vision... */ object = G_OBJECT_CLASS(klass); object->dispose = (GObjectFinalizeFunc/* ! */)g_dalvik_instruction_dispose; object->finalize = (GObjectFinalizeFunc)g_dalvik_instruction_finalize; instr = G_ARCH_INSTRUCTION_CLASS(klass); instr->get_key = (get_instruction_keyword_fc)dalvik_get_instruction_keyword; } /****************************************************************************** * * * Paramètres : instr = instance à initialiser. * * * * Description : Initialise une instance d'instruction d'architecture Dalvik. * * * * Retour : - * * * * Remarques : - * * * ******************************************************************************/ static void g_dalvik_instruction_init(GDalvikInstruction *instr) { GArchInstruction *parent; /* Instance parente */ parent = G_ARCH_INSTRUCTION(instr); parent->get_rw_regs = (get_instruction_rw_regs_fc)g_dalvik_instruction_get_rw_registers; parent->get_link = (get_instruction_link_fc)dalvik_get_instruction_link; parent->is_return = (is_instruction_return_fc)dalvik_instruction_is_return; parent->decomp = (decomp_instr_fc)dalvik_instruction_decompile; } /****************************************************************************** * * * Paramètres : instr = instance d'objet GLib à traiter. * * * * Description : Supprime toutes les références externes. * * * * Retour : - * * * * Remarques : - * * * ******************************************************************************/ static void g_dalvik_instruction_dispose(GDalvikInstruction *instr) { G_OBJECT_CLASS(g_dalvik_instruction_parent_class)->dispose(G_OBJECT(instr)); } /****************************************************************************** * * * Paramètres : instr = instance d'objet GLib à traiter. * * * * Description : Procède à la libération totale de la mémoire. * * * * Retour : - * * * * Remarques : - * * * ******************************************************************************/ static void g_dalvik_instruction_finalize(GDalvikInstruction *instr) { G_OBJECT_CLASS(g_dalvik_instruction_parent_class)->finalize(G_OBJECT(instr)); } /****************************************************************************** * * * Paramètres : type = type d'instruction à représenter. * * * * Description : Crée une instruction pour l'architecture Dalvik. * * * * Retour : Architecture mise en place. * * * * Remarques : - * * * ******************************************************************************/ GArchInstruction *g_dalvik_instruction_new(DalvikOpcodes type) { GArchInstruction *result; /* Structure à retourner */ result = g_object_new(G_TYPE_DALVIK_INSTRUCTION, NULL); G_DALVIK_INSTRUCTION(result)->type = type; return result; } /****************************************************************************** * * * Paramètres : instr = instruction Dalvik à consulter. * * * * Description : Indique l'opcode associé à une instruction Dalvik. * * * * Retour : Identifiant de l'instruction en place. * * * * Remarques : - * * * ******************************************************************************/ DalvikOpcodes g_dalvik_instruction_get_opcode(const GDalvikInstruction *instr) { return instr->type; } /****************************************************************************** * * * Paramètres : instr = instruction à consulter. * * rregs = liste des rgistres lus. [OUT] * * rcount = nombre de registres lus. [OUT] * * wregs = liste des rgistres écrits. [OUT] * * wcount = nombre de registres écrits. [OUT] * * * * Description : Liste les registres lus et écrits par l'instruction. * * * * Retour : - * * * * Remarques : - * * * ******************************************************************************/ static void g_dalvik_instruction_get_rw_registers(const GDalvikInstruction *instr, GArchRegister ***rregs, size_t *rcount, GArchRegister ***wregs, size_t *wcount) { GArchInstruction *base; /* Version basique à manipuler */ size_t i; /* Boucle de parcours */ GArchOperand *operand; /* Operande à analyser */ GDalvikRegister *reg; /* Registre concerné */ base = G_ARCH_INSTRUCTION(instr); for (i = 0; i < base->operands_count; i++) { operand = base->operands[i]; if (!G_IS_DALVIK_REGISTER_OPERAND(operand)) continue; reg = g_dalvik_register_operand_get(G_DALVIK_REGISTER_OPERAND(operand)); if (g_dalvik_register_operand_is_written(G_DALVIK_REGISTER_OPERAND(operand))) { (*wregs) = (GArchRegister **)realloc(*wregs, ++(*wcount) * sizeof(GArchRegister *)); (*wregs)[(*wcount) - 1] = G_ARCH_REGISTER(reg); } else { (*rregs) = (GArchRegister **)realloc(*rregs, ++(*rcount) * sizeof(GArchRegister *)); (*rregs)[(*rcount) - 1] = G_ARCH_REGISTER(reg); } } } /* ---------------------------------------------------------------------------------- */ /* AIDE A LA MISE EN PLACE D'INSTRUCTIONS */ /* ---------------------------------------------------------------------------------- */ /****************************************************************************** * * * Paramètres : data = flux de données à analyser. * * pos = position courante dans ce flux. * * end = limite des données à analyser. * * * * Description : Recherche l'identifiant de la prochaine instruction. * * * * Retour : Identifiant de la prochaine instruction à tenter de charger. * * * * Remarques : - * * * ******************************************************************************/ DalvikOpcodes dalvik_guess_next_instruction(const bin_t *data, off_t pos, off_t end) { DalvikOpcodes result; /* Identifiant à retourner */ result = (DalvikOpcodes)data[pos]; /* Si l'instruction est marquée comme non utilisée... */ if (_instructions[result].keyword == NULL) result = DOP_COUNT; return result; } /****************************************************************************** * * * Paramètres : instr = instruction à traiter. * * syntax = type de représentation demandée. * * * * Description : Fournit le nom humain de l'instruction manipulée. * * * * Retour : Mot clef de bas niveau. * * * * Remarques : - * * * ******************************************************************************/ static const char *dalvik_get_instruction_keyword(const GDalvikInstruction *instr, AsmSyntax syntax) { return _instructions[instr->type].keyword; } /****************************************************************************** * * * Paramètres : instr = instruction à consulter. * * addr = eventuelle adresse associée à faire connaître. [OUT] * * * * Description : Informe sur une éventuelle référence à une autre instruction.* * * * Retour : Type de lien trouvé ou ILT_NONE si aucun. * * * * Remarques : - * * * ******************************************************************************/ static InstructionLinkType dalvik_get_instruction_link(const GDalvikInstruction *instr, vmpa_t *addr) { InstructionLinkType result; /* Type de lien à retourner */ GArchOperand *operand; /* Opérande à manipuler */ const GImmOperand *imm; /* Valeur immédiate */ switch (instr->type) { case DOP_GOTO: case DOP_GOTO_16: case DOP_GOTO_32: operand = g_arch_instruction_get_operand(G_ARCH_INSTRUCTION(instr), 0); imm = g_dalvik_target_operand_get_value(G_DALVIK_TARGET_OPERAND(operand)); if (g_imm_operand_to_vmpa_t(imm, addr)) result = ILT_JUMP; else result = ILT_NONE; break; case DOP_IF_EQ: case DOP_IF_NE: case DOP_IF_LT: case DOP_IF_GE: case DOP_IF_GT: case DOP_IF_LE: operand = g_arch_instruction_get_operand(G_ARCH_INSTRUCTION(instr), 2); imm = g_dalvik_target_operand_get_value(G_DALVIK_TARGET_OPERAND(operand)); if (g_imm_operand_to_vmpa_t(imm, addr)) result = ILT_JUMP_IF_TRUE; else result = ILT_NONE; break; case DOP_IF_EQZ: case DOP_IF_NEZ: case DOP_IF_LTZ: case DOP_IF_GEZ: case DOP_IF_GTZ: case DOP_IF_LEZ: operand = g_arch_instruction_get_operand(G_ARCH_INSTRUCTION(instr), 1); imm = g_dalvik_target_operand_get_value(G_DALVIK_TARGET_OPERAND(operand)); if (g_imm_operand_to_vmpa_t(imm, addr)) result = ILT_JUMP_IF_TRUE; else result = ILT_NONE; break; default: result = ILT_NONE; break; } return result; } /****************************************************************************** * * * Paramètres : instr = instruction à consulter. * * * * Description : Indique si l'instruction correspond à un retour de fonction. * * * * Retour : true si l'instruction est un 'return' quelconque ou false. * * * * Remarques : - * * * ******************************************************************************/ static bool dalvik_instruction_is_return(const GDalvikInstruction *instr) { return (instr->type == DOP_RETURN_VOID || instr->type == DOP_RETURN || instr->type == DOP_RETURN_WIDE || instr->type == DOP_RETURN_OBJECT); } /****************************************************************************** * * * Paramètres : instr = instruction d'origine à convertir. * * ctx = contexte de la phase de décompilation. * * * * Description : Décompile une instruction de la machine virtuelle Dalvik. * * * * Retour : Instruction mise en place ou NULL. * * * * Remarques : - * * * ******************************************************************************/ GDecInstruction *dalvik_instruction_decompile(const GDalvikInstruction *instr, GDecContext *ctx) { GDecInstruction *result; /* Instruction à retourner */ if (_instructions[instr->type].decomp != NULL) result = _instructions[instr->type].decomp(G_ARCH_INSTRUCTION(instr), ctx); else result = NULL; return result; }