/* OpenIDA - Outil d'analyse de fichiers binaires
* e_elf.c - support du format ELF
*
* Copyright (C) 2008 Cyrille Bagard
*
* This file is part of OpenIDA.
*
* OpenIDA is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* OpenIDA is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Foobar. If not, see .
*/
#include "e_elf.h"
#include
#include
#include "elf-int.h"
#include "section.h"
#include "symbol.h"
/******************************************************************************
* *
* Paramètres : content = contenu binaire à parcourir. *
* length = taille du contenu en question. *
* *
* Description : Prend en charge un nouvel ELF. *
* *
* Retour : Adresse de la structure mise en place ou NULL en cas d'échec.*
* *
* Remarques : - *
* *
******************************************************************************/
elf_format *load_elf(const uint8_t *content, off_t length)
{
elf_format *result; /* Structure à retourner */
bool test; /* Bilan d'une initialisation */
result = (elf_format *)calloc(1, sizeof(elf_format));
EXE_FORMAT(result)->content = content;
EXE_FORMAT(result)->length = length;
EXE_FORMAT(result)->find_section = (find_section_fc)find_elf_section;
EXE_FORMAT(result)->get_symbols = (get_symbols_fc)get_elf_symbols;
EXE_FORMAT(result)->resolve_symbol = (resolve_symbol_fc)resolve_elf_symbol;
memcpy(&result->header, content, sizeof(Elf32_Ehdr));
test = read_elf_section_names(result);
printf("ok ? %d\n", test);
test = load_elf_symbols(result);
printf("ok ? %d\n", test);
return result;
}
/******************************************************************************
* *
* Paramètres : format = informations chargées à consulter. *
* labels = liste des commentaires à insérer. [OUT] *
* types = type des symboles listés. [OUT] *
* offsets = liste des indices des commentaires. [OUT] *
* *
* Description : Récupère tous les symboles présents dans le contenu binaire. *
* *
* Retour : Nombre d'éléments mis en place. *
* *
* Remarques : - *
* *
******************************************************************************/
size_t get_elf_symbols(const elf_format *format, char ***labels, SymbolType **types, uint64_t **offsets)
{
size_t result; /* Quantité à retourner */
size_t i; /* Boucle de parcours */
result = format->sym_count;
*labels = (char **)calloc(result, sizeof(char *));
*types = (SymbolType *)calloc(result, sizeof(SymbolType));
*offsets = (uint64_t *)calloc(result, sizeof(uint64_t));
for (i = 0; i < format->sym_count; i++)
{
(*labels)[i] = strdup(format->symbols[i].name);
(*types)[i] = STP_SECTION;
(*offsets)[i] = format->symbols[i].address;
}
return result;
}
/******************************************************************************
* *
* Paramètres : format = informations chargées à consulter. *
* label = étiquette du symbole si trouvé. [OUT] *
* type = type du symbole trouvé. [OUT] *
* offset = adresse à cibler, puis décallage final. [OUT] *
* *
* Description : Recherche le symbole correspondant à une adresse. *
* *
* Retour : true si l'opération a été un succès, false sinon. *
* *
* Remarques : - *
* *
******************************************************************************/
bool resolve_elf_symbol(const elf_format *format, char **label, SymbolType *type, uint64_t *offset)
{
bool result; /* Bilan à retourner */
size_t best_index; /* Meilleur symbole trouvé */
uint64_t best_addr; /* Meilleure adresse trouvée */
size_t i; /* Boucle de parcours */
best_addr = UINT64_MAX;
for (i = 0; i < format->sym_count; i++)
if (format->symbols[i].address <= *offset && (*offset - format->symbols[i].address) < best_addr)
{
best_index = i;
best_addr = *offset - format->symbols[i].address;
}
result = (best_addr != UINT64_MAX);
if (result)
{
*label = strdup(format->symbols[best_index].name);
*type = STP_SECTION;
*offset -= format->symbols[best_index].address;
}
return result;
}