struct _map * elf64_memory_map (const struct _buffer * buffer)
{
if (elf64_check(buffer))
return NULL;
struct _map * mem_map = map_create();
Elf64_Phdr * phdr;
size_t i = 0;
while ((phdr = elf64_phdr(buffer, i++)) != NULL) {
// create a buffer for this page
struct _buffer * buf = buffer_create_null(phdr->p_memsz);
// are there contents we need to copy, IN the buffer?
if ((phdr->p_filesz > 0) && (phdr->p_offset < buffer->size)) {
// get the max size without violating bounds
size_t size;
if (phdr->p_filesz + phdr->p_offset > buffer->size)
size = buffer->size - phdr->p_offset;
else
size = phdr->p_filesz;
memcpy(buf->bytes, &(buffer->bytes[phdr->p_offset]), size);
}
// set permissions
if (phdr->p_flags & PF_X) buf->permissions |= BUFFER_EXECUTE;
if (phdr->p_flags & PF_W) buf->permissions |= BUFFER_WRITE;
if (phdr->p_flags & PF_R) buf->permissions |= BUFFER_READ;
// merge into mem map
mem_map_set(mem_map, phdr->p_vaddr, buf);
object_delete(buf);
}
return mem_map;
}
int rdis_update_memory (struct _rdis * rdis,
uint64_t address,
struct _buffer * buffer)
{
if (buffer == NULL)
return -1;
mem_map_set (rdis->memory, address, buffer);
// we will regraph functions whose bounds fall within this updated memory,
// and all functions whose bounds fall within the bounds of functions to be
// regraphed (step 2 simplifies things later on)
struct _queue * queue = queue_create();
struct _map_it * it;
for (it = map_iterator(rdis->functions); it != NULL; it = map_it_next(it)) {
struct _function * function = map_it_data(it);
if ( ( (function->bounds.lower >= address)
&& (function->bounds.lower < address + buffer->size))
|| ( (function->bounds.upper >= address)
&& (function->bounds.upper < address + buffer->size))
|| ( (function->bounds.lower <= address)
&& (function->bounds.upper >= address + buffer->size))) {
queue_push(queue, function);
}
}
struct _map * regraph_functions = map_create();
while (queue->size > 0) {
struct _function * function = queue_peek(queue);
if (map_fetch(regraph_functions, function->address) != NULL) {
queue_pop(queue);
continue;
}
printf("adding regraph function %llx\n",
(unsigned long long) function->address);
map_insert(regraph_functions, function->address, function);
for (it = map_iterator(rdis->functions); it != NULL; it = map_it_next(it)) {
struct _function * cmp_function = map_it_data(it);
if ( ( (cmp_function->bounds.lower >= function->bounds.lower)
&& (cmp_function->bounds.lower < function->bounds.upper))
|| ( (cmp_function->bounds.upper >= function->bounds.lower)
&& (cmp_function->bounds.upper < function->bounds.upper))
|| ( (cmp_function->bounds.lower <= function->bounds.lower)
&& (cmp_function->bounds.upper >= function->bounds.upper)))
queue_push(queue, cmp_function);
}
}
// regraph dem functions
struct _graph * new_graph;
new_graph = loader_graph_functions(rdis->loader,
rdis->memory,
regraph_functions);
// We are now going to go through all nodes in our regraph functions. We
// will copy over comments to the new instructions and then remove the
// regraph function nodes from the original graph
for (it = map_iterator(regraph_functions); it != NULL; it = map_it_next(it)) {
struct _function * function = map_it_data(it);
struct _graph * family = graph_family(rdis->graph, function->address);
if (family == NULL)
continue;
struct _graph_it * git;
for (git = graph_iterator(family);
git != NULL;
git = graph_it_next(git)) {
struct _list * ins_list = graph_it_data(git);
struct _list_it * iit;
for (iit = list_iterator(ins_list); iit != NULL; iit = iit->next) {
struct _ins * ins = iit->data;
if (ins->comment == NULL)
continue;
struct _ins * new_ins = graph_fetch_ins(new_graph, ins->address);
if (ins->size != new_ins->size)
continue;
if (memcmp(ins->bytes, new_ins->bytes, ins->size) == 0) {
printf("copy over comment from instruction at %llx\n",
(unsigned long long) ins->address);
ins_s_comment(new_ins, ins->comment);
}
}
// add node for deletion
struct _index * index = index_create(graph_it_index(git));
queue_push(queue, index);
object_delete(index);
}
object_delete(family);
while (queue->size > 0) {
struct _index * index = queue_peek(queue);
graph_remove_node(rdis->graph, index->index);
queue_pop(queue);
}
}
// merge the new graph with the old graph
graph_merge(rdis->graph, new_graph);
// reset bounds of these functions
for (it = map_iterator(regraph_functions); it != NULL; it = map_it_next(it)) {
struct _function * function = map_it_data(it);
rdis_function_bounds(rdis, function->address);
}
objects_delete(queue, new_graph, regraph_functions, NULL);
rdis_callback(rdis, RDIS_CALLBACK_ALL);
return 0;
}
