/* Close the memory device */
int cmd_closemem()
{
int ret;
char buff[BUFSIZ];
char logbuf[BUFSIZ];
time_t uloadt;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
/* Close memory */
ret = kernsh_closemem();
if (ret)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Cannot close memory", -1);
if (libkernshworld.open_static)
{
/* Rip from cmd_unload */
/* Do not unload dependences of files or objects with linkmap entry */
if (hash_size(&libkernshworld.root->parent_hash))
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Unload parent object first", -1);
ret = revm_unload_dep(libkernshworld.root, libkernshworld.root);
if (!world.state.revm_quiet)
{
time(&uloadt);
snprintf(logbuf, BUFSIZ - 1, "%s [*] Object %-40s unloaded on %s \n",
(ret ? "" : "\n"), libkernshworld.root->name, ctime(&uloadt));
revm_output(logbuf);
}
/* Clean various hash tables of this binary entry and return OK */
hash_del(&file_hash, libkernshworld.root->name);
if (hash_get(&world.shared_hash, libkernshworld.root->name))
hash_del(&world.shared_hash, libkernshworld.root->name);
else
hash_del(&world.curjob->loaded, libkernshworld.root->name);
elfsh_unload_obj(libkernshworld.root);
libkernshworld.open_static = 0;
}
memset(buff, '\0', sizeof(buff));
snprintf(buff, sizeof(buff),
"%s\n\n",
revm_colorfieldstr("[+] CLOSE MEMORY"));
revm_output(buff);
revm_endline();
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
/* Handle the gdt */
int cmd_gdt()
{
int ret;
int index;
int i;
listent_t *actual;
list_t *h;
libkernshsgdt_t *sgdt;
char buff[BUFSIZ];
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
XALLOC(__FILE__, __FUNCTION__, __LINE__, h, sizeof(list_t), -1);
elist_init(h, "cmd_gdt_list", ASPECT_TYPE_UNKNOW);
ret = kernsh_gdt(h);
memset(buff, '\0', sizeof(buff));
snprintf(buff, sizeof(buff),
"%s\n\n",
revm_colorfieldstr("[+] GDT"));
revm_output(buff);
for (i = 0, index = 0, actual = h->head;
index < h->elmnbr;
i+=8, index++, actual = actual->next)
{
sgdt = (libkernshsgdt_t *) actual->data;
snprintf(buff, sizeof(buff),
"%s%s %s %s\n",
revm_coloraddress("%.8lX", (eresi_Addr) sgdt->deb),
revm_coloraddress("%.8lX", (eresi_Addr) sgdt->fin),
revm_colorstr("@"),
revm_coloraddress(XFMT, (eresi_Addr) sgdt->addr));
revm_output(buff);
revm_endline();
}
revm_output("\n");
elist_destroy(h);
if (ret)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Cannot get gdt", -1);
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
/* Handle the sys_call_table */
int cmd_sct()
{
int ret;
int index;
listent_t *actual;
list_t *h;
libkernshsyscall_t *sct;
char buff[BUFSIZ];
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
XALLOC(__FILE__, __FUNCTION__, __LINE__, h, sizeof(list_t), -1);
elist_init(h, "cmd_sct_list", ASPECT_TYPE_UNKNOW);
ret = kernsh_sct(h);
memset(buff, '\0', sizeof(buff));
snprintf(buff, sizeof(buff),
"%s\n\n",
revm_colorfieldstr("[+] SYS_CALL_TABLE"));
revm_output(buff);
for (index = 0, actual = h->head;
index < h->elmnbr;
index++, actual = actual->next)
{
sct = (libkernshsyscall_t *) actual->data;
memset(buff, '\0', sizeof(buff));
snprintf(buff, sizeof(buff),
"%s %-40s %s %s\n",
revm_colornumber("id:%-10u", (unsigned int)index),
revm_colortypestr_fmt("%s", sct->name),
revm_colorstr("@"),
revm_coloraddress(XFMT, (eresi_Addr) sct->addr));
revm_output(buff);
revm_endline();
}
revm_output("\n");
elist_destroy(h);
if (ret)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Cannot get syscalltable", -1);
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
/**
*
* @ingroup evarista
*/
void eva_create_prompt(char *buf, u_int size)
{
snprintf(buf, size - 1,
"%s%s%s%s%s%s%s%s%s%s%s ",
revm_colorget("%s", "pspecial", "("),
revm_colorget("%s", "psname" , EVARISTA_SNAME),
revm_colorget("%s", "pspecial", "-"),
revm_colorget("%s", "pversion", REVM_VERSION),
revm_colorget("%s", "pspecial", "-"),
revm_colorget("%s", "prelease", REVM_RELEASE),
revm_colorget("%s", "pspecial", "-"),
revm_colorget("%s", "pedition", REVM_EDITION),
revm_colorget("%s", "pspecial", "@"),
revm_colorget("%s", "psname", world.curjob->ws.name),
revm_colorget("%s", "pspecial", ")"));
revm_endline();
}
/**
* Print a specific type
*
* @param type
* @param mode
* @return
*/
int revm_type_print(char *type, char mode)
{
aspectype_t *cur;
aspectype_t *child;
char buf[BUFSIZ];
char prefix[128];
int len;
char *size;
char offset[128];
int idx;
int sz;
char *pad;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
cur = hash_get(&types_hash, type);
if (!cur)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Unknown type", 0);
/* Set up things */
revm_endline();
/* Setup first part of the line */
snprintf(prefix, sizeof(prefix), "%s%s%s",
revm_colorfieldstr("{"),
revm_colornumber("%u", cur->size),
revm_colorfieldstr("}"));
len = snprintf(buf, sizeof(buf), " %s %s %-20s %s %-10s",
revm_colornumber("id:%-10u", cur->type),
revm_colorfieldstr("Type"),
revm_colortypestr_fmt("%-20s", type),
revm_colorfieldstr("size"),
prefix);
size = alloca(20);
/* If the type is a structure */
if (cur->childs)
{
len += snprintf(buf + len, sizeof(buf) - len, "%s",
revm_colorfieldstr(" = {"));
/* Prepare the padding after each field name */
sz = len - revm_color_size(buf) - 16; /* -16 is dirty: some bug in colors */
pad = alloca(sz + 1);
memset(pad, ' ', sz);
pad[sz] = 0x00;
/* For each child field type */
for (child = cur->childs; child; child = child->next)
{
/* Compute the size field */
if (child->type == ASPECT_TYPE_RAW)
snprintf(size, sizeof(size), "%s%s%s",
revm_colorfieldstr("["),
revm_colornumber("%u", child->size),
revm_colorfieldstr("]"));
else if (child->dimnbr && child->elemnbr)
{
for (sz = idx = 0; idx < child->dimnbr; idx++)
sz += 20;
size = alloca(sz);
for (sz = idx = 0; idx < child->dimnbr; idx++)
sz += snprintf(size + sz, sz, "%s%s%s",
revm_colorfieldstr("["),
revm_colornumber("%u", child->elemnbr[idx]),
revm_colorfieldstr("]"));
}
else
*size = 0x00;
/* Format the whole thing */
if (mode)
*offset = 0x00;
else
snprintf(offset, sizeof(offset), "%s%s",
revm_colornumber("%u", child->off),
revm_colorfieldstr(":"));
len += snprintf(buf + len, sizeof(buf) - len,
"%s%s%s%s%s%s%s",
offset,
revm_colorstr(child->fieldname),
revm_colorfieldstr(":"),
revm_colortypestr((child->isptr ? "*" : "")),
revm_colortypestr(child->name),
size,
revm_colorfieldstr((child->next ? ",\n" : "}\n\n")));
/* Print field and next padding */
revm_output(buf);
revm_endline();
if (child->next)
revm_output(pad);
*buf = 0x00;
len = 0;
}
}
/* Print non-structures types */
else
{
revm_output(buf);
revm_output("\n");
}
/* Return success */
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 1);
}
/**
* @brief Display relocation entries
*/
int cmd_rel()
{
elfshsect_t *sect;
elfsh_Rel *rel;
regex_t *tmp;
char *type;
char *typeshort;
char *name;
u_int index;
u_int index2;
u_int typenum;
char buff[256];
u_int size;
revmconst_t *types;
char addstr[32];
char logbuf[BUFSIZ];
void *data;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
/* Sanity checks */
sect = elfsh_get_reloc(world.curjob->curfile, 0, &size);
if (sect == NULL)
RET(-1);
/* Choose between global or local regx */
FIRSTREGX(tmp);
snprintf(logbuf, BUFSIZ - 1, " [RELOCATION TABLES]\n [Object %s]\n\n",
world.curjob->curfile->name);
revm_output(logbuf);
/* We need to iterate as much as there is .rel* sections */
for (index2 = 0; sect; index2++)
{
snprintf(logbuf, BUFSIZ - 1,
" {Section %s} \n", elfsh_get_section_name(world.curjob->curfile, sect));
revm_output(logbuf);
/* Iterate on the .rel entries array for each .rel section */
data = elfsh_readmem(sect);
for (index = 0; index < size; index++)
{
/* Get the current relocation entry */
if (sect->shdr->sh_type == SHT_RELA)
{
rel = (void *) ((elfsh_Rela *) data + index);
snprintf(addstr, sizeof(addstr), "add[%s]",
revm_colornumber("%08u", (unsigned int) ((elfsh_Rela *) rel)->r_addend));
}
else
{
rel = (elfsh_Rel *) data + index;
addstr[0] = 0x00;
}
/* Get linked symbol name */
name = elfsh_get_symname_from_reloc(world.curjob->curfile, rel);
typenum = elfsh_get_reltype(rel);
types = revm_getrelascii(world.curjob->curfile);
type = (char *) (typenum > ELFSH_RELOC_MAX(world.curjob->curfile) ? NULL :
types[typenum].desc);
typeshort = (char *) (typenum > ELFSH_RELOC_MAX(world.curjob->curfile) ? NULL :
types[typenum].name);
/* Output is different depending on the quiet flag */
if (!world.state.revm_quiet)
snprintf(buff, sizeof(buff),
" [%s] %s %s %s%s%s : %s %s => %s\n",
revm_colornumber("%03u", index),
revm_colortypestr_fmt("%-15s", typeshort),
revm_coloraddress(XFMT, elfsh_get_reloffset(rel)),
revm_colorfieldstr("sym["),
revm_colornumber("%03u", elfsh_get_relsym(rel)),
revm_colorfieldstr("]"),
(name != NULL ? revm_colorstr_fmt("%-30s", name) : revm_colorwarn_fmt("%-30s", "<?>")), addstr,
revm_colortypestr(type));
else
snprintf(buff, sizeof(buff),
" [%s] %s %s %s%s%s : %s %s\n",
revm_colornumber("%03u", index),
revm_colortypestr_fmt("%-15s", typeshort),
revm_coloraddress(XFMT, elfsh_get_reloffset(rel)),
revm_colorfieldstr("sym["),
revm_colornumber("%03u", elfsh_get_relsym(rel)),
revm_colorfieldstr("]"),
(name != NULL ? revm_colorstr_fmt("%-22s", name) : revm_colorwarn_fmt("%-22s", "<?>")),
addstr);
/* Print it if it matchs the regex */
if (NULL == tmp || (tmp != NULL && name != NULL &&
0 == regexec(tmp, buff, 0, 0, 0)))
switch (revm_output(buff))
{
case -1:
revm_endline();
revm_output("\n");
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
case -2:
revm_endline();
goto next;
}
revm_endline();
}
next:
sect = elfsh_get_reloc(world.curjob->curfile, index2 + 1, &size);
revm_output("\n");
}
revm_output("\n");
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
/**
* @brief Display a PHT
* @param phdr
* @param num
* @param base
*/
void revm_pht_print(elfsh_Phdr *phdr, uint16_t num, eresi_Addr base)
{
elfsh_Shdr *shdr;
int shtnum;
int index;
int index2;
char *type;
u_int typenum;
elfshsect_t *list;
regex_t *tmp;
char buff[512];
char warnmsg[256];
char logbuf[BUFSIZ];
int check;
eresi_Addr addr;
eresi_Addr addr_end;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
FIRSTREGX(tmp);
/* Primary view (2 modes, depending on the quiet flag) */
for (index = 0; index < num; index++)
{
typenum = elfsh_get_segment_type(phdr + index);
type = (char *) (typenum >= ELFSH_SEGTYPE_MAX ?
revm_display_pdesc(typenum) :
elfsh_seg_type[typenum].desc);
addr = phdr[index].p_vaddr;
addr_end = phdr[index].p_vaddr + phdr[index].p_memsz;
if (elfsh_is_runtime_mode())
{
addr_end += base;
addr += base;
}
/* We check if we have a correct alignment */
check = (addr - phdr[index].p_offset) & (phdr[index].p_align - 1);
if (check != 0)
snprintf(warnmsg, 255, "Wrong alignment (%d)", check);
if (!world.state.revm_quiet)
snprintf(buff, sizeof(buff),
" %s %s -> %s %c%c%c %s%s%s "
"%s%s%s %s%s%s %s%s%s => %s %s\n",
revm_colornumber("[%02u]", index),
revm_coloraddress(XFMT, addr),
revm_coloraddress(XFMT, addr_end),
(elfsh_segment_is_readable(&phdr[index]) ? 'r' : '-'),
(elfsh_segment_is_writable(&phdr[index]) ? 'w' : '-'),
(elfsh_segment_is_executable(&phdr[index]) ? 'x' : '-'),
revm_colorfieldstr("memsz("),
revm_colornumber(UFMT, phdr[index].p_memsz),
revm_colorfieldstr(")"),
revm_colorfieldstr("foffset("),
revm_colornumber(UFMT, phdr[index].p_offset),
revm_colorfieldstr(")"),
revm_colorfieldstr("filesz("),
revm_colornumber(UFMT, phdr[index].p_filesz),
revm_colorfieldstr(")"),
revm_colorfieldstr("align("),
revm_colornumber(UFMT, phdr[index].p_align),
revm_colorfieldstr(")"),
revm_colortypestr(type),
check != 0 ? revm_colorwarn(warnmsg) : ""
);
else
snprintf(buff, sizeof(buff),
" %s %s -> %s %c%c%c %s%s%s "
"%s%s%s %s%s%s\n",
revm_colornumber("[%02u]", index),
revm_coloraddress(XFMT, addr),
revm_coloraddress(XFMT, addr_end),
(elfsh_segment_is_readable(&phdr[index]) ? 'r' : '-'),
(elfsh_segment_is_writable(&phdr[index]) ? 'w' : '-'),
(elfsh_segment_is_executable(&phdr[index]) ? 'x' : '-'),
revm_colorfieldstr("memsz("),
revm_colornumber(UFMT, phdr[index].p_memsz),
revm_colorfieldstr(")"),
revm_colorfieldstr("foffset("),
revm_colornumber(UFMT, phdr[index].p_offset),
revm_colorfieldstr(")"),
revm_colorfieldstr("filesz("),
revm_colornumber(UFMT, phdr[index].p_filesz),
revm_colorfieldstr(")"));
if (!tmp || (tmp && !regexec(tmp, buff, 0, 0, 0)))
revm_output(buff);
revm_endline();
}
snprintf(logbuf, BUFSIZ - 1,
"\n [SHT correlation]"
"\n [Object %s]\n\n", world.curjob->curfile->name);
revm_output(logbuf);
/* Retreive the sht */
if ((shdr = elfsh_get_sht(world.curjob->curfile, &shtnum)) == 0)
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
snprintf(logbuf, BUFSIZ - 1, " [*] SHT %s \n",
(world.curjob->curfile->shtrb ?
"has been rebuilt \n" :
"is not stripped \n"));
revm_output(logbuf);
/* Alternate View */
for (index = 0; index < num; index++, index2 = 0)
{
typenum = elfsh_get_segment_type(phdr + index);
type = (char *) (typenum >= ELFSH_SEGTYPE_MAX ?
revm_display_pname(typenum) :
elfsh_seg_type[typenum].name);
snprintf(logbuf, BUFSIZ - 1, " %s %s \t",
revm_colornumber("[%02u]", index),
revm_colortypestr_fmt("%-10s", type));
revm_output(logbuf);
revm_endline();
/* In SHT */
for (index2 = 0, list = world.curjob->curfile->sectlist;
list; list = list->next)
if (elfsh_segment_is_parent(list, phdr + index))
{
index2++;
snprintf(logbuf, BUFSIZ - 1, "%s%s ",
(list->shdr->sh_offset + list->shdr->sh_size >
phdr[index].p_offset + phdr[index].p_filesz ? "|" : ""),
revm_colorstr(elfsh_get_section_name(world.curjob->curfile, list)));
revm_output(logbuf);
revm_endline();
}
/* In RSHT */
for (index2 = 0, list = world.curjob->curfile->rsectlist;
list; list = list->next)
if (elfsh_segment_is_parent(list, phdr + index))
{
index2++;
snprintf(logbuf, BUFSIZ - 1, "%s%s ",
(list->shdr->sh_addr + list->shdr->sh_size >
phdr[index].p_vaddr + phdr[index].p_memsz ? "|" : ""),
revm_colorstr(elfsh_get_section_name(world.curjob->curfile, list)));
revm_output(logbuf);
revm_endline();
}
revm_output("\n");
}
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Print the chosen symbol table
* @param file
* @param sect
* @param tab
* @param num
* @param regx
* @param get_symname
* @return
*/
int ds(elfshobj_t *file,
elfshsect_t *sect,
u_int num,
regex_t *regx,
char *(*get_symname)(elfshobj_t *f, elfsh_Sym *s))
{
elfsh_Sym *table;
char *name;
char *type;
char *bind;
u_int typenum;
u_int bindnum;
u_int foff;
u_int index;
char *sect_name;
char buff[512];
char off[50];
char type_unk[ERESI_MEANING + 1];
char bind_unk[ERESI_MEANING + 1];
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
/* Sort the table if necessary */
if (world.state.sort != NULL)
switch (*world.state.sort)
{
case ELFSH_SORT_BY_ADDR:
table = sect->altdata;
break;
case ELFSH_SORT_BY_SIZE:
table = sect->terdata;
break;
default:
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Unknown sort mode", -1);
}
/* Avoid reading inexistant memory in the process for .symtab */
else
table = (elfsh_Sym *) (sect->shdr->sh_addr ? elfsh_readmem(sect) : sect->data);
/* Browse symtab */
for (index = 0; index < num; index++)
{
/* Retreive names */
typenum = elfsh_get_symbol_type(table + index);
bindnum = elfsh_get_symbol_bind(table + index);
type = (char *) (typenum > ELFSH_SYMTYPE_MAX ?
revm_build_unknown(type_unk, "type", typenum) :
elfsh_sym_type[typenum].desc);
bind = (char *) (bindnum >= ELFSH_SYMBIND_MAX ?
revm_build_unknown(bind_unk, "type", bindnum) :
elfsh_sym_bind[bindnum].desc);
name = get_symname(world.curjob->curfile, table + index);
sect_name = NULL;
sect = elfsh_get_parent_section(world.curjob->curfile,
table[index].st_value,
NULL);
if (sect == NULL && table[index].st_shndx)
sect = elfsh_get_section_by_index(world.curjob->curfile,
table[index].st_shndx,
NULL, NULL);
if (sect != NULL)
sect_name = elfsh_get_section_name(world.curjob->curfile, sect);
/* Fixup names */
if (name == NULL || *name == 0)
name = ELFSH_NULL_STRING;
if (type == NULL || *type == 0)
type = ELFSH_NULL_STRING;
if (bind == NULL || *bind == 0)
bind = ELFSH_NULL_STRING;
if (sect_name == NULL)
sect_name = ELFSH_NULL_STRING;
foff = (!table[index].st_value ? 0 :
elfsh_get_foffset_from_vaddr(world.curjob->curfile,
table[index].st_value));
if (sect && sect->shdr->sh_addr != table[index].st_value)
snprintf(off, sizeof(off), " + %s",
revm_colornumber("%u", (u_int) (table[index].st_value - sect->shdr->sh_addr)));
else
*off = '\0';
/* Different output depending on the quiet flag */
if (!world.state.revm_quiet)
{
snprintf(buff, sizeof(buff),
" %s %s %s %s %s%s "
"%s%s %s%s %s%s => %s%s\n",
revm_colornumber("[%03u]", index),
revm_coloraddress(XFMT, (eresi_Addr) elfsh_get_symbol_value(table + index) + file->rhdr.base),
revm_colortypestr_fmt("%-8s", type),
revm_colorstr_fmt("%-40s", name),
revm_colorfieldstr("size:"),
revm_colornumber("%010u", elfsh_get_symbol_size(table + index)),
revm_colorfieldstr("foffset:"),
revm_colornumber("%06u", foff),
revm_colorfieldstr("scope:"),
revm_colortypestr_fmt("%-6s", bind),
revm_colorfieldstr("sctndx:"),
revm_colornumber("%02u", elfsh_get_symbol_link(table + index)),
revm_colorstr(sect_name), off);
}
else
{
snprintf(buff, sizeof(buff),
" %s %s %s %s %s%s %s%s %s%-6s\n",
revm_colornumber("[%03u]", index),
revm_coloraddress(XFMT, (eresi_Addr) elfsh_get_symbol_value(table + index) + file->rhdr.base),
revm_colortypestr_fmt("%-8s", type), revm_colorstr_fmt("%-15s", name),
revm_colorfieldstr("sz:"),
revm_colornumber("%06u", elfsh_get_symbol_size(table + index)),
revm_colorfieldstr("foff:"),
revm_colornumber("%06u", foff),
revm_colorfieldstr("scop:"),
revm_colortypestr_fmt("%-6s", bind));
}
if (regx == NULL ||
(regx != NULL && regexec(regx, buff, 0, 0, 0) == 0))
{
/* If the user ask quit, we just break */
if (revm_output(buff) == -1)
break;
}
revm_endline();
}
revm_endline();
revm_output("\n");
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
/* Check a hash */
int cmd_kmem_chash()
{
int i, ret, mode, stype, type, nsize, size, off, origmode, val;
char buff[BUFSIZ], buff2[256];
char *param, *str;
unsigned long addr;
revmexpr_t *expr;
revmobj_t *obj;
unsigned char origbuffer[BUFSIZ];
char buffhash[BUFSIZ];
unsigned char *hashbuffer;
char *tmp;
FILE *fd;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
val = 0;
memset(buff, '\0', sizeof(buff));
memset(buff2, '\0', sizeof(buff2));
param = world.curjob->curcmd->param[0];
stype = (int)config_get_data(LIBKERNSH_CONFIG_HASH);
if (param != NULL)
{
expr = revm_lookup_param(param, 1);
obj = expr->value;
if (obj->otype->type == ASPECT_TYPE_STR)
{
str = (obj->immed ? obj->immed_val.str :
obj->get_name(obj->root, obj->parent));
memcpy(buff2, str, sizeof(buff2));
param = buff2;
}
/* We must get hash in a file ? */
if (!strstr(param, ":"))
{
fd = fopen(param, "r");
if (fd == NULL)
{
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Unable to open file",
-1);
}
while(fgets(buff, sizeof(buff), fd) != NULL)
{
buff[strlen(buff) - 1] = '\0';
if (buff[0] == '#')
continue;
if (extract_info(buff,
&addr,
&mode,
&type,
&size,
&off,
origbuffer,
sizeof(origbuffer)))
{
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Bad format", -1);
}
/* Switch to the mode where the hash has been done */
origmode = elfsh_get_mode();
elfsh_set_mode(mode);
config_update_key(LIBKERNSH_CONFIG_HASH, (void *)type);
hashbuffer = kernsh_hash(addr+off, size, &nsize);
elfsh_set_mode(origmode);
i = 0;
tmp = buffhash;
while((i < sizeof(buffhash)) && (hashbuffer[i] != '\0'))
{
sprintf(tmp, "%02x", hashbuffer[i]);
i++;
tmp += 2;
}
memset(buff, '\0', sizeof(buff));
if (!strncmp((const char *)origbuffer,
(const char *)buffhash,
sizeof(origbuffer)))
{
snprintf(buff, sizeof(buff),
"%s @ %s with size = %s and offset = %s\n",
revm_colorstr("HASH MATCH @ !"),
revm_coloraddress(XFMT, (eresi_Addr) addr),
revm_colornumber("%u", size),
revm_colornumber("%u", off));
revm_output(buff);
revm_endline();
}
else
{
snprintf(buff, sizeof(buff),
"%s @ %s with size = %s and offset = %s\n %s != %s\n",
revm_colorstr("HASH MISMATCH @ !"),
revm_coloraddress(XFMT, (eresi_Addr) addr),
revm_colornumber("%u", size),
revm_colornumber("%u", off),
revm_colorstr((char *)origbuffer),
revm_colorstr((char *)buffhash));
revm_output(buff);
revm_endline();
val++;
}
}
fclose(fd);
}
else
{
if (extract_info(param,
&addr,
&mode,
&type,
&size,
&off,
origbuffer,
sizeof(origbuffer)))
{
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Bad format", -1);
}
origmode = elfsh_get_mode();
elfsh_set_mode(mode);
config_update_key(LIBKERNSH_CONFIG_HASH, (void *)type);
hashbuffer = kernsh_hash(addr+off, size, &nsize);
elfsh_set_mode(origmode);
i = 0;
tmp = buffhash;
while((i < sizeof(buffhash)) && (hashbuffer[i] != '\0'))
{
sprintf(tmp, "%02x", hashbuffer[i]);
i++;
tmp += 2;
}
if (hashbuffer == NULL)
{
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Unable to make hash", -1);
}
memset(buff, '\0', sizeof(buff));
if (!strncmp((const char *)origbuffer,
(const char *)buffhash,
sizeof(origbuffer)))
{
snprintf(buff, sizeof(buff),
"%s @ %s with size = %s and offset = %s\n\n",
revm_colorstr("HASH MATCH @ !"),
revm_coloraddress(XFMT, (eresi_Addr) addr),
revm_colornumber("%u", size),
revm_colornumber("%u", off));
revm_output(buff);
}
else
{
snprintf(buff, sizeof(buff),
"%s @ %s with size = %s and offset = %s\n %s != %s\n\n",
revm_colorstr("HASH MISMATCH @ !"),
revm_coloraddress(XFMT, (eresi_Addr) addr),
revm_colornumber("%u", size),
revm_colornumber("%u", off),
revm_colorstr((char *)origbuffer),
revm_colorstr((char *)buffhash));
revm_output(buff);
val++;
}
}
}
config_update_key(LIBKERNSH_CONFIG_HASH, (void *)stype);
revm_setvar_int(REVM_VAR_RESULT, val);
revm_endline();
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, ret);
}
/* Make hash ! */
int cmd_kmem_hash()
{
int i, fd, len, new_size;
revmlist_t *actual, *second;
char buff[BUFSIZ];
char buffhash[BUFSIZ];
eresi_Addr vaddr;
unsigned char *hashbuffer;
char *tmp;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
memset(buff, '\0', sizeof(buff));
memset(buffhash, '\0', sizeof(buffhash));
vaddr = -1;
actual = world.curjob->curcmd->disasm + 0;
second = world.curjob->curcmd->disasm + 1;
if (actual->rname)
{
kernsh_addrlen(actual, &vaddr, &len);
hashbuffer = kernsh_hash(vaddr+actual->off, len, &new_size);
if (hashbuffer == NULL)
{
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Unable to make hash", -1);
}
i = 0;
tmp = buffhash;
while(hashbuffer[i] != '\0')
{
sprintf(tmp, "%02x", hashbuffer[i]);
i++;
tmp += 2;
}
snprintf(buff, sizeof(buff),
"MD5 @ %s : \n\t%s\n\n",
revm_coloraddress(XFMT, (eresi_Addr) vaddr),
revm_colorstr((char *)buffhash));
revm_output(buff);
snprintf(buff, sizeof(buff),
"%s:%s:%s:%s:%s:%s\n\n",
revm_coloraddress(XFMT, (eresi_Addr) vaddr),
revm_colornumber("%u", libkernshworld.mem),
revm_colornumber("%u", (int)config_get_data(LIBKERNSH_CONFIG_HASH)),
revm_colornumber("%u", new_size),
revm_colornumber("%u", actual->off),
revm_colorstr((char *)buffhash));
revm_output(buff);
snprintf(buff, sizeof(buff),
"0x%lx:%d:%d:%d:%d:%s\n",
(unsigned long) vaddr,
libkernshworld.mem,
(int)config_get_data(LIBKERNSH_CONFIG_HASH),
new_size,
actual->off,
buffhash);
revm_setvar_str(REVM_VAR_RESULT, (char *)buffhash);
export_var((char *)buffhash, 0, 0, buff, 2);
if (second != NULL && second->rname != NULL)
{
XOPEN(fd, second->rname, O_CREAT|O_APPEND|O_RDWR, 0777, -1);
memset(buff, '\0', sizeof(buff));
snprintf(buff, sizeof(buff),
"0x%lx:%d:%d:%d:%d:%s\n",
(unsigned long) vaddr,
libkernshworld.mem,
(int)config_get_data(LIBKERNSH_CONFIG_HASH),
new_size,
actual->off,
buffhash);
XWRITE(fd, buff, strlen(buff), -1);
XCLOSE(fd, -1);
}
}
XFREE(__FILE__, __FUNCTION__, __LINE__, hashbuffer);
revm_endline();
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
/**
* Display An instruction.
* Runtime compatible
* @param fd
* @param index
* @param vaddr
* @param foffset
* @param size
* @param name
* @param nindex
* @param buff
*/
int revm_instr_display(int fd, eresi_Addr vaddr, u_int foffset, u_int size,
char *name, u_int symoff, char *buff)
{
char *s;
char buf[256];
u_int idx_bytes;
int ret;
asm_instr ptr;
char base[16] = "0123456789ABCDEF";
char logbuf[BUFSIZ];
char c1[2];
char c2[2];
u_int strsz;
int err;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
if (!buff)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Invalid argument", (-1));
revm_proc_init();
err = 0;
/* Print the instr. itself : vaddr and relative symbol resolution */
ret = asm_read_instr(&ptr, (u_char *) buff, size, world.curjob->proc);
if (ret == -1)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Failed to read instruction", ESTD_DISASM_FAILED);
s = (!ret ? "(bad)" : asm_display_instr_att(&ptr, vaddr));
/* Libasm test */
if (fd == -1)
{
/* Are we in quiet mode ? */
if (world.state.revm_quiet)
{
snprintf(buf, sizeof(buf), " %s %s + %s",
revm_coloraddress(XFMT, vaddr),
revm_colorstr(name),
revm_colornumber("%u", symoff));
size = snprintf(logbuf, BUFSIZ, "%-40s %-30s ",
buf, revm_colorinstr(s));
}
else
{
size = snprintf(buf, sizeof(buf), " %s [%s %s] %s + %s",
revm_coloraddress(XFMT, vaddr),
revm_colorfieldstr("foff:"),
revm_colornumber("%u", foffset),
revm_colorstr(name),
revm_colornumber("%u", symoff));
strsz = strlen(s);
size = snprintf(logbuf, BUFSIZ, "%-*s %-*s ",
(size > 95 ? 125 :
size > 87 ? 100 :
size > 75 ? 108 :
size > 50 ? 88 : 55),
buf,
(strsz > 95 ? 125 :
strsz > 87 ? 100 :
strsz > 75 ? 108 :
strsz > 50 ? 88 : 55),
revm_colorinstr(s));
}
/* Print bytes in hexa for this instruction */
ret = asm_instr_len(&ptr);
if (!ret)
ret++;
if (!world.state.revm_quiet)
for (idx_bytes = 0; idx_bytes < (u_int) ret; idx_bytes++)
{
c1[0] = base[(buff[idx_bytes] >> 4) & 0x0F];
c2[0] = base[buff[idx_bytes] & 0x0F];
c1[1] = c2[1] = 0x00;
size += snprintf(logbuf + size, sizeof(logbuf) - size, "%s%s ",
revm_colorfieldstr(c1),
revm_colorfieldstr(c2));
}
if (!world.curjob->curcmd || !world.curjob->curcmd->use_regx[1] ||
!regexec(&second->name, logbuf, 0, 0, 0))
{
snprintf(logbuf + size, sizeof(logbuf) - size, "\n");
err = revm_output(logbuf);
}
revm_endline();
if (err < 0)
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, err);
}
else
