/**
* Documentation missing.
* @param lm Pointer to linkmap structure.
* @param name
* @return
*/
void elfsh_linkmap_set_lname(elfshlinkmap_t *lm, char *name)
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
if (!lm)
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
lm->lname = name;
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Documentation missing.
* @param lm Pointer to linkmap structure.
* @param lnext
* @return
*/
void elfsh_linkmap_set_lnext(elfshlinkmap_t *lm, elfshlinkmap_t *lnext)
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
if (!lm)
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
lm->lnext = lnext;
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Documentation missing.
* @param lm Pointer to linkmap structure.
* @param laddr
* @return
*/
void elfsh_linkmap_set_laddr(elfshlinkmap_t *lm, eresi_Addr laddr)
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
if (!lm)
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
lm->laddr = laddr;
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Documentation missing.
* @param lm Pointer to linkmap structure.
* @param lld
* @return
*/
void elfsh_linkmap_set_lld(elfshlinkmap_t *lm, elfsh_Dyn *lld)
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
if (!lm)
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
lm->lld = lld;
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Documentation missing.
* @param lm Pointer to linkmap structure.
* @return
*
*/
void elfsh_linkmap_set_lprev(elfshlinkmap_t *lm,
elfshlinkmap_t *lprev)
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
if (!lm)
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
lm->lprev = lprev;
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Regvars handler for the AMD64 architecture */
void e2dbg_set_regvars_amd64_bsd()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(__amd64__)
#elif !defined(sun) && defined(__FreeBSD__)
E2DBG_SETREG(E2DBG_EAX_VAR, e2dbgworld.curthread->context->uc_mcontext.mc_eax);
E2DBG_SETREG(E2DBG_EBX_VAR, e2dbgworld.curthread->context->uc_mcontext.mc_ebx);
E2DBG_SETREG(E2DBG_ECX_VAR, e2dbgworld.curthread->context->uc_mcontext.mc_ecx);
E2DBG_SETREG(E2DBG_EDX_VAR, e2dbgworld.curthread->context->uc_mcontext.mc_edx);
E2DBG_SETREG(E2DBG_ESI_VAR, e2dbgworld.curthread->context->uc_mcontext.mc_esi);
E2DBG_SETREG(E2DBG_EDI_VAR, e2dbgworld.curthread->context->uc_mcontext.mc_edi);
E2DBG_SETREG(E2DBG_SP_VAR , e2dbgworld.curthread->context->uc_mcontext.mc_esp);
//E2DBG_SETREG(E2DBG_SSP_VAR, e2dbgworld.curthread->context->uc_mcontext.mc_ssp); /* XXX */
E2DBG_SETREG(E2DBG_FP_VAR , e2dbgworld.curthread->context->uc_mcontext.mc_ebp);
E2DBG_SETREG(E2DBG_PC_VAR , e2dbgworld.curthread->context->uc_mcontext.mc_eip);
#elif defined(__NetBSD__)
E2DBG_SETREG(E2DBG_EAX_VAR, e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_EAX]);
E2DBG_SETREG(E2DBG_EBX_VAR, e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_EBX]);
E2DBG_SETREG(E2DBG_ECX_VAR, e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_ECX]);
E2DBG_SETREG(E2DBG_EDX_VAR, e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_EDX]);
E2DBG_SETREG(E2DBG_ESI_VAR, e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_ESI]);
E2DBG_SETREG(E2DBG_EDI_VAR, e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_EDI]);
E2DBG_SETREG(E2DBG_SP_VAR , e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_ESP]);
//E2DBG_SETREG(E2DBG_SSP_VAR, e2dbgworld.curthread->context->uc_mcontext.mc_ssp); /* XXX */
E2DBG_SETREG(E2DBG_FP_VAR , e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_EBP]);
E2DBG_SETREG(E2DBG_PC_VAR , e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_EIP]);
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Generate the legend for the graph in HTML format
* @param fd
* @param fnc
* @param min
* @param max
*/
void revm_graph_legend(int fd, char *fnc)
{
char buf[BUFSIZ+1] = {0x00};
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
snprintf(buf,BUFSIZ,
"graph [label=<\n\
<table border=\"1\">\n \
<tr><td>Legend:</td><td>%s</td></tr>\\"
"<tr><td align=\"left\"><font color=%s>COND TRUE</font></td>\n \
<td align=\"left\"><font color=%s>COND FALSE</font></td></tr>\n \
<tr><td align=\"left\"><font color=%s>CALL</font></td>\n \
<td align=\"left\"><font color=%s>RET</font></td></tr>\n \
<tr><td align=\"left\"><font color=%s>DELAY</font></td><td></td></tr>\n \
</table>\n \
>]\n", fnc,
LNK_COLOR_TRUE,
LNK_COLOR_FALSE,
LNK_COLOR_CALL,
LNK_COLOR_RET,
LNK_COLOR_DELAY);
write(fd,buf,strlen(buf));
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Regvars handler for the IA32 architecture on SYSV */
void e2dbg_set_regvars_sparc32_sysv()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(SPARC) && (defined(__linux__) || defined(sun))
E2DBG_SETREG(E2DBG_PC_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_PC]);
E2DBG_SETREG(E2DBG_NPC_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_nPC]);
E2DBG_SETREG(E2DBG_Y_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_Y]);
E2DBG_SETREG(E2DBG_G1_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_G1]);
E2DBG_SETREG(E2DBG_G2_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_G2]);
E2DBG_SETREG(E2DBG_G3_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_G3]);
E2DBG_SETREG(E2DBG_G4_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_G4]);
E2DBG_SETREG(E2DBG_G5_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_G5]);
E2DBG_SETREG(E2DBG_G5_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_G6]);
E2DBG_SETREG(E2DBG_G7_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_G7]);
E2DBG_SETREG(E2DBG_O0_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_O0]);
E2DBG_SETREG(E2DBG_O1_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_O1]);
E2DBG_SETREG(E2DBG_O2_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_O2]);
E2DBG_SETREG(E2DBG_O3_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_O3]);
E2DBG_SETREG(E2DBG_O4_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_O4]);
E2DBG_SETREG(E2DBG_O5_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_O5]);
E2DBG_SETREG(E2DBG_O6_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_O6]);
E2DBG_SETREG(E2DBG_O7_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_O7]);
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* @brief Free the keys returned by hash_get_keys()
*/
void hash_free_keys(char **keys)
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
if (keys)
XFREE(__FILE__, __FUNCTION__, __LINE__, keys);
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Some REVM context cleanup when coming back from script to interactive mode */
void revm_cleanup()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
revm_clean();
revm_conditional_rlquit();
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Regvars handler for the AMD64 architecture on SYSV */
void e2dbg_get_regvars_amd64_sysv()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(__amd64__) && defined(__linux__)
E2DBG_GETREG(E2DBG_R8_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R8]);
E2DBG_GETREG(E2DBG_R9_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R9]);
E2DBG_GETREG(E2DBG_R10_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R10]);
E2DBG_GETREG(E2DBG_R11_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R11]);
E2DBG_GETREG(E2DBG_R12_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R12]);
E2DBG_GETREG(E2DBG_R13_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R13]);
E2DBG_GETREG(E2DBG_R14_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R14]);
E2DBG_GETREG(E2DBG_R15_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R15]);
E2DBG_GETREG(E2DBG_RDI_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RDI]);
E2DBG_GETREG(E2DBG_RSI_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RSI]);
E2DBG_GETREG(E2DBG_RBP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RBP]);
E2DBG_GETREG(E2DBG_RBX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RBX]);
E2DBG_GETREG(E2DBG_RDX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RDX]);
E2DBG_GETREG(E2DBG_RAX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RAX]);
E2DBG_GETREG(E2DBG_RCX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RCX]);
E2DBG_GETREG(E2DBG_RSP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RSP]);
E2DBG_GETREG(E2DBG_RIP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RIP]);
E2DBG_GETREG(E2DBG_EFLAGS_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EFL]);
E2DBG_GETREG(E2DBG_CS_VAR, ((e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS] >> 48) & 0xFFFF));
E2DBG_GETREG(E2DBG_GS_VAR, ((e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS] >> 32) & 0xFFFF));
E2DBG_GETREG(E2DBG_FS_VAR, ((e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS] >> 16) & 0xFFFF));
E2DBG_GETREG(E2DBG_CR2_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CR2]);
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Enable stepping on Sys V */
void e2dbg_setstep_sysv_ia32()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(__i386__) && (defined(__linux__) || defined(sun))
e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EFL] |= 0x100;
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Disable stepping on Sys V */
void e2dbg_resetstep_sysv_amd64()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(__amd64__) && defined(__linux__)
e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EFL] &= ~0x100;
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Disable stepping on Sys V */
void e2dbg_resetstep_sysv_sparc32()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(SPARC) && (defined(__linux__) || defined(sun))
//e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EFL] &= ~0x100;
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Regvars handler for the AMD64 architecture on SYSV */
void e2dbg_set_regvars_amd64_sysv()
{
#if defined(__amd64__) && defined(__linux__)
u_short reg16;
eresi_Addr reg64;
revmexpr_t *e;
#endif
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(__amd64__) && defined(__linux__)
E2DBG_SETREG(E2DBG_R8_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R8]);
E2DBG_SETREG(E2DBG_R9_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R9]);
E2DBG_SETREG(E2DBG_R10_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R10]);
E2DBG_SETREG(E2DBG_R11_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R11]);
E2DBG_SETREG(E2DBG_R12_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R12]);
E2DBG_SETREG(E2DBG_R13_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R13]);
E2DBG_SETREG(E2DBG_R14_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R14]);
E2DBG_SETREG(E2DBG_R15_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R15]);
E2DBG_SETREG(E2DBG_RDI_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RDI]);
E2DBG_SETREG(E2DBG_RSI_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RSI]);
E2DBG_SETREG(E2DBG_RBP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RBP]);
E2DBG_SETREG(E2DBG_RBX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RBX]);
E2DBG_SETREG(E2DBG_RDX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RDX]);
E2DBG_SETREG(E2DBG_RAX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RAX]);
E2DBG_SETREG(E2DBG_RCX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RCX]);
E2DBG_SETREG(E2DBG_RSP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RSP]);
E2DBG_SETREG(E2DBG_RIP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RIP]);
E2DBG_SETREG(E2DBG_EFLAGS_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EFL]);
reg64 = e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS];
reg16 = (reg64 & 0xFFFF000000000000) >> 48;
e = revm_expr_get(E2DBG_CS_VAR);
if (e && e->value)
reg16 = e->value->immed_val.half;
e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS] =
(reg64 & 0x0000FFFFFFFFFFFF) | ((uint64_t) reg16 << 48);
reg16 = (reg64 & 0x0000FFFF00000000) >> 32;
e = revm_expr_get(E2DBG_GS_VAR);
if (e && e->value)
reg16 = e->value->immed_val.half;
e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS] =
(reg64 & 0xFFFF0000FFFFFFFF) | ((uint64_t) reg16 << 32);
reg16 = (reg64 & 0x00000000FFFF0000) >> 16;
e = revm_expr_get(E2DBG_FS_VAR);
if (e && e->value)
reg16 = e->value->immed_val.half;
e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS] =
(reg64 & 0xFFFFFFFF0000FFFF) | ((uint64_t) reg16 << 16);
E2DBG_SETREG(E2DBG_CR2_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CR2]);
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Disable stepping on BSD */
void e2dbg_resetstep_bsd_sparc32()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(SPARC) && (defined(__FreeBSD__) || defined (__OpenBSD__))
//e2dbgworld.curthread->context->uc_mcontext.mc_eflags &= ~0x100;
#elif defined(SPARC) && defined(__NetBSD__)
//e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_EFL] &= ~0x100;
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Regvars handler for the IA32 architecture */
void e2dbg_set_regvars_sparc32_bsd()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(SPARC) && (defined(__FreeBSD__) || defined (__OpenBSD__))
//E2DBG_SETREG(ELFSH_EAXVAR, e2dbgworld.curthread->context->uc_mcontext.mc_eax);
#elif defined(SPARC) && defined(__NetBSD__)
//E2DBG_SETREG(ELFSH_EAXVAR, e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_EAX]);
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Disable stepping on BSD */
void e2dbg_resetstep_bsd_amd64()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if !defined(sun) && !defined(__amd64__) && defined(__FreeBSD__) //|| defined (__OpenBSD__)
e2dbgworld.curthread->context->uc_mcontext.mc_eflags &= ~0x100;
#elif defined(__NetBSD__)
e2dbgworld.curthread->context->uc_mcontext.__gregs[_REG_EFL] &= ~0x100;
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Update the sh_link for all sections linked to a specific shifted one
* @param file
* @param low_index
* @param diff
* @return
*/
void elfsh_update_linkidx(elfshobj_t *file, int low_index, int diff)
{
int index;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
for (index = 0; index < file->hdr->e_shnum; index++)
if (file->sht[index].sh_link && file->sht[index].sh_link >= low_index)
file->sht[index].sh_link += diff;
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* @brief Update the sh_name field in the section header table entry
* @param file
* @param offset
* @param len
* @return
*/
void elfsh_update_nameidx(elfshobj_t *file, int offset, int len)
{
int index;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
for (index = 0; index < file->hdr->e_shnum; index++)
if (file->sht[index].sh_name > offset)
file->sht[index].sh_name -= len;
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Update the sh_link for all section linked to a specific one
* @param file
* @param idx
* @param diff
*/
void elfsh_update_symtab_shidx(elfshobj_t *file, int idx, int diff)
{
elfshsect_t *s;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
/* If there is no symtab, no need to fix st_shndx fields */
s = file->secthash[ELFSH_SECTION_SYMTAB];
if (s != NULL)
elfsh_update_shidx(file, s, idx, diff);
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Update the sh_link for all section linked to a specific one
* @param file
* @param idx
* @param diff
* @return
*/
void elfsh_update_linkidx_equ(elfshobj_t *file, int idx, int diff)
{
int index;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
if (file->hdr->e_shstrndx == idx)
file->hdr->e_shstrndx += diff;
for (index = 0; index < file->hdr->e_shnum; index++)
if (file->sht[index].sh_link && file->sht[index].sh_link == idx)
file->sht[index].sh_link += diff;
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* @brief Print the content of a basic block
* @param list The expression list for that block
* @return Nothing
*/
static void revm_print_block(int fd, list_t *list)
{
int savedfd;
void *savedhdl;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
savedfd = revm_output_get(&world.curjob->ws);
savedhdl = world.curjob->ws.io.output;
revm_setoutput(&world.curjob->ws, fd);
revm_setoutput_handler(&world.curjob->ws, eresi_graph_output);
elist_apply(list, NULL, revm_print_block_handler);
revm_setoutput(&world.curjob->ws, savedfd);
revm_setoutput_handler(&world.curjob->ws, savedhdl);
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Fixup the binary, inject symbols and sort SHT
* @param file
* @return
*/
void elfsh_fixup(elfshobj_t *file)
{
elfsh_Shdr *got;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
if (file->hdr->e_type == ET_REL || elfsh_static_file(file))
elfsh_sort_sht(file);
/* .got sht entsize fixup */
got = elfsh_get_sht_entry_by_name(file, ELFSH_SECTION_NAME_GOT);
if (got != NULL && got->sh_entsize == 0)
got->sh_entsize = sizeof(eresi_Addr);
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Free the ELF descriptor and its fields
* @param file The elfsh obj
*/
void elfsh_unload_obj(elfshobj_t *file)
{
elfshsect_t *sect;
elfshsect_t *next;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
XFREE(__FILE__, __FUNCTION__, __LINE__, file->hdr);
XFREE(__FILE__, __FUNCTION__, __LINE__, file->pht);
XFREE(__FILE__, __FUNCTION__, __LINE__, file->sht);
for (sect = file->sectlist; sect; sect = next)
{
/* FIXME: Prevent dobule free() */
if (sect->data == sect->altdata)
sect->altdata = NULL;
if (sect->data == sect->terdata)
sect->terdata = NULL;
if (sect->data == sect->lastdata)
sect->lastdata = NULL;
XFREE(__FILE__, __FUNCTION__, __LINE__,sect->data);
if (sect->altdata)
XFREE(__FILE__, __FUNCTION__, __LINE__,sect->altdata);
if (sect->terdata)
XFREE(__FILE__, __FUNCTION__, __LINE__,sect->terdata);
if (sect->lastdata)
XFREE(__FILE__, __FUNCTION__, __LINE__,sect->lastdata);
XFREE(__FILE__, __FUNCTION__, __LINE__,sect->name);
next = sect->next;
XFREE(__FILE__, __FUNCTION__, __LINE__,sect);
}
if (file->fd)
close(file->fd);
XFREE(__FILE__, __FUNCTION__, __LINE__,file->name);
XFREE(__FILE__, __FUNCTION__, __LINE__,file);
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Scripting report purpose
* @param cur
* @return
*/
void revm_print_actual(revmargv_t *cur)
{
int idx;
char logbuf[BUFSIZ];
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
snprintf(logbuf, BUFSIZ - 1, "~%s ", cur->name);
revm_output(logbuf);
for (idx = 0; cur->param[idx] && idx < 10; idx++)
{
snprintf(logbuf, BUFSIZ - 1, "%s ", cur->param[idx]);
revm_output(logbuf);
}
putchar('\n');
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/* Regvars handler for the IA32 architecture on SYSV */
void e2dbg_get_regvars_ia32_sysv()
{
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(__i386__) && (defined(__linux__) || defined(sun))
E2DBG_GETREG(E2DBG_EAX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EAX]);
E2DBG_GETREG(E2DBG_EBX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EBX]);
E2DBG_GETREG(E2DBG_ECX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_ECX]);
E2DBG_GETREG(E2DBG_EDX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EDX]);
E2DBG_GETREG(E2DBG_ESI_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_ESI]);
E2DBG_GETREG(E2DBG_EDI_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EDI]);
E2DBG_GETREG(E2DBG_SP_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_ESP]);
E2DBG_GETREG(E2DBG_SSP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_UESP]);
E2DBG_GETREG(E2DBG_FP_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EBP]);
E2DBG_GETREG(E2DBG_PC_VAR , e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EIP]);
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Shift usual symbols (mandatory on solaris)
* @param sect
* @param sym
*/
void elfsh_shift_usualsyms(elfshsect_t *sect, elfsh_Sym *sym)
{
elfsh_Sym *end;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
//fprintf(stderr, "Calling shift usual syms ! \n");
/* Change _end in the symbol table */
end = elfsh_get_symbol_by_name(sect->parent, "_end");
if (end != NULL && sym->st_value + sym->st_size > end->st_value)
{
//printf("Shift _end! \n");
end->st_value = sym->st_value + sym->st_size;
}
/* Change _end if necessary (solaris) */
end = elfsh_get_dynsymbol_by_name(sect->parent, "_end");
if (end != NULL && sym->st_value + sym->st_size > end->st_value)
{
//printf("Shift _end! \n");
end->st_value = sym->st_value + sym->st_size;
}
/* Change _END_ if necessary (solaris) */
end = elfsh_get_dynsymbol_by_name(sect->parent, "_END_");
if (end != NULL && sym->st_value + sym->st_size > end->st_value)
{
//printf("Shift _END_! \n");
end->st_value = sym->st_value + sym->st_size;
}
/* Change _edata if necessary (solaris) */
if (elfsh_get_ostype(sect->parent) == ELFSH_OS_SOLARIS)
{
end = elfsh_get_dynsymbol_by_name(sect->parent, "_edata");
if (end != NULL && sym->st_value + sym->st_size > end->st_value)
{
//printf("Shift _edata! \n");
end->st_value = sym->st_value + sym->st_size;
}
}
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Display the content of a hash table
*/
static void revm_tables_display()
{
char **keys;
int keynbr;
int index;
hash_t *cur;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
revm_output(" .:: Registered tables \n\n");
keys = hash_get_keys(hash_hash, &keynbr);
for (index = 0; index < keynbr; index++)
{
cur = hash_get(hash_hash, keys[index]);
revm_table_display(cur, keys[index]);
}
hash_free_keys(keys);
revm_output("\n Type 'help tables' for more table details.\n\n");
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Destroy a hash table.
* @param hash Pointer to the hash to destroy
*/
void hash_destroy(hash_t *hash)
{
char **keys;
int idx;
int keynbr;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
/* We should not destroy the elements as they might be in other hashes */
keys = hash_get_keys(hash, &keynbr);
for (idx = 0; idx < keynbr; idx++)
if (keys[idx])
XFREE(__FILE__, __FUNCTION__, __LINE__, keys[idx]);
if (keys)
hash_free_keys(keys);
hash_del(hash_hash, hash->name);
XFREE(__FILE__, __FUNCTION__, __LINE__, hash->ent);
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}