/* Disassemble binary in range [offset, offset+len] */
void dis_offset(r_disa_s *dis, r_binfmt_s *bin, u64 offset, u64 len) {
r_disa_instr_t *instr;
u64 length;
u64 off;
/* Check offset */
if(offset >= bin->mapped_size)
R_UTILS_ERR("Offset out of range");
/* Len is out of range, adjust it */
if(len == 0 || len > bin->mapped_size - offset)
len = bin->mapped_size - offset;
length = 0;
while(length < len) {
off = offset + length;
r_disa_code(dis, bin->mapped+off, bin->mapped_size-off, off, 1);
instr = r_disa_next_instr(dis);
/* We have disassembled an instruction */
if(instr != NULL) {
R_UTILS_PRINT_GREEN_BG_BLACK(dis_options_color, " %.16"PRIx64" ", off);
R_UTILS_PRINT_YELLOW_BG_BLACK(dis_options_color, "%-8s ", instr->mnemonic);
R_UTILS_PRINT_RED_BG_BLACK(dis_options_color, "%s\n", instr->op_str);
length += instr->size;
} else {
/* Disassembler failed : print BAD instruction */
R_UTILS_PRINT_GREEN_BG_BLACK(dis_options_color, " %.16"PRIx64" ", off);
R_UTILS_PRINT_YELLOW_BG_BLACK(dis_options_color, "BAD\n");
length += 1;
}
}
}
static void search_print_all_strings(r_binfmt_s *bin, r_binfmt_segment_s *seg) {
u64 i;
int cur_len;
char flag_str[4];
int found = 0;
int addr_size;
cur_len = 0;
r_binfmt_get_segment_flag_str(flag_str, seg);
addr_size = r_binfmt_addr_size(bin->arch);
for(i = 0; i < seg->length; i++) {
if(isprint(seg->start[i])) {
cur_len++;
} else {
if(cur_len >= search_options_strlen) {
if(!r_binfmt_is_bad_addr(search_options_bad, (seg->addr+i)-cur_len, bin->arch)) {
R_UTILS_PRINT_BLACK_BG_WHITE(search_options_color, " %s ", flag_str);
if(addr_size == 4) {
R_UTILS_PRINT_GREEN_BG_BLACK(search_options_color, " %#.8" PRIx32 " ", (u32)((seg->addr + i) - cur_len));
} else {
R_UTILS_PRINT_GREEN_BG_BLACK(search_options_color, " %#.16" PRIx64 " ", (seg->addr + i) - cur_len);
}
R_UTILS_PRINT_WHITE_BG_BLACK(search_options_color, "-> ");
R_UTILS_PRINT_RED_BG_BLACK(search_options_color, "%.*s\n", cur_len, (char*)&seg->start[i-cur_len]);
found++;
}
}
cur_len = 0;
}
}
R_UTILS_PRINT_YELLOW_BG_BLACK(search_options_color, " %d strings found.\n", found);
}
int search_print_bytes_in_mem(r_binfmt_s *bin, byte_t *bytes, u64 len) {
r_binfmt_mem_s *m;
r_utils_bytes_s b;
char *string;
char flag_str[4];
int addr_size;
u64 i;
addr_size = r_binfmt_addr_size(bin->arch);
for(m = bin->mlist->head; m != NULL; m = m->next) {
if(m->flags & R_BINFMT_MEM_FLAG_PROT_R) {
if(len <= m->length) {
r_binfmt_get_mem_flag_str(flag_str, m);
for(i = 0; i < m->length - len; i++) {
if(!r_binfmt_is_bad_addr(search_options_bad, m->addr+i, bin->arch)) {
if(!memcmp(m->start+i, bytes, len)) {
b.bytes = bytes;
b.len = len;
string = r_utils_bytes_hexlify(&b);
R_UTILS_PRINT_BLACK_BG_WHITE(search_options_color, " %s ", flag_str);
if(addr_size == 4) {
R_UTILS_PRINT_GREEN_BG_BLACK(search_options_color, " %#.8" PRIx32 " ", (u32)(m->addr + i));
} else {
R_UTILS_PRINT_GREEN_BG_BLACK(search_options_color, " %#.16" PRIx64 " ", m->addr + i);
}
R_UTILS_PRINT_WHITE_BG_BLACK(search_options_color, "-> ");
R_UTILS_PRINT_RED_BG_BLACK(search_options_color, "%s\n", string);
free(string);
return 1;
}
}
}
}
}
}
return 0;
}
/* Disassemble binary at specified address */
void dis_address(r_disa_s *dis, r_binfmt_s *bin, addr_t addr, u64 len, int stop_next_sym) {
r_binfmt_segment_s *seg;
r_disa_instr_t *instr;
const char *sym;
u64 length;
u64 off;
size_t i, num;
int sym_processed = 0;
num = r_utils_list_size(&bin->segments);
/* Test every loadable segment */
for(i = 0; i < num; i++) {
seg = r_utils_list_access(&bin->segments, i);
/* addr is in [seg->addr, seg->addr+seg->length] range */
if(addr >= seg->addr && addr <= seg->addr+seg->length) {
/* In case of len is out of range */
if(len == 0 || len > seg->length - (addr - seg->addr))
len = seg->length - (addr - seg->addr);
length = 0;
while(length < len) {
off = (addr - seg->addr) + length;
r_disa_code(dis, seg->start+off, seg->length-off, seg->addr+off, 1);
instr = r_disa_next_instr(dis);
/* We have disassembled the instruction, now print it ! */
if(instr != NULL) {
/* Print symbol, if it exists */
if((sym = r_binfmt_get_sym_by_addr(bin, instr->address)) != NULL) {
if(stop_next_sym) {
if(sym_processed > 0)
return;
else
sym_processed++;
}
R_UTILS_PRINT_YELLOW_BG_BLACK(dis_options_color, "\n<%s>:\n", sym);
}
if(r_binfmt_addr_size(bin->arch) == 8) {
R_UTILS_PRINT_GREEN_BG_BLACK(dis_options_color, " %.16"PRIx64" ", instr->address);
} else {
R_UTILS_PRINT_GREEN_BG_BLACK(dis_options_color, " %.8"PRIx32" ", (u32)(instr->address));
}
R_UTILS_PRINT_YELLOW_BG_BLACK(dis_options_color, "%-8s ", instr->mnemonic);
R_UTILS_PRINT_RED_BG_BLACK(dis_options_color, "%s\n", instr->op_str);
length += instr->size;
} else {
/* We have failed to disassemble instruction, print the BAD instruction */
if(r_binfmt_addr_size(bin->arch) == 8) {
R_UTILS_PRINT_GREEN_BG_BLACK(dis_options_color, " %.16"PRIx64" ", addr+length);
} else {
R_UTILS_PRINT_GREEN_BG_BLACK(dis_options_color, " %.8"PRIx32" ", (u32)(addr+length));
}
R_UTILS_PRINT_YELLOW_BG_BLACK(dis_options_color, "BAD\n");
length += 1;
}
}
}
}
}
