symbols_t* drakvuf_get_symbols_from_rekall(const char *rekall_profile) { symbols_t *ret = g_malloc0(sizeof(symbols_t));; json_object *root = json_object_from_file(rekall_profile); if(!root) { fprintf(stderr, "Rekall profile couldn't be opened!\n"); goto err_exit; } json_object *functions = NULL; if (!json_object_object_get_ex(root, "$FUNCTIONS", &functions)) { PRINT_DEBUG("Rekall profile: no $FUNCTIONS section found\n"); goto err_exit; } ret->count = json_object_object_length(functions); ret->symbols = g_malloc0(sizeof(symbols_t) * ret->count); struct json_object_iterator it = json_object_iter_begin(functions); struct json_object_iterator itEnd = json_object_iter_end(functions); uint32_t i=0; while (!json_object_iter_equal(&it, &itEnd) && i < ret->count) { ret->symbols[i].name = g_strdup(json_object_iter_peek_name(&it)); ret->symbols[i].rva = json_object_get_int64(json_object_iter_peek_value(&it)); i++; json_object_iter_next(&it); } json_object_put(functions); return ret; err_exit: free(ret); return NULL; }
static int wms_lai_parse_parameter(BOOL is_local, WMS_LAI_PARAM_T *p, struct json_object *jv) { int i, num=0, rc = 0; char *cmd = NULL; char *sqid = NULL; char* username=NULL; char* password=NULL; if (json_object_object_length(jv) < 2) { WMS_LOG("[%s] error parameter length: %d", __FUNCTION__, json_object_object_length(jv)); return -1; } if (p->debug) { printf("\nWMS parse parameter\n"); wms_json_print_object(jv); } { json_object_object_foreach(jv,key,val) { json_type type=json_object_get_type(val); if(json_type_string == type && !strcmp(key, "CmdType")) { cmd = wms_get_param_string(jv, "CmdType"); if (!cmd) { WMS_LOG("[%s] can't find CmdType", __FUNCTION__); return -1; } p->index = wms_lai_parse_cmd(cmd); if (p->index < 0) { WMS_LOG("[%s] unknown CmdType [%s]", __FUNCTION__, cmd); return -1; } WMS_LOG("index[%d],cmd[%s],is_local[%d], access[%d]",p->index, cmd, is_local, g_wms_lai_handler[p->index].access); if(is_local) { if ((g_wms_lai_handler[p->index].access == WMS_LAI_CMD_AVAILABLE_DISABLE) || (g_wms_lai_handler[p->index].access == WMS_LAI_CMD_AVAILABLE_REMOTE)) { WMS_LOG("cmd [%s] do not have local access right, just return", cmd); return -1; } } else { if ((g_wms_lai_handler[p->index].access == WMS_LAI_CMD_AVAILABLE_DISABLE) || (g_wms_lai_handler[p->index].access == WMS_LAI_CMD_AVAILABLE_LOCAL)) { WMS_LOG("cmd [%s] do not have remote access right, just return", cmd); return -1; } } strncpy(p->cmd_type, cmd, sizeof(p->cmd_type)-1); num++; } if(json_type_string == type && !strcmp(key, "SequenceId")) { sqid = wms_get_param_string(jv, "SequenceId"); strncpy(p->seq_id, sqid, sizeof(p->seq_id)-1); num++; } if (num == 2) { break; } } }