void osdep_iterate_symbols (IMG img, osdep_process_symbol proc, void *priv) { ADDRINT imaddr = IMG_StartAddress(img); for (SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym)) { proc(priv, SYM_Name(sym).c_str(), imaddr + SYM_Value(sym)); } }
static VOID OnImage(IMG img, VOID *) { for (SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym)) { if (SYM_Name(sym) == "Breakpoint") { FoundBreakpointFunction = TRUE; BreakpointFunction = SYM_Address(sym); } if (SYM_Name(sym) == "BreakpointLocation") { FoundBreakpointLocation = TRUE; BreakpointLocation = SYM_Address(sym); } if (SYM_Name(sym) == "One") { FoundOneFunction = TRUE; OneFunction = SYM_Address(sym); } if (SYM_Name(sym) == "Two") { FoundTwoFunction = TRUE; TwoFunction = SYM_Address(sym); } } }
VOID Image(IMG img, VOID *v) { // Walk through the symbols in the symbol table. // for (SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym)) { string undFuncName = PIN_UndecorateSymbolName(SYM_Name(sym), UNDECORATION_NAME_ONLY); // Find the RtlAllocHeap() function. if (undFuncName == "RtlAllocateHeap") { RTN allocRtn = RTN_FindByAddress(IMG_LowAddress(img) + SYM_Value(sym)); if (RTN_Valid(allocRtn)) { // Instrument to print the input argument value and the return value. RTN_Open(allocRtn); RTN_InsertCall(allocRtn, IPOINT_BEFORE, (AFUNPTR)Before, IARG_ADDRINT, "RtlAllocateHeap", IARG_FUNCARG_ENTRYPOINT_VALUE, 0, IARG_FUNCARG_ENTRYPOINT_VALUE, 1, IARG_FUNCARG_ENTRYPOINT_VALUE, 2, IARG_END); RTN_InsertCall(allocRtn, IPOINT_AFTER, (AFUNPTR)After, IARG_ADDRINT, "RtlAllocateHeap", IARG_FUNCRET_EXITPOINT_VALUE, IARG_END); RTN_Close(allocRtn); } } } }
VOID ImgFirst(IMG img, VOID * v) { if (!test) return; test = false; SYM sym = IMG_RegsymHead(img); TEST(SYM_Valid(sym), "IMG_RegsymHead failed"); UINT32 headIndex = SYM_Index(sym); sym = SYM_Next(sym); TEST(SYM_Valid(sym) && SYM_Index(sym) > headIndex, "SYM_Index failed"); sym = SYM_Prev(IMG_RegsymHead(img)); TEST(sym == SYM_Invalid(), "SYM_Prev failed"); }
VOID onImageLoad(IMG img, VOID *data) { SYM sym; if (IMG_IsMainExecutable(img)) { bool foundStatic = false; bool foundDynamic = false; for (sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym)) { if (SYM_Name(sym).find("statdyn_app_staticFunction") != string::npos) { assert(SYM_Dynamic(sym) == false); foundStatic = true; } if (SYM_Name(sym).find("statdyn_app_dynamicFunction") != string::npos) { assert(SYM_Dynamic(sym) == true); foundDynamic = true; } } assert(foundStatic == true); assert(foundDynamic == true); } }
void report_image_structure(IMG img, int depth){ UINT32 I1 = IMG_Id(img); string I2 = IMG_Name(img); int I3 = IMG_IsMainExecutable( img ); int I4 = IMG_IsStaticExecutable( img ); ADDRINT I5 = IMG_LoadOffset(img); ADDRINT I6 = IMG_LowAddress(img); ADDRINT I7 = IMG_HighAddress(img); ADDRINT I8 = IMG_LoadOffset(img); ADDRINT I9 = IMG_StartAddress(img); ADDRINT I10 = IMG_Entry(img); USIZE I11 = IMG_SizeMapped( img ); IMG_TYPE I12 = IMG_Type(img); char I13[128]; int k ; for ( k = 0; k< depth ; k ++ ) TraceFile << "\t" ; TraceFile << "<IMAGE-LOAD>" << " I1:" << I1 << " I2:" << I2 << " I3:" << I3 << " I4:" << I4 << " I5:" << hex<< I5 << " I6:"<< I6 << " I7:" << I7 << " I8:" << I8 << " I9:"<< I9 << " I10:"<< I10 << " I11:" << I11 ; switch ( I12 ){ case IMG_TYPE_STATIC: strcpy( I13 ,"static" ); break; case IMG_TYPE_SHARED: strcpy( I13 ,"shared" ); break; case IMG_TYPE_INVALID: strcpy( I13 ,"invalid" ); break; case IMG_TYPE_LAST: strcpy( I13 ,"last" ); break; case IMG_TYPE_SHAREDLIB: strcpy( I13 ,"shared-lib" ); break; case IMG_TYPE_RELOCATABLE: strcpy( I13 ,"relocatable" ); break; case IMG_TYPE_DYNAMIC_CODE: strcpy( I13 ,"dynamic-code" ); break; default: strcpy( I13 ,"UNKNOWN" ); break; } TraceFile << " I12:" << I12 << " I13:" << I13 << endl; for( SEC sec = IMG_SecHead(img); SEC_Valid(sec); sec = SEC_Next(sec) ){ report_section_structure( sec, depth + 1 ); } /* */ for (SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym)){ report_sym_structure( sym, depth +1 ); } for ( k = 0; k< depth ; k ++ ) TraceFile << "\t" ; TraceFile << "</IMAGE-LOAD>" << endl; }
VOID ImageLoad (IMG img, VOID *v) { outfile << "Loaded image " << IMG_Name(img) << std::endl; if (IMG_Name(img).find("bundle") == std::string::npos) return; for( SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym) ) { outfile << IMG_Name(img) << "::" << SYM_Name(sym) << std::endl; } }
int SYM_to_lua(lua_State *L, SYM sym) { if(!SYM_Valid(sym)) { lua_pushnil(L); return 1; } SYM *i = (SYM *)lua_newuserdata(L, sizeof(SYM)); *i = sym; luaL_getmetatable(L, "pin.Sym"); lua_setmetatable(L, -2); return 1; }
static void I_ImageLoad(IMG img, void *v) { static bool main_rtn_instrumented = false; if( !main_rtn_instrumented ) { RTN rtn = RTN_FindByName(img, "main"); if( rtn == RTN_Invalid() ) { rtn = RTN_FindByName(img, "__libc_start_main"); } // Instrument main if( rtn != RTN_Invalid() ) { main_rtn_instrumented = true; RTN_Open(rtn); RTN_InsertCall(rtn, IPOINT_BEFORE, (AFUNPTR)A_EnterMainImage, IARG_INST_PTR, IARG_ADDRINT, RTN_Address(rtn), IARG_REG_VALUE, REG_STACK_PTR, IARG_END); RTN_Close(rtn); } } for( SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym) ) { if( strstr(SYM_Name(sym).c_str(), "MAID_register_address" ) ) { RTN rtn; rtn = RTN_FindByName(img, SYM_Name(sym).c_str()); ASSERTX(RTN_Valid(rtn)); RTN_Open(rtn); RTN_InsertCall(rtn, IPOINT_BEFORE, (AFUNPTR)A_RegisterAddr, IARG_G_ARG0_CALLEE, IARG_END); RTN_Close(rtn); } else if( strstr(SYM_Name(sym).c_str(), "MAID_unregister_address" ) ) { RTN rtn; rtn = RTN_FindByName(img, SYM_Name(sym).c_str()); ASSERTX(RTN_Valid(rtn)); RTN_Open(rtn); RTN_InsertCall(rtn, IPOINT_BEFORE, (AFUNPTR)A_UnregisterAddr, IARG_G_ARG0_CALLEE, IARG_END); RTN_Close(rtn); } } }
RTN FindRTN(IMG img, const char *func_name) { RTN rtn = RTN_FindByName(img, func_name); if (RTN_Valid(rtn)) return rtn; // handle those symbols with version numbers. // e.g. pthread_create has global name: pthread_create@@GLIBC... std::string func_name_v(func_name); func_name_v.append("@@"); for(SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym)) { if (SYM_Name(sym).find(func_name_v) != std::string::npos) { RTN rtn = RTN_FindByAddress(SYM_Address(sym)); DEBUG_ASSERT(RTN_Valid(rtn)); return rtn; } } return RTN_Invalid(); }
static VOID tpss_instrument_module(IMG img, VOID *data) { SYM sym; std::string::size_type pos; const char *module_name = tpss_extract_mod_name_with_ext(IMG_Name(img).c_str()); if (strcmp(module_name, "kernel32.dll") == 0) { for (sym = IMG_RegsymHead(img); SYM_Valid(sym) == TRUE; sym = SYM_Next(sym)) { /* in case of availablity of symbols for system libraries PIN can provide * decorated names so we need to undecorate it first */ std::string uname(SYM_Name(sym).c_str()); pos = uname.find("@"); if (pos != std::string::npos) { uname = uname.substr(0, pos); if (uname[0] == '_') { uname = uname.substr(1, std::string::npos); } } if (strcmp("LoadLibraryW", uname.c_str()) == 0) { RTN routine = RTN_FindByName(img, "LoadLibraryW"); if (RTN_Valid(routine)) { g_LoadLibraryW_ptr = RTN_ReplaceProbed(routine, (AFUNPTR)(tpss_LoadLibraryW_ver0)); } } } free((void *)(module_name)); } }