/** * Return a ptr on the symbol table * @param file * @param num * @return */ void *elfsh_get_symtab(elfshobj_t *file, int *num) { elfshsect_t *s; int strindex; int index; int nbr; PROFILER_IN(__FILE__, __FUNCTION__, __LINE__); /* Sanity checks */ if (file == NULL) PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__, "Invalid NULL parameter", NULL); else if (NULL == file->sht && NULL == elfsh_get_sht(file, NULL)) PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__, "Unable to get SHT", NULL); if (file->secthash[ELFSH_SECTION_SYMTAB] == NULL) { //fprintf(stderr, "Loading symtab for object %s \n", file->name); /* If symtab is already loaded, return it */ s = elfsh_get_section_by_type(file, SHT_SYMTAB, 0, &index, &strindex, &nbr); if (s != NULL) { file->secthash[ELFSH_SECTION_SYMTAB] = s; s->data = elfsh_load_section(file, s->shdr); if (s->data == NULL) PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__, "Unable to load SYMTAB", NULL); s->curend = s->shdr->sh_size; /* Now load the string table */ s = elfsh_get_strtab(file, s->shdr->sh_link); if (NULL == s) PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__, "Unable to load STRTAB", NULL); s->parent = file; } /* ** Fix 0 lenght syms and STT_SECTION syms ** Create a minimal .symtab if unexistant */ elfsh_fixup_symtab(file, &strindex); //fprintf(stderr, "symtab FIXED for object %s \n", file->name); } if (num != NULL) *num = file->secthash[ELFSH_SECTION_SYMTAB]->curend / sizeof(elfsh_Sym); PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, (file->secthash[ELFSH_SECTION_SYMTAB]->data)); }
/** * @brief Display a PHT * @param phdr * @param num * @param base */ void revm_pht_print(elfsh_Phdr *phdr, uint16_t num, eresi_Addr base) { elfsh_Shdr *shdr; int shtnum; int index; int index2; char *type; u_int typenum; elfshsect_t *list; regex_t *tmp; char buff[512]; char warnmsg[256]; char logbuf[BUFSIZ]; int check; eresi_Addr addr; eresi_Addr addr_end; PROFILER_IN(__FILE__, __FUNCTION__, __LINE__); FIRSTREGX(tmp); /* Primary view (2 modes, depending on the quiet flag) */ for (index = 0; index < num; index++) { typenum = elfsh_get_segment_type(phdr + index); type = (char *) (typenum >= ELFSH_SEGTYPE_MAX ? revm_display_pdesc(typenum) : elfsh_seg_type[typenum].desc); addr = phdr[index].p_vaddr; addr_end = phdr[index].p_vaddr + phdr[index].p_memsz; if (elfsh_is_runtime_mode()) { addr_end += base; addr += base; } /* We check if we have a correct alignment */ check = (addr - phdr[index].p_offset) & (phdr[index].p_align - 1); if (check != 0) snprintf(warnmsg, 255, "Wrong alignment (%d)", check); if (!world.state.revm_quiet) snprintf(buff, sizeof(buff), " %s %s -> %s %c%c%c %s%s%s " "%s%s%s %s%s%s %s%s%s => %s %s\n", revm_colornumber("[%02u]", index), revm_coloraddress(XFMT, addr), revm_coloraddress(XFMT, addr_end), (elfsh_segment_is_readable(&phdr[index]) ? 'r' : '-'), (elfsh_segment_is_writable(&phdr[index]) ? 'w' : '-'), (elfsh_segment_is_executable(&phdr[index]) ? 'x' : '-'), revm_colorfieldstr("memsz("), revm_colornumber(UFMT, phdr[index].p_memsz), revm_colorfieldstr(")"), revm_colorfieldstr("foffset("), revm_colornumber(UFMT, phdr[index].p_offset), revm_colorfieldstr(")"), revm_colorfieldstr("filesz("), revm_colornumber(UFMT, phdr[index].p_filesz), revm_colorfieldstr(")"), revm_colorfieldstr("align("), revm_colornumber(UFMT, phdr[index].p_align), revm_colorfieldstr(")"), revm_colortypestr(type), check != 0 ? revm_colorwarn(warnmsg) : "" ); else snprintf(buff, sizeof(buff), " %s %s -> %s %c%c%c %s%s%s " "%s%s%s %s%s%s\n", revm_colornumber("[%02u]", index), revm_coloraddress(XFMT, addr), revm_coloraddress(XFMT, addr_end), (elfsh_segment_is_readable(&phdr[index]) ? 'r' : '-'), (elfsh_segment_is_writable(&phdr[index]) ? 'w' : '-'), (elfsh_segment_is_executable(&phdr[index]) ? 'x' : '-'), revm_colorfieldstr("memsz("), revm_colornumber(UFMT, phdr[index].p_memsz), revm_colorfieldstr(")"), revm_colorfieldstr("foffset("), revm_colornumber(UFMT, phdr[index].p_offset), revm_colorfieldstr(")"), revm_colorfieldstr("filesz("), revm_colornumber(UFMT, phdr[index].p_filesz), revm_colorfieldstr(")")); if (!tmp || (tmp && !regexec(tmp, buff, 0, 0, 0))) revm_output(buff); revm_endline(); } snprintf(logbuf, BUFSIZ - 1, "\n [SHT correlation]" "\n [Object %s]\n\n", world.curjob->curfile->name); revm_output(logbuf); /* Retreive the sht */ if ((shdr = elfsh_get_sht(world.curjob->curfile, &shtnum)) == 0) PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__); snprintf(logbuf, BUFSIZ - 1, " [*] SHT %s \n", (world.curjob->curfile->shtrb ? "has been rebuilt \n" : "is not stripped \n")); revm_output(logbuf); /* Alternate View */ for (index = 0; index < num; index++, index2 = 0) { typenum = elfsh_get_segment_type(phdr + index); type = (char *) (typenum >= ELFSH_SEGTYPE_MAX ? revm_display_pname(typenum) : elfsh_seg_type[typenum].name); snprintf(logbuf, BUFSIZ - 1, " %s %s \t", revm_colornumber("[%02u]", index), revm_colortypestr_fmt("%-10s", type)); revm_output(logbuf); revm_endline(); /* In SHT */ for (index2 = 0, list = world.curjob->curfile->sectlist; list; list = list->next) if (elfsh_segment_is_parent(list, phdr + index)) { index2++; snprintf(logbuf, BUFSIZ - 1, "%s%s ", (list->shdr->sh_offset + list->shdr->sh_size > phdr[index].p_offset + phdr[index].p_filesz ? "|" : ""), revm_colorstr(elfsh_get_section_name(world.curjob->curfile, list))); revm_output(logbuf); revm_endline(); } /* In RSHT */ for (index2 = 0, list = world.curjob->curfile->rsectlist; list; list = list->next) if (elfsh_segment_is_parent(list, phdr + index)) { index2++; snprintf(logbuf, BUFSIZ - 1, "%s%s ", (list->shdr->sh_addr + list->shdr->sh_size > phdr[index].p_vaddr + phdr[index].p_memsz ? "|" : ""), revm_colorstr(elfsh_get_section_name(world.curjob->curfile, list))); revm_output(logbuf); revm_endline(); } revm_output("\n"); } PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__); }
/** * Load all the part of the binary. * This function should not be used by e2dbg * @param file * @return */ int elfsh_read_obj(elfshobj_t *file) { elfshsect_t *actual; int index; PROFILER_IN(__FILE__, __FUNCTION__, __LINE__); if (file->read) PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0); if (file->sht == NULL && NULL == elfsh_get_sht(file, NULL)) PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__, "Unable to grab SHT", -1); if (NULL == elfsh_get_pht(file, NULL) && file->hdr->e_type != ET_REL) PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__, "Unable to grab PHT", -1); #if __DEBUG_MAP__ puts("[DEBUG:read_obj] Loading all known typed sections\n"); #endif /* Fill multiple relocation sections */ for (index = 0; NULL != (actual = elfsh_get_reloc(file, index, NULL)); index++); /* ** Load sections placed after symtab ** Added for Solaris */ elfsh_get_comments(file); elfsh_get_dwarf(file); elfsh_get_stab(file, NULL); if (file->hdr->e_type == ET_CORE) { elfsh_get_core_notes(file); goto out; } /* ** We cannot use simply elfsh_get_anonymous_section() here ** because the object's section hash ptrs would not be filled. */ elfsh_get_symtab(file, NULL); /* Fixup stuffs in the SHT */ elfsh_fixup(file); elfsh_get_dynsymtab(file, NULL); elfsh_get_stab(file, NULL); elfsh_get_dynamic(file, NULL); elfsh_get_ctors(file, NULL); elfsh_get_dtors(file, NULL); elfsh_get_got(file, NULL); elfsh_get_interp(file); elfsh_get_versymtab(file, NULL); elfsh_get_verneedtab(file, NULL); elfsh_get_verdeftab(file, NULL); elfsh_get_hashtable(file, NULL); //elfsh_get_comments(file); elfsh_get_plt(file, NULL); /* Fill the multiple notes sections */ for (index = 0; NULL != elfsh_get_notes(file, index); index++); /* Loop on the section header table and load all unknown-typed sections */ for (actual = file->sectlist; actual; actual = actual->next) { /* Fix first section size */ if (actual->shdr->sh_size == 0 && actual->next && actual->next->shdr->sh_offset != actual->shdr->sh_offset && actual->next->shdr->sh_addr != actual->shdr->sh_addr) actual->shdr->sh_size = actual->next->shdr->sh_offset - actual->shdr->sh_offset; /* If the section data has to be loaded, load it */ /* In case of bss, only load if BSS data is inserted in the file */ if (actual->data == NULL && actual->shdr->sh_size) { if ((actual->shdr->sh_type == SHT_NOBITS && actual->shdr->sh_offset == actual->next->shdr->sh_offset) || (actual->next != NULL && actual->next->shdr->sh_offset == actual->shdr->sh_offset)) continue; #if __DEBUG_MAP__ printf("[LIBELFSH] Loading anonymous section %15s \n", elfsh_get_section_name(file, actual)); #endif elfsh_get_anonymous_section(file, actual); } } /* Fixup various symbols like dynamic ones that are NULL */ /* Non fatal error */ if (file->secthash[ELFSH_SECTION_DYNSYM]) elfsh_fixup_dynsymtab(file->secthash[ELFSH_SECTION_DYNSYM]); out: /* We close the file descriptor after file mapping so we can open more files */ if (file->fd >= 0) { #if __DEBUG_MAP__ printf("[LIBELFSH] Closing descriptor %d \n", file->fd); #endif XCLOSE(file->fd, -1); /* neutralize file descriptor */ file->fd = -1; } PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0); }