/* Regvars handler for the AMD64 architecture on SYSV */
void e2dbg_set_regvars_amd64_sysv()
{
#if defined(__amd64__) && defined(__linux__)
u_short reg16;
eresi_Addr reg64;
revmexpr_t *e;
#endif
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
#if defined(__amd64__) && defined(__linux__)
E2DBG_SETREG(E2DBG_R8_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R8]);
E2DBG_SETREG(E2DBG_R9_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R9]);
E2DBG_SETREG(E2DBG_R10_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R10]);
E2DBG_SETREG(E2DBG_R11_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R11]);
E2DBG_SETREG(E2DBG_R12_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R12]);
E2DBG_SETREG(E2DBG_R13_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R13]);
E2DBG_SETREG(E2DBG_R14_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R14]);
E2DBG_SETREG(E2DBG_R15_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_R15]);
E2DBG_SETREG(E2DBG_RDI_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RDI]);
E2DBG_SETREG(E2DBG_RSI_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RSI]);
E2DBG_SETREG(E2DBG_RBP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RBP]);
E2DBG_SETREG(E2DBG_RBX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RBX]);
E2DBG_SETREG(E2DBG_RDX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RDX]);
E2DBG_SETREG(E2DBG_RAX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RAX]);
E2DBG_SETREG(E2DBG_RCX_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RCX]);
E2DBG_SETREG(E2DBG_RSP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RSP]);
E2DBG_SETREG(E2DBG_RIP_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_RIP]);
E2DBG_SETREG(E2DBG_EFLAGS_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_EFL]);
reg64 = e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS];
reg16 = (reg64 & 0xFFFF000000000000) >> 48;
e = revm_expr_get(E2DBG_CS_VAR);
if (e && e->value)
reg16 = e->value->immed_val.half;
e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS] =
(reg64 & 0x0000FFFFFFFFFFFF) | ((uint64_t) reg16 << 48);
reg16 = (reg64 & 0x0000FFFF00000000) >> 32;
e = revm_expr_get(E2DBG_GS_VAR);
if (e && e->value)
reg16 = e->value->immed_val.half;
e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS] =
(reg64 & 0xFFFF0000FFFFFFFF) | ((uint64_t) reg16 << 32);
reg16 = (reg64 & 0x00000000FFFF0000) >> 16;
e = revm_expr_get(E2DBG_FS_VAR);
if (e && e->value)
reg16 = e->value->immed_val.half;
e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CSGSFS] =
(reg64 & 0xFFFFFFFF0000FFFF) | ((uint64_t) reg16 << 16);
E2DBG_SETREG(E2DBG_CR2_VAR, e2dbgworld.curthread->context->uc_mcontext.gregs[REG_CR2]);
#endif
PROFILER_OUT(__FILE__, __FUNCTION__, __LINE__);
}
/**
* Retreive the annotation for a given expression
* @param name Expression name
* @return A pointer on the annotation, or NULL if failed.
*/
revmannot_t *revm_annot_get(char *name)
{
revmexpr_t *expr;
aspectype_t *type;
hash_t *thash;
revmannot_t *annot;
char newname[BUFSIZ] = {0x00};
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
expr = revm_expr_get(name);
if (!expr)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Invalid input expression name", NULL);
type = expr->type;
snprintf(newname, sizeof(newname), "type_%s", type->name);
thash = hash_find(newname);
annot = hash_get(thash, name);
if (!annot)
{
//fprintf(stderr, "UNABLE TO FIND ANNOT FOR : NAME = %s \n", name);
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Unable to find annotation for expression", NULL);
}
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, annot);
}
/**
* Display an element of a hash table
* @param h Hash table.
* @param key Hash key of object to be printed.
* @param inside Print the content of the object in case it is a pointer.
* @return Success (0) or Error (-1).
*/
int revm_table_display_element(hash_t *h, char *key, u_char inside)
{
void *data;
char logbuf[BUFSIZ];
revmexpr_t *newexpr;
aspectype_t *type;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
data = hash_get(h, key);
if (h->type == ASPECT_TYPE_UNKNOW || !inside)
{
snprintf(logbuf, sizeof(logbuf), " { %-40s = <"XFMT"> } \n",
key, (eresi_Addr) data);
revm_output(logbuf);
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
if (*key == REVM_VAR_PREFIX)
strncpy(logbuf, key, sizeof(logbuf));
else
snprintf (logbuf, sizeof(logbuf), "$%s", key);
newexpr = revm_expr_get(logbuf);
if (newexpr)
{
revm_output("\t");
revm_expr_print_by_name(logbuf, 0);
revm_output("\n");
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
revm_output("\t");
if (h->type == ASPECT_TYPE_EXPR)
{
newexpr = (revmexpr_t *) data;
revm_expr_print_by_name(newexpr->label, 0);
}
else
{
type = aspect_type_get_by_id(h->type);
newexpr = revm_inform_type_addr(type->name, strdup(logbuf), (eresi_Addr) data, NULL, 0, 1);
if (!newexpr)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Unable to reflect hash element to expression", -1);
revm_expr_print_by_name(logbuf, 0);
}
revm_output("\n");
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
int cmd_jg()
{
revmexpr_t *last;
revmobj_t *res;
int ret;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
last = revm_expr_get(REVM_VAR_RESULT);
if (!last || !last->value)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Cannot retreive last result variable", -1);
res = last->value;
if (res->immed_val.ent > 0)
{
ret = revm_move_pc(world.curjob->curcmd->param[0]);
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, (ret));
}
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
/* Stack display with symbols */
int cmd_stack()
{
char *param;
eresi_Addr size;
revmobj_t *ssp;
revmexpr_t *expr;
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
/* Preliminary checks */
if (!elfsh_is_runtime_mode())
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Command only available in e2dbg", (-1));
param = world.curjob->curcmd->param[0];
if (!param)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Invalid argument", (-1));
param = revm_lookup_string(param);
expr = revm_expr_get(E2DBG_SSP_VAR);
if (!expr || !expr->value)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__, "No saved SP", -1);
ssp = expr->value;
/* Dump debuggee stack */
if (revm_isnbr(param))
{
if (sscanf(param, UFMT, &size) != 1)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Invalid argument", (-1));
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__,
e2dbg_stack_dump(size, ssp->immed_val.ent));
}
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Invalid parameter", -1);
}
/**
* Copy a field value from one expression to another (provided destination indeed has that field)
* @param dest Destination expression to add field to
* @param source Source expression tocopy field from
* @param fname Name of field to copy from source to destination
* @return 0 for success and -1 for error
*/
static int revm_field_propagate(revmexpr_t *dest, revmexpr_t *source, char *fname)
{
char srcname[BUFSIZ];
char dstname[BUFSIZ];
revmexpr_t *dst;
revmexpr_t *child;
revmannot_t *annot;
revmannot_t *dstannot;
revmannot_t *addedannot;
char *newdata;
/*eresi_Addr addr; */
PROFILER_IN(__FILE__, __FUNCTION__, __LINE__);
/* Propagate input links */
snprintf(srcname, sizeof(srcname), "%s.%s", source->label, fname);
child = revm_expr_get(srcname);
if (!child)
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
snprintf(dstname, sizeof(dstname), "%s.%s", dest->label, fname);
dst = revm_expr_get(dstname);
/* If destination expression has no such field, create it now */
if (!dst)
{
annot = revm_annot_get(child->label); // annot de lexpr a copier
dstannot = revm_annot_get(dest->label); // annot de lexpr mere destination
if (!annot || !dstannot)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Failed to lookup annotations for input expressions", -1);
XREALLOC(__FILE__, __FUNCTION__, __LINE__, newdata,
(char *) dstannot->addr, dest->type->size + child->type->size, -1);
dstannot->addr = (eresi_Addr) newdata;
dst = revm_expr_copy(child, dstname, 1);
dst->next = dest->childs;
dest->childs = dst;
addedannot = revm_annot_get(dstname);
if (!addedannot)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Failed to add annotation on new field", -1);
memcpy((char *) dstannot->addr + dest->type->size, (char *) addedannot->addr, child->type->size);
addedannot->addr = dstannot->addr + dest->type->size;
/* XXX-FIXME: annotations needs to be updated for childs of this type too.... */
/*
dest->type->size += child->type->size;
revm_inform_type_addr(dst->type->name, dstname, dstannot->addr + dest->type->size, dst, 0, 0);
*/
}
/* Else assign it */
else if (child->value && revm_object_set(dest, child) < 0)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Failed to copy expression field", -1);
else if (revm_expr_set(dst, child) < 0)
PROFILER_ERR(__FILE__, __FUNCTION__, __LINE__,
"Failed to copy expression fields", -1);
PROFILER_ROUT(__FILE__, __FUNCTION__, __LINE__, 0);
}
