R_API char *r_anal_value_to_string (RAnalValue *value) {
char *out = NULL;
if (value) {
out = r_str_new ("");
if (!value->base && !value->reg) {
if (value->imm != -1LL)
out = r_str_concatf (out, "0x%"PFMT64x, value->imm);
else out = r_str_concat (out, "-1");
} else {
if (value->memref) {
switch (value->memref) {
case 1: out = r_str_concat (out, "(char)"); break;
case 2: out = r_str_concat (out, "(short)"); break;
case 4: out = r_str_concat (out, "(word)"); break;
case 8: out = r_str_concat (out, "(dword)"); break;
}
out = r_str_concat (out, "[");
}
if (value->mul) out = r_str_concatf (out, "%d*", value->mul);
if (value->reg) out = r_str_concatf (out, "%s", value->reg->name);
if (value->regdelta) out = r_str_concatf (out, "+%s", value->regdelta->name);
if (value->base!=0) out = r_str_concatf (out, "0x%"PFMT64x, value->base);
if (value->delta>0) out = r_str_concatf (out, "+0x%"PFMT64x, value->delta);
else if (value->delta<0) out = r_str_concatf (out, "-0x%"PFMT64x, -value->delta);
if (value->memref) out = r_str_concat (out, "]");
}
}
return out;
}
// XXX overflow
R_API int r_bprintf(const char *fmt, ...) {
va_list ap;
if (bprintf_init==0)
*bprintf_buf = 0;
va_start(ap, fmt);
r_str_concatf(bprintf_buf, fmt, ap);
va_end(ap);
return strlen(bprintf_buf);
}
static char *find_include(const char *prefix, const char *file) {
char *pfx = NULL, *ret = NULL, *env = r_sys_getenv (R_EGG_INCDIR_ENV);
//eprintf ("find_include (%s,%s)\n", prefix, file);
if (!prefix) prefix = "";
if (*prefix=='$') {
char *out = r_sys_getenv (prefix+1);
pfx = out? out: strdup ("");
} else {
pfx = strdup (prefix);
if (!pfx) {
free (env);
return NULL;
}
}
if (env) {
char *str, *ptr = strchr (env, ':');
// eprintf ("MUST FIND IN PATH (%s)\n", env);
str = env;
while (str) {
if (ptr)
*ptr = 0;
free (ret);
ret = r_str_concatf (NULL, "%s/%s", pfx, file);
{
char *filepath = r_str_concatf (NULL, "%s/%s/%s", str, pfx, file);
// eprintf ("try (%s)\n", filepath);
if (r_file_exists (filepath)) {
free (env);
free (pfx);
free (ret);
return filepath;
}
free (filepath);
}
if (!ptr) break;
str = ptr+1;
ptr = strchr (str, ':');
}
free (env);
} else ret = r_str_concatf (NULL, "%s/%s", pfx, file);
free (pfx);
return ret;
}
R_API void r_egg_lang_include_path (REgg *egg, const char *path) {
char *env = r_sys_getenv (R_EGG_INCDIR_ENV);
if (!env || !*env) {
r_egg_lang_include_init (egg);
env = r_sys_getenv (R_EGG_INCDIR_ENV);
}
env = r_str_concatf (NULL, "%s:%s", path, env);
r_sys_setenv (R_EGG_INCDIR_ENV, env);
free (env);
}
- follow symlinks
#endif
static char *rtr_dir_files (const char *path) {
char *ptr = strdup ("<html><body>\n");
const char *file;
RListIter *iter;
// list files
RList *files = r_sys_dir (path);
eprintf ("Listing directory %s\n", path);
r_list_foreach (files, iter, file) {
if (file[0] == '.') continue;
ptr = r_str_concatf (ptr, "<a href=\"%s%s\">%s</a><br />\n",
path, file, file);
}
r_list_free (files);
return r_str_concat (ptr, "</body></html>\n");
}
// TODO: add support for byte-per-byte opcode search
R_API RList *r_core_asm_strsearch(RCore *core, const char *input, ut64 from, ut64 to, int maxhits, int regexp) {
RCoreAsmHit *hit;
RAsmOp op;
RList *hits;
ut64 at, toff = core->offset;
ut8 *buf;
int align = core->search->align;
RRegex* rx = NULL;
char *tok, *tokens[1024], *code = NULL, *ptr;
int idx, tidx = 0, ret, len;
int tokcount, matchcount, count = 0;
int matches = 0;
if (!*input)
return NULL;
if (core->blocksize <= OPSZ) {
eprintf ("error: block size too small\n");
return NULL;
}
if (!(buf = (ut8 *)calloc (core->blocksize, 1)))
return NULL;
if (!(ptr = strdup (input))) {
free (buf);
return NULL;
}
if (!(hits = r_core_asm_hit_list_new ())) {
free (buf);
free (ptr);
return NULL;
}
tokens[0] = NULL;
for (tokcount=0; tokcount<(sizeof (tokens) / sizeof (char*)) - 1; tokcount++) {
tok = strtok (tokcount? NULL: ptr, ";");
if (!tok)
break;
tokens[tokcount] = r_str_trim_head_tail (tok);
}
tokens[tokcount] = NULL;
r_cons_break (NULL, NULL);
for (at = from, matchcount = 0; at < to; at += core->blocksize-OPSZ) {
matches = 0;
if (r_cons_singleton ()->breaked)
break;
ret = r_io_read_at (core->io, at, buf, core->blocksize);
if (ret != core->blocksize)
break;
idx = 0, matchcount = 0;
while (idx < core->blocksize) {
ut64 addr = at + idx;
r_asm_set_pc (core->assembler, addr);
op.buf_asm[0] = 0;
op.buf_hex[0] = 0;
if (!(len = r_asm_disassemble (core->assembler, &op, buf+idx, core->blocksize-idx))) {
idx = (matchcount)? tidx+1: idx+1;
matchcount = 0;
continue;
}
matches = true;
if (!strcmp (op.buf_asm, "unaligned"))
matches = false;
if (!strcmp (op.buf_asm, "invalid"))
matches = false;
if (matches && tokens[matchcount]) {
if (!regexp) matches = strstr(op.buf_asm, tokens[matchcount]) != NULL;
else {
rx = r_regex_new (tokens[matchcount], "");
matches = r_regex_exec (rx, op.buf_asm, 0, 0, 0) == 0;
r_regex_free (rx);
}
}
if (align && align>1) {
if (addr % align) {
matches = false;
}
}
if (matches) {
code = r_str_concatf (code, "%s; ", op.buf_asm);
if (matchcount == tokcount-1) {
if (tokcount == 1)
tidx = idx;
if (!(hit = r_core_asm_hit_new ())) {
r_list_purge (hits);
free (hits);
hits = NULL;
goto beach;
}
hit->addr = addr;
hit->len = idx + len - tidx;
if (hit->len == -1) {
r_core_asm_hit_free (hit);
goto beach;
}
code[strlen (code)-2] = 0;
hit->code = strdup (code);
r_list_append (hits, hit);
R_FREE (code);
matchcount = 0;
idx = tidx+1;
if (maxhits) {
count ++;
if (count >= maxhits) {
//eprintf ("Error: search.maxhits reached\n");
goto beach;
}
}
} else if (matchcount == 0) {
tidx = idx;
matchcount++;
idx += len;
} else {
matchcount++;
idx += len;
}
} else {
idx = matchcount? tidx+1: idx+1;
R_FREE (code);
matchcount = 0;
}
}
at += OPSZ;
}
r_asm_set_pc (core->assembler, toff);
beach:
free (buf);
free (ptr);
free (code);
return hits;
}
// TODO: add support for byte-per-byte opcode search
R_API RList *r_core_asm_strsearch(RCore *core, const char *input, ut64 from, ut64 to) {
RCoreAsmHit *hit;
RAsmOp op;
RList *hits;
ut64 at, toff = core->offset;
ut8 *buf;
char *tok, *tokens[1024], *code = NULL, *ptr;
int idx, tidx = 0, ret, len;
int tokcount, matchcount;
if (!*input)
return NULL;
if (core->blocksize<=OPSZ) {
eprintf ("error: block size too small\n");
return NULL;
}
if (!(buf = (ut8 *)malloc (core->blocksize)))
return NULL;
if (!(ptr = strdup (input))) {
free (buf);
return NULL;
}
if (!(hits = r_core_asm_hit_list_new ())) {
free (buf);
free (ptr);
return NULL;
}
tokens[0] = NULL;
for (tokcount=0; tokcount<(sizeof (tokens) / sizeof (char*)) - 1; tokcount++) {
tok = strtok (tokcount? NULL: ptr, ",");
if (tok == NULL)
break;
tokens[tokcount] = r_str_trim_head_tail (tok);
}
tokens[tokcount] = NULL;
r_cons_break (NULL, NULL);
for (at = from, matchcount = 0; at < to; at += core->blocksize-OPSZ) {
if (r_cons_singleton ()->breaked)
break;
ret = r_io_read_at (core->io, at, buf, core->blocksize);
if (ret != core->blocksize)
break;
idx = 0, matchcount = 0;
while (idx<core->blocksize) {
r_asm_set_pc (core->assembler, at+idx);
op.buf_asm[0] = 0;
op.buf_hex[0] = 0;
if (!(len = r_asm_disassemble (core->assembler, &op, buf+idx, core->blocksize-idx))) {
idx = (matchcount)? tidx+1: idx+1;
matchcount = 0;
continue;
}
if (tokens[matchcount] && strstr (op.buf_asm, tokens[matchcount])) {
code = r_str_concatf (code, "%s", op.buf_asm);
if (matchcount == tokcount-1) {
if (tokcount == 1)
tidx = idx;
if (!(hit = r_core_asm_hit_new ())) {
r_list_purge (hits);
free (hits);
hits = NULL;
goto beach;
}
hit->addr = at+tidx;
hit->len = idx+len-tidx;
if (hit->len == -1) {
r_core_asm_hit_free (hit);
goto beach;
}
hit->code = strdup (code);
r_list_append (hits, hit);
R_FREE (code);
matchcount = 0;
idx = tidx+1;
} else if (matchcount == 0) {
tidx = idx;
matchcount++;
idx += len;
} else {
matchcount++;
idx += len;
}
} else {
idx = matchcount? tidx+1: idx+1;
R_FREE (code);
matchcount = 0;
}
}
}
r_asm_set_pc (core->assembler, toff);
beach:
free (buf);
free (ptr);
free (code);
return hits;
}
- follow symlinks
#endif
R_API int r_core_rtr_http(RCore *core, int launch, const char *path) {
RSocketHTTPRequest *rs;
int oldsandbox = -1;
int timeout = r_config_get_i (core->config, "http.timeout");
int x = r_config_get_i (core->config, "scr.html");
int y = r_config_get_i (core->config, "scr.color");
int z = r_config_get_i (core->config, "asm.bytes");
int u = r_config_get_i (core->config, "scr.interactive");
int v = r_config_get_i (core->config, "asm.cmtright");
const char *port = r_config_get (core->config, "http.port");
if (r_sandbox_enable (0)) {
eprintf ("sandbox: connect disabled\n");
return 1;
}
s = r_socket_new (R_FALSE);
s->local = !r_config_get_i (core->config, "http.public");
if (!r_socket_listen (s, port, NULL)) {
eprintf ("Cannot listen on http.port\n");
return 1;
}
if (launch) {
char cmd[128];
const char *browser = r_config_get (core->config, "http.browser");
snprintf (cmd, sizeof (cmd)-1, "%s http://localhost:%d/%s",
browser, atoi (port), path?path:"");
r_sys_cmd (cmd);
}
r_config_set (core->config, "asm.cmtright", "false");
r_config_set (core->config, "scr.html", "true");
r_config_set (core->config, "scr.color", "false");
r_config_set (core->config, "asm.bytes", "false");
r_config_set (core->config, "scr.interactive", "false");
if (r_config_get_i (core->config, "http.sandbox")) {
oldsandbox = r_config_get_i (core->config, "cfg.sandbox");
r_config_set (core->config, "cfg.sandbox", "true");
}
eprintf ("Starting http server...\n");
eprintf ("http://localhost:%d/\n", atoi (port));
while (!r_cons_singleton ()->breaked) {
r_cons_break (http_break, core);
rs = r_socket_http_accept (s, timeout);
if (!rs) {
if (!s) break;
r_sys_usleep (200);
continue;
}
if (!rs->method || !rs->path) {
r_socket_http_close (rs);
continue;
}
if (!strcmp (rs->method, "GET")) {
if (!memcmp (rs->path, "/up", 3)) {
if (r_config_get_i (core->config, "http.upget")) {
const char *uproot = r_config_get (core->config, "http.uproot");
if (!rs->path[3] || (rs->path[3]=='/'&&!rs->path[4])) {
char *ptr = strdup ("<html><body>\n");
const char *file;
RListIter *iter;
// list files
RList *files = r_sys_dir (uproot);
eprintf ("Listing directory %s\n", uproot);
r_list_foreach (files, iter, file) {
if (file[0] == '.') continue;
ptr = r_str_concatf (ptr, "<a href=\"/up/%s\">%s</a><br />\n",
file, file);
}
r_list_free (files);
ptr = r_str_concat (ptr, "<html><body>\n");
r_socket_http_response (rs, 200, ptr, 0, NULL);
} else {
char *path = r_file_root (uproot, rs->path + 4);
if (r_file_exists (path)) {
int sz = 0;
char *f = r_file_slurp (path, &sz);
if (f) {
r_socket_http_response (rs, 200, f, sz, NULL);
free (f);
} else {
r_socket_http_response (rs, 403, "Permission denied", 0, NULL);
eprintf ("http: Cannot open '%s'\n", path);
}
} else {
eprintf ("File '%s' not found\n", path);
r_socket_http_response (rs, 404, "File not found\n", 0, NULL);
}
free (path);
}
} else {
r_socket_http_response (rs, 403,
"Permission denied\n", 0, NULL);
}
} else if (!memcmp (rs->path, "/cmd/", 5)) {
static int fork_and_ptraceme(RIO *io, int bits, const char *cmd) {
PROCESS_INFORMATION pi;
STARTUPINFO si = { sizeof (si) };
DEBUG_EVENT de;
int pid, tid;
HANDLE th = INVALID_HANDLE_VALUE;
if (!*cmd) return -1;
setup_tokens ();
char *_cmd = io->args ? r_str_concatf (strdup (cmd), " %s", io->args) :
strdup (cmd);
char **argv = r_str_argv (_cmd, NULL);
// We need to build a command line with quoted argument and escaped quotes
int cmd_len = 0;
int i = 0;
while (argv[i]) {
char *current = argv[i];
int quote_count = 0;
while ((current = strchr (current, '"')))
quote_count ++;
cmd_len += strlen (argv[i]);
cmd_len += quote_count; // The quotes will add one backslash each
cmd_len += 2; // Add two enclosing quotes;
i++;
}
cmd_len += i-1; // Add argc-1 spaces
char *cmdline = malloc ((cmd_len + 1) * sizeof (char));
int cmd_i = 0; // Next character to write in cmdline
i = 0;
while (argv[i]) {
if (i != 0)
cmdline[cmd_i++] = ' ';
cmdline[cmd_i++] = '"';
int arg_i = 0; // Index of current character in orginal argument
while (argv[i][arg_i]) {
char c = argv[i][arg_i];
if (c == '"') {
cmdline[cmd_i++] = '\\';
}
cmdline[cmd_i++] = c;
arg_i++;
}
cmdline[cmd_i++] = '"';
i++;
}
cmdline[cmd_i] = '\0';
if (!CreateProcess (argv[0], cmdline, NULL, NULL, FALSE,
CREATE_NEW_CONSOLE | DEBUG_ONLY_THIS_PROCESS,
NULL, NULL, &si, &pi)) {
r_sys_perror ("CreateProcess");
return -1;
}
free (cmdline);
r_str_argv_free (argv);
/* get process id and thread id */
pid = pi.dwProcessId;
tid = pi.dwThreadId;
/* catch create process event */
if (!WaitForDebugEvent (&de, 10000)) goto err_fork;
/* check if is a create process debug event */
if (de.dwDebugEventCode != CREATE_PROCESS_DEBUG_EVENT) {
eprintf ("exception code 0x%04x\n", (ut32)de.dwDebugEventCode);
goto err_fork;
}
if (th != INVALID_HANDLE_VALUE) CloseHandle (th);
eprintf ("Spawned new process with pid %d, tid = %d\n", pid, tid);
io->winbase = de.u.CreateProcessInfo.lpBaseOfImage;
return pid;
err_fork:
eprintf ("ERRFORK\n");
TerminateProcess (pi.hProcess, 1);
if (th != INVALID_HANDLE_VALUE) CloseHandle (th);
return -1;
}
static void trace_me () {
#if __APPLE__
signal (SIGTRAP, SIG_IGN); //NEED BY STEP
#endif
#if __APPLE__ || __BSD__
/* we can probably remove this #if..as long as PT_TRACE_ME is redefined for OSX in r_debug.h */
signal (SIGABRT, inferior_abort_handler);
if (ptrace (PT_TRACE_ME, 0, 0, 0) != 0) {
#else
if (ptrace (PTRACE_TRACEME, 0, NULL, NULL) != 0) {
#endif
r_sys_perror ("ptrace-traceme");
exit (MAGIC_EXIT);
}
}
// __UNIX__ (not windows)
static int fork_and_ptraceme(RIO *io, int bits, const char *cmd) {
bool runprofile = io->runprofile && *(io->runprofile);
char **argv;
#if __APPLE__ && !__POWERPC__
if (!runprofile) {
#define _POSIX_SPAWN_DISABLE_ASLR 0x0100
posix_spawn_file_actions_t fileActions;
ut32 ps_flags = POSIX_SPAWN_SETSIGDEF |
POSIX_SPAWN_SETSIGMASK;
sigset_t no_signals;
sigset_t all_signals;
sigemptyset (&no_signals);
sigfillset (&all_signals);
posix_spawnattr_t attr = {0};
size_t copied = 1;
cpu_type_t cpu;
pid_t p = -1;
int ret, useASLR = io->aslr;
char *_cmd = io->args ?
r_str_concatf (strdup (cmd), " %s", io->args) :
strdup (cmd);
argv = r_str_argv (_cmd, NULL);
if (!argv) {
free (_cmd);
return -1;
}
if (!*argv) {
r_str_argv_free (argv);
free (_cmd);
eprintf ("Invalid execvp\n");
return -1;
}
posix_spawnattr_init (&attr);
if (useASLR != -1) {
if (!useASLR) ps_flags |= _POSIX_SPAWN_DISABLE_ASLR;
}
posix_spawn_file_actions_init (&fileActions);
posix_spawn_file_actions_addinherit_np (&fileActions, STDIN_FILENO);
posix_spawn_file_actions_addinherit_np (&fileActions, STDOUT_FILENO);
posix_spawn_file_actions_addinherit_np (&fileActions, STDERR_FILENO);
ps_flags |= POSIX_SPAWN_CLOEXEC_DEFAULT;
ps_flags |= POSIX_SPAWN_START_SUSPENDED;
posix_spawnattr_setsigmask(&attr, &no_signals);
posix_spawnattr_setsigdefault(&attr, &all_signals);
(void)posix_spawnattr_setflags (&attr, ps_flags);
#if __i386__ || __x86_64__
cpu = CPU_TYPE_I386;
if (bits == 64) cpu |= CPU_ARCH_ABI64;
#else
cpu = CPU_TYPE_ANY;
#endif
posix_spawnattr_setbinpref_np (&attr, 1, &cpu, &copied);
{
char *dst = r_file_readlink (argv[0]);
if (dst) {
argv[0] = dst;
}
}
ret = posix_spawnp (&p, argv[0], &fileActions, &attr, argv, NULL);
switch (ret) {
case 0:
// eprintf ("Success\n");
break;
case 22:
eprintf ("posix_spawnp: Invalid argument\n");
break;
case 86:
eprintf ("Unsupported architecture\n");
break;
default:
eprintf ("posix_spawnp: unknown error %d\n", ret);
perror ("posix_spawnp");
break;
}
posix_spawn_file_actions_destroy (&fileActions);
r_str_argv_free (argv);
free (_cmd);
return p;
}
#endif
int ret, status, child_pid;
child_pid = r_sys_fork ();
switch (child_pid) {
case -1:
perror ("fork_and_ptraceme");
break;
case 0:
if (runprofile) {
char *expr = NULL;
int i;
RRunProfile *rp = r_run_new (NULL);
argv = r_str_argv (cmd, NULL);
for (i = 0; argv[i]; i++) {
rp->_args[i] = argv[i];
}
rp->_args[i] = NULL;
rp->_program = argv[0];
rp->_dodebug = true;
if (io->runprofile && *io->runprofile) {
if (!r_run_parsefile (rp, io->runprofile)) {
eprintf ("Can't find profile '%s'\n",
io->runprofile);
exit (MAGIC_EXIT);
}
}
if (bits == 64)
r_run_parseline (rp, expr=strdup ("bits=64"));
else if (bits == 32)
r_run_parseline (rp, expr=strdup ("bits=32"));
free (expr);
if (r_run_config_env (rp)) {
eprintf ("Can't config the environment.\n");
exit (1);
}
trace_me ();
r_run_start (rp);
r_run_free (rp);
r_str_argv_free (argv);
exit (1);
} else {
char *_cmd = io->args ?
r_str_concatf (strdup (cmd), " %s", io->args) :
strdup (cmd);
trace_me ();
argv = r_str_argv (_cmd, NULL);
if (!argv) {
free (_cmd);
return -1;
}
if (argv && *argv) {
int i;
for (i = 3; i < 1024; i++)
(void)close (i);
execvp (argv[0], argv);
} else {
eprintf ("Invalid execvp\n");
}
r_str_argv_free (argv);
free (_cmd);
}
perror ("fork_and_attach: execv");
//printf(stderr, "[%d] %s execv failed.\n", getpid(), ps.filename);
exit (MAGIC_EXIT); /* error */
return 0; // invalid pid // if exit is overriden.. :)
default:
/* XXX: clean this dirty code */
do {
ret = wait (&status);
if (ret == -1) return -1;
if (ret != child_pid) {
eprintf ("Wait event received by "
"different pid %d\n", ret);
}
} while (ret != child_pid);
if (WIFSTOPPED (status))
eprintf ("Process with PID %d started...\n", (int)child_pid);
if (WEXITSTATUS (status) == MAGIC_EXIT)
child_pid = -1;
// XXX kill (pid, SIGSTOP);
break;
}
return child_pid;
}
