2014-04-03 22:55:16 +02:00
|
|
|
/* radare - LGPL - Copyright 2006-2014 - esteve, pancake */
|
2009-02-05 22:08:46 +01:00
|
|
|
|
|
|
|
|
#include "r_search.h"
|
2014-05-16 04:07:03 +02:00
|
|
|
#include "r_print.h"
|
2009-02-05 22:08:46 +01:00
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
|
|
|
|
|
#define CTXMINB 5
|
|
|
|
|
#define BSIZE (1024*1024)
|
|
|
|
|
#define MAX_PATLEN 1024
|
|
|
|
|
|
2010-01-11 00:22:39 +01:00
|
|
|
typedef struct _fnditem {
|
2009-02-05 22:08:46 +01:00
|
|
|
unsigned char str[MAX_PATLEN];
|
|
|
|
|
void* next;
|
|
|
|
|
} fnditem;
|
|
|
|
|
|
2011-03-02 11:45:20 +01:00
|
|
|
static fnditem* init_fi() {
|
2009-02-05 22:08:46 +01:00
|
|
|
fnditem* n;
|
2011-03-02 11:45:20 +01:00
|
|
|
n = (fnditem*) malloc (sizeof (fnditem));
|
2016-05-24 21:22:15 +01:00
|
|
|
if (!n) return NULL;
|
2009-02-05 22:08:46 +01:00
|
|
|
n->next = NULL;
|
|
|
|
|
return n;
|
|
|
|
|
}
|
2011-03-02 11:45:20 +01:00
|
|
|
|
|
|
|
|
static void fini_fi(fnditem* fi) {
|
|
|
|
|
fnditem *fu;
|
|
|
|
|
fu = fi;
|
|
|
|
|
while (fi->next) {
|
|
|
|
|
fu = fi;
|
|
|
|
|
fi = fi->next;
|
|
|
|
|
free (fu);
|
2013-02-25 11:09:24 +01:00
|
|
|
fu = NULL;
|
2011-03-02 11:45:20 +01:00
|
|
|
}
|
|
|
|
|
free (fu);
|
|
|
|
|
}
|
2009-02-05 22:08:46 +01:00
|
|
|
|
2010-03-15 10:46:41 +01:00
|
|
|
static void add_fi (fnditem* n, unsigned char* blk, int patlen) {
|
2009-02-05 22:08:46 +01:00
|
|
|
fnditem* p;
|
2011-03-02 11:45:20 +01:00
|
|
|
for (p=n; p->next!=NULL; p=p->next);
|
|
|
|
|
p->next = (fnditem*) malloc (sizeof (fnditem));
|
2009-02-05 22:08:46 +01:00
|
|
|
p = p->next;
|
2011-03-02 11:45:20 +01:00
|
|
|
memcpy (p->str, blk, patlen);
|
2009-02-05 22:08:46 +01:00
|
|
|
p->next = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-15 10:46:41 +01:00
|
|
|
static int is_fi_present(fnditem* n, unsigned char* blk , int patlen) {
|
2009-02-05 22:08:46 +01:00
|
|
|
fnditem* p;
|
2014-04-03 22:55:16 +02:00
|
|
|
for (p=n; p->next!=NULL; p=p->next)
|
2010-03-15 10:46:41 +01:00
|
|
|
if (!memcmp (blk, p->str, patlen))
|
2015-09-14 02:08:31 +02:00
|
|
|
return true;
|
|
|
|
|
return false;
|
2009-02-05 22:08:46 +01:00
|
|
|
}
|
|
|
|
|
|
2011-03-02 11:45:20 +01:00
|
|
|
R_API int r_search_pattern(RSearch *s, ut64 from, ut64 to) {
|
2014-04-05 14:16:08 +02:00
|
|
|
ut8 block[BSIZE+MAX_PATLEN], sblk[BSIZE+MAX_PATLEN+1];
|
2014-04-03 22:55:16 +02:00
|
|
|
ut64 addr, bact, bytes, intaddr, rb, bproc = 0;
|
|
|
|
|
int nr,i, moar=0, pcnt, cnt = 0, k = 0;
|
2011-03-02 11:45:20 +01:00
|
|
|
int patlen = s->pattern_size;
|
|
|
|
|
fnditem* root;
|
2009-02-05 22:08:46 +01:00
|
|
|
|
2014-08-31 16:14:49 +04:00
|
|
|
eprintf ("Searching patterns between 0x%08"PFMT64x" and 0x%08"PFMT64x"\n", from, to);
|
2009-02-05 22:08:46 +01:00
|
|
|
if (patlen < 1 || patlen > MAX_PATLEN) {
|
2011-03-02 11:45:20 +01:00
|
|
|
eprintf ("Invalid pattern length (must be > 1 and < %d)\n", MAX_PATLEN);
|
2015-09-14 02:08:31 +02:00
|
|
|
return false;
|
2009-02-05 22:08:46 +01:00
|
|
|
}
|
2011-03-02 11:45:20 +01:00
|
|
|
bact = from;
|
|
|
|
|
bytes = to;
|
2014-04-03 22:55:16 +02:00
|
|
|
//bytes += bact;
|
2011-03-02 11:45:20 +01:00
|
|
|
root = init_fi ();
|
2009-02-05 22:08:46 +01:00
|
|
|
pcnt = -1;
|
|
|
|
|
|
2014-04-03 22:55:16 +02:00
|
|
|
// bact = from
|
|
|
|
|
// bytes = to
|
|
|
|
|
// bproc = from2
|
2011-03-02 11:45:20 +01:00
|
|
|
while (bact < bytes) {
|
|
|
|
|
addr = bact;
|
2014-05-14 23:24:46 +02:00
|
|
|
if (r_print_is_interrupted ()) {
|
|
|
|
|
break;
|
|
|
|
|
}
|
2014-04-03 22:55:16 +02:00
|
|
|
|
2009-02-05 22:08:46 +01:00
|
|
|
bproc = bact + patlen ;
|
|
|
|
|
// read ( fd, sblk, patlen );
|
2009-03-06 12:53:19 +01:00
|
|
|
//XXX bytepattern should be used with a read callback
|
2016-12-18 17:14:30 +01:00
|
|
|
nr = ((bytes - bproc) < BSIZE)?(bytes - bproc):BSIZE;
|
2009-02-05 22:08:46 +01:00
|
|
|
//XXX radare_read_at(bact, sblk, patlen);
|
2014-04-03 22:55:16 +02:00
|
|
|
rb = s->iob.read_at (s->iob.io, addr, sblk, nr);
|
|
|
|
|
sblk[patlen] = 0; // XXX
|
2009-02-05 22:08:46 +01:00
|
|
|
|
|
|
|
|
intaddr = bact;
|
|
|
|
|
cnt = 0;
|
2011-03-02 11:45:20 +01:00
|
|
|
while (bproc < bytes) {
|
2014-04-03 22:55:16 +02:00
|
|
|
// TODO: handle ^C here
|
2016-12-18 17:14:30 +01:00
|
|
|
nr = ((bytes - bproc) < BSIZE)?(bytes - bproc):BSIZE;
|
2011-03-02 11:45:20 +01:00
|
|
|
nr += (patlen - (nr % patlen)); // tamany de bloc llegit multiple superior de tamany busqueda
|
2014-04-03 22:55:16 +02:00
|
|
|
rb = s->iob.read_at (s->iob.io, bproc, block, nr);
|
2016-12-18 17:14:30 +01:00
|
|
|
if (rb < 1) {
|
|
|
|
|
bproc += nr;
|
2014-04-03 22:55:16 +02:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
nr = rb;
|
2011-03-02 11:45:20 +01:00
|
|
|
addr += nr;
|
2009-02-05 22:08:46 +01:00
|
|
|
moar = 0;
|
2016-12-18 17:14:30 +01:00
|
|
|
for (i = 0; i<nr; i++) {
|
2011-03-02 11:45:20 +01:00
|
|
|
if (!memcmp (&block[i], sblk, patlen) && !is_fi_present (root, sblk, patlen)){
|
2009-02-05 22:08:46 +01:00
|
|
|
if (cnt == 0) {
|
2011-03-02 11:45:20 +01:00
|
|
|
add_fi (root, sblk, patlen);
|
2009-02-05 22:08:46 +01:00
|
|
|
pcnt++;
|
2011-03-02 11:45:20 +01:00
|
|
|
eprintf ("\nbytes: %d: ", pcnt);
|
|
|
|
|
for (k = 0; k<patlen; k++)
|
|
|
|
|
eprintf ("%02x", sblk[k]);
|
|
|
|
|
eprintf ("\nfound: %d: 0x%08"PFMT64x" ", pcnt, intaddr);
|
2009-02-05 22:08:46 +01:00
|
|
|
}
|
|
|
|
|
moar++;
|
|
|
|
|
cnt++;
|
2011-03-02 11:45:20 +01:00
|
|
|
eprintf ("0x%08"PFMT64x" ", bproc+i);
|
2009-02-05 22:08:46 +01:00
|
|
|
}
|
|
|
|
|
}
|
2011-03-02 11:45:20 +01:00
|
|
|
if (moar>0)
|
|
|
|
|
eprintf ("\ncount: %d: %d\n", pcnt, moar+1);
|
2009-02-05 22:08:46 +01:00
|
|
|
bproc += rb;
|
|
|
|
|
}
|
2016-12-18 17:14:30 +01:00
|
|
|
bact += (moar > 0)? patlen: 1;
|
2009-02-05 22:08:46 +01:00
|
|
|
}
|
2011-03-02 11:45:20 +01:00
|
|
|
eprintf ("\n");
|
|
|
|
|
fini_fi (root);
|
2009-02-05 22:08:46 +01:00
|
|
|
return 0;
|
|
|
|
|
}
|
