Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2024-10-10 12:24:20 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

* Added maps for debug.bfdbg

Browse Source 
- Implement dm* command
* Implement hex:// handler in io.malloc plugin
  - r2 hex://1020304090102030
This commit is contained in:
pancake 2011-10-09 19:45:34 +02:00
parent 9bf02ca738
commit 42edc834d2
7 changed files with 83 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
TODO
View File

@ -11,13 +11,14 @@
* shell encoder - get x86-64 one from twitter * shell encoder - get x86-64 one from twitter
- http://funoverip.net/2011/09/simple-shellcode-obfuscation/ - http://funoverip.net/2011/09/simple-shellcode-obfuscation/
* cleanup magic database.. too slow for search :( * cleanup magic database.. too slow for search :(
* use centralized pubsub or memcached to sync data
* rabin2 -z /dev/sda1 TAKES TOO LONG. opening r2 /tmp/fs is SLOW as shit. * rabin2 -z /dev/sda1 TAKES TOO LONG. opening r2 /tmp/fs is SLOW as shit.
* Implement differential distance signature search
====[[ 0.9 ]]==== ====[[ 0.9 ]]====
* Add support for classes (useful for c++, dex, objc, ...) * Add support for classes (useful for c++, dex, objc, ...)
- command to add new classes - command to add new classes
* Implement hex:// io :D like malloc but initialized.. use malloc here?
OSX OSX
=== ===
@ -28,10 +29,6 @@ Other stuff
=========== ===========
* code analysis for msil * code analysis for msil
* rax2 -k by default? * rax2 -k by default?
* r_anal_find_fcn() is O(N). should be O(1)
- var r = RHashTable<RList>()
var l = r.add ("0x8048000-0x8049000", new RList ())
l.append (ReferenceTo (fcn)
* Optimize /m * Optimize /m
- search only using given file, not loading default library - search only using given file, not loading default library
- do not read each block byte per byte - do not read each block byte per byte
@ -41,7 +38,6 @@ Other stuff
* Merge libr/db inside libr/util ? * Merge libr/db inside libr/util ?
* Test r_search_delta() * Test r_search_delta()
* Dupped javasm bin/asm -- must merge * Dupped javasm bin/asm -- must merge
* Implement differential distance signature search
* Rename r_hashtable -> r_ht * Rename r_hashtable -> r_ht
- Make ht64.c include ht.c - Make ht64.c include ht.c

17
libr/core/cmd.c
View File

@ -4617,7 +4617,7 @@ R_API int r_core_cmd_command(RCore *core, const char *command) {
return 0; return 0;
} }
static void cmd_dm(RCore *core, const char *input) { static void cmd_debug_dm(RCore *core, const char *input) {
switch (input[0]) { switch (input[0]) {
case '?': case '?':
r_cons_printf ( r_cons_printf (
@ -4670,13 +4670,16 @@ static void cmd_dm(RCore *core, const char *input) {
} }
break; break;
case '*': case '*':
r_debug_map_sync (core->dbg); // update process memory maps
r_debug_map_list (core->dbg, core->offset, 1);
break;
case '-': case '-':
case ' ': case ' ':
eprintf ("TODO\n"); eprintf ("TODO\n");
break; break;
default: default:
r_debug_map_sync (core->dbg); // update process memory maps r_debug_map_sync (core->dbg); // update process memory maps
r_debug_map_list (core->dbg, core->offset); r_debug_map_list (core->dbg, core->offset, 0);
break; break;
} }
} }
@ -4748,11 +4751,9 @@ static void cmd_debug_pid(RCore *core, const char *input) {
/* XXX: but we want fine-grained access to process resources */ /* XXX: but we want fine-grained access to process resources */
pid = atoi (input+2); pid = atoi (input+2);
ptr = strchr (input, ' '); ptr = strchr (input, ' ');
if (ptr) sig = atoi (ptr+1); sig = ptr? atoi (ptr+1): 0;
else sig = 0;
if (pid > 0) { if (pid > 0) {
eprintf ("Sending signal '%d' to pid '%d'\n", eprintf ("Sending signal '%d' to pid '%d'\n", sig, pid);
sig, pid);
r_debug_kill (core->dbg, R_FALSE, sig); r_debug_kill (core->dbg, R_FALSE, sig);
} else eprintf ("Invalid arguments\n"); } else eprintf ("Invalid arguments\n");
break; break;
@ -5065,7 +5066,7 @@ static int cmd_debug(void *data, const char *input) {
follow = r_config_get_i (core->config, "dbg.follow"); follow = r_config_get_i (core->config, "dbg.follow");
break; break;
case 'm': case 'm':
cmd_dm (core, input+1); cmd_debug_dm (core, input+1);
break; break;
case 'r': case 'r':
cmd_reg (core, input+1); cmd_reg (core, input+1);
@ -5091,7 +5092,7 @@ static int cmd_debug(void *data, const char *input) {
" db[?] breakpoints\n" " db[?] breakpoints\n"
" dbt display backtrace\n" " dbt display backtrace\n"
" dt[r] [tag] display instruction traces (dtr=reset)\n" " dt[r] [tag] display instruction traces (dtr=reset)\n"
" dm show memory maps\n"); " dm[?*] show memory maps\n");
break; break;
} }
if (follow>0) { if (follow>0) {

44
libr/debug/map.c
View File

@ -3,21 +3,37 @@
#include <r_debug.h> #include <r_debug.h>
#include <r_list.h> #include <r_list.h>
R_API void r_debug_map_list(RDebug *dbg, ut64 addr) { R_API void r_debug_map_list(RDebug *dbg, ut64 addr, int rad) {
RListIter *iter = r_list_iterator (dbg->maps); RListIter *iter = r_list_iterator (dbg->maps);
while (r_list_iter_next (iter)) { if (rad) {
RDebugMap *map = r_list_iter_get (iter); while (r_list_iter_next (iter)) {
dbg->printf ("sys 0x%08"PFMT64x" %c 0x%08"PFMT64x" %c %s %s\n", RDebugMap *map = r_list_iter_get (iter);
map->addr, (addr>=map->addr && addr<=map->addr_end)?'*':'-', dbg->printf ("f map.%s.%s 0x%08"PFMT64x" 0x%08"PFMT64x"\n",
map->addr_end, map->user?'u':'s', r_str_rwx_i (map->perm), map->name); map->name, r_str_rwx_i (map->perm),
} map->addr_end - map->addr, map->addr);
iter = r_list_iterator (dbg->maps_user); }
while (r_list_iter_next (iter)) { iter = r_list_iterator (dbg->maps_user);
RDebugMap *map = r_list_iter_get (iter); while (r_list_iter_next (iter)) {
dbg->printf ("usr 0x%08"PFMT64x" - 0x%08"PFMT64x" %c %x %s\n", RDebugMap *map = r_list_iter_get (iter);
map->addr, map->addr_end, dbg->printf ("f map.%s.%s 0x%08"PFMT64x" 0x%08"PFMT64x"\n",
map->user?'u':'s', map->name, r_str_rwx_i (map->perm),
map->perm, map->name); map->addr_end - map->addr, map->addr);
}
} else {
while (r_list_iter_next (iter)) {
RDebugMap *map = r_list_iter_get (iter);
dbg->printf ("sys 0x%08"PFMT64x" %c 0x%08"PFMT64x" %c %s %s\n",
map->addr, (addr>=map->addr && addr<=map->addr_end)?'*':'-',
map->addr_end, map->user?'u':'s', r_str_rwx_i (map->perm), map->name);
}
iter = r_list_iterator (dbg->maps_user);
while (r_list_iter_next (iter)) {
RDebugMap *map = r_list_iter_get (iter);
dbg->printf ("usr 0x%08"PFMT64x" - 0x%08"PFMT64x" %c %x %s\n",
map->addr, map->addr_end,
map->user?'u':'s',
map->perm, map->name);
}
} }
} }

19
libr/debug/p/debug_bf.c
View File

@ -163,6 +163,22 @@ static int r_debug_native_bp(RDebug *dbg, int add, ut64 addr, int hw, int rwx) {
return R_FALSE; return R_FALSE;
} }
static RList *r_debug_native_map_get(RDebug *dbg) {
RIOBfdbg *o = dbg->iob.io->fd->data;
BfvmCPU *c = o->bfvm;
RList *list = r_list_new ();
list->free = r_debug_map_free;
r_list_append (list, r_debug_map_new (
"code", 0, 4096, 6, 0));
r_list_append (list, r_debug_map_new (
"memory", c->base, c->base+c->size, 6, 0));
r_list_append (list, r_debug_map_new (
"screen", c->screen, c->screen+c->screen_size, 6, 0));
r_list_append (list, r_debug_map_new (
"input", c->input, c->input+c->input_size, 6, 0));
return list;
}
struct r_debug_plugin_t r_debug_plugin_bf = { struct r_debug_plugin_t r_debug_plugin_bf = {
.name = "bf", .name = "bf",
/* TODO: Add support for more architectures here */ /* TODO: Add support for more architectures here */
@ -185,7 +201,8 @@ struct r_debug_plugin_t r_debug_plugin_bf = {
.breakpoint = &r_debug_bf_breakpoint, .breakpoint = &r_debug_bf_breakpoint,
.reg_read = &r_debug_bf_reg_read, .reg_read = &r_debug_bf_reg_read,
.reg_write = &r_debug_bf_reg_write, .reg_write = &r_debug_bf_reg_write,
.reg_profile = (void *)r_debug_bf_reg_profile, .reg_profile = r_debug_bf_reg_profile,
.map_get = r_debug_native_map_get,
// .breakpoint = r_debug_native_bp, // .breakpoint = r_debug_native_bp,
//.ptr_write = &r_debug_bf_ptr_write, //.ptr_write = &r_debug_bf_ptr_write,
//.ptr_read = &r_debug_bf_ptr_read, //.ptr_read = &r_debug_bf_ptr_read,

9
libr/debug/p/debug_native.c
View File

@ -1588,7 +1588,6 @@ static RList *r_debug_native_map_get(RDebug *dbg) {
eprintf ("r_debug_native_map_get: No selected pid (-1)\n"); eprintf ("r_debug_native_map_get: No selected pid (-1)\n");
return NULL; return NULL;
} }
#if __KFBSD__ #if __KFBSD__
list = r_debug_native_sysctl_map (dbg); list = r_debug_native_sysctl_map (dbg);
if (list != NULL) if (list != NULL)
@ -1629,7 +1628,7 @@ static RList *r_debug_native_map_get(RDebug *dbg) {
if (!pos_c) if (!pos_c)
continue; continue;
pos_c[-1] = (char)'0'; pos_c[-1] = (char)'0'; // xxx. this is wrong
pos_c[ 0] = (char)'x'; pos_c[ 0] = (char)'x';
strncpy (region2, pos_c-1, sizeof (region2)-1); strncpy (region2, pos_c-1, sizeof (region2)-1);
#endif // __KFBSD__ #endif // __KFBSD__
@ -1640,7 +1639,7 @@ static RList *r_debug_native_map_get(RDebug *dbg) {
snprintf (path, sizeof (path), "unk%d", unk++); snprintf (path, sizeof (path), "unk%d", unk++);
perm = 0; perm = 0;
for(i = 0; perms[i] && i < 4; i++) for (i = 0; perms[i] && i < 4; i++)
switch (perms[i]) { switch (perms[i]) {
case 'r': perm |= R_IO_READ; break; case 'r': perm |= R_IO_READ; break;
case 'w': perm |= R_IO_WRITE; break; case 'w': perm |= R_IO_WRITE; break;
@ -2066,9 +2065,9 @@ struct r_debug_plugin_t r_debug_plugin_native = {
.kill = &r_debug_native_kill, .kill = &r_debug_native_kill,
.frames = &r_debug_native_frames, // rename to backtrace ? .frames = &r_debug_native_frames, // rename to backtrace ?
.reg_profile = (void *)r_debug_native_reg_profile, .reg_profile = (void *)r_debug_native_reg_profile,
.reg_read = &r_debug_native_reg_read, .reg_read = r_debug_native_reg_read,
.reg_write = (void *)&r_debug_native_reg_write, .reg_write = (void *)&r_debug_native_reg_write,
.map_get = (void *)&r_debug_native_map_get, .map_get = r_debug_native_map_get,
.breakpoint = r_debug_native_bp, .breakpoint = r_debug_native_bp,
}; };

2
libr/include/r_debug.h
View File

@ -254,7 +254,7 @@ R_API void r_debug_map_list_free(RList *maps);
R_API RDebugMap *r_debug_map_get(RDebug *dbg, ut64 addr); R_API RDebugMap *r_debug_map_get(RDebug *dbg, ut64 addr);
R_API RDebugMap *r_debug_map_new (char *name, ut64 addr, ut64 addr_end, int perm, int user); R_API RDebugMap *r_debug_map_new (char *name, ut64 addr, ut64 addr_end, int perm, int user);
R_API void r_debug_map_free(RDebugMap *map); R_API void r_debug_map_free(RDebugMap *map);
R_API void r_debug_map_list(RDebug *dbg, ut64 addr); R_API void r_debug_map_list(RDebug *dbg, ut64 addr, int rad);
/* descriptors */ /* descriptors */
R_API RDebugDesc *r_debug_desc_new (int fd, char* path, int perm, int type, int off); R_API RDebugDesc *r_debug_desc_new (int fd, char* path, int perm, int type, int off);

27
libr/io/p/io_malloc.c
View File

@ -28,8 +28,10 @@ static int __write(struct r_io_t *io, RIODesc *fd, const ut8 *buf, int count) {
static int __read(struct r_io_t *io, RIODesc *fd, ut8 *buf, int count) { static int __read(struct r_io_t *io, RIODesc *fd, ut8 *buf, int count) {
if (fd == NULL || fd->data == NULL) if (fd == NULL || fd->data == NULL)
return -1; return -1;
if (io->off+count >= RIOMALLOC_SZ (fd)) if (io->off>= RIOMALLOC_SZ (fd))
return -1; return -1;
if (io->off+count >= RIOMALLOC_SZ (fd))
count = RIOMALLOC_SZ (fd) - io->off;
memcpy (buf, RIOMALLOC_BUF (fd)+io->off, count); memcpy (buf, RIOMALLOC_BUF (fd)+io->off, count);
return count; return count;
} }
@ -57,25 +59,34 @@ static ut64 __lseek(struct r_io_t *io, RIODesc *fd, ut64 offset, int whence) {
} }
static int __plugin_open(struct r_io_t *io, const char *pathname) { static int __plugin_open(struct r_io_t *io, const char *pathname) {
return (!memcmp (pathname, "malloc://", 9)); return (
(!memcmp (pathname, "malloc://", 9)) ||
(!memcmp (pathname, "hex://", 6))
);
} }
static inline int getmalfd (RIOMalloc *mal) { static inline int getmalfd (RIOMalloc *mal) {
return 0xfffffff & (int)(size_t)mal->buf; return 0xfffff & (int)(size_t)mal->buf;
} }
static RIODesc *__open(struct r_io_t *io, const char *pathname, int rw, int mode) { static RIODesc *__open(struct r_io_t *io, const char *pathname, int rw, int mode) {
if (__plugin_open (io, pathname)) { if (__plugin_open (io, pathname)) {
RIOMalloc *mal = R_NEW (RIOMalloc); RIOMalloc *mal = R_NEW (RIOMalloc);
mal->fd = getmalfd (mal); mal->fd = getmalfd (mal);
mal->size = atoi (pathname+9); if (!memcmp (pathname, "hex://", 6)) {
if ((mal->size)>0) { mal->size = strlen (pathname);
mal->buf = malloc (mal->size); mal->buf = malloc (mal->size);
if (mal->buf != NULL) { memset (mal->buf, 0, mal->size);
mal->size = r_hex_str2bin (pathname+6, mal->buf);
} else {
mal->size = atoi (pathname+9);
if ((mal->size)>0) {
mal->buf = malloc (mal->size);
memset (mal->buf, '\0', mal->size); memset (mal->buf, '\0', mal->size);
return r_io_desc_new (&r_io_plugin_malloc, mal->fd, pathname, rw, mode, mal);
} }
} }
if (mal->buf != NULL)
return r_io_desc_new (&r_io_plugin_malloc, mal->fd, pathname, rw, mode, mal);
eprintf ("Cannot allocate (%s) %d bytes\n", pathname+9, mal->size); eprintf ("Cannot allocate (%s) %d bytes\n", pathname+9, mal->size);
free (mal); free (mal);
} }
@ -84,7 +95,7 @@ static RIODesc *__open(struct r_io_t *io, const char *pathname, int rw, int mode
struct r_io_plugin_t r_io_plugin_malloc = { struct r_io_plugin_t r_io_plugin_malloc = {
.name = "malloc", .name = "malloc",
.desc = "memory allocation (malloc://1024)", .desc = "memory allocation (malloc://1024 hex://10294505)",
.open = __open, .open = __open,
.close = __close, .close = __close,
.read = __read, .read = __read,