Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2024-10-07 18:43:45 +00:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Add PIE (ASLR) field in RBinInfo for ELF, MACH0 and PE

Browse Source
This commit is contained in:
pancake 2012-11-07 18:18:52 +01:00
parent 08e93418f5
commit 6956fe003a
13 changed files with 60 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libr/bin/format/mach0/mach0.c
View File

@ -766,6 +766,10 @@ char* MACH0_(r_bin_mach0_get_cpusubtype)(struct MACH0_(r_bin_mach0_obj_t)* bin)
}
}
int MACH0_(r_bin_mach0_is_pie)(struct MACH0_(r_bin_mach0_obj_t)* bin) {
return (bin->hdr.filetype == MH_EXECUTE && bin->hdr.flags & MH_PIE);
}
char* MACH0_(r_bin_mach0_get_filetype)(struct MACH0_(r_bin_mach0_obj_t)* bin) {
switch (bin->hdr.filetype) {
case MH_OBJECT: return strdup ("Relocatable object");

1
libr/bin/format/mach0/mach0.h
View File

@ -95,6 +95,7 @@ ut64 MACH0_(r_bin_mach0_get_baddr)(struct MACH0_(r_bin_mach0_obj_t)* bin);
char* MACH0_(r_bin_mach0_get_class)(struct MACH0_(r_bin_mach0_obj_t)* bin);
int MACH0_(r_bin_mach0_get_bits)(struct MACH0_(r_bin_mach0_obj_t)* bin);
int MACH0_(r_bin_mach0_is_big_endian)(struct MACH0_(r_bin_mach0_obj_t)* bin);
int MACH0_(r_bin_mach0_is_pie)(struct MACH0_(r_bin_mach0_obj_t)* bin);
char* MACH0_(r_bin_mach0_get_cputype)(struct MACH0_(r_bin_mach0_obj_t)* bin);
char* MACH0_(r_bin_mach0_get_cpusubtype)(struct MACH0_(r_bin_mach0_obj_t)* bin);
char* MACH0_(r_bin_mach0_get_filetype)(struct MACH0_(r_bin_mach0_obj_t)* bin);

1
libr/bin/format/mach0/mach0_specs.h
View File

@ -170,6 +170,7 @@ struct mach_header_64 {
in the task will be given stack
execution privilege. Only used in
MH_EXECUTE filetypes. */
#define MH_PIE 0x200000
/*
* Capability bits used in the definition of cpu_type.

46
libr/bin/format/pe/pe.c
View File

@ -171,8 +171,10 @@ static int PE_(r_bin_pe_init_sections)(struct PE_(r_bin_pe_obj_t)* bin) {
}
static int PE_(r_bin_pe_init_imports)(struct PE_(r_bin_pe_obj_t) *bin) {
PE_(image_data_directory) *data_dir_import = &bin->nt_headers->optional_header.DataDirectory[PE_IMAGE_DIRECTORY_ENTRY_IMPORT];
PE_(image_data_directory) *data_dir_delay_import = &bin->nt_headers->optional_header.DataDirectory[PE_IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT];
PE_(image_data_directory) *data_dir_import = \
&bin->nt_headers->optional_header.DataDirectory[PE_IMAGE_DIRECTORY_ENTRY_IMPORT];
PE_(image_data_directory) *data_dir_delay_import = \
&bin->nt_headers->optional_header.DataDirectory[PE_IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT];
PE_DWord import_dir_offset = PE_(r_bin_pe_rva_to_offset)(bin, data_dir_import->VirtualAddress);
PE_DWord delay_import_dir_offset = PE_(r_bin_pe_rva_to_offset)(bin, data_dir_delay_import->VirtualAddress);
int import_dir_size = data_dir_import->Size;
@ -195,7 +197,8 @@ static int PE_(r_bin_pe_init_imports)(struct PE_(r_bin_pe_obj_t) *bin) {
perror("malloc (delay import directory)");
return R_FALSE;
}
if (r_buf_read_at(bin->b, delay_import_dir_offset, (ut8*)bin->delay_import_directory, delay_import_dir_size) == -1) {
if (r_buf_read_at(bin->b, delay_import_dir_offset,
(ut8*)bin->delay_import_directory, delay_import_dir_size) == -1) {
eprintf("Error: read (delay import directory)\n");
return R_FALSE;
}
@ -205,7 +208,8 @@ static int PE_(r_bin_pe_init_imports)(struct PE_(r_bin_pe_obj_t) *bin) {
static int PE_(r_bin_pe_init_exports)(struct PE_(r_bin_pe_obj_t) *bin)
{
PE_(image_data_directory) *data_dir_export = &bin->nt_headers->optional_header.DataDirectory[PE_IMAGE_DIRECTORY_ENTRY_EXPORT];
PE_(image_data_directory) *data_dir_export = \
&bin->nt_headers->optional_header.DataDirectory[PE_IMAGE_DIRECTORY_ENTRY_EXPORT];
PE_DWord export_dir_offset = PE_(r_bin_pe_rva_to_offset)(bin, data_dir_export->VirtualAddress);
if (export_dir_offset == 0)
@ -222,8 +226,7 @@ static int PE_(r_bin_pe_init_exports)(struct PE_(r_bin_pe_obj_t) *bin)
return R_TRUE;
}
static int PE_(r_bin_pe_init)(struct PE_(r_bin_pe_obj_t)* bin)
{
static int PE_(r_bin_pe_init)(struct PE_(r_bin_pe_obj_t)* bin) {
bin->dos_header = NULL;
bin->nt_headers = NULL;
bin->section_header = NULL;
@ -231,7 +234,6 @@ static int PE_(r_bin_pe_init)(struct PE_(r_bin_pe_obj_t)* bin)
bin->import_directory = NULL;
bin->delay_import_directory = NULL;
bin->endian = 0; /* TODO: get endian */
if (!PE_(r_bin_pe_init_hdr)(bin)) {
eprintf("Warning: File is not PE\n");
return R_FALSE;
@ -245,10 +247,8 @@ static int PE_(r_bin_pe_init)(struct PE_(r_bin_pe_obj_t)* bin)
return R_TRUE;
}
char* PE_(r_bin_pe_get_arch)(struct PE_(r_bin_pe_obj_t)* bin)
{
char* PE_(r_bin_pe_get_arch)(struct PE_(r_bin_pe_obj_t)* bin) {
char *arch;
switch (bin->nt_headers->file_header.Machine) {
case PE_IMAGE_FILE_MACHINE_ALPHA:
case PE_IMAGE_FILE_MACHINE_ALPHA64:
@ -277,8 +277,7 @@ char* PE_(r_bin_pe_get_arch)(struct PE_(r_bin_pe_obj_t)* bin)
return arch;
}
struct r_bin_pe_addr_t* PE_(r_bin_pe_get_entrypoint)(struct PE_(r_bin_pe_obj_t)* bin)
{
struct r_bin_pe_addr_t* PE_(r_bin_pe_get_entrypoint)(struct PE_(r_bin_pe_obj_t)* bin) {
struct r_bin_pe_addr_t *entry = NULL;
if ((entry = malloc(sizeof(struct r_bin_pe_addr_t))) == NULL) {
@ -292,15 +291,15 @@ struct r_bin_pe_addr_t* PE_(r_bin_pe_get_entrypoint)(struct PE_(r_bin_pe_obj_t)*
return entry;
}
struct r_bin_pe_export_t* PE_(r_bin_pe_get_exports)(struct PE_(r_bin_pe_obj_t)* bin)
{
struct r_bin_pe_export_t* PE_(r_bin_pe_get_exports)(struct PE_(r_bin_pe_obj_t)* bin) {
struct r_bin_pe_export_t *exports = NULL;
PE_VWord functions_offset, names_offset, ordinals_offset, function_rva, name_rva, name_offset;
PE_Word function_ordinal;
char function_name[PE_NAME_LENGTH], forwarder_name[PE_NAME_LENGTH];
char dll_name[PE_NAME_LENGTH], export_name[PE_NAME_LENGTH];
int i;
PE_(image_data_directory) *data_dir_export = &bin->nt_headers->optional_header.DataDirectory[PE_IMAGE_DIRECTORY_ENTRY_EXPORT];
PE_(image_data_directory) *data_dir_export = \
&bin->nt_headers->optional_header.DataDirectory[PE_IMAGE_DIRECTORY_ENTRY_EXPORT];
PE_VWord export_dir_rva = data_dir_export->VirtualAddress;
int export_dir_size = data_dir_export->Size;
@ -317,16 +316,16 @@ struct r_bin_pe_export_t* PE_(r_bin_pe_get_exports)(struct PE_(r_bin_pe_obj_t)*
names_offset = PE_(r_bin_pe_rva_to_offset)(bin, bin->export_directory->AddressOfNames);
ordinals_offset = PE_(r_bin_pe_rva_to_offset)(bin, bin->export_directory->AddressOfOrdinals);
for (i = 0; i < bin->export_directory->NumberOfNames; i++) {
if (r_buf_read_at(bin->b, functions_offset + i * sizeof(PE_VWord), (ut8*)&function_rva, sizeof(PE_VWord)) == -1) {
eprintf("Error: read (function rva)\n");
if (r_buf_read_at (bin->b, functions_offset + i * sizeof(PE_VWord), (ut8*)&function_rva, sizeof(PE_VWord)) == -1) {
eprintf ("Error: read (function rva)\n");
return NULL;
}
if (r_buf_read_at(bin->b, ordinals_offset + i * sizeof(PE_Word), (ut8*)&function_ordinal, sizeof(PE_Word)) == -1) {
eprintf("Error: read (function ordinal)\n");
eprintf ("Error: read (function ordinal)\n");
return NULL;
}
if (r_buf_read_at(bin->b, names_offset + i * sizeof(PE_VWord), (ut8*)&name_rva, sizeof(PE_VWord)) == -1) {
eprintf("Error: read (name rva)\n");
eprintf ("Error: read (name rva)\n");
return NULL;
}
name_offset = PE_(r_bin_pe_rva_to_offset)(bin, name_rva);
@ -687,6 +686,15 @@ int PE_(r_bin_pe_is_dll)(struct PE_(r_bin_pe_obj_t)* bin) {
return bin->nt_headers->file_header.Characteristics & PE_IMAGE_FILE_DLL;
}
int PE_(r_bin_pe_is_pie)(struct PE_(r_bin_pe_obj_t)* bin) {
return bin->nt_headers->optional_header.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE;
#if 0
BOOL aslr = inh->OptionalHeader.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE;
//TODO : implement dep?
BOOL dep = inh->OptionalHeader.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_NX_COMPAT;
#endif
}
int PE_(r_bin_pe_is_big_endian)(struct PE_(r_bin_pe_obj_t)* bin) {
return bin->nt_headers->file_header.Characteristics & PE_IMAGE_FILE_BYTES_REVERSED_HI;
}

2
libr/bin/format/pe/pe64.c
View File

@ -1,4 +1,4 @@
/* radare - LGPL - Copyright 2008 nibble<.ds@gmail.com> */
/* radare - LGPL - Copyright 2008-2012 - nibble */
#define R_BIN_PE64 1
#include "pe.c"

3
libr/bin/format/pe/pe_specs.h
View File

@ -102,6 +102,9 @@ typedef struct {
#define PE_IMAGE_FILE_UP_SYSTEM_ONLY 0x4000
#define PE_IMAGE_FILE_BYTES_REVERSED_HI 0x8000
#define IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE 0x4000
#define IMAGE_DLLCHARACTERISTICS_NX_COMPAT 0x0100
typedef struct {
ut16 Machine;
ut16 NumberOfSections;

4
libr/bin/p/bin_elf.c
View File

@ -214,9 +214,8 @@ static RBinInfo* info(RBinArch *arch) {
RBinInfo *ret = NULL;
char *str;
if(!(ret = R_NEW (RBinInfo)))
if(!(ret = R_NEW0 (RBinInfo)))
return NULL;
memset (ret, '\0', sizeof (RBinInfo));
ret->lang = "C";
strncpy (ret->file, arch->file, R_BIN_SIZEOF_STRINGS);
if ((str = Elf_(r_bin_elf_get_rpath)(arch->bin_obj))) {
@ -226,6 +225,7 @@ static RBinInfo* info(RBinArch *arch) {
if ((str = Elf_(r_bin_elf_get_file_type) (arch->bin_obj)) == NULL)
return NULL;
strncpy (ret->type, str, R_BIN_SIZEOF_STRINGS);
ret->has_pi = (strstr (str, "DYN"))? 1: 0;
free (str);
if ((str = Elf_(r_bin_elf_get_elf_class) (arch->bin_obj)) == NULL)
return NULL;

1
libr/bin/p/bin_mach0.c
View File

@ -176,6 +176,7 @@ static RBinInfo* info(RBinArch *arch) {
/* TODO detailed debug info */
ret->dbg_info = 0;
ret->has_va = R_TRUE;
ret->has_pi = MACH0_(r_bin_mach0_is_pie) (arch->bin_obj);
return ret;
}

7
libr/core/bin.c
View File

@ -87,6 +87,7 @@ static int bin_info (RCore *r, int mode) {
"\"arch\":\"%s\","
"\"os\":\"%s\","
"\"lang\":\"%s\","
"\"pic\":%s,"
"\"va\":%s,"
"\"bits\":%d,"
"\"stripped\":%s,"
@ -101,6 +102,7 @@ static int bin_info (RCore *r, int mode) {
info->arch,
info->os,
info->lang?info->lang:"",
info->has_pi? "true": "false",
info->has_va? "true": "false",
info->bits,
r_str_bool (R_BIN_DBG_STRIPPED (info->dbg_info)),
@ -158,6 +160,7 @@ static int bin_info (RCore *r, int mode) {
r_cons_printf ("[File info]\n");
r_cons_printf ("File=%s\n"
"Type=%s\n"
"PositionIndependent=%s\n"
"HasVA=%s\n"
"RootClass=%s\n"
"Class=%s\n"
@ -173,7 +176,9 @@ static int bin_info (RCore *r, int mode) {
"Local_syms=%s\n"
"Relocs=%s\n"
"RPath=%s\n",
info->file, info->type, r_str_bool (info->has_va),
info->file, info->type,
r_str_bool (info->has_pi),
r_str_bool (info->has_va),
info->rclass, info->bclass, info->lang?info->lang:"unknown",
info->arch, info->bits, info->machine, info->os,
info->subsystem,

8
libr/core/config.c
View File

@ -599,7 +599,13 @@ R_API int r_core_config_init(RCore *core) {
if (r_file_exists ("/usr/bin/gqview"))
r_config_set (cfg, "cmd.graph", "!dot -Tgif -oa.gif a.dot;!gqview a.gif");
else
r_config_set (cfg, "cmd.graph", "!dot -Tgif -oa.gif a.dot;!gqview a.gif");
if (r_file_exists ("/usr/bin/eog"))
r_config_set (cfg, "cmd.graph", "!dot -Tgif -oa.gif a.dot;!eog a.gif");
else
if (r_file_exists ("/usr/bin/xdg-open"))
r_config_set (cfg, "cmd.graph", "!dot -Tgif -oa.gif a.dot;!xdg-open a.gif");
else
r_config_set (cfg, "cmd.graph", "?e cannot find a valid picture viewer");
r_config_desc (cfg, "cmd.graph", "Command executed by 'agv' command to view graphs");
r_config_set (cfg, "cmd.hit", "");
r_config_desc (cfg, "cmd.hit", "Command to execute on every search hit");

1
libr/include/r_bin.h
View File

@ -63,6 +63,7 @@ typedef struct r_bin_info_t {
const char *lang;
int bits;
int has_va;
int has_pi; // pic/pie
int big_endian;
ut64 dbg_info;
} RBinInfo;

2
shlr/www/index.html
View File

@ -1,7 +1,7 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>r2w2</title>
<title>r2wUI</title>
<!--
<meta content="yes" name="apple-mobile-web-app-capable" />
<meta name="apple-mobile-web-app-status-bar-style" content="black" />

10
shlr/www/script.js
View File

@ -8,9 +8,9 @@ function Ajax (method, uri, body, fn) {
}
function r_core_cmd_str (x, cb) {
Ajax ("POST", "?setComment="+hwid, cmt, function (x) {
alert (x);
/* force refresh */
location.reload (true);
});
Ajax ("POST", "?setComment="+hwid, cmt, function (x) {
alert (x);
/* force refresh */
location.reload (true);
});
}