x86.nz assembler: add jmp/call abs/rel (rip) memrefs

Add some more notes in INSTALL text Initial design work on dalvik payload instructions Open '-' virtual file as read-write (r2 -) Fix r_core_yank_to signature Remove io.va search warning (no more issues?)
2024-10-07 10:33:30 +00:00 · 2012-08-09 12:42:44 +02:00 · 2012-08-09 12:42:44 +02:00 · 85534da1e9
commit 85534da1e9
parent a0d18c8f38
10 changed files with 174 additions and 97 deletions
--- a/16
+++ b/16
@ -9,11 +9,23 @@ Then build:

  $ make -s

+  NOTE: You can override CC, CFLAGS, CPPFLAGS with environment.
+  Those variables are captured by make, not by configure.
+
 And install

-  $ sup make install
+  $ sudo make install

-If you regret about it, just 'make deinstall' :)
+If you are developing: install it with symlinks to avoid installing
+after every compilation.
+
+  $ sudo make symstall
+
+Deinstall:
+
+  $ make deinstall
+
+  NOTE: Make purge will remove *all* installed versions of r2.

 WINDOWS
 =======
--- a/binr/radare2/radare2.c
+++ b/binr/radare2/radare2.c
@ -1,4 +1,4 @@
-/* radare - LGPL - Copyright 2009-2012 pancake<nopcode.org> */
+/* radare - LGPL - Copyright 2009-2012 - pancake */

 #define USE_THREADS 1

--- a/libr/asm/arch/dalvik/opcode.h
+++ b/libr/asm/arch/dalvik/opcode.h
@ -81,7 +81,7 @@ static const struct dalvik_opcodes_t dalvik_opcodes[256] = {
 	{"new-array", 4, fmtopvAvBtCCCC},
 	{"filled-new-array", 6, fmtopvXtBBBB},
 	{"filled-new-array/range", 6, fmtopvCCCCmBBBB},
-	{"fill-array-data", 6, fmtopvAApBBBBBBBB},
+	{"fill-array-data-payload", 7, fmtopvAApBBBBBBBB},
 	{"throw", 2, fmtopvAA},
 	{"goto", 2, fmtoppAA},
 	{"goto/16", 4, fmtoppAAAA},
--- a/libr/asm/p/asm_dalvik.c
+++ b/libr/asm/p/asm_dalvik.c
@ -1,4 +1,4 @@
-/* radare - LGPL - Copyright 2009-2011 */
+/* radare - LGPL - Copyright 2009-2012 - earada, pancake */

 #include <stdio.h>
 #include <string.h>
@ -11,12 +11,18 @@

 static int dalvik_disassemble (RAsm *a, RAsmOp *op, const ut8 *buf, ut64 len) {
 	int i = (int) buf[0];
-	int size = 0;
 	int vA, vB, vC;
 	char str[1024];
 	ut64 offset;
+	int size = dalvik_opcodes[i].len;
+	int payload = size & 1;
+	size -= payload;
+	if (payload) {
+		payload = 0; // XXX: calculate proper size of payload
+		//size += payload;
+	}

-	if (dalvik_opcodes[i].len <= len) {
+	if (size <= len) {
 		strcpy (op->buf_asm, dalvik_opcodes[i].name);
 		size = dalvik_opcodes[i].len;
 		switch (dalvik_opcodes[i].fmt) {
@ -328,12 +334,13 @@ static int dalvik_disassemble (RAsm *a, RAsmOp *op, const ut8 *buf, ut64 len) {
 			strcpy (op->buf_asm, "invalid ");
 			size = 2;
 		}
-		op->inst_len = size;
 	} else {
 		strcpy (op->buf_asm, "invalid ");
 		op->inst_len = len;
 		size = len;
 	}
+	size += payload; // XXX
+	op->inst_len = size;
 	return size;
 }

--- a/libr/asm/p/asm_x86.c
+++ b/libr/asm/p/asm_x86.c
@ -1,4 +1,4 @@
-/* radare - LGPL - Copyright 2009-2011 nibble<.ds@gmail.com> */
+/* radare - LGPL - Copyright 2009-2012 - nibble */

 #include <stdio.h>
 #include <string.h>
--- a/libr/asm/p/asm_x86_nz.c
+++ b/libr/asm/p/asm_x86_nz.c
@ -1,4 +1,4 @@
-/* Copyright (C) 2008-2012 - pancake <nopcode.org> */
+/* Copyright (C) 2008-2012 - pancake */

 #include <stdio.h>
 #include <string.h>
@ -16,6 +16,8 @@ TODO
 BLA:
 	Add support for AND, OR, ..
        0x100000ec5    1    4883e4f0         and rsp, 0xfffffffffffffff0
+64bit:
+	ff25ea122100    jmp qword [rip+0x2112ea]
 #endif

 static int jop (ut64 addr, ut8 *data, ut8 a, ut8 b, const char *arg) {
@ -337,28 +339,58 @@ static int assemble(RAsm *a, RAsmOp *ao, const char *str) {
 			return l;
 		} else
 		if (!strcmp (op, "call")) {
-			ut64 dst = r_num_math (NULL, arg);
-			ut32 addr = dst;
-			ut8 *ptr = (ut8 *)&addr;
-
-			if (dst == 0) {
-				data[l++] = '\xff';
-				data[l] = getreg (arg) | 0xd0;
-				if (data[l] == 0xff) {
-					//eprintf ("Invalid argument for 'call' (%s)\n", arg);
-					return 0;
+			if (arg[0] == '[' && arg[strlen (arg)-1] == ']') {
+				if (!memcmp (arg+1, "rip", 3)) {
+					ut64 dst = r_num_math (NULL, arg+4);
+					ut32 addr = dst;
+					ut8 *ptr = (ut8 *)&addr;
+					data[l++] = 0xff;
+					data[l++] = 0x1d;
+					data[l++] = ptr[0];
+					data[l++] = ptr[1];
+					data[l++] = ptr[2];
+					data[l++] = ptr[3];
+					return l;
+				} else {
+					ut64 dst = r_num_math (NULL, arg+1);
+					ut32 addr = dst;
+					ut8 *ptr = (ut8 *)&addr;
+					int r = getreg (arg+1);
+					if (dst != 0) {
+						data[l++] = 0xff;
+						data[l++] = 0x15;
+						data[l++] = ptr[0];
+						data[l++] = ptr[1];
+						data[l++] = ptr[2];
+						data[l++] = ptr[3];
+						return l;
+					}
+					return -1;
 				}
-				l++;
+			} else {
+				ut64 dst = r_num_math (NULL, arg);
+				ut32 addr = dst;
+				ut8 *ptr = (ut8 *)&addr;
+
+				if (dst == 0) {
+					data[l++] = '\xff';
+					data[l] = getreg (arg) | 0xd0;
+					if (data[l] == 0xff) {
+						//eprintf ("Invalid argument for 'call' (%s)\n", arg);
+						return 0;
+					}
+					l++;
+					return l;
+				}
+				addr = addr - offset - 5;
+
+				data[l++] = 0xe8;
+				data[l++] = ptr[0];
+				data[l++] = ptr[1];
+				data[l++] = ptr[2];
+				data[l++] = ptr[3];
 				return l;
 			}
-			addr = addr - offset - 5;
-
-			data[l++] = 0xe8;
-			data[l++] = ptr[0];
-			data[l++] = ptr[1];
-			data[l++] = ptr[2];
-			data[l++] = ptr[3];
-			return l;
 		} else if (!strcmp (op, "inc")) {
 			data[l++] = 0x40 | getreg (arg);
 			return l;
@ -718,61 +750,91 @@ static int assemble(RAsm *a, RAsmOp *ao, const char *str) {
 			}
 			return l;
 		} else if (!strcmp (op, "jmp")) {
-			ut64 dst = r_num_get (NULL, arg) - offset;
-			ut32 addr = dst;
-			ut8 *ptr = (ut8 *)&addr;
-
-			if (dst+offset == 0) {
-				data[l++] = '\xff';
-				data[l] = getreg (arg) | 0xe0;
-				if (data[l] != 0xff)
-					return 2;
-				l++;
-				if (arg[0] == '[' && arg[strlen (arg)] == ']') {
-					data[l] = getreg (arg+1) | 0x20;
-					if (data[l] != 0xff)
+			if (arg[0] == '[' && arg[strlen (arg)-1] == ']') {
+				if (!memcmp (arg+1, "rip", 3)) {
+					ut64 dst = r_num_math (NULL, arg+4);
+					ut32 addr = dst;
+					ut8 *ptr = (ut8 *)&addr;
+					data[l++] = 0xff;
+					data[l++] = 0x25;
+					data[l++] = ptr[0];
+					data[l++] = ptr[1];
+					data[l++] = ptr[2];
+					data[l++] = ptr[3];
+					return l;
+				} else {
+					ut64 dst = r_num_math (NULL, arg+1);
+					ut32 addr = dst;
+					ut8 *ptr = (ut8 *)&addr;
+					int r = getreg (arg+1);
+					if (dst != 0) {
+						data[l++] = 0xff;
+						data[l++] = 0x25;
+						data[l++] = ptr[0];
+						data[l++] = ptr[1];
+						data[l++] = ptr[2];
+						data[l++] = ptr[3];
 						return l;
-					l++;
+					}
+					return -1;
 				}
-#if 0
-				if (!strcmp(arg, "esp")) { data[1]='\x24'; data[2]='\x24'; } else
-				if (!strcmp(arg, "ebp")) { data[1]='\x24'; data[2]='\x24'; } else
-				if (strstr(arg, "[eax")) { data[1]='\x60'; data[2]=(char)r_num_math (NULL, arg+4); } else
-				if (strstr(arg, "[ebx")) { data[1]='\x63'; data[2]=(char)r_num_math (NULL, arg+4); } else
-				if (strstr(arg, "[ecx")) { data[1]='\x61'; data[2]=(char)r_num_math (NULL, arg+4); } else
-				if (strstr(arg, "[edx")) { data[1]='\x62'; data[2]=(char)r_num_math (NULL, arg+4); } else
-				if (strstr(arg, "[esi")) { data[1]='\x66'; data[2]=(char)r_num_math (NULL, arg+4); } else
-				if (strstr(arg, "[edi")) { data[1]='\x67'; data[2]=(char)r_num_math (NULL, arg+4); } else
-				if (strstr(arg, "[esi")) { data[1]='\x67'; data[2]=(char)r_num_math (NULL, arg+4); } else
-				if (strstr(arg, "[ebp")) { data[1]='\x65'; data[2]=(char)r_num_math (NULL, arg+4); } 
-				else {
-					if (!strcmp(arg, "[esp")) { data[1]='\x64'; data[2]='\x24'; data[3]=(char)r_num_math (NULL, arg+4); }
-						else return 0;
-					return 4;
-				}
-#endif
-			}
-
-			dst -= offset;
-	// 7C90EAF5   .- E9 42158783   JMP     0018003C
-	// RELATIVE LONG JUMP (nice coz is 4 bytes, not 5) 
-
-			if (dst>-0x80 && dst<0x7f) {
-				/* relative address */
-				addr -= 2;
-				addr -= offset;
-				data[l++] = 0xeb;
-				data[l++] = (char)dst;
-				return l;
 			} else {
-				/* absolute address */
-				addr-=5;
-				data[l++]= 0xe9;
-				data[l++] = ptr[0];
-				data[l++] = ptr[1];
-				data[l++] = ptr[2];
-				data[l++] = ptr[3];
-				return l;
+				ut64 dst = r_num_get (NULL, arg) - offset;
+				ut32 addr = dst;
+				ut8 *ptr = (ut8 *)&addr;
+
+				if (dst+offset == 0) {
+					data[l++] = '\xff';
+					data[l] = getreg (arg) | 0xe0;
+					if (data[l] != 0xff)
+						return 2;
+					if (arg[0] == '[' && arg[strlen (arg)-1] == ']') {
+						data[l] = getreg (arg+1) | 0x20;
+						if (data[l] != 0xff)
+							return l+1;
+						l++;
+					}
+					return -1;
+#if 0
+					if (!strcmp(arg, "esp")) { data[1]='\x24'; data[2]='\x24'; } else
+					if (!strcmp(arg, "ebp")) { data[1]='\x24'; data[2]='\x24'; } else
+					if (strstr(arg, "[eax")) { data[1]='\x60'; data[2]=(char)r_num_math (NULL, arg+4); } else
+					if (strstr(arg, "[ebx")) { data[1]='\x63'; data[2]=(char)r_num_math (NULL, arg+4); } else
+					if (strstr(arg, "[ecx")) { data[1]='\x61'; data[2]=(char)r_num_math (NULL, arg+4); } else
+					if (strstr(arg, "[edx")) { data[1]='\x62'; data[2]=(char)r_num_math (NULL, arg+4); } else
+					if (strstr(arg, "[esi")) { data[1]='\x66'; data[2]=(char)r_num_math (NULL, arg+4); } else
+					if (strstr(arg, "[edi")) { data[1]='\x67'; data[2]=(char)r_num_math (NULL, arg+4); } else
+					if (strstr(arg, "[esi")) { data[1]='\x67'; data[2]=(char)r_num_math (NULL, arg+4); } else
+					if (strstr(arg, "[ebp")) { data[1]='\x65'; data[2]=(char)r_num_math (NULL, arg+4); } 
+					else {
+						if (!strcmp(arg, "[esp")) { data[1]='\x64'; data[2]='\x24'; data[3]=(char)r_num_math (NULL, arg+4); }
+							else return 0;
+						return 4;
+					}
+#endif
+				}
+
+				dst -= offset;
+		// 7C90EAF5   .- E9 42158783   JMP     0018003C
+		// RELATIVE LONG JUMP (nice coz is 4 bytes, not 5) 
+
+				if (dst>-0x80 && dst<0x7f) {
+					/* relative address */
+					addr -= 2;
+					addr -= offset;
+					data[l++] = 0xeb;
+					data[l++] = (char)dst;
+					return l;
+				} else {
+					/* absolute address */
+					addr-=5;
+					data[l++]= 0xe9;
+					data[l++] = ptr[0];
+					data[l++] = ptr[1];
+					data[l++] = ptr[2];
+					data[l++] = ptr[3];
+					return l;
+				}
 			}
 		} else
 // SPAGUETTI
--- a/libr/core/cmd_search.c
+++ b/libr/core/cmd_search.c
@ -1,4 +1,4 @@
-/* radare - LGPL - Copyright 2009-2012 // pancake<nopcode.org> */
+/* radare - LGPL - Copyright 2009-2012 - pancake */

 static int preludecnt = 0;
 static int searchflags = 0;
@ -121,11 +121,6 @@ static int __cb_hit(RSearchKeyword *kw, void *user, ut64 addr) {
 		char flag[64];
 		snprintf (flag, sizeof (flag), "%s%d_%d", searchprefix, kw->kwidx, kw->count);
 		r_flag_set (core->flags, flag, addr, kw->keyword_length, 1);
-#if 0
-		// TODO: use r_flag_set ()
-		r_core_cmdf (core, "f %s%d_%d %d 0x%08"PFMT64x"\n", searchprefix,
-			kw->kwidx, kw->count, kw->keyword_length, addr);
-#endif
 	}
 	if (!strnull (cmdhit)) {
 		ut64 here = core->offset;
@ -494,8 +489,6 @@ static int cmd_search(void *data, const char *input) {
 		" e search.flags = true ; if enabled store flags on keyword hits\n");
 		break;
 	}
-	if (core->io->va)
-		eprintf ("Searching with io.va enabled can be wrong.\n");
 	searchhits = 0;
 	r_config_set_i (core->config, "search.kwidx", core->search->n_kws);
 	if (dosearch) {
@ -566,4 +559,3 @@ static int cmd_search(void *data, const char *input) {
 	}
 	return R_TRUE;
 }
-
--- a/libr/core/file.c
+++ b/libr/core/file.c
@ -180,8 +180,10 @@ R_API RCoreFile *r_core_file_open(RCore *r, const char *file, int mode, ut64 loa
 	const char *cp;
 	char *p;
 	RIODesc *fd;
-	if (!strcmp (file, "-"))
+	if (!strcmp (file, "-")) {
 		file = "malloc://512";
+		mode = 4|2;
+	}
 	r->io->bits = r->assembler->bits; // TODO: we need an api for this
 	fd = r_io_open (r->io, file, mode, 0644);
 	if (fd == NULL) {
--- a/libr/core/yank.c
+++ b/libr/core/yank.c
@ -1,4 +1,4 @@
-/* radare - LGPL - Copyright 2009-2012 pancake<nopcode.org> */
+/* radare - LGPL - Copyright 2009-2012 - pancake */

 #include "r_core.h"

@ -46,15 +46,15 @@ R_API int r_core_yank_paste(struct r_core_t *core, ut64 addr, int len) {
 	return R_TRUE;
 }

-// TODO: arg must be const !!! use strdup here
-R_API int r_core_yank_to(RCore *core, char *arg) {
+R_API int r_core_yank_to(RCore *core, const char *_arg) {
 	ut64 src = core->offset;
 	ut64 len = 0;
 	ut64 pos = -1;
-	char *str;
+	char *str, *arg;
 	ut8 *buf;

-	while (*arg==' ') arg++;
+	while (*_arg==' ') _arg++;
+	arg = strdup (_arg);
 	str = strchr (arg, ' ');
 	if (str) {
 		str[0]='\0';
@ -64,6 +64,7 @@ R_API int r_core_yank_to(RCore *core, char *arg) {
 	}
 	if ((str == NULL) || (pos == -1) || (len == 0)) {
 		eprintf ("Usage: yt [len] [dst-addr]\n");
+		free (arg);
 		return 1;
 	}
 #if 0
@ -79,5 +80,6 @@ R_API int r_core_yank_to(RCore *core, char *arg) {

 	core->offset = src;
 	r_core_block_read (core, 0);
+	free (arg);
 	return 0;
 }
--- a/libr/include/r_core.h
+++ b/libr/include/r_core.h
@ -174,7 +174,7 @@ R_API int r_core_write_op(RCore *core, const char *arg, char op);
 R_API int r_core_yank(RCore *core, ut64 addr, int len);
 R_API int r_core_yank_paste(RCore *core, ut64 addr, int len);
 R_API void r_core_yank_set (RCore *core, const char *str);
-R_API int r_core_yank_to(RCore *core, char *arg);
+R_API int r_core_yank_to(RCore *core, const char *arg);

 R_API int r_core_loadlibs(RCore *core);
 // FIXME: change (void *user) -> (RCore *core)