Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2024-11-27 15:10:53 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Correct hit results for /m and update tests

Browse Source
This commit is contained in:
Sylvain Pelissier 2022-10-13 16:22:23 +02:00 committed by pancake
parent a06ade1796
commit d65d7c23d7
5 changed files with 111 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
libr/core/cmd_magic.c
View File

@ -6,19 +6,16 @@
static R_TH_LOCAL int magicdepth = 99;
static R_TH_LOCAL RMagic *ck = NULL; // XXX: Use RCore->magic
static R_TH_LOCAL char *ofile = NULL;
static R_TH_LOCAL int kw_count = 0;
static void r_core_magic_reset(RCore *core) {
kw_count = 0;
}
static int r_core_magic_at(RCore *core, const char *file, ut64 addr, int depth, int v, PJ *pj, int *hits) {
static int r_core_magic_at(RCore *core, RSearchKeyword *kw, const char *file, ut64 addr, int depth, int v, PJ *pj, int *hits) {
const char *fmt;
char *q, *p;
const char *str;
int delta = 0, adelta = 0, ret;
ut64 curoffset = core->offset;
int max_hits = r_config_get_i (core->config, "search.maxhits");
char *flag;
if (max_hits > 0 && *hits >= max_hits) {
return 0;
}
@ -116,7 +113,7 @@ static int r_core_magic_at(RCore *core, const char *file, ut64 addr, int depth,
}
p = strdup (str);
fmt = p;
// processing newlinez
// processing newline
for (q = p; *q; q++) {
if (q[0] == '\\' && q[1]=='n') {
*q = '\n';
@ -128,15 +125,22 @@ static int r_core_magic_at(RCore *core, const char *file, ut64 addr, int depth,
if (cmdhit && *cmdhit) {
r_core_cmd0 (core, cmdhit);
}
{
const char *searchprefix = r_config_get (core->config, "search.prefix");
char *flag = r_str_newf ("%s%d_%d", searchprefix, 0, kw_count++);
const char *searchprefix = r_config_get (core->config, "search.prefix");
// We do not flag for pm command.
if (kw) {
flag = r_str_newf ("%s%d_%d", searchprefix, kw->kwidx, kw->count);
r_flag_set (core->flags, flag, addr + adelta, 1);
free (flag);
}
// TODO: This must be a callback .. move this into RSearch?
if (!pj) {
r_cons_printf ("0x%08"PFMT64x" %d %s\n", addr + adelta, magicdepth - depth, p);
if (kw) {
r_cons_printf ("0x%08" PFMT64x " %d %s %s\n", addr + adelta, magicdepth - depth, flag, p);
R_FREE (flag);
} else {
r_cons_printf ("0x%08" PFMT64x " %d %s\n", addr + adelta, magicdepth - depth, p);
}
} else {
pj_o (pj);
pj_kN (pj, "offset", addr + adelta);
@ -144,6 +148,7 @@ static int r_core_magic_at(RCore *core, const char *file, ut64 addr, int depth,
pj_ks (pj, "info", p);
pj_end (pj);
}
if (must_report_progress) {
r_cons_clear_line (1);
}
@ -166,13 +171,13 @@ static int r_core_magic_at(RCore *core, const char *file, ut64 addr, int depth,
if (R_STR_ISEMPTY (fmt)) {
fmt = file;
}
r_core_magic_at (core, fmt, addr, depth, 1, pj, hits);
r_core_magic_at (core, kw, fmt, addr, depth, 1, pj, hits);
*q = '@';
}
break;
}
}
free (p);
R_FREE (p);
r_magic_free (ck);
ck = NULL;
// return adelta+1;
@ -198,8 +203,9 @@ seek_exit:
static void r_core_magic(RCore *core, const char *file, int v, PJ *pj) {
ut64 addr = core->offset;
int hits = 0;
magicdepth = r_config_get_i (core->config, "magic.depth"); // TODO: do not use global var here
r_core_magic_at (core, file, addr, magicdepth, v, pj, &hits);
r_core_magic_at (core, NULL, file, addr, magicdepth, v, pj, &hits);
if (pj) {
r_cons_newline ();
}

11
libr/core/cmd_search.c
View File

@ -4113,10 +4113,17 @@ reread:
ut64 addr = search_itv.addr;
RListIter *iter;
RIOMap *map;
RSearchKeyword *kw;
kw = r_search_keyword_new_hexmask ("00", NULL);
kw->keyword_length = 1;
r_search_reset (core->search, R_SEARCH_MAGIC);
r_search_kw_add (core->search, kw);
if (param.outmode == R_MODE_JSON) {
pj_a (param.pj);
}
r_core_magic_reset (core);
int maxHits = r_config_get_i (core->config, "search.maxhits");
int hits = 0;
r_list_foreach (param.boundaries, iter, map) {
@ -4128,7 +4135,7 @@ reread:
if (r_cons_is_breaked ()) {
break;
}
ret = r_core_magic_at (core, file, addr, 99, false, param.outmode == R_MODE_JSON ? param.pj : NULL, &hits);
ret = r_core_magic_at (core, kw, file, addr, 99, false, param.outmode == R_MODE_JSON? param.pj: NULL, &hits);
if (ret == -1) {
// something went terribly wrong.
break;

76
test/db/cmd/cmd_search
View File

@ -39,22 +39,6 @@ EXPECT=<<EOF
EOF
RUN
NAME=/m lzma
FILE=bins/other/hello-world.lzma
CMDS=pm
EXPECT=<<EOF
0x00000000 1 LZMA BE compressed data dictionary size: 32768 bytes
EOF
RUN
NAME=/m lzma
FILE=bins/other/smol.lzma
CMDS=pm
EXPECT=<<EOF
0x00000000 1 LZMA LE compressed data dictionary size: 2162620 bytes
EOF
RUN
NAME=/r push [imm] refs
FILE=bins/pe/x.dll
CMDS=/r 0x69682004
@ -551,34 +535,6 @@ EXPECT=<<EOF
EOF
RUN
NAME=/m search from/to (seek 0)
FILE=bins/pe/standard.exe
CMDS=<<EOF
e io.va = false
s 0
e search.from = 0
e search.to = 0x10
/m
EOF
EXPECT=<<EOF
0x00000000 1 PE for MS Windows Intel 80386 32-bit
EOF
RUN
NAME=/m search from/to (seek beyond data)
FILE=bins/pe/standard.exe
CMDS=<<EOF
e io.va = false
s 0x1000
e search.from = 0
e search.to = 0x10
/m
EOF
EXPECT=<<EOF
0x00000000 1 PE for MS Windows Intel 80386 32-bit
EOF
RUN
NAME=/o search offset of instructions backward
FILE=malloc://1024
ARGS=-a x86 -b 32
@ -624,21 +580,6 @@ EXPECT=<<EOF
EOF
RUN
NAME=/m search seek
FILE=bins/pe/standard.exe
CMDS=<<EOF
e io.va = false
s 0x1000
/m~[0]
s
/fm
EOF
EXPECT=<<EOF
0x00000000
0x1000
EOF
RUN
NAME=/mj test json output
FILE=bins/elf/analysis/x86-simple
CMDS=/mj
@ -1109,14 +1050,21 @@ EXPECT=<<EOF
0x00000004 hit0_0 "ZZZZAAABAAA"
EOF
RUN
NAME=/m on Info
FILE=bins/other/Info.plist
NAME=pm lzma
FILE=bins/other/hello-world.lzma
CMDS=<<EOF
/m
pm
EOF
EXPECT=<<EOF
0x00000000 1 Binary PLIST data stream
0x00000000 1 LZMA BE compressed data dictionary size: 32768 bytes
EOF
RUN
NAME=pm lzma
FILE=bins/other/smol.lzma
CMDS=pm
EXPECT=<<EOF
0x00000000 1 LZMA LE compressed data dictionary size: 2162620 bytes
EOF
RUN

70
test/db/cmd/cmd_search_magic
View File

@ -1,9 +1,75 @@
NAME=search magic
NAME=search magic Flash
FILE=bins/swf/CurveBall.swf
CMDS=<<EOF
/m
/m
EOF
EXPECT=<<EOF
0x00000000 1 Macromedia Flash data, version 5 file size (header included) 67765
0x00000000 1 hit0_0 Macromedia Flash data, version 5 file size (header included) 67765
0x00000000 1 hit1_0 Macromedia Flash data, version 5 file size (header included) 67765
EOF
RUN
NAME=search magic JSON GPG
FILE=bins/other/private.pgp
CMDS=<<EOF
/mj
EOF
EXPECT=<<EOF
[{"offset":5,"depth":1,"info":"PGP Private key"}]
EOF
RUN
NAME=/m search from/to (seek 0)
FILE=bins/pe/standard.exe
CMDS=<<EOF
e io.va = false
s 0
e search.from = 0
e search.to = 0x10
/m
EOF
EXPECT=<<EOF
0x00000000 1 hit0_0 PE for MS Windows Intel 80386 32-bit
EOF
RUN
NAME=/m search from/to (seek beyond data)
FILE=bins/pe/standard.exe
CMDS=<<EOF
e io.va = false
s 0x1000
e search.from = 0
e search.to = 0x10
/m
EOF
EXPECT=<<EOF
0x00000000 1 hit0_0 PE for MS Windows Intel 80386 32-bit
EOF
RUN
NAME=/m search seek
FILE=bins/pe/standard.exe
CMDS=<<EOF
e io.va = false
s 0x1000
/m~[0]
s
/fm
EOF
EXPECT=<<EOF
0x00000000
0x1000
EOF
RUN
NAME=/m on Info
FILE=bins/other/Info.plist
CMDS=<<EOF
e search.prefix = magic
/m
EOF
EXPECT=<<EOF
0x00000000 1 magic0_0 Binary PLIST data stream
EOF
RUN

2
test/db/tools/rafind2
View File

@ -151,7 +151,7 @@ NAME=rafind2 -m
FILE=-
CMDS=!!rafind2 -m bins/elf/ioli/crackme0x00
EXPECT=<<EOF
0x00000000 1 ELF 32-bit LSB executable, Intel 80386, version 1
0x00000000 1 hit0_0 ELF 32-bit LSB executable, Intel 80386, version 1
EOF
RUN