Add LC_AOT_METADATA parsing support for mach0 ##bin

2024-11-24 05:40:10 +00:00 · 2023-04-09 12:22:52 +02:00 · 2023-04-09 12:22:52 +02:00 · de31667fc8
commit de31667fc8
parent d7b083c068
8 changed files with 139 additions and 70 deletions
--- a/libr/bin/format/mach0/mach0.c
+++ b/libr/bin/format/mach0/mach0.c
@ -234,12 +234,15 @@ static void init_sdb_formats(struct MACH0_(obj_t) *bin) {
 		"[4]Eddd "
 		"(mach0_load_command_type)cmd cmdsize flavor count",
 		0);
+	sdb_set (bin->kv, "mach0_aot_metadata.format",
+		"[4]Eddddddd "
+		"(mach0_load_command_type)cmd cmdsize imagepathoffset imagepathlen field10 field14 x64code field1c",
+		0);
 }

 static bool init_hdr(struct MACH0_(obj_t) *bin) {
 	ut8 magicbytes[4] = {0};
 	ut8 machohdrbytes[sizeof (struct MACH0_(mach_header))] = {0};
-	int len;

 	if (r_buf_read_at (bin->b, 0 + bin->header_at, magicbytes, 4) < 1) {
 		return false;
@ -259,9 +262,9 @@ static bool init_hdr(struct MACH0_(obj_t) *bin) {
 	} else {
 		return false; // object files are magic == 0, but body is different :?
 	}
-	len = r_buf_read_at (bin->b, bin->header_at, machohdrbytes, sizeof (machohdrbytes));
+	int len = r_buf_read_at (bin->b, bin->header_at, machohdrbytes, sizeof (machohdrbytes));
 	if (len != sizeof (machohdrbytes)) {
-		bprintf ("read (hdr)\n");
+		R_LOG_WARN ("cannot read magic header");
 		return false;
 	}
 	bin->hdr.magic = r_read_ble (&machohdrbytes[0], bin->big_endian, 32);
@ -529,6 +532,18 @@ error:
 	return false;
 }

+static bool parse_aot_metadata(struct MACH0_(obj_t) *bin, ut64 off) {
+	ut32 words[8];
+	if (r_buf_fread_at (bin->b, off, (ut8*)&words, "8i", 1) == -1) {
+		return false;
+	}
+	// TODO: add flags for this or sthg
+	R_LOG_INFO ("AOT: Image path offset: 0x%08x", words[2]);
+	R_LOG_INFO ("AOT: Image path length: 0x%08x", words[3]);
+	R_LOG_INFO ("AOT: X64- code section: 0x%08x", words[6]);
+	return true;
+}
+
 static bool parse_dysymtab(struct MACH0_(obj_t) *bin, ut64 off) {
 	size_t len, i;
 	ut32 size_tab;
@ -537,7 +552,7 @@ static bool parse_dysymtab(struct MACH0_(obj_t) *bin, ut64 off) {
 	ut8 dymod[sizeof (struct MACH0_(dylib_module))] = {0};
 	ut8 idsyms[sizeof (ut32)] = {0};

-	if (off > bin->size || off + sizeof (struct dysymtab_command) > bin->size) {
+	if (off > bin->size || off + sizeof (struct dysymtab_command) >= bin->size) {
 		return false;
 	}

@ -546,7 +561,7 @@ static bool parse_dysymtab(struct MACH0_(obj_t) *bin, ut64 off) {
 		bprintf ("Error: read (dysymtab)\n");
 		return false;
 	}
-
+	// use r_buf_fread instead of all this duck typing
 	bin->dysymtab.cmd = r_read_ble32 (&dysym[0], bin->big_endian);
 	bin->dysymtab.cmdsize = r_read_ble32 (&dysym[4], bin->big_endian);
 	bin->dysymtab.ilocalsym = r_read_ble32 (&dysym[8], bin->big_endian);
@ -1343,6 +1358,8 @@ static const char *cmd_tostring(ut32 cmd) {
 		return "LC_FVMFILE";
 	case LC_PREPAGE:
 		return "LC_PREPAGE";
+	case LC_AOT_METADATA:
+		return "LC_AOT_METADATA";
 	}
 	return "";
 }
@ -1443,6 +1460,8 @@ static const char *cmd_to_pf_definition(ut32 cmd) {
 		return NULL;
 	case LC_UNIXTHREAD:
 		return "mach0_unixthread_command";
+	case LC_AOT_METADATA:
+		return "mach0_aot_metadata";
 	}
 	return NULL;
 }
@ -1780,6 +1799,12 @@ static int init_items(struct MACH0_(obj_t) *bin) {
 				return false;
 			}
 			break;
+		case LC_AOT_METADATA:
+			sdb_set (bin->kv, cmd_flagname, "aot_metadata", 0);
+			if (!parse_aot_metadata (bin, off)) {
+				return false;
+			}
+			break;
 		case LC_DYLIB_CODE_SIGN_DRS:
 			sdb_set (bin->kv, cmd_flagname, "dylib_code_sign_drs", 0);
 			//bprintf ("[mach0] code is signed\n");
--- a/libr/bin/format/mach0/mach0_defines.h
+++ b/libr/bin/format/mach0/mach0_defines.h
@ -171,6 +171,7 @@ enum LoadCommandType {
 	LC_BUILD_VERSION        = 0x00000032u,
 	LC_DYLD_EXPORTS_TRIE    = 0x80000033u,
 	LC_DYLD_CHAINED_FIXUPS  = 0x80000034u,
+	LC_AOT_METADATA         = 0xcacaca01u,
 	LC_KEXT  = 0x80000035u, /* TODO: get the right name */
 /*
 Load command 9
--- a/libr/bin/format/mach0/mach0_specs.h
+++ b/libr/bin/format/mach0/mach0_specs.h
@ -22,54 +22,54 @@ typedef int integer_t;
 #define R_BIN_MACH0_SYMBOL_TYPE_LOCAL 1

 struct x86_thread_state32 {
-	ut32	eax;
-	ut32	ebx;
-	ut32	ecx;
-	ut32	edx;
-	ut32	edi;
-	ut32	esi;
-	ut32	ebp;
-	ut32	esp;
-	ut32	ss;
-	ut32	eflags;
-	ut32	eip;
-	ut32	cs;
-	ut32	ds;
-	ut32	es;
-	ut32	fs;
-	ut32	gs;
+	ut32 eax;
+	ut32 ebx;
+	ut32 ecx;
+	ut32 edx;
+	ut32 edi;
+	ut32 esi;
+	ut32 ebp;
+	ut32 esp;
+	ut32 ss;
+	ut32 eflags;
+	ut32 eip;
+	ut32 cs;
+	ut32 ds;
+	ut32 es;
+	ut32 fs;
+	ut32 gs;
 };

 struct x86_thread_state64 {
-	ut64	rax;
-	ut64	rbx;
-	ut64	rcx;
-	ut64	rdx;
-	ut64	rdi;
-	ut64	rsi;
-	ut64	rbp;
-	ut64	rsp;
-	ut64	r8;
-	ut64	r9;
-	ut64	r10;
-	ut64	r11;
-	ut64	r12;
-	ut64	r13;
-	ut64	r14;
-	ut64	r15;
-	ut64	rip;
-	ut64	rflags;
-	ut64	cs;
-	ut64	fs;
-	ut64	gs;
+	ut64 rax;
+	ut64 rbx;
+	ut64 rcx;
+	ut64 rdx;
+	ut64 rdi;
+	ut64 rsi;
+	ut64 rbp;
+	ut64 rsp;
+	ut64 r8;
+	ut64 r9;
+	ut64 r10;
+	ut64 r11;
+	ut64 r12;
+	ut64 r13;
+	ut64 r14;
+	ut64 r15;
+	ut64 rip;
+	ut64 rflags;
+	ut64 cs;
+	ut64 fs;
+	ut64 gs;
 };

-#define X86_THREAD_STATE32	1
-#define X86_THREAD_STATE64	4
+#define X86_THREAD_STATE32 1
+#define X86_THREAD_STATE64 4

 struct ppc_thread_state32 {
-	ut32 srr0;  /* Instruction address register (PC) */
-	ut32 srr1;	/* Machine state register (supervisor) */
+	ut32 srr0; /* Instruction address register (PC) */
+	ut32 srr1; /* Machine state register (supervisor) */
 	ut32 r0;
 	ut32 r1;
 	ut32 r2;
--- a/libr/core/cmd_write.c
+++ b/libr/core/cmd_write.c
@ -92,25 +92,25 @@ static RCoreHelpMessage help_msg_we = {

 static RCoreHelpMessage help_msg_wo = {
 	"Usage:","wo[asmdxoArl24]"," [hexpairs] @ addr[!bsize] write operation in current block",
-	"wo2", "", "2=  2 byte endian swap (word)",
-	"wo4", "", "4=  4 byte endian swap (dword)",
-	"wo8", "", "8=  8 byte endian swap (qword)",
+	"wo2", "", "2= 2 byte endian swap (word)",
+	"wo4", "", "4= 4 byte endian swap (dword)",
+	"wo8", "", "8= 8 byte endian swap (qword)",
 	"woa", " [hexpair]", "+= addition (f.ex: woa 0102)",
-	"woA", " [hexpair]", "&=  and",
-	"wod", " [hexpair]", "/=  divide",
+	"woA", " [hexpair]", "&= and",
+	"wod", " [hexpair]", "/= divide",
 	"woD", " [algo] [key] [IV]", "decrypt current block with given algo and key",
 	"woE", " [algo] [key] [IV]", "encrypt current block with given algo and key",
-	"woe", " [from to] [step] [wsz=1]","..  create sequence",
+	"woe", " [from] ([to] [step] [wsz=1])", "write enumeration sequence i0 01 02 ..",
 	"woi", "", "inverse bytes in current block",
 	"wol", " [val]", "<<= shift left",
-	"wom", " [val]", "*=  multiply",
-	"woo", " [val]", "|=  or",
+	"wom", " [val]", "*= multiply",
+	"woo", " [val]", "|= or",
 	"wop[DO]", " [arg]", "De Bruijn Patterns",
 	"wor", " [val]", ">>= shift right",
 	"woR", "", "random bytes (alias for 'wr $b')",
-	"wos", " [val]", "-=  substraction",
-	"wow", " [val]", "==  write looped value (alias for 'wb')",
-	"wox", " [val]", "^=  xor  (f.ex: wox 0x90)",
+	"wos", " [val]", "-= substraction",
+	"wow", " [val]", "== write looped value (alias for 'wb')",
+	"wox", " [val]", "^= xor (f.ex: wox 0x90)",
 	NULL
 };

@ -2092,8 +2092,8 @@ repeat:
 					if (input[1] == '*') {
 						r_cons_printf ("wx %s\n", hex);
 					} else {
-						if (r_config_get_i (core->config, "scr.prompt")) {
-							eprintf ("Written %d byte(s) (%s)=wx %s\n", acode->len, input, hex);
+						if (r_config_get_b (core->config, "scr.prompt")) {
+							R_LOG_INFO ("Written %d byte(s) (%s)=wx %s", acode->len, input, hex);
 						}
 						if (!r_core_write_at (core, core->offset, acode->bytes, acode->len)) {
 							cmd_write_fail (core);
--- a/libr/core/core.c
+++ b/libr/core/core.c
@ -1,4 +1,4 @@
-/* radare2 - LGPL - Copyright 2009-2022 - pancake */
+/* radare2 - LGPL - Copyright 2009-2023 - pancake */

 #define R_LOG_ORIGIN "core"

@ -3444,7 +3444,7 @@ static void set_prompt(RCore *r) {
 		r_core_cmd (r, cmdprompt, 0);
 	}

-	if (r_config_get_i (r->config, "scr.prompt.file")) {
+	if (r_config_get_b (r->config, "scr.prompt.file")) {
 		free (filename);
 		filename = r_str_newf ("\"%s\"",
 			r->io->desc ? r_file_basename (r->io->desc->name) : "");
@ -3473,10 +3473,10 @@ static void set_prompt(RCore *r) {
 		int promptset = false;

 		sec[0] = '\0';
-		if (r_config_get_i (r->config, "scr.prompt.flag")) {
+		if (r_config_get_b (r->config, "scr.prompt.flag")) {
 			promptset = prompt_flag (r, p, sizeof (p));
 		}
-		if (r_config_get_i (r->config, "scr.prompt.sect")) {
+		if (r_config_get_b (r->config, "scr.prompt.sect")) {
 			prompt_sec (r, sec, sizeof (sec));
 		}

--- a/libr/core/rtr.c
+++ b/libr/core/rtr.c
@ -1202,7 +1202,7 @@ static void rtr_cmds_read(uv_stream_t *client, ssize_t nread, const uv_buf_t *bu
 		client_context->res = strdup ("\n");
 	}

-	if (!client_context->res || (!r_config_get_i (client_context->core->config, "scr.prompt") &&
+	if (!client_context->res || (!r_config_get_b (client_context->core->config, "scr.prompt") &&
 				 !strcmp ((char *)buf, "q!")) ||
 				 !strcmp ((char *)buf, ".--")) {
 		rtr_cmds_client_close ((uv_tcp_t *) client, true);
@ -1360,9 +1360,7 @@ R_API int r_core_rtr_cmds(RCore *core, const char *port) {
 					buf[i] = buf[i + 1]? ';': '\0';
 				}
 			}
-			if ((!r_config_get_i (core->config, "scr.prompt") &&
-			     !strcmp ((char *)buf, "q!")) ||
-			    !strcmp ((char *)buf, ".--")) {
+			if ((!r_config_get_b (core->config, "scr.prompt") && !strcmp ((char *)buf, "q!")) || !strcmp ((char *)buf, ".--")) {
 				r_socket_close (ch);
 				break;
 			}
--- a/test/db/cmd/cmd_open
+++ b/test/db/cmd/cmd_open
@ -84,7 +84,7 @@ o~?
 EOF
 EXPECT=<<EOF
 0
-58
+59
 1
 EOF
 RUN
@ -99,8 +99,8 @@ pf.~?
 o~?
 EOF
 EXPECT=<<EOF
-58
-58
+59
+59
 1
 EOF
 RUN
--- a/test/db/formats/mach0/mach0
+++ b/test/db/formats/mach0/mach0
@ -311,3 +311,48 @@ nth paddr      vaddr      bind   type size lib name
 3   0x00007fb0 0x00007fb0 LOCAL  FUNC 0        func.00007fb0
 EOF
 RUN
+
+NAME=mach0 aot
+FILE=bins/mach0/libswiftCoreImage.dylib.aot
+CMDS=ih
+EXPECT_ERR=<<EOF
+INFO: AOT: Image path offset: 0x00000970
+INFO: AOT: Image path length: 0x00000089
+INFO: AOT: X64- code section: 0x00005a70
+EOF
+EXPECT=<<EOF
+pf.mach0_header @ 0x00000000
+0x00000000  Magic       0xfeedfacf
+0x00000004  CpuType     0x100000c
+0x00000008  CpuSubType  0x0
+0x0000000c  FileType    0x2
+0x00000010  nCmds       6
+0x00000014  sizeOfCmds  504
+0x00000018  Flags       0x200001
+pf.mach0_segment64 @ 0x00000020
+0x00000020  cmd       0 0x19 LC_SEGMENT_64
+0x00000024  cmdsize     152
+0x00000028  name        __TEXT
+pf.mach0_section64 @ 0x00000068
+pf.mach0_segment64 @ 0x000000b8
+0x000000b8  cmd       1 0x19 LC_SEGMENT_64
+0x000000bc  cmdsize     72
+0x000000c0  name        __RUNTIME
+pf.mach0_segment64 @ 0x00000100
+0x00000100  cmd       2 0x19 LC_SEGMENT_64
+0x00000104  cmdsize     152
+0x00000108  name        __DATA
+pf.mach0_section64 @ 0x00000148
+pf.mach0_segment64 @ 0x00000198
+0x00000198  cmd       3 0x19 LC_SEGMENT_64
+0x0000019c  cmdsize     72
+0x000001a0  name        __LINKEDIT
+pf.mach0_aot_metadata @ 0x000001e0
+0x000001e0  cmd       4 0xcacaca01 LC_AOT_METADATA
+0x000001e4  cmdsize     32
+pf.mach0_symtab_command @ 0x00000200
+0x00000200  cmd       5 0x2 LC_SYMTAB
+0x00000204  cmdsize     24
+EOF
+RUN
+