Mirrors_Framework/ghidra
1
0
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra.git synced 2026-05-25 07:39:20 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/GP-3093_ghidra1_ElfGotNPE' into patch

Browse Source
This commit is contained in:
Ryan Kurtz
2023-02-15 13:46:01 -05:00
parent 6f80f8bd3c 655c355783
commit 498b5c0ba6
2 changed files with 29 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/ElfDefaultGotPltMarkup.java
+14 -6
View File
@@ -369,11 +369,11 @@ public class ElfDefaultGotPltMarkup {
return; // evidence of prior markup - skip GOT processing
}
try {
// Fixup first GOT entry which frequently refers to _DYNAMIC but generally lacks relocation (e.g. .got.plt)
ElfDynamicTable dynamicTable = elf.getDynamicTable();
long imageBaseAdj = elfLoadHelper.getImageBaseWordAdjustmentOffset();
if (dynamicTable != null && imageBaseAdj != 0) {
// Fixup first GOT entry which frequently refers to _DYNAMIC but generally lacks relocation (e.g. .got.plt)
ElfDynamicTable dynamicTable = elf.getDynamicTable();
long imageBaseAdj = elfLoadHelper.getImageBaseWordAdjustmentOffset();
if (dynamicTable != null && imageBaseAdj != 0) {
try {
long entry1Value = elfLoadHelper.getOriginalValue(gotStart, false);
if (entry1Value == dynamicTable.getAddressOffset()) {
// TODO: record artificial relative relocation for reversion/export concerns
@@ -388,9 +388,17 @@ public class ElfDefaultGotPltMarkup {
}
}
}
catch (Exception e) {
String msg =
"Failed to process first GOT entry at " + gotStart + ": " + e.getMessage();
log(msg);
Msg.error(this, msg, e);
}
}
boolean imageBaseAlreadySet = elf.isPreLinked();
boolean imageBaseAlreadySet = elf.isPreLinked();
try {
Address newImageBase = null;
Address nextGotAddr = gotStart;
while (nextGotAddr.compareTo(gotEnd) <= 0) {
Ghidra/Features/Base/src/main/java/ghidra/app/util/opinion/ElfProgramBuilder.java
+15 -6
View File
@@ -979,17 +979,26 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
@Override
public long getOriginalValue(Address addr, boolean signExtend) throws MemoryAccessException {
byte[] bytes;
byte[] bytes = null;
int len = elf.is64Bit() ? 8 : 4;
List<Relocation> relocations = program.getRelocationTable().getRelocations(addr);
if (relocations.isEmpty()) {
for (Relocation r : relocations) {
bytes = r.getBytes();
if (bytes != null) {
if (bytes.length != len) {
// unsupported relocation length
throw new MemoryAccessException(
"Failed to identify " + len + " bytes from relocation at " + addr +
", was " + bytes.length + " bytes instead");
}
break;
}
}
if (bytes == null) {
bytes = new byte[len];
memory.getBytes(addr, bytes);
}
else {
// use bytes from first relocation
bytes = relocations.get(0).getBytes();
}
DataConverter dataConverter = DataConverter.getInstance(elf.isBigEndian());
return signExtend ? dataConverter.getSignedValue(bytes, len)
: dataConverter.getValue(bytes, len);