Mirrors_Framework/ghidra
1
0
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra.git synced 2026-05-27 22:35:32 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

GP-2748 added calling convention for elf entry point

Browse Source
This commit is contained in:
James
2023-04-03 15:35:27 +00:00
parent c324e0cd48
commit 6258dd9eee
6 changed files with 140 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Ghidra/Features/Base/src/main/java/ghidra/app/util/opinion/ElfProgramBuilder.java
+36 -27
View File
@@ -15,12 +15,11 @@
*/
package ghidra.app.util.opinion;
import java.util.*;
import java.io.*;
import java.math.BigInteger;
import java.nio.file.AccessMode;
import java.text.NumberFormat;
import java.util.*;
import org.apache.commons.compress.compressors.xz.XZCompressorInputStream;
import org.apache.commons.lang3.StringUtils;
@@ -61,6 +60,7 @@ import utilities.util.FileUtilities;
class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
public static final String BLOCK_SOURCE_NAME = "Elf Loader";
public static final String PROCESS_ENTRY_CALLING_CONVENTION_NAME = "processEntry";
private static final String SEGMENT_NAME_PREFIX = "segment_";
private static final String UNALLOCATED_NAME_PREFIX = "unallocated_";
@@ -198,8 +198,8 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
}
}
private void createFileBytes(ByteProvider byteProvider,
TaskMonitor monitor) throws IOException, CancelledException {
private void createFileBytes(ByteProvider byteProvider, TaskMonitor monitor)
throws IOException, CancelledException {
monitor.setMessage("Loading FileBytes...");
try (InputStream fileIn = byteProvider.getInputStream(0);
MonitoredInputStream mis = new MonitoredInputStream(fileIn, monitor)) {
@@ -212,8 +212,7 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
}
private void adjustSegmentAndSectionFileAllocations(ByteProvider byteProvider,
TaskMonitor monitor)
throws IOException, CancelledException {
TaskMonitor monitor) throws IOException, CancelledException {
// Identify file ranges not allocated to segments or sections
RangeMap fileMap = new RangeMap();
@@ -287,8 +286,8 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
String name = UNALLOCATED_NAME_PREFIX + unallocatedIndex++;
try {
addInitializedMemorySection(null, start, length,
AddressSpace.OTHER_SPACE.getMinAddress(),
name, false, false, false, null, false, false);
AddressSpace.OTHER_SPACE.getMinAddress(), name, false, false, false, null,
false, false);
}
catch (AddressOverflowException e) {
// ignore
@@ -670,11 +669,25 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
monitor.setMessage("Creating entry points...");
long entry = elf.e_entry(); // already adjusted for pre-link
if (entry != 0) {
if (entry != 0 && (elf.isExecutable() || elf.isSharedObject())) {
Address entryAddr =
createEntryFunction(ElfLoader.ELF_ENTRY_FUNCTION_NAME, entry, monitor);
if (entryAddr != null) {
addElfHeaderReferenceMarkup(elf.getEntryComponentOrdinal(), entryAddr);
Function entryFunc = program.getFunctionManager().getFunctionAt(entryAddr);
//note: ElfConstants.ELFOSABI_NONE is used when the are no os/abi-specific
//elf extensions, i.e., plain vanilla elf.
//note: this value can also represent "unspecified"
if (entryFunc != null && (elf.e_ident_osabi() == ElfConstants.ELFOSABI_LINUX ||
elf.e_ident_osabi() == ElfConstants.ELFOSABI_NONE)) {
try {
entryFunc.setCallingConvention(PROCESS_ENTRY_CALLING_CONVENTION_NAME);
}
catch (InvalidInputException e) {
//calling convention for process entry not defined in the appropriate cspec
//just skip
}
}
}
}
@@ -929,7 +942,7 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
}
processRelocationTableEntries(relocationTable, context, relocationSpace, baseOffset,
monitor);
monitor);
}
private void processRelocationTableEntries(ElfRelocationTable relocationTable,
@@ -1520,7 +1533,6 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
symbolTables.addAll(List.of(elf.getSymbolTables()));
symbolTables.addAll(getGnuDebugDataSymbolTables(monitor));
int totalCount = 0;
for (ElfSymbolTable elfSymbolTable : symbolTables) {
totalCount += elfSymbolTable.getSymbolCount();
@@ -1769,8 +1781,8 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
// Unable to place symbol within relocatable if section missing/stripped
else if (elf.isRelocatable()) {
log("No Memory for symbol: " + elfSymbol.getFormattedName() +
" - 0x" + Long.toHexString(elfSymbol.getValue()));
log("No Memory for symbol: " + elfSymbol.getFormattedName() + " - 0x" +
Long.toHexString(elfSymbol.getValue()));
return null;
}
@@ -1808,8 +1820,8 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
// SHN_HIPROC 0xff1f
// SHN_HIRESERVE 0xffff
log("Unable to place symbol: " + elfSymbol.getFormattedName() +
" - value=0x" + Long.toHexString(elfSymbol.getValue()) + ", section-index=0x" +
log("Unable to place symbol: " + elfSymbol.getFormattedName() + " - value=0x" +
Long.toHexString(elfSymbol.getValue()) + ", section-index=0x" +
Integer.toHexString(Short.toUnsignedInt(sectionIndex)));
return null;
}
@@ -2043,8 +2055,7 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
// Do not add constant symbols to program symbol table
// define as equate instead
try {
program.getEquateTable()
.createEquate(name, address.getOffset());
program.getEquateTable().createEquate(name, address.getOffset());
}
catch (DuplicateNameException | InvalidInputException e) {
// ignore
@@ -2192,8 +2203,7 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
memory.convertToInitialized(block, (byte) 0);
}
if (program.getDefaultPointerSize() != (elf.is64Bit() ? 8 : 4)) {
log(
"Unsupported pointer size for indirect linkage at: " + indirectPointerAddr);
log("Unsupported pointer size for indirect linkage at: " + indirectPointerAddr);
return null;
}
if (elf.is64Bit()) {
@@ -2535,7 +2545,8 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
// ElfW(Addr) bitmask[maskwords]; // 2 bit Bloom filter on hashval
addr = addr.add(d.getLength());
DataType bloomDataType = elf.is64Bit() ? QWordDataType.dataType : DWordDataType.dataType;
DataType bloomDataType =
elf.is64Bit() ? QWordDataType.dataType : DWordDataType.dataType;
d = listing.createData(addr,
new ArrayDataType(bloomDataType, (int) maskwords, bloomDataType.getLength()));
d.setComment(CodeUnit.EOL_COMMENT, "GNU XHash Table - bitmask");
@@ -3050,8 +3061,7 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
// Create new zeroed segment block with no bytes from file
String blockName = String.format("%s%d", SEGMENT_NAME_PREFIX, i);
MemoryBlock newBlock = memory.createInitializedBlock(blockName, expandStart,
expandSize, (byte) 0,
monitor, false);
expandSize, (byte) 0, monitor, false);
newBlock.setSourceName(BLOCK_SOURCE_NAME);
newBlock.setComment("Zero-initialized segment");
}
@@ -3267,9 +3277,8 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
throw new AssertException("unexpected", e);
}
}
Symbol gotSym =
SymbolUtilities.getLabelOrFunctionSymbol(program, ElfConstants.GOT_SYMBOL_NAME,
err -> log(err));
Symbol gotSym = SymbolUtilities.getLabelOrFunctionSymbol(program,
ElfConstants.GOT_SYMBOL_NAME, err -> log(err));
if (gotSym != null) {
return gotSym.getAddress().getAddressableWordOffset();
}
@@ -3645,8 +3654,8 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper {
finally {
if (block == null) {
Address end = start.addNoWrap(revisedLength - 1);
log("Unexpected ELF memory bock load conflict when creating '" + name +
"' at " + start.toString(true) + "-" + end.toString(true));
log("Unexpected ELF memory bock load conflict when creating '" + name + "' at " +
start.toString(true) + "-" + end.toString(true));
}
}
return block;