private ElfRel GetRelocation(long Position) { long Offset = Memory.ReadInt64(Position + 0); long Info = Memory.ReadInt64(Position + 8); long Addend = Memory.ReadInt64(Position + 16); int RelType = (int)(Info >> 0); int SymIdx = (int)(Info >> 32); ElfSym Symbol = GetSymbol(SymIdx); return(new ElfRel(Offset, Addend, Symbol, (ElfRelType)RelType)); }
public Executable(IExecutable Exe, AMemory Memory, long ImageBase) { Dynamic = new List <ElfDyn>(); m_SymbolTable = new Dictionary <long, string>(); Name = Exe.Name; this.Memory = Memory; this.ImageBase = ImageBase; this.ImageEnd = ImageBase; WriteData(ImageBase + Exe.TextOffset, Exe.Text, MemoryType.CodeStatic, AMemoryPerm.RX); WriteData(ImageBase + Exe.ROOffset, Exe.RO, MemoryType.CodeMutable, AMemoryPerm.Read); WriteData(ImageBase + Exe.DataOffset, Exe.Data, MemoryType.CodeMutable, AMemoryPerm.RW); if (Exe.Mod0Offset == 0) { int BssOffset = Exe.DataOffset + Exe.Data.Length; int BssSize = Exe.BssSize; MapBss(ImageBase + BssOffset, BssSize); ImageEnd = ImageBase + BssOffset + BssSize; return; } long Mod0Offset = ImageBase + Exe.Mod0Offset; int Mod0Magic = Memory.ReadInt32(Mod0Offset + 0x0); long DynamicOffset = Memory.ReadInt32(Mod0Offset + 0x4) + Mod0Offset; long BssStartOffset = Memory.ReadInt32(Mod0Offset + 0x8) + Mod0Offset; long BssEndOffset = Memory.ReadInt32(Mod0Offset + 0xc) + Mod0Offset; long EhHdrStartOffset = Memory.ReadInt32(Mod0Offset + 0x10) + Mod0Offset; long EhHdrEndOffset = Memory.ReadInt32(Mod0Offset + 0x14) + Mod0Offset; long ModObjOffset = Memory.ReadInt32(Mod0Offset + 0x18) + Mod0Offset; MapBss(BssStartOffset, BssEndOffset - BssStartOffset); ImageEnd = BssEndOffset; while (true) { long TagVal = Memory.ReadInt64(DynamicOffset + 0); long Value = Memory.ReadInt64(DynamicOffset + 8); DynamicOffset += 0x10; ElfDynTag Tag = (ElfDynTag)TagVal; if (Tag == ElfDynTag.DT_NULL) { break; } Dynamic.Add(new ElfDyn(Tag, Value)); } long StrTblAddr = ImageBase + GetFirstValue(ElfDynTag.DT_STRTAB); long SymTblAddr = ImageBase + GetFirstValue(ElfDynTag.DT_SYMTAB); long SymEntSize = GetFirstValue(ElfDynTag.DT_SYMENT); while ((ulong)SymTblAddr < (ulong)StrTblAddr) { ElfSym Sym = GetSymbol(SymTblAddr, StrTblAddr); m_SymbolTable.TryAdd(Sym.Value, Sym.Name); SymTblAddr += SymEntSize; } }