public void Scanner_ScanData_ImageSymbols() { Given_Program(Address.Ptr32(0x00100000), new byte[] { 0x42, 0x42, 0x42, 0x42, 0x10, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC3, 0x00, 0x00, 0x00, }); Given_Project(); var dt = new StructureType { Fields = { { 0, PrimitiveType.Int32, "data" }, { 4, new Pointer(FunctionType.Action( new Identifier("arg", PrimitiveType.Int32, null)), 32) } } }; var sym = ImageSymbol.DataObject(arch, Address.Ptr32(0x00100000), "data_blob", dt); program.ImageSymbols.Add(sym.Address, sym); var scanner = new Scanner(program, dynamicLinker.Object, sc); var sr = scanner.ScanDataItems(); Assert.AreEqual(1, sr.KnownProcedures.Count); Assert.AreEqual("00100010", sr.KnownProcedures.First().ToString()); }
public ImageSymbol CreateGotSymbol(Address addrGot, string name) { //$TODO: look up function signature. int size = Architecture.PointerType.Size; int bitSize = Architecture.PointerType.BitSize; return(ImageSymbol.DataObject(Architecture, addrGot, name + "_GOT", new Pointer(new CodeType(), bitSize))); }
public void TycoImageSymbol() { var program = Given_FlatProgram(); var sym = ImageSymbol.DataObject(program.Architecture, Address.Ptr32(0x00123400), "a_data", PrimitiveType.Word32); program.ImageSymbols.Add(sym.Address, sym); new EquivalenceClassBuilder(program.TypeFactory, program.TypeStore, eventListener).Build(program); var tyco = new TypeCollector(program.TypeFactory, program.TypeStore, program, new FakeDecompilerEventListener()); tyco.CollectGlobalType(); tyco.CollectImageSymbols(); Then_GlobalFieldsAre(program, "123400: a_data: T_2"); }
public void DynLink_GlobalByName() { var proj = new Project { MetadataFiles = { new MetadataFile { ModuleName = "foo" } }, Programs = { program } }; var module = new ModuleDescriptor("foo") { GlobalsByName = { { "bar", ImageSymbol.DataObject( program.Architecture, null, "bar", new StructureType { Fields = { { 0, new Pointer(PrimitiveType.Char, 32), "name" }, { 4, PrimitiveType.Int32, "age" } } }) } } }; program.EnvironmentMetadata.Modules.Add(module.ModuleName, module); var impres = new DynamicLinker(proj, program, new FakeDecompilerEventListener()); var dt = impres.ResolveImport("foo", "bar", platform.Object); Assert.AreEqual("&bar", dt.ToString()); }
private List <ImageSymbol> ReadPltEntries(DlHeader dlhdr, SOM_Exec_aux_hdr exeAuxHdr, List <string> names, IProcessorArchitecture arch) { var rdr = MakeReader(exeAuxHdr.exec_dfile + dlhdr.plt_loc); var dlts = new List <ImageSymbol>(); for (int i = 0; i < dlhdr.plt_count; ++i) { var addr = Address.Ptr32(exeAuxHdr.exec_dmem + ((uint)rdr.Offset - exeAuxHdr.exec_dfile)); uint n = rdr.ReadUInt32(); uint m = rdr.ReadUInt32(); var name = names[i + dlhdr.dlt_count]; var pltEntry = ImageSymbol.ExternalProcedure(arch, Address.Ptr32(n), name); var pltGotEntry = ImageSymbol.DataObject(arch, addr, name + "@@GOT", PrimitiveType.Ptr32); dlts.Add(pltEntry); dlts.Add(pltGotEntry); } return(dlts); }
// SAV definition from // RT–11 Volume and File Formats Manual // Order Number AA–PD6PA–TC // August 1991 // Digital Equipment Corporation private ImageSymbol CreateSavHeader(IProcessorArchitecture arch) { StructureField fld(int offset, DataType dt) { return(new StructureField(offset, dt)); } var w16 = PrimitiveType.Word16; var s = new StructureType("sav_header_t", 0x200, true) { ForceStructure = true, Fields = { fld(0x00, w16), // VIR in Radix–50 if the Linker / V option was used. fld(0x02, w16), // Virtual high limit if Linker / V option was used. fld(0x04, w16), // Job definition word($JSX) bits.See Table 2–11 for bit definitions. fld(0x06, w16), // Reserved fld(0x08, w16), // Reserved fld(0x0A, w16), // Reserved fld(0x0C, w16), // BPT trap PC(mapped monitors only) fld(0x0E, w16), // BPT trap PSW(mapped monitors only) fld(0x10, w16), // IOT trap PC(mapped monitors only) fld(0x12, w16), // IOT trap PSW(mapped monitors only) fld(0014, w16), // Reserved fld(0x16, w16), // Reserved fld(0x18, w16), // Reserved fld(0x1A, w16), // Overlay definition word(SV.CVH) bits.See tables 2–12 and 2–13 for bit definitions. fld(0x1C, w16), // Trap vector PC(TRAP) fld(0x1E, w16), // Trap vector PSW(TRAP) fld(0x20, w16), // Program’s relative start address fld(0x22, w16), // Initial location of stack pointer(changed by / M option) fld(0x24, w16), // Job Status Word fld(0x26, w16), // USR swap address fld(0x28, w16), // Program’s high limit fld(0x34, w16), // Address of overlay handler table for overlaid files fld(0x36, w16), // Address of start of window definition blocks(if / V used) } }; var addr = Address.Ptr16(0); var sym = ImageSymbol.DataObject(arch, addr, null, s); return(sym); }
public IEnumerable <ImageSymbol> GetSymbols(IProcessorArchitecture arch) { var ptrCodeT = new Pointer(new CodeType(), arch.WordWidth.BitSize); return(LoaderInfo.ExportedSymbols // $TODO: resolve import addresses in relocations .Where(s => s.sym.sectionIndex != -3) .Select(s => { var symAddr = GetAddress(s.sym.sectionIndex, s.sym.symbolValue); return s.classAndName.SymbolClass switch { PEFSymbolClassType.kPEFCodeSymbol => ImageSymbol.DataObject(arch, symAddr, s.Name, ptrCodeT), PEFSymbolClassType.kPEFDataSymbol => ImageSymbol.DataObject(arch, symAddr, s.Name, new UnknownType()), PEFSymbolClassType.kPEFTVectSymbol => ImageSymbol.Procedure(arch, symAddr, s.Name), PEFSymbolClassType.kPEFTOCSymbol => ImageSymbol.DataObject(arch, symAddr, s.Name, new UnknownType()), PEFSymbolClassType.kPEFGlueSymbol => ImageSymbol.DataObject(arch, symAddr, s.Name, new UnknownType()), _ => throw new BadImageFormatException($"Unknown symbol class {s.classAndName.SymbolClass}"), }; })); }
public List <ImageSymbol?> LoadEntryPoints( uint offEntryTable, NeSegment [] segments, Dictionary <int, string> names, IProcessorArchitecture arch) { trace.Inform("== Loading entry points from offset {0:X}", offEntryTable); var rdr = new LeImageReader(RawImage, offEntryTable); var entries = new List <ImageSymbol?>(); int bundleOrdinal = 1; int nextbundleOrdinal = 1; for (; ;) { var cBundleEntries = rdr.ReadByte(); if (cBundleEntries == 0) { break; } nextbundleOrdinal = bundleOrdinal + cBundleEntries; var segNum = rdr.ReadByte(); if (segNum != 0) { // If segNum had been 0, it would have // meant that all we want to do is allocate // (skip) some ordinal numbers. Since it wasn't 0, // we proceed to generate entry points. for (int i = 0; i < cBundleEntries; ++i) { byte flags = rdr.ReadByte(); (byte iSeg, ushort offset)entry; if (segNum == 0xFF) { entry = ReadMovableSegmentEntry(rdr); } else { entry = ReadFixedSegmentEntry(rdr, segNum); } var seg = segments[entry.iSeg - 1]; var addr = seg.Address !+entry.offset; if (!names.TryGetValue(bundleOrdinal + i, out string?name)) { name = null; } ImageSymbol ep; if (seg.IsData) { ep = ImageSymbol.DataObject(arch, addr, name, new UnknownType()); } else { ep = ImageSymbol.Procedure(arch, addr, name); ep.Ordinal = bundleOrdinal + i; ep.Type = SymbolType.Procedure; ep.ProcessorState = arch.CreateProcessorState(); } entries.Add(ep); imageSymbols[ep.Address] = ep; trace.Verbose(" {0:X2} {1} {2} - {3}", segNum, ep.Address, ep.Name !, ep.Ordinal.HasValue ? ep.Ordinal.Value.ToString() : ""); } } else { // We have unused entries, they have to occupy a space in the resulting entries table. entries.AddRange(Enumerable.Range(0, cBundleEntries).Select(x => (ImageSymbol?)null)); } bundleOrdinal = nextbundleOrdinal; } return(entries); }