1 /* radare2 - LGPL - Copyright 2009-2020 - pancake, nibble, dso */
2 
3 #include "bin_elf.inc"
4 
headers32(RBinFile * bf)5 static void headers32(RBinFile *bf) {
6 #define p bf->rbin->cb_printf
7 	p ("0x00000000  ELF MAGIC   0x%08x\n", r_buf_read_le32_at (bf->buf, 0));
8 	p ("0x00000010  Type        0x%04x\n", r_buf_read_le16_at (bf->buf, 0x10));
9 	p ("0x00000012  Machine     0x%04x\n", r_buf_read_le16_at (bf->buf, 0x12));
10 	p ("0x00000014  Version     0x%08x\n", r_buf_read_le32_at (bf->buf, 0x14));
11 	p ("0x00000018  Entrypoint  0x%08x\n", r_buf_read_le32_at (bf->buf, 0x18));
12 	p ("0x0000001c  PhOff       0x%08x\n", r_buf_read_le32_at (bf->buf, 0x1c));
13 	p ("0x00000020  ShOff       0x%08x\n", r_buf_read_le32_at (bf->buf, 0x20));
14 	p ("0x00000024  Flags       0x%08x\n", r_buf_read_le32_at (bf->buf, 0x24));
15 	p ("0x00000028  EhSize      %d\n", r_buf_read_le16_at (bf->buf, 0x28));
16 	p ("0x0000002a  PhentSize   %d\n", r_buf_read_le16_at (bf->buf, 0x2a));
17 	p ("0x0000002c  PhNum       %d\n", r_buf_read_le16_at (bf->buf, 0x2c));
18 	p ("0x0000002e  ShentSize   %d\n", r_buf_read_le16_at (bf->buf, 0x2e));
19 	p ("0x00000030  ShNum       %d\n", r_buf_read_le16_at (bf->buf, 0x30));
20 	p ("0x00000032  ShrStrndx   %d\n", r_buf_read_le16_at (bf->buf, 0x32));
21 }
22 
check_buffer(RBuffer * buf)23 static bool check_buffer(RBuffer *buf) {
24 	ut8 b[5] = {0};
25 	r_buf_read_at (buf, 0, b, sizeof (b));
26 	return !memcmp (b, ELFMAG, SELFMAG) && b[4] != 2;
27 }
28 
29 extern struct r_bin_dbginfo_t r_bin_dbginfo_elf;
30 extern struct r_bin_write_t r_bin_write_elf;
31 
create(RBin * bin,const ut8 * code,int codelen,const ut8 * data,int datalen,RBinArchOptions * opt)32 static RBuffer* create(RBin* bin, const ut8 *code, int codelen, const ut8 *data, int datalen, RBinArchOptions *opt) {
33 	r_return_val_if_fail (bin && opt && opt->arch, NULL);
34 
35 	ut32 filesize, code_va, code_pa, phoff;
36 	ut32 p_start, p_phoff, p_phdr;
37 	ut32 p_ehdrsz, p_phdrsz;
38 	ut16 ehdrsz, phdrsz;
39 	ut32 p_vaddr, p_paddr, p_fs, p_fs2;
40 	ut32 baddr;
41 	RBuffer *buf = r_buf_new ();
42 
43 	bool is_arm = !strcmp (opt->arch, "arm");
44 	// XXX: hardcoded
45 	if (is_arm) {
46 		baddr = 0x40000;
47 	} else {
48 		baddr = 0x8048000;
49 	}
50 
51 #define B(x,y) r_buf_append_bytes(buf,(const ut8*)(x),y)
52 #define D(x) r_buf_append_ut32(buf,x)
53 #define H(x) r_buf_append_ut16(buf,x)
54 #define Z(x) r_buf_append_nbytes(buf,x)
55 #define W(x,y,z) r_buf_write_at(buf,x,(const ut8*)(y),z)
56 #define WZ(x,y) p_tmp=r_buf_size (buf);Z(x);W(p_tmp,y,strlen(y))
57 
58 	B ("\x7F" "ELF" "\x01\x01\x01\x00", 8);
59 	Z (8);
60 	H (2); // ET_EXEC
61 	if (is_arm) {
62 		H (40); // e_machne = EM_ARM
63 	} else {
64 		H (3); // e_machne = EM_I386
65 	}
66 
67 	D (1);
68 	p_start = r_buf_size (buf);
69 	D (-1); // _start
70 	p_phoff = r_buf_size (buf);
71 	D (-1); // phoff -- program headers offset
72 	D (0);  // shoff -- section headers offset
73 	D (0); // flags
74 	p_ehdrsz = r_buf_size (buf);
75 	H (-1); // ehdrsz
76 	p_phdrsz = r_buf_size (buf);
77 	H (-1); // phdrsz
78 	H (1);
79 	H (0);
80 	H (0);
81 	H (0);
82 	// phdr:
83 	p_phdr = r_buf_size (buf);
84 	D (1);
85 	D (0);
86 	p_vaddr = r_buf_size (buf);
87 	D (-1); // vaddr = $$
88 	p_paddr = r_buf_size (buf);
89 	D (-1); // paddr = $$
90 	p_fs = r_buf_size (buf);
91 	D (-1); // filesize
92 	p_fs2 = r_buf_size (buf);
93 	D (-1); // filesize
94 	D (5); // flags
95 	D (0x1000); // align
96 
97 	ehdrsz = p_phdr;
98 	phdrsz = r_buf_size (buf) - p_phdr;
99 	code_pa = r_buf_size (buf);
100 	code_va = code_pa + baddr;
101 	phoff = 0x34;//p_phdr ;
102 	filesize = code_pa + codelen + datalen;
103 
104 	W (p_start, &code_va, 4);
105 	W (p_phoff, &phoff, 4);
106 	W (p_ehdrsz, &ehdrsz, 2);
107 	W (p_phdrsz, &phdrsz, 2);
108 
109 	code_va = baddr; // hack
110 	W (p_vaddr, &code_va, 4);
111 	code_pa = baddr; // hack
112 	W (p_paddr, &code_pa, 4);
113 
114 	W (p_fs, &filesize, 4);
115 	W (p_fs2, &filesize, 4);
116 
117 	B (code, codelen);
118 
119 	if (data && datalen > 0) {
120 		//ut32 data_section = buf->length;
121 		eprintf ("Warning: DATA section not support for ELF yet\n");
122 		B (data, datalen);
123 	}
124 	return buf;
125 }
126 
127 RBinPlugin r_bin_plugin_elf = {
128 	.name = "elf",
129 	.desc = "ELF format r2 plugin",
130 	.license = "LGPL3",
131 	.get_sdb = &get_sdb,
132 	.load_buffer = &load_buffer,
133 	.destroy = &destroy,
134 	.check_buffer = &check_buffer,
135 	.baddr = &baddr,
136 	.boffset = &boffset,
137 	.binsym = &binsym,
138 	.entries = &entries,
139 	.sections = &sections,
140 	.symbols = &symbols,
141 	.minstrlen = 4,
142 	.imports = &imports,
143 	.info = &info,
144 	.fields = &fields,
145 	.header = &headers32,
146 	.size = &size,
147 	.libs = &libs,
148 	.relocs = &relocs,
149 	.patch_relocs = &patch_relocs,
150 	.dbginfo = &r_bin_dbginfo_elf,
151 	.create = &create,
152 	.write = &r_bin_write_elf,
153 	.file_type = &get_file_type,
154 	.regstate = &regstate,
155 	.maps = &maps,
156 };
157 
158 #ifndef R2_PLUGIN_INCORE
159 R_API RLibStruct radare_plugin = {
160 	.type = R_LIB_TYPE_BIN,
161 	.data = &r_bin_plugin_elf,
162 	.version = R2_VERSION
163 };
164 #endif
165