Rizin
unix-like reverse engineering framework and cli tools
Classes | Typedefs | Functions | Variables
analysis_java.c File Reference
#include <rz_types.h>
#include <rz_lib.h>
#include <rz_analysis.h>
#include "../../asm/arch/java/jvm.h"

Go to the source code of this file.

Classes

struct  java_analysis_context_t
 

Typedefs

typedef struct java_analysis_context_t JavaAnalysisContext
 

Functions

static void update_context (JavaAnalysisContext *ctx)
 
static int java_analysis (RzAnalysis *analysis, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, RzAnalysisOpMask mask)
 
static char * get_reg_profile (RzAnalysis *analysis)
 
static int archinfo (RzAnalysis *analysis, int query)
 
static bool java_init (void **user)
 
static bool java_fini (void *user)
 

Variables

RzAnalysisPlugin rz_analysis_plugin_java
 
RZ_API RzLibStruct rizin_plugin
 

Typedef Documentation

◆ JavaAnalysisContext

typedef struct java_analysis_context_t JavaAnalysisContext

Function Documentation

◆ archinfo()

static int archinfo ( RzAnalysis analysis,
int  query 
)
static

Definition at line 131 of file analysis_java.c.

131  {
132  if (query == RZ_ANALYSIS_ARCHINFO_MIN_OP_SIZE) {
133  return 1;
134  } else if (query == RZ_ANALYSIS_ARCHINFO_MAX_OP_SIZE) {
135  return 16;
136  }
137  return 0;
138 }
RZ_ANALYSIS_ARCHINFO_MAX_OP_SIZE
#define RZ_ANALYSIS_ARCHINFO_MAX_OP_SIZE
Definition: rz_analysis.h:99
RZ_ANALYSIS_ARCHINFO_MIN_OP_SIZE
#define RZ_ANALYSIS_ARCHINFO_MIN_OP_SIZE
Definition: rz_analysis.h:98

References RZ_ANALYSIS_ARCHINFO_MAX_OP_SIZE, and RZ_ANALYSIS_ARCHINFO_MIN_OP_SIZE.

◆ get_reg_profile()

static char* get_reg_profile ( RzAnalysis analysis)
static

Definition at line 114 of file analysis_java.c.

114  {
115  const char *p =
116  "=PC pc\n"
117  "=SP garbage\n"
118  "=SR garbage\n"
119  "=A0 garbage\n"
120  "=A1 garbage\n"
121  "=A2 garbage\n"
122  "=A3 garbage\n"
123  "=A4 garbage\n"
124  "=A5 garbage\n"
125  "=A6 garbage\n"
126  "gpr pc .32 0 0\n"
127  "gpr garbage .32 32 0\n";
128  return strdup(p);
129 }
p
void * p
Definition: libc.cpp:67
strdup
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")

References p, and strdup().

◆ java_analysis()

static int java_analysis ( RzAnalysis analysis,
RzAnalysisOp op,
ut64  addr,
const ut8 buf,
int  len,
RzAnalysisOpMask  mask 
)
static

Definition at line 27 of file analysis_java.c.

27  {
28  JavaAnalysisContext *ctx = (JavaAnalysisContext *)analysis->plugin_data;
29 
30  switch (ctx->switchop) {
31  case BYTECODE_AA_TABLESWITCH:
32  if (len < 4) {
33  RZ_LOG_ERROR("[!] java_analysis: no enough data for lookupswitch case.\n");
34  return -1;
35  }
36  op->size = 4;
37  op->jump = ctx->pc + rz_read_be32(buf);
38  op->fail = addr + op->size;
39  op->type = RZ_ANALYSIS_OP_TYPE_CJMP;
40  update_context(ctx);
41  return op->size;
42  case BYTECODE_AB_LOOKUPSWITCH:
43  if (len < 8) {
44  RZ_LOG_ERROR("[!] java_analysis: no enough data for lookupswitch case.\n");
45  return -1;
46  }
47  op->size = 8;
48  op->jump = ctx->pc + rz_read_at_be32(buf, 4);
49  op->fail = addr + op->size;
50  op->type = RZ_ANALYSIS_OP_TYPE_CJMP;
51  update_context(ctx);
52  return op->size;
53  default:
54  break;
55  }
56 
57  JavaVM vm = { 0 };
58  Bytecode bc = { 0 };
59 
60  ut64 section = addr;
61  if (analysis->binb.bin) {
62  const RzBinSection *sec = analysis->binb.get_vsect_at(analysis->binb.bin, addr);
63  if (sec) {
64  section = sec->paddr;
65  }
66  }
67 
68  if (!jvm_init(&vm, buf, len, addr, section)) {
69  RZ_LOG_ERROR("[!] java_analysis: bad or invalid data.\n");
70  return -1;
71  }
72 
73  op->fail = UT64_MAX;
74  op->jump = UT64_MAX;
75  op->size = 1;
76  if (jvm_fetch(&vm, &bc)) {
77  op->size = bc.size;
78  op->type = bc.atype;
79  switch (bc.atype) {
80  case RZ_ANALYSIS_OP_TYPE_CALL:
81  case RZ_ANALYSIS_OP_TYPE_JMP:
82  op->jump = bc.pc + bc.args[0];
83  break;
84  case RZ_ANALYSIS_OP_TYPE_CJMP:
85  op->jump = bc.pc + bc.args[0];
86  op->fail = addr + bc.size;
87  break;
88  case RZ_ANALYSIS_OP_TYPE_RET:
89  case RZ_ANALYSIS_OP_TYPE_ILL:
90  op->eob = true;
91  break;
92  default:
93  break;
94  }
95  if (bc.opcode == BYTECODE_AA_TABLESWITCH) {
96  ctx->switchop = BYTECODE_AA_TABLESWITCH;
97  ctx->ts = *((TableSwitch *)bc.extra);
98  ctx->count = 0;
99  ctx->pc = addr;
100  } else if (bc.opcode == BYTECODE_AB_LOOKUPSWITCH) {
101  ctx->switchop = BYTECODE_AB_LOOKUPSWITCH;
102  ctx->ls = *((LookupSwitch *)bc.extra);
103  ctx->count = 0;
104  ctx->pc = addr;
105  }
106  bytecode_clean(&bc);
107  } else {
108  RZ_LOG_ERROR("[!] java_analysis: jvm fetch failed.\n");
109  return -1;
110  }
111  return op->size;
112 }
len
size_t len
Definition: 6502dis.c:15
update_context
static void update_context(JavaAnalysisContext *ctx)
Definition: analysis_java.c:18
BYTECODE_AA_TABLESWITCH
#define BYTECODE_AA_TABLESWITCH
Definition: bytecode.h:178
BYTECODE_AB_LOOKUPSWITCH
#define BYTECODE_AB_LOOKUPSWITCH
Definition: bytecode.h:179
buf
voidpf void * buf
Definition: ioapi.h:138
jvm_fetch
bool jvm_fetch(JavaVM *jvm, Bytecode *bytecode)
Definition: jvm.c:1553
jvm_init
bool jvm_init(JavaVM *jvm, const ut8 *buffer, const ut32 size, ut64 pc, ut64 section)
Definition: jvm.c:1541
bytecode_clean
void bytecode_clean(Bytecode *bytecode)
Definition: jvm.c:1536
RZ_ANALYSIS_OP_TYPE_JMP
@ RZ_ANALYSIS_OP_TYPE_JMP
Definition: rz_analysis.h:368
RZ_ANALYSIS_OP_TYPE_CALL
@ RZ_ANALYSIS_OP_TYPE_CALL
Definition: rz_analysis.h:378
RZ_ANALYSIS_OP_TYPE_CJMP
@ RZ_ANALYSIS_OP_TYPE_CJMP
Definition: rz_analysis.h:373
RZ_ANALYSIS_OP_TYPE_ILL
@ RZ_ANALYSIS_OP_TYPE_ILL
Definition: rz_analysis.h:387
RZ_ANALYSIS_OP_TYPE_RET
@ RZ_ANALYSIS_OP_TYPE_RET
Definition: rz_analysis.h:385
rz_read_at_be32
static ut32 rz_read_at_be32(const void *src, size_t offset)
Definition: rz_endian.h:93
rz_read_be32
static ut32 rz_read_be32(const void *src)
Definition: rz_endian.h:87
RZ_LOG_ERROR
#define RZ_LOG_ERROR(fmtstr,...)
Definition: rz_log.h:58
UT64_MAX
#define UT64_MAX
Definition: rz_types_base.h:86
bytecode_t
Definition: bytecode.h:234
bytecode_t::atype
ut64 atype
Definition: bytecode.h:236
bytecode_t::extra
void * extra
Definition: bytecode.h:244
bytecode_t::pc
ut64 pc
Definition: bytecode.h:239
bytecode_t::opcode
ut16 opcode
Definition: bytecode.h:237
bytecode_t::size
ut16 size
Definition: bytecode.h:238
bytecode_t::args
st32 args[2]
Definition: bytecode.h:240
java_analysis_context_t
Definition: analysis_java.c:10
jvm_t
Definition: jvm.h:10
lookupswitch_t
Definition: bytecode.h:229
rz_analysis_t::plugin_data
void * plugin_data
Definition: rz_analysis.h:561
rz_analysis_t::binb
RzBinBind binb
Definition: rz_analysis.h:579
rz_bin_bind_t::bin
RzBin * bin
Definition: rz_bin.h:807
rz_bin_bind_t::get_vsect_at
RzBinGetSectionAt get_vsect_at
Definition: rz_bin.h:811
rz_bin_section_t
Definition: rz_bin.h:618
rz_bin_section_t::paddr
ut64 paddr
Definition: rz_bin.h:623
tableswitch_t
Definition: bytecode.h:222
op
Definition: dis.c:32
ut64
ut64(WINAPI *w32_GetEnabledXStateFeatures)()
addr
static int addr
Definition: z80asm.c:58

References addr, bytecode_t::args, bytecode_t::atype, rz_bin_bind_t::bin, rz_analysis_t::binb, BYTECODE_AA_TABLESWITCH, BYTECODE_AB_LOOKUPSWITCH, bytecode_clean(), bytecode_t::extra, rz_bin_bind_t::get_vsect_at, jvm_fetch(), jvm_init(), len, bytecode_t::opcode, rz_bin_section_t::paddr, bytecode_t::pc, rz_analysis_t::plugin_data, RZ_ANALYSIS_OP_TYPE_CALL, RZ_ANALYSIS_OP_TYPE_CJMP, RZ_ANALYSIS_OP_TYPE_ILL, RZ_ANALYSIS_OP_TYPE_JMP, RZ_ANALYSIS_OP_TYPE_RET, RZ_LOG_ERROR, rz_read_at_be32(), rz_read_be32(), bytecode_t::size, update_context(), ut64(), and UT64_MAX.

◆ java_fini()

static bool java_fini ( void *  user)
static

Definition at line 149 of file analysis_java.c.

149  {
150  if (!user) {
151  return false;
152  }
153  free(user);
154  return true;
155 }
free
RZ_API void Ht_() free(HtName_(Ht) *ht)
Definition: ht_inc.c:130

References free().

◆ java_init()

static bool java_init ( void **  user)
static

Definition at line 140 of file analysis_java.c.

140  {
141  JavaAnalysisContext *ctx = RZ_NEW0(JavaAnalysisContext);
142  if (!ctx) {
143  return false;
144  }
145  *user = ctx;
146  return true;
147 }
RZ_NEW0
#define RZ_NEW0(x)
Definition: rz_types.h:284

References RZ_NEW0.

◆ update_context()

static void update_context ( JavaAnalysisContext ctx)
static

Definition at line 18 of file analysis_java.c.

18  {
19  ctx->count++;
20  if (ctx->switchop == BYTECODE_AA_TABLESWITCH && ctx->count > ctx->ts.length) {
21  ctx->switchop = BYTECODE_00_NOP;
22  } else if (ctx->switchop == BYTECODE_AB_LOOKUPSWITCH && ctx->count > ctx->ls.npairs) {
23  ctx->switchop = BYTECODE_00_NOP;
24  }
25 }
BYTECODE_00_NOP
#define BYTECODE_00_NOP
Definition: bytecode.h:8

References BYTECODE_00_NOP, BYTECODE_AA_TABLESWITCH, and BYTECODE_AB_LOOKUPSWITCH.

Referenced by java_analysis().

Variable Documentation

◆ rizin_plugin

RZ_API RzLibStruct rizin_plugin
Initial value:
= {
.type = RZ_LIB_TYPE_ANALYSIS,
.data = &rz_analysis_plugin_java,
.version = RZ_VERSION
}
rz_analysis_plugin_java
RzAnalysisPlugin rz_analysis_plugin_java
Definition: analysis_java.c:157
RZ_LIB_TYPE_ANALYSIS
@ RZ_LIB_TYPE_ANALYSIS
Definition: rz_lib.h:73
RZ_VERSION
#define RZ_VERSION
Definition: rz_version.h:8
rz_analysis_plugin_t::version
const char * version
Definition: rz_analysis.h:1239

Definition at line 171 of file analysis_java.c.

◆ rz_analysis_plugin_java

RzAnalysisPlugin rz_analysis_plugin_java
Initial value:
= {
.name = "java",
.desc = "Java analysis plugin",
.arch = "java",
.license = "LGPL3",
.bits = 32,
.op = &java_analysis,
.archinfo = archinfo,
.init = java_init,
.fini = java_fini,
.get_reg_profile = &get_reg_profile,
}
java_init
static bool java_init(void **user)
Definition: analysis_java.c:140
get_reg_profile
static char * get_reg_profile(RzAnalysis *analysis)
Definition: analysis_java.c:114
java_analysis
static int java_analysis(RzAnalysis *analysis, RzAnalysisOp *op, ut64 addr, const ut8 *buf, int len, RzAnalysisOpMask mask)
Definition: analysis_java.c:27
java_fini
static bool java_fini(void *user)
Definition: analysis_java.c:149
archinfo
static int archinfo(RzAnalysis *analysis, int query)
Definition: analysis_java.c:131

Definition at line 157 of file analysis_java.c.