Rizin
unix-like reverse engineering framework and cli tools
cmd_flirt.c
Go to the documentation of this file.
1 // SPDX-FileCopyrightText: 2021-2022 RizinOrg <info@rizin.re>
2 // SPDX-FileCopyrightText: 2021-2022 deroad <wargio@libero.it>
3 // SPDX-License-Identifier: LGPL-3.0-only
4 
5 #include <rz_core.h>
6 #include <rz_cons.h>
7 #include <rz_flirt.h>
8 
9 RZ_IPI RzCmdStatus rz_flirt_create_handler(RzCore *core, int argc, const char **argv) {
10  const char *filename = argv[1];
11  ut32 written_nodes = 0;
12  if (!rz_core_flirt_create_file(core, filename, &written_nodes)) {
13  RZ_LOG_ERROR("failed to create FLIRT file '%s'\n", filename);
14  return RZ_CMD_STATUS_ERROR;
15  }
16  rz_cons_printf("%u FLIRT signatures were written in '%s'\n", written_nodes, filename);
17  return RZ_CMD_STATUS_OK;
18 }
19 
20 RZ_IPI RzCmdStatus rz_flirt_dump_handler(RzCore *core, int argc, const char **argv) {
21  rz_core_flirt_dump_file(argv[1]);
22  return RZ_CMD_STATUS_OK;
23 }
24 
25 RZ_IPI RzCmdStatus rz_flirt_scan_handler(RzCore *core, int argc, const char **argv) {
26  int new, old;
27  int depth = rz_config_get_i(core->config, "dir.depth");
28  const char *arch = rz_config_get(core->config, "asm.arch");
29  char *file = NULL;
30  RzListIter *iter = NULL;
31  RzList *files = rz_file_globsearch(argv[1], depth);
32  ut8 arch_id = rz_core_flirt_arch_from_name(arch);
33 
34  old = rz_flag_count(core->flags, "flirt");
35  rz_list_foreach (files, iter, file) {
36  rz_sign_flirt_apply(core->analysis, file, arch_id);
37  }
38  rz_list_free(files);
39  new = rz_flag_count(core->flags, "flirt");
40 
41  rz_cons_printf("Found %d FLIRT signatures via %s\n", new - old, argv[1]);
42  return RZ_CMD_STATUS_OK;
43 }
RZ_IPI
#define RZ_IPI
Definition: analysis_wasm.c:11
rz_flirt_dump_handler
RZ_IPI RzCmdStatus rz_flirt_dump_handler(RzCore *core, int argc, const char **argv)
Definition: cmd_flirt.c:20
rz_flirt_create_handler
RZ_IPI RzCmdStatus rz_flirt_create_handler(RzCore *core, int argc, const char **argv)
Definition: cmd_flirt.c:9
rz_flirt_scan_handler
RZ_IPI RzCmdStatus rz_flirt_scan_handler(RzCore *core, int argc, const char **argv)
Definition: cmd_flirt.c:25
rz_config_get_i
RZ_API ut64 rz_config_get_i(RzConfig *cfg, RZ_NONNULL const char *name)
Definition: config.c:119
rz_config_get
RZ_API RZ_BORROW const char * rz_config_get(RzConfig *cfg, RZ_NONNULL const char *name)
Definition: config.c:75
rz_cons_printf
RZ_API int rz_cons_printf(const char *format,...)
Definition: cons.c:1202
NULL
#define NULL
Definition: cris-opc.c:27
rz_core_flirt_arch_from_name
RZ_API ut8 rz_core_flirt_arch_from_name(RZ_NONNULL const char *arch)
Returns the FLIRT arch id from a given arch name Returns RZ_FLIRT_SIG_ARCH_ANY if name is not found.
Definition: csign.c:148
rz_core_flirt_create_file
RZ_API bool rz_core_flirt_create_file(RZ_NONNULL RzCore *core, RZ_NONNULL const char *output_file, RZ_NULLABLE ut32 *written_nodes)
Generates a new FLIRT file from a given RzCore structure.
Definition: csign.c:431
rz_core_flirt_dump_file
RZ_API bool rz_core_flirt_dump_file(RZ_NONNULL const char *flirt_file)
Dumps the contents of a FLIRT file.
Definition: csign.c:372
arch
cs_arch arch
Definition: cstool.c:13
ut32
uint32_t ut32
Definition: demangler_util.h:31
files
checking print the parsed form of the magic use in n conjunction with m to debug a new magic file n before installing it n output MIME type special files
Definition: file_opts.h:46
rz_flag_count
RZ_API int rz_flag_count(RzFlag *f, const char *glob)
Definition: flag.c:776
filename
const char * filename
Definition: ioapi.h:137
ut8
uint8_t ut8
Definition: lh5801.h:11
rz_list_free
RZ_API void rz_list_free(RZ_NONNULL RzList *list)
Empties the list and frees the list pointer.
Definition: list.c:137
argv
static static fork const void static count static fd const char const char static newpath char char argv
Definition: sflib.h:40
RzCmdStatus
enum rz_cmd_status_t RzCmdStatus
RZ_CMD_STATUS_OK
@ RZ_CMD_STATUS_OK
command handler exited in the right way
Definition: rz_cmd.h:24
RZ_CMD_STATUS_ERROR
@ RZ_CMD_STATUS_ERROR
command handler had issues while running (e.g. allocation error, etc.)
Definition: rz_cmd.h:26
rz_cons.h
rz_core.h
rz_file_globsearch
RZ_API RzList * rz_file_globsearch(const char *globbed_path, int maxdepth)
Definition: file.c:1263
rz_flirt.h
rz_sign_flirt_apply
RZ_API bool rz_sign_flirt_apply(RZ_NONNULL RzAnalysis *analysis, RZ_NONNULL const char *flirt_file, ut8 expected_arch)
Parses the FLIRT file and applies the signatures.
Definition: flirt.c:1289
RZ_LOG_ERROR
#define RZ_LOG_ERROR(fmtstr,...)
Definition: rz_log.h:58
file
Definition: gzappend.c:170
rz_core_t
Definition: rz_core.h:297
rz_core_t::analysis
RzAnalysis * analysis
Definition: rz_core.h:322
rz_core_t::flags
RzFlag * flags
Definition: rz_core.h:330
rz_core_t::config
RzConfig * config
Definition: rz_core.h:300
rz_list_iter_t
Definition: rz_list.h:13
rz_list_t
Definition: rz_list.h:18