Rizin
unix-like reverse engineering framework and cli tools
Functions
pe_tls.c File Reference
#include "pe.h"

Go to the source code of this file.

Functions

static void bin_pe_store_tls_callbacks (RzBinPEObj *bin, PE_DWord callbacks)
 
static bool read_tls_directory_aux (RzBuffer *b, PE_(image_tls_directory) *tls_directory)
 
static int read_tls_directory (RzBuffer *b, ut64 addr, PE_(image_tls_directory) *tls_directory)
 
int PE_() bin_pe_init_tls (RzBinPEObj *bin)
 

Function Documentation

◆ bin_pe_init_tls()

int PE_() bin_pe_init_tls ( RzBinPEObj bin)

Definition at line 71 of file pe_tls.c.

71  {
72  PE_(image_tls_directory) * image_tls_directory;
73  PE_(image_data_directory) *data_dir_tls = &bin->data_directory[PE_IMAGE_DIRECTORY_ENTRY_TLS];
74  PE_DWord tls_paddr = PE_(bin_pe_rva_to_paddr)(bin, data_dir_tls->VirtualAddress);
75 
76  image_tls_directory = RZ_NEW0(PE_(image_tls_directory));
77  if (read_tls_directory(bin->b, tls_paddr, image_tls_directory) < 0) {
78  RZ_LOG_INFO("read (image_tls_directory)\n");
79  free(image_tls_directory);
80  return 0;
81  }
82  bin->tls_directory = image_tls_directory;
83  if (!image_tls_directory->AddressOfCallBacks) {
84  return 0;
85  }
86  if (image_tls_directory->EndAddressOfRawData < image_tls_directory->StartAddressOfRawData) {
87  return 0;
88  }
89  PE_DWord callbacks_paddr = PE_(bin_pe_rva_to_paddr)(bin, PE_(bin_pe_va_to_rva)(bin, (PE_DWord)image_tls_directory->AddressOfCallBacks));
90  bin_pe_store_tls_callbacks(bin, callbacks_paddr);
91  return 0;
92 }
free
RZ_API void Ht_() free(HtName_(Ht) *ht)
Definition: ht_inc.c:130
bin_pe_va_to_rva
PE_DWord PE_() bin_pe_va_to_rva(RzBinPEObj *bin, PE_DWord va)
Definition: pe.c:32
bin_pe_rva_to_paddr
PE_DWord PE_() bin_pe_rva_to_paddr(RzBinPEObj *bin, PE_DWord rva)
Definition: pe.c:15
PE_
#define PE_(name)
Definition: pe_specs.h:23
PE_DWord
#define PE_DWord
Definition: pe_specs.h:27
PE_IMAGE_DIRECTORY_ENTRY_TLS
#define PE_IMAGE_DIRECTORY_ENTRY_TLS
Definition: pe_specs.h:153
bin_pe_store_tls_callbacks
static void bin_pe_store_tls_callbacks(RzBinPEObj *bin, PE_DWord callbacks)
Definition: pe_tls.c:8
read_tls_directory
static int read_tls_directory(RzBuffer *b, ut64 addr, PE_(image_tls_directory) *tls_directory)
Definition: pe_tls.c:50
RZ_LOG_INFO
#define RZ_LOG_INFO(fmtstr,...)
Definition: rz_log.h:54
RZ_NEW0
#define RZ_NEW0(x)
Definition: rz_types.h:284
bin
Definition: malloc.c:26

References bin_pe_rva_to_paddr(), bin_pe_store_tls_callbacks(), bin_pe_va_to_rva(), free(), PE_, PE_DWord, PE_IMAGE_DIRECTORY_ENTRY_TLS, read_tls_directory(), RZ_LOG_INFO, and RZ_NEW0.

Referenced by bin_pe_init().

◆ bin_pe_store_tls_callbacks()

static void bin_pe_store_tls_callbacks ( RzBinPEObj bin,
PE_DWord  callbacks 
)
static

Definition at line 8 of file pe_tls.c.

8  {
9  PE_DWord paddr, haddr;
10  int count = 0;
11  PE_DWord addressOfTLSCallback = 1;
12  char *key;
13 
14  while (addressOfTLSCallback != 0) {
15  if (!RZ_BUF_READ_PE_DWORD_AT(bin->b, callbacks, &addressOfTLSCallback)) {
16  RZ_LOG_INFO("read (tls_callback)\n");
17  return;
18  }
19  if (!addressOfTLSCallback) {
20  break;
21  }
22  if (bin->optional_header->SizeOfImage) {
23  int rva_callback = PE_(bin_pe_va_to_rva)(bin, (PE_DWord)addressOfTLSCallback);
24  if (rva_callback > bin->optional_header->SizeOfImage) {
25  break;
26  }
27  }
28  key = sdb_fmt("pe.tls_callback%d_vaddr", count);
29  sdb_num_set(bin->kv, key, addressOfTLSCallback, 0);
30  key = sdb_fmt("pe.tls_callback%d_paddr", count);
31  paddr = PE_(bin_pe_rva_to_paddr)(bin, PE_(bin_pe_va_to_rva)(bin, (PE_DWord)addressOfTLSCallback));
32  sdb_num_set(bin->kv, key, paddr, 0);
33  key = sdb_fmt("pe.tls_callback%d_haddr", count);
34  haddr = callbacks;
35  sdb_num_set(bin->kv, key, haddr, 0);
36  count++;
37  callbacks += sizeof(addressOfTLSCallback);
38  }
39 }
count
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void count
Definition: sflib.h:98
key
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void static offset struct stat static buf void long static basep static whence static length const void static len key
Definition: sflib.h:118
sdb_fmt
RZ_API char * sdb_fmt(const char *fmt,...)
Definition: fmt.c:26
sdb_num_set
RZ_API int sdb_num_set(Sdb *s, const char *key, ut64 v, ut32 cas)
Definition: num.c:25
RZ_BUF_READ_PE_DWORD_AT
#define RZ_BUF_READ_PE_DWORD_AT
Definition: pe_specs.h:29

References bin_pe_rva_to_paddr(), bin_pe_va_to_rva(), count, key, PE_, PE_DWord, RZ_BUF_READ_PE_DWORD_AT, RZ_LOG_INFO, sdb_fmt(), and sdb_num_set().

Referenced by bin_pe_init_tls().

◆ read_tls_directory()

static int read_tls_directory ( RzBuffer b,
ut64  addr,
PE_(image_tls_directory) *  tls_directory 
)
static

Definition at line 50 of file pe_tls.c.

50  {
51  st64 tmp = rz_buf_seek(b, 0, RZ_BUF_CUR);
52  if (tmp < 0) {
53  return -1;
54  }
55 
56  if (rz_buf_seek(b, addr, RZ_BUF_SET) < 0) {
57  return -1;
58  }
59 
60  if (!read_tls_directory_aux(b, tls_directory)) {
61  return -1;
62  }
63 
64  if (rz_buf_seek(b, tmp, RZ_BUF_SET) < 0) {
65  return -1;
66  }
67 
68  return sizeof(PE_(image_tls_directory));
69 }
autogen_x86imm.tmp
tmp
Definition: autogen_x86imm.py:12
read_tls_directory_aux
static bool read_tls_directory_aux(RzBuffer *b, PE_(image_tls_directory) *tls_directory)
Definition: pe_tls.c:41
rz_buf_seek
RZ_API st64 rz_buf_seek(RZ_NONNULL RzBuffer *b, st64 addr, int whence)
Modify the current cursor position in the buffer.
Definition: buf.c:1166
RZ_BUF_CUR
#define RZ_BUF_CUR
Definition: rz_buf.h:15
RZ_BUF_SET
#define RZ_BUF_SET
Definition: rz_buf.h:14
st64
#define st64
Definition: rz_types_base.h:10
b
#define b(i)
Definition: sha256.c:42
addr
static int addr
Definition: z80asm.c:58

References addr, b, PE_, read_tls_directory_aux(), RZ_BUF_CUR, rz_buf_seek(), RZ_BUF_SET, st64, and autogen_x86imm::tmp.

Referenced by bin_pe_init_tls().

◆ read_tls_directory_aux()

static bool read_tls_directory_aux ( RzBuffer b,
PE_(image_tls_directory) *  tls_directory 
)
static

Definition at line 41 of file pe_tls.c.

41  {
42  return rz_buf_read_le32(b, &tls_directory->StartAddressOfRawData) &&
43  rz_buf_read_le32(b, &tls_directory->EndAddressOfRawData) &&
44  rz_buf_read_le32(b, &tls_directory->AddressOfIndex) &&
45  rz_buf_read_le32(b, &tls_directory->AddressOfCallBacks) &&
46  rz_buf_read_le32(b, &tls_directory->SizeOfZeroFill) &&
47  rz_buf_read_le32(b, &tls_directory->Characteristics);
48 }
rz_buf_read_le32
#define rz_buf_read_le32(b, result)
Definition: rz_buf.h:267

References b, and rz_buf_read_le32.

Referenced by read_tls_directory().