Rizin
unix-like reverse engineering framework and cli tools
Macros | Functions
te.c File Reference
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <rz_types.h>
#include <rz_util.h>
#include "te_specs.h"
#include "te.h"

Go to the source code of this file.

Macros

#define macro_str(s)   #s
 
#define rz_buf_read_le8_at(a, b, c)    (rz_buf_read_at(a, b, (ut8 *)c, sizeof(ut8)) == 1)
 
#define parse_header_value(off, bits, key)
 

Functions

ut64 rz_bin_te_get_stripped_delta (struct rz_bin_te_obj_t *bin)
 
static int rz_bin_te_init_hdr (struct rz_bin_te_obj_t *bin)
 
ut64 rz_bin_te_get_main_paddr (struct rz_bin_te_obj_t *bin)
 
static TE_DWord rz_bin_te_vaddr_to_paddr (struct rz_bin_te_obj_t *bin, TE_DWord vaddr)
 
static int rz_bin_te_init_sections (struct rz_bin_te_obj_t *bin)
 
static int rz_bin_te_init (struct rz_bin_te_obj_t *bin)
 
char * rz_bin_te_get_arch (struct rz_bin_te_obj_t *bin)
 
int rz_bin_te_get_bits (struct rz_bin_te_obj_t *bin)
 
RzBinAddrrz_bin_te_get_entrypoint (struct rz_bin_te_obj_t *bin)
 
ut64 rz_bin_te_get_image_base (struct rz_bin_te_obj_t *bin)
 
char * rz_bin_te_get_machine (struct rz_bin_te_obj_t *bin)
 
char * rz_bin_te_get_os (struct rz_bin_te_obj_t *bin)
 
struct rz_bin_te_section_trz_bin_te_get_sections (struct rz_bin_te_obj_t *bin)
 
char * rz_bin_te_get_subsystem (struct rz_bin_te_obj_t *bin)
 
void * rz_bin_te_free (struct rz_bin_te_obj_t *bin)
 
struct rz_bin_te_obj_trz_bin_te_new (const char *file)
 
struct rz_bin_te_obj_trz_bin_te_new_buf (RzBuffer *buf)
 

Macro Definition Documentation

◆ macro_str

#define macro_str (   s)    #s

Definition at line 21 of file te.c.

◆ parse_header_value

#define parse_header_value (   off,
  bits,
  key 
)
Value:
do { \
if (!rz_buf_read_le##bits##_at(bin->b, off, &bin->header->key)) { \
RZ_LOG_ERROR("Cannot read TE_image_file_header." macro_str(key) "\n"); \
return false; \
} \
off += (bits / 8); \
} while (0)
bits
int bits(struct state *s, int need)
Definition: blast.c:72
key
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void static offset struct stat static buf void long static basep static whence static length const void static len key
Definition: sflib.h:118
off
int off
Definition: pal.c:13
bin
Definition: malloc.c:26
macro_str
#define macro_str(s)
Definition: te.c:21

Definition at line 24 of file te.c.

◆ rz_buf_read_le8_at

#define rz_buf_read_le8_at (   a,
  b,
  c 
)     (rz_buf_read_at(a, b, (ut8 *)c, sizeof(ut8)) == 1)

Definition at line 22 of file te.c.

Function Documentation

◆ rz_bin_te_free()

void* rz_bin_te_free ( struct rz_bin_te_obj_t bin)

Definition at line 431 of file te.c.

431  {
432  if (!bin) {
433  return NULL;
434  }
435  free(bin->header);
436  free(bin->section_header);
437  rz_buf_free(bin->b);
438  free(bin);
439  return NULL;
440 }
NULL
#define NULL
Definition: cris-opc.c:27
free
RZ_API void Ht_() free(HtName_(Ht) *ht)
Definition: ht_inc.c:130
rz_buf_free
RZ_API void rz_buf_free(RzBuffer *b)
Free all internal data hold by the buffer and the buffer.
Definition: buf.c:1253

References free(), NULL, and rz_buf_free().

Referenced by destroy(), rz_bin_te_new(), and rz_bin_te_new_buf().

◆ rz_bin_te_get_arch()

char* rz_bin_te_get_arch ( struct rz_bin_te_obj_t bin)

Definition at line 167 of file te.c.

167  {
168  char *arch;
169  if (!bin) {
170  return NULL;
171  }
172  switch (bin->header->Machine) {
173  case TE_IMAGE_FILE_MACHINE_ALPHA:
174  case TE_IMAGE_FILE_MACHINE_ALPHA64:
175  arch = strdup("alpha");
176  break;
177  case TE_IMAGE_FILE_MACHINE_ARM:
178  case TE_IMAGE_FILE_MACHINE_THUMB:
179  arch = strdup("arm");
180  break;
181  case TE_IMAGE_FILE_MACHINE_M68K:
182  arch = strdup("m68k");
183  break;
184  case TE_IMAGE_FILE_MACHINE_MIPS16:
185  case TE_IMAGE_FILE_MACHINE_MIPSFPU:
186  case TE_IMAGE_FILE_MACHINE_MIPSFPU16:
187  case TE_IMAGE_FILE_MACHINE_WCEMIPSV2:
188  arch = strdup("mips");
189  break;
190  case TE_IMAGE_FILE_MACHINE_POWERPC:
191  case TE_IMAGE_FILE_MACHINE_POWERPCFP:
192  arch = strdup("ppc");
193  break;
194  default:
195  arch = strdup("x86");
196  }
197  return arch;
198 }
arch
cs_arch arch
Definition: cstool.c:13
strdup
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")
TE_IMAGE_FILE_MACHINE_POWERPC
#define TE_IMAGE_FILE_MACHINE_POWERPC
Definition: te_specs.h:37
TE_IMAGE_FILE_MACHINE_MIPSFPU
#define TE_IMAGE_FILE_MACHINE_MIPSFPU
Definition: te_specs.h:35
TE_IMAGE_FILE_MACHINE_THUMB
#define TE_IMAGE_FILE_MACHINE_THUMB
Definition: te_specs.h:47
TE_IMAGE_FILE_MACHINE_ARM
#define TE_IMAGE_FILE_MACHINE_ARM
Definition: te_specs.h:25
TE_IMAGE_FILE_MACHINE_ALPHA64
#define TE_IMAGE_FILE_MACHINE_ALPHA64
Definition: te_specs.h:22
TE_IMAGE_FILE_MACHINE_MIPS16
#define TE_IMAGE_FILE_MACHINE_MIPS16
Definition: te_specs.h:34
TE_IMAGE_FILE_MACHINE_M68K
#define TE_IMAGE_FILE_MACHINE_M68K
Definition: te_specs.h:33
TE_IMAGE_FILE_MACHINE_POWERPCFP
#define TE_IMAGE_FILE_MACHINE_POWERPCFP
Definition: te_specs.h:38
TE_IMAGE_FILE_MACHINE_ALPHA
#define TE_IMAGE_FILE_MACHINE_ALPHA
Definition: te_specs.h:21
TE_IMAGE_FILE_MACHINE_WCEMIPSV2
#define TE_IMAGE_FILE_MACHINE_WCEMIPSV2
Definition: te_specs.h:49
TE_IMAGE_FILE_MACHINE_MIPSFPU16
#define TE_IMAGE_FILE_MACHINE_MIPSFPU16
Definition: te_specs.h:36

References arch, NULL, strdup(), TE_IMAGE_FILE_MACHINE_ALPHA, TE_IMAGE_FILE_MACHINE_ALPHA64, TE_IMAGE_FILE_MACHINE_ARM, TE_IMAGE_FILE_MACHINE_M68K, TE_IMAGE_FILE_MACHINE_MIPS16, TE_IMAGE_FILE_MACHINE_MIPSFPU, TE_IMAGE_FILE_MACHINE_MIPSFPU16, TE_IMAGE_FILE_MACHINE_POWERPC, TE_IMAGE_FILE_MACHINE_POWERPCFP, TE_IMAGE_FILE_MACHINE_THUMB, and TE_IMAGE_FILE_MACHINE_WCEMIPSV2.

Referenced by info().

◆ rz_bin_te_get_bits()

int rz_bin_te_get_bits ( struct rz_bin_te_obj_t bin)

Definition at line 200 of file te.c.

200  {
201  return 32; // It is always 32 bit by now
202 }

Referenced by info().

◆ rz_bin_te_get_entrypoint()

RzBinAddr* rz_bin_te_get_entrypoint ( struct rz_bin_te_obj_t bin)

Definition at line 204 of file te.c.

204  {
205  RzBinAddr *entry = NULL;
206 
207  if (!bin || !bin->header) {
208  return NULL;
209  }
210  if (!(entry = malloc(sizeof(RzBinAddr)))) {
211  perror("malloc (entrypoint)");
212  return NULL;
213  }
214  entry->vaddr = bin->header->AddressOfEntryPoint - rz_bin_te_get_stripped_delta(bin);
215  if (entry->vaddr == 0) { // in TE if EP = 0 then EP = baddr
216  entry->vaddr = bin->header->ImageBase;
217  }
218  entry->paddr = rz_bin_te_vaddr_to_paddr(bin, entry->vaddr);
219  return entry;
220 }
malloc
void * malloc(size_t size)
Definition: malloc.c:123
entry
Definition: zipcmp.c:77
rz_bin_addr_t
Definition: rz_bin.h:185
rz_bin_te_get_stripped_delta
ut64 rz_bin_te_get_stripped_delta(struct rz_bin_te_obj_t *bin)
Definition: te.c:14
rz_bin_te_vaddr_to_paddr
static TE_DWord rz_bin_te_vaddr_to_paddr(struct rz_bin_te_obj_t *bin, TE_DWord vaddr)
Definition: te.c:120

References malloc(), NULL, rz_bin_te_get_stripped_delta(), and rz_bin_te_vaddr_to_paddr().

Referenced by entries(), and rz_bin_te_get_main_paddr().

◆ rz_bin_te_get_image_base()

ut64 rz_bin_te_get_image_base ( struct rz_bin_te_obj_t bin)

Definition at line 222 of file te.c.

222  {
223  if (bin && bin->header) {
224  return (ut64)bin->header->ImageBase;
225  }
226  return 0LL;
227 }
ut64
ut64(WINAPI *w32_GetEnabledXStateFeatures)()

References ut64().

Referenced by baddr().

◆ rz_bin_te_get_machine()

char* rz_bin_te_get_machine ( struct rz_bin_te_obj_t bin)

Definition at line 229 of file te.c.

229  {
230  char *machine;
231  if (!bin) {
232  return NULL;
233  }
234  switch (bin->header->Machine) {
235  case TE_IMAGE_FILE_MACHINE_ALPHA:
236  machine = strdup("Alpha");
237  break;
238  case TE_IMAGE_FILE_MACHINE_ALPHA64:
239  machine = strdup("Alpha 64");
240  break;
241  case TE_IMAGE_FILE_MACHINE_AM33:
242  machine = strdup("AM33");
243  break;
244  case TE_IMAGE_FILE_MACHINE_AMD64:
245  machine = strdup("AMD 64");
246  break;
247  case TE_IMAGE_FILE_MACHINE_ARM:
248  machine = strdup("ARM");
249  break;
250  case TE_IMAGE_FILE_MACHINE_CEE:
251  machine = strdup("CEE");
252  break;
253  case TE_IMAGE_FILE_MACHINE_CEF:
254  machine = strdup("CEF");
255  break;
256  case TE_IMAGE_FILE_MACHINE_EBC:
257  machine = strdup("EBC");
258  break;
259  case TE_IMAGE_FILE_MACHINE_I386:
260  machine = strdup("i386");
261  break;
262  case TE_IMAGE_FILE_MACHINE_IA64:
263  machine = strdup("ia64");
264  break;
265  case TE_IMAGE_FILE_MACHINE_M32R:
266  machine = strdup("M32R");
267  break;
268  case TE_IMAGE_FILE_MACHINE_M68K:
269  machine = strdup("M68K");
270  break;
271  case TE_IMAGE_FILE_MACHINE_MIPS16:
272  machine = strdup("Mips 16");
273  break;
274  case TE_IMAGE_FILE_MACHINE_MIPSFPU:
275  machine = strdup("Mips FPU");
276  break;
277  case TE_IMAGE_FILE_MACHINE_MIPSFPU16:
278  machine = strdup("Mips FPU 16");
279  break;
280  case TE_IMAGE_FILE_MACHINE_POWERPC:
281  machine = strdup("PowerPC");
282  break;
283  case TE_IMAGE_FILE_MACHINE_POWERPCFP:
284  machine = strdup("PowerPC FP");
285  break;
286  case TE_IMAGE_FILE_MACHINE_R10000:
287  machine = strdup("R10000");
288  break;
289  case TE_IMAGE_FILE_MACHINE_R3000:
290  machine = strdup("R3000");
291  break;
292  case TE_IMAGE_FILE_MACHINE_R4000:
293  machine = strdup("R4000");
294  break;
295  case TE_IMAGE_FILE_MACHINE_SH3:
296  machine = strdup("SH3");
297  break;
298  case TE_IMAGE_FILE_MACHINE_SH3DSP:
299  machine = strdup("SH3DSP");
300  break;
301  case TE_IMAGE_FILE_MACHINE_SH3E:
302  machine = strdup("SH3E");
303  break;
304  case TE_IMAGE_FILE_MACHINE_SH4:
305  machine = strdup("SH4");
306  break;
307  case TE_IMAGE_FILE_MACHINE_SH5:
308  machine = strdup("SH5");
309  break;
310  case TE_IMAGE_FILE_MACHINE_THUMB:
311  machine = strdup("Thumb");
312  break;
313  case TE_IMAGE_FILE_MACHINE_TRICORE:
314  machine = strdup("Tricore");
315  break;
316  case TE_IMAGE_FILE_MACHINE_WCEMIPSV2:
317  machine = strdup("WCE Mips V2");
318  break;
319  default:
320  machine = strdup("unknown");
321  }
322  return machine;
323 }
TE_IMAGE_FILE_MACHINE_R3000
#define TE_IMAGE_FILE_MACHINE_R3000
Definition: te_specs.h:40
TE_IMAGE_FILE_MACHINE_I386
#define TE_IMAGE_FILE_MACHINE_I386
Definition: te_specs.h:30
TE_IMAGE_FILE_MACHINE_SH3DSP
#define TE_IMAGE_FILE_MACHINE_SH3DSP
Definition: te_specs.h:43
TE_IMAGE_FILE_MACHINE_CEF
#define TE_IMAGE_FILE_MACHINE_CEF
Definition: te_specs.h:28
TE_IMAGE_FILE_MACHINE_EBC
#define TE_IMAGE_FILE_MACHINE_EBC
Definition: te_specs.h:29
TE_IMAGE_FILE_MACHINE_R4000
#define TE_IMAGE_FILE_MACHINE_R4000
Definition: te_specs.h:41
TE_IMAGE_FILE_MACHINE_IA64
#define TE_IMAGE_FILE_MACHINE_IA64
Definition: te_specs.h:31
TE_IMAGE_FILE_MACHINE_SH5
#define TE_IMAGE_FILE_MACHINE_SH5
Definition: te_specs.h:46
TE_IMAGE_FILE_MACHINE_SH4
#define TE_IMAGE_FILE_MACHINE_SH4
Definition: te_specs.h:45
TE_IMAGE_FILE_MACHINE_M32R
#define TE_IMAGE_FILE_MACHINE_M32R
Definition: te_specs.h:32
TE_IMAGE_FILE_MACHINE_CEE
#define TE_IMAGE_FILE_MACHINE_CEE
Definition: te_specs.h:27
TE_IMAGE_FILE_MACHINE_AMD64
#define TE_IMAGE_FILE_MACHINE_AMD64
Definition: te_specs.h:24
TE_IMAGE_FILE_MACHINE_AM33
#define TE_IMAGE_FILE_MACHINE_AM33
Definition: te_specs.h:23
TE_IMAGE_FILE_MACHINE_SH3
#define TE_IMAGE_FILE_MACHINE_SH3
Definition: te_specs.h:42
TE_IMAGE_FILE_MACHINE_TRICORE
#define TE_IMAGE_FILE_MACHINE_TRICORE
Definition: te_specs.h:48
TE_IMAGE_FILE_MACHINE_R10000
#define TE_IMAGE_FILE_MACHINE_R10000
Definition: te_specs.h:39
TE_IMAGE_FILE_MACHINE_SH3E
#define TE_IMAGE_FILE_MACHINE_SH3E
Definition: te_specs.h:44

References NULL, strdup(), TE_IMAGE_FILE_MACHINE_ALPHA, TE_IMAGE_FILE_MACHINE_ALPHA64, TE_IMAGE_FILE_MACHINE_AM33, TE_IMAGE_FILE_MACHINE_AMD64, TE_IMAGE_FILE_MACHINE_ARM, TE_IMAGE_FILE_MACHINE_CEE, TE_IMAGE_FILE_MACHINE_CEF, TE_IMAGE_FILE_MACHINE_EBC, TE_IMAGE_FILE_MACHINE_I386, TE_IMAGE_FILE_MACHINE_IA64, TE_IMAGE_FILE_MACHINE_M32R, TE_IMAGE_FILE_MACHINE_M68K, TE_IMAGE_FILE_MACHINE_MIPS16, TE_IMAGE_FILE_MACHINE_MIPSFPU, TE_IMAGE_FILE_MACHINE_MIPSFPU16, TE_IMAGE_FILE_MACHINE_POWERPC, TE_IMAGE_FILE_MACHINE_POWERPCFP, TE_IMAGE_FILE_MACHINE_R10000, TE_IMAGE_FILE_MACHINE_R3000, TE_IMAGE_FILE_MACHINE_R4000, TE_IMAGE_FILE_MACHINE_SH3, TE_IMAGE_FILE_MACHINE_SH3DSP, TE_IMAGE_FILE_MACHINE_SH3E, TE_IMAGE_FILE_MACHINE_SH4, TE_IMAGE_FILE_MACHINE_SH5, TE_IMAGE_FILE_MACHINE_THUMB, TE_IMAGE_FILE_MACHINE_TRICORE, and TE_IMAGE_FILE_MACHINE_WCEMIPSV2.

Referenced by info().

◆ rz_bin_te_get_main_paddr()

ut64 rz_bin_te_get_main_paddr ( struct rz_bin_te_obj_t bin)

Definition at line 95 of file te.c.

95  {
96  RzBinAddr *entry = rz_bin_te_get_entrypoint(bin);
97  ut64 addr = 0LL;
98  ut8 buf[512];
99  if (!bin) {
100  return 0LL;
101  }
102  if (rz_buf_read_at(bin->b, entry->paddr, buf, sizeof(buf)) == -1) {
103  eprintf("Error: read (entry)\n");
104  } else {
105  if (buf[367] == 0xe8) {
106  int delta = (buf[368] | buf[369] << 8 | buf[370] << 16 | buf[371] << 24);
107  delta += 367 + 5;
108  addr = entry->vaddr;
109  if (delta >= (UT64_MAX - addr)) {
110  free(entry);
111  return UT64_MAX;
112  }
113  addr += delta;
114  }
115  }
116  free(entry);
117  return addr;
118 }
buf
voidpf void * buf
Definition: ioapi.h:138
ut8
uint8_t ut8
Definition: lh5801.h:11
eprintf
#define eprintf(x, y...)
Definition: rlcc.c:7
rz_buf_read_at
RZ_API st64 rz_buf_read_at(RZ_NONNULL RzBuffer *b, ut64 addr, RZ_NONNULL RZ_OUT ut8 *buf, ut64 len)
Read len bytes of the buffer at the specified address.
Definition: buf.c:1136
UT64_MAX
#define UT64_MAX
Definition: rz_types_base.h:86
rz_bin_te_get_entrypoint
RzBinAddr * rz_bin_te_get_entrypoint(struct rz_bin_te_obj_t *bin)
Definition: te.c:204
delta
static st64 delta
Definition: vmenus.c:2425
addr
static int addr
Definition: z80asm.c:58

References addr, delta, eprintf, free(), rz_bin_te_get_entrypoint(), rz_buf_read_at(), ut64(), and UT64_MAX.

Referenced by binsym().

◆ rz_bin_te_get_os()

char* rz_bin_te_get_os ( struct rz_bin_te_obj_t bin)

Definition at line 325 of file te.c.

325  {
326  char *os;
327  if (!bin) {
328  return NULL;
329  }
330 
331  switch (bin->header->Subsystem) {
332  case TE_IMAGE_SUBSYSTEM_NATIVE:
333  os = strdup("native");
334  break;
335  case TE_IMAGE_SUBSYSTEM_WINDOWS_GUI:
336  case TE_IMAGE_SUBSYSTEM_WINDOWS_CUI:
337  case TE_IMAGE_SUBSYSTEM_WINDOWS_CE_GUI:
338  os = strdup("windows");
339  break;
340  case TE_IMAGE_SUBSYSTEM_POSIX_CUI:
341  os = strdup("posix");
342  break;
343  case TE_IMAGE_SUBSYSTEM_EFI_APPLICATION:
344  case TE_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER:
345  case TE_IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER:
346  case TE_IMAGE_SUBSYSTEM_EFI_ROM:
347  os = strdup("efi");
348  break;
349  case TE_IMAGE_SUBSYSTEM_XBOX:
350  os = strdup("xbox");
351  break;
352  default:
353  // XXX: this is unknown
354  os = strdup("windows");
355  }
356  return os;
357 }
TE_IMAGE_SUBSYSTEM_WINDOWS_GUI
#define TE_IMAGE_SUBSYSTEM_WINDOWS_GUI
Definition: te_specs.h:58
TE_IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER
#define TE_IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER
Definition: te_specs.h:64
TE_IMAGE_SUBSYSTEM_NATIVE
#define TE_IMAGE_SUBSYSTEM_NATIVE
Definition: te_specs.h:57
TE_IMAGE_SUBSYSTEM_POSIX_CUI
#define TE_IMAGE_SUBSYSTEM_POSIX_CUI
Definition: te_specs.h:60
TE_IMAGE_SUBSYSTEM_WINDOWS_CUI
#define TE_IMAGE_SUBSYSTEM_WINDOWS_CUI
Definition: te_specs.h:59
TE_IMAGE_SUBSYSTEM_EFI_APPLICATION
#define TE_IMAGE_SUBSYSTEM_EFI_APPLICATION
Definition: te_specs.h:62
TE_IMAGE_SUBSYSTEM_EFI_ROM
#define TE_IMAGE_SUBSYSTEM_EFI_ROM
Definition: te_specs.h:65
TE_IMAGE_SUBSYSTEM_XBOX
#define TE_IMAGE_SUBSYSTEM_XBOX
Definition: te_specs.h:66
TE_IMAGE_SUBSYSTEM_WINDOWS_CE_GUI
#define TE_IMAGE_SUBSYSTEM_WINDOWS_CE_GUI
Definition: te_specs.h:61
TE_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER
#define TE_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER
Definition: te_specs.h:63

References NULL, strdup(), TE_IMAGE_SUBSYSTEM_EFI_APPLICATION, TE_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER, TE_IMAGE_SUBSYSTEM_EFI_ROM, TE_IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER, TE_IMAGE_SUBSYSTEM_NATIVE, TE_IMAGE_SUBSYSTEM_POSIX_CUI, TE_IMAGE_SUBSYSTEM_WINDOWS_CE_GUI, TE_IMAGE_SUBSYSTEM_WINDOWS_CUI, TE_IMAGE_SUBSYSTEM_WINDOWS_GUI, and TE_IMAGE_SUBSYSTEM_XBOX.

Referenced by info().

◆ rz_bin_te_get_sections()

struct rz_bin_te_section_t* rz_bin_te_get_sections ( struct rz_bin_te_obj_t bin)

Definition at line 359 of file te.c.

359  {
360  struct rz_bin_te_section_t *sections = NULL;
361  TE_image_section_header *shdr;
362  int i, sections_count;
363  if (!bin) {
364  return NULL;
365  }
366  shdr = bin->section_header;
367  sections_count = bin->header->NumberOfSections;
368 
369  if (!(sections = calloc((sections_count + 1), sizeof(struct rz_bin_te_section_t)))) {
370  perror("malloc (sections)");
371  return NULL;
372  }
373  for (i = 0; i < sections_count; i++) {
374  memcpy(sections[i].name, shdr[i].Name, TE_IMAGE_SIZEOF_NAME);
375  // not a null terminated string if len==buflen
376  // sections[i].name[TE_IMAGE_SIZEOF_NAME] = '\0';
377  sections[i].vaddr = shdr[i].VirtualAddress - rz_bin_te_get_stripped_delta(bin);
378  sections[i].size = shdr[i].SizeOfRawData;
379  sections[i].vsize = shdr[i].VirtualSize;
380  sections[i].paddr = shdr[i].PointerToRawData - rz_bin_te_get_stripped_delta(bin);
381  sections[i].flags = shdr[i].Characteristics;
382  sections[i].last = 0;
383  }
384  sections[i].last = 1;
385  return sections;
386 }
i
lzma_index ** i
Definition: index.h:629
sections
RzList * sections(RzBinFile *bf)
Definition: bin_ne.c:110
memcpy
memcpy(mem, inblock.get(), min(CONTAINING_RECORD(inblock.get(), MEMBLOCK, data) ->size, size))
calloc
void * calloc(size_t number, size_t size)
Definition: malloc.c:102
TE_image_section_header
Definition: te_specs.h:92
TE_image_section_header::Characteristics
ut32 Characteristics
Definition: te_specs.h:102
TE_image_section_header::VirtualAddress
ut32 VirtualAddress
Definition: te_specs.h:95
TE_image_section_header::VirtualSize
ut32 VirtualSize
Definition: te_specs.h:94
TE_image_section_header::SizeOfRawData
ut32 SizeOfRawData
Definition: te_specs.h:96
TE_image_section_header::PointerToRawData
ut32 PointerToRawData
Definition: te_specs.h:97
name
Definition: z80asm.h:102
rz_bin_te_section_t
Definition: te.h:18
TE_IMAGE_SIZEOF_NAME
#define TE_IMAGE_SIZEOF_NAME
Definition: te_specs.h:85

References calloc(), TE_image_section_header::Characteristics, i, memcpy(), NULL, TE_image_section_header::PointerToRawData, rz_bin_te_get_stripped_delta(), sections(), TE_image_section_header::SizeOfRawData, TE_IMAGE_SIZEOF_NAME, TE_image_section_header::VirtualAddress, and TE_image_section_header::VirtualSize.

Referenced by sections().

◆ rz_bin_te_get_stripped_delta()

ut64 rz_bin_te_get_stripped_delta ( struct rz_bin_te_obj_t bin)

Definition at line 14 of file te.c.

14  {
15  if (bin && bin->header) {
16  return bin->header->StrippedSize - sizeof(TE_image_file_header);
17  }
18  return 0LL;
19 }
TE_image_file_header
Definition: te_specs.h:73

Referenced by rz_bin_te_get_entrypoint(), and rz_bin_te_get_sections().

◆ rz_bin_te_get_subsystem()

char* rz_bin_te_get_subsystem ( struct rz_bin_te_obj_t bin)

Definition at line 388 of file te.c.

388  {
389  char *subsystem;
390 
391  if (!bin) {
392  return NULL;
393  }
394  switch (bin->header->Subsystem) {
395  case TE_IMAGE_SUBSYSTEM_NATIVE:
396  subsystem = strdup("Native");
397  break;
398  case TE_IMAGE_SUBSYSTEM_WINDOWS_GUI:
399  subsystem = strdup("Windows GUI");
400  break;
401  case TE_IMAGE_SUBSYSTEM_WINDOWS_CUI:
402  subsystem = strdup("Windows CUI");
403  break;
404  case TE_IMAGE_SUBSYSTEM_POSIX_CUI:
405  subsystem = strdup("POSIX CUI");
406  break;
407  case TE_IMAGE_SUBSYSTEM_WINDOWS_CE_GUI:
408  subsystem = strdup("Windows CE GUI");
409  break;
410  case TE_IMAGE_SUBSYSTEM_EFI_APPLICATION:
411  subsystem = strdup("EFI Application");
412  break;
413  case TE_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER:
414  subsystem = strdup("EFI Boot Service Driver");
415  break;
416  case TE_IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER:
417  subsystem = strdup("EFI Runtime Driver");
418  break;
419  case TE_IMAGE_SUBSYSTEM_EFI_ROM:
420  subsystem = strdup("EFI ROM");
421  break;
422  case TE_IMAGE_SUBSYSTEM_XBOX:
423  subsystem = strdup("XBOX");
424  break;
425  default:
426  subsystem = strdup("Unknown");
427  }
428  return subsystem;
429 }

References NULL, strdup(), TE_IMAGE_SUBSYSTEM_EFI_APPLICATION, TE_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER, TE_IMAGE_SUBSYSTEM_EFI_ROM, TE_IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER, TE_IMAGE_SUBSYSTEM_NATIVE, TE_IMAGE_SUBSYSTEM_POSIX_CUI, TE_IMAGE_SUBSYSTEM_WINDOWS_CE_GUI, TE_IMAGE_SUBSYSTEM_WINDOWS_CUI, TE_IMAGE_SUBSYSTEM_WINDOWS_GUI, and TE_IMAGE_SUBSYSTEM_XBOX.

Referenced by info().

◆ rz_bin_te_init()

static int rz_bin_te_init ( struct rz_bin_te_obj_t bin)
static

Definition at line 152 of file te.c.

152  {
153  bin->header = NULL;
154  bin->section_header = NULL;
155  bin->endian = 0;
156  if (!rz_bin_te_init_hdr(bin)) {
157  eprintf("Warning: File is not TE\n");
158  return false;
159  }
160  if (!rz_bin_te_init_sections(bin)) {
161  eprintf("Warning: Cannot initialize sections\n");
162  return false;
163  }
164  return true;
165 }
rz_bin_te_init_sections
static int rz_bin_te_init_sections(struct rz_bin_te_obj_t *bin)
Definition: te.c:134
rz_bin_te_init_hdr
static int rz_bin_te_init_hdr(struct rz_bin_te_obj_t *bin)
Definition: te.c:33

References eprintf, NULL, rz_bin_te_init_hdr(), and rz_bin_te_init_sections().

Referenced by rz_bin_te_new(), and rz_bin_te_new_buf().

◆ rz_bin_te_init_hdr()

static int rz_bin_te_init_hdr ( struct rz_bin_te_obj_t bin)
static

Definition at line 33 of file te.c.

33  {
34  if (!bin) {
35  return false;
36  } else if (!bin->kv) {
37  RZ_LOG_ERROR("Sdb instance is empty\n");
38  return false;
39  } else if (!(bin->header = malloc(sizeof(TE_image_file_header)))) {
40  RZ_LOG_ERROR("cannot allocate TE_image_file_header\n");
41  return false;
42  }
43 
44  ut64 offset = 0;
45  parse_header_value(offset, 16, Signature);
46  parse_header_value(offset, 16, Machine);
47  parse_header_value(offset, 8, NumberOfSections);
48  parse_header_value(offset, 8, Subsystem);
49  parse_header_value(offset, 16, StrippedSize);
50  parse_header_value(offset, 32, AddressOfEntryPoint);
51  parse_header_value(offset, 32, BaseOfCode);
52  parse_header_value(offset, 64, ImageBase);
53  parse_header_value(offset, 32, DataDirectory[0].VirtualAddress);
54  parse_header_value(offset, 32, DataDirectory[0].Size);
55  parse_header_value(offset, 32, DataDirectory[1].VirtualAddress);
56  parse_header_value(offset, 32, DataDirectory[1].Size);
57 
58  sdb_set(bin->kv, "te_machine.cparse", "enum te_machine { TE_IMAGE_FILE_MACHINE_UNKNOWN=0x0, TE_IMAGE_FILE_MACHINE_ALPHA=0x184, "
59  "TE_IMAGE_FILE_MACHINE_ALPHA64=0x284, TE_IMAGE_FILE_MACHINE_AM33=0x1d3, TE_IMAGE_FILE_MACHINE_AMD64=0x8664, "
60  "TE_IMAGE_FILE_MACHINE_ARM=0x1c0, TE_IMAGE_FILE_MACHINE_AXP64=0x184, TE_IMAGE_FILE_MACHINE_CEE=0xc0ee, "
61  "TE_IMAGE_FILE_MACHINE_CEF=0x0cef, TE_IMAGE_FILE_MACHINE_EBC=0x0ebc, TE_IMAGE_FILE_MACHINE_I386=0x014c, "
62  "TE_IMAGE_FILE_MACHINE_IA64=0x0200, TE_IMAGE_FILE_MACHINE_M32R=0x9041, TE_IMAGE_FILE_MACHINE_M68K=0x0268, "
63  "TE_IMAGE_FILE_MACHINE_MIPS16=0x0266, TE_IMAGE_FILE_MACHINE_MIPSFPU=0x0366, TE_IMAGE_FILE_MACHINE_MIPSFPU16=0x0466, "
64  "TE_IMAGE_FILE_MACHINE_POWERPC=0x01f0, TE_IMAGE_FILE_MACHINE_POWERPCFP=0x01f1, TE_IMAGE_FILE_MACHINE_R10000=0x0168, "
65  "TE_IMAGE_FILE_MACHINE_R3000=0x0162, TE_IMAGE_FILE_MACHINE_R4000=0x0166, TE_IMAGE_FILE_MACHINE_SH3=0x01a2, "
66  "TE_IMAGE_FILE_MACHINE_SH3DSP=0x01a3, TE_IMAGE_FILE_MACHINE_SH3E=0x01a4, TE_IMAGE_FILE_MACHINE_SH4=0x01a6, "
67  "TE_IMAGE_FILE_MACHINE_SH5=0x01a8, TE_IMAGE_FILE_MACHINE_THUMB=0x01c2, TE_IMAGE_FILE_MACHINE_TRICORE=0x0520, "
68  "TE_IMAGE_FILE_MACHINE_WCEMIPSV2=0x0169};",
69  0);
70  sdb_set(bin->kv, "te_subsystem.cparse", "enum te_subsystem { TE_IMAGE_SUBSYSTEM_UNKNOWN=0, TE_IMAGE_SUBSYSTEM_NATIVE=1, "
71  "TE_IMAGE_SUBSYSTEM_WINDOWS_GUI=2, TE_IMAGE_SUBSYSTEM_WINDOWS_CUI=3, "
72  "TE_IMAGE_SUBSYSTEM_POSIX_CUI=7, TE_IMAGE_SUBSYSTEM_WINDOWS_CE_GU=9, "
73  "TE_IMAGE_SUBSYSTEM_EFI_APPLICATION=10, TE_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER=11, TE_IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER=12, "
74  "TE_IMAGE_SUBSYSTEM_EFI_ROM=13, TE_IMAGE_SUBSYSTEM_XBOX=14};",
75  0);
76  sdb_num_set(bin->kv, "te_header.offset", 0, 0);
77  sdb_set(bin->kv, "te_header.format", "[2]z[2]Eb[1]Ewxxq"
78  " Signature (te_machine)Machine NumberOfSections (te_subsystem)Subsystem StrippedSize AddressOfEntryPoint BaseOfCode ImageBase",
79  0);
80  sdb_num_set(bin->kv, "te_directory1_header.offset", 24, 0);
81  sdb_set(bin->kv, "te_directory1_header.format", "xx"
82  " VirtualAddress Size",
83  0);
84  sdb_num_set(bin->kv, "te_directory2_header.offset", 32, 0);
85  sdb_set(bin->kv, "te_directory2_header.format", "xx"
86  " VirtualAddress Size",
87  0);
88 
89  if (strncmp((char *)&bin->header->Signature, "VZ", 2)) {
90  return false;
91  }
92  return true;
93 }
offset
voidpf uLong offset
Definition: ioapi.h:144
sdb_num_set
RZ_API int sdb_num_set(Sdb *s, const char *key, ut64 v, ut32 cas)
Definition: num.c:25
RZ_LOG_ERROR
#define RZ_LOG_ERROR(fmtstr,...)
Definition: rz_log.h:58
sdb_set
RZ_API int sdb_set(Sdb *s, const char *key, const char *val, ut32 cas)
Definition: sdb.c:611
parse_header_value
#define parse_header_value(off, bits, key)
Definition: te.c:24

References malloc(), parse_header_value, RZ_LOG_ERROR, sdb_num_set(), sdb_set(), and ut64().

Referenced by rz_bin_te_init().

◆ rz_bin_te_init_sections()

static int rz_bin_te_init_sections ( struct rz_bin_te_obj_t bin)
static

Definition at line 134 of file te.c.

134  {
135  int sections_size = sizeof(TE_image_section_header) * bin->header->NumberOfSections;
136  if (sections_size > bin->size) {
137  eprintf("Invalid NumberOfSections value\n");
138  return false;
139  }
140  if (!(bin->section_header = malloc(sections_size))) {
141  perror("malloc (sections headers)");
142  return false;
143  }
144  if (rz_buf_read_at(bin->b, sizeof(TE_image_file_header),
145  (ut8 *)bin->section_header, sections_size) == -1) {
146  eprintf("Error: read (sections headers)\n");
147  return false;
148  }
149  return true;
150 }
if
if(dbg->bits==RZ_SYS_BITS_64)
Definition: windows-arm64.h:4

References eprintf, if(), malloc(), and rz_buf_read_at().

Referenced by rz_bin_te_init().

◆ rz_bin_te_new()

struct rz_bin_te_obj_t* rz_bin_te_new ( const char *  file)

Definition at line 442 of file te.c.

442  {
443  struct rz_bin_te_obj_t *bin = RZ_NEW0(struct rz_bin_te_obj_t);
444  if (!bin) {
445  return NULL;
446  }
447  bin->file = file;
448  size_t binsz;
449  ut8 *buf = (ut8 *)rz_file_slurp(file, &binsz);
450  bin->size = binsz;
451  if (!buf) {
452  return rz_bin_te_free(bin);
453  }
454  bin->b = rz_buf_new_with_bytes(NULL, 0);
455  if (!rz_buf_set_bytes(bin->b, buf, bin->size)) {
456  free(buf);
457  return rz_bin_te_free(bin);
458  }
459  free(buf);
460  if (!rz_bin_te_init(bin)) {
461  return rz_bin_te_free(bin);
462  }
463  return bin;
464 }
rz_buf_set_bytes
RZ_API bool rz_buf_set_bytes(RZ_NONNULL RzBuffer *b, RZ_NONNULL const ut8 *buf, ut64 len)
Replace the content of the buffer with the bytes array.
Definition: buf.c:905
rz_buf_new_with_bytes
RZ_API RZ_OWN RzBuffer * rz_buf_new_with_bytes(RZ_NULLABLE RZ_BORROW const ut8 *bytes, ut64 len)
Creates a new buffer with a bytes array.
Definition: buf.c:465
rz_file_slurp
RZ_API RZ_OWN char * rz_file_slurp(const char *str, RZ_NULLABLE size_t *usz)
Definition: file.c:454
RZ_NEW0
#define RZ_NEW0(x)
Definition: rz_types.h:284
file
Definition: gzappend.c:170
rz_bin_te_obj_t
Definition: te.h:37
rz_bin_te_free
void * rz_bin_te_free(struct rz_bin_te_obj_t *bin)
Definition: te.c:431
rz_bin_te_init
static int rz_bin_te_init(struct rz_bin_te_obj_t *bin)
Definition: te.c:152
file
static int file
Definition: z80asm.c:58

References file, free(), NULL, rz_bin_te_free(), rz_bin_te_init(), rz_buf_new_with_bytes(), rz_buf_set_bytes(), rz_file_slurp(), and RZ_NEW0.

◆ rz_bin_te_new_buf()

struct rz_bin_te_obj_t* rz_bin_te_new_buf ( RzBuffer buf)

Definition at line 466 of file te.c.

466  {
467  struct rz_bin_te_obj_t *bin = RZ_NEW0(struct rz_bin_te_obj_t);
468  if (!bin) {
469  return NULL;
470  }
471  bin->kv = sdb_new0();
472  bin->size = rz_buf_size(buf);
473  bin->b = rz_buf_new_with_buf(buf);
474  if (!bin->b) {
475  return rz_bin_te_free(bin);
476  }
477  if (!rz_bin_te_init(bin)) {
478  return rz_bin_te_free(bin);
479  }
480  return bin;
481 }
rz_buf_new_with_buf
RZ_API RZ_OWN RzBuffer * rz_buf_new_with_buf(RzBuffer *b)
Creates a new buffer from a source buffer.
Definition: buf.c:448
rz_buf_size
RZ_API ut64 rz_buf_size(RZ_NONNULL RzBuffer *b)
Return the size of the buffer.
Definition: buf.c:1225
sdb_new0
RZ_API Sdb * sdb_new0(void)
Definition: sdb.c:43

References NULL, rz_bin_te_free(), rz_bin_te_init(), rz_buf_new_with_buf(), rz_buf_size(), RZ_NEW0, and sdb_new0().

Referenced by load_buffer().

◆ rz_bin_te_vaddr_to_paddr()

static TE_DWord rz_bin_te_vaddr_to_paddr ( struct rz_bin_te_obj_t bin,
TE_DWord  vaddr 
)
static

Definition at line 120 of file te.c.

120  {
121  TE_DWord section_base;
122  int i, section_size;
123 
124  for (i = 0; i < bin->header->NumberOfSections; i++) {
125  section_base = bin->section_header[i].VirtualAddress;
126  section_size = bin->section_header[i].VirtualSize;
127  if (vaddr >= section_base && vaddr < section_base + section_size) {
128  return bin->section_header[i].PointerToRawData + (vaddr - section_base);
129  }
130  }
131  return 0;
132 }
TE_DWord
#define TE_DWord
Definition: te_specs.h:11

References i, and TE_DWord.

Referenced by rz_bin_te_get_entrypoint().