Add a few component identifications #987
Conversation
Signed-off-by: Jens Lucius <github@jenslucius.de>
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Thank you for contributing a pull request!
Welcome to the EMBA firmware analysis community!
We are glad you are here and appreciate your contribution. Please keep in mind our contributing guidelines here and here.
Also, please check existing open issues and consider to open a discussion in the dedicated discussion area.
Additionally, we have collected a lot of details around EMBA, the installation and the usage of EMBA in our Wiki.
If you like EMBA you have the chance to support us by becoming a Sponsor or buying some beer here.
This is an automatic message. Allow for time for the EMBA community to be able to read the pull request and comment on it.
config/bin_version_strings.cfg
Outdated
| libjpeg;;bsd-style;"Independent\ JPEG\ Group.s\ CJPEG,\ version\ [0-9][a-z]\ \ [0-9]+-[A-Za-z]+-[0-9]+$";"sed -r 's/Independent\ JPEG\ Group.s\ CJPEG,\ version\ ([0-9][a-z])\ .*/libjpeg:\1/'"; | ||
| libjpeg-turbo;;bsd-style;"^libjpeg-turbo\ version\ [0-9](\.[0-9]+)+?\ \(build\ [0-9]+\)$";"sed -r 's/libjpeg-turbo\ version\ ([0-9](\.[0-9]+)+?)\ .*/libgjpeg-turbo:\1/'"; | ||
| libjson-c;multi_grep;mit;'"^INTERNAL ERROR: _json_c_visit"&&"^[0-9](\.[0-9]+)?+$"';"sed -r 's/([0-9](\.[0-9]+)+?)$/json-c:\1/'"; | ||
| liblz4.so;strict;unknown;"^[0-9](\.[0-9]+)+?$";"sed -r 's/([0-9](\.[0-9]+)+?)$/liblz4:\1/'"; |
There was a problem hiding this comment.
do we have some kind of identfier that we can use for multi_grep? We are now trying to avoid strict identifiers.
Same on 353 and 355
There was a problem hiding this comment.
If you mean liblz4 here, no unfortunately there was no unique identifier. With strings I only get the function names and these are not unique. I can provide the library to you if you want to check if there is a better idea.
There was a problem hiding this comment.
can we search for multiple non unique strings? We can combine more than two search strings
There was a problem hiding this comment.
I know, priority for me would be to avoid false positives, I have no idea what to use then, here is the library:
liblzma.so.5.2.5.zip
There was a problem hiding this comment.
hmmm, we could use the library SONAME:
0x000000000000000e (SONAME) Library soname: [liblzma.so.5]
└─$ strings ~/Downloads/liblzma.so.5.2.5 | grep liblzma
liblzma.so.5
and one function name like "lzma_version_string"
The third identifier ist then the version itself
What do you mean?
There was a problem hiding this comment.
@m-1-k-3 : I currently have problems that the multi grep is not working any more for me. I thought i messed up my environment, but even after a clean reinstall it does not work. Can you quickly confirm that multi-grep is still working for you in the latest emba version?
There was a problem hiding this comment.
not good ... not good
Will check here
There was a problem hiding this comment.
indeed ... it is broken. Will fix it
There was a problem hiding this comment.
Could you do a check if it is also working for you again?
There was a problem hiding this comment.
@m-1-k-3 : Working again and I just verified that my additions are working. Do we have open points to fix ?
…identifiers Signed-off-by: Jens Lucius <github@jenslucius.de>
Add multi-grep for liblzma and fix libxml Signed-off-by: Jens Lucius <github@jenslucius.de>
Signed-off-by: Jens Lucius <github@jenslucius.de>
|
Thank your for your work with all these new identifiers. |
What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
Add more component identifications
What is the current behavior? (You can also link to an open issue here)
Components are not identified
What is the new behavior (if this is a feature change)? If possible add a screenshot.
Components are identified
Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)
No
Other information: