Skip to content

Commit

Permalink
Add coredump support in LIEF
Browse files Browse the repository at this point in the history
  • Loading branch information
nezetic authored and romainthomas committed Apr 18, 2019
1 parent 4608af8 commit 9fc3a8a
Show file tree
Hide file tree
Showing 72 changed files with 5,115 additions and 309 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ Main features:
- [How to use frida on a non-rooted device](https://lief.quarkslab.com/doc/latest/tutorials/09_frida_lief.html)
- [Android formats](https://lief.quarkslab.com/doc/latest/tutorials/10_android_formats.html)
- [Mach-O modification](https://lief.quarkslab.com/doc/latest/tutorials/11_macho_modification.html)
- [ELF Coredump](https://lief.quarkslab.com/doc/latest/tutorials/12_elf_coredump.html)
- [Contact](#contact)
- [About](#about)
- [Authors](#authors)
Expand Down
4 changes: 3 additions & 1 deletion api/python/ELF/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -28,11 +28,13 @@ set(LIEF_PYTHON_ELF_SRC

set(LIEF_PYTHON_ELF_NOTE
"${CMAKE_CURRENT_LIST_DIR}/objects/pyNote.cpp"
"${CMAKE_CURRENT_LIST_DIR}/objects/pyAndroidNote.cpp"
"${CMAKE_CURRENT_LIST_DIR}/objects/pyNoteDetails.cpp"
)

list(APPEND LIEF_PYTHON_ELF_SRC ${LIEF_PYTHON_ELF_NOTE})

include("${CMAKE_CURRENT_LIST_DIR}/objects/NoteDetails/CMakeLists.txt")

set(LIEF_PYTHON_ELF_HDR
"${CMAKE_CURRENT_LIST_DIR}/pyELF.hpp")

Expand Down
11 changes: 11 additions & 0 deletions api/python/ELF/objects/NoteDetails/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
set(LIEF_PYTHON_ELF_NOTE_DETAILS_SRC
"${CMAKE_CURRENT_LIST_DIR}/pyAndroidNote.cpp"
"${CMAKE_CURRENT_LIST_DIR}/pyNoteAbi.cpp"
)

target_sources(pyLIEF PRIVATE "${LIEF_PYTHON_ELF_NOTE_DETAILS_SRC}")

include("${CMAKE_CURRENT_LIST_DIR}/core/CMakeLists.txt")



12 changes: 12 additions & 0 deletions api/python/ELF/objects/NoteDetails/core/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
set(LIEF_PYTHON_ELF_NOTE_DETAILS_CORE
"${CMAKE_CURRENT_LIST_DIR}/pyCorePrPsInfo.cpp"
"${CMAKE_CURRENT_LIST_DIR}/pyCoreFile.cpp"
"${CMAKE_CURRENT_LIST_DIR}/pyCoreFileEntry.cpp"
"${CMAKE_CURRENT_LIST_DIR}/pyCorePrStatus.cpp"
"${CMAKE_CURRENT_LIST_DIR}/pyCoreAuxv.cpp"
"${CMAKE_CURRENT_LIST_DIR}/pyCoreSigInfo.cpp"
)
target_sources(pyLIEF PRIVATE "${LIEF_PYTHON_ELF_NOTE_DETAILS_CORE}")



142 changes: 142 additions & 0 deletions api/python/ELF/objects/NoteDetails/core/pyCoreAuxv.cpp
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
/* Copyright 2017 R. Thomas
* Copyright 2017 Quarkslab
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <string>
#include <sstream>

#include "pyELF.hpp"

#include "LIEF/ELF/hash.hpp"
#include "LIEF/ELF/NoteDetails/core/CoreAuxv.hpp"

#include "LIEF/ELF/EnumToString.hpp"

#include "enums_wrapper.hpp"

#define PY_ENUM(x) LIEF::ELF::to_string(x), x

namespace LIEF {
namespace ELF {

template<class T>
using getter_t = T (CoreAuxv::*)(void) const;

template<class T>
using setter_t = void (CoreAuxv::*)(T);

template<>
void create<CoreAuxv>(py::module& m) {

py::class_<CoreAuxv, NoteDetails> cls(m, "CoreAuxv");

cls
.def_property("values",
static_cast<getter_t<const CoreAuxv::val_context_t&>>(&CoreAuxv::values),
static_cast<setter_t<const CoreAuxv::val_context_t&>>(&CoreAuxv::values),
"Current values as a dictionarry whose keys are AUXV types")

.def("get",
[] (const CoreAuxv& status, AUX_TYPE atype) -> py::object {
bool error;
uint64_t val = status.get(atype, &error);
if (error) {
return py::none();
}
return py::int_(val);
},
"Return the type value",
"type"_a)

.def("set",
&CoreAuxv::set,
"Set type value",
"type"_a, "value"_a)

.def("has",
&CoreAuxv::has,
"Check if a value is associated with the given type",
"type"_a)

.def("__getitem__",
&CoreAuxv::operator[],
"",
py::return_value_policy::copy)

.def("__setitem__",
[] (CoreAuxv& status, AUX_TYPE atype, uint64_t val) {
status.set(atype, val);
},
"")

.def("__contains__",
&CoreAuxv::has,
"")

.def("__eq__", &CoreAuxv::operator==)
.def("__ne__", &CoreAuxv::operator!=)
.def("__hash__",
[] (const CoreAuxv& note) {
return Hash::hash(note);
})

.def("__str__",
[] (const CoreAuxv& note)
{
std::ostringstream stream;
stream << note;
std::string str = stream.str();
return str;
});


LIEF::enum_<AUX_TYPE>(cls, "TYPES")
.value(PY_ENUM(AUX_TYPE::AT_NULL))
.value(PY_ENUM(AUX_TYPE::AT_NULL))
.value(PY_ENUM(AUX_TYPE::AT_IGNORE))
.value(PY_ENUM(AUX_TYPE::AT_EXECFD))
.value(PY_ENUM(AUX_TYPE::AT_PHDR))
.value(PY_ENUM(AUX_TYPE::AT_PHENT))
.value(PY_ENUM(AUX_TYPE::AT_PHNUM))
.value(PY_ENUM(AUX_TYPE::AT_PAGESZ))
.value(PY_ENUM(AUX_TYPE::AT_BASE))
.value(PY_ENUM(AUX_TYPE::AT_FLAGS))
.value(PY_ENUM(AUX_TYPE::AT_ENTRY))
.value(PY_ENUM(AUX_TYPE::AT_NOTELF))
.value(PY_ENUM(AUX_TYPE::AT_UID))
.value(PY_ENUM(AUX_TYPE::AT_EUID))
.value(PY_ENUM(AUX_TYPE::AT_GID))
.value(PY_ENUM(AUX_TYPE::AT_EGID))
.value(PY_ENUM(AUX_TYPE::AT_CLKTCK))
.value(PY_ENUM(AUX_TYPE::AT_PLATFORM))
.value(PY_ENUM(AUX_TYPE::AT_HWCAP))
.value(PY_ENUM(AUX_TYPE::AT_HWCAP2))
.value(PY_ENUM(AUX_TYPE::AT_FPUCW))
.value(PY_ENUM(AUX_TYPE::AT_DCACHEBSIZE))
.value(PY_ENUM(AUX_TYPE::AT_ICACHEBSIZE))
.value(PY_ENUM(AUX_TYPE::AT_UCACHEBSIZE))
.value(PY_ENUM(AUX_TYPE::AT_IGNOREPPC))
.value(PY_ENUM(AUX_TYPE::AT_SECURE))
.value(PY_ENUM(AUX_TYPE::AT_BASE_PLATFORM))
.value(PY_ENUM(AUX_TYPE::AT_RANDOM))
.value(PY_ENUM(AUX_TYPE::AT_EXECFN))
.value(PY_ENUM(AUX_TYPE::AT_SYSINFO))
.value(PY_ENUM(AUX_TYPE::AT_SYSINFO_EHDR))
.value(PY_ENUM(AUX_TYPE::AT_L1I_CACHESHAPE))
.value(PY_ENUM(AUX_TYPE::AT_L1D_CACHESHAPE));


}
} // namespace ELF
} // namespace LIEF
75 changes: 75 additions & 0 deletions api/python/ELF/objects/NoteDetails/core/pyCoreFile.cpp
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
/* Copyright 2017 R. Thomas
* Copyright 2017 Quarkslab
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <string>
#include <sstream>
#include <vector>

#include "pyELF.hpp"

#include "LIEF/ELF/hash.hpp"
#include "LIEF/ELF/NoteDetails/core/CoreFile.hpp"

namespace LIEF {
namespace ELF {

template<class T>
using getter_t = T (CoreFile::*)(void) const;

template<class T>
using setter_t = void (CoreFile::*)(T);

template<>
void create<CoreFile>(py::module& m) {

py::bind_vector<CoreFile::files_t>(m, "CoreFile.files_t");

py::class_<CoreFile, NoteDetails>(m, "CoreFile")

.def_property("files",
static_cast<getter_t<const CoreFile::files_t&>>(&CoreFile::files),
static_cast<setter_t<const CoreFile::files_t&>>(&CoreFile::files),
"List of files mapped in core. (list of " RST_CLASS_REF(lief.ELF.CoreFileEntry) ")")

.def("__len__",
&CoreFile::count,
"Number of files mapped in core"
)

.def("__iter__",
[] (const CoreFile& f) {
return py::make_iterator(std::begin(f), std::end(f));
},
py::keep_alive<0, 1>())

.def("__eq__", &CoreFile::operator==)
.def("__ne__", &CoreFile::operator!=)
.def("__hash__",
[] (const CoreFile& note) {
return Hash::hash(note);
})

.def("__str__",
[] (const CoreFile& note)
{
std::ostringstream stream;
stream << note;
std::string str = stream.str();
return str;
});
}

}
}
54 changes: 54 additions & 0 deletions api/python/ELF/objects/NoteDetails/core/pyCoreFileEntry.cpp
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
/* Copyright 2017 R. Thomas
* Copyright 2017 Quarkslab
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <string>
#include <sstream>
#include <vector>

#include "pyELF.hpp"

namespace LIEF {
namespace ELF {

template<>
void create<CoreFileEntry>(py::module& m) {

py::class_<CoreFileEntry>(m, "CoreFileEntry")

.def_readwrite("start", &CoreFileEntry::start,
"Start address of mapped file")

.def_readwrite("end", &CoreFileEntry::end,
"End address of mapped file")

.def_readwrite("file_ofs", &CoreFileEntry::file_ofs,
"Offset (in core) of mapped file")

.def_readwrite("path", &CoreFileEntry::path,
"Path of mapped file")


.def("__str__",
[] (const CoreFileEntry& entry)
{
std::ostringstream stream;
stream << entry;
return stream.str();
});

}

}
}
Loading

0 comments on commit 9fc3a8a

Please sign in to comment.