ghidra.program.model.lang.Processor Java Examples
The following examples show how to use
ghidra.program.model.lang.Processor.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ConstantPropagationAnalyzer.java From ghidra with Apache License 2.0 | 6 votes |
@Override public boolean canAnalyze(Program program) { // Set the default for checking parameter passing // don't look for constant passing in things that have a small address space, or is segmented checkParamRefsOption = program.getDefaultPointerSize() > 2; checkParamRefsOption &= !(program.getAddressFactory().getDefaultAddressSpace() instanceof SegmentedAddressSpace); if (processorName.equals("Basic")) { if (handledProcessors.contains(program.getLanguage().getProcessor().toString())) { return false; } return true; } return program.getLanguage().getProcessor().equals( Processor.findOrPossiblyCreateProcessor(processorName)); }
Example #2
Source File: PowerPCDisassembleAction.java From ghidra with Apache License 2.0 | 6 votes |
@Override protected boolean isEnabledForContext(ListingActionContext context) { Address address = context.getAddress(); if (address == null) { return false; } // Action only intended for use where PowerPC VLE instructions are available. // The presence of the VLE variant indicator in the language ID can be used for this // determination. Program program = context.getProgram(); Language lang = program.getLanguage(); Processor proc = lang.getProcessor(); if (!proc.equals(Processor.findOrPossiblyCreateProcessor("PowerPC")) || lang.getLanguageID().toString().indexOf(":VLE") < 0) { return false; } return plugin.checkDisassemblyEnabled(context, address, true); }
Example #3
Source File: UniversalBinaryFileSystem.java From ghidra with Apache License 2.0 | 6 votes |
@Override public void open(TaskMonitor monitor) throws IOException, CancelledException { try { header = FatHeader.createFatHeader(RethrowContinuesFactory.INSTANCE, provider); List<FatArch> architectures = header.getArchitectures(); for (FatArch architecture : architectures) { Processor processor = CpuTypes.getProcessor(architecture.getCpuType(), architecture.getCpuSubType()); int bitSize = CpuTypes.getProcessorBitSize(architecture.getCpuType()); String name = processor + "-" + bitSize + "-cpu0x" + Integer.toHexString(architecture.getCpuSubType()); GFileImpl file = GFileImpl.fromFilename(this, root, name, false, architecture.getSize(), null); list.add(file); } } catch (Exception e) { throw new IOException(e); } }
Example #4
Source File: iOS_KextStubFixupAnalyzer.java From ghidra with Apache License 2.0 | 5 votes |
boolean isKext(Program program) { Processor processor = program.getLanguage().getProcessor(); if (processor.equals(Processor.findOrPossiblyCreateProcessor("ARM")) || processor.equals(Processor.findOrPossiblyCreateProcessor("AARCH64"))) { return program.getName().toLowerCase().endsWith(".kext"); } return false; }
Example #5
Source File: GenerateLotsOfProgramsScript.java From ghidra with Apache License 2.0 | 5 votes |
private void createPrograms(DomainFolder parent, int count) throws IOException, InvalidNameException, CancelledException { Processor processor = Processor.toProcessor("x86"); Language language = getDefaultLanguage(processor); Program program = new ProgramDB("dummy", language, language.getDefaultCompilerSpec(), this); for (int i = 0; i < count; i++) { parent.createFile("Prog_" + i, program, monitor); } program.release(this); }
Example #6
Source File: SplitUniversalBinariesScript.java From ghidra with Apache License 2.0 | 5 votes |
@Override public void run() throws Exception { File ubiFile = askFile("Select Universal Binary File", "C'mon, Do it! Push da bahtahn!"); File outputDirectory = askDirectory("Select Output Directory", "GO"); ByteProvider provider = new RandomAccessByteProvider(ubiFile) ; FatHeader header = FatHeader.createFatHeader(RethrowContinuesFactory.INSTANCE, provider); List<FatArch> architectures = header.getArchitectures(); for (FatArch arch : architectures) { int offset = arch.getOffset(); int size = arch.getSize(); Processor processor = CpuTypes.getProcessor(arch.getCpuType(), arch.getCpuSubType()); int processorSize = CpuTypes.getProcessorBitSize(arch.getCpuType()); File outFile = new File(outputDirectory, ubiFile.getName()+"."+processor+"."+processorSize); OutputStream out = new FileOutputStream(outFile); try { for (int i = offset ; i < offset+size ; i+=4096) { if (i + 4096 < offset+size) { out.write(provider.readBytes(i, 4096)); } else { out.write(provider.readBytes(i, offset+size-i)); } } } finally { out.close(); } } }
Example #7
Source File: MachoProgramBuilder.java From ghidra with Apache License 2.0 | 5 votes |
private void markAsThumb(Address address) throws ContextChangeException, AddressOverflowException { if (!program.getLanguage().getProcessor().equals( Processor.findOrPossiblyCreateProcessor("ARM"))) { return; } if ((address.getOffset() & 1) == 1) { address = address.subtractNoWrap(1); } Register tModeRegister = program.getLanguage().getRegister("TMode"); program.getProgramContext().setValue(tModeRegister, address, address, BigInteger.ONE); createOneByteFunction(null, address); }
Example #8
Source File: ObjectiveC1_Utilities.java From ghidra with Apache License 2.0 | 5 votes |
/** * Returns true if the address is THUMB code. */ public static boolean isThumb(Program program, Address address) { Processor ARM = Processor.findOrPossiblyCreateProcessor("ARM"); if (program.getLanguage().getProcessor().equals(ARM)) { Memory memory = program.getMemory(); MemoryBlock block = memory.getBlock(address); if (block != null && block.isExecute()) { return (address.getOffset() % 2) != 0; } } return false; }
Example #9
Source File: ArmSymbolAnalyzer.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean canAnalyze(Program program) { // Check language return (program.getLanguage().getProcessor().equals( Processor.findOrPossiblyCreateProcessor("ARM")) && program.getRegister("TMode") != null); }
Example #10
Source File: Pe32RelocationFixupHandler.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean handlesProgram(Program program) { if (!PeLoader.PE_NAME.equals(program.getExecutableFormat())) { return false; } Language language = program.getLanguage(); if (language.getLanguageDescription().getSize() != 32) { return false; } Processor processor = language.getProcessor(); return (processor.equals(Processor.findOrPossiblyCreateProcessor("x86"))); }
Example #11
Source File: Pe64RelocationFixupHandler.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean handlesProgram(Program program) { if (!PeLoader.PE_NAME.equals(program.getExecutableFormat())) { return false; } Language language = program.getLanguage(); if (language.getLanguageDescription().getSize() != 64) { return false; } Processor processor = language.getProcessor(); return (processor.equals(Processor.findOrPossiblyCreateProcessor("x86"))); }
Example #12
Source File: X86FunctionPurgeAnalyzer.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean canAnalyze(Program program) { // Only analyze 32-bit or less X86 programs Processor processor = program.getLanguage().getProcessor(); if (program.getLanguage().getDefaultSpace().getSize() > 32) { return false; } return processor.equals(Processor.findOrPossiblyCreateProcessor("x86")); }
Example #13
Source File: Elfx86_64bitRelocationFixupHandler.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean handlesProgram(Program program) { if (!ElfLoader.ELF_NAME.equals(program.getExecutableFormat())) { return false; } Language language = program.getLanguage(); if (language.getLanguageDescription().getSize() != 64) { return false; } Processor processor = language.getProcessor(); return (processor.equals(Processor.findOrPossiblyCreateProcessor("x86"))); }
Example #14
Source File: ElfArmRelocationFixupHandler.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean handlesProgram(Program program) { if (!ElfLoader.ELF_NAME.equals(program.getExecutableFormat())) { return false; } Language language = program.getLanguage(); if (language.getLanguageDescription().getSize() != 32) { return false; } Processor processor = language.getProcessor(); return (processor.equals(Processor.findOrPossiblyCreateProcessor("ARM"))); }
Example #15
Source File: ElfeBPFRelocationFixupHandler.java From eBPF-for-Ghidra with MIT License | 5 votes |
@Override public boolean handlesProgram(Program program) { if (!ElfLoader.ELF_NAME.equals(program.getExecutableFormat())) { return false; } Language language = program.getLanguage(); if (language.getLanguageDescription().getSize() != 64) { return false; } Processor processor = language.getProcessor(); return (processor.equals(Processor.findOrPossiblyCreateProcessor("eBPF"))); }
Example #16
Source File: MipsSymbolAnalyzer.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean canAnalyze(Program program) { // Check language return (program.getLanguage().getProcessor().equals( Processor.findOrPossiblyCreateProcessor("MIPS")) && program.getRegister("ISA_MODE") != null); }
Example #17
Source File: Elfx86_32bitRelocationFixupHandler.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean handlesProgram(Program program) { if (!ElfLoader.ELF_NAME.equals(program.getExecutableFormat())) { return false; } Language language = program.getLanguage(); if (language.getLanguageDescription().getSize() != 32) { return false; } Processor processor = language.getProcessor(); return (processor.equals(Processor.findOrPossiblyCreateProcessor("x86"))); }
Example #18
Source File: HCS12ConventionAnalyzer.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean canAnalyze(Program program) { // Only analyze HCS12 Programs Processor processor = program.getLanguage().getProcessor(); boolean canDo = processor.equals(Processor.findOrPossiblyCreateProcessor("HCS12")); if (canDo) { xgate = program.getRegister("XGATE"); } return canDo; }
Example #19
Source File: PicSwitchAnalyzer.java From ghidra with Apache License 2.0 | 5 votes |
@Override public boolean canAnalyze(Program p) { Processor processor = p.getLanguage().getProcessor(); return (processor == PicProcessor.PROCESSOR_PIC_12 || processor == PicProcessor.PROCESSOR_PIC_16 || processor == PicProcessor.PROCESSOR_PIC_17 || processor == PicProcessor.PROCESSOR_PIC_18); }
Example #20
Source File: CreatePICSwitch.java From ghidra with Apache License 2.0 | 4 votes |
@Override public void run() throws Exception { if (currentProgram == null) { Msg.error(this, "Current Program is null"); } else { Processor processor = currentProgram.getLanguage().getProcessor(); if (!(processor == PicProcessor.PROCESSOR_PIC_12 || processor == PicProcessor.PROCESSOR_PIC_16 || processor == PicProcessor.PROCESSOR_PIC_17 || processor == PicProcessor.PROCESSOR_PIC_18)) { Msg.showError(this, null, "CreatePICSwitch Script Error", "Only Sleigh PIC languages are supported!"); return; } } boolean ok = false; Instruction instr = null; if (currentLocation != null) { instr = currentProgram.getListing().getInstructionAt(currentLocation.getAddress()); if (instr != null && instr.getFlowType().isJump() && instr.getFlowType().isComputed()) { Address addr = instr.getMaxAddress().add(1); CodeUnit nextCodeUnit = currentProgram.getListing().getCodeUnitAt(addr); if (nextCodeUnit instanceof Data) { ok = !((Data)nextCodeUnit).isDefined(); } } } if (!ok) { Msg.showError(this, null, "CreatePICSwitch Script Error", "Switch may only be created when current instruction modifies register PC/PCL\n" + " and where the following code unit is clear."); return; } if (!PicSwitchAnalyzer.addSwitch(instr)) { Msg.showError(this, null, "CreatePICSwitch Script Error", "Failed to identify PIC switch code"); } }
Example #21
Source File: SparcAnalyzer.java From ghidra with Apache License 2.0 | 4 votes |
@Override public boolean canAnalyze(Program program) { return program.getLanguage().getProcessor().equals( Processor.findOrPossiblyCreateProcessor(PROCESSOR_NAME)); }
Example #22
Source File: X86InstructionSkipper.java From ghidra with Apache License 2.0 | 4 votes |
@Override public Processor getApplicableProcessor() { return Processor.findOrPossiblyCreateProcessor("x86"); }
Example #23
Source File: SplitExtensibleFirmwareInterfaceScript.java From ghidra with Apache License 2.0 | 4 votes |
@Override public void run() throws Exception { StringBuffer messages = new StringBuffer(); File efiFile = askFile("Select EFI File", "EFI"); File directory = askDirectory("Select Output Directory for Parsed EFI", "OK"); ByteProvider provider = new RandomAccessByteProvider(efiFile); try { BinaryReader reader = new BinaryReader(provider, true); int magic = reader.readNextInt(); if (magic != MAGIC) { popup("THIS DOES NOT APPEAR TO BE A VALID APPLE EFI FILE"); return; } int architecturesCount = reader.readNextInt(); monitor.setMaximum(architecturesCount); for (int i = 0; i < architecturesCount; ++i) { monitor.setProgress(i); if (monitor.isCancelled()) { break; } int cpuType = reader.readNextInt(); int cpuSubType = reader.readNextInt(); int offset = reader.readNextInt(); int size = reader.readNextInt(); int alignment = reader.readNextInt(); Processor processor = CpuTypes.getProcessor(cpuType, cpuSubType); int processorBitSize = CpuTypes.getProcessorBitSize(cpuType); String processorString = processor + "-" + processorBitSize + "-bit"; String targetName = efiFile.getName() + "_" + processorString + "_" + "at" + "_" + "0x" + Integer.toHexString(offset); String message = "EFI Target found: " + processorString + " at 0x" + Integer.toHexString(offset) + " with alignment " + alignment; monitor.setMessage(message); messages.append(message + "\n"); println(message); byte[] targetBytes = reader.readByteArray(offset, size); OutputStream targetOut = new FileOutputStream(new File(directory, targetName)); try { targetOut.write(targetBytes); } finally { targetOut.close(); } } popup(messages.toString()); } finally { provider.close(); } }
Example #24
Source File: ARMPreAnalyzer.java From ghidra with Apache License 2.0 | 4 votes |
@Override public boolean canAnalyze(Program program) { Processor processor = program.getLanguage().getProcessor(); return (processor.equals(Processor.findOrPossiblyCreateProcessor("ARM"))); }
Example #25
Source File: MachoProgramBuilder.java From ghidra with Apache License 2.0 | 4 votes |
/** * See crt.c from opensource.apple.com */ private void processProgramVars() { if (program.getLanguage().getProcessor() == Processor.findOrPossiblyCreateProcessor( "PowerPC")) { return; } SymbolTable symbolTable = program.getSymbolTable(); int defaultPointerSize = program.getDefaultPointerSize(); DataType intDataType = (defaultPointerSize == 8) ? new QWordDataType() : new DWordDataType(); DataType intPointerDataType = PointerDataType.getPointer(intDataType, defaultPointerSize);//int * DataType voidPointerDatatype = PointerDataType.getPointer(new VoidDataType(), defaultPointerSize);//void * DataType charPointerX1DataType = PointerDataType.getPointer(new CharDataType(), defaultPointerSize);//char * DataType charPointerX2DataType = PointerDataType.getPointer(charPointerX1DataType, defaultPointerSize);//char ** DataType charPointerX3DataType = PointerDataType.getPointer(charPointerX2DataType, defaultPointerSize);//char *** Structure structure = new StructureDataType(SectionNames.PROGRAM_VARS, 0); structure.add(voidPointerDatatype, "mh", "pointer to __mh_execute_header"); structure.add(intPointerDataType, "NXArgcPtr", "pointer to argc"); structure.add(charPointerX3DataType, "NXArgvPtr", "pointer to argv"); structure.add(charPointerX3DataType, "environPtr", "pointer to environment"); structure.add(charPointerX2DataType, "__prognamePtr", "pointer to program name"); Namespace namespace = createNamespace(SectionNames.PROGRAM_VARS); List<Section> sections = machoHeader.getAllSections(); for (Section section : sections) { if (section.getSectionName().equals(SectionNames.PROGRAM_VARS)) { MemoryBlock memoryBlock = getMemoryBlock(section); try { listing.createData(memoryBlock.getStart(), structure); Data data = listing.getDataAt(memoryBlock.getStart()); Data mhData = data.getComponent(0); if (symbolTable.getSymbol("__mh_execute_header", mhData.getAddress(0), namespace) == null) { symbolTable.createLabel(mhData.getAddress(0), "__mh_execute_header", namespace, SourceType.IMPORTED); } Data argcData = data.getComponent(1); symbolTable.createLabel(argcData.getAddress(0), "NXArgc", namespace, SourceType.IMPORTED); listing.createData(argcData.getAddress(0), intDataType); Data argvData = data.getComponent(2); symbolTable.createLabel(argvData.getAddress(0), "NXArgv", namespace, SourceType.IMPORTED); listing.createData(argvData.getAddress(0), charPointerX2DataType); Data environData = data.getComponent(3); symbolTable.createLabel(environData.getAddress(0), "environ", namespace, SourceType.IMPORTED); listing.createData(environData.getAddress(0), charPointerX2DataType); Data prognameData = data.getComponent(4); symbolTable.createLabel(prognameData.getAddress(0), "__progname", namespace, SourceType.IMPORTED); listing.createData(prognameData.getAddress(0), charPointerX1DataType); } catch (Exception e) { log.appendException(e); return; } } } }
Example #26
Source File: MipsPreAnalyzer.java From ghidra with Apache License 2.0 | 4 votes |
@Override public boolean canAnalyze(Program program) { Processor processor = program.getLanguage().getProcessor(); return (processor.equals(Processor.findOrPossiblyCreateProcessor("MIPS"))); }
Example #27
Source File: FunctionPurgeAnalysisCmd.java From ghidra with Apache License 2.0 | 4 votes |
/** * * @see ghidra.framework.cmd.BackgroundCommand#applyTo(ghidra.framework.model.DomainObject, ghidra.util.task.TaskMonitor) */ @Override public boolean applyTo(DomainObject obj, TaskMonitor monitor) { program = (Program) obj; Processor processor = program.getLanguage().getProcessor(); AddressSpace defaultSpace = program.getLanguage().getDefaultSpace(); if (defaultSpace.getSize() > 32 || !processor.equals(Processor.findOrPossiblyCreateProcessor("x86"))) { Msg.error(this, "Unsupported operation for language " + program.getLanguage().getLanguageID()); return false; } if (defaultSpace instanceof SegmentedAddressSpace) { // For 16-bit x86, prepare to establish near/fear calling convention models setupNearFarModels(); } AddressSetView set = entryPoints; long maxCount = set.getNumAddresses(); monitor.setMaximum(maxCount); monitor.setProgress(0); for (Function function : program.getFunctionManager().getFunctions(entryPoints, true)) { if (monitor.isCancelled()) { break; } set = set.subtract( new AddressSet(program, entryPoints.getMinAddress(), function.getEntryPoint())); monitor.setProgress(maxCount - set.getNumAddresses()); monitor.setMessage("Purge " + function.getName()); try { analyzeFunction(function, monitor); } catch (CancelledException e) { // do nothing } } if (monitor.isCancelled()) { setStatusMsg("Function Purge analysis cancelled"); return false; } return true; }
Example #28
Source File: eBPFAnalyzer.java From eBPF-for-Ghidra with MIT License | 4 votes |
@Override public boolean canAnalyze(Program program) { return program.getLanguage().getProcessor().equals( Processor.findOrPossiblyCreateProcessor(PROCESSOR_NAME)); }
Example #29
Source File: FindUndefinedFunctionsScript.java From ghidra with Apache License 2.0 | 4 votes |
private PatternMatcher[] getPatterns() { if (currentProgram == null) { return null; } Processor processor = currentProgram.getLanguage().getProcessor(); if (processor.equals(Processor.findOrPossiblyCreateProcessor("x86"))) { CompilerSpecID compilerSpecID = currentProgram.getCompilerSpec().getCompilerSpecID(); if (compilerSpecID.equals(new CompilerSpecID("windows"))) { return new PatternMatcher[] { new PatternMatcher(new byte[] { (byte) 0x55, (byte) 0x8b, (byte) 0xec }, false), }; } if (compilerSpecID.equals(new CompilerSpecID("gcc"))) { return new PatternMatcher[] { new PatternMatcher(new byte[] { (byte) 0x55, (byte) 0x89, (byte) 0xe5 }, false), }; } } // Endianness OK here? if (processor.equals(Processor.findOrPossiblyCreateProcessor("PowerPC"))) { return new PatternMatcher[] { new PatternMatcher(new byte[] { (byte) 0x7c, (byte) 0x08, (byte) 0x02, (byte) 0xa6 }, false),// }; } if (processor.equals(Processor.findOrPossiblyCreateProcessor("ARM"))) { return new PatternMatcher[] { //new PatternMatcher(new byte[]{(byte)0x00,(byte)0x00,(byte)0x50,(byte)0xe3}, true),//only check 'cmp' at function entry //new PatternMatcher(new byte[]{(byte)0x00,(byte)0x00,(byte)0x51,(byte)0xe3}, true),//only check 'cmp' at function entry //new PatternMatcher(new byte[]{(byte)0x00,(byte)0x00,(byte)0x53,(byte)0xe3}, true),//only check 'cmp' at function entry new PatternMatcher( new byte[] { (byte) 0xf0, (byte) 0x40, (byte) 0x2d, (byte) 0xe9 }, false),//stmdb sp!{r4 r5 r6 r7 lr} new PatternMatcher( new byte[] { (byte) 0xb0, (byte) 0x40, (byte) 0x2d, (byte) 0xe9 }, false),//stmdb sp!{r4 r5 r7 lr} new PatternMatcher( new byte[] { (byte) 0x90, (byte) 0x40, (byte) 0x2d, (byte) 0xe9 }, false),//stmdb sp!{r4 r7 lr} new PatternMatcher( new byte[] { (byte) 0x80, (byte) 0x40, (byte) 0x2d, (byte) 0xe9 }, false),//stmdb sp!{r7 lr} }; } throw new RuntimeException("Unsupported language."); }
Example #30
Source File: X86Analyzer.java From ghidra with Apache License 2.0 | 4 votes |
@Override public boolean canAnalyze(Program program) { return program.getLanguage().getProcessor().equals( Processor.findOrPossiblyCreateProcessor(PROCESSOR_NAME)); }