ghidra.app.util.bin.format.FactoryBundledWithBinaryReader Java Examples
The following examples show how to use
ghidra.app.util.bin.format.FactoryBundledWithBinaryReader.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: MIPS_Elf64Relocation.java From ghidra with Apache License 2.0 | 6 votes |
|
@Override
protected void initElfRelocation(FactoryBundledWithBinaryReader reader, ElfHeader elfHeader,
int relocationTableIndex, boolean withAddend) throws IOException {
super.initElfRelocation(reader, elfHeader, relocationTableIndex, withAddend);
long info = getRelocationInfo();
if (elfHeader.isLittleEndian()) {
// revert to big-endian byte order
info = DataConverter.swapBytes(info, 8);
}
DataConverter converter = elfHeader.isLittleEndian() ? LittleEndianDataConverter.INSTANCE
: BigEndianDataConverter.INSTANCE;
byte[] rSymBytes = BigEndianDataConverter.INSTANCE.getBytes((int) (info >>> 32));
symbolIndex = converter.getInt(rSymBytes);
specialSymbolIndex = ((int) info >>> 24) & 0xff;
type = (int) info & 0xffffff;
}
Example #2
| Source File: PortableExecutableBinaryAnalysisCommand.java From ghidra with Apache License 2.0 | 6 votes |
|
@Override
public boolean canApply(Program program) {
try {
Memory memory = program.getMemory();
ByteProvider provider = new MemoryByteProvider(memory,
program.getAddressFactory().getDefaultAddressSpace());
FactoryBundledWithBinaryReader reader = new FactoryBundledWithBinaryReader(
RethrowContinuesFactory.INSTANCE, provider, !program.getLanguage().isBigEndian());
DOSHeader dosHeader = DOSHeader.createDOSHeader(reader);
if (dosHeader.isDosSignature()) {
reader.setPointerIndex( dosHeader.e_lfanew( ) );
short peMagic = reader.readNextShort();//we should be pointing at the PE magic value!
return ( peMagic & 0x0000ffff ) == Constants.IMAGE_NT_SIGNATURE;
}
}
catch (Exception e) {
}
return false;
}
Example #3
| Source File: DebugFixup.java From ghidra with Apache License 2.0 | 6 votes |
|
private void initDebugFixup(FactoryBundledWithBinaryReader reader, DebugDirectory debugDir,
OffsetValidator validator) throws IOException {
int ptr = debugDir.getPointerToRawData();
if (!validator.checkPointer(ptr)) {
Msg.error(this, "Invalid pointer " + Long.toHexString(ptr));
return;
}
int size = debugDir.getSizeOfData();
ArrayList<DebugFixupElement> list = new ArrayList<DebugFixupElement>();
while (size > 0) {
list.add(DebugFixupElement.createDebugFixupElement(reader, ptr));
ptr += DebugFixupElement.SIZEOF;
size -= DebugFixupElement.SIZEOF;
}
elements = new DebugFixupElement[list.size()];
list.toArray(elements);
}
Example #4
| Source File: ElfRelocation.java From ghidra with Apache License 2.0 | 6 votes |
|
private void readEntryData(FactoryBundledWithBinaryReader reader) throws IOException {
if (is32bit) {
this.r_offset = reader.readNextInt() & Conv.INT_MASK;
this.r_info = reader.readNextInt() & Conv.INT_MASK;
if (hasAddend) {
r_addend = reader.readNextInt() & Conv.INT_MASK;
}
}
else {
this.r_offset = reader.readNextLong();
this.r_info = reader.readNextLong();
if (hasAddend) {
r_addend = reader.readNextLong();
}
}
}
Example #5
| Source File: DebugCOFFSymbolAux.java From ghidra with Apache License 2.0 | 6 votes |
|
private void initDebugCOFFSymbolAux(FactoryBundledWithBinaryReader reader, int index, DebugCOFFSymbol symbol) throws IOException {
switch (symbol.getStorageClass()) {
case DebugCOFFSymbol.IMAGE_SYM_CLASS_FILE:
file = AuxFile.createAuxFile(reader, index);
break;
case DebugCOFFSymbol.IMAGE_SYM_CLASS_EXTERNAL:
case DebugCOFFSymbol.IMAGE_SYM_CLASS_FUNCTION:
sym = AuxSym.createAuxSym(reader, index);
break;
case DebugCOFFSymbol.IMAGE_SYM_CLASS_STATIC:
section = AuxSection.createAuxSection(reader, index);
break;
// case IMAGE_SYM_CLASS_CLR_TOKEN:
// break:
default:
// unhandled aux symbol...
break;
}
}
Example #6
| Source File: DataDirectory.java From ghidra with Apache License 2.0 | 6 votes |
|
protected void processDataDirectory(NTHeader ntHeader, FactoryBundledWithBinaryReader reader)
throws IOException {
this.ntHeader = ntHeader;
this.reader = reader;
virtualAddress = reader.readNextInt();
size = reader.readNextInt();
if (size < 0 || !ntHeader.checkRVA(virtualAddress)) {
if (size != 0) {
Msg.warn(this,
"DataDirectory RVA outside of image (RVA: 0x" +
Integer.toHexString(virtualAddress) + ", Size: 0x" +
Integer.toHexString(size) + "). Could be a file-only data directory.");
size = 0;
}
return;
}
hasParsed = parse();
}
Example #7
| Source File: BoundImportDescriptor.java From ghidra with Apache License 2.0 | 6 votes |
|
private void initBoundImportDescriptor(FactoryBundledWithBinaryReader reader, int readerIndex, int biddIndex) throws IOException {
timeDateStamp = reader.readInt (readerIndex); readerIndex += BinaryReader.SIZEOF_INT;
offsetModuleName = reader.readShort(readerIndex); readerIndex += BinaryReader.SIZEOF_SHORT;
numberOfModuleForwarderRefs = reader.readShort(readerIndex); readerIndex += BinaryReader.SIZEOF_SHORT;
if (offsetModuleName < 0) {
Msg.error(this, "Invalid offsetModuleName "+offsetModuleName);
return;
}
moduleName = reader.readAsciiString(biddIndex + offsetModuleName);
for (int i = 0 ; i < numberOfModuleForwarderRefs ; ++i) {
forwarders.add(BoundImportForwarderRef.createBoundImportForwarderRef(reader, readerIndex, biddIndex));
readerIndex += BoundImportForwarderRef.IMAGE_SIZEOF_BOUND_IMPORT_FORWARDER_REF;
}
}
Example #8
| Source File: PEUtil.java From ghidra with Apache License 2.0 | 6 votes |
|
static public boolean canAnalyze(Program program) {
String format = program.getExecutableFormat();
if (format.equals(PeLoader.PE_NAME)) {
return true;
}
if (format.equals(BinaryLoader.BINARY_NAME)) {
MemoryByteProvider mbp =
new MemoryByteProvider(program.getMemory(),
program.getAddressFactory().getDefaultAddressSpace());
try {
FactoryBundledWithBinaryReader reader =
new FactoryBundledWithBinaryReader(RethrowContinuesFactory.INSTANCE, mbp, true/*LittleEndian*/);
DOSHeader dosHeader = DOSHeader.createDOSHeader(reader);
if (dosHeader.e_magic() == DOSHeader.IMAGE_DOS_SIGNATURE) {
int peHeaderStartIndex = dosHeader.e_lfanew();
int peMagicNumber = reader.readInt(peHeaderStartIndex);
if (peMagicNumber == Constants.IMAGE_NT_SIGNATURE) {
return true;
}
}
}
catch (IOException e) {
}
}
return false;
}
Example #9
| Source File: DebugCOFFSymbolsHeader.java From ghidra with Apache License 2.0 | 5 votes |
|
/**
* Constructor
* @param reader the binary reader
* @param debugDir the debug directory associated to this COFF symbol header
* @param ntHeader
*/
static DebugCOFFSymbolsHeader createDebugCOFFSymbolsHeader(
FactoryBundledWithBinaryReader reader, DebugDirectory debugDir,
OffsetValidator validator) throws IOException {
DebugCOFFSymbolsHeader debugCOFFSymbolsHeader =
(DebugCOFFSymbolsHeader) reader.getFactory().create(DebugCOFFSymbolsHeader.class);
debugCOFFSymbolsHeader.initDebugCOFFSymbolsHeader(reader, debugDir, validator);
return debugCOFFSymbolsHeader;
}
Example #10
| Source File: DebugDataDirectory.java From ghidra with Apache License 2.0 | 5 votes |
|
static DebugDataDirectory createDebugDataDirectory(
NTHeader ntHeader, FactoryBundledWithBinaryReader reader)
throws IOException {
DebugDataDirectory debugDataDirectory = (DebugDataDirectory) reader.getFactory().create(DebugDataDirectory.class);
debugDataDirectory.initDebugDataDirectory(ntHeader, reader);
return debugDataDirectory;
}
Example #11
| Source File: ScatteredRelocationInfo.java From ghidra with Apache License 2.0 | 5 votes |
|
public static ScatteredRelocationInfo createScatteredRelocationInfo(
FactoryBundledWithBinaryReader reader) throws IOException {
ScatteredRelocationInfo scatteredRelocationInfo =
(ScatteredRelocationInfo) reader.getFactory().create(ScatteredRelocationInfo.class);
scatteredRelocationInfo.initScatteredRelocationInfo(reader);
return scatteredRelocationInfo;
}
Example #12
| Source File: ScatteredRelocationInfo.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initScatteredRelocationInfo(FactoryBundledWithBinaryReader reader)
throws IOException {
int mask = reader.readNextInt();
r_scattered = ((mask & 0x80000000) >> 31) & 0x1;
r_pcrel = ((mask & 0x40000000) >> 30);
r_length = ((mask & 0x30000000) >> 28);
r_type = ((mask & 0x0f000000) >> 24);
r_address = ((mask & 0x00ffffff));
r_value = reader.readNextInt();
}
Example #13
| Source File: TableOfContents.java From ghidra with Apache License 2.0 | 5 votes |
|
static TableOfContents createTableOfContents(FactoryBundledWithBinaryReader reader)
throws IOException {
TableOfContents tableOfContents =
(TableOfContents) reader.getFactory().create(TableOfContents.class);
tableOfContents.initTableOfContents(reader);
return tableOfContents;
}
Example #14
| Source File: VS_VERSION_INFO.java From ghidra with Apache License 2.0 | 5 votes |
|
/**
* Constructs a new VS_VERSION_INFO object.
* @param reader the binary reader
* @param index the index where the VS_VERSION_INFO begins
* @throws IOException if an I/O error occurs
*/
public VS_VERSION_INFO(FactoryBundledWithBinaryReader reader, int index) throws IOException {
long oldIndex = reader.getPointerIndex();
reader.setPointerIndex(index);
structLength = reader.readNextShort();
valueLength = reader.readNextShort();
structType = reader.readNextShort();
info = reader.readNextUnicodeString();
alignment = reader.align(4);
// start of VS_FIXEDFILEINFO
signature = reader.readNextInt();
structVersion = shortArrayToString(reader, 2);
fileVersion = shortArrayToString(reader, 4);
productVersion = shortArrayToString(reader, 4);
fileFlagsMask = intArrayToString(reader, 2);
fileFlags = reader.readNextInt();
fileOS = reader.readNextInt();
fileType = reader.readNextInt();
fileSubtype = reader.readNextInt();
fileTimestamp = reader.readNextInt();
while (reader.getPointerIndex() < index + structLength) {
// TODO: is alignment needed?
children.add(new VS_VERSION_CHILD(reader, reader.getPointerIndex() - index, null,
valueMap));
}
reader.setPointerIndex(oldIndex);
}
Example #15
| Source File: BoundImportDescriptor.java From ghidra with Apache License 2.0 | 5 votes |
|
static BoundImportDescriptor createBoundImportDescriptor(
FactoryBundledWithBinaryReader reader, int readerIndex,
int biddIndex) throws IOException {
BoundImportDescriptor boundImportDescriptor = (BoundImportDescriptor) reader.getFactory().create(BoundImportDescriptor.class);
boundImportDescriptor.initBoundImportDescriptor(reader, readerIndex, biddIndex);
return boundImportDescriptor;
}
Example #16
| Source File: ElfRelocationTable.java From ghidra with Apache License 2.0 | 5 votes |
|
private List<ElfRelocation> parseStandardRelocations(FactoryBundledWithBinaryReader reader)
throws IOException {
List<ElfRelocation> relocations = new ArrayList<>();
int nRelocs = (int) (length / entrySize);
for (int relocationIndex = 0; relocationIndex < nRelocs; ++relocationIndex) {
relocations.add(ElfRelocation.createElfRelocation(reader, elfHeader, relocationIndex,
addendTypeReloc));
}
return relocations;
}
Example #17
| Source File: BuildVersionCommand.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initEntryPointCommand(FactoryBundledWithBinaryReader reader) throws IOException {
initLoadCommand(reader);
platform = reader.readNextInt();
minos = reader.readNextInt();
sdk = reader.readNextInt();
ntools = reader.readNextInt();
buildToolVersions = new BuildToolVersion[ntools];
for (int i = 0; i < ntools; i++) {
buildToolVersions[i] = new BuildToolVersion(reader.readNextInt(), reader.readNextInt());
}
}
Example #18
| Source File: FileHeader.java From ghidra with Apache License 2.0 | 5 votes |
|
static FileHeader createFileHeader(
FactoryBundledWithBinaryReader reader, int startIndex,
NTHeader ntHeader) throws IOException {
FileHeader fileHeader = (FileHeader) reader.getFactory().create(FileHeader.class);
fileHeader.initFileHeader(reader, startIndex, ntHeader);
return fileHeader;
}
Example #19
| Source File: DebugCOFFSymbolAux.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initAuxSym(FactoryBundledWithBinaryReader reader, int index) throws IOException {
tagIndex = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
miscLnSzLinenumber = reader.readShort(index);
miscLnSzSize = reader.readShort(index + BinaryReader.SIZEOF_SHORT);
miscTotalSize = reader.readInt (index); index += BinaryReader.SIZEOF_INT;
fncAryFunctionPointerToLinenumber = reader.readInt(index);
fncAryFunctionPointerToNextFunction = reader.readInt(index + BinaryReader.SIZEOF_INT);
fncAryArrayDimension = reader.readShortArray(index, 4); index += (4 * BinaryReader.SIZEOF_SHORT);
tvIndex = reader.readShort(index); index += BinaryReader.SIZEOF_SHORT;
}
Example #20
| Source File: BoundImportForwarderRef.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initBoundImportForwarderRef(FactoryBundledWithBinaryReader reader, int readerIndex, int biddIndex) throws IOException {
timeDateStamp = reader.readInt (readerIndex); readerIndex += BinaryReader.SIZEOF_INT;
offsetModuleName = reader.readShort(readerIndex); readerIndex += BinaryReader.SIZEOF_SHORT;
reserved = reader.readShort(readerIndex); readerIndex += BinaryReader.SIZEOF_SHORT;
if (offsetModuleName < 0) {
Msg.error(this, "Invalid offsetModuleName "+Integer.toHexString(offsetModuleName));
return;
}
moduleName = reader.readAsciiString(biddIndex + offsetModuleName);
}
Example #21
| Source File: DelayImportDataDirectory.java From ghidra with Apache License 2.0 | 5 votes |
|
static DelayImportDataDirectory createDelayImportDataDirectory(
NTHeader ntHeader, FactoryBundledWithBinaryReader reader)
throws IOException {
DelayImportDataDirectory delayImportDataDirectory = (DelayImportDataDirectory) reader.getFactory().create(DelayImportDataDirectory.class);
delayImportDataDirectory.initDelayImportDataDirectory(ntHeader, reader);
return delayImportDataDirectory;
}
Example #22
| Source File: TLSDirectory.java From ghidra with Apache License 2.0 | 5 votes |
|
static TLSDirectory createTLSDirectory(
FactoryBundledWithBinaryReader reader, int index, boolean is64bit)
throws IOException {
TLSDirectory tlsDirectory = (TLSDirectory) reader.getFactory().create(TLSDirectory.class);
tlsDirectory.initTLSDirectory(reader, index, is64bit);
return tlsDirectory;
}
Example #23
| Source File: ResourceDataDirectory.java From ghidra with Apache License 2.0 | 5 votes |
|
static ResourceDataDirectory createResourceDataDirectory(NTHeader ntHeader,
FactoryBundledWithBinaryReader reader) throws IOException {
ResourceDataDirectory resourceDataDirectory =
(ResourceDataDirectory) reader.getFactory().create(ResourceDataDirectory.class);
resourceDataDirectory.initResourceDataDirectory(ntHeader, reader);
return resourceDataDirectory;
}
Example #24
| Source File: CliMetadataDirectory.java From ghidra with Apache License 2.0 | 5 votes |
|
public static CliMetadataDirectory createCliMetadataDirectory(NTHeader ntHeader,
FactoryBundledWithBinaryReader reader) throws IOException {
CliMetadataDirectory cliMetadataDirectory =
(CliMetadataDirectory) reader.getFactory().create(CliMetadataDirectory.class);
cliMetadataDirectory.initCliMetadataDirectory(ntHeader, reader);
return cliMetadataDirectory;
}
Example #25
| Source File: ThreadStateARM.java From ghidra with Apache License 2.0 | 5 votes |
|
static ThreadStateARM createThreadStateARM(FactoryBundledWithBinaryReader reader)
throws IOException {
ThreadStateARM threadStateARM =
(ThreadStateARM) reader.getFactory().create(ThreadStateARM.class);
threadStateARM.initThreadStateARM(reader);
return threadStateARM;
}
Example #26
| Source File: DynamicLibrary.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initDynamicLibrary(FactoryBundledWithBinaryReader reader, LoadCommand command)
throws IOException {
name = LoadCommandString.createLoadCommandString(reader, command);
timestamp = reader.readNextInt();
current_version = reader.readNextInt();
compatibility_version = reader.readNextInt();
}
Example #27
| Source File: DebugFixup.java From ghidra with Apache License 2.0 | 5 votes |
|
/**
* Constructor
* @param reader the binary reader
* @param debugDir the debug directory associated to this FIXUP
* @param ntHeader
*/
static DebugFixup createDebugFixup(FactoryBundledWithBinaryReader reader,
DebugDirectory debugDir, OffsetValidator validator) throws IOException {
DebugFixup debugFixup = (DebugFixup) reader.getFactory().create(DebugFixup.class);
debugFixup.initDebugFixup(reader, debugDir, validator);
return debugFixup;
}
Example #28
| Source File: OptionalHeaderImpl.java From ghidra with Apache License 2.0 | 5 votes |
|
static OptionalHeader createOptionalHeader(NTHeader ntHeader,
FactoryBundledWithBinaryReader reader, int startIndex) throws IOException {
OptionalHeaderImpl optionalHeaderImpl =
(OptionalHeaderImpl) reader.getFactory().create(OptionalHeaderImpl.class);
optionalHeaderImpl.initOptionalHeaderImpl(ntHeader, reader, startIndex);
return optionalHeaderImpl;
}
Example #29
| Source File: COMDescriptorDataDirectory.java From ghidra with Apache License 2.0 | 5 votes |
|
static COMDescriptorDataDirectory createCOMDescriptorDataDirectory(NTHeader ntHeader,
FactoryBundledWithBinaryReader reader) throws IOException {
COMDescriptorDataDirectory comDescriptorDataDirectory =
(COMDescriptorDataDirectory) reader.getFactory().create(
COMDescriptorDataDirectory.class);
comDescriptorDataDirectory.initCOMDescriptorDataDirectory(ntHeader, reader);
return comDescriptorDataDirectory;
}
Example #30
| Source File: CliMetadataDirectory.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initCliMetadataDirectory(NTHeader ntHeader, FactoryBundledWithBinaryReader reader)
throws IOException {
this.ntHeader = ntHeader;
this.reader = reader;
this.virtualAddress = reader.readNextInt();
this.size = reader.readNextInt();
}
