Java Code Examples for ghidra.app.util.bin.format.FactoryBundledWithBinaryReader#getPointerIndex()
The following examples show how to use
ghidra.app.util.bin.format.FactoryBundledWithBinaryReader#getPointerIndex() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ImageCor20Header.java From ghidra with Apache License 2.0 | 6 votes |
private void initIMAGE_COR20_HEADER(FactoryBundledWithBinaryReader reader, long index, NTHeader ntHeader) throws IOException { long origIndex = reader.getPointerIndex(); reader.setPointerIndex(index); cb = reader.readNextInt(); majorRuntimeVersion = reader.readNextShort(); minorRuntimeVersion = reader.readNextShort(); metadata = CliMetadataDirectory.createCliMetadataDirectory(ntHeader, reader); flags = reader.readNextInt(); entryPointToken = reader.readNextInt(); resources = DefaultDataDirectory.createDefaultDataDirectory(ntHeader, reader); strongNameSignature = DefaultDataDirectory.createDefaultDataDirectory(ntHeader, reader); codeManagerTable = DefaultDataDirectory.createDefaultDataDirectory(ntHeader, reader); vTableFixups = DefaultDataDirectory.createDefaultDataDirectory(ntHeader, reader); exportAddressTableJumps = DefaultDataDirectory.createDefaultDataDirectory(ntHeader, reader); managedNativeHeader = DefaultDataDirectory.createDefaultDataDirectory(ntHeader, reader); reader.setPointerIndex(origIndex); }
Example 2
Source File: ElfDynamicTable.java From ghidra with Apache License 2.0 | 6 votes |
private void initDynamicTable(FactoryBundledWithBinaryReader reader, ElfHeader header, long fileOffset, long addrOffset) throws IOException { long oldptr = reader.getPointerIndex(); this.header = header; this.fileOffset = fileOffset; this.addrOffset = addrOffset; reader.setPointerIndex(fileOffset); // Collect set of all _DYNAMIC array tags specified in .dynamic section while (true) { ElfDynamic dyn = ElfDynamic.createElfDynamic(reader, header); dynamics.add(dyn); if (dyn.getTag() == ElfDynamicType.DT_NULL.value) { break; } } reader.setPointerIndex(oldptr); }
Example 3
Source File: TwoLevelHintsCommand.java From ghidra with Apache License 2.0 | 5 votes |
private void initTwoLevelHintsCommand(FactoryBundledWithBinaryReader reader) throws IOException { initLoadCommand(reader); offset = reader.readNextInt(); nhints = reader.readNextInt(); long index = reader.getPointerIndex(); reader.setPointerIndex(offset); for (int i = 0; i < nhints; ++i) { hints.add(TwoLevelHint.createTwoLevelHint(reader)); } reader.setPointerIndex(index); }
Example 4
Source File: VS_VERSION_INFO.java From ghidra with Apache License 2.0 | 5 votes |
/** * Constructs a new VS_VERSION_INFO object. * @param reader the binary reader * @param index the index where the VS_VERSION_INFO begins * @throws IOException if an I/O error occurs */ public VS_VERSION_INFO(FactoryBundledWithBinaryReader reader, int index) throws IOException { long oldIndex = reader.getPointerIndex(); reader.setPointerIndex(index); structLength = reader.readNextShort(); valueLength = reader.readNextShort(); structType = reader.readNextShort(); info = reader.readNextUnicodeString(); alignment = reader.align(4); // start of VS_FIXEDFILEINFO signature = reader.readNextInt(); structVersion = shortArrayToString(reader, 2); fileVersion = shortArrayToString(reader, 4); productVersion = shortArrayToString(reader, 4); fileFlagsMask = intArrayToString(reader, 2); fileFlags = reader.readNextInt(); fileOS = reader.readNextInt(); fileType = reader.readNextInt(); fileSubtype = reader.readNextInt(); fileTimestamp = reader.readNextInt(); while (reader.getPointerIndex() < index + structLength) { // TODO: is alignment needed? children.add(new VS_VERSION_CHILD(reader, reader.getPointerIndex() - index, null, valueMap)); } reader.setPointerIndex(oldIndex); }
Example 5
Source File: DebugDirectory.java From ghidra with Apache License 2.0 | 5 votes |
private void initDebugDirectory(FactoryBundledWithBinaryReader reader, long index, OffsetValidator validator) throws IOException { long oldIndex = reader.getPointerIndex(); reader.setPointerIndex(index); characteristics = reader.readNextInt(); timeDateStamp = reader.readNextInt(); majorVersion = reader.readNextShort(); minorVersion = reader.readNextShort(); type = reader.readNextInt(); sizeOfData = reader.readNextInt(); addressOfRawData = reader.readNextInt(); pointerToRawData = reader.readNextInt(); if (type < 0 || type > 16 || sizeOfData < 0) { Msg.error(this, "Invalid DebugDirectory"); sizeOfData = 0; reader.setPointerIndex(oldIndex); return; } if (sizeOfData > 0) { if (!validator.checkPointer(pointerToRawData)) { Msg.error(this, "Invalid pointerToRawData " + pointerToRawData); sizeOfData = 0; reader.setPointerIndex(oldIndex); return; } blobBytes = reader.readByteArray(pointerToRawData, sizeOfData); } this.index = index; reader.setPointerIndex(oldIndex); }
Example 6
Source File: DebugMisc.java From ghidra with Apache License 2.0 | 5 votes |
private void initDebugMisc(FactoryBundledWithBinaryReader reader, DebugDirectory debugDir, OffsetValidator validator) throws IOException { this.debugDir = debugDir; long oldIndex = reader.getPointerIndex(); long index = debugDir.getPointerToRawData() & Conv.INT_MASK; if (!validator.checkPointer(index)) { Msg.error(this, "Invalid file index " + Long.toHexString(index)); return; } reader.setPointerIndex(index); dataType = reader.readNextInt(); length = reader.readNextInt(); unicode = reader.readNextByte() == 1; reserved = reader.readNextByteArray(3); if (length > 0) { actualData = (unicode ? reader.readNextUnicodeString(length) : reader.readNextAsciiString()); } else { Msg.error(this, "Bad string length " + Integer.toHexString(length)); } reader.setPointerIndex(oldIndex); }
Example 7
Source File: ElfSymbolTable.java From ghidra with Apache License 2.0 | 5 votes |
private void initElfSymbolTable(FactoryBundledWithBinaryReader reader, ElfHeader header, ElfSectionHeader symbolTableSection, long fileOffset, long addrOffset, long length, long entrySize, ElfStringTable stringTable, boolean isDynamic) throws IOException { this.symbolTableSection = symbolTableSection; this.fileOffset = fileOffset; this.addrOffset = addrOffset; this.length = length; this.entrySize = entrySize; this.stringTable = stringTable; this.is32bit = header.is32Bit(); this.isDynamic = isDynamic; long ptr = reader.getPointerIndex(); reader.setPointerIndex(fileOffset); List<ElfSymbol> symbolList = new ArrayList<>(); symbolCount = (int) (length / entrySize); long entryPos = reader.getPointerIndex(); for (int i = 0; i < symbolCount; i++) { // Reposition reader to start of symbol element since ElfSymbol object // may not consume all symbol element data reader.setPointerIndex(entryPos); ElfSymbol sym = ElfSymbol.createElfSymbol(reader, i, this, stringTable, header); symbolList.add(sym); entryPos += entrySize; } reader.setPointerIndex(ptr); symbols = new ElfSymbol[symbolList.size()]; symbolList.toArray(symbols); }
Example 8
Source File: ElfRelocationTable.java From ghidra with Apache License 2.0 | 5 votes |
private void initElfRelocationTable(FactoryBundledWithBinaryReader reader, ElfHeader header, ElfSectionHeader relocTableSection, long fileOffset, long addrOffset, long length, long entrySize, boolean addendTypeReloc, ElfSymbolTable symbolTable, ElfSectionHeader sectionToBeRelocated, TableFormat format) throws IOException { this.relocTableSection = relocTableSection; this.fileOffset = fileOffset; this.addrOffset = addrOffset; this.length = length; this.entrySize = entrySize; this.addendTypeReloc = addendTypeReloc; this.elfHeader = header; this.factory = reader.getFactory(); this.format = format; this.sectionToBeRelocated = sectionToBeRelocated; this.symbolTable = symbolTable; long ptr = reader.getPointerIndex(); reader.setPointerIndex(fileOffset); List<ElfRelocation> relocList; if (format == TableFormat.ANDROID) { relocList = parseAndroidRelocations(reader); } else { relocList = parseStandardRelocations(reader); } reader.setPointerIndex(ptr); relocs = new ElfRelocation[relocList.size()]; relocList.toArray(relocs); }
Example 9
Source File: SegmentTable.java From ghidra with Apache License 2.0 | 5 votes |
SegmentTable(FactoryBundledWithBinaryReader reader, SegmentedAddress baseAddr, short index, short segmentCount, short shiftAlignCount) throws IOException { long oldIndex = reader.getPointerIndex(); reader.setPointerIndex(Conv.shortToInt(index)); //create a value of the shift count... shiftAlignCount = (short)(0x01 << shiftAlignCount); int segmentCountInt = Conv.shortToInt(segmentCount); segments = new Segment[segmentCountInt]; SegmentedAddressSpace space; int curSegment; if (baseAddr != null) { space = (SegmentedAddressSpace) baseAddr.getAddressSpace(); curSegment = baseAddr.getSegment(); } else { space = null; curSegment = 0; } for (int i = 0 ; i < segmentCountInt ; ++i) { segments[i] = new Segment(reader, shiftAlignCount, curSegment); int size = segments[i].getMinAllocSize() & 0xffff; if (size == 0) { size = 0x10000; } if (space != null) { SegmentedAddress endAddr = space.getAddress(curSegment, size - 1); curSegment = space.getNextOpenSegment(endAddr); } else { curSegment += 1; } } reader.setPointerIndex(oldIndex); }
Example 10
Source File: MachHeader.java From ghidra with Apache License 2.0 | 5 votes |
private void initMachHeader(GenericFactory factory, ByteProvider provider, long machHeaderStartIndexInProvider, boolean isRemainingMachoRelativeToStartIndex) throws IOException, MachException { magic = readMagic(provider, machHeaderStartIndexInProvider); if (!MachConstants.isMagic(magic)) { throw new MachException("Invalid Mach-O binary."); } if (isRemainingMachoRelativeToStartIndex) { _machHeaderStartIndexInProvider = machHeaderStartIndexInProvider; } _reader = new FactoryBundledWithBinaryReader(factory, provider, isLittleEndian()); _reader.setPointerIndex(machHeaderStartIndexInProvider + 4);//skip magic number... cpuType = _reader.readNextInt(); cpuSubType = _reader.readNextInt(); fileType = _reader.readNextInt(); nCmds = _reader.readNextInt(); sizeOfCmds = _reader.readNextInt(); flags = _reader.readNextInt(); _is32bit = (cpuType & CpuTypes.CPU_ARCH_ABI64) == 0; if (!_is32bit) { reserved = _reader.readNextInt(); } _commandIndex = _reader.getPointerIndex(); }
Example 11
Source File: SymbolTableCommand.java From ghidra with Apache License 2.0 | 5 votes |
private void initSymbolTableCommand(FactoryBundledWithBinaryReader reader, MachHeader header) throws IOException { initLoadCommand(reader); symoff = reader.readNextInt(); nsyms = reader.readNextInt(); stroff = reader.readNextInt(); strsize = reader.readNextInt(); long index = reader.getPointerIndex(); reader.setPointerIndex(header.getStartIndexInProvider() + symoff); List<NList> nlistList = new ArrayList<>(nsyms); long startIndex = header.getStartIndexInProvider(); boolean is32bit = header.is32bit(); reader.setPointerIndex(startIndex + symoff); for (int i = 0; i < nsyms; ++i) { nlistList.add(NList.createNList(reader, is32bit)); } // sort the entries by the index in the string table, so don't jump around reading List<NList> sortedList = nlistList.stream().sorted((o1, o2) -> Integer.compare(o1.getStringTableIndex(), o2.getStringTableIndex())).collect(Collectors.toList()); // initialize the sorted NList strings from string table long stringTableOffset = stroff; for (NList nList : sortedList) { nList.initString(reader, stringTableOffset); } // the symbol table should be in the original order. // The table is indexed by other tables in the MachO headers symbols = nlistList; reader.setPointerIndex(index); }
Example 12
Source File: Section.java From ghidra with Apache License 2.0 | 5 votes |
private void initSection(FactoryBundledWithBinaryReader reader, boolean is32bit) throws IOException { this.reader = reader; this.is32bit = is32bit; sectname = reader.readNextAsciiString(MachConstants.NAME_LENGTH); segname = reader.readNextAsciiString(MachConstants.NAME_LENGTH); if (is32bit) { addr = reader.readNextInt() & 0xffffffffL; size = reader.readNextInt() & 0xffffffffL; } else { addr = reader.readNextLong(); size = reader.readNextLong(); } offset = reader.readNextInt(); align = reader.readNextInt(); reloff = reader.readNextInt(); nrelocs = reader.readNextInt(); flags = reader.readNextInt(); reserved1 = reader.readNextInt(); reserved2 = reader.readNextInt(); if (!is32bit) { reserved3 = reader.readNextInt(); } long index = reader.getPointerIndex(); reader.setPointerIndex(reloff); for (int i = 0; i < nrelocs; ++i) { relocations.add(RelocationFactory.readRelocation(reader, is32bit)); } reader.setPointerIndex(index); }
Example 13
Source File: InformationBlock.java From ghidra with Apache License 2.0 | 4 votes |
InformationBlock(FactoryBundledWithBinaryReader reader, short index) throws InvalidWindowsHeaderException, IOException { long oldIndex = reader.getPointerIndex(); reader.setPointerIndex(Conv.shortToInt(index)); ne_magic = reader.readNextShort(); if (ne_magic != WindowsHeader.IMAGE_NE_SIGNATURE) { throw new InvalidWindowsHeaderException(); } ne_ver = reader.readNextByte(); ne_rev = reader.readNextByte(); ne_enttab = reader.readNextShort(); ne_cbenttab = reader.readNextShort(); ne_crc = reader.readNextInt(); ne_flags_prog = reader.readNextByte(); ne_flags_app = reader.readNextByte(); ne_autodata = reader.readNextShort(); ne_heap = reader.readNextShort(); ne_stack = reader.readNextShort(); ne_csip = reader.readNextInt(); ne_sssp = reader.readNextInt(); ne_cseg = reader.readNextShort(); ne_cmod = reader.readNextShort(); ne_cbnrestab = reader.readNextShort(); ne_segtab = reader.readNextShort(); ne_rsrctab = reader.readNextShort(); ne_restab = reader.readNextShort(); ne_modtab = reader.readNextShort(); ne_imptab = reader.readNextShort(); ne_nrestab = reader.readNextInt(); ne_cmovent = reader.readNextShort(); ne_align = reader.readNextShort(); ne_cres = reader.readNextShort(); ne_exetyp = reader.readNextByte(); ne_flagsothers = reader.readNextByte(); ne_pretthunks = reader.readNextShort(); ne_psegrefbytes = reader.readNextShort(); ne_swaparea = reader.readNextShort(); ne_expver = reader.readNextShort(); reader.setPointerIndex(oldIndex); }
Example 14
Source File: DynamicSymbolTableCommand.java From ghidra with Apache License 2.0 | 4 votes |
private void initDynamicSymbolTableCommand(FactoryBundledWithBinaryReader reader, MachHeader header) throws IOException { initLoadCommand(reader); ilocalsym = reader.readNextInt(); nlocalsym = reader.readNextInt(); iextdefsym = reader.readNextInt(); nextdefsym = reader.readNextInt(); iundefsym = reader.readNextInt(); nundefsym = reader.readNextInt(); tocoff = reader.readNextInt(); ntoc = reader.readNextInt(); modtaboff = reader.readNextInt(); nmodtab = reader.readNextInt(); extrefsymoff = reader.readNextInt(); nextrefsyms = reader.readNextInt(); indirectsymoff = reader.readNextInt(); nindirectsyms = reader.readNextInt(); extreloff = reader.readNextInt(); nextrel = reader.readNextInt(); locreloff = reader.readNextInt(); nlocrel = reader.readNextInt(); long index = reader.getPointerIndex(); if (tocoff > 0) { reader.setPointerIndex(header.getStartIndexInProvider() + tocoff); for (int i = 0; i < ntoc; ++i) { tocList.add(TableOfContents.createTableOfContents(reader)); } } if (modtaboff > 0) { reader.setPointerIndex(header.getStartIndexInProvider() + modtaboff); for (int i = 0; i < nmodtab; ++i) { moduleList.add(DynamicLibraryModule.createDynamicLibraryModule(reader, header)); } } if (extrefsymoff > 0) { reader.setPointerIndex(header.getStartIndexInProvider() + extrefsymoff); for (int i = 0; i < nextrefsyms; ++i) { referencedList.add(DynamicLibraryReference.createDynamicLibraryReference(reader)); } } if (indirectsymoff > 0) { reader.setPointerIndex(header.getStartIndexInProvider() + indirectsymoff); indirectSymbols = new int[nindirectsyms]; for (int i = 0; i < nindirectsyms; ++i) { indirectSymbols[i] = reader.readNextInt(); } } if (extreloff > 0) { reader.setPointerIndex(header.getStartIndexInProvider() + extreloff); for (int i = 0; i < nextrel; ++i) { externalRelocations.add(RelocationFactory.readRelocation(reader, header.is32bit())); } } if (locreloff > 0) { reader.setPointerIndex(header.getStartIndexInProvider() + locreloff); for (int i = 0; i < nlocrel; ++i) { localRelocations.add(RelocationFactory.readRelocation(reader, header.is32bit())); } } reader.setPointerIndex(index); }
Example 15
Source File: VS_VERSION_CHILD.java From ghidra with Apache License 2.0 | 4 votes |
VS_VERSION_CHILD(FactoryBundledWithBinaryReader reader, long relativeOffset, String parentName, HashMap<String, String> valueMap) throws IOException { this.relativeOffset = relativeOffset; this.parentName = parentName; long origIndex = reader.getPointerIndex(); childSize = reader.readNextShort(); if (childSize == 0) { return; } childValueSize = reader.readNextShort(); childValueType = reader.readNextShort(); childName = reader.readNextUnicodeString(); valueAlignment = reader.align(4); boolean hasChildren = false; if (parentName == null) { childDataType = childName; hasChildren = true; } else if ("StringFileInfo".equals(parentName)) { childDataType = "StringTable"; hasChildren = true; } else if ("VarFileInfo".equals(parentName)) { childDataType = "Var"; if (childValueSize > 0) { childValue = Integer.toHexString(reader.readNextInt()); } } else if ("StringTable".equals(parentName)) { // Should be called "String" but this may conflict with other String types // Also, we have seen some PE's where the childValueType of this is 0, so we can't // rely on that to know if we should read an integer or a string. This field is // always a string regardless of the specified type. childDataType = "StringInfo"; if (childValueSize > 0) { childValue = reader.readNextUnicodeString(); } } if (hasChildren) { while (reader.getPointerIndex() < origIndex + childSize) { VS_VERSION_CHILD child = new VS_VERSION_CHILD(reader, reader.getPointerIndex() - origIndex, childDataType, valueMap); if (children == null) { children = new ArrayList<VS_VERSION_CHILD>(); } children.add(child); } } else { if (childValueSize > 0 && childValue != null) { valueMap.put(childName, childValue); } } }
Example 16
Source File: LoadCommand.java From ghidra with Apache License 2.0 | 4 votes |
protected void initLoadCommand(FactoryBundledWithBinaryReader reader) throws IOException { startIndex = reader.getPointerIndex(); cmd = reader.readNextInt(); cmdsize = reader.readNextInt(); }
Example 17
Source File: LoadConfigDirectory.java From ghidra with Apache License 2.0 | 4 votes |
private void initLoadConfigDirectory(FactoryBundledWithBinaryReader reader, int index, OptionalHeader oh) throws IOException { is64bit = oh.is64bit(); long oldIndex = reader.getPointerIndex(); reader.setPointerIndex(index); // Read original fields size = reader.readNextInt(); timeDateStamp = reader.readNextInt(); majorVersion = reader.readNextShort(); minorVersion = reader.readNextShort(); globalFlagsClear = reader.readNextInt(); globalFlagsSet = reader.readNextInt(); criticalSectionDefaultTimeout = reader.readNextInt(); deCommitFreeBlockThreshold = readPointer(reader); deCommitTotalFreeThreshold = readPointer(reader); lockPrefixTable = readPointer(reader); maximumAllocationSize = readPointer(reader); virtualMemoryThreshold = readPointer(reader); if (is64bit) { processAffinityMask = readPointer(reader); processHeapFlags = reader.readNextInt(); } else { processHeapFlags = reader.readNextInt(); processAffinityMask = readPointer(reader); } csdVersion = reader.readNextShort(); dependentLoadFlags = reader.readNextShort(); editList = readPointer(reader); // If the structure size indicates there are more fields, we are dealing with // a newer version of the structure. Each size check represents a new version // of the structure. if (reader.getPointerIndex() - index < size) { securityCookie = readPointer(reader); seHandlerTable = readPointer(reader); seHandlerCount = readPointer(reader); } if (reader.getPointerIndex() - index < size) { guardCfcCheckFunctionPointer = readPointer(reader); guardCfDispatchFunctionPointer = readPointer(reader); guardCfFunctionTable = readPointer(reader); guardCfFunctionCount = readPointer(reader); guardFlags = new GuardFlags(reader.readNextInt()); } if (reader.getPointerIndex() - index < size) { codeIntegrity = new CodeIntegrity(reader); } if (reader.getPointerIndex() - index < size) { guardAddressTakenIatEntryTable = readPointer(reader); guardAddressTakenIatEntryCount = readPointer(reader); guardLongJumpTargetTable = readPointer(reader); guardLongJumpTargetCount = readPointer(reader); } if (reader.getPointerIndex() - index < size) { dynamicValueRelocTable = readPointer(reader); chpeMetadataPointer = readPointer(reader); } if (reader.getPointerIndex() - index < size) { guardRfFailureRoutine = readPointer(reader); guardRfFailureRoutineFunctionPointer = readPointer(reader); dynamicValueRelocTableOffset = reader.readNextInt(); dynamicValueRelocTableSection = reader.readNextShort(); reserved1 = reader.readNextShort(); } if (reader.getPointerIndex() - index < size) { guardRfVerifyStackPointerFunctionPointer = readPointer(reader); hotPatchTableOffset = reader.readNextInt(); } if (reader.getPointerIndex() - index < size) { reserved2 = reader.readNextInt(); reserved3 = readPointer(reader); } reader.setPointerIndex(oldIndex); }
Example 18
Source File: SeparateDebugHeader.java From ghidra with Apache License 2.0 | 4 votes |
/** * Constructs a new separate debug header using the specified byte provider. * @param bp the byte provider * @throws IOException if an I/O error occurs. */ public SeparateDebugHeader(GenericFactory factory, ByteProvider bp) throws IOException { FactoryBundledWithBinaryReader reader = new FactoryBundledWithBinaryReader(factory, bp, true); reader.setPointerIndex(0); signature = reader.readNextShort(); if (signature != IMAGE_SEPARATE_DEBUG_SIGNATURE) { return; } flags = reader.readNextShort(); machine = reader.readNextShort(); characteristics = reader.readNextShort(); timeDateStamp = reader.readNextInt(); checkSum = reader.readNextInt(); imageBase = reader.readNextInt(); sizeOfImage = reader.readNextInt(); numberOfSections = reader.readNextInt(); exportedNamesSize = reader.readNextInt(); debugDirectorySize = reader.readNextInt(); sectionAlignment = reader.readNextInt(); reserved = reader.readNextIntArray(2); if (numberOfSections > NTHeader.MAX_SANE_COUNT) { Msg.error(this, "Number of sections " + numberOfSections); return; } long ptr = reader.getPointerIndex(); sections = new SectionHeader[numberOfSections]; for (int i = 0; i < numberOfSections; ++i) { sections[i] = SectionHeader.createSectionHeader(reader, ptr); ptr += SectionHeader.IMAGE_SIZEOF_SECTION_HEADER; } long tmp = ptr; List<String> exportedNameslist = new ArrayList<String>(); while (true) { String str = reader.readAsciiString(tmp); if (str == null || str.length() == 0) { break; } tmp += str.length() + 1; exportedNameslist.add(str); } exportedNames = new String[exportedNameslist.size()]; exportedNameslist.toArray(exportedNames); ptr += exportedNamesSize; parser = DebugDirectoryParser.createDebugDirectoryParser(reader, ptr, debugDirectorySize, this); }