00001 #include <BinaryFile.h> 00002 #include <FileHeader.h> 00003 00004 bool FileHeader::verify(uint16_t targetSize){ 00005 if(GET(f_opthdr) != targetSize){ 00006 PRINT_ERROR("This is not executable, aux-header size does not match %d %d",GET(f_opthdr),targetSize); 00007 return false; 00008 } 00009 if(!(GET(f_flags) & F_EXEC)){ 00010 PRINT_ERROR("Currently only the executable files are instrumented"); 00011 return false; 00012 } 00013 if(GET(f_flags) & F_LNNO){ 00014 PRINT_ERROR("Failing since the executable seems to be stripped"); 00015 return false; 00016 } 00017 return true; 00018 } 00019 00020 void FileHeader::print() { 00021 PRINT_INFOR("HEADER"); 00022 PRINT_INFOR("\tMagic : %#x",GET(f_magic)); 00023 PRINT_INFOR("\t#Sect : %d",GET(f_nscns)); 00024 if(GET(f_nsyms)){ 00025 PRINT_INFOR("\tSymAt : %#llx",GET(f_symptr)); 00026 PRINT_INFOR("\t#Syms : %d (%d bytes)",GET(f_nsyms),GET(f_nsyms) * Size__NN_bit_SymbolTable_Entry); 00027 } 00028 PRINT_INFOR("\t[%#llx --- %#llx]",GET(f_symptr),GET(f_symptr)+GET(f_nsyms) * Size__NN_bit_SymbolTable_Entry); 00029 PRINT_INFOR("\tFlags : %#x LOADONLY SHROBJ DYNLOAD][R PATCH AR32W R] [R R R R] [R LNNO EXEC RELFLG]",GET(f_flags)); 00030 } 00031 00032 void FileHeader::initFilePointers(BinaryInputFile* binaryInputFile){ 00033 if(GET(f_nsyms)){ 00034 symbolTablePtr = binaryInputFile->fileOffsetToPointer(GET(f_symptr)); 00035 } 00036 } 00037 00038 uint32_t FileHeader32::read(BinaryInputFile* binaryInputFile){ 00039 setFileOffset(binaryInputFile->currentOffset()); 00040 00041 if(!binaryInputFile->copyBytesIterate(&entry,Size__32_bit_File_Header)){ 00042 PRINT_ERROR("File header (32) can not be read"); 00043 } 00044 00045 verify(Size__32_bit_Auxilary_Header); 00046 initFilePointers(binaryInputFile); 00047 00048 return Size__32_bit_File_Header; 00049 } 00050 00051 uint32_t FileHeader64::read(BinaryInputFile* binaryInputFile){ 00052 setFileOffset(binaryInputFile->currentOffset()); 00053 00054 if(!binaryInputFile->copyBytesIterate(&entry,Size__64_bit_File_Header)){ 00055 PRINT_ERROR("File header (64) can not be read"); 00056 } 00057 00058 verify(Size__64_bit_Auxilary_Header); 00059 initFilePointers(binaryInputFile); 00060 00061 return Size__64_bit_File_Header; 00062 }