elftools 0.2.2 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c37e680363ef30fc5b86b00e983ccbc45125b852
-  data.tar.gz: 705aaeba44b9dd230d21afa5647d8b41833f1f3a
+  metadata.gz: a9ca4e5e90a3710cbc74557520cfd6efcb442e3b
+  data.tar.gz: 9f745e3609cdaa67103ccf718db973ee8c4b3c74
 SHA512:
-  metadata.gz: 0aa96a9e111680f44fc23c0309a181d2968675ddfb5b3ab86fdd76f7923900702543803028f9d66ba5a7e5d3b4d3924ac18d5115c9dceba54c8602e33bd545bc
-  data.tar.gz: a723dfa7b1bcc39a687b488ff522a7ded8439e72e2275be16c903979d671d6ca8e737fe233d991fa2541f10e80189dc6d8c3243d31467703f1e131fc0cf019e6
+  metadata.gz: 9edec0296929aa3c6dbc90475d8c0281d6f9a559d681945b4badc1778ad293f340a9c49a0526c4c92cfd03aa546774f3a411d98d66a04390233a29c2780a4151
+  data.tar.gz: cc1df33b85fdaebd9dadf64250fdd1f633fe29f9501e2c68fc41cb711e736564a42c307f4c61a06ce1db24348998b2d6652bb72e15c1ae7375ab9d9e22a40bc2

data/README.md

@@ -6,6 +6,9 @@
 [![Inline docs](https://inch-ci.org/github/david942j/rbelftools.svg?branch=master)](https://inch-ci.org/github/david942j/rbelftools)
 [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg)](http://choosealicense.com/licenses/mit/)
 
+# rbelftools
+Pure ruby library for parsing and patching ELF files.
+
 # Introduction
 
 ELF parser in pure ruby implementation. This work is inspired by [pyelftools](https://github.com/eliben/pyelftools) by [Eli Bendersky](https://github.com/eliben).
@@ -21,6 +24,14 @@ Available on RubyGems.org!
 gem install elftools
 ```
 
+# Features
+
+- [x] Supports both big and little endian
+- [x] ELF parser
+- [x] ELF headers patcher
+
+See example usage for more details.
+
 # Example Usage
 
 ## Start from file object
@@ -114,6 +125,39 @@ relocations.map { |r| symtab.symbol_at(r.symbol_index).name }
 #=> ["puts", "__stack_chk_fail", "printf", "__libc_start_main", "fgets", "scanf"]
 ```
 
+## Patch
+
+Patch ELF is so easy!
+
+All kinds of headers (i.e. `Ehdr`, `Shdr`, `Phdr`, etc.) can be patched.
+Patched slots will not be applied on the opened file.
+Invoke `elf.save(filename)` to save the patched ELF into `filename`.
+
+```ruby
+elf = ELFTools::ELFFile.new(File.open('spec/files/amd64.elf'))
+elf.machine
+#=> "Advanced Micro Devices X86-64"
+elf.header.e_machine = 40
+elf.machine
+#=> "ARM"
+
+interp_segment = elf.segment_by_type(:interp)
+interp_segment.interp_name
+#=> "/lib64/ld-linux-x86-64.so.2"
+interp_segment.header.p_filesz
+#=> 28
+interp_segment.header.p_filesz = 20
+interp_segment.interp_name
+#=> "/lib64/ld-linux-x86"
+
+# save the patched ELF
+elf.save('elf.patched')
+
+# in bash
+# $ file elf.patched
+# elf.patched: ELF 64-bit LSB executable, ARM, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86, for GNU...
+```
+
 # Why rbelftools
 
 1. Fully documented   

data/lib/elftools/dynamic.rb

@@ -82,6 +82,7 @@ module ELFTools
       dyn = Structs::ELF_Dyn.new(endian: endian)
       dyn.elf_class = header.elf_class
       stream.pos = tag_start + n * dyn.num_bytes
+      dyn.offset = stream.pos
       @tag_at_map[n] = Tag.new(dyn.read(stream), stream, method(:str_offset))
     end
 

data/lib/elftools/elf_file.rb

@@ -21,6 +21,8 @@ module ELFTools
     #   #=> #<ELFTools::ELFFile:0x00564b106c32a0 @elf_class=64, @endian=:little, @stream=#<File:/bin/cat>>
     def initialize(stream)
       @stream = stream
+      # always set binmode if stream is an IO object.
+      @stream.binmode if @stream.respond_to?(:binmode)
       identify # fetch the most basic information
     end
 
@@ -31,7 +33,7 @@ module ELFTools
     def header
       return @header if defined?(@header)
       stream.pos = 0
-      @header = Structs::ELF_Ehdr.new(endian: endian)
+      @header = Structs::ELF_Ehdr.new(endian: endian, offset: stream.pos)
       @header.elf_class = elf_class
       @header.read(stream)
     end
@@ -290,8 +292,45 @@ module ELFTools
       end
     end
 
+    # The patch status.
+    # @return [Hash{Integer => String}]
+    def patches
+      patch = {}
+      loaded_headers.each do |header|
+        header.patches.each do |key, val|
+          patch[key + header.offset] = val
+        end
+      end
+      patch
+    end
+
+    # Apply patches and save as +filename+.
+    #
+    # @param [String] filename
+    # @return [void]
+    def save(filename)
+      stream.pos = 0
+      all = stream.read.force_encoding('ascii-8bit')
+      patches.each do |pos, val|
+        all[pos, val.size] = val
+      end
+      IO.binwrite(filename, all)
+    end
+
     private
 
+    # bad idea..
+    def loaded_headers
+      explore = lambda do |obj|
+        return obj if obj.is_a?(::ELFTools::Structs::ELFStruct)
+        return obj.map(&explore) if obj.is_a?(Array)
+        obj.instance_variables.map do |s|
+          explore.call(obj.instance_variable_get(s))
+        end
+      end
+      explore.call(self).flatten
+    end
+
     def identify
       stream.pos = 0
       magic = stream.read(4)
@@ -312,7 +351,7 @@ module ELFTools
 
     def create_section(n)
       stream.pos = header.e_shoff + n * header.e_shentsize
-      shdr = Structs::ELF_Shdr.new(endian: endian)
+      shdr = Structs::ELF_Shdr.new(endian: endian, offset: stream.pos)
       shdr.elf_class = elf_class
       shdr.read(stream)
       Sections::Section.create(shdr, stream,
@@ -323,7 +362,7 @@ module ELFTools
 
     def create_segment(n)
       stream.pos = header.e_phoff + n * header.e_phentsize
-      phdr = Structs::ELF_Phdr[elf_class].new(endian: endian)
+      phdr = Structs::ELF_Phdr[elf_class].new(endian: endian, offset: stream.pos)
       phdr.elf_class = elf_class
       Segments::Segment.create(phdr.read(stream), stream, offset_from_vma: method(:offset_from_vma))
     end

data/lib/elftools/lazy_array.rb

@@ -8,17 +8,17 @@ module ELFTools
     # @param [Integer] size
     #   The size of array.
     # @yieldparam [Integer] i
-    #   Needs +i+-th element.
+    #   Needs the +i+-th element.
     # @yieldreturn [Object]
     #   Value of the +i+-th element.
     # @example
-    #   arr = LazyArray.new(10) { |i| p i; i * i }
+    #   arr = LazyArray.new(10) { |i| p "calc #{i}"; i * i }
     #   p arr[2]
-    #   # 2
+    #   # "calc 2"
     #   # 4
     #
     #   p arr[3]
-    #   # 3
+    #   # "calc 3"
     #   # 9
     #
     #   p arr[3]

data/lib/elftools/note.rb

@@ -76,7 +76,7 @@ module ELFTools
     end
 
     def create_note(cur)
-      nhdr = Structs::ELF_Nhdr.new(endian: endian).read(stream)
+      nhdr = Structs::ELF_Nhdr.new(endian: endian, offset: stream.pos).read(stream)
       ELFTools::Note::Note.new(nhdr, stream, cur)
     end
 

data/lib/elftools/sections/relocation_section.rb

@@ -59,7 +59,7 @@ module ELFTools
       def create_relocation(n)
         stream.pos = header.sh_offset + n * header.sh_entsize
         klass = rela? ? Structs::ELF_Rela : Structs::ELF_Rel
-        rel = klass.new(endian: header.class.self_endian)
+        rel = klass.new(endian: header.class.self_endian, offset: stream.pos)
         rel.elf_class = header.elf_class
         rel.read(stream)
         Relocation.new(rel, stream)

data/lib/elftools/sections/section.rb

@@ -28,7 +28,7 @@ module ELFTools
       # @return [Integer]
       #   The type, meaning of types are defined in {Constants::SHT}.
       def type
-        header.sh_type
+        header.sh_type.to_i
       end
 
       # Get name of this section.

data/lib/elftools/sections/sym_tab_section.rb

@@ -87,7 +87,7 @@ module ELFTools
 
       def create_symbol(n)
         stream.pos = header.sh_offset + n * header.sh_entsize
-        sym = Structs::ELF_sym[header.elf_class].new(endian: header.class.self_endian)
+        sym = Structs::ELF_sym[header.elf_class].new(endian: header.class.self_endian, offset: stream.pos)
         sym.read(stream)
         Symbol.new(sym, stream, symstr: method(:symstr))
       end

data/lib/elftools/structs.rb

@@ -2,7 +2,7 @@ require 'bindata'
 module ELFTools
   # Define ELF related structures in this module.
   #
-  # Structures are fetch from https://github.com/torvalds/linux/blob/master/include/uapi/linux/elf.h.
+  # Structures are fetched from https://github.com/torvalds/linux/blob/master/include/uapi/linux/elf.h.
   # Using the bindata gem to make these structures support 32/64 bits and
   # little/big endian simultaneously.
   module Structs
@@ -14,11 +14,54 @@ module ELFTools
       }.freeze
 
       attr_accessor :elf_class # @return [Integer] 32 or 64.
+      attr_accessor :offset # @return [Integer] The file offset of this header.
 
-      # Hacking to get endian of current class
-      # @return [Symbol, nil] +:little+ or +:big+.
-      def self.self_endian
-        bindata_name[-2..-1] == 'ge' ? :big : :little
+      # Records which fields have been patched.
+      # @return [Hash{Integer => Integer}] Patches.
+      def patches
+        @patches ||= {}
+      end
+
+      class << self
+        # Hook constructor, while +BinData::Record+ doesn't allow us to override +#initialize+,
+        # so we hack +new+ here.
+        def new(**kwargs)
+          offset = kwargs.delete(:offset)
+          super.tap do |obj|
+            obj.offset = offset
+            obj.field_names.each do |f|
+              m = "#{f}=".to_sym
+              old_method = obj.singleton_method(m)
+              obj.define_singleton_method(m) do |val|
+                org = obj.send(f)
+                obj.patches[org.abs_offset] = ELFStruct.pack(val, org.num_bytes)
+                old_method.call(val)
+              end
+            end
+          end
+        end
+
+        # Hacking to get endian of current class
+        # @return [Symbol, nil] +:little+ or +:big+.
+        def self_endian
+          bindata_name[-2..-1] == 'ge' ? :big : :little
+        end
+
+        # Pack integer into string.
+        # @param [Integer] val
+        # @param [Integer] bytes
+        # @return [String]
+        def pack(val, bytes)
+          raise ArgumentError, "Not supported assign type #{val.class}" unless val.is_a?(Integer)
+          number = val & ((1 << (8 * bytes)) - 1)
+          out = []
+          bytes.times do
+            out << (number & 0xff)
+            number >>= 8
+          end
+          out = out.pack('C*')
+          self_endian == :little ? out : out.reverse
+        end
       end
     end
 

data/lib/elftools/version.rb

@@ -1,4 +1,4 @@
 module ELFTools
   # Current gem version
-  VERSION = '0.2.2'.freeze
+  VERSION = '1.0.0'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: elftools
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 1.0.0
 platform: ruby
 authors:
 - david942j
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-09-26 00:00:00.000000000 Z
+date: 2017-10-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bindata
@@ -25,33 +25,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: codeclimate-test-reporter
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '0.6'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '0.6'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.47'
+        version: '0.10'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.47'
+        version: '0.10'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -67,33 +67,47 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '12.0'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.13.0
+        version: '3.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.13.0
+        version: '3.5'
 - !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: '0.47'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: '0.47'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.13.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.13.0
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
@@ -164,5 +178,5 @@ rubyforge_project:
 rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
-summary: ELFTools - Pure ruby library for parsing ELF files
+summary: ELFTools - Pure ruby library for parsing and patching ELF files
 test_files: []