metasm 1.0.1 → 1.0.2

data/{lib/metasm → metasm}/exe_format/coff_encode.rb

@@ -139,7 +139,7 @@ class COFF
 	end
 
 	class ImportDirectory
-		# encodes all import directories + iat
+		# encode all import directories + iat
 		def self.encode(coff, ary)
 			edata = { 'iat' => [] }
 			%w[idata ilt nametable].each { |name| edata[name] = EncodedData.new }
@@ -160,12 +160,11 @@ class COFF
 			[it, iat]
 		end
 
-		# encodes an import directory + iat + names in the edata hash received as arg
+		# encode one import directory + iat + names in the edata hash received as arg
 		def encode(coff, edata)
 			edata['iat'] << EncodedData.new
 			# edata['ilt'] = edata['iat']
 			label = lambda { |n| coff.label_at(edata[n], 0, n) }
-			rva = lambda { |n| Expression[label[n], :-, coff.label_at(coff.encoded, 0)] }
 			rva_end = lambda { |n| Expression[[label[n], :-, coff.label_at(coff.encoded, 0)], :+, edata[n].virtsize] }
 
 			@libname_p = rva_end['nametable']
@@ -396,7 +395,8 @@ class COFF
 		s.characteristics = %w[MEM_READ MEM_WRITE MEM_DISCARDABLE]
 		encode_append_section s
 
-		if @imports.first and @imports.first.iat_p.kind_of? Integer
+		if @imports.first and @imports.first.iat_p.kind_of?(Integer)
+			# ordiat = iat.sort_by { @import[x].iat_p }
 			ordiat = @imports.zip(iat).sort_by { |id, it| id.iat_p.kind_of?(Integer) ? id.iat_p : 1<<65 }.map { |id, it| it }
 		else
 			ordiat = iat
@@ -413,7 +413,7 @@ class COFF
 		plt.characteristics = %w[MEM_READ MEM_EXECUTE]
 
 		@imports.zip(iat) { |id, it|
-			if id.iat_p.kind_of? Integer and s = @sections.find { |s_| s_.virtaddr <= id.iat_p and s_.virtaddr + (s_.virtsize || s_.encoded.virtsize) > id.iat_p }
+			if id.iat_p.kind_of?(Integer) and @sections.find { |s_| s_.virtaddr <= id.iat_p and s_.virtaddr + (s_.virtsize || s_.encoded.virtsize) > id.iat_p }
 				id.iat = it	# will be fixed up after encode_section
 			else
 				# XXX should not be mixed (for @directory['iat'][1])
@@ -529,9 +529,7 @@ class COFF
 					end
 
 					# initialize reloc table base address if needed
-					if not rt.base_addr
-						rt.base_addr = off & ~0xfff
-					end
+					rt.base_addr ||= off & ~0xfff
 
 					(rt.relocs ||= []) << r
 				elsif $DEBUG and not rel.target.bind(binding).reduce.kind_of?(Integer)
@@ -559,7 +557,7 @@ class COFF
 	end
 
 	# initialize the header from target/cpu/etc, target in ['exe' 'dll' 'kmod' 'obj']
-	def pre_encode_header(target = 'exe', want_relocs=true)
+	def pre_encode_header(target='exe', want_relocs=true)
 		target = {:bin => 'exe', :lib => 'dll', :obj => 'obj', 'sys' => 'kmod', 'drv' => 'kmod'}.fetch(target, target)
 
 		@header.machine ||= case @cpu.shortname
@@ -650,11 +648,11 @@ class COFF
 
 	# append the section bodies to @encoded, and link the resulting binary
 	def encode_sections_fixup
-		@encoded.align @optheader.file_align
 		if @optheader.headers_size.kind_of?(::String)
 			@encoded.fixup! @optheader.headers_size => @encoded.virtsize
 			@optheader.headers_size = @encoded.virtsize
 		end
+		@encoded.align @optheader.file_align
 
 		baseaddr = @optheader.image_base.kind_of?(::Integer) ? @optheader.image_base : 0x400000
 		binding = @encoded.binding(baseaddr)
@@ -689,7 +687,7 @@ class COFF
 		# patch the iat where iat_p was defined
 		# sort to ensure a 0-terminated will not overwrite an entry
 		# (try to dump notepad.exe, which has a forwarder;)
-		@imports.find_all { |id| id.iat_p.kind_of? Integer }.sort_by { |id| id.iat_p }.each { |id|
+		@imports.find_all { |id| id.iat_p.kind_of?(Integer) }.sort_by { |id| id.iat_p }.each { |id|
 			s = sect_at_rva(id.iat_p)
 			@encoded[s.rawaddr + s.encoded.ptr, id.iat.virtsize] = id.iat
 			binding.update id.iat.binding(baseaddr + id.iat_p)
@@ -710,7 +708,7 @@ class COFF
 	# creates the base relocation tables (need for references to IAT not known before)
 	# defaults to generating relocatable files, eg ALSR-aware
 	# pass want_relocs=false to avoid the file overhead induced by this
-	def encode(target = 'exe', want_relocs = true)
+	def encode(target='exe', want_relocs=true)
 		@encoded = EncodedData.new
 		label_at(@encoded, 0, 'coff_start')
 		pre_encode_header(target, want_relocs)
@@ -832,7 +830,7 @@ class COFF
 					@lexer.unreadtok tok if not tok = @lexer.readtok or tok.type != :punct or tok.raw != '='
 					raise instr, 'invalid base' if not s.virtaddr = Expression.parse(@lexer).reduce or not s.virtaddr.kind_of?(::Integer)
 					if not @optheader.image_base
-				       		@optheader.image_base = (s.virtaddr-0x80) & 0xfff00000
+						@optheader.image_base = (s.virtaddr-0x80) & 0xfff00000
 						puts "Warning: no image_base specified, using #{Expression[@optheader.image_base]}" if $VERBOSE
 					end
 					s.virtaddr -= @optheader.image_base

data/{lib/metasm → metasm}/exe_format/dex.rb

@@ -43,6 +43,7 @@ class DEX < ExeFormat
 
 
 	class SerialStruct < Metasm::SerialStruct
+		# TODO move uleb/sleb to new_field for sizeof
 		new_int_field :u2, :u4, :uleb, :sleb
 	end
 
@@ -135,7 +136,7 @@ class DEX < ExeFormat
 
 	class MethodId < SerialStruct
 		u2 :classidx
-		u2 :typeidx
+		u2 :protoidx
 		u4 :nameidx
 	end
 
@@ -182,7 +183,7 @@ class DEX < ExeFormat
 		uleb :fieldid_diff	# this field id - array.previous field id
 		uleb :access
 
-		attr_accessor :field
+		attr_accessor :fieldid, :field
 	end
 
 	class EncodedMethod < SerialStruct
@@ -190,7 +191,7 @@ class DEX < ExeFormat
 		uleb :access
 		uleb :codeoff		# offset to CodeItem
 
-		attr_accessor :method, :code, :name
+		attr_accessor :methodid, :method, :code, :name
 	end
 
 	class TypeItem < SerialStruct
@@ -256,7 +257,7 @@ class DEX < ExeFormat
 		uleb :typeidx
 		uleb :handleroff
 	end
-	
+
 	class Link < SerialStruct
 		# undefined
 	end
@@ -328,6 +329,8 @@ class DEX < ExeFormat
 	def encode_u4(val) Expression[val].encode(:u32, @endianness) end
 	def decode_u2(edata = @encoded) edata.decode_imm(:u16, @endianness) end
 	def decode_u4(edata = @encoded) edata.decode_imm(:u32, @endianness) end
+	def sizeof_u2 ; 2 ; end
+	def sizeof_u4 ; 4 ; end
 	def decode_uleb(ed = @encoded, signed=false)
 		v = s = 0
 		while s < 5*7
@@ -390,6 +393,7 @@ class DEX < ExeFormat
 			(c.data.direct_methods + [0] + c.data.virtual_methods).each { |m|
 				next id=0 if m == 0
 				id += m.methodid_diff
+				m.methodid = id
 				m.method = @methods[id]
 				m.name = @strings[m.method.nameidx]
 				@encoded.ptr = m.codeoff
@@ -441,7 +445,11 @@ class DEX < ExeFormat
 	end
 
 	def get_default_entrypoints
-		[]
+		@classes.find_all { |c| c.data }.map { |c|
+			(c.data.direct_methods + c.data.virtual_methods).map { |m|
+				m.codeoff+m.code.insns_off
+			}
+		}.flatten
 	end
 end
 

data/{lib/metasm → metasm}/exe_format/dol.rb

@@ -26,6 +26,7 @@ class Dol < ExeFormat
 
 	def decode_word(edata = @encoded) edata.decode_imm(:u32, @endianness) end
 	def encode_word(w) Expression[w].encode(:u32, @endianness) end
+	def sizeof_word ; 4 ; end
 
 	def initialize(cpu = nil)
 		@endianness = :big

data/{lib/metasm → metasm}/exe_format/elf.rb

@@ -21,29 +21,52 @@ class ELF < ExeFormat
 	TYPE_HIPROC = 0xffff
 
 	MACHINE = {
-		 0 => 'NONE',   1 => 'M32',     2 => 'SPARC',   3 => '386',
-		 4 => '68K',    5 => '88K',     6 => '486',     7 => '860',
-		 8 => 'MIPS',   9 => 'S370',   10 => 'MIPS_RS3_LE',
-		15 => 'PARISC',
-		17 => 'VPP500',18 => 'SPARC32PLUS', 19 => '960',
-		20 => 'PPC',   21 => 'PPC64',  22 => 'S390',
-		36 => 'V800',  37 => 'FR20',   38 => 'RH32',   39 => 'MCORE',
-		40 => 'ARM',   41 => 'ALPHA_STD', 42 => 'SH', 43 => 'SPARCV9',
-		44 => 'TRICORE', 45 => 'ARC',  46 => 'H8_300', 47 => 'H8_300H',
-		48 => 'H8S',   49 => 'H8_500', 50 => 'IA_64',  51 => 'MIPS_X',
+		 0 => 'NONE', 1 => 'M32', 2 => 'SPARC', 3 => '386',
+		 4 => '68K', 5 => '88K', 6 => '486', 7 => '860',
+		 8 => 'MIPS', 9 => 'S370', 10 => 'MIPS_RS3_LE',
+		15 => 'PARISC', 17 => 'VPP500', 18 => 'SPARC32PLUS', 19 => '960',
+		20 => 'PPC', 21 => 'PPC64', 22 => 'S390', 23 => 'SPU',
+		36 => 'V800', 37 => 'FR20', 38 => 'RH32', 39 => 'MCORE',
+		40 => 'ARM', 41 => 'ALPHA', 42 => 'SH', 43 => 'SPARCV9',
+		44 => 'TRICORE', 45 => 'ARC', 46 => 'H8_300', 47 => 'H8_300H',
+		48 => 'H8S', 49 => 'H8_500', 50 => 'IA_64', 51 => 'MIPS_X',
 		52 => 'COLDFIRE', 53 => '68HC12', 54 => 'MMA', 55 => 'PCP',
-		56 => 'NCPU',  57 => 'NDR1',   58 => 'STARCORE', 59 => 'ME16',
-		60 => 'ST100', 61 => 'TINYJ',  62 => 'X86_64', 63 => 'PDSP',
-		66 => 'FX66',  67 => 'ST9PLUS',
-		68 => 'ST7',   69 => '68HC16', 70 => '68HC11', 71 => '68HC08',
-		72 => '68HC05',73 => 'SVX',    74 => 'ST19',   75 => 'VAX',
-		76 => 'CRIS',  77 => 'JAVELIN',78 => 'FIREPATH', 79 => 'ZSP',
-		80 => 'MMIX',  81 => 'HUANY',  82 => 'PRISM',  83 => 'AVR',
-		84 => 'FR30',  85 => 'D10V',   86 => 'D30V',   87 => 'V850',
-		88 => 'M32R',  89 => 'MN10300',90 => 'MN10200',91 => 'PJ',
-		92 => 'OPENRISC', 93 => 'ARC_A5', 94 => 'XTENSA',
-		99 => 'PJ',
-		0x9026 => 'ALPHA'
+		56 => 'NCPU', 57 => 'NDR1', 58 => 'STARCORE', 59 => 'ME16',
+		60 => 'ST100', 61 => 'TINYJ', 62 => 'X86_64', 63 => 'PDSP',
+		64 => 'PDP10', 65 => 'PDP11', 66 => 'FX66', 67 => 'ST9PLUS',
+		68 => 'ST7', 69 => '68HC16', 70 => '68HC11', 71 => '68HC08',
+		72 => '68HC05',73 => 'SVX', 74 => 'ST19', 75 => 'VAX',
+		76 => 'CRIS', 77 => 'JAVELIN',78 => 'FIREPATH', 79 => 'ZSP',
+		80 => 'MMIX', 81 => 'HUANY', 82 => 'PRISM', 83 => 'AVR',
+		84 => 'FR30', 85 => 'D10V', 86 => 'D30V', 87 => 'V850',
+		88 => 'M32R', 89 => 'MN10300',90 => 'MN10200',91 => 'PJ',
+		92 => 'OPENRISC', 93 => 'ARC_A5', 94 => 'XTENSA', 95 => 'VIDEOCORE',
+		96 => 'TMM_GPP', 97 => 'NS32K', 98 => 'TPC', 99 => 'SNP1K',
+		100 => 'ST200', 101 => 'IP2K', 102 => 'MAX', 103 => 'CR',
+		104 => 'F2MC16', 105 => 'MSP430', 106 => 'BLACKFIN', 107 => 'SE_C33',
+		108 => 'SEP', 109 => 'ARCA', 110 => 'UNICORE', 111 => 'EXCESS',
+		112 => 'DXP', 113 => 'ALTERA_NIOS2', 114 => 'CRX', 115 => 'XGATE',
+		116 => 'C166', 117 => 'M16C', 118 => 'DSPIC30F', 119 => 'CE',
+		120 => 'M32C',
+		131 => 'TSK3000', 132 => 'RS08', 133 => 'SHARC',
+		134 => 'ECOG2', 135 => 'SCORE7', 136 => 'DSP24', 137 => 'VIDEOCORE3',
+		138 => 'LATTICEMICO32', 139 => 'SE_C17', 140 => 'TI_C6000', 141 => 'TI_C2000',
+		142 => 'TI_C5500',
+		160 => 'MMDSP_PLUS', 161 => 'CYPRESS_M8C', 162 => 'R32C', 163 => 'TRIMEDIA',
+		164 => 'QDSP6', 165 => '8051', 166 => 'STXP7X', 167 => 'NDS32',
+		168 => 'ECOG1', 169 => 'MAXQ30', 170 => 'XIMO16', 171 => 'MANIK',
+		172 => 'CRAYNV2', 173 => 'RX', 174 => 'METAG', 175 => 'MCST_ELBRUS',
+		176 => 'ECOG16', 177 => 'CR16', 178 => 'ETPU', 179 => 'SLE9X',
+		180 => 'L10M', 181 => 'K10M', 182 => 'INTEL_RESV', 183 => 'AARCH64',
+		184 => 'ARM_RESV', 185 => 'AVR32', 186 => 'STM8', 187 => 'TILE64',
+		188 => 'TILEPRO', 189 => 'MICROBLAZE', 190 => 'CUDA', 191 => 'TILEGX',
+		192 => 'CLOUDSHIELD', 193 => 'COREA_1ST', 194 => 'COREA_2ND', 195 => 'ARC_COMPACT2',
+		196 => 'OPEN8', 197 => 'RL78', 198 => 'VIDEOCORE5', 199 => '78KOR',
+		200 => '56800EX', 201 => 'BA1', 202 => 'BA2', 203 => 'XCORE',
+		204 => 'MCHP_PIC', 205 => 'INTEL205', 206 => 'INTEL206', 207 => 'INTEL207',
+		208 => 'INTEL208', 209 => 'INTEL209', 210 => 'KM32', 211 => 'KMX32',
+		212 => 'KMX16', 213 => 'KMX8', 214 => 'KVARC', 215 => 'CDP',
+		216 => 'COGE', 217 => 'COOL', 218 => 'NORC',
 	}
 
 	FLAGS = {
@@ -52,8 +75,9 @@ class ELF < ExeFormat
 			0x8000_0000 => 'LEDATA'},
 		'SPARCV9' => {0 => 'TSO', 1 => 'PSO', 2 => 'RMO'},	# XXX not a flag
 		'MIPS' => {1 => 'NOREORDER', 2 => 'PIC', 4 => 'CPIC',
-			8 => 'XGOT', 16 => '64BIT_WHIRL', 32 => 'ABI2',
-			64 => 'ABI_ON32'}
+			8 => 'XGOT', 0x10 => '64BIT_WHIRL', 0x20 => 'ABI2',
+			0x40 => 'ABI_ON32', 0x80 => 'OPTIONSFIRST',
+			0x100 => '32BITMODE'}
 	}
 
 	DYNAMIC_TAG = { 0 => 'NULL', 1 => 'NEEDED', 2 => 'PLTRELSZ', 3 =>
@@ -300,6 +324,37 @@ class ELF < ExeFormat
 			112 => 'EMB_RELST_LO', 113 => 'EMB_RELST_HI',
 			114 => 'EMB_RELST_HA', 115 => 'EMB_BIT_FLD',
 			116 => 'EMB_RELSDA' },
+		'SH' => { 0 => 'NONE', 1 => 'DIR32', 2 => 'REL32', 3 => 'DIR8WPN',
+			4 => 'IND12W', 5 => 'DIR8WPL', 6 => 'DIR8WPZ', 7 => 'DIR8BP',
+			8 => 'DIR8W', 9 => 'DIR8L', 10 => 'LOOP_START', 11 => 'LOOP_END',
+			22 => 'GNU_VTINHERIT', 23 => 'GNU_VTENTRY', 24 => 'SWITCH8',
+			25 => 'SWITCH16', 26 => 'SWITCH32', 27 => 'USES', 28 => 'COUNT',
+			29 => 'ALIGN', 30 => 'CODE', 31 => 'DATA', 32 => 'LABEL',
+			33 => 'DIR16', 34 => 'DIR8', 35 => 'DIR8UL', 36 => 'DIR8UW',
+			37 => 'DIR8U', 38 => 'DIR8SW', 39 => 'DIR8S', 40 => 'DIR4UL',
+			41 => 'DIR4UW', 42 => 'DIR4U', 43 => 'PSHA', 44 => 'PSHL',
+			45 => 'DIR5U', 46 => 'DIR6U', 47 => 'DIR6S', 48 => 'DIR10S',
+			49 => 'DIR10SW', 50 => 'DIR10SL', 51 => 'DIR10SQ', 53 => 'DIR16S',
+			144 => 'TLS_GD_32', 145 => 'TLS_LD_32', 146 => 'TLS_LDO_32',
+			147 => 'TLS_IE_32', 148 => 'TLS_LE_32', 149 => 'TLS_DTPMOD32',
+			150 => 'TLS_DTPOFF32', 151 => 'TLS_TPOFF32', 160 => 'GOT32',
+			161 => 'PLT32', 162 => 'COPY', 163 => 'GLOB_DAT',
+			164 => 'JMP_SLOT', 165 => 'RELATIVE', 166 => 'GOTOFF',
+			167 => 'GOTPC', 168 => 'GOTPLT32', 169 => 'GOT_LOW16',
+			170 => 'GOT_MEDLOW16', 171 => 'GOT_MEDHI16', 172 => 'GOT_HI16',
+			173 => 'GOTPLT_LOW16', 174 => 'GOTPLT_MEDLOW16', 175 => 'GOTPLT_MEDHI16',
+			176 => 'GOTPLT_HI16', 177 => 'PLT_LOW16', 178 => 'PLT_MEDLOW16',
+			179 => 'PLT_MEDHI16', 180 => 'PLT_HI16', 181 => 'GOTOFF_LOW16',
+			182 => 'GOTOFF_MEDLOW16', 183 => 'GOTOFF_MEDHI16', 184 => 'GOTOFF_HI16',
+			185 => 'GOTPC_LOW16', 186 => 'GOTPC_MEDLOW16', 187 => 'GOTPC_MEDHI16',
+			188 => 'GOTPC_HI16', 189 => 'GOT10BY4', 190 => 'GOTPLT10BY4',
+			191 => 'GOT10BY8', 192 => 'GOTPLT10BY8', 193 => 'COPY64',
+			194 => 'GLOB_DAT64', 195 => 'JMP_SLOT64', 196 => 'RELATIVE64',
+			242 => 'SHMEDIA_CODE', 243 => 'PT_16', 244 => 'IMMS16',
+			245 => 'IMMU16', 246 => 'IMM_LOW16', 247 => 'IMM_LOW16_PCREL',
+			248 => 'IMM_MEDLOW16', 249 => 'IMM_MEDLOW16_PCREL', 250 => 'IMM_MEDHI16',
+			251 => 'IMM_MEDHI16_PCREL', 252 => 'IMM_HI16', 253 => 'IMM_HI16_PCREL',
+			254 => '64', 255 => '64_PCREL' },
 		'SPARC' => { 0 => 'NONE', 1 => '8', 2 => '16', 3 => '32',
 			4 => 'DISP8', 5 => 'DISP16', 6 => 'DISP32',
 			7 => 'WDISP30', 8 => 'WDISP22', 9 => 'HI22',
@@ -362,11 +417,6 @@ class ELF < ExeFormat
 		word :flags
 		fld_bits(:flags) { |elf, hdr| FLAGS[hdr.machine] || {} }
 		halfs :ehsize, :phentsize, :phnum, :shentsize, :shnum, :shstrndx
-
-		def self.size elf
-			x = elf.bitsize >> 3
-			40 + 3*x
-		end
 	end
 
 	class Segment < SerialStruct
@@ -380,11 +430,6 @@ class ELF < ExeFormat
 			else Segment64
 			end
 		end
-
-		def self.size elf
-			x = elf.bitsize >> 3
-			8 + 6*x
-		end
 	end
 
 	class Segment32 < Segment
@@ -421,11 +466,6 @@ class ELF < ExeFormat
 		xword :entsize
 
 		attr_accessor :name, :encoded
-
-		def self.size elf
-			x = elf.bitsize >> 3
-			16 + 6*x
-		end
 	end
 
 	class Symbol < SerialStruct
@@ -439,11 +479,6 @@ class ELF < ExeFormat
 
 		attr_accessor :name_p, :value, :size, :bind, :type, :other, :shndx
 		attr_accessor :name, :thunk
-
-		def self.size elf
-			x = elf.bitsize >> 3
-			8 + 2*x
-		end
 	end
 
 	class Symbol32 < Symbol
@@ -478,12 +513,6 @@ class ELF < ExeFormat
 		end
 
 		def addend ; end
-
-		def self.size elf
-			x = elf.bitsize >> 3
-			2*x
-		end
-
 	end
 	class Relocation32 < Relocation
 		addr :offset
@@ -506,11 +535,6 @@ class ELF < ExeFormat
 			else RelocationAddend64
 			end
 		end
-		def self.size elf
-			x = elf.bitsize >> 3
-			3*x
-		end
-
 	end
 	class RelocationAddend32 < RelocationAddend
 		addr :offset
@@ -637,6 +661,15 @@ class ELF < ExeFormat
 	end
 
 	def shortname; 'elf'; end
+
+	def sizeof_byte ; 1 ; end
+	def sizeof_half ; 2 ; end
+	def sizeof_word ; 4 ; end
+	def sizeof_sword ; 4 ; end
+	def sizeof_xword ; @bitsize == 32 ? 4 : 8 ; end
+	alias sizeof_sxword sizeof_xword
+	alias sizeof_addr sizeof_xword
+	alias sizeof_off sizeof_xword
 end
 
 class LoadedELF < ELF
@@ -689,6 +722,9 @@ class FatELF < ExeFormat
 	def decode_byte(edata = @encoded)  edata.decode_imm(:u8,  @endianness) end
 	def decode_word(edata = @encoded)  edata.decode_imm(:u16, @endianness) end
 	def decode_qword(edata = @encoded) edata.decode_imm(:u64, @endianness) end
+	def sizeof_byte ; 1 ; end
+	def sizeof_word ; 2 ; end
+	def sizeof_qword ; 8 ; end
 
 	attr_accessor :header, :list
 	def initialize
@@ -716,7 +752,7 @@ class FatELF < ExeFormat
 				f.encoded = e.encode_string
 				h = e.header
 				f.machine, f.abi, f.abi_version, f.e_class, f.data =
-			 	h.machine, h.abi, h.abi_version, h.e_class, h.data
+					h.machine, h.abi, h.abi_version, h.e_class, h.data
 			end
 			f.offset = new_label('fat_off')
 			f.size = f.encoded.size
@@ -812,7 +848,7 @@ typedef struct {			/* Verneed Auxiliary Structure. */
 	Elf32_Word	vna_next;	/* no. of bytes from start of this */
 } Elf32_Vernaux;			/*	vernaux to next vernaux entry */
 
-typedef	Elf32_Half 	Elf32_Versym;	/* Version symbol index array */
+typedef	Elf32_Half	Elf32_Versym;	/* Version symbol index array */
 
 typedef struct {
 	Elf32_Half	si_boundto;	/* direct bindings - symbol bound to */

data/{lib/metasm → metasm}/exe_format/elf_decode.rb

@@ -18,19 +18,19 @@ class ELF
 			case hdr.e_class
 			when '32'; elf.bitsize = 32
 			when '64', '64_icc'; elf.bitsize = 64
-			else raise InvalidExeFormat, "E: ELF: unsupported class #{hdr.e_class}"
+			else puts "W: ELF: unsupported class #{hdr.e_class}, assuming 32bit"; elf.bitsize = 32
 			end
 
 			case hdr.data
 			when 'LSB'; elf.endianness = :little
 			when 'MSB'; elf.endianness = :big
-			else raise InvalidExeFormat, "E: ELF: unsupported endianness #{hdr.data}"
+			else puts "W: ELF: unsupported endianness #{hdr.data}, assuming littleendian"; elf.endianness = :little
 			end
 
 			if hdr.i_version != 'CURRENT'
-				raise InvalidExeFormat, "E: ELF: unsupported ELF version #{hdr.i_version}"
+				puts ":: ELF: unsupported ELF version #{hdr.i_version}"
 			end
-	       	}
+		}
 	end
 
 	class Symbol
@@ -66,7 +66,7 @@ class ELF
 	# handles relocated LoadedELF
 	def addr_to_fileoff(addr)
 		la = module_address
-	       	la = (la == 0 ? (@load_address ||= 0) : 0)
+		la = (la == 0 ? (@load_address ||= 0) : 0)
 		addr_to_off(addr - la)
 	end
 
@@ -75,7 +75,7 @@ class ELF
 	def fileoff_to_addr(foff)
 		if s = @segments.find { |s_| s_.type == 'LOAD' and s_.offset <= foff and s_.offset + s_.filesz > foff }
 			la = module_address
-	       		la = (la == 0 ? (@load_address ||= 0) : 0)
+			la = (la == 0 ? (@load_address ||= 0) : 0)
 			s.vaddr + la + foff - s.offset
 		end
 	end
@@ -106,7 +106,7 @@ class ELF
 	def decode_header(off = 0, decode_phdr=true, decode_shdr=true)
 		@encoded.ptr = off
 		@header.decode self
-		raise InvalidExeFormat, "Invalid elf header size: #{@header.ehsize}" if Header.size(self) != @header.ehsize
+		raise InvalidExeFormat, "Invalid elf header size: #{@header.ehsize}" if Header.sizeof(self) != @header.ehsize
 		if decode_phdr and @header.phoff != 0
 			decode_program_header(@header.phoff+off)
 		end
@@ -118,7 +118,7 @@ class ELF
 	# decodes the section header
 	# section names are read from shstrndx if possible
 	def decode_section_header(off = @header.shoff)
-		raise InvalidExeFormat, "Invalid elf section header size: #{@header.shentsize}" if Section.size(self) != @header.shentsize
+		raise InvalidExeFormat, "Invalid elf section header size: #{@header.shentsize}" if Section.sizeof(self) != @header.shentsize
 		@encoded.add_export new_label('section_header'), off
 		@encoded.ptr = off
 		@sections = []
@@ -137,7 +137,7 @@ class ELF
 	# decodes the program header table
 	# marks the elf entrypoint as an export of +self.encoded+
 	def decode_program_header(off = @header.phoff)
-		raise InvalidExeFormat, "Invalid elf program header size: #{@header.phentsize}" if Segment.size(self) != @header.phentsize
+		raise InvalidExeFormat, "Invalid elf program header size: #{@header.phentsize}" if Segment.sizeof(self) != @header.phentsize
 		@encoded.add_export new_label('program_header'), off
 		@encoded.ptr = off
 		@segments = []
@@ -224,7 +224,40 @@ class ELF
 		# (gnu_hash(sym[N].name) & ~1) | (N == dynsymcount-1 || (gnu_hash(sym[N].name) % nbucket) != (gnu_hash(sym[N+1].name) % nbucket))
 		# that's the hash, with its lower bit replaced by the bool [1 if i am the last sym having my hash as hash]
 
-		return hsymcount+symndx if just_get_count
+		# we're going to decode the symbol table, and we just want to get the nr of symbols to read
+		if just_get_count
+			# index of highest hashed (exported) symbols
+			ns = hsymcount+symndx
+
+			# no way to get the number of non-exported symbols from what we have here
+			# so we'll decode all relocs and use the largest index we see..
+			rels = []
+			if @encoded.ptr = @tag['REL'] and @tag['RELENT'] == Relocation.sizeof(self)
+				p_end = @encoded.ptr + @tag['RELSZ']
+				while @encoded.ptr < p_end
+					rels << Relocation.decode(self)
+				end
+			end
+			if @encoded.ptr = @tag['RELA'] and @tag['RELAENT'] == RelocationAddend.sizeof(self)
+				p_end = @encoded.ptr + @tag['RELASZ']
+				while @encoded.ptr < p_end
+					rels << RelocationAddend.decode(self)
+				end
+			end
+			if @encoded.ptr = @tag['JMPREL'] and relcls = case @tag['PLTREL']
+					when 'REL';  Relocation
+					when 'RELA'; RelocationAddend
+					end
+				p_end = @encoded.ptr + @tag['PLTRELSZ']
+				while @encoded.ptr < p_end
+					rels << relcls.decode(self)
+				end
+			end
+			maxr = rels.map { |rel| rel.symbol }.grep(::Integer).max || -1
+
+			return [ns, maxr+1].max
+		end
+
 
 		# TODO
 	end
@@ -359,7 +392,7 @@ class ELF
 	def decode_segments_symbols
 		return unless @tag['STRTAB'] and @tag['STRSZ'] and @tag['SYMTAB'] and (@tag['HASH'] or @tag['GNU_HASH'])
 
-		raise "E: ELF: unsupported symbol entry size: #{@tag['SYMENT']}" if @tag['SYMENT'] != Symbol.size(self)
+		raise "E: ELF: unsupported symbol entry size: #{@tag['SYMENT']}" if @tag['SYMENT'] != Symbol.sizeof(self)
 
 		# find number of symbols
 		if @tag['HASH']
@@ -394,14 +427,16 @@ class ELF
 			@encoded.ptr = sec.offset
 			syms = []
 			raise 'Invalid symbol table' if sec.size > @encoded.length
-			(sec.size / Symbol.size(self)).times { syms << Symbol.decode(self, strtab) }
+			(sec.size / Symbol.sizeof(self)).times { syms << Symbol.decode(self, strtab) }
 			alreadysegs = true if @header.type == 'DYN' or @header.type == 'EXEC'
+			alreadysyms = @symbols.inject({}) { |h, s| h.update s.name => true } if alreadysegs
 			syms.each { |s|
 				if alreadysegs
 					# if we already decoded the symbols from the DYNAMIC segment,
 					# ignore dups and imports from this section
 					next if s.shndx == 'UNDEF'
-					next if @symbols.find { |ss| ss.name == s.name }
+					next if alreadysyms[s.name]
+					alreadysyms[s.name] = true
 				end
 				@symbols << s
 				decode_symbol_export(s)
@@ -445,7 +480,7 @@ class ELF
 	def decode_segments_relocs
 		@relocations.clear
 		if @encoded.ptr = @tag['REL']
-			raise "E: ELF: unsupported rel entry size #{@tag['RELENT']}" if @tag['RELENT'] != Relocation.size(self)
+			raise "E: ELF: unsupported rel entry size #{@tag['RELENT']}" if @tag['RELENT'] != Relocation.sizeof(self)
 			p_end = @encoded.ptr + @tag['RELSZ']
 			while @encoded.ptr < p_end
 				@relocations << Relocation.decode(self)
@@ -453,7 +488,7 @@ class ELF
 		end
 
 		if @encoded.ptr = @tag['RELA']
-			raise "E: ELF: unsupported rela entry size #{@tag['RELAENT'].inspect}" if @tag['RELAENT'] != RelocationAddend.size(self)
+			raise "E: ELF: unsupported rela entry size #{@tag['RELAENT'].inspect}" if @tag['RELAENT'] != RelocationAddend.sizeof(self)
 			p_end = @encoded.ptr + @tag['RELASZ']
 			while @encoded.ptr < p_end
 				@relocations << RelocationAddend.decode(self)
@@ -509,10 +544,28 @@ class ELF
 		end
 	end
 
+	# returns the target of a relocation using reloc.symbol
+	# may create new labels if the relocation targets a section
+	def reloc_target(reloc)
+		target = 0
+		if reloc.symbol.kind_of?(Symbol)
+			if reloc.symbol.type == 'SECTION'
+				s = @sections[reloc.symbol.shndx]
+				if not target = @encoded.inv_export[s.offset]
+					target = new_label(s.name)
+					@encoded.add_export(target, s.offset)
+				end
+			elsif reloc.symbol.name
+				target = reloc.symbol.name
+			end
+		end
+		target
+	end
+
 	# returns the Metasm::Relocation that should be applied for reloc
 	# self.encoded.ptr must point to the location that will be relocated (for implicit addends)
 	def arch_decode_segments_reloc_386(reloc)
-		if reloc.symbol and n = reloc.symbol.name and reloc.symbol.shndx == 'UNDEF' and @sections and
+		if reloc.symbol.kind_of?(Symbol) and n = reloc.symbol.name and reloc.symbol.shndx == 'UNDEF' and @sections and
 			s = @sections.find { |s_| s_.name and s_.offset <= @encoded.ptr and s_.offset + s_.size > @encoded.ptr }
 			@encoded.add_export(new_label("#{s.name}_#{n}"), @encoded.ptr, true)
 		end
@@ -541,15 +594,14 @@ class ELF
 		when 'GLOB_DAT', 'JMP_SLOT', '32', 'PC32', 'TLS_TPOFF', 'TLS_TPOFF32'
 			# XXX use versionned version
 			# lazy jmp_slot ?
-			target = 0
-			target = reloc.symbol.name if reloc.symbol.kind_of?(Symbol) and reloc.symbol.name
+			target = reloc_target(reloc)
 			target = Expression[target, :-, reloc.offset] if reloc.type == 'PC32'
 			target = Expression[target, :+, addend] if addend and addend != 0
 			target = Expression[target, :+, 'tlsoffset'] if reloc.type == 'TLS_TPOFF'
 			target = Expression[:-, [target, :+, 'tlsoffset']] if reloc.type == 'TLS_TPOFF32'
 		when 'COPY'
 			# mark the address pointed as a copy of the relocation target
-			if not reloc.symbol or not name = reloc.symbol.name
+			if not reloc.symbol.kind_of?(Symbol) or not name = reloc.symbol.name
 				puts "W: Elf: symbol to COPY has no name: #{reloc.inspect}" if $VERBOSE
 				name = ''
 			end
@@ -567,24 +619,40 @@ class ELF
 	# returns the Metasm::Relocation that should be applied for reloc
 	# self.encoded.ptr must point to the location that will be relocated (for implicit addends)
 	def arch_decode_segments_reloc_mips(reloc)
-		if reloc.symbol and n = reloc.symbol.name and reloc.symbol.shndx == 'UNDEF' and @sections and
+		if reloc.symbol.kind_of?(Symbol) and n = reloc.symbol.name and reloc.symbol.shndx == 'UNDEF' and @sections and
 			s = @sections.find { |s_| s_.name and s_.offset <= @encoded.ptr and s_.offset + s_.size > @encoded.ptr }
 			@encoded.add_export(new_label("#{s.name}_#{n}"), @encoded.ptr, true)
 		end
 
+		original_word = decode_word
+
 		# decode addend if needed
 		case reloc.type
 		when 'NONE' # no addend
-		else addend = reloc.addend || decode_sword
+		else addend = reloc.addend || Expression.make_signed(original_word, 32)
 		end
 
 		case reloc.type
 		when 'NONE'
 		when '32', 'REL32'
-			target = 0
-			target = reloc.symbol.name if reloc.symbol.kind_of?(Symbol) and reloc.symbol.name
+			target = reloc_target(reloc)
 			target = Expression[target, :-, reloc.offset] if reloc.type == 'REL32'
 			target = Expression[target, :+, addend] if addend and addend != 0
+		when '26'
+			target = reloc_target(reloc)
+			addend &= 0x3ff_ffff
+			target = Expression[target, :+, [addend, :<<, 2]] if addend and addend != 0
+			target = Expression[[original_word, :&, 0xfc0_0000], :|, [[target, :&, 0x3ff_ffff], :>>, 2]]
+		when 'HI16'
+			target = reloc_target(reloc)
+			addend &= 0xffff
+			target = Expression[target, :+, [addend, :<<, 16]] if addend and addend != 0
+			target = Expression[[original_word, :&, 0xffff_0000], :|, [[target, :>>, 16], :&, 0xffff]]
+		when 'LO16'
+			target = reloc_target(reloc)
+			addend &= 0xffff
+			target = Expression[target, :+, addend] if addend and addend != 0
+			target = Expression[[original_word, :&, 0xffff_0000], :|, [target, :&, 0xffff]]
 		else
 			puts "W: Elf: unhandled MIPS reloc #{reloc.inspect}" if $VERBOSE
 			target = nil
@@ -596,7 +664,7 @@ class ELF
 	# returns the Metasm::Relocation that should be applied for reloc
 	# self.encoded.ptr must point to the location that will be relocated (for implicit addends)
 	def arch_decode_segments_reloc_x86_64(reloc)
-		if reloc.symbol and n = reloc.symbol.name and reloc.symbol.shndx == 'UNDEF' and @sections and
+		if reloc.symbol.kind_of?(Symbol) and n = reloc.symbol.name and reloc.symbol.shndx == 'UNDEF' and @sections and
 			s = @sections.find { |s_| s_.name and s_.offset <= @encoded.ptr and s_.offset + s_.size > @encoded.ptr }
 			@encoded.add_export(new_label("#{s.name}_#{n}"), @encoded.ptr, true)
 		end
@@ -627,14 +695,13 @@ class ELF
 		when 'GLOB_DAT', 'JMP_SLOT', '64', 'PC64', '32', 'PC32'
 			# XXX use versionned version
 			# lazy jmp_slot ?
-			target = 0
-			target = reloc.symbol.name if reloc.symbol.kind_of?(Symbol) and reloc.symbol.name
+			target = reloc_target(reloc)
 			target = Expression[target, :-, reloc.offset] if reloc.type == 'PC64' or reloc.type == 'PC32'
 			target = Expression[target, :+, addend] if addend and addend != 0
 			sz = :u32 if reloc.type == '32' or reloc.type == 'PC32'
 		when 'COPY'
 			# mark the address pointed as a copy of the relocation target
-			if not reloc.symbol or not name = reloc.symbol.name
+			if not reloc.symbol.kind_of?(Symbol) or not name = reloc.symbol.name
 				puts "W: Elf: symbol to COPY has no name: #{reloc.inspect}" if $VERBOSE
 				name = ''
 			end
@@ -649,6 +716,33 @@ class ELF
 		Metasm::Relocation.new(Expression[target], sz, @endianness) if target
 	end
 
+	def arch_decode_segments_reloc_sh(reloc)
+		if reloc.symbol.kind_of?(Symbol) and n = reloc.symbol.name and reloc.symbol.shndx == 'UNDEF' and @sections and
+			s = @sections.find { |s_| s_.name and s_.offset <= @encoded.ptr and s_.offset + s_.size > @encoded.ptr }
+			@encoded.add_export(new_label("#{s.name}_#{n}"), @encoded.ptr, true)
+		end
+
+		original_word = decode_word
+
+		# decode addend if needed
+		case reloc.type
+		when 'NONE' # no addend
+		else addend = reloc.addend || Expression.make_signed(original_word, 32)
+		end
+
+		case reloc.type
+		when 'NONE'
+		when 'GLOB_DAT', 'JMP_SLOT'
+			target = reloc_target(reloc)
+			target = Expression[target, :+, addend] if addend and addend != 0
+		else
+			puts "W: Elf: unhandled SH reloc #{reloc.inspect}" if $VERBOSE
+			target = nil
+		end
+
+		Metasm::Relocation.new(Expression[target], :u32, @endianness) if target
+	end
+
 	class DwarfDebug
 		# decode a DWARF2 'compilation unit'
 		def decode(elf, info, abbrev, str)
@@ -749,12 +843,13 @@ class ELF
 	end
 
 	# decodes the ELF dynamic tags, interpret them, and decodes symbols and relocs
-	def decode_segments_dynamic
+	def decode_segments_dynamic(decode_relocs=true)
 		return if not dynamic = @segments.find { |s| s.type == 'DYNAMIC' }
 		@encoded.ptr = add_label('dynamic_tags', dynamic.vaddr)
 		decode_tags
 		decode_segments_tags_interpret
 		decode_segments_symbols
+		return if not decode_relocs
 		decode_segments_relocs
 		decode_segments_relocs_interpret
 	end
@@ -783,6 +878,7 @@ class ELF
 
 	# decodes sections, interprets symbols/relocs, fills sections.encoded
 	def decode_sections
+		@symbols.clear	# the NULL symbol is explicit in the symbol table
 		decode_sections_symbols
 		decode_sections_relocs
 		@sections.each { |s|
@@ -804,7 +900,7 @@ class ELF
 	end
 
 	def decode_exports
-		decode_segments_dynamic
+		decode_segments_dynamic(false)
 	end
 
 	# decodes the elf header, and depending on the elf type, decode segments or sections
@@ -819,12 +915,14 @@ class ELF
 
 	def each_section
 		@segments.each { |s| yield s.encoded, s.vaddr if s.type == 'LOAD' }
-	       	return if @header.type != 'REL'
+		return if @header.type != 'REL'
 		@sections.each { |s|
 			next if not s.encoded
-			l = new_label(s.name)
-			s.encoded.add_export l, 0
-		       	yield s.encoded, l
+			if not l = s.encoded.inv_export[0] or l != s.name.tr('^a-zA-Z0-9_', '_')
+				l = new_label(s.name)
+				s.encoded.add_export l, 0
+			end
+			yield s.encoded, l
 		}
 	end
 
@@ -833,9 +931,13 @@ class ELF
 		case @header.machine
 		when 'X86_64'; X86_64.new
 		when '386'; Ia32.new
-		when 'MIPS'; MIPS.new @endianness
+		when 'MIPS'; (@header.flags.include?('32BITMODE') ? MIPS64 : MIPS).new @endianness
 		when 'PPC'; PPC.new
 		when 'ARM'; ARM.new
+		when 'AARCH64'; AArch64.new
+		when 'SH'; Sh4.new
+		when 'ARC_COMPACT'; ARC.new
+		when 'MSP430'; MSP430.new
 		else raise "unsupported cpu #{@header.machine}"
 		end
 	end
@@ -912,6 +1014,13 @@ EOC
 				(d.address_binding[s.value] ||= {})[:$t9] ||= Expression[s.value]
 			}
 			d.function[:default] = @cpu.disassembler_default_func
+		when 'sh4'
+			noret = DecodedFunction.new
+			noret.noreturn = true
+			%w[__stack_chk_fail abort exit].each { |fn|
+				d.function[Expression[fn]] = noret
+			}
+			d.function[:default] = @cpu.disassembler_default_func
 		end
 		d
 	end