ruby-macho 2.5.1 → 4.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cfe1d04c6c841958f4ac428e7207d89e02371fa9ca9ac3cb48e3e2a34a65dc24
-  data.tar.gz: 21dc14db70485e37ff5e430d5f8a99af6cb1c0ac14f02ae1943121fa2c482629
+  metadata.gz: 669b2133517dc564c92df8ebdc0b2f6fdc91869939cd6a642cfbc2b1c6e20a09
+  data.tar.gz: 0077afabc9c4be7d891e5c7e5a8b4ec173223b00f73d550fc96fb7cf4f103c1d
 SHA512:
-  metadata.gz: d668c48f840f4423ae4bbc89d30c53e26a709491d2f8ca66bc98c637563e596d107638779bd517bf1fe89458d5f05beadf76ea60d80a44578aa0b409be61fc43
-  data.tar.gz: 84009cdfbe5c61bc84ffd8838c7fe033171ebc05af18b7748c53ced99a0e92fd7f45f1a7c0f50001c05eb253e00564b3f8dbe7735fe04df087b3fef72d2be7e6
+  metadata.gz: 4e8bd64595d93d50c0046c5bd292010a51a9d4154cbcda3a0a0a962882475e61d631d55da106e4655ba31a32011f583222d5b147129230e08ad11d12a34ee8e6
+  data.tar.gz: ccc53798eb56f378f5688ad7141636ecca274e552e8ad62f4fab5600b6a6fddcac0e5ffc75ed4924e62538a6b3ac7b291667870b6cd02bf0edf6286da1a4e62a

data/README.md

@@ -56,11 +56,24 @@ puts lc_vers.version_string # => "10.10.0"
 
 * Unit and performance testing.
 
-Attribution:
+### Contributing, setting up `overcommit` and the linters
+
+In order to keep the repo, docs and data tidy, we use a tool called [`overcommit`](https://github.com/sds/overcommit)
+to connect up the git hooks to a set of quality checks.  The fastest way to get setup is to run the following to make
+sure you have all the tools:
+
+```shell
+gem install overcommit bundler
+bundle install
+overcommit --install
+```
+
+### Attribution
 
 * Constants were taken from Apple, Inc's
-[`loader.h` in `cctools/include/mach-o`](https://www.opensource.apple.com/source/cctools/cctools-870/include/mach-o/loader.h).
+[`loader.h` in `cctools/include/mach-o`](https://opensource.apple.com/source/cctools/cctools-973.0.1/include/mach-o/loader.h.auto.html).
 (Apple Public Source License 2.0).
+* Binary files used for testing were taken from The LLVM Project. ([Apache License v2.0 with LLVM Exceptions](test/bin/llvm/LICENSE.txt)).
 
 ### License
 

data/lib/macho/exceptions.rb

@@ -56,6 +56,28 @@ module MachO
     end
   end
 
+  # Raised when a a fat Mach-O file has zero architectures
+  class ZeroArchitectureError < NotAMachOError
+    def initialize
+      super "Fat file has zero internal architectures"
+    end
+  end
+
+  # Raised when there is a mismatch between the fat arch
+  # and internal slice cputype or cpusubtype.
+  class CPUTypeMismatchError < NotAMachOError
+    def initialize(fat_cputype, fat_cpusubtype, macho_cputype, macho_cpusubtype)
+      # @param cputype_fat [Integer] the CPU type in the fat header
+      # @param cpusubtype_fat [Integer] the CPU subtype in the fat header
+      # @param cputype_macho [Integer] the CPU type in the macho header
+      # @param cpusubtype_macho [Integer] the CPU subtype in the macho header
+      super ("Mismatch between cputypes >> 0x%08<fat_cputype>x and 0x%08<macho_cputype>x\n" \
+             "and/or cpusubtypes >> 0x%08<fat_cpusubtype>x and 0x%08<macho_cpusubtype>x" %
+            { :fat_cputype => fat_cputype, :macho_cputype => macho_cputype,
+              :fat_cpusubtype => fat_cpusubtype, :macho_cpusubtype => macho_cpusubtype })
+    end
+  end
+
   # Raised when a fat binary is loaded with MachOFile.
   class FatBinaryError < MachOError
     def initialize
@@ -83,8 +105,8 @@ module MachO
     # @param cputype [Integer] the CPU type of the unknown pair
     # @param cpusubtype [Integer] the CPU sub-type of the unknown pair
     def initialize(cputype, cpusubtype)
-      super "Unrecognized CPU sub-type: 0x%08<cpusubtype>x" \
-        " (for CPU type: 0x%08<cputype>x" % { :cputype => cputype, :cpusubtype => cpusubtype }
+      super "Unrecognized CPU sub-type: 0x%08<cpusubtype>x " \
+            "(for CPU type: 0x%08<cputype>x" % { :cputype => cputype, :cpusubtype => cpusubtype }
     end
   end
 
@@ -119,8 +141,8 @@ module MachO
     # @param expected_arity [Integer] the number of arguments expected
     # @param actual_arity [Integer] the number of arguments received
     def initialize(cmd_sym, expected_arity, actual_arity)
-      super "Expected #{expected_arity} arguments for #{cmd_sym} creation," \
-        " got #{actual_arity}"
+      super "Expected #{expected_arity} arguments for #{cmd_sym} creation, " \
+            "got #{actual_arity}"
     end
   end
 
@@ -136,8 +158,8 @@ module MachO
   class LCStrMalformedError < MachOError
     # @param lc [MachO::LoadCommand] the load command containing the string
     def initialize(lc)
-      super "Load command #{lc.type} at offset #{lc.view.offset} contains a" \
-        " malformed string"
+      super "Load command #{lc.type} at offset #{lc.view.offset} contains a " \
+            "malformed string"
     end
   end
 
@@ -154,8 +176,8 @@ module MachO
     # @param filename [String] the filename
     def initialize(filename)
       super "Updated load commands do not fit in the header of " \
-        "#{filename}. #{filename} needs to be relinked, possibly with " \
-        "-headerpad or -headerpad_max_install_names"
+            "#{filename}. #{filename} needs to be relinked, possibly with " \
+            "-headerpad or -headerpad_max_install_names"
     end
   end
 
@@ -203,8 +225,18 @@ module MachO
   class FatArchOffsetOverflowError < MachOError
     # @param offset [Integer] the offending offset
     def initialize(offset)
-      super "Offset #{offset} exceeds the 32-bit width of a fat_arch offset." \
-            " Consider merging with `fat64: true`"
+      super "Offset #{offset} exceeds the 32-bit width of a fat_arch offset. " \
+            "Consider merging with `fat64: true`"
     end
   end
+
+  # Raised when attempting to parse a compressed Mach-O without explicitly
+  # requesting decompression.
+  class CompressedMachOError < MachOError
+  end
+
+  # Raised when attempting to decompress a compressed Mach-O without adequate
+  # dependencies, or on other decompression errors.
+  class DecompressionError < MachOError
+  end
 end

data/lib/macho/fat_file.rb

@@ -55,7 +55,7 @@ module MachO
       machos.each do |macho|
         macho_offset = Utils.round(offset, 2**macho.segment_alignment)
 
-        raise FatArchOffsetOverflowError, macho_offset if !fat64 && macho_offset > (2**32 - 1)
+        raise FatArchOffsetOverflowError, macho_offset if !fat64 && macho_offset > ((2**32) - 1)
 
         macho_pads[macho] = Utils.padding_for(offset, 2**macho.segment_alignment)
 
@@ -96,7 +96,7 @@ module MachO
 
       @filename = filename
       @options = opts
-      @raw_data = File.open(@filename, "rb", &:read)
+      @raw_data = File.binread(@filename)
       populate_fields
     end
 
@@ -238,6 +238,8 @@ module MachO
     # @param options [Hash]
     # @option options [Boolean] :strict (true) if true, fail if one slice fails.
     #  if false, fail only if all slices fail.
+    # @option options [Boolean] :uniq (false) for each slice: if true, change
+    #  each rpath simultaneously.
     # @return [void]
     # @see MachOFile#change_rpath
     def change_rpath(old_path, new_path, options = {})
@@ -268,6 +270,9 @@ module MachO
     # @param options [Hash]
     # @option options [Boolean] :strict (true) if true, fail if one slice fails.
     #  if false, fail only if all slices fail.
+    # @option options [Boolean] :uniq (false) for each slice: if true, delete
+    #  only the first runtime path that matches. if false, delete all duplicate
+    #  paths that match.
     # @return void
     # @see MachOFile#delete_rpath
     def delete_rpath(path, options = {})
@@ -291,7 +296,7 @@ module MachO
     # @param filename [String] the file to write to
     # @return [void]
     def write(filename)
-      File.open(filename, "wb") { |f| f.write(@raw_data) }
+      File.binwrite(filename, @raw_data)
     end
 
     # Write all (fat) data to the file used to initialize the instance.
@@ -301,7 +306,7 @@ module MachO
     def write!
       raise MachOError, "no initial file to write to" if filename.nil?
 
-      File.open(@filename, "wb") { |f| f.write(@raw_data) }
+      File.binwrite(@filename, @raw_data)
     end
 
     # @return [Hash] a hash representation of this {FatFile}
@@ -322,6 +327,8 @@ module MachO
     # @raise [MagicError] if the magic is not valid Mach-O magic
     # @raise [MachOBinaryError] if the magic is for a non-fat Mach-O file
     # @raise [JavaClassFileError] if the file is a Java classfile
+    # @raise [ZeroArchitectureError] if the file has no internal slices
+    #  (i.e., nfat_arch == 0) and the permissive option is not set
     # @api private
     def populate_fat_header
       # the smallest fat Mach-O header is 8 bytes
@@ -341,6 +348,9 @@ module MachO
       # formats.
       raise JavaClassFileError if fh.nfat_arch > 30
 
+      # Rationale: return an error if the file has no internal slices.
+      raise ZeroArchitectureError if fh.nfat_arch.zero?
+
       fh
     end
 
@@ -369,6 +379,13 @@ module MachO
 
       fat_archs.each do |arch|
         machos << MachOFile.new_from_bin(@raw_data[arch.offset, arch.size], **options)
+
+        # Make sure that each fat_arch and internal slice.
+        # contain matching cputypes and cpusubtypes
+        next if machos.last.header.cputype == arch.cputype &&
+                machos.last.header.cpusubtype == arch.cpusubtype
+
+        raise CPUTypeMismatchError.new(arch.cputype, arch.cpusubtype, machos.last.header.cputype, machos.last.header.cpusubtype)
       end
 
       machos

data/lib/macho/headers.rb

@@ -37,6 +37,18 @@ module MachO
     # @api private
     MH_CIGAM_64 = 0xcffaedfe
 
+    # compressed mach-o magic
+    # @api private
+    COMPRESSED_MAGIC = 0x636f6d70 # "comp"
+
+    # a compressed mach-o slice, using LZSS for compression
+    # @api private
+    COMP_TYPE_LZSS = 0x6c7a7373 # "lzss"
+
+    # a compressed mach-o slice, using LZVN ("FastLib") for compression
+    # @api private
+    COMP_TYPE_FASTLIB = 0x6c7a766e # "lzvn"
+
     # association of magic numbers to string representations
     # @api private
     MH_MAGICS = {
@@ -433,6 +445,11 @@ module MachO
     # @api private
     MH_KEXT_BUNDLE = 0xb
 
+    # a set of Mach-Os, running in the same userspace, sharing a linkedit.  The kext collection files are an example
+    # of this object type
+    # @api private
+    MH_FILESET = 0xc
+
     # association of filetypes to Symbol representations
     # @api private
     MH_FILETYPES = {
@@ -447,6 +464,7 @@ module MachO
       MH_DYLIB_STUB => :dylib_stub,
       MH_DSYM => :dsym,
       MH_KEXT_BUNDLE => :kext_bundle,
+      MH_FILESET => :fileset,
     }.freeze
 
     # association of mach header flag symbols to values
@@ -478,36 +496,23 @@ module MachO
       :MH_HAS_TLV_DESCRIPTORS => 0x800000,
       :MH_NO_HEAP_EXECUTION => 0x1000000,
       :MH_APP_EXTENSION_SAFE => 0x02000000,
+      :MH_NLIST_OUTOFSYNC_WITH_DYLDINFO => 0x04000000,
+      :MH_SIM_SUPPORT => 0x08000000,
+      :MH_DYLIB_IN_CACHE => 0x80000000,
     }.freeze
 
     # Fat binary header structure
     # @see MachO::FatArch
     class FatHeader < MachOStructure
       # @return [Integer] the magic number of the header (and file)
-      attr_reader :magic
+      field :magic, :uint32, :endian => :big
 
       # @return [Integer] the number of fat architecture structures following the header
-      attr_reader :nfat_arch
-
-      # always big-endian
-      # @see MachOStructure::FORMAT
-      # @api private
-      FORMAT = "N2"
-
-      # @see MachOStructure::SIZEOF
-      # @api private
-      SIZEOF = 8
-
-      # @api private
-      def initialize(magic, nfat_arch)
-        super()
-        @magic = magic
-        @nfat_arch = nfat_arch
-      end
+      field :nfat_arch, :uint32, :endian => :big
 
       # @return [String] the serialized fields of the fat header
       def serialize
-        [magic, nfat_arch].pack(FORMAT)
+        [magic, nfat_arch].pack(self.class.format)
       end
 
       # @return [Hash] a hash representation of this {FatHeader}
@@ -527,42 +532,23 @@ module MachO
     # @see MachO::Headers::FatHeader
     class FatArch < MachOStructure
       # @return [Integer] the CPU type of the Mach-O
-      attr_reader :cputype
+      field :cputype, :uint32, :endian => :big
 
       # @return [Integer] the CPU subtype of the Mach-O
-      attr_reader :cpusubtype
+      field :cpusubtype, :uint32, :endian => :big, :mask => CPU_SUBTYPE_MASK
 
       # @return [Integer] the file offset to the beginning of the Mach-O data
-      attr_reader :offset
+      field :offset, :uint32, :endian => :big
 
       # @return [Integer] the size, in bytes, of the Mach-O data
-      attr_reader :size
+      field :size, :uint32, :endian => :big
 
       # @return [Integer] the alignment, as a power of 2
-      attr_reader :align
-
-      # @note Always big endian.
-      # @see MachOStructure::FORMAT
-      # @api private
-      FORMAT = "L>5"
-
-      # @see MachOStructure::SIZEOF
-      # @api private
-      SIZEOF = 20
-
-      # @api private
-      def initialize(cputype, cpusubtype, offset, size, align)
-        super()
-        @cputype = cputype
-        @cpusubtype = cpusubtype & ~CPU_SUBTYPE_MASK
-        @offset = offset
-        @size = size
-        @align = align
-      end
+      field :align, :uint32, :endian => :big
 
       # @return [String] the serialized fields of the fat arch
       def serialize
-        [cputype, cpusubtype, offset, size, align].pack(FORMAT)
+        [cputype, cpusubtype, offset, size, align].pack(self.class.format)
       end
 
       # @return [Hash] a hash representation of this {FatArch}
@@ -585,27 +571,18 @@ module MachO
     #  Mach-Os that it points to necessarily *are* 64-bit.
     # @see MachO::Headers::FatHeader
     class FatArch64 < FatArch
-      # @return [void]
-      attr_reader :reserved
-
-      # @note Always big endian.
-      # @see MachOStructure::FORMAT
-      # @api private
-      FORMAT = "L>2Q>2L>2"
+      # @return [Integer] the file offset to the beginning of the Mach-O data
+      field :offset, :uint64, :endian => :big
 
-      # @see MachOStructure::SIZEOF
-      # @api private
-      SIZEOF = 32
+      # @return [Integer] the size, in bytes, of the Mach-O data
+      field :size, :uint64, :endian => :big
 
-      # @api private
-      def initialize(cputype, cpusubtype, offset, size, align, reserved = 0)
-        super(cputype, cpusubtype, offset, size, align)
-        @reserved = reserved
-      end
+      # @return [void]
+      field :reserved, :uint32, :endian => :big, :default => 0
 
       # @return [String] the serialized fields of the fat arch
       def serialize
-        [cputype, cpusubtype, offset, size, align, reserved].pack(FORMAT)
+        [cputype, cpusubtype, offset, size, align, reserved].pack(self.class.format)
       end
 
       # @return [Hash] a hash representation of this {FatArch64}
@@ -619,48 +596,25 @@ module MachO
     # 32-bit Mach-O file header structure
     class MachHeader < MachOStructure
       # @return [Integer] the magic number
-      attr_reader :magic
+      field :magic, :uint32
 
       # @return [Integer] the CPU type of the Mach-O
-      attr_reader :cputype
+      field :cputype, :uint32
 
       # @return [Integer] the CPU subtype of the Mach-O
-      attr_reader :cpusubtype
+      field :cpusubtype, :uint32, :mask => CPU_SUBTYPE_MASK
 
       # @return [Integer] the file type of the Mach-O
-      attr_reader :filetype
+      field :filetype, :uint32
 
       # @return [Integer] the number of load commands in the Mach-O
-      attr_reader :ncmds
+      field :ncmds, :uint32
 
       # @return [Integer] the size of all load commands, in bytes, in the Mach-O
-      attr_reader :sizeofcmds
+      field :sizeofcmds, :uint32
 
       # @return [Integer] the header flags associated with the Mach-O
-      attr_reader :flags
-
-      # @see MachOStructure::FORMAT
-      # @api private
-      FORMAT = "L=7"
-
-      # @see MachOStructure::SIZEOF
-      # @api private
-      SIZEOF = 28
-
-      # @api private
-      def initialize(magic, cputype, cpusubtype, filetype, ncmds, sizeofcmds,
-                     flags)
-        super()
-        @magic = magic
-        @cputype = cputype
-        # For now we're not interested in additional capability bits also to be
-        # found in the `cpusubtype` field. We only care about the CPU sub-type.
-        @cpusubtype = cpusubtype & ~CPU_SUBTYPE_MASK
-        @filetype = filetype
-        @ncmds = ncmds
-        @sizeofcmds = sizeofcmds
-        @flags = flags
-      end
+      field :flags, :uint32
 
       # @example
       #  puts "this mach-o has position-independent execution" if header.flag?(:MH_PIE)
@@ -724,6 +678,11 @@ module MachO
         filetype == Headers::MH_KEXT_BUNDLE
       end
 
+      # @return [Boolean] whether or not the file is of type `MH_FILESET`
+      def fileset?
+        filetype == Headers::MH_FILESET
+      end
+
       # @return [Boolean] true if the Mach-O has 32-bit magic, false otherwise
       def magic32?
         Utils.magic32?(magic)
@@ -761,27 +720,72 @@ module MachO
     # 64-bit Mach-O file header structure
     class MachHeader64 < MachHeader
       # @return [void]
-      attr_reader :reserved
+      field :reserved, :uint32
+
+      # @return [Hash] a hash representation of this {MachHeader64}
+      def to_h
+        {
+          "reserved" => reserved,
+        }.merge super
+      end
+    end
+
+    # Prelinked kernel/"kernelcache" header structure
+    class PrelinkedKernelHeader < MachOStructure
+      # @return [Integer] the magic number for a compressed header ({COMPRESSED_MAGIC})
+      field :signature, :uint32, :endian => :big
+
+      # @return [Integer] the type of compression used
+      field :compress_type, :uint32, :endian => :big
+
+      # @return [Integer] a checksum for the uncompressed data
+      field :adler32, :uint32, :endian => :big
+
+      # @return [Integer] the size of the uncompressed data, in bytes
+      field :uncompressed_size, :uint32, :endian => :big
+
+      # @return [Integer] the size of the compressed data, in bytes
+      field :compressed_size, :uint32, :endian => :big
+
+      # @return [Integer] the version of the prelink format
+      field :prelink_version, :uint32, :endian => :big
+
+      # @return [void]
+      field :reserved, :string, :size => 40, :unpack => "L>10"
+
+      # @return [void]
+      field :platform_name, :string, :size => 64
 
-      # @see MachOStructure::FORMAT
-      # @api private
-      FORMAT = "L=8"
+      # @return [void]
+      field :root_path, :string, :size => 256
 
-      # @see MachOStructure::SIZEOF
-      # @api private
-      SIZEOF = 32
+      # @return [Boolean] whether this prelinked kernel supports KASLR
+      def kaslr?
+        prelink_version >= 1
+      end
 
-      # @api private
-      def initialize(magic, cputype, cpusubtype, filetype, ncmds, sizeofcmds,
-                     flags, reserved)
-        super(magic, cputype, cpusubtype, filetype, ncmds, sizeofcmds, flags)
-        @reserved = reserved
+      # @return [Boolean] whether this prelinked kernel is compressed with LZSS
+      def lzss?
+        compress_type == COMP_TYPE_LZSS
       end
 
-      # @return [Hash] a hash representation of this {MachHeader64}
+      # @return [Boolean] whether this prelinked kernel is compressed with LZVN
+      def lzvn?
+        compress_type == COMP_TYPE_FASTLIB
+      end
+
+      # @return [Hash] a hash representation of this {PrelinkedKernelHeader}
       def to_h
         {
+          "signature" => signature,
+          "compress_type" => compress_type,
+          "adler32" => adler32,
+          "uncompressed_size" => uncompressed_size,
+          "compressed_size" => compressed_size,
+          "prelink_version" => prelink_version,
           "reserved" => reserved,
+          "platform_name" => platform_name,
+          "root_path" => root_path,
         }.merge super
       end
     end