From 1616699977a148794a523404e342ba31eaa7b8fd Mon Sep 17 00:00:00 2001 From: Katy Coe Date: Sun, 27 Oct 2019 22:00:13 +0100 Subject: [PATCH] Separate TWord conversion logic from ElfReader.cs --- .../FileFormatReaders/ElfReader.cs | 122 ++++++------------ .../FileFormatReaders/WordConversions.cs | 50 +++++++ 2 files changed, 91 insertions(+), 81 deletions(-) create mode 100644 Il2CppInspector/FileFormatReaders/WordConversions.cs diff --git a/Il2CppInspector/FileFormatReaders/ElfReader.cs b/Il2CppInspector/FileFormatReaders/ElfReader.cs index 466f619..20c25ac 100644 --- a/Il2CppInspector/FileFormatReaders/ElfReader.cs +++ b/Il2CppInspector/FileFormatReaders/ElfReader.cs @@ -13,7 +13,7 @@ using System.Reflection; namespace Il2CppInspector { - internal class ElfReader32 : ElfReader + internal class ElfReader32 : ElfReader { public ElfReader32(Stream stream) : base(stream) { ElfReloc.GetRelocType = info => (Elf) (info & 0xff); @@ -26,7 +26,7 @@ namespace Il2CppInspector protected override void Write(BinaryWriter writer, uint value) => writer.Write(value); } - internal class ElfReader64 : ElfReader + internal class ElfReader64 : ElfReader { public ElfReader64(Stream stream) : base(stream) { ElfReloc.GetRelocType = info => (Elf) (info & 0xffff_ffff); @@ -39,59 +39,19 @@ namespace Il2CppInspector protected override void Write(BinaryWriter writer, ulong value) => writer.Write(value); } - // NOTE: What we really should have done here is add a TWord type parameter to FileFormatReader - // then we could probably avoid most of this - interface IElfMath where TWord : struct - { - TWord Add(TWord a, TWord b); - TWord Sub(TWord a, TWord b); - TWord Div(TWord a, TWord b); - TWord Div(TWord a, int b); - int Int(TWord a); - long Long(TWord a); - ulong ULong(TWord a); - bool Gt(TWord a, TWord b); - uint[] UIntArray(TWord[] a); - } - - internal class ElfMath32 : IElfMath - { - public uint Add(uint a, uint b) => a + b; - public uint Sub(uint a, uint b) => a - b; - public uint Div(uint a, uint b) => a / b; - public uint Div(uint a, int b) => a / (uint) b; - public int Int(uint a) => (int) a; - public long Long(uint a) => a; - public ulong ULong(uint a) => a; - public bool Gt(uint a, uint b) => a > b; - public uint[] UIntArray(uint[] a) => a; - } - internal class ElfMath64 : IElfMath - { - public ulong Add(ulong a, ulong b) => a + b; - public ulong Sub(ulong a, ulong b) => a - b; - public ulong Div(ulong a, ulong b) => a / b; - public ulong Div(ulong a, int b) => a / (uint) b; - public int Int(ulong a) => (int) a; - public long Long(ulong a) => (long) a; - public ulong ULong(ulong a) => a; - public bool Gt(ulong a, ulong b) => a > b; - public uint[] UIntArray(ulong[] a) => Array.ConvertAll(a, x => (uint) x); - } - interface IElfReader { uint GetPLTAddress(); } - internal abstract class ElfReader : FileFormatReader, IElfReader + internal abstract class ElfReader : FileFormatReader, IElfReader where TWord : struct where TPHdr : Ielf_phdr, new() where TSym : Ielf_sym, new() - where TMath : IElfMath, new() + where TConvert : IWordConverter, new() where TReader : FileFormatReader { - private readonly TMath math = new TMath(); + private readonly TConvert conv = new TConvert(); // Internal relocation entry helper protected class ElfReloc @@ -166,7 +126,7 @@ namespace Il2CppInspector private elf_shdr getSection(Elf sectionIndex) => section_header_table.FirstOrDefault(x => x.sh_type == (uint) sectionIndex); private IEnumerable> getSections(Elf sectionIndex) => section_header_table.Where(x => x.sh_type == (uint) sectionIndex); private TPHdr getProgramHeader(Elf programIndex) => program_header_table.FirstOrDefault(x => x.p_type == (uint) programIndex); - private elf_dynamic getDynamic(Elf dynamicIndex) => dynamic_table?.FirstOrDefault(x => (Elf) math.ULong(x.d_tag) == dynamicIndex); + private elf_dynamic getDynamic(Elf dynamicIndex) => dynamic_table?.FirstOrDefault(x => (Elf) conv.ULong(x.d_tag) == dynamicIndex); protected abstract Elf ArchClass { get; } @@ -183,15 +143,15 @@ namespace Il2CppInspector if ((Elf) elf_header.m_arch != ArchClass) return false; - program_header_table = ReadArray(math.Long(elf_header.e_phoff), elf_header.e_phnum); - section_header_table = ReadArray>(math.Long(elf_header.e_shoff), elf_header.e_shnum); + program_header_table = ReadArray(conv.Long(elf_header.e_phoff), elf_header.e_phnum); + section_header_table = ReadArray>(conv.Long(elf_header.e_shoff), elf_header.e_shnum); if (getProgramHeader(Elf.PT_DYNAMIC) is TPHdr PT_DYNAMIC) - dynamic_table = ReadArray>(math.Long(PT_DYNAMIC.p_offset), (int) (math.Long(PT_DYNAMIC.p_filesz) / Sizeof(typeof(elf_dynamic)))); + dynamic_table = ReadArray>(conv.Long(PT_DYNAMIC.p_offset), (int) (conv.Long(PT_DYNAMIC.p_filesz) / Sizeof(typeof(elf_dynamic)))); // Get offset of code section var codeSegment = program_header_table.First(x => ((Elf) x.p_flags & Elf.PF_X) == Elf.PF_X); - GlobalOffset = math.ULong(math.Sub(codeSegment.p_vaddr, codeSegment.p_offset)); + GlobalOffset = conv.ULong(conv.Sub(codeSegment.p_vaddr, codeSegment.p_offset)); // Find all relocations; target address => (rela header (rels are converted to rela), symbol table base address, is rela?) var rels = new HashSet(); @@ -199,25 +159,25 @@ namespace Il2CppInspector // Two types: add value from offset in image, and add value from specified addend foreach (var relSection in getSections(Elf.SHT_REL)) rels.UnionWith( - from rel in ReadArray>(math.Long(relSection.sh_offset), math.Int(math.Div(relSection.sh_size, relSection.sh_entsize))) + from rel in ReadArray>(conv.Long(relSection.sh_offset), conv.Int(conv.Div(relSection.sh_size, relSection.sh_entsize))) select new ElfReloc(rel, section_header_table[relSection.sh_link].sh_offset)); foreach (var relaSection in getSections(Elf.SHT_RELA)) rels.UnionWith( - from rela in ReadArray>(math.Long(relaSection.sh_offset), math.Int(math.Div(relaSection.sh_size, relaSection.sh_entsize))) + from rela in ReadArray>(conv.Long(relaSection.sh_offset), conv.Int(conv.Div(relaSection.sh_size, relaSection.sh_entsize))) select new ElfReloc(rela, section_header_table[relaSection.sh_link].sh_offset)); // Relocations in dynamic section if (getDynamic(Elf.DT_REL) is elf_dynamic dt_rel) { - var dt_rel_count = math.Div(getDynamic(Elf.DT_RELSZ).d_un, getDynamic(Elf.DT_RELENT).d_un); - var dt_rel_list = ReadArray>(MapVATR(math.ULong(dt_rel.d_un)), math.Int(dt_rel_count)); + var dt_rel_count = conv.Div(getDynamic(Elf.DT_RELSZ).d_un, getDynamic(Elf.DT_RELENT).d_un); + var dt_rel_list = ReadArray>(MapVATR(conv.ULong(dt_rel.d_un)), conv.Int(dt_rel_count)); var dt_symtab = getDynamic(Elf.DT_SYMTAB).d_un; rels.UnionWith(from rel in dt_rel_list select new ElfReloc(rel, dt_symtab)); } if (getDynamic(Elf.DT_RELA) is elf_dynamic dt_rela) { - var dt_rela_count = math.Div(getDynamic(Elf.DT_RELASZ).d_un, getDynamic(Elf.DT_RELAENT).d_un); - var dt_rela_list = ReadArray>(MapVATR(math.ULong(dt_rela.d_un)), math.Int(dt_rela_count)); + var dt_rela_count = conv.Div(getDynamic(Elf.DT_RELASZ).d_un, getDynamic(Elf.DT_RELAENT).d_un); + var dt_rela_list = ReadArray>(MapVATR(conv.ULong(dt_rela.d_un)), conv.Int(dt_rela_count)); var dt_symtab = getDynamic(Elf.DT_SYMTAB).d_un; rels.UnionWith(from rela in dt_rela_list select new ElfReloc(rela, dt_symtab)); } @@ -231,10 +191,10 @@ namespace Il2CppInspector var relsz = Sizeof(typeof(TSym)); foreach (var rel in rels) { - var symValue = ReadObject(math.Long(rel.SymbolTable) + math.Long(rel.SymbolIndex) * relsz).st_value; // S + var symValue = ReadObject(conv.Long(rel.SymbolTable) + conv.Long(rel.SymbolIndex) * relsz).st_value; // S // The addend is specified in the struct for rela, and comes from the target location for rel - Position = MapVATR(math.ULong(rel.Offset)); + Position = MapVATR(conv.ULong(rel.Offset)); var addend = rel.Addend ?? ReadObject(); // A // Only handle relocation types we understand, skip the rest @@ -242,28 +202,28 @@ namespace Il2CppInspector // and https://studfiles.net/preview/429210/page:18/ // and http://infocenter.arm.com/help/topic/com.arm.doc.ihi0056b/IHI0056B_aaelf64.pdf (AArch64) (TWord newValue, bool recognized) result = (rel.Type, (Elf) elf_header.e_machine) switch { - (Elf.R_ARM_ABS32, Elf.EM_ARM) => (math.Add(symValue, addend), true), // S + A - (Elf.R_ARM_REL32, Elf.EM_ARM) => (math.Add(math.Sub(symValue, rel.Offset), addend), true), // S - P + A + (Elf.R_ARM_ABS32, Elf.EM_ARM) => (conv.Add(symValue, addend), true), // S + A + (Elf.R_ARM_REL32, Elf.EM_ARM) => (conv.Add(conv.Sub(symValue, rel.Offset), addend), true), // S - P + A (Elf.R_ARM_COPY, Elf.EM_ARM) => (symValue, true), // S - (Elf.R_AARCH64_ABS64, Elf.EM_AARCH64) => (math.Add(symValue, addend), true), // S + A - (Elf.R_AARCH64_PREL64, Elf.EM_AARCH64) => (math.Sub(math.Add(symValue, addend), rel.Offset), true), // S + A - P - (Elf.R_AARCH64_GLOB_DAT, Elf.EM_AARCH64) => (math.Add(symValue, addend), true), // S + A - (Elf.R_AARCH64_JUMP_SLOT, Elf.EM_AARCH64) => (math.Add(symValue, addend), true), // S + A - (Elf.R_AARCH64_RELATIVE, Elf.EM_AARCH64) => (math.Add(symValue, addend), true), // Delta(S) + A + (Elf.R_AARCH64_ABS64, Elf.EM_AARCH64) => (conv.Add(symValue, addend), true), // S + A + (Elf.R_AARCH64_PREL64, Elf.EM_AARCH64) => (conv.Sub(conv.Add(symValue, addend), rel.Offset), true), // S + A - P + (Elf.R_AARCH64_GLOB_DAT, Elf.EM_AARCH64) => (conv.Add(symValue, addend), true), // S + A + (Elf.R_AARCH64_JUMP_SLOT, Elf.EM_AARCH64) => (conv.Add(symValue, addend), true), // S + A + (Elf.R_AARCH64_RELATIVE, Elf.EM_AARCH64) => (conv.Add(symValue, addend), true), // Delta(S) + A - (Elf.R_386_32, Elf.EM_386) => (math.Add(symValue, addend), true), // S + A - (Elf.R_386_PC32, Elf.EM_386) => (math.Sub(math.Add(symValue, addend), rel.Offset), true), // S + A - P + (Elf.R_386_32, Elf.EM_386) => (conv.Add(symValue, addend), true), // S + A + (Elf.R_386_PC32, Elf.EM_386) => (conv.Sub(conv.Add(symValue, addend), rel.Offset), true), // S + A - P (Elf.R_386_GLOB_DAT, Elf.EM_386) => (symValue, true), // S (Elf.R_386_JMP_SLOT, Elf.EM_386) => (symValue, true), // S - (Elf.R_AMD64_64, Elf.EM_AARCH64) => (math.Add(symValue, addend), true), // S + A + (Elf.R_AMD64_64, Elf.EM_AARCH64) => (conv.Add(symValue, addend), true), // S + A _ => (default(TWord), false) }; if (result.recognized) { - Position = MapVATR(math.ULong(rel.Offset)); + Position = MapVATR(conv.ULong(rel.Offset)); Write(writer, result.newValue); } } @@ -282,11 +242,11 @@ namespace Il2CppInspector if (SHT_STRTAB != null) { // Section header shared object symbol table (.symtab) if (getSection(Elf.SHT_SYMTAB) is elf_shdr SHT_SYMTAB) - pTables.Add((SHT_SYMTAB.sh_offset, math.Div(SHT_SYMTAB.sh_size, SHT_SYMTAB.sh_entsize), SHT_STRTAB.sh_offset)); + pTables.Add((SHT_SYMTAB.sh_offset, conv.Div(SHT_SYMTAB.sh_size, SHT_SYMTAB.sh_entsize), SHT_STRTAB.sh_offset)); // Section header executable symbol table (.dynsym) if (getSection(Elf.SHT_DYNSYM) is elf_shdr SHT_DYNSYM) - pTables.Add((SHT_DYNSYM.sh_offset, math.Div(SHT_DYNSYM.sh_size, SHT_DYNSYM.sh_entsize), SHT_STRTAB.sh_offset)); + pTables.Add((SHT_DYNSYM.sh_offset, conv.Div(SHT_DYNSYM.sh_size, SHT_DYNSYM.sh_entsize), SHT_STRTAB.sh_offset)); } // Symbol table in dynamic section (DT_SYMTAB) @@ -296,10 +256,10 @@ namespace Il2CppInspector if (getDynamic(Elf.DT_STRTAB) is elf_dynamic DT_STRTAB) { if (getDynamic(Elf.DT_SYMTAB) is elf_dynamic DT_SYMTAB) { // Find the next pointer in the dynamic table to calculate the length of the symbol table - var end = (from x in dynamic_table where math.Gt(x.d_un, DT_SYMTAB.d_un) orderby x.d_un select x).First().d_un; + var end = (from x in dynamic_table where conv.Gt(x.d_un, DT_SYMTAB.d_un) orderby x.d_un select x).First().d_un; // Dynamic symbol table - pTables.Add((DT_SYMTAB.d_un, math.Div(math.Sub(end, DT_SYMTAB.d_un), Sizeof(typeof(TSym))), DT_STRTAB.d_un)); + pTables.Add((DT_SYMTAB.d_un, conv.Div(conv.Sub(end, DT_SYMTAB.d_un), Sizeof(typeof(TSym))), DT_STRTAB.d_un)); } } @@ -307,13 +267,13 @@ namespace Il2CppInspector var symbolTable = new Dictionary(); foreach (var pTab in pTables) { - var symbol_table = ReadArray(math.Long(pTab.offset), math.Int(pTab.count)); + var symbol_table = ReadArray(conv.Long(pTab.offset), conv.Int(pTab.count)); foreach (var symbol in symbol_table) { - var name = ReadNullTerminatedString(math.Long(pTab.strings) + symbol.st_name); + var name = ReadNullTerminatedString(conv.Long(pTab.strings) + symbol.st_name); // Avoid duplicates - symbolTable.TryAdd(name, math.ULong(symbol.st_value)); + symbolTable.TryAdd(name, conv.ULong(symbol.st_value)); } } @@ -324,10 +284,10 @@ namespace Il2CppInspector // INIT_ARRAY contains a list of pointers to initialization functions (not all functions in the binary) // INIT_ARRAYSZ contains the size of INIT_ARRAY - var init = MapVATR(math.ULong(getDynamic(Elf.DT_INIT_ARRAY).d_un)); + var init = MapVATR(conv.ULong(getDynamic(Elf.DT_INIT_ARRAY).d_un)); var size = getDynamic(Elf.DT_INIT_ARRAYSZ).d_un; - return math.UIntArray(ReadArray(init, math.Int(size) / (Bits / 8))); + return conv.UIntArray(ReadArray(init, conv.Int(size) / (Bits / 8))); } // Map a virtual address to an offset into the image file. Throws an exception if the virtual address is not mapped into the file. @@ -337,11 +297,11 @@ namespace Il2CppInspector // Additions in the argument to MapVATR may cause an overflow which should be discarded for 32-bit files if (Bits == 32) uiAddr &= 0xffff_ffff; - var program_header_table = this.program_header_table.First(x => uiAddr >= math.ULong(x.p_vaddr) && uiAddr <= math.ULong(math.Add(x.p_vaddr, x.p_filesz))); - return (uint) (uiAddr - math.ULong(math.Sub(program_header_table.p_vaddr, program_header_table.p_offset))); + var program_header_table = this.program_header_table.First(x => uiAddr >= conv.ULong(x.p_vaddr) && uiAddr <= conv.ULong(conv.Add(x.p_vaddr, x.p_filesz))); + return (uint) (uiAddr - conv.ULong(conv.Sub(program_header_table.p_vaddr, program_header_table.p_offset))); } // Get the address of the procedure linkage table (.got.plt) which is needed for some disassemblies - public uint GetPLTAddress() => (uint) math.ULong(getDynamic(Elf.DT_PLTGOT).d_un); + public uint GetPLTAddress() => (uint) conv.ULong(getDynamic(Elf.DT_PLTGOT).d_un); } } \ No newline at end of file diff --git a/Il2CppInspector/FileFormatReaders/WordConversions.cs b/Il2CppInspector/FileFormatReaders/WordConversions.cs new file mode 100644 index 0000000..52d920c --- /dev/null +++ b/Il2CppInspector/FileFormatReaders/WordConversions.cs @@ -0,0 +1,50 @@ +/* + Copyright 2019 Katy Coe - http://www.hearthcode.org - http://www.djkaty.com + + All rights reserved. +*/ + +using System; + +namespace Il2CppInspector +{ + // NOTE: What we really should have done here is add a TWord type parameter to FileFormatReader + // then we could probably avoid most of this + interface IWordConverter where TWord : struct + { + TWord Add(TWord a, TWord b); + TWord Sub(TWord a, TWord b); + TWord Div(TWord a, TWord b); + TWord Div(TWord a, int b); + int Int(TWord a); + long Long(TWord a); + ulong ULong(TWord a); + bool Gt(TWord a, TWord b); + uint[] UIntArray(TWord[] a); + } + + internal class Convert32 : IWordConverter + { + public uint Add(uint a, uint b) => a + b; + public uint Sub(uint a, uint b) => a - b; + public uint Div(uint a, uint b) => a / b; + public uint Div(uint a, int b) => a / (uint)b; + public int Int(uint a) => (int)a; + public long Long(uint a) => a; + public ulong ULong(uint a) => a; + public bool Gt(uint a, uint b) => a > b; + public uint[] UIntArray(uint[] a) => a; + } + internal class Convert64 : IWordConverter + { + public ulong Add(ulong a, ulong b) => a + b; + public ulong Sub(ulong a, ulong b) => a - b; + public ulong Div(ulong a, ulong b) => a / b; + public ulong Div(ulong a, int b) => a / (uint)b; + public int Int(ulong a) => (int)a; + public long Long(ulong a) => (long)a; + public ulong ULong(ulong a) => a; + public bool Gt(ulong a, ulong b) => a > b; + public uint[] UIntArray(ulong[] a) => Array.ConvertAll(a, x => (uint)x); + } +}