---

codeprn.cpp

Go to the documentation of this file.

/*
PeRdr - PE file disassembler
Copyright (C) 1999-2003 Frediano Ziglio
-----

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-----

INFORMATION
  www: https://freddy77.tripod.com/perdr/
  e-mail: freddy77@angelfire.com
*/
#include "global.h"
#ifdef HAVE_HDRSTOP
#pragma hdrstop
#endif

#include "module.h"
#include "code.h"
#include "codeglob.h"
#include "perdroptions.h"

using namespace std;

// !!!
static bool commentBeginned = false;

// scrittura commenti
static void StartBeginComment()
{
  // scrivi inizio commento
  if (!commentBeginned)
    printf("\n");
  else
    printf("\n|\n");
  commentBeginned = true;

  printf("* ");
}

static void StartComment()
{
  if (!commentBeginned)
    StartBeginComment();
  else
    printf("\n|");
}

static void EndComment()
{
  if (commentBeginned)
  {
    printf("\n|\n");
    commentBeginned = false;
  }
}

// testa vari riferimenti
struct CheckRef
{
  CheckRef():count(0) {};
  void operator()(const IstrReference& ref)
  {
    if (!ref.direct)
    {
      if (count==0)
      {
        StartBeginComment();
        printf("Referenced by a (U)nconditional or (C)onditional Jump "
               "or (c)all at Address:");
      }
      char type = '?';
      switch(ref.type)
      {
      case FLOW_CALL:  type = 'c'; break;
      case FLOW_JUMP:  type = 'U'; break;
      case FLOW_CJUMP: type = 'C'; break;
      }
      if ( (count%4) == 0 )
        StartComment();
      else
        printf(",");
      printf(" %08X(%c)",ref.to,type);
          ++count;
    }
  }
  int count;
};

void CodeParser::CheckReference(vma_t address)
{
  // entry point
  if (address == module->GetEntryPoint())
  {
    StartBeginComment();
    printf("Program entry point");
  }

  // export
  // !!! manca ordinal
  pair<Symbols::iterator,Symbols::iterator> sym = module->GetExportSymbols()[address];
  for(;sym.first != sym.second;++sym.first)
  {
    StartBeginComment();
    printf("Exported function %s",(*sym.first).name.c_str());
  }

        // testa presenza riferimento
  std::for_each(istrReferences.beginReferenceTo(address),
      istrReferences.endReferenceTo(address),
      CheckRef());
}

#ifdef __BORLANDC__
#pragma argsused
#endif
void CodeParser::CheckJumpReference(vma_t address,const Instruction& instruction)
{
        // check for api reference
  for (int i=0; i<instruction.numArg; ++i)
  {
    const Param &arg = instruction.Args[i];
    if (arg.type == Param::t_memory)
    {
      // call/jmp dword ptr [constant]
                        if (arg.mem_reg1 == null_reg && arg.mem_reg2 == null_reg)
      {
        pair<Symbols::iterator,Symbols::iterator> sym = module->GetSymbols()[arg.literal];
        for(;sym.first != sym.second;++sym.first)
        {
          StartBeginComment();
          printf("Reference to %s",(*sym.first).name.c_str());
        }
      }
    }
    if (arg.type == Param::t_literal)
    {
      // salti a jmp ad api
                        if (IsPresent(apiAlias,arg.literal))
      {
        pair<Symbols::iterator,Symbols::iterator> sym = module->GetSymbols()[apiAlias[arg.literal]];
        for(;sym.first != sym.second;++sym.first)
        {
          StartBeginComment();
          printf("Reference to %s",(*sym.first).name.c_str());
        }
      }

      // salti a funzioni esportate
      pair<Symbols::iterator,Symbols::iterator> sym = module->GetExportSymbols()[arg.literal];
      for(;sym.first != sym.second;++sym.first)
      {
        StartBeginComment();
        printf("Reference to %s",(*sym.first).name.c_str());
      }
    }
  }
}

// stampa una stringa
// !!! usa funzione WriteBinary (da fare copiando questa)
void CodeParser::WriteString(vma_t address,int len) const
{
  EndComment();

  _PRG_ASSERT(&*module != NULL);
  _PRG_ASSERT(len>0);
        ObjectModule::DataReader reader = module->GetDataReader(address);
  const unsigned nCarInRow = 16;
  char buffer[3*nCarInRow+nCarInRow+10];
  for(unsigned n=0;;++n)
  {
    unsigned part = n%nCarInRow;
    if (part==0)
    {
      if (n>=nCarInRow)
      {
        buffer[nCarInRow*3+nCarInRow+1] = '\0';
        printf("%08X %s\n",address+n-nCarInRow,buffer);
        if (n>=(unsigned int)len)
          return;
      }
      // inizializza buffer
      memset(buffer,' ',sizeof(buffer));
    }
    if (n<(unsigned int)len)
    {
      uint8_t car = reader.ReadByte();

      // scrive il carattere in esadecimale e carattere relativo
      sprintf(buffer+part*3,"%02X",car);
      buffer[part*3+2] = part==(nCarInRow/2-1)?'-':' ';
      // !!! settare come opzione carattere ?
      buffer[nCarInRow*3+1+part] = isprint(car)?car:'.';
    }
  }
}

// scrive inizio istruzione/BYTE/DWORD come da inizio
// legge da ::module
void CodeParser::WriteBegin(vma_t address,int num_bytes) const
{
  int x=0,c;
  EndComment();
  printf("%08lX ",(long int)address);
  if (::options.showBytes)
  {
                ObjectModule::DataReader reader = module->GetDataReader(address);
    for (int i=0;i<num_bytes;++i)
    {
      if ( i%10 == 0 )
      {
        x = 0;
        if (i != 0)
          printf("\n         ");
      }
      c = reader.ReadByte();
      printf("%02X",c);
      x += 2;
    }

    for (;x!=20;x+=2)
      printf("  ");
  }

  printf("\t");
}

static void WritePriority(ByteInfo::TPriority priority)
{
  const char *s = "unknown";
  switch (priority)
  {
  case ByteInfo::priNone:
    s = "none"; break;
  case ByteInfo::priCheckOnly:
    s = "check only"; break;
  case ByteInfo::priFiller:
    s = "filler"; break;
  case ByteInfo::priConstant:
    s = "constant"; break;
  case ByteInfo::priApi:
    s = "api"; break;
  case ByteInfo::priExport:
    s = "export"; break;
  case ByteInfo::priHeuristics:
    s = "heuristics"; break;
  case ByteInfo::priSafeHeuristics:
    s = "safe heuristics"; break;
  case ByteInfo::priSafeExport:
    s = "safe export"; break;
  case ByteInfo::priEntryPoint:
    s = "entry point"; break;
  }
  StartBeginComment();
  printf("Current priority: %s",s);
}

void CodeParser::WriteCode()
{
        vma_t end;

  // disassembly vero e proprio
  FOR_EACH_SECTION_CODE_BEGIN(module,p)

    InstructionDecoder decoder(module->GetRelocationInfos());

    // init as invalid priority
    ByteInfo::TPriority priority = ByteInfo::TPriority(-1);

    vma_t pc = (*p).begin;
    end      = (*p).end;
    for(; pc<end; )
    {
                        ObjectModule::DataReader reader = module->GetDataReader(pc);
          int c;
          Instruction currInstruction;

      // testa cambio priorita
      if (options.showPriority)
      {
        ByteInfo::TPriority currPriority = byteInfo[pc].GetPriority();
        if (currPriority != priority)
        {
          WritePriority(currPriority);
          priority = currPriority;
        }
      }

      // test for reference
      CheckReference(pc);

      // testa se tipo conosciuto
      unsigned len = byteInfo.GetLen(pc);
      bool isInstruction = true;

      if (len != 0)
      {
        isInstruction = false;
        const ByteInfo& info = byteInfo[pc];
        switch (info.GetType())
        {
        case ByteInfo::typeInteger:
          {
            uint32_t i;
            switch (len)
            {
            case 1:
              i = reader.ReadByte();
              WriteBegin(pc,len);
              printf("BYTE %02X\n",i);
              break;
            case 2:
              i = reader.ReadWord();
              WriteBegin(pc,len);
              printf("WORD %04X\n",i);
              break;
            case 4:
              i = reader.ReadDword();
              WriteBegin(pc,len);
              printf("DWORD %08X\n",i);
              break;

            default:
              // !!! scrive come bytes normali
              //_PRG_ASSERT(0);
              WriteString(pc,len);
            }
            pc += len;
          }
          break;
        case ByteInfo::typePointer:
          {
            _PRG_ASSERT(len == (unsigned int)addr_bytes);
            vma_t address = reader.ReadDword();
            WriteBegin(pc,len);
            printf("DWORD %08lX\n",(long int)address);
            pc += len;
          }
          break;
        case ByteInfo::typeLoader:
          StartBeginComment();
          printf("Loader bytes");
          WriteString(pc,len);
          pc += len;
          break;
        case ByteInfo::typeASCIIZ:
          _DEBUG_(fprintf(stderr,"Debug: (String) reached\n"));
          WriteString(pc,len);
          pc += len;
          break;
        default:
          isInstruction = true;
        }
      }

      if (isInstruction)
      {
        // leggi successiva istruzione
        int result = decoder.Decode(currInstruction,reader);

        if ( !result || (byteInfo.GetIstrLen(pc)==0 &&
             byteInfo.IsOccupied(pc,result)) )
        {
                                        reader = module->GetDataReader(pc);
          c = reader.ReadByte();
          WriteBegin(pc,1);
            printf("BYTE\t%02X\n",c);
          pc += 1;
        }
        else
        {
            CheckJumpReference(pc,currInstruction);
          // !!! aggiungere codice per reference a stringhe o altro
          WriteBegin(pc,result);
                            WriteInstruction(currInstruction);
            // va avanti
            pc += result;
        }
      }
    }
  FOR_EACH_SECTION_CODE_END(module,p)
}

// vim:tabstop=2:mouse=a:

---