Package ghidra.app.util.opinion

Class MachoProgramBuilder

java.lang.Object
ghidra.app.util.opinion.MachoProgramBuilder
Direct Known Subclasses:
DyldCacheProgramBuilder, MachoPrelinkProgramBuilder
public class MachoProgramBuilder extends Object
Builds up a Mach-O Program by parsing the Mach-O headers.

  • Field Details

  • Constructor Details

  • Method Details

    • buildProgram

      public static void buildProgram(Program program, ByteProvider provider, FileBytes fileBytes, MessageLog log, TaskMonitor monitor) throws Exception
      Builds up a Mach-O Program.
      Parameters:
      program - The Program to build up.
      provider - The ByteProvider that contains the Mach-O's bytes.
      fileBytes - Where the Mach-O's bytes came from.
      log - The log.
      monitor - A cancelable task monitor.
      Throws:
      Exception - if a problem occurs.

    • build

      protected void build() throws Exception
      Throws:
      Exception

    • setProgramImageBase

      protected void setProgramImageBase() throws Exception
      Sets the Program image base
      Throws:
      Exception - if there was a problem setting the Program image base

    • getMachoBaseAddress

      protected Address getMachoBaseAddress()
      Gets the base address of this Mach-O. This is the address of the start of the Mach-O, not necessary the Program image base.
      Returns:
      The base address of this Mach-O

    • processMemoryBlocks

      protected void processMemoryBlocks(MachHeader header, String source, boolean processSections, boolean allowZeroAddr) throws Exception
      Creates memory blocks for the given header.
      Parameters:
      header - The Mach-O header to process for memory block creation.
      source - A name that represents where the memory blocks came from.
      processSections - True to split segments into their sections.
      allowZeroAddr - True if memory blocks at address 0 should be processed; otherwise, false.
      Throws:
      Exception - If there was a problem processing the memory blocks.

    • fixupProgramTree

      protected void fixupProgramTree(String suffix) throws Exception
      Fixes up the Program Tree to better visualize the memory blocks that were split into sections
      Parameters:
      suffix - An optional suffix that will get appended to tree segment and segment nodes
      Throws:
      Exception - if there was a problem fixing up the Program Tree

    • processEntryPoint

      protected void processEntryPoint(String source) throws Exception
      Attempts to discover and set the entry point.

      A program may declare multiple entry points to, for example, confuse static analysis tools. We will sort the discovered entry points by priorities assigned to each type of load command, and only use the one with the highest priority.

      Parameters:
      source - A name that represents where the memory blocks came from.
      Throws:
      Exception - If there was a problem discovering or setting the entry point.

    • processExports

      protected boolean processExports(MachHeader header) throws Exception
      Throws:
      Exception

    • processNewExport

      protected void processNewExport(Address baseAddr, ExportTrie.ExportEntry export, String name) throws AddressOutOfBoundsException, Exception
      Throws:
      AddressOutOfBoundsException
      Exception

    • processSymbolTables

      protected void processSymbolTables(MachHeader header, boolean processExports) throws Exception
      Throws:
      Exception

    • processStubs

      protected void processStubs() throws Exception
      Throws:
      Exception

    • processUndefinedSymbols

      protected void processUndefinedSymbols() throws Exception
      Throws:
      Exception

    • processAbsoluteSymbols

      protected void processAbsoluteSymbols() throws Exception
      Throws:
      Exception

    • processChainedFixups

      public List<Address> processChainedFixups(List<String> libraryPaths) throws Exception
      Throws:
      Exception

    • processDyldInfo

      protected void processDyldInfo(boolean doClassic, List<String> libraryPaths) throws Exception
      Throws:
      Exception

    • markupHeaders

      protected void markupHeaders(MachHeader header, Address headerAddr) throws Exception
      Throws:
      Exception

    • setupHeaderAddr

      protected Address setupHeaderAddr(Collection<SegmentCommand> segments) throws AddressOverflowException
      Sets up the MachHeader in memory and returns its address. If the header was not intended to reside in memory (like for Mach-O object files), then this method will create an area in the "OTHER" address space for the header to live in.
      Parameters:
      segments - A Collection of Mach-O segments
      Returns:
      The Address of MachHeader in memory
      Throws:
      AddressOverflowException - if the address lies outside the address space

    • markupSections

      protected void markupSections() throws Exception
      Throws:
      Exception

    • processSectionRelocations

      protected void processSectionRelocations() throws CancelledException
      Processes the section relocations from all Sections.
      Throws:
      CancelledException - if the operation was cancelled.

    • processExternalRelocations

      protected void processExternalRelocations() throws CancelledException
      Processes the external relocations from all DynamicSymbolTableCommands.
      Throws:
      CancelledException - if the operation was cancelled.

    • processLocalRelocations

      protected void processLocalRelocations() throws CancelledException
      Processes the local relocations from all DynamicSymbolTableCommands.
      Throws:
      CancelledException - if the operation was cancelled.

    • processLibraries

      protected List<String> processLibraries() throws Exception
      Throws:
      Exception

    • processEncryption

      protected void processEncryption() throws Exception
      Logs encrypted block ranges
      Throws:
      Exception - if there was a problem detecting the encrypted block ranges

    • processUnsupportedLoadCommands

      protected void processUnsupportedLoadCommands() throws CancelledException
      Processes LoadCommands that we haven't implemented yet.
      Throws:
      CancelledException - if the operation was cancelled.

    • processCorruptLoadCommands

      protected void processCorruptLoadCommands() throws CancelledException
      Processes LoadCommands that appear to be corrupt.
      Throws:
      CancelledException - if the operation was cancelled.

    • markupLoadCommandData

      protected void markupLoadCommandData(MachHeader header, String source) throws Exception
      Marks up LoadCommand dadta
      Parameters:
      header - The Mach-O header
      source - A name that represents where the header came from (could be null)
      Throws:
      Exception - If there was a problem performing the markup

    • createNamespace

      protected Namespace createNamespace(String namespaceName)

    • createOneByteFunction

      public static Function createOneByteFunction(Program program, String name, Address address)
      create a one-byte function, so that when the code is analyzed, it will be disassembled, and the function created with the correct body.
      Parameters:
      program - The Program
      name - the name of the function
      address - location to create the function
      Returns:
      If a function already existed at the given address, that function will be returned. Otherwise, the newly created function will be returned. If there was a problem creating the function, null will be returned.

    • markupChainedFixups

      protected void markupChainedFixups(MachHeader header, List<Address> chainedFixups) throws CancelledException
      Markup the given List of chained fixups by creating pointers at their locations, if possible
      Parameters:
      header - The Mach-O header
      chainedFixups - The List of chained fixups to markup
      Throws:
      CancelledException - if the operation was cancelled

    • markupProgramVars

      protected void markupProgramVars() throws Exception
      Throws:
      Exception

    • setRelocatableProperty

      protected void setRelocatableProperty()

    • setProgramDescription

      protected void setProgramDescription()

    • markupAndSetGolangInitialProgramProperties

      protected void markupAndSetGolangInitialProgramProperties()

    • setCompiler

      protected void setCompiler() throws CancelledException
      Throws:
      CancelledException

    • renameObjMsgSendRtpSymbol

      protected void renameObjMsgSendRtpSymbol() throws DuplicateNameException, InvalidInputException
      Throws:
      DuplicateNameException
      InvalidInputException

    • fixupExternalLibrary

      public static void fixupExternalLibrary(Program program, List<String> libraryPaths, int libraryOrdinal, String symbol) throws Exception
      Associates the given Symbol with the correct external Library (fixing the <EXTERNAL> association)
      Parameters:
      program - The Program
      libraryPaths - A List of library paths
      libraryOrdinal - The library ordinal
      symbol - The symbol
      Throws:
      Exception - if an unexpected problem occurs