pvmproc/catbert_ldr.cpp at main · allthingsida/pvmproc · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
/*
  CatBert PigletVM loader for IDA Pro

  by Elias Bachaalany / AllThingsIDA
*/

#include <ida.hpp>
#include <fpro.h>
#include <idp.hpp>
#include <loader.hpp>
#include <diskio.hpp>
#include <../ldr/idaldr.h>
#include "common.h"

// CatBert file header format:
// {
//     @0: uint32_t sig; // 'BT4C'
//     @4: uint32_t data_size;
//     @8: uint32_t pos_bytecode;
//     @0xc: uint32_t bytecode_size;
//     ...data[data_size]...
//     @pos_bytecode: ...bytecode[bytecode_size]...
// }

#define MEM_SIZE 0x10000

//--------------------------------------------------------------------------
//
//      check input file format. if recognized, then return 1
//      and fill 'fileformatname'.
//      otherwise return 0
//
static int idaapi accept_file(
    qstring* fileformatname,
    qstring* processor,
    linput_t* li,
    const char* filename)
{
    uint32_t sig;
    lread(li, &sig, sizeof(sig));
    if (sig != 'BT4C')
        return 0;

    *fileformatname = "Catbert PigletVM";
    *processor = "pvm";

    return 1;
}

//--------------------------------------------------------------------------
//
//      load file into the database.
//
void idaapi load_file(
    linput_t* li,
    ushort neflag,
    const char* fileformatname)
{
    // Set the processor type
    set_processor_type("pvm", SETPROC_LOADER);

    uint32_t pos_bytecode, bytecode_size;
    qlseek(li, 8, SEEK_SET);
    lread(li, &pos_bytecode, sizeof(pos_bytecode));
    lread(li, &bytecode_size, sizeof(bytecode_size));

    // Code segment
    ea_t start_ea = PVM_CODE_BASE;
    QASSERT(0, start_ea > (MEM_SIZE * 8));
    ea_t end_ea = start_ea + bytecode_size;
    sel_t sel = 0;

    segment_t s;
    s.start_ea = start_ea;
    s.end_ea = end_ea;
    s.type = SEG_CODE;
    s.bitness = 2; // 64-bit
    sel = s.sel = allocate_selector(0);
    inf_set_max_ea(s.end_ea);

    if (!add_segm_ex(&s, "code", CLASS_CODE, 0))
        loader_failure();

    file2base(li, pos_bytecode, start_ea, end_ea, FILEREG_PATCHABLE);

    inf_set_start_ip(start_ea);
    inf_set_start_cs(sel);
    inf_set_start_ea(start_ea);

    // Data segment
    s.start_ea = 0x0;
    s.end_ea = s.start_ea + (sizeof(uint64_t) * MEM_SIZE);
    s.type = SEG_DATA;
    s.bitness = 2; // 64-bit
    s.sel = allocate_selector(0);//sel;

    if (!add_segm_ex(&s, "memory", CLASS_BSS, ADDSEG_SPARSE))
        loader_failure();

    create_qword(s.start_ea, s.size());

    inf_set_be(true);
    inf_set_min_ea(s.start_ea);
}

//----------------------------------------------------------------------
//
//      LOADER DESCRIPTION BLOCK
//
//----------------------------------------------------------------------

// Make sure we export LDSC
idaman loader_t ida_module_data LDSC;

loader_t LDSC =
{
  IDP_INTERFACE_VERSION,
  0, // loader flags
  accept_file, // recognize the file?
  load_file, // load file into the database.
  nullptr, // savefile()
  nullptr, // move_segm()
  nullptr,
};