From aa0fcb33055f30397a5d98ffc2a661410438b6a8 Mon Sep 17 00:00:00 2001 From: flagersgit Date: Wed, 12 Jun 2024 05:11:12 -0400 Subject: [PATCH] Adjust as needed for Stubber 3 binary analysis usage. --- .github/py_osx.sh | 13 +++-- .github/workflows/linux-x86-64.yml | 92 ------------------------------ .github/workflows/osx.yml | 61 -------------------- .gitignore | 7 ++- CMakeLists.txt | 2 +- bindings/python/setup.py | 8 ++- scripts/docker/compile_icdump.sh | 26 --------- scripts/docker/compile_lief.sh | 24 -------- scripts/docker/compile_llvm.sh | 23 -------- src/ObjC/Parser.cpp | 19 +----- third-party/Combine-LIEF.tool | 3 + third-party/Combine-LLVM.tool | 3 + 12 files changed, 26 insertions(+), 255 deletions(-) delete mode 100644 .github/workflows/linux-x86-64.yml delete mode 100644 .github/workflows/osx.yml delete mode 100644 scripts/docker/compile_icdump.sh delete mode 100755 scripts/docker/compile_lief.sh delete mode 100755 scripts/docker/compile_llvm.sh create mode 100755 third-party/Combine-LIEF.tool create mode 100755 third-party/Combine-LLVM.tool diff --git a/.github/py_osx.sh b/.github/py_osx.sh index e041ce0..e986ecb 100755 --- a/.github/py_osx.sh +++ b/.github/py_osx.sh @@ -1,8 +1,9 @@ -#!/usr/bin/sh +#!/usr/bin/env zsh set -ex -python3 ./bindings/python/setup.py --ninja --osx-arch=arm64 \ - --lief-dir=/tmp/third-party/LIEF-0.13.0-Darwin/share/LIEF/cmake \ - --llvm-dir=/tmp/third-party/LLVM-14.0.6-Darwin/lib/cmake/llvm \ - build --build-temp=/tmp/arm64 bdist_wheel --skip-build \ - --plat-name=macosx_${MACOSX_DEPLOYMENT_TARGET}_arm64 + +export MACOSX_DEPLOYMENT_TARGET=10.13 +python3 ./bindings/python/setup.py --ninja --osx-arch='x86_64;arm64' \ + --lief-dir=$GITHUB_WORKSPACE/third-party/LIEF-0.14.1-Darwin/share/LIEF/cmake \ + --llvm-dir=$GITHUB_WORKSPACE/third-party/LLVM-14.0.6-Darwin/lib/cmake/llvm \ + build bdist_wheel --skip-build diff --git a/.github/workflows/linux-x86-64.yml b/.github/workflows/linux-x86-64.yml deleted file mode 100644 index 5494e79..0000000 --- a/.github/workflows/linux-x86-64.yml +++ /dev/null @@ -1,92 +0,0 @@ -name: 'Linux x86-64' -on: push - -jobs: - linux-sdk: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Get Date - id: get-date - run: | - echo "::set-output name=date::$(/bin/date -u "+%Y-%m-%d-%H;%M;%S")" - shell: bash - - name: ccache cache files - uses: actions/cache@v3 - with: - path: ~/.ccache - key: linux-x86-64-${{ runner.os }}-${{ steps.get-date.outputs.date }} - restore-keys: | - linux-x86-64-${{ runner.os }}- - - name: Prepare dependencies - shell: bash - run: | - mkdir -p /tmp/third-party && cd /tmp/third-party - curl -LO https://data.romainthomas.fr/icdump/LLVM-14.0.6-Linux-slim.tar.gz - curl -LO https://data.romainthomas.fr/icdump/LIEF-0.13.0-Linux-x86_64.tar.gz - - name: Build Python 3.8 wheel - shell: bash - env: - PYTHON_VERSION: 38 - run: | - docker run --rm \ - -e CCACHE_COMPRESS=1 \ - -e CCACHE_MAXSIZE=10.0G \ - -e CCACHE_CPP2=1 \ - -e CCACHE_DIR=/ccache \ - -e PYTHON_VERSION=$PYTHON_VERSION \ - -e PYTHON_BINARY=/opt/python/cp38-cp38/bin/python \ - -v /tmp/third-party:/third-party \ - -v $GITHUB_WORKSPACE:/icdump \ - -v $HOME/.ccache:/ccache \ - rh0main/icdump_manylinux_2_28_x86_64 bash /icdump/scripts/docker/compile_icdump.sh - - name: Build Python 3.9 wheel - shell: bash - env: - PYTHON_VERSION: 39 - run: | - docker run --rm \ - -e CCACHE_COMPRESS=1 \ - -e CCACHE_MAXSIZE=10.0G \ - -e CCACHE_CPP2=1 \ - -e CCACHE_DIR=/ccache \ - -e PYTHON_VERSION=$PYTHON_VERSION \ - -e PYTHON_BINARY=/opt/python/cp39-cp39/bin/python \ - -v /tmp/third-party:/third-party \ - -v $GITHUB_WORKSPACE:/icdump \ - -v $HOME/.ccache:/ccache \ - rh0main/icdump_manylinux_2_28_x86_64 bash /icdump/scripts/docker/compile_icdump.sh - - name: Build Python 3.10 wheel - shell: bash - env: - PYTHON_VERSION: 310 - run: | - docker run --rm \ - -e CCACHE_COMPRESS=1 \ - -e CCACHE_MAXSIZE=10.0G \ - -e CCACHE_CPP2=1 \ - -e CCACHE_DIR=/ccache \ - -e PYTHON_VERSION=$PYTHON_VERSION \ - -e PYTHON_BINARY=/opt/python/cp310-cp310/bin/python \ - -v /tmp/third-party:/third-party \ - -v $GITHUB_WORKSPACE:/icdump \ - -v $HOME/.ccache:/ccache \ - rh0main/icdump_manylinux_2_28_x86_64 bash /icdump/scripts/docker/compile_icdump.sh - - name: Build Python 3.11 wheel - shell: bash - env: - PYTHON_VERSION: 311 - run: | - docker run --rm \ - -e CCACHE_COMPRESS=1 \ - -e CCACHE_MAXSIZE=10.0G \ - -e CCACHE_CPP2=1 \ - -e CCACHE_DIR=/ccache \ - -e PYTHON_VERSION=$PYTHON_VERSION \ - -e PYTHON_BINARY=/opt/python/cp311-cp311/bin/python \ - -v /tmp/third-party:/third-party \ - -v $GITHUB_WORKSPACE:/icdump \ - -v $HOME/.ccache:/ccache \ - rh0main/icdump_manylinux_2_28_x86_64 bash /icdump/scripts/docker/compile_icdump.sh diff --git a/.github/workflows/osx.yml b/.github/workflows/osx.yml deleted file mode 100644 index 5b77785..0000000 --- a/.github/workflows/osx.yml +++ /dev/null @@ -1,61 +0,0 @@ -name: 'macOS' -on: push - -jobs: - osx-sdk: - runs-on: macos-12.0 - strategy: - matrix: - python-version: ['3.10'] - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - name: Install system dependencies - run: | - brew install cmake ninja ccache - python -m pip install --upgrade pip setuptools wheel - - name: Get Date - id: get-date - run: | - echo "::set-output name=date::$(/bin/date -u "+%Y-%m-%d-%H;%M;%S")" - shell: bash - - name: Setup cache dir - shell: bash - run: | - mkdir -p ~/.ccache - - name: ccache cache files - uses: actions/cache@v1.1.0 - with: - path: ~/.ccache - key: osx-${{ runner.os }}-${{ steps.get-date.outputs.date }} - restore-keys: | - osx-${{ runner.os }}- - - name: Upgrade pip - shell: bash - run: | - python -m pip install --upgrade pip - - name: Prepare dependencies - shell: bash - run: | - mkdir -p /tmp/third-party && cd /tmp/third-party - curl -LO https://data.romainthomas.fr/icdump/LLVM-14.0.6-Darwin-slim.tar.gz - curl -LO https://data.romainthomas.fr/icdump/LIEF-0.13.0-Darwin.tar.gz - tar xzvf LLVM-14.0.6-Darwin-slim.tar.gz - tar xzvf LIEF-0.13.0-Darwin.tar.gz - - name: Build Python ${{ matrix.python-version }} wheel (arm64) - shell: bash - env: - MACOSX_DEPLOYMENT_TARGET: "10.7" - CCACHE_DIR: ~/.ccache - CCACHE_MAXSIZE: 10.0G - CCACHE_CPP2: 1 - CCACHE_COMPRESS: 1 - run: | - bash $GITHUB_WORKSPACE/.github/py_osx.sh - - diff --git a/.gitignore b/.gitignore index d306c49..fcc16ff 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,7 @@ third-party/LIEF* -third-party/LLVM* \ No newline at end of file +third-party/LLVM* +.vscode +build +dist +*.egg-info +icdump*.so \ No newline at end of file diff --git a/CMakeLists.txt b/CMakeLists.txt index bc4a85d..c1c968c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,5 +1,5 @@ cmake_minimum_required(VERSION 3.15) -project(iCDump VERSION 1.0.0 LANGUAGES CXX) +project(iCDump VERSION 1.0.0 LANGUAGES C CXX) if (CMAKE_VERSION VERSION_GREATER_EQUAL "3.24.0") cmake_policy(SET CMP0135 NEW) endif() diff --git a/bindings/python/setup.py b/bindings/python/setup.py index 2f1777a..3a77521 100644 --- a/bindings/python/setup.py +++ b/bindings/python/setup.py @@ -14,7 +14,7 @@ SOURCE_DIR = CURRENT_DIR / ".." / ".." PACKAGE_NAME = "icdump" -_CURRENT_VERSION = "1.1.0" +_CURRENT_VERSION = "1.2.0" def report(*args): print(*args) @@ -94,7 +94,7 @@ def build_extension(self, ext): f'-DLIEF_DIR={self.distribution.lief_dir}', f'-DLLVM_DIR={self.distribution.llvm_dir}', f'-DClang_DIR={clang_dir.as_posix()}', - '-DICDUMP_LLVM=OFF', + '-DICDUMP_LLVM=ON', '-DICDUMP_PYTHON_BINDINGS=ON', f'-DCMAKE_LIBRARY_OUTPUT_DIRECTORY={cmake_library_output_directory}', f'-DPython_EXECUTABLE={sys.executable}', @@ -231,8 +231,10 @@ def get_version() -> str: } setup( + name=PACKAGE_NAME, distclass=Distribution, ext_modules=[Module(PACKAGE_NAME)], cmdclass=cmdclass, version=version, -) + scripts=['bindings/python/tools/readobjc.py'] +) \ No newline at end of file diff --git a/scripts/docker/compile_icdump.sh b/scripts/docker/compile_icdump.sh deleted file mode 100644 index cc5ae77..0000000 --- a/scripts/docker/compile_icdump.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/sh -set -ex - -cp /third-party/LIEF-0.13.0-Linux-x86_64.tar.gz /tmp/ -cp /third-party/LLVM-14.0.6-Linux-slim.tar.gz /tmp/ - -cd /tmp -tar xzvf LIEF-0.13.0-Linux-x86_64.tar.gz -tar xzvf LLVM-14.0.6-Linux-slim.tar.gz - -export CXXFLAGS='-ffunction-sections -fdata-sections -fvisibility-inlines-hidden -static-libgcc -fvisibility=hidden' -export CFLAGS='-ffunction-sections -fdata-sections -static-libgcc' -export LDFLAGS='-Wl,--gc-sections' - -cd /icdump/bindings/python - -$PYTHON_BINARY setup.py --ninja \ - --lief-dir=/tmp/LIEF-0.13.0-Linux-x86_64/share/LIEF/cmake \ - --llvm-dir=/tmp/LLVM-14.0.6-Linux/lib/cmake/llvm \ - build \ - bdist_wheel --skip-build --dist-dir wheel_stage - -find wheel_stage -iname "*-cp${PYTHON_VERSION}-*" -exec auditwheel repair -w dist --plat manylinux_2_27_x86_64 {} \; - -chown -R 1000:1000 build dist wheel_stage - diff --git a/scripts/docker/compile_lief.sh b/scripts/docker/compile_lief.sh deleted file mode 100755 index c81fe2e..0000000 --- a/scripts/docker/compile_lief.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/sh -COMMIT=d8f42d74bfeb5d0a4d30472698e1fc0151f4844e -pushd /tmp -curl -LO https://github.com/lief-project/LIEF/archive/$COMMIT.tar.gz -tar xzvf $COMMIT.tar.gz - -export CXXFLAGS="-ffunction-sections -fdata-sections -fvisibility-inlines-hidden -fvisibility=hidden" - -cmake -GNinja -S /tmp/LIEF-$COMMIT -B /tmp/build_lief \ - -DCMAKE_CXX_COMPILER=clang++-11 \ - -DCMAKE_C_COMPILER=clang-11 \ - -DCMAKE_CXX_FLAGS="${CXXFLAGS}" \ - -DCMAKE_BUILD_TYPE=Release \ - -DLIEF_ELF=off \ - -DLIEF_PE=off \ - -DLIEF_OAT=off \ - -DLIEF_VDEX=off \ - -DLIEF_ART=off \ - -DLIEF_DEX=off \ - -DLIEF_ENABLE_JSON=off \ - -DLIEF_EXAMPLES=off - -ninja -C /tmp/build_lief package -# cp /tmp/build_lief/LIEF-0.13.0-Linux-x86_64.tar.gz /LLVM/ diff --git a/scripts/docker/compile_llvm.sh b/scripts/docker/compile_llvm.sh deleted file mode 100755 index 15750d1..0000000 --- a/scripts/docker/compile_llvm.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/sh -set -ex - -LLVM_TARGET="X86" - -export CXXFLAGS="-ffunction-sections -fdata-sections -fvisibility-inlines-hidden -fvisibility=hidden" - -cmake -GNinja -S /LLVM/llvm -B /tmp/build_llvm \ - -DCMAKE_CXX_FLAGS="${CXXFLAGS}" \ - -DCMAKE_CXX_COMPILER=clang++-11 \ - -DCMAKE_C_COMPILER=clang-11 \ - -DCMAKE_BUILD_TYPE=Release \ - -DCMAKE_INSTALL_PREFIX=/llvm-install \ - -DLLVM_ENABLE_LTO=OFF \ - -DLLVM_ENABLE_TERMINFO=OFF \ - -DLLVM_ENABLE_THREADS=ON \ - -DLLVM_USE_NEWPM=ON \ - -DLLVM_TARGET_ARCH=${LLVM_TARGET} \ - -DLLVM_TARGETS_TO_BUILD=${LLVM_TARGET} \ - -DLLVM_ENABLE_PROJECTS="clang;llvm" - -ninja -C /tmp/build_llvm package -cp /tmp/build_llvm/LLVM-14.0.6-Linux.tar.gz /LLVM/ diff --git a/src/ObjC/Parser.cpp b/src/ObjC/Parser.cpp index 3025190..e817dda 100644 --- a/src/ObjC/Parser.cpp +++ b/src/ObjC/Parser.cpp @@ -225,24 +225,15 @@ uintptr_t Parser::decode_ptr(uintptr_t ptr) { fixup.combined = ptr; if (fixup.combined & (0xFFFF000000000000)) { if (fixup.bind.bind == 1) { - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_bind.ordinal: 0x{:010x}", ptr, fixup.bind.ordinal); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_bind.addend: 0x{:010x}", ptr, fixup.bind.addend); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_bind.reserved: 0x{:010x}", ptr, fixup.bind.reserved); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_bind.next: 0x{:010x}", ptr, fixup.bind.next); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_bind.bind: 0x{:010x}", ptr, fixup.bind.bind); auto linkEditSegment = bin().get_segment("__LINKEDIT"); size_t linkEditOffset = linkEditSegment->virtual_address() - linkEditSegment->file_offset(); size_t fixupsHeaderOffset = bin().dyld_chained_fixups()->data_offset() + linkEditOffset; auto fixupsHeader = *(stream().peek(fixupsHeaderOffset)); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_fixups_header.symbols_offset: 0x{:010x}", ptr, fixupsHeader.symbols_offset); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_fixups_header.imports_count: {}", ptr, fixupsHeader.imports_count); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_fixups_header.imports_offset: 0x{:010x}", ptr, fixupsHeader.imports_offset); dyld_chained_import fixupImport = *(stream().peek(fixupsHeaderOffset + fixupsHeader.imports_offset + (sizeof(dyld_chained_import) * fixup.bind.ordinal))); auto bindSymbolName = *(stream().peek_string_at(fixupsHeaderOffset + fixupsHeader.symbols_offset + fixupImport.name_offset)); - ICDUMP_WARN("FIXED PATH: DECODE(0x{:010x}): bind symbol: {}", ptr, bindSymbolName); auto symbols = bin().symbols(); const auto it_symbol = std::find_if(std::begin(symbols), std::end(symbols), [bindSymbolName] (const Symbol& s) { @@ -250,26 +241,18 @@ uintptr_t Parser::decode_ptr(uintptr_t ptr) { }); if (it_symbol == std::end(symbols)) { decoded = 0xFFFFFFFFFFFFFFFF; - ICDUMP_WARN("FIXED PATH: DECODE(0x{:010x}): Returning 0x{:010x} for N_UNDF symbol", ptr, decoded); + ICDUMP_WARN("FIXED PATH: DECODE(0x{:010x}): Returning 0x{:010x} for N_UNDF symbol: {}", ptr, decoded, bindSymbolName); return decoded; } decoded = (*it_symbol).value(); - ICDUMP_WARN("FIXED PATH: BIND DECODE(0x{:010x}): result = 0x{:010x}", ptr, decoded); return decoded; } else { - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_rebase.target: 0x{:010x}", ptr, fixup.rebase.target); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_rebase.high8: 0x{:010x}", ptr, fixup.rebase.high8); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_rebase.reserved: 0x{:010x}", ptr, fixup.rebase.reserved); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_rebase.next: 0x{:010x}", ptr, fixup.rebase.next); - // ICDUMP_DEBUG("FIXED PATH: DECODE(0x{:010x}): dyld_chained_ptr_64_rebase.bind: 0x{:010x}", ptr, fixup.rebase.bind); decoded = imagebase_ + fixup.rebase.target; - // ICDUMP_WARN("FIXED PATH: REBASE DECODE(0x{:010x}): result = 0x{:010x}", ptr, decoded); return decoded; } } } - ICDUMP_DEBUG("BROKEN PATH: DECODE(0x{:010x}): result = 0x{:010x}", ptr, decoded); return decoded; } diff --git a/third-party/Combine-LIEF.tool b/third-party/Combine-LIEF.tool new file mode 100755 index 0000000..d1e711c --- /dev/null +++ b/third-party/Combine-LIEF.tool @@ -0,0 +1,3 @@ +find . -type d -exec bash -c 'mkdir -p ../LIEF-0.14.1-Darwin/{}' \; +find . -type f -exec bash -c 'if [[ $(lipo -info {} 2>&1) == *"fatal error"* ]]; then cp {} ../LIEF-0.14.1-Darwin/{}; fi ' \; +find . -type f -exec bash -c 'if [[ ! $(lipo -info {} 2>&1) == *"fatal error"* ]]; then lipo -create -output ../LIEF-0.14.1-Darwin/{} {} ../LIEF-0.14.1-Darwin-arm64/{}; fi ' \; \ No newline at end of file diff --git a/third-party/Combine-LLVM.tool b/third-party/Combine-LLVM.tool new file mode 100755 index 0000000..4275507 --- /dev/null +++ b/third-party/Combine-LLVM.tool @@ -0,0 +1,3 @@ +find . -type d -exec bash -c 'mkdir -p ../clang-llvm-14.0.6/{}' \; +find . -type f -exec bash -c 'if [[ $(lipo -info {} 2>&1) == *"fatal error"* ]]; then cp {} ../clang-llvm-14.0.6/{}; fi ' \; +find . -type f -exec bash -c 'if [[ ! $(lipo -info {} 2>&1) == *"fatal error"* ]]; then lipo -create -output ../clang-llvm-14.0.6/{} {} ../clang-llvm-14.0.6-arm64/{}; fi ' \; \ No newline at end of file