Java Code Examples for ghidra.program.model.listing.Program#getExecutableFormat()
The following examples show how to use
ghidra.program.model.listing.Program#getExecutableFormat() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: PEUtil.java From ghidra with Apache License 2.0 | 6 votes |
|
static public boolean canAnalyze(Program program) {
String format = program.getExecutableFormat();
if (format.equals(PeLoader.PE_NAME)) {
return true;
}
if (format.equals(BinaryLoader.BINARY_NAME)) {
MemoryByteProvider mbp =
new MemoryByteProvider(program.getMemory(),
program.getAddressFactory().getDefaultAddressSpace());
try {
FactoryBundledWithBinaryReader reader =
new FactoryBundledWithBinaryReader(RethrowContinuesFactory.INSTANCE, mbp, true/*LittleEndian*/);
DOSHeader dosHeader = DOSHeader.createDOSHeader(reader);
if (dosHeader.e_magic() == DOSHeader.IMAGE_DOS_SIGNATURE) {
int peHeaderStartIndex = dosHeader.e_lfanew();
int peMagicNumber = reader.readInt(peHeaderStartIndex);
if (peMagicNumber == Constants.IMAGE_NT_SIGNATURE) {
return true;
}
}
}
catch (IOException e) {
}
}
return false;
}
Example 2
| Source File: ExecutableFormatConstraint.java From ghidra with Apache License 2.0 | 5 votes |
|
@Override
public boolean isSatisfied(Program program) {
String format = program.getExecutableFormat();
if (format == null) {
format = "";
}
return executableFormat.equals(format);
}
Example 3
| Source File: WindowsResourceReferenceAnalyzer.java From ghidra with Apache License 2.0 | 5 votes |
|
@Override
public boolean canAnalyze(Program program) {
String format = program.getExecutableFormat();
if (format.equals(PeLoader.PE_NAME)) {
return true;
}
return false;
}
Example 4
| Source File: GnuDemangler.java From ghidra with Apache License 2.0 | 5 votes |
|
@Override
public boolean canDemangle(Program program) {
String executableFormat = program.getExecutableFormat();
if (isELF(executableFormat) || isMacho(executableFormat)) {
return true;
}
CompilerSpec spec = program.getCompilerSpec();
String specId = spec.getCompilerSpecID().getIdAsString();
if (!specId.toLowerCase().contains("windows")) {
return true;
}
return false;
}
Example 5
| Source File: DwarfLineNumberAnalyzer.java From ghidra with Apache License 2.0 | 5 votes |
|
private boolean isElfOrMacho(Program program) {
String format = program.getExecutableFormat();
if (ElfLoader.ELF_NAME.equals(format)) {
return hasDebugInfo(program);
}
if (MachoLoader.MACH_O_NAME.equals(format)) {
return true;
}
return false;
}
Example 6
| Source File: ObjectiveC1_Constants.java From ghidra with Apache License 2.0 | 5 votes |
|
/**
* Returns true if this program contains Objective-C.
* @param program the program to check
* @return true if the program contains Objective-C.
*/
public final static boolean isObjectiveC(Program program) {
String format = program.getExecutableFormat();
if (MachoLoader.MACH_O_NAME.equals(format)) {
for (String objcSection : getObjectiveCSectionNames()) {
if (program.getMemory().getBlock(objcSection) != null) {
if( !objcSection.equals("__data")) {
return true;
}
}
}
}
return false;
}
Example 7
| Source File: DwarfSectionNames.java From ghidra with Apache License 2.0 | 5 votes |
|
/**
* Creates a new Dwarf Section Names for the specific program.
* @param program the program containing dwarf debug information.
* @throws IllegalArgumentException if the program's format is not handled.
*/
public DwarfSectionNames(Program program) {
if (MachoLoader.MACH_O_NAME.equals(program.getExecutableFormat())) {
prefix = MACHO_PREFIX;
}
else if (ElfLoader.ELF_NAME.equals(program.getExecutableFormat())) {
prefix = ELF_PREFIX;
}
else {
throw new IllegalArgumentException("Unrecognized program format: "+program.getExecutableFormat());
}
}
Example 8
| Source File: ObjectiveC2_Constants.java From ghidra with Apache License 2.0 | 5 votes |
|
/**
* Returns true if this program contains Objective-C 2.
* @param program the program to check
* @return true if the program contains Objective-C 2.
*/
public final static boolean isObjectiveC2(Program program) {
String format = program.getExecutableFormat();
if (MachoLoader.MACH_O_NAME.equals(format)) {
MemoryBlock [] blocks = program.getMemory().getBlocks();
for (MemoryBlock memoryBlock : blocks) {
if (memoryBlock.getName().startsWith(OBJC2_PREFIX)) {
return true;
}
}
}
return false;
}
Example 9
| Source File: MicrosoftDemangler.java From ghidra with Apache License 2.0 | 4 votes |
|
@Override
public boolean canDemangle(Program program) {
String executableFormat = program.getExecutableFormat();
return executableFormat != null && (executableFormat.indexOf(PeLoader.PE_NAME) != -1 ||
executableFormat.indexOf(MSCoffLoader.MSCOFF_NAME) != -1);
}
Example 10
| Source File: DwarfLineNumberAnalyzer.java From ghidra with Apache License 2.0 | 4 votes |
|
private ByteProvider getByteProvider(Program program, DwarfSectionNames sectionNames)
throws IOException {
File exePath = new File(program.getExecutablePath());
if (MachoLoader.MACH_O_NAME.equals(program.getExecutableFormat())) {
File parent = exePath.getParentFile();
File dSymFile =
new File(parent, exePath.getName() + ".dSYM/Contents/Resources/DWARF/" +
exePath.getName());
if (!dSymFile.exists()) {
return null;
}
RandomAccessByteProvider provider = new RandomAccessByteProvider(dSymFile);
try {
MachHeader header =
MachHeader.createMachHeader(RethrowContinuesFactory.INSTANCE, provider);
header.parse();
List<Section> allSections = header.getAllSections();
for (Section section : allSections) {
if (section.getSectionName().equals(sectionNames.SECTION_NAME_LINE())) {
return new InputStreamByteProvider(section.getDataStream(header),
section.getSize());
}
}
return null;
}
catch (MachException e) {
}
finally {
provider.close();
}
return null;//no line number section existed!
}
else if (ElfLoader.ELF_NAME.equals(program.getExecutableFormat())) {
// We now load the .debug section as an overlay block, no need for the
// original file
MemoryBlock block = null;
block = program.getMemory().getBlock(sectionNames.SECTION_NAME_LINE());
if (block != null) {
return new MemoryByteProvider(program.getMemory(), block.getStart());
}
// TODO: this will not handle the case where the .debug section is
// in a separate file. Can the file in a separate location?
return null; // no line number section existed!
}
throw new IllegalArgumentException("Unrecognized program format: " +
program.getExecutableFormat());
}
Example 11
| Source File: DWARFProgram.java From ghidra with Apache License 2.0 | 3 votes |
|
/**
* Returns true if the {@link Program program} probably DWARF information.
* <p>
* If the program is an Elf binary, it must have (at least) ".debug_info" and ".debug_abbr" program sections.
* <p>
* If the program is a MachO binary (ie. Mac), it must have a ".dSYM" directory co-located next to the
* original binary file on the native filesystem. (ie. outside of Ghidra). See the DSymSectionProvider
* for more info.
* <p>
* @param program
* @param monitor
* @return
*/
public static boolean isDWARF(Program program, TaskMonitor monitor) {
String format = program.getExecutableFormat();
if (ElfLoader.ELF_NAME.equals(format)) {
return true;
}
else if (MachoLoader.MACH_O_NAME.equals(format) &&
DSymSectionProvider.getDSYMForProgram(program) != null) {
return true;
}
return false;
}
