Java Code Examples for ghidra.app.util.bin.format.FactoryBundledWithBinaryReader#readInt()
The following examples show how to use
ghidra.app.util.bin.format.FactoryBundledWithBinaryReader#readInt() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: PEUtil.java From ghidra with Apache License 2.0 | 6 votes |
|
static public boolean canAnalyze(Program program) {
String format = program.getExecutableFormat();
if (format.equals(PeLoader.PE_NAME)) {
return true;
}
if (format.equals(BinaryLoader.BINARY_NAME)) {
MemoryByteProvider mbp =
new MemoryByteProvider(program.getMemory(),
program.getAddressFactory().getDefaultAddressSpace());
try {
FactoryBundledWithBinaryReader reader =
new FactoryBundledWithBinaryReader(RethrowContinuesFactory.INSTANCE, mbp, true/*LittleEndian*/);
DOSHeader dosHeader = DOSHeader.createDOSHeader(reader);
if (dosHeader.e_magic() == DOSHeader.IMAGE_DOS_SIGNATURE) {
int peHeaderStartIndex = dosHeader.e_lfanew();
int peMagicNumber = reader.readInt(peHeaderStartIndex);
if (peMagicNumber == Constants.IMAGE_NT_SIGNATURE) {
return true;
}
}
}
catch (IOException e) {
}
}
return false;
}
Example 2
| Source File: TLSDirectory.java From ghidra with Apache License 2.0 | 6 votes |
|
private void initTLSDirectory(FactoryBundledWithBinaryReader reader, int index, boolean is64bit) throws IOException {
this.is64bit = is64bit;
if (is64bit) {
startAddressOfRawData = reader.readLong(index); index += BinaryReader.SIZEOF_LONG;
endAddressOfRawData = reader.readLong(index); index += BinaryReader.SIZEOF_LONG;
addressOfIndex = reader.readLong(index); index += BinaryReader.SIZEOF_LONG;
addressOfCallBacks = reader.readLong(index); index += BinaryReader.SIZEOF_LONG;
}
else {
startAddressOfRawData = reader.readInt(index) & Conv.INT_MASK; index += BinaryReader.SIZEOF_INT;
endAddressOfRawData = reader.readInt(index) & Conv.INT_MASK; index += BinaryReader.SIZEOF_INT;
addressOfIndex = reader.readInt(index) & Conv.INT_MASK; index += BinaryReader.SIZEOF_INT;
addressOfCallBacks = reader.readInt(index) & Conv.INT_MASK; index += BinaryReader.SIZEOF_INT;
}
Msg.info(this, "TLS callbacks at "+Long.toHexString(addressOfCallBacks));
sizeOfZeroFill = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
characteristics = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
}
Example 3
| Source File: BoundImportDescriptor.java From ghidra with Apache License 2.0 | 6 votes |
|
private void initBoundImportDescriptor(FactoryBundledWithBinaryReader reader, int readerIndex, int biddIndex) throws IOException {
timeDateStamp = reader.readInt (readerIndex); readerIndex += BinaryReader.SIZEOF_INT;
offsetModuleName = reader.readShort(readerIndex); readerIndex += BinaryReader.SIZEOF_SHORT;
numberOfModuleForwarderRefs = reader.readShort(readerIndex); readerIndex += BinaryReader.SIZEOF_SHORT;
if (offsetModuleName < 0) {
Msg.error(this, "Invalid offsetModuleName "+offsetModuleName);
return;
}
moduleName = reader.readAsciiString(biddIndex + offsetModuleName);
for (int i = 0 ; i < numberOfModuleForwarderRefs ; ++i) {
forwarders.add(BoundImportForwarderRef.createBoundImportForwarderRef(reader, readerIndex, biddIndex));
readerIndex += BoundImportForwarderRef.IMAGE_SIZEOF_BOUND_IMPORT_FORWARDER_REF;
}
}
Example 4
| Source File: DelayImportDescriptor.java From ghidra with Apache License 2.0 | 6 votes |
|
private void readFields(FactoryBundledWithBinaryReader reader, int index) throws IOException {
grAttrs = reader.readInt(index);
index += BinaryReader.SIZEOF_INT;
szName = reader.readInt(index) & Conv.INT_MASK;
index += BinaryReader.SIZEOF_INT;
phmod = reader.readInt(index) & Conv.INT_MASK;
index += BinaryReader.SIZEOF_INT;
pIAT = reader.readInt(index) & Conv.INT_MASK;
index += BinaryReader.SIZEOF_INT;
pINT = reader.readInt(index) & Conv.INT_MASK;
index += BinaryReader.SIZEOF_INT;
pBoundIAT = reader.readInt(index) & Conv.INT_MASK;
index += BinaryReader.SIZEOF_INT;
pUnloadIAT = reader.readInt(index) & Conv.INT_MASK;
index += BinaryReader.SIZEOF_INT;
dwTimeStamp = reader.readInt(index);
index += BinaryReader.SIZEOF_INT;
}
Example 5
| Source File: DebugCOFFSymbolsHeader.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initDebugCOFFSymbolsHeader(FactoryBundledWithBinaryReader reader,
DebugDirectory debugDir, OffsetValidator validator) throws IOException {
int ptr = debugDir.getPointerToRawData();
if (!validator.checkPointer(ptr)) {
Msg.error(this, "Invalid pointer " + Long.toHexString(ptr));
return;
}
numberOfSymbols = reader.readInt(ptr);
ptr += BinaryReader.SIZEOF_INT;
lvaToFirstSymbol = reader.readInt(ptr);
ptr += BinaryReader.SIZEOF_INT;
numberOfLinenumbers = reader.readInt(ptr);
ptr += BinaryReader.SIZEOF_INT;
lvaToFirstLinenumber = reader.readInt(ptr);
ptr += BinaryReader.SIZEOF_INT;
rvaToFirstByteOfCode = reader.readInt(ptr);
ptr += BinaryReader.SIZEOF_INT;
rvaToLastByteOfCode = reader.readInt(ptr);
ptr += BinaryReader.SIZEOF_INT;
rvaToFirstByteOfData = reader.readInt(ptr);
ptr += BinaryReader.SIZEOF_INT;
rvaToLastByteOfData = reader.readInt(ptr);
ptr += BinaryReader.SIZEOF_INT;
if (numberOfLinenumbers > 0 && numberOfLinenumbers < NTHeader.MAX_SANE_COUNT) {
lineNumbers = new DebugCOFFLineNumber[numberOfLinenumbers];
for (int i = 0; i < numberOfLinenumbers; ++i) {
lineNumbers[i] = DebugCOFFLineNumber.createDebugCOFFLineNumber(reader, ptr);
ptr += DebugCOFFLineNumber.IMAGE_SIZEOF_LINENUMBER;
}
}
symbolTable =
DebugCOFFSymbolTable.createDebugCOFFSymbolTable(reader, this,
debugDir.getPointerToRawData());
}
Example 6
| Source File: DebugCOFFSymbolAux.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initAuxSym(FactoryBundledWithBinaryReader reader, int index) throws IOException {
tagIndex = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
miscLnSzLinenumber = reader.readShort(index);
miscLnSzSize = reader.readShort(index + BinaryReader.SIZEOF_SHORT);
miscTotalSize = reader.readInt (index); index += BinaryReader.SIZEOF_INT;
fncAryFunctionPointerToLinenumber = reader.readInt(index);
fncAryFunctionPointerToNextFunction = reader.readInt(index + BinaryReader.SIZEOF_INT);
fncAryArrayDimension = reader.readShortArray(index, 4); index += (4 * BinaryReader.SIZEOF_SHORT);
tvIndex = reader.readShort(index); index += BinaryReader.SIZEOF_SHORT;
}
Example 7
| Source File: DebugCOFFSymbolAux.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initAuxSection(FactoryBundledWithBinaryReader reader, int index) throws IOException {
length = reader.readInt (index); index += BinaryReader.SIZEOF_INT;
numberOfRelocations = reader.readShort(index); index += BinaryReader.SIZEOF_SHORT;
numberOfLinenumbers = reader.readShort(index); index += BinaryReader.SIZEOF_SHORT;
checkSum = reader.readInt (index); index += BinaryReader.SIZEOF_INT;
number = reader.readShort(index); index += BinaryReader.SIZEOF_SHORT;
selection = reader.readByte (index); index += BinaryReader.SIZEOF_BYTE;
}
Example 8
| Source File: ImportDescriptor.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initImportDescriptor(FactoryBundledWithBinaryReader reader, int index) throws IOException {
characteristics = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
originalFirstThunk = characteristics;
timeDateStamp = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
forwarderChain = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
name = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
firstThunk = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
}
Example 9
| Source File: SecurityCertificate.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initSecurityCertificate(FactoryBundledWithBinaryReader reader, int index) throws IOException {
int i = index;
int maxDwLength = (int) ClampPropertiesLookup.getClampValue("ghidra.app.util.bin.format.pe.SecurityCertificate.dwLength.max", 30000);
dwLength = reader.readInt (i, 8, maxDwLength); i += BinaryReader.SIZEOF_INT;
if (dwLength < 0) return;
wRevision = reader.readShort(i); i += BinaryReader.SIZEOF_SHORT;
wCertificateType = reader.readShort(i); i += BinaryReader.SIZEOF_SHORT;
bCertificate = reader.readByteArray(i, dwLength-4-2-2);
}
Example 10
| Source File: ThunkData.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initThunkData(FactoryBundledWithBinaryReader reader, int index, boolean is64bit)
throws IOException {
this.is64bit = is64bit;
if (is64bit) {
value = reader.readLong(index);
}
else {
value = reader.readInt(index) & Conv.INT_MASK;
}
}
Example 11
| Source File: BoundImportForwarderRef.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initBoundImportForwarderRef(FactoryBundledWithBinaryReader reader, int readerIndex, int biddIndex) throws IOException {
timeDateStamp = reader.readInt (readerIndex); readerIndex += BinaryReader.SIZEOF_INT;
offsetModuleName = reader.readShort(readerIndex); readerIndex += BinaryReader.SIZEOF_SHORT;
reserved = reader.readShort(readerIndex); readerIndex += BinaryReader.SIZEOF_SHORT;
if (offsetModuleName < 0) {
Msg.error(this, "Invalid offsetModuleName "+Integer.toHexString(offsetModuleName));
return;
}
moduleName = reader.readAsciiString(biddIndex + offsetModuleName);
}
Example 12
| Source File: BaseRelocation.java From ghidra with Apache License 2.0 | 5 votes |
|
private void initBaseRelocation(FactoryBundledWithBinaryReader reader, int index) throws IOException {
virtualAddress = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
sizeOfBlock = reader.readInt(index); index += BinaryReader.SIZEOF_INT;
if (virtualAddress < 0) return;
if (sizeOfBlock < 0 || sizeOfBlock > NTHeader.MAX_SANE_COUNT) return;
int len = (sizeOfBlock-IMAGE_SIZEOF_BASE_RELOCATION)/BinaryReader.SIZEOF_SHORT;
for (int i = 0 ; i < len ; ++i) {
short typeOffset = reader.readShort(index);
index += BinaryReader.SIZEOF_SHORT;
typeOffsetList.add(new TypeOffset(typeOffset));
}
}
Example 13
| Source File: DebugCOFFLineNumber.java From ghidra with Apache License 2.0 | 4 votes |
|
private void initDebugCOFFLineNumber(FactoryBundledWithBinaryReader reader, int index) throws IOException {
symbolTableIndex = reader.readInt(index);
virtualAddress = reader.readInt(index);
index += BinaryReader.SIZEOF_INT;
lineNumber = Conv.shortToInt(reader.readShort(index));
}
Example 14
| Source File: ResourceDirectoryEntry.java From ghidra with Apache License 2.0 | 4 votes |
|
/**
* Constructor.
* @param reader the binary reader
* @param index the index where this directory begins
*/
public ResourceDirectoryEntry(FactoryBundledWithBinaryReader reader, int index,
int resourceBase, boolean isNameEntry, boolean isFirstLevel, NTHeader ntHeader)
throws IOException {
this.isNameEntry = isNameEntry;
this.isFirstLevel = isFirstLevel;
int irde1 = reader.readInt(index);
int irde2 = reader.readInt(index + BinaryReader.SIZEOF_INT);
nameOffset = irde1 & 0x7FFFFFFF;
nameIsString = (irde1 & 0x80000000) != 0;
if (nameOffset < 0) {
Msg.error(this, "Invalid nameOffset " + nameOffset);
return;
}
name = irde1;
id = irde1 & 0xFFFF;
offsetToData = irde2;
offsetToDirectory = irde2 & 0x7FFFFFFF;
dataIsDirectory = (irde2 & 0x80000000) != 0;
if (nameIsString) {
int nameptr = nameOffset + resourceBase;
if (ntHeader.checkRVA(nameptr) || (0 < nameptr && nameptr < reader.length())) {
dirString = new ResourceDirectoryStringU(reader, nameptr);
}
else {
Msg.error(this, "Invalid nameOffset " + Integer.toHexString(nameOffset));
return;
}
}
else { // name is ID
}
if (dataIsDirectory) {
int dirptr = offsetToDirectory + resourceBase;
if (ntHeader.checkRVA(dirptr) || (0 < dirptr && dirptr < reader.length())) {
subDirectory = new ResourceDirectory(reader, dirptr, resourceBase, false, ntHeader);
}
else {
Msg.error(this,
"Invalid offsetToDirectory " + Integer.toHexString(offsetToDirectory));
return;
}
}
else {
int dataptr = offsetToData + resourceBase;
if (ntHeader.checkRVA(dataptr) || (0 < dataptr && dataptr < reader.length())) {
data = new ResourceDataEntry(reader, dataptr);
}
else {
Msg.error(this, "Invalid offsetToData " + Integer.toHexString(offsetToData));
return;
}
}
isValid = true;
}
