disass

package

v0.1.0 Latest Latest Go to latest Published: Sep 7, 2023 License: MIT Imports: 21 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/blacktop/ipsw

Documentation ¶

Index ¶

Constants
func Disassemble(d Disass)
func ParseGotPtrs(m *macho.File) (map[uint64]uint64, error)
func ParseHelpersASM(m *macho.File) (map[uint64]uint64, error)
func ParseStubsASM(data []byte, begin uint64, readPtr func(uint64) (uint64, error)) (map[uint64]uint64, error)
func ParseStubsForMachO(m *macho.File) (map[uint64]uint64, error)
type AddrDetails
- func (d AddrDetails) String() string
type Config
type Disass
type MachoDisass
- func NewMachoDisass(f *macho.File, a2s *map[uint64]string, cfg *Config) *MachoDisass
type Triage

Constants ¶

View Source

const (
	AMXLDX opName = iota
	AMXLDY
	AMXSTX
	AMXSTY
	AMXLDZ
	AMXSTZ
	AMXLDZI
	AMXSTZI
	AMXEXTRX // amxextrx?
	AMXEXTRY // amxextry?
	AMXFMA64
	AMXFMS64
	AMXFMA32
	AMXFMS32
	AMXMAC16
	AMXFMA16
	AMXFMS16
	AMX17 // amxset / amxclr
	AMXVECINT
	AMXVECFP
	AMXMATINT
	AMXMATFP
	AMXGENLUT
)

Variables ¶

This section is empty.

Functions ¶

func Disassemble ¶

func Disassemble(d Disass)

func ParseGotPtrs ¶

func ParseGotPtrs(m *macho.File) (map[uint64]uint64, error)

func ParseHelpersASM ¶

func ParseHelpersASM(m *macho.File) (map[uint64]uint64, error)

func ParseStubsASM ¶

func ParseStubsASM(data []byte, begin uint64, readPtr func(uint64) (uint64, error)) (map[uint64]uint64, error)

func ParseStubsForMachO ¶

func ParseStubsForMachO(m *macho.File) (map[uint64]uint64, error)

Types ¶

type AddrDetails ¶

type AddrDetails struct {
	Image   string
	Segment string
	Section string
	Pointer uint64
}

func (AddrDetails) String ¶

func (d AddrDetails) String() string

type Config ¶

type Config struct {
	Image        string
	Data         []byte
	StartAddress uint64
	Middle       uint64
	AsJSON       bool
	Demangle     bool
	Quite        bool
	Color        bool
}

type Disass ¶

type Disass interface {
	Triage() error
	IsFunctionStart(uint64) (bool, string)
	IsLocation(uint64) bool
	IsBranchLocation(uint64) (bool, uint64)
	IsData(uint64) (bool, *AddrDetails)
	IsPointer(uint64) (bool, *AddrDetails)
	FindSymbol(uint64) (string, bool)
	GetCString(uint64) (string, error)
	// getters
	Demangle() bool
	Quite() bool
	Color() bool
	AsJSON() bool
	Data() []byte
	StartAddr() uint64
	Middle() uint64
	ReadAddr(uint64) (uint64, error)
}

type MachoDisass ¶

type MachoDisass struct {
	// contains filtered or unexported fields
}

func NewMachoDisass ¶

func NewMachoDisass(f *macho.File, a2s *map[uint64]string, cfg *Config) *MachoDisass

func (MachoDisass) Analyze ¶

func (d MachoDisass) Analyze() error

func (MachoDisass) AsJSON ¶

func (d MachoDisass) AsJSON() bool

func (MachoDisass) Color ¶

func (d MachoDisass) Color() bool

func (MachoDisass) Contains ¶

func (d MachoDisass) Contains(address uint64) (bool, uint64)

Contains returns true if Triage immediates contains a given address and will return the instruction address

func (MachoDisass) Data ¶

func (d MachoDisass) Data() []byte

func (MachoDisass) Demangle ¶

func (d MachoDisass) Demangle() bool

func (MachoDisass) FindSymbol ¶

func (d MachoDisass) FindSymbol(addr uint64) (string, bool)

FindSymbol returns symbol from the addr2symbol map for a given virtual address

func (MachoDisass) GetCString ¶

func (d MachoDisass) GetCString(addr uint64) (string, error)

func (MachoDisass) IsBranchLocation ¶

func (d MachoDisass) IsBranchLocation(addr uint64) (bool, uint64)

IsBranchLocation returns if given address is branch to a location instruction

func (MachoDisass) IsData ¶

func (d MachoDisass) IsData(addr uint64) (bool, *AddrDetails)

IsData returns if given address is a data variable address referenced in the disassembled function

func (MachoDisass) IsFunctionStart ¶

func (d MachoDisass) IsFunctionStart(addr uint64) (bool, string)

IsFunctionStart checks if address is at a function start and returns symbol name

func (MachoDisass) IsLocation ¶

func (d MachoDisass) IsLocation(imm uint64) bool

IsLocation returns if given address is a local branch location within the disassembled function

func (MachoDisass) IsPointer ¶

func (d MachoDisass) IsPointer(imm uint64) (bool, *AddrDetails)

IsPointer returns if given address is a pointer to another address

func (MachoDisass) Middle ¶

func (d MachoDisass) Middle() uint64

func (MachoDisass) Quite ¶

func (d MachoDisass) Quite() bool

func (MachoDisass) ReadAddr ¶

func (d MachoDisass) ReadAddr(addr uint64) (uint64, error)

func (*MachoDisass) SaveAddrToSymMap ¶

func (d *MachoDisass) SaveAddrToSymMap(dest string) error

func (MachoDisass) StartAddr ¶

func (d MachoDisass) StartAddr() uint64

func (*MachoDisass) Triage ¶

func (d *MachoDisass) Triage() error

Triage walks a function and analyzes all immediates

type Triage ¶

type Triage struct {
	Details   map[uint64]AddrDetails
	Function  *types.Function
	Addresses map[uint64]uint64
	Locations map[uint64][]uint64
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL