diff --git a/DevGuide.md b/DevGuide.md index 73689108a9..791a08bcdb 100644 --- a/DevGuide.md +++ b/DevGuide.md @@ -28,26 +28,29 @@ The following is a list of dependencies, in no particular order. This guide includes instructions for obtaining many of these at the relevant step(s). You may not need all of these, depending on which portions you are building or developing. - +#### At minimum you will need all of the following * Java JDK 11 (64-bit) - Free long term support (LTS) versions of JDK 11 are provided by: - AdoptOpenJDK - https://adoptopenjdk.net/releases.html?variant=openjdk11&jvmVariant=hotspot - Amazon Corretto - https://docs.aws.amazon.com/corretto/latest/corretto-11-ug/downloads-list.html -* Eclipse - It must support JDK 11. Eclipse 2018-12 or later should work. Other IDEs may work, but we have not tested them. - - https://www.eclipse.org/downloads/ * Gradle 5.0 or later - We use version 5.0, and tested with up to 5.6.3. - https://gradle.org/next-steps/?version=5.0&format=bin * A C/C++ compiler - We use GCC on Linux, Xcode (Clang) on macOS, and Visual Studio (2017 or later) on Windows. - https://gcc.gnu.org/ - https://developer.apple.com/xcode/ - https://visualstudio.microsoft.com/downloads/ -* Git - We use the official installer on Windows. Most Linux distros have git in their repos. Xcode provides git on macOS. +#### Optional for Development +* Eclipse - It must support JDK 11. Eclipse 2018-12 or later should work. Other IDEs may work, but we have not tested them. + - https://www.eclipse.org/downloads/ +#### Necessary unless a download zip snapshot of the ghidra repository is used +* Git - We use the official installer on Windows. For windows you can also use the github CLI or git from with (Windows Subsystem for Linux - WSL). Most Linux distros have git in their repos. Xcode provides git on macOS. You can skip Git if you download a .zip file of the ghidra repository. - https://git-scm.com/downloads -* Bash - This is moot on Linux and macOS. On Windows, we use MinGW. This may be distributed with Git for Windows. + - https://cli.github.com/ +#### Optional unless following [Manual download instructions](#manual-download-instructions) +* Bash - This is moot on Linux and macOS. On Windows, we use MinGW. This may be distributed with Git for Windows. This can be skipped if using the automatic build. - https://osdn.net/projects/mingw/releases/ -* Bison and Flex - We use win-flex-bison v2.5.17. These packages may also be available in MSYS (MinGW). Most Linux distros have these in their repos. Xcode provides these for macOS. - - https://sourceforge.net/projects/winflexbison/ +#### Necessary for the development and building of Ghidra, these and more will be downloaded during the [Automatic](#automatic-script-instructions) or the [Manual](#manual-download-instructions) instructions * dex2jar. We use version 2.0. - https://github.com/pxb1988/dex2jar/releases * AXMLPrinter2 @@ -69,10 +72,8 @@ If you need these offline, a reasonable course of action is to set up a developm ## Install Development and Build Tools -If you're on Windows, install Git, MinGW, Bison, and Flex. -Many of the commands given below must be executed in Bash (Use git-bash or MSYS from MinGW). -**IMPORTANT**: The bison and flex executables may be named `win-bison.exe` and `win-flex.exe`. -Our build cannot currently cope with that, so you should rename them to `bison.exe` and `flex.exe`. +If you're on Windows, install Git unless you will download a .zip clone of the ghidra repository. If you go the manual route +many of the commands given below must be executed in Bash (Windows Subsystem for Linux (WSL), or Use git-bash or MSYS from MinGW). Install OpenJDK 11 and make sure it's the default java. @@ -84,7 +85,7 @@ Install Gradle, add it to your `PATH`, and ensure it is launched using JDK 11. ## Setup Source Repository -You may choose any directory for your working copy, but these instructions will assume you have cloned the source to `~/git/ghidra`. +You may choose any directory for your working copy, however these instructions will assume you have cloned the source to `~/git/ghidra`. Be sure to adjust the commands to match your chosen working directory if different than suggested: ```bash @@ -92,6 +93,7 @@ mkdir ~/git cd ~/git git clone git@github.com:NationalSecurityAgency/ghidra.git ``` +or unzip a snapshot .zip of the ghidra repository ## Setup Build Dependency Repository @@ -264,7 +266,6 @@ Some of Ghidra's components are built for the native platform. We currently support Linux, macOS, and Windows 64-bit x86 systems. Others should be possible, but we do not test on them. -Ensure bison and flex are installed and in your `PATH`. Now build using Gradle: On Linux: @@ -365,7 +366,7 @@ The result can be added to an installation or source tree by copying it to `~/gi This task is often done manually from the Ghidra GUI, and the archives included in our official build require a fair bit of fine tuning. You will first need to import the relevant libraries from which you'd like to produce a FID database. This is often a set of libraries from an SDK. -We include a variety of Visual Studio platforms in the official build. +We include a variety of Visual Studio platforms in the official build. The official .fidb files can be found in the ghidra-data repository here https://github.com/NationalSecurityAgency/ghidra-data/tree/master/FunctionID From a CodeBrowser window, select __File -> Configure__. Enable the "Function ID" plugins, and close the dialog. diff --git a/Ghidra/Features/Base/.launch/Ghidra Code Coverage.launch b/Ghidra/Features/Base/.launch/Ghidra Code Coverage.launch index 0b8fc4b28c..ae77165044 100644 --- a/Ghidra/Features/Base/.launch/Ghidra Code Coverage.launch +++ b/Ghidra/Features/Base/.launch/Ghidra Code Coverage.launch @@ -6,6 +6,10 @@ + + + + diff --git a/Ghidra/Features/Base/ghidra_scripts/FindRunsOfPointersWithTableScript.java b/Ghidra/Features/Base/ghidra_scripts/FindRunsOfPointersWithTableScript.java deleted file mode 100644 index fdab50176c..0000000000 --- a/Ghidra/Features/Base/ghidra_scripts/FindRunsOfPointersWithTableScript.java +++ /dev/null @@ -1,409 +0,0 @@ -/* ### - * IP: GHIDRA - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -// New Table Stuff -//@category Search - -import java.util.ArrayList; -import java.util.List; - -import ghidra.app.script.GhidraScript; -import ghidra.app.tablechooser.*; -import ghidra.program.model.address.*; -import ghidra.program.model.mem.Memory; -import ghidra.program.model.mem.MemoryAccessException; - -public class FindRunsOfPointersWithTableScript extends GhidraScript { - private List resultsArray = new ArrayList(); - public static final int LITTLE_ENDIAN = 0; - public static final int BIG_ENDIAN = 1; - - @Override - public void run() throws Exception { - - int size = currentProgram.getAddressFactory().getDefaultAddressSpace().getSize(); - if (size != 32) { - println("This script only works on 32-bit programs."); - return; - } - - TableChooserExecutor executor = createTableExecutor(); - TableChooserDialog tableDialog = createTableChooserDialog("Runs of Pointers", executor); - configureTableColumns(tableDialog); - tableDialog.show(); - tableDialog.setMessage("Searching..."); - Memory memory = currentProgram.getMemory(); - long distance; - // TODO add option to work only on selection - AddressIterator addrIter = memory.getAddresses(true); - //println("Memory range: " + memory.getMinAddress() + " - " + memory.getMaxAddress()); - Address prevAddress = null; - while (addrIter.hasNext() && !monitor.isCancelled()) { - Address addr = addrIter.next(); - try { - // get the value in address form of the bytes at address a - int addrInt = memory.getInt(addr); - long addrLong = addrInt & 0xffffffffL; - Address testAddr = addr.getNewAddress(addrLong); - - if ((addrLong != 0) && (memory.contains(testAddr))) { - if (prevAddress != null) { - distance = addr.subtract(prevAddress); - } - else { - distance = 0; - } - - PossiblePtrs pp = new PossiblePtrs(addr, testAddr, distance); - resultsArray.add(pp); - //println(addr.toString() + " " + testAddr.toString() + " " + distance); - prevAddress = addr; - } - } - catch (MemoryAccessException e) { - break; - } - catch (AddressOutOfBoundsException e) { - break; - } - } - - // go through the list of pointers and only print out the ones with a run of the same distance between them - // keep the one before the run and include the last one with the same distance - //println("tableAddress distance tableSize"); - if (resultsArray.size() == 0) { - tableDialog.setMessage("Done! Found no hits"); - return; - } - - long dist = resultsArray.get(0).getDistanceFromLast(); - int tableSize = 0; - Address topAddress = null; - int i = 1; - while (i < resultsArray.size() && !monitor.isCancelled()) { - // for(int i=1;i= 3) { - tableSize++; - - Address ref = findRef(topAddress, dist); - //println(topAddress.toString() + " " + dist + " " + tableSize); - Table pointerTable = new Table(topAddress, dist, tableSize, ref); - tableDialog.add(pointerTable); - } - tableSize = 0; - dist = thisDist; - } - i++; - } - tableDialog.setMessage("Done! Found " + tableDialog.getRowCount() + " hits"); - - // print out results -// println("Table address Dist bet ptrs Num ptrs Ref found"); -// for(int j=0;j secondAddressColumn = - new AbstractComparableColumnDisplay
() { - @Override - public String getColumnName() { - return "Offset Address"; - } - - @Override - public Address getColumnValue(AddressableRowObject rowObject) { - Table table = (Table) rowObject; - return table.getAddress().add(100); - } - }; - - tableDialog.addCustomColumn(distanceColumn); - tableDialog.addCustomColumn(secondAddressColumn); - tableDialog.addCustomColumn(numberOfPointersColumn); - tableDialog.addCustomColumn(referenceFoundColumn); - } - - private TableChooserExecutor createTableExecutor() { - TableChooserExecutor executor = new TableChooserExecutor() { - @Override - public String getButtonName() { - return "Hit Me"; - } - - @Override - public boolean execute(AddressableRowObject rowObject) { - return true; - } - }; - return executor; - } - - // find the first ref starting at topAddr and working back dist - pointersize - // once a ref is found, stop - it doesn't make much sense that there would be more than one. - Address findRef(Address topAddress, long dist) { - - Memory memory = currentProgram.getMemory(); - Address ref = null; - - //change later to handle 64 bits too - byte[] maskBytes = new byte[4]; - for (int i = 0; i < 4; i++) { - maskBytes[i] = (byte) 0xff; - } - - // search memory for the byte patterns within the range of topAddr and topAddr - dist - // make a structure of found bytes/topAddr offset???? - boolean noRefFound = true; - boolean tryPrevAddr = true; - long longIndex = 0; - while (noRefFound && tryPrevAddr) { - Address testAddr = topAddress.subtract(longIndex); - byte[] addressBytes = turnAddressIntoBytes(testAddr); - - //println("TestAddr = " + testAddr.toString()); - Address found = memory.findBytes(currentProgram.getMinAddress(), addressBytes, - maskBytes, true, monitor); - if (found != null) { - ref = found; - // println("Found ref at " + found.toString()); - noRefFound = false; - } - else { - longIndex++; - // check to see if we are at the top of the range of possible refs - if (longIndex > (dist - 4)) {// change the four to pointer size when I add 64bit - tryPrevAddr = false; - } - - } - } - return ref; - } - - byte[] turnAddressIntoBytes(Address addr) { -// turn addresses into bytes - - byte[] addressBytes = new byte[4]; // only 32-bit for now - change later to add 64 bit - // This is the correct way to do turn a long into an address - long addrLong = addr.getOffset(); - - int endian = getEndian(); - - if (endian == BIG_ENDIAN) { - // put bytes in forward order - addressBytes = bytesForward(addrLong); - } - else if (endian == LITTLE_ENDIAN) { - // put bytes in reverse order - addressBytes = bytesReversed(addrLong); - } - else { - println("Unknown endian - cannot find references."); - return null; - } - - return addressBytes; - } - - byte[] bytesForward(long addr) { - byte[] bytes = new byte[4]; // only works for 32-bit for now-later add 64 - for (int i = 0; i < 4; i++) { - bytes[i] = (byte) ((addr >> (24 - (i * 8))) & 0xff); - } - return bytes; - } - - byte[] bytesReversed(long addr) { - byte[] bytes = new byte[4]; // only works for 32-bit for now-later add 64 - for (int i = 3; i >= 0; i--) { - bytes[3 - i] = (byte) ((addr >> (24 - (i * 8))) & 0xff); - } - return bytes; - } - - // find references to the possible table - // start looking at the top of the array and work back the distance between the pointers in - // the table -// Address [] findReferenceToTable(Address topAddress, long dist){ -// -// ArrayList
foundAddrs = new ArrayList
(); -// long counter = 0; -// while((foundAddrs.size() == 0) || (counter == (dist-1))){ -// List
newList = findReferences(topAddress.subtract(dist-counter)); -// for(int i=0;i findReferences(Address addr){ -// FindPossibleReferences fpr = new FindPossibleReferences(currentProgram,getEndian()); -// return fpr.findReferences(addr); -//} - - public int getEndian() { - - if (currentProgram.getLanguage().isBigEndian()) { - return 1; // BIG_ENDIAN - } - return 0; // LITTLE_ENDIAN - } - -// info about the pushed parameter that gets applied to the calling functions params and locals and referenced data - class PossiblePtrs { - - private Address addrOfPtr; - private Address possiblePtr; - private long distanceFromLast; - - PossiblePtrs(Address addrOfPtr, Address possiblePtr, long distanceFromLast) { - - this.addrOfPtr = addrOfPtr; - this.possiblePtr = possiblePtr; - this.distanceFromLast = distanceFromLast; - } - - public Address getAddrOfPtr() { - return addrOfPtr; - } - - public Address getPossiblePointer() { - return possiblePtr; - } - - public long getDistanceFromLast() { - return distanceFromLast; - } - } - - class Table implements AddressableRowObject { - private Address topAddr; - private long distance; - private int numPointers; - Address ref; - - Table(Address topAddr, long distance, int numPointers, Address ref) { - this.topAddr = topAddr; - this.distance = distance; - this.numPointers = numPointers; - this.ref = ref; - } - - @Override - public Address getAddress() { - return getTopAddr(); - } - - public Address getTopAddr() { - return topAddr; - } - - public long getDistance() { - return distance; - } - - public int getNumPointers() { - return numPointers; - } - - public Address getRef() { - return ref; - } - - } -} diff --git a/Ghidra/Features/Base/ghidra_scripts/FindSharedReturnFunctionsScript.java b/Ghidra/Features/Base/ghidra_scripts/FindSharedReturnFunctionsScript.java index 9025d37040..313bc1f113 100644 --- a/Ghidra/Features/Base/ghidra_scripts/FindSharedReturnFunctionsScript.java +++ b/Ghidra/Features/Base/ghidra_scripts/FindSharedReturnFunctionsScript.java @@ -75,8 +75,10 @@ public class FindSharedReturnFunctionsScript extends GhidraScript { @Override public String getColumnValue(AddressableRowObject rowObject) { SharedReturnLocations entry = (SharedReturnLocations) rowObject; - Function func = entry.getProgram().getFunctionManager().getFunctionContaining( - entry.getWhyAddr()); + Function func = entry.getProgram() + .getFunctionManager() + .getFunctionContaining( + entry.getWhyAddr()); if (func == null) { return ""; } @@ -93,8 +95,10 @@ public class FindSharedReturnFunctionsScript extends GhidraScript { @Override public String getColumnValue(AddressableRowObject rowObject) { SharedReturnLocations entry = (SharedReturnLocations) rowObject; - Function func = entry.getProgram().getFunctionManager().getFunctionContaining( - entry.getAddress()); + Function func = entry.getProgram() + .getFunctionManager() + .getFunctionContaining( + entry.getAddress()); if (func == null) { return ""; } @@ -151,26 +155,18 @@ public class FindSharedReturnFunctionsScript extends GhidraScript { @Override public boolean execute(AddressableRowObject rowObject) { SharedReturnLocations sharedRetLoc = (SharedReturnLocations) rowObject; - System.out.println("Fixup Shared Return Jump at : " + rowObject.getAddress()); + println("Fixup Shared Return Jump at : " + rowObject.getAddress()); Program cp = sharedRetLoc.getProgram(); Address entry = sharedRetLoc.getAddress(); - // gonna change something, have to open a transaction - int trans = cp.startTransaction("Fixup Shared Return Jump at " + entry); - try { - addBookMark(cp, entry, "Shared Return Jump"); + addBookMark(cp, entry, "Shared Return Jump"); - if (!sharedRetLoc.getStatus().equals("fixed")) { - fixSharedReturnLocation(cp, entry); - } - - addBookMark(cp, sharedRetLoc.getWhyAddr(), sharedRetLoc.getExplanation()); - } - finally { - cp.endTransaction(trans, true); + if (!sharedRetLoc.getStatus().equals("fixed")) { + fixSharedReturnLocation(cp, entry); } + addBookMark(cp, sharedRetLoc.getWhyAddr(), sharedRetLoc.getExplanation()); return false; // don't remove row } diff --git a/Ghidra/Features/Base/ghidra_scripts/FixupNoReturnFunctionsScript.java b/Ghidra/Features/Base/ghidra_scripts/FixupNoReturnFunctionsScript.java index 769d0cb7f1..49b7b136c8 100644 --- a/Ghidra/Features/Base/ghidra_scripts/FixupNoReturnFunctionsScript.java +++ b/Ghidra/Features/Base/ghidra_scripts/FixupNoReturnFunctionsScript.java @@ -112,8 +112,10 @@ public class FixupNoReturnFunctionsScript extends GhidraScript { @Override public String getColumnValue(AddressableRowObject rowObject) { NoReturnLocations entry = (NoReturnLocations) rowObject; - Function func = entry.getProgram().getFunctionManager().getFunctionContaining( - entry.getAddress()); + Function func = entry.getProgram() + .getFunctionManager() + .getFunctionContaining( + entry.getAddress()); if (func == null) { return ""; } @@ -283,20 +285,13 @@ public class FixupNoReturnFunctionsScript extends GhidraScript { return false; } - // gonna change something, have to open a transaction - int trans = cp.startTransaction("Fixup No Return at " + entry); - try { - addBookMark(cp, entry, "Non Returning Function"); + addBookMark(cp, entry, "Non Returning Function"); - if (!noRetLoc.isFixed()) { - repairDamage(cp, func, entry); - } + if (!noRetLoc.isFixed()) { + repairDamage(cp, func, entry); + } - addBookMark(cp, noRetLoc.getWhyAddr(), noRetLoc.getExplanation()); - } - finally { - cp.endTransaction(trans, true); - } + addBookMark(cp, noRetLoc.getWhyAddr(), noRetLoc.getExplanation()); return false; // don't remove row } diff --git a/Ghidra/Features/Base/src/main/help/help/topics/AutoAnalysisPlugin/AutoAnalysis.htm b/Ghidra/Features/Base/src/main/help/help/topics/AutoAnalysisPlugin/AutoAnalysis.htm index d4c6e4271e..82f55c930e 100644 --- a/Ghidra/Features/Base/src/main/help/help/topics/AutoAnalysisPlugin/AutoAnalysis.htm +++ b/Ghidra/Features/Base/src/main/help/help/topics/AutoAnalysisPlugin/AutoAnalysis.htm @@ -463,7 +463,7 @@

This analyzer detects variadic function calls in the bodies of each function that intersect the current selection. It then parses their format string arguments to infer the correct function call signatures. Currently, this analyzer only supports printf, scanf, and their variants (e.g., snprintf, fscanf). - If the current selection is emtpy, it searches through every function within the binary. Once + If the current selection is empty, it searches through every function within the binary. Once the signatures are inferred, they are overridden.

Started By: Importing or adding to a program, Auto Analyze command

diff --git a/Ghidra/Features/Base/src/main/help/help/topics/FrontEndPlugin/Extensions.htm b/Ghidra/Features/Base/src/main/help/help/topics/FrontEndPlugin/Extensions.htm index 8b38eaa4f7..3ef0ad739c 100644 --- a/Ghidra/Features/Base/src/main/help/help/topics/FrontEndPlugin/Extensions.htm +++ b/Ghidra/Features/Base/src/main/help/help/topics/FrontEndPlugin/Extensions.htm @@ -33,7 +33,7 @@ The list of extensions is populated when the dialog is launched. To build the li
  • Extension Installation Directories: Contains any extensions that have been installed. The directories are located at:
      • -
    • [user dir]/.ghidra/.ghidra-[version]/Extensions - Installed/uninstalled from this dialog
      • +
    • [user dir]/.ghidra/.ghidra_[version]/Extensions - Installed/uninstalled from this dialog
    • [installation dir]/Ghidra/Extensions/ - Installed/uninstalled from filesystem manually
  • Extensions Archive Directory: This is where all archive files (zips) are stored. It is located at [installation dir]/Extensions/Ghidra/
    • diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/plugin/core/commentwindow/CommentTableModel.java b/Ghidra/Features/Base/src/main/java/ghidra/app/plugin/core/commentwindow/CommentTableModel.java index 3e1eea7221..9259cf36ca 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/plugin/core/commentwindow/CommentTableModel.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/plugin/core/commentwindow/CommentTableModel.java @@ -84,23 +84,30 @@ class CommentTableModel extends AddressBasedTableModel { listing.getCommentAddressIterator(getProgram().getMemory(), true); while (commentIterator.hasNext()) { Address commentAddr = commentIterator.next(); - CodeUnit cu = listing.getCodeUnitAt(commentAddr); - if (cu != null) { - if (cu.getComment(CodeUnit.PRE_COMMENT) != null) { - accumulator.add(new CommentRowObject(commentAddr, CodeUnit.PRE_COMMENT)); - } - if (cu.getComment(CodeUnit.POST_COMMENT) != null) { - accumulator.add(new CommentRowObject(commentAddr, CodeUnit.POST_COMMENT)); - } - if (cu.getComment(CodeUnit.EOL_COMMENT) != null) { - accumulator.add(new CommentRowObject(commentAddr, CodeUnit.EOL_COMMENT)); - } - if (cu.getComment(CodeUnit.PLATE_COMMENT) != null) { - accumulator.add(new CommentRowObject(commentAddr, CodeUnit.PLATE_COMMENT)); - } - if (cu.getComment(CodeUnit.REPEATABLE_COMMENT) != null) { - accumulator.add(new CommentRowObject(commentAddr, CodeUnit.REPEATABLE_COMMENT)); - } + CodeUnit cu = listing.getCodeUnitContaining(commentAddr); + if (!(cu instanceof Data)) { + // avoid too many comments in the table by not showing offcut instruction comments + cu = listing.getCodeUnitAt(commentAddr); + } + + if (cu == null) { + continue; + } + + if (cu.getComment(CodeUnit.PRE_COMMENT) != null) { + accumulator.add(new CommentRowObject(commentAddr, CodeUnit.PRE_COMMENT)); + } + if (cu.getComment(CodeUnit.POST_COMMENT) != null) { + accumulator.add(new CommentRowObject(commentAddr, CodeUnit.POST_COMMENT)); + } + if (cu.getComment(CodeUnit.EOL_COMMENT) != null) { + accumulator.add(new CommentRowObject(commentAddr, CodeUnit.EOL_COMMENT)); + } + if (cu.getComment(CodeUnit.PLATE_COMMENT) != null) { + accumulator.add(new CommentRowObject(commentAddr, CodeUnit.PLATE_COMMENT)); + } + if (cu.getComment(CodeUnit.REPEATABLE_COMMENT) != null) { + accumulator.add(new CommentRowObject(commentAddr, CodeUnit.REPEATABLE_COMMENT)); } } diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/tablechooser/TableChooserDialog.java b/Ghidra/Features/Base/src/main/java/ghidra/app/tablechooser/TableChooserDialog.java index 8eb5aebc98..b9ddf2cacf 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/tablechooser/TableChooserDialog.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/tablechooser/TableChooserDialog.java @@ -112,8 +112,9 @@ public class TableChooserDialog extends DialogComponentProvider navigatable.addNavigatableListener(this); table.installNavigation(goToService, navigatable); } - table.getSelectionModel().addListSelectionListener( - e -> setOkEnabled(table.getSelectedRowCount() > 0)); + table.getSelectionModel() + .addListSelectionListener( + e -> setOkEnabled(table.getSelectedRowCount() > 0)); GhidraTableFilterPanel filterPanel = new GhidraTableFilterPanel<>(table, model); @@ -241,7 +242,8 @@ public class TableChooserDialog extends DialogComponentProvider monitor.initialize(rowObjects.size()); try { - List deleted = doProcessRowObjects(rowObjects, monitor); + List deleted = doProcessRowsInTransaction(rowObjects, monitor); + for (AddressableRowObject rowObject : deleted) { model.removeObject(rowObject); } @@ -254,8 +256,9 @@ public class TableChooserDialog extends DialogComponentProvider } } - private List doProcessRowObjects(List rowObjects, + private List doProcessRows(List rowObjects, TaskMonitor monitor) { + List deleted = new ArrayList<>(); for (AddressableRowObject rowObject : rowObjects) { if (monitor.isCancelled()) { @@ -280,6 +283,18 @@ public class TableChooserDialog extends DialogComponentProvider return deleted; } + private List doProcessRowsInTransaction( + List rowObjects, TaskMonitor monitor) { + + int tx = program.startTransaction("Table Chooser: " + getTitle()); + try { + return doProcessRows(rowObjects, monitor); + } + finally { + program.endTransaction(tx, true); + } + } + public void addCustomColumn(ColumnDisplay columnDisplay) { model.addCustomColumn(columnDisplay); } diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/tablechooser/TableChooserExecutor.java b/Ghidra/Features/Base/src/main/java/ghidra/app/tablechooser/TableChooserExecutor.java index e1e7f537df..3414ea8f59 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/tablechooser/TableChooserExecutor.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/tablechooser/TableChooserExecutor.java @@ -15,6 +15,11 @@ */ package ghidra.app.tablechooser; +/** + * The interface clients must implement to use the {@link TableChooserDialog}. This class is the + * callback that is used to process items from the dialog's table as users select one or more + * rows in the table and then press the table's "apply" button. + */ public interface TableChooserExecutor { /** @@ -29,6 +34,9 @@ public interface TableChooserExecutor { * Applies this executors action to the given rowObject. Return true if the given object * should be removed from the table. * + *

    This method call will be wrapped in a transaction so the client does not have to do so. + * Multiple selected rows will all be processed in a single transaction. + * * @param rowObject the AddressRowObject to be executed upon * @return true if the rowObject should be removed from the table, false otherwise */ diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/ElfDefaultGotPltMarkup.java b/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/ElfDefaultGotPltMarkup.java index 8b185e485d..51b5a43572 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/ElfDefaultGotPltMarkup.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/ElfDefaultGotPltMarkup.java @@ -183,6 +183,9 @@ public class ElfDefaultGotPltMarkup { monitor.checkCanceled(); Data data = createPointer(gotStart, true); + if (data == null) { + break; + } try { gotStart = data.getMaxAddress().add(1); diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/ElfSectionHeaderConstants.java b/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/ElfSectionHeaderConstants.java index 7745852af8..a1232215b8 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/ElfSectionHeaderConstants.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/ElfSectionHeaderConstants.java @@ -191,4 +191,14 @@ public class ElfSectionHeaderConstants { public static final short SHN_XINDEX = (short) 0xffff; /**upper bound on range of reserved indexes*/ public static final short SHN_HIRESERVE = (short) 0xffff; + + /** + * @param symbolSectionIndex symbol section index (st_shndx) + * @return true if specified symbol section index corresponds to a processor + * specific value in the range SHN_LOPROC..SHN_HIPROC, else false + */ + public static boolean isProcessorSpecificSymbolSectionIndex(short symbolSectionIndex) { + return symbolSectionIndex >= ElfSectionHeaderConstants.SHN_LOPROC && + symbolSectionIndex <= ElfSectionHeaderConstants.SHN_HIPROC; + } } diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/extend/ElfLoadAdapter.java b/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/extend/ElfLoadAdapter.java index 1eaa428bca..1d75c2746a 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/extend/ElfLoadAdapter.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/elf/extend/ElfLoadAdapter.java @@ -312,6 +312,22 @@ public class ElfLoadAdapter { return functionAddress; } + /** + * This method allows an extension to override the default address calculation for loading + * a symbol. This is generally only neccessary when symbol requires handling of processor-specific + * flags or section index. This method should return null when default symbol processing + * is sufficient. {@link Address#NO_ADDRESS} should be returned if the symbol is external + * and is not handled by default processing. + * @param elfLoadHelper load helper object + * @param elfSymbol elf symbol + * @return symbol memory address or null to defer to default implementation + * @throws NoValueException if error logged and address calculation failed + */ + public Address calculateSymbolAddress(ElfLoadHelper elfLoadHelper, ElfSymbol elfSymbol) + throws NoValueException { + return null; + } + /** * During symbol processing this method will be invoked to permit an extension to * adjust the address and/or apply context to the intended symbol location. @@ -487,4 +503,5 @@ public class ElfLoadAdapter { public Class getRelocationClass(ElfHeader elfHeader) { return null; } + } diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/util/opinion/ElfProgramBuilder.java b/Ghidra/Features/Base/src/main/java/ghidra/app/util/opinion/ElfProgramBuilder.java index 4d273f4e6d..dd30101e28 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/util/opinion/ElfProgramBuilder.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/util/opinion/ElfProgramBuilder.java @@ -20,7 +20,6 @@ import java.io.InputStream; import java.math.BigInteger; import java.text.NumberFormat; import java.util.*; -import java.util.function.Consumer; import ghidra.app.cmd.label.SetLabelPrimaryCmd; import ghidra.app.util.MemoryBlockUtils; @@ -1232,7 +1231,7 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper { monitor.checkCanceled(); try { - Address address = calculateSymbolAddress(elfSymbol, msg -> log(msg)); + Address address = calculateSymbolAddress(elfSymbol); if (address == null) { continue; } @@ -1280,11 +1279,10 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper { /** * Calculate the load address associated with a specified elfSymbol. * @param elfSymbol ELF symbol - * @param errorConsumer error consumer * @return symbol address or null if symbol not supported and address not determined, - * or NO_ADDRESS if symbol is external and should be allocated to the EXTERNAL block. + * or {@link Address#NO_ADDRESS} if symbol is external and should be allocated to the EXTERNAL block. */ - private Address calculateSymbolAddress(ElfSymbol elfSymbol, Consumer errorConsumer) { + private Address calculateSymbolAddress(ElfSymbol elfSymbol) { if (elfSymbol.getSymbolTableIndex() == 0) { return null; // always skip the first symbol, it is NULL @@ -1296,13 +1294,23 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper { if (elfSymbol.isTLS()) { // TODO: Investigate support for TLS symbols - errorConsumer.accept( - "Unsupported Thread-Local Symbol not loaded: " + elfSymbol.getNameAsString()); + log("Unsupported Thread-Local Symbol not loaded: " + elfSymbol.getNameAsString()); return null; } ElfLoadAdapter loadAdapter = elf.getLoadAdapter(); + // Allow extension to have first shot at calculating symbol address + try { + Address address = elf.getLoadAdapter().calculateSymbolAddress(this, elfSymbol); + if (address != null) { + return address; + } + } + catch (NoValueException e) { + return null; + } + ElfSectionHeader[] elfSections = elf.getSections(); short sectionIndex = elfSymbol.getSectionHeaderIndex(); Address symSectionBase = null; @@ -1316,7 +1324,7 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper { ElfSectionHeader symSection = elf.getSections()[sectionIndex]; symSectionBase = findLoadAddress(symSection, 0); if (symSectionBase == null) { - errorConsumer.accept("Unable to place symbol due to non-loaded section: " + + log("Unable to place symbol due to non-loaded section: " + elfSymbol.getNameAsString() + " - value=0x" + Long.toHexString(elfSymbol.getValue()) + ", section=" + symSection.getNameAsString()); @@ -1366,7 +1374,7 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper { // SHN_COMMON 0xfff2 // SHN_HIRESERVE 0xffff - errorConsumer.accept("Unable to place symbol: " + elfSymbol.getNameAsString() + + log("Unable to place symbol: " + elfSymbol.getNameAsString() + " - value=0x" + Long.toHexString(elfSymbol.getValue()) + ", section-index=0x" + Integer.toHexString(sectionIndex & 0xffff)); return null; @@ -1389,12 +1397,12 @@ class ElfProgramBuilder extends MemorySectionResolver implements ElfLoadHelper { } else if (elf.isRelocatable()) { if (sectionIndex < 0 || sectionIndex >= elfSections.length) { - errorConsumer.accept("Error creating symbol: " + elfSymbol.getNameAsString() + + log("Error creating symbol: " + elfSymbol.getNameAsString() + " - 0x" + Long.toHexString(elfSymbol.getValue())); return Address.NO_ADDRESS; } else if (symSectionBase == null) { - errorConsumer.accept("No Memory for symbol: " + elfSymbol.getNameAsString() + + log("No Memory for symbol: " + elfSymbol.getNameAsString() + " - 0x" + Long.toHexString(elfSymbol.getValue())); return Address.NO_ADDRESS; } diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/PlateFieldFactory.java b/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/PlateFieldFactory.java index 2a4e0c0711..f28bd38910 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/PlateFieldFactory.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/PlateFieldFactory.java @@ -27,6 +27,7 @@ import ghidra.app.util.HighlightProvider; import ghidra.app.util.viewer.format.FieldFormatModel; import ghidra.app.util.viewer.listingpanel.ListingModel; import ghidra.app.util.viewer.options.OptionsGui; +import ghidra.app.util.viewer.proxy.DataProxy; import ghidra.app.util.viewer.proxy.ProxyObj; import ghidra.framework.options.Options; import ghidra.framework.options.ToolOptions; @@ -126,10 +127,10 @@ public class PlateFieldFactory extends FieldFactory { nLinesBeforeLabels = fieldOptions.getInt(LINES_BEFORE_LABELS_OPTION, 1); nLinesBeforePlates = fieldOptions.getInt(LINES_BEFORE_PLATES_OPTION, 0); - showExternalFunctionPointerPlates = fieldOptions.getBoolean( - ListingModel.DISPLAY_EXTERNAL_FUNCTION_POINTER_OPTION_NAME, true); - showNonExternalFunctionPointerPlates = fieldOptions.getBoolean( - ListingModel.DISPLAY_NONEXTERNAL_FUNCTION_POINTER_OPTION_NAME, false); + showExternalFunctionPointerPlates = fieldOptions + .getBoolean(ListingModel.DISPLAY_EXTERNAL_FUNCTION_POINTER_OPTION_NAME, true); + showNonExternalFunctionPointerPlates = fieldOptions + .getBoolean(ListingModel.DISPLAY_NONEXTERNAL_FUNCTION_POINTER_OPTION_NAME, false); } @@ -160,11 +161,32 @@ public class PlateFieldFactory extends FieldFactory { FieldElement[] fields = new FieldElement[elementList.size()]; elementList.toArray(fields); + if (isNestedDataAtSameAddressAsParent(proxy)) { + // This is data at the same address as the parent, which happens with the first + // element in a structure. We do not want to the plate comment here, but only at the + // parent topmost address. + return null; + } + PlateFieldTextField textField = new PlateFieldTextField(fields, this, proxy, startX, width, commentText, isClipped); return new PlateListingTextField(proxy, textField); } + private boolean isNestedDataAtSameAddressAsParent(ProxyObj proxy) { + if (proxy instanceof DataProxy) { + DataProxy dp = (DataProxy) proxy; + Data data = dp.getObject(); + int[] cpath = data.getComponentPath(); + if (cpath.length > 0) { + if (cpath[cpath.length - 1] == 0) { + return true; + } + } + } + return false; + } + private String getCommentText(CodeUnit cu) { String[] comments = cu.getCommentAsArray(CodeUnit.PLATE_COMMENT); if (comments == null) { @@ -199,8 +221,8 @@ public class PlateFieldFactory extends FieldFactory { AttributedString prototype = new AttributedString(EMPTY_STRING, color, getMetrics()); for (int i = 0; i < comments.length; i++) { - elementList.add( - CommentUtils.parseTextForAnnotations(comments[i], program, prototype, i)); + elementList + .add(CommentUtils.parseTextForAnnotations(comments[i], program, prototype, i)); } if (isWordWrap) { @@ -499,7 +521,10 @@ public class PlateFieldFactory extends FieldFactory { if (!CodeUnit.class.isAssignableFrom(proxyObjectClass)) { return false; } - return (category == FieldFormatModel.PLATE); + + // some users like the look of plate comments and would like them in many places + return (category == FieldFormatModel.PLATE || category == FieldFormatModel.OPEN_DATA || + category == FieldFormatModel.INSTRUCTION_OR_DATA); } @Override diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/PreCommentFieldFactory.java b/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/PreCommentFieldFactory.java index d07a2a1a1c..7f333da0b7 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/PreCommentFieldFactory.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/PreCommentFieldFactory.java @@ -120,16 +120,14 @@ public class PreCommentFieldFactory extends FieldFactory { private String[] getDefinedPreComments(CodeUnit cu) { - // If this code unit is the outside of a data - // container, then do not display any comments. - // If this was allowed, then the comment would appear - // on the outside data container and on the 1st - // internal member - // + // Do not show comments for nested components that share the same address as their parent if (cu instanceof Data) { Data data = (Data) cu; - if (data.getNumComponents() > 0) { - return null; + int[] cpath = data.getComponentPath(); + if (cpath.length > 0) { + if (cpath[cpath.length - 1] == 0) { + return null; + } } } diff --git a/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/SymbolAnnotatedStringHandler.java b/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/SymbolAnnotatedStringHandler.java index f687d68736..b3c2626908 100644 --- a/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/SymbolAnnotatedStringHandler.java +++ b/Ghidra/Features/Base/src/main/java/ghidra/app/util/viewer/field/SymbolAnnotatedStringHandler.java @@ -22,7 +22,6 @@ import java.util.regex.Pattern; import docking.widgets.fieldpanel.field.AttributedString; import ghidra.app.nav.Navigatable; import ghidra.app.services.GoToService; -import ghidra.app.services.QueryData; import ghidra.app.util.NamespaceUtils; import ghidra.framework.plugintool.ServiceProvider; import ghidra.program.model.address.Address; @@ -142,8 +141,8 @@ public class SymbolAnnotatedStringHandler implements AnnotatedStringHandler { // try going to the symbol first if (!symbols.isEmpty()) { - QueryData data = new QueryData(symbols.get(0).getName(), true); - return goToService.goToQuery(sourceNavigatable, null, data, null, null); + Symbol s = symbols.get(0); + return goToService.goTo(s.getProgramLocation()); } // try going to the address diff --git a/Ghidra/Features/Decompiler/ghidra_scripts/ShowConstantUse.java b/Ghidra/Features/Decompiler/ghidra_scripts/ShowConstantUse.java index 24e7cea701..3123a67e19 100644 --- a/Ghidra/Features/Decompiler/ghidra_scripts/ShowConstantUse.java +++ b/Ghidra/Features/Decompiler/ghidra_scripts/ShowConstantUse.java @@ -40,8 +40,7 @@ import ghidra.program.model.pcode.*; import ghidra.program.model.symbol.Reference; import ghidra.program.model.symbol.ReferenceIterator; import ghidra.program.util.*; -import ghidra.util.SystemUtilities; -import ghidra.util.UndefinedFunction; +import ghidra.util.*; import ghidra.util.exception.CancelledException; import ghidra.util.exception.InvalidInputException; @@ -157,10 +156,9 @@ public class ShowConstantUse extends GhidraScript { } /** - * Builds the configurable columns for the TableDialog. More columns could - * be added. + * Builds the configurable columns for the TableDialog. More columns could be added. * - * @param tableChooserDialog + * @param tableChooserDialog the dialog */ private void configureTableColumns(TableChooserDialog tableChooserDialog) { // First column added is the Constant value that is found. @@ -254,8 +252,10 @@ public class ShowConstantUse extends GhidraScript { @Override public String getColumnValue(AddressableRowObject rowObject) { ConstUseLocation entry = (ConstUseLocation) rowObject; - Function func = entry.getProgram().getFunctionManager().getFunctionContaining( - entry.getAddress()); + Function func = entry.getProgram() + .getFunctionManager() + .getFunctionContaining( + entry.getAddress()); if (func == null) { return ""; } @@ -299,7 +299,7 @@ public class ShowConstantUse extends GhidraScript { * script by creating an artificial ScriptState. This is a useful technique * for other scripts as well. * - * @return + * @return the executor */ @SuppressWarnings("unused") private TableChooserExecutor createTableExecutor() { @@ -314,23 +314,14 @@ public class ShowConstantUse extends GhidraScript { @Override public boolean execute(AddressableRowObject rowObject) { ConstUseLocation constLoc = (ConstUseLocation) rowObject; - System.out.println("Follow Structure : " + rowObject.getAddress()); + println("Follow Structure : " + rowObject.getAddress()); Program cp = constLoc.getProgram(); Address entry = constLoc.getAddress(); - // If we will change something in program, have to open a - // transaction - int trans = cp.startTransaction("Run Script" + entry); - try { - System.out.println("Create Structure at " + entry); - - runScript("CreateStructure.java", cp, entry); - } - finally { - cp.endTransaction(trans, true); - } + println("Create Structure at " + entry); + runScript("CreateStructure.java", cp, entry); return false; // don't remove row from display table } @@ -347,7 +338,7 @@ public class ShowConstantUse extends GhidraScript { } } catch (Exception exc) { - exc.printStackTrace(); + Msg.error(this, "Exception running script", exc); } throw new IllegalArgumentException("Script does not exist: " + name); } @@ -393,7 +384,7 @@ public class ShowConstantUse extends GhidraScript { * decompiler. In the decompiler this could be a local/parameter at any * point in the decompiler. In the listing, it must be a parameter variable. * - * @return + * @return the varnode */ private Varnode getVarnodeLocation() { Varnode var = null; @@ -559,7 +550,7 @@ public class ShowConstantUse extends GhidraScript { * - accumulate entries. Don't like passing it, but this way the * user gets immediate feedback as locations are found * @return a map of Addresses->constants (constants could be NULL) - * @throws CancelledException + * @throws CancelledException if cancelled */ private HashMap backtrackToConstant(Varnode var, TableChooserDialog tableChooserDialog) throws CancelledException { @@ -587,15 +578,12 @@ public class ShowConstantUse extends GhidraScript { * Backtrack to a constant given a start position of a parameter of a given * function Useful if you want to start from a function paramter. * - * @param f - * - function to start in - * @param paramIndex - * - parameter index to backtrack from - * @param tableChooserDialog - * - accumulate entries. Don't like passing it, but this way the - * user gets immediate feedback as locations are found - * @return a map of Addresses->constants (constants could be NULL) - * @throws CancelledException + * @param f function to start in + * @param paramIndex parameter index to backtrack from + * @param tableChooserDialog accumulate entries. Don't like passing it, but this way the + * user gets immediate feedback as locations are found + * @return a map of Addresses to constants (constants could be NULL) + * @throws CancelledException if cancelled */ private HashMap backtrackParamToConstant(Function f, int paramIndex, TableChooserDialog tableChooserDialog) throws CancelledException { @@ -699,14 +687,7 @@ public class ShowConstantUse extends GhidraScript { this.addConstantProblem(tableDialog, address, problem); } - /** - * Analyze a functions references - * - * @param constUse - * @param funcVarUse - * @param funcList - */ - public void analyzeFunction(HashMap constUse, DecompInterface decompInterface, + private void analyzeFunction(HashMap constUse, DecompInterface decompInterface, Program prog, Function f, Address refAddr, FunctionParamUse funcVarUse, int paramIndex, ArrayList defUseList, ArrayList funcList) { if (f == null) { @@ -722,12 +703,9 @@ public class ShowConstantUse extends GhidraScript { Iterator ops = hfunction.getPcodeOps(refAddr.getPhysicalAddress()); while (ops.hasNext() && !monitor.isCancelled()) { PcodeOpAST pcodeOpAST = ops.next(); - // System.out.println(pcodeOpAST); if (pcodeOpAST.getOpcode() == PcodeOp.CALL) { // get the second parameter - Varnode parm = pcodeOpAST.getInput(paramIndex + 1); // 1st param - // is the - // call dest + Varnode parm = pcodeOpAST.getInput(paramIndex + 1); // 1st param is the call dest if (parm == null) { constUse.put(instr.getAddress(), null); String problem = " *** Warning, it appears that function '" + diff --git a/Ghidra/Features/DecompilerDependent/src/main/java/ghidra/app/plugin/core/string/variadic/FormatStringAnalyzer.java b/Ghidra/Features/DecompilerDependent/src/main/java/ghidra/app/plugin/core/string/variadic/FormatStringAnalyzer.java index 9d9cd23198..a49acf89d0 100644 --- a/Ghidra/Features/DecompilerDependent/src/main/java/ghidra/app/plugin/core/string/variadic/FormatStringAnalyzer.java +++ b/Ghidra/Features/DecompilerDependent/src/main/java/ghidra/app/plugin/core/string/variadic/FormatStringAnalyzer.java @@ -42,9 +42,9 @@ public class FormatStringAnalyzer extends AbstractAnalyzer { private static final String[] VARIADIC_SUBSTRINGS = { "printf", "scanf" }; private static final String NAME = "Variadic Function Signature Override"; private static final String DESCRIPTION = - "Detects variadic function calls in the bodies of each function that intersect the" + + "Detects variadic function calls in the bodies of each function that intersect the " + "current selection and parses their format string arguments to infer the correct " + - "signatures. Currently, this analyzer only supports printf, scanf, and thier variants " + + "signatures. Currently, this analyzer only supports printf, scanf, and their variants " + "(e.g., snprintf, fscanf). If the current selection is empty, it searches through " + "every function. Once the correct signatures are inferred, they are overridden."; private final static boolean OPTION_DEFAULT_CREATE_BOOKMARKS_ENABLED = false; diff --git a/Ghidra/Features/MicrosoftCodeAnalyzer/src/main/java/ghidra/app/plugin/prototype/MicrosoftCodeAnalyzerPlugin/RttiAnalyzer.java b/Ghidra/Features/MicrosoftCodeAnalyzer/src/main/java/ghidra/app/plugin/prototype/MicrosoftCodeAnalyzerPlugin/RttiAnalyzer.java index 6578e55ffb..c845e43d91 100644 --- a/Ghidra/Features/MicrosoftCodeAnalyzer/src/main/java/ghidra/app/plugin/prototype/MicrosoftCodeAnalyzerPlugin/RttiAnalyzer.java +++ b/Ghidra/Features/MicrosoftCodeAnalyzer/src/main/java/ghidra/app/plugin/prototype/MicrosoftCodeAnalyzerPlugin/RttiAnalyzer.java @@ -58,7 +58,7 @@ public class RttiAnalyzer extends AbstractAnalyzer { setSupportsOneTimeAnalysis(); // Set priority of RTTI analyzer to run after Demangler so can see if better // plate comment or label already exists from Demangler. - setPriority(AnalysisPriority.DATA_TYPE_PROPOGATION.before().before()); + setPriority(AnalysisPriority.REFERENCE_ANALYSIS.before()); setDefaultEnablement(true); validationOptions = new DataValidationOptions(); applyOptions = new DataApplyOptions(); diff --git a/Ghidra/Features/PDB/src/main/java/ghidra/app/util/pdb/pdbapplicator/FunctionSymbolApplier.java b/Ghidra/Features/PDB/src/main/java/ghidra/app/util/pdb/pdbapplicator/FunctionSymbolApplier.java index f07d01de59..8fb88b10c4 100644 --- a/Ghidra/Features/PDB/src/main/java/ghidra/app/util/pdb/pdbapplicator/FunctionSymbolApplier.java +++ b/Ghidra/Features/PDB/src/main/java/ghidra/app/util/pdb/pdbapplicator/FunctionSymbolApplier.java @@ -19,7 +19,6 @@ import java.util.*; import ghidra.app.cmd.disassemble.DisassembleCommand; import ghidra.app.cmd.function.*; -import ghidra.app.util.SymbolPath; import ghidra.app.util.bin.format.pdb2.pdbreader.PdbException; import ghidra.app.util.bin.format.pdb2.pdbreader.RecordNumber; import ghidra.app.util.bin.format.pdb2.pdbreader.symbol.*; @@ -301,9 +300,6 @@ public class FunctionSymbolApplier extends MsSymbolApplier { } } - - applicator.addFunctionUse(procedureSymbol, new SymbolPath(function.getSymbol())); - DataType dataType = applier.getDataType(); // Since we know the applier is an AbstractionFunctionTypeApplier, then dataType is either // FunctionDefinition or no type (typedef). @@ -317,7 +313,6 @@ public class FunctionSymbolApplier extends MsSymbolApplier { " due to " + sigCmd.getStatusMsg() + "; dataType: " + def.getName()); return false; } - // TODO: Move datatype to correct category } return true; } diff --git a/Ghidra/Features/PDB/src/main/java/ghidra/app/util/pdb/pdbapplicator/PdbApplicator.java b/Ghidra/Features/PDB/src/main/java/ghidra/app/util/pdb/pdbapplicator/PdbApplicator.java index f726b15c89..2d10d2f3eb 100644 --- a/Ghidra/Features/PDB/src/main/java/ghidra/app/util/pdb/pdbapplicator/PdbApplicator.java +++ b/Ghidra/Features/PDB/src/main/java/ghidra/app/util/pdb/pdbapplicator/PdbApplicator.java @@ -37,7 +37,6 @@ import ghidra.program.model.data.*; import ghidra.program.model.lang.Register; import ghidra.program.model.listing.*; import ghidra.program.model.symbol.*; -import ghidra.util.InvalidNameException; import ghidra.util.Msg; import ghidra.util.exception.*; import ghidra.util.task.CancelOnlyWrappingTaskMonitor; @@ -65,7 +64,6 @@ import ghidra.util.task.TaskMonitor; public class PdbApplicator { private static final String THUNK_NAME_PREFIX = "[thunk]:"; - private static final SymbolPath DUMMY_SYMBOL_PATH = new SymbolPath("/"); //============================================================================================== /** @@ -145,13 +143,6 @@ public class PdbApplicator { */ private Map isClassByNamespace; - /** - * Map for tracking use of procedure type records by function symbols. - * If a type record is used more than once it will get mapped to the - * {@link #DUMMY_SYMBOL_PATH} to indicate non-unique use. - */ - private Map procedureSymbolNameMap; - //============================================================================================== private SymbolApplierFactory symbolApplierParser; @@ -208,7 +199,6 @@ public class PdbApplicator { case NONE: processTypes(); processSymbols(); - renameAnonymousFunctions(); break; default: throw new PdbException("Invalid Restriction"); @@ -326,7 +316,6 @@ public class PdbApplicator { complexApplierMapper = new ComplexTypeApplierMapper(this); applierDependencyGraph = new JungDirectedGraph<>(); isClassByNamespace = new TreeMap<>(); - procedureSymbolNameMap = new HashMap<>(); if (program != null) { // Currently, this must happen after symbolGroups are created. PdbVbtManager pdbVbtManager = new PdbVbtManager(this); @@ -1246,74 +1235,6 @@ public class PdbApplicator { } } - void addFunctionUse(AbstractProcedureMsSymbol procedureSymbol, SymbolPath symbolPath) { - RecordNumber rn = procedureSymbol.getTypeRecordNumber(); - SymbolPath n = procedureSymbolNameMap.get(rn); - if (n == null) { - procedureSymbolNameMap.put(rn, symbolPath); - } - else if (!symbolPath.equals(n)) { - procedureSymbolNameMap.put(rn, DUMMY_SYMBOL_PATH); - } - } - - private void renameAnonymousFunctions() throws CancelledException { - - monitor.setMessage("Renaming function definitions..."); - monitor.setProgress(0); - monitor.setMaximum(procedureSymbolNameMap.size()); - int cnt = 0; - int renamedCnt = 0; - - for (RecordNumber rn : procedureSymbolNameMap.keySet()) { - monitor.checkCanceled(); - monitor.setProgress(++cnt); - SymbolPath symbolPath = procedureSymbolNameMap.get(rn); - if (symbolPath != DUMMY_SYMBOL_PATH) { - // unique name exists for function definition (single use) - MsTypeApplier typeApplier = getTypeApplier(rn); - DataType dt = typeApplier.getDataType(); - CategoryPath category = categoryUtils.getCategory(symbolPath.getParent()); - Category newCategory = dataTypeManager.createCategory(category); - String newName = symbolPath.getName(); - - try { - if (newCategory.getDataType(newName) == null) { - // fast approach should generally work - dt.setName(newName); - dt.setCategoryPath(category); - } - else { - // use slow approach if conflict exists - DataType newDt = dt.copy(dataTypeManager); - newDt.setName(symbolPath.getName()); - newDt.setCategoryPath(category); - newDt = resolve(newDt); - dataTypeManager.replaceDataType(dt, newDt, false); - typeApplier.resolvedDataType = newDt; - } - ++renamedCnt; - } - catch (InvalidNameException | DuplicateNameException - | DataTypeDependencyException e) { - // unexpected - skip - Msg.error(this, "PDB Function definition rename failed: " + dt.getName() + - " -> " + symbolPath); - } - } - } - if (renamedCnt != 0) { - Msg.debug(this, "PDB Renamed " + renamedCnt + " of " + cnt + " function definitions"); - Category anonymousCategory = - dataTypeManager.getCategory(getAnonymousFunctionsCategory()); - if (anonymousCategory != null) { - Msg.debug(this, "PDB Remaining anonymous function definition count: " + - anonymousCategory.getDataTypes().length); - } - } - - } - //============================================================================================== //============================================================================================== //============================================================================================== diff --git a/Ghidra/Features/Python/src/main/java/ghidra/python/GhidraPythonInterpreter.java b/Ghidra/Features/Python/src/main/java/ghidra/python/GhidraPythonInterpreter.java index d9261153f8..e102543058 100644 --- a/Ghidra/Features/Python/src/main/java/ghidra/python/GhidraPythonInterpreter.java +++ b/Ghidra/Features/Python/src/main/java/ghidra/python/GhidraPythonInterpreter.java @@ -218,8 +218,12 @@ public class GhidraPythonInterpreter extends InteractiveInterpreter { InetAddress localhost = InetAddress.getLocalHost(); new Socket(localhost, PyDevUtils.PYDEV_REMOTE_DEBUGGER_PORT).close(); Msg.info(this, "Python debugger found"); - exec("import pydevd; pydevd.settrace(host=\"" + localhost.getHostName() + + StringBuilder dbgCmds = new StringBuilder(); + dbgCmds.append("import pydevd;"); + dbgCmds.append("pydevd.threadingCurrentThread().__pydevd_main_thread = True;"); + dbgCmds.append("pydevd.settrace(host=\"" + localhost.getHostName() + "\", port=" + PyDevUtils.PYDEV_REMOTE_DEBUGGER_PORT + ", suspend=False);"); + exec(dbgCmds.toString()); Msg.info(this, "Connected to a python debugger."); } catch (IOException e) { diff --git a/Ghidra/Framework/Graph/src/main/java/ghidra/graph/viewer/GraphComponent.java b/Ghidra/Framework/Graph/src/main/java/ghidra/graph/viewer/GraphComponent.java index f7d4c526e6..f594fa9702 100644 --- a/Ghidra/Framework/Graph/src/main/java/ghidra/graph/viewer/GraphComponent.java +++ b/Ghidra/Framework/Graph/src/main/java/ghidra/graph/viewer/GraphComponent.java @@ -454,7 +454,7 @@ public class GraphComponent, G e mainStalePanel.setOpaque(false); String tooltip = HTMLUtilities.toWrappedHTML("The block model of the function " + - "for this graph has changed. Press the relyout button to refresh the layout." + + "for this graph has changed. Press the relayout button to refresh the layout." + "\n\n") + "Note: You can edit the graph " + "options to have the graph update automatically."; diff --git a/Ghidra/Framework/SoftwareModeling/Sleigh.launch b/Ghidra/Framework/SoftwareModeling/Sleigh.launch new file mode 100644 index 0000000000..0582eb91e3 --- /dev/null +++ b/Ghidra/Framework/SoftwareModeling/Sleigh.launch @@ -0,0 +1,31 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/Ghidra/Framework/SoftwareModeling/src/main/java/ghidra/program/model/listing/VariableStorage.java b/Ghidra/Framework/SoftwareModeling/src/main/java/ghidra/program/model/listing/VariableStorage.java index 4722c397cd..db51390974 100644 --- a/Ghidra/Framework/SoftwareModeling/src/main/java/ghidra/program/model/listing/VariableStorage.java +++ b/Ghidra/Framework/SoftwareModeling/src/main/java/ghidra/program/model/listing/VariableStorage.java @@ -239,7 +239,7 @@ public class VariableStorage implements Comparable { } if (i < (varnodes.length - 1) && !isRegister) { throw new InvalidInputException( - "Compound storage must use registers accept for last varnode"); + "Compound storage must use registers except for last varnode"); } size += varnode.getSize(); } diff --git a/Ghidra/Processors/MIPS/src/main/java/ghidra/app/util/bin/format/elf/extend/MIPS_ElfExtension.java b/Ghidra/Processors/MIPS/src/main/java/ghidra/app/util/bin/format/elf/extend/MIPS_ElfExtension.java index 99c1a8c366..2e33262ce0 100644 --- a/Ghidra/Processors/MIPS/src/main/java/ghidra/app/util/bin/format/elf/extend/MIPS_ElfExtension.java +++ b/Ghidra/Processors/MIPS/src/main/java/ghidra/app/util/bin/format/elf/extend/MIPS_ElfExtension.java @@ -34,7 +34,7 @@ import ghidra.util.exception.*; import ghidra.util.task.TaskMonitor; public class MIPS_ElfExtension extends ElfExtension { - + private static final String MIPS_STUBS_SECTION_NAME = ".MIPS.stubs"; // GP value reflected by symbol address @@ -287,9 +287,13 @@ public class MIPS_ElfExtension extends ElfExtension { public static final byte ODK_IDENT = 10; public static final byte ODK_PAGESIZE = 11; + // MIPS-specific SHN values + public static final short SHN_MIPS_ACOMMON = (short) 0xff00; + public static final short SHN_MIPS_TEXT = (short) 0xff01; + public static final short SHN_MIPS_DATA = (short) 0xff02; + @Override public boolean canHandle(ElfHeader elf) { - // TODO: Verify 64-bit MIPS support return elf.e_machine() == ElfConstants.EM_MIPS; } @@ -328,6 +332,25 @@ public class MIPS_ElfExtension extends ElfExtension { return functionAddress; } + @Override + public Address calculateSymbolAddress(ElfLoadHelper elfLoadHelper, ElfSymbol elfSymbol) + throws NoValueException { + + short sectionIndex = elfSymbol.getSectionHeaderIndex(); + if (!ElfSectionHeaderConstants.isProcessorSpecificSymbolSectionIndex(sectionIndex)) { + return null; + } + + if (sectionIndex == SHN_MIPS_ACOMMON || sectionIndex == SHN_MIPS_TEXT || sectionIndex == SHN_MIPS_DATA) { + // NOTE: logic assumes no memory conflict occured during section loading + AddressSpace defaultSpace = elfLoadHelper.getProgram().getAddressFactory().getDefaultAddressSpace(); + return defaultSpace.getAddress(elfSymbol.getValue() + elfLoadHelper.getImageBaseWordAdjustmentOffset()); + } + + return null; + } + + @Override public Address evaluateElfSymbol(ElfLoadHelper elfLoadHelper, ElfSymbol elfSymbol, Address address, boolean isExternal) { diff --git a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevFeature/category.xml b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevFeature/category.xml index c97bad1bd1..7dbdf5746e 100644 --- a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevFeature/category.xml +++ b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevFeature/category.xml @@ -1,6 +1,6 @@ - + diff --git a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevFeature/feature.xml b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevFeature/feature.xml index b014ffeb63..ead7c00822 100644 --- a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevFeature/feature.xml +++ b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevFeature/feature.xml @@ -2,7 +2,7 @@ diff --git a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/GhidraDev_README.html b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/GhidraDev_README.html index d8aac87775..58f8f5e16d 100644 --- a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/GhidraDev_README.html +++ b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/GhidraDev_README.html @@ -53,6 +53,8 @@ change with future releases.

Change History

+

2.1.2: Fixed exception that occurred when creating a new Ghidra scripting project +if a ~/ghidra_scripts directory does not exist.

2.1.1:

  • diff --git a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/META-INF/MANIFEST.MF b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/META-INF/MANIFEST.MF index 303b7e3f1b..66e449de4a 100644 --- a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/META-INF/MANIFEST.MF +++ b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/META-INF/MANIFEST.MF @@ -3,7 +3,7 @@ Manifest-Version: 1.0 Bundle-ManifestVersion: 2 Bundle-Name: GhidraDev Bundle-SymbolicName: ghidra.ghidradev;singleton:=true -Bundle-Version: 2.1.1.qualifier +Bundle-Version: 2.1.2.qualifier Bundle-Activator: ghidradev.Activator Require-Bundle: org.eclipse.ant.core;bundle-version="3.5.200", org.eclipse.buildship.core;bundle-version="3.0.0", diff --git a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/src/main/java/ghidradev/ghidraprojectcreator/utils/GhidraScriptUtils.java b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/src/main/java/ghidradev/ghidraprojectcreator/utils/GhidraScriptUtils.java index 3171c0efa1..ed083d01d2 100644 --- a/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/src/main/java/ghidradev/ghidraprojectcreator/utils/GhidraScriptUtils.java +++ b/GhidraBuild/EclipsePlugins/GhidraDev/GhidraDevPlugin/src/main/java/ghidradev/ghidraprojectcreator/utils/GhidraScriptUtils.java @@ -25,6 +25,7 @@ import org.eclipse.jdt.core.*; import ghidra.GhidraApplicationLayout; import ghidra.framework.GModule; +import ghidradev.Activator; /** * Utility methods for working with Ghidra scripts in Eclipse. @@ -87,6 +88,12 @@ public class GhidraScriptUtils { // Link in the user's personal ghidra_scripts directory if (linkUserScripts) { + if (!userScriptsDir.isDirectory()) { + if (!userScriptsDir.mkdirs()) { + throw new CoreException(new Status(IStatus.ERROR, Activator.PLUGIN_ID, + IStatus.ERROR, "Failed to create " + userScriptsDir, null)); + } + } IFolder link = javaProject.getProject().getFolder("Home scripts"); link.createLink(new Path(userScriptsDir.getAbsolutePath()), IResource.NONE, monitor); classpathEntries.add(JavaCore.newSourceEntry(link.getFullPath()));