LIEF: Library to Instrument Executable Formats Version 1.0.0
Loading...
Searching...
No Matches
BinaryParser.hpp
Go to the documentation of this file.
1/* Copyright 2017 - 2026 R. Thomas
2 * Copyright 2017 - 2026 Quarkslab
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16#ifndef LIEF_MACHO_BINARY_PARSER_H
17#define LIEF_MACHO_BINARY_PARSER_H
18#include <memory>
19#include <string>
20#include <vector>
21#include <limits>
22#include <set>
23#include <map>
24#include <unordered_map>
25
26#include "LIEF/visibility.h"
27#include "LIEF/errors.hpp"
28
29#include "LIEF/Abstract/Parser.hpp"
30
31#include "LIEF/MachO/enums.hpp"
32#include "LIEF/MachO/DyldChainedFormat.hpp"
33#include "LIEF/MachO/ParserConfig.hpp"
34#include "LIEF/MachO/DyldBindingInfo.hpp"
35
36namespace LIEF {
37class BinaryStream;
38class SpanStream;
39
40namespace MachO {
41class AtomInfo;
42class ChainedBindingInfo;
43class CodeSignature;
44class CodeSignatureDir;
45class DataInCode;
46class DyldChainedFixups;
47class DylibCommand;
48class DynamicSymbolCommand;
49class ExportInfo;
50class FunctionStarts;
51class FunctionVariants;
52class FunctionVariantFixups;
53class LinkerOptHint;
54class Parser;
55class Section;
56class SegmentCommand;
57class SegmentSplitInfo;
58class Symbol;
59class SymbolCommand;
60class TwoLevelHints;
61struct ParserConfig;
62
63
64namespace details {
65struct dyld_chained_starts_in_segment;
66struct dyld_chained_fixups_header;
67union dyld_chained_ptr_arm64e;
68union dyld_chained_ptr_generic64;
69union dyld_chained_ptr_generic32;
70union dyld_chained_ptr_arm64e_segmented;
71}
72
78class LIEF_API BinaryParser : public LIEF::Parser {
79
80 friend class MachO::Parser;
81
83 constexpr static size_t MAX_RELOCATIONS = (std::numeric_limits<uint16_t>::max)();
84
86 constexpr static size_t MAX_COMMANDS = (std::numeric_limits<uint16_t>::max)();
87
88 public:
89 static std::unique_ptr<Binary> parse(const std::string& file);
90 static std::unique_ptr<Binary> parse(const std::string& file,
91 const ParserConfig& conf);
92 static std::unique_ptr<Binary>
93 parse(const std::vector<uint8_t>& data,
94 const ParserConfig& conf = ParserConfig::deep());
95
96 static std::unique_ptr<Binary>
97 parse(const std::vector<uint8_t>& data, uint64_t fat_offset,
98 const ParserConfig& conf = ParserConfig::deep());
99
100 static std::unique_ptr<Binary> parse(std::unique_ptr<BinaryStream> stream,
101 uint64_t fat_offset,
102 const ParserConfig& conf);
103
104 BinaryParser& operator=(const BinaryParser& copy) = delete;
105 BinaryParser(const BinaryParser& copy) = delete;
106
107 ~BinaryParser() override;
108
109 private:
110 using exports_list_t = std::vector<std::unique_ptr<ExportInfo>>;
111 LIEF_LOCAL BinaryParser();
112
113 LIEF_LOCAL ok_error_t init_and_parse();
114
115 template<class MACHO_T>
116 LIEF_LOCAL ok_error_t parse();
117
118 template<class MACHO_T>
119 LIEF_LOCAL ok_error_t parse_header();
120
121 template<class MACHO_T>
122 LIEF_LOCAL ok_error_t parse_load_commands();
123
124 template<class MACHO_T>
125 LIEF_LOCAL ok_error_t parse_relocations(Section& section);
126
127 // Dyld info parser
128 // ================
129
130 // Rebase
131 // ------
132 template<class MACHO_T>
133 LIEF_LOCAL ok_error_t parse_dyldinfo_rebases();
134
135 // Bindings
136 // --------
137 template<class MACHO_T>
138 LIEF_LOCAL ok_error_t parse_dyldinfo_binds();
139
140 template<class MACHO_T>
141 LIEF_LOCAL ok_error_t parse_dyldinfo_generic_bind();
142
143 template<class MACHO_T>
144 LIEF_LOCAL ok_error_t parse_dyldinfo_weak_bind();
145
146 template<class MACHO_T>
147 LIEF_LOCAL ok_error_t parse_dyldinfo_lazy_bind();
148
149 template<class MACHO_T>
150 LIEF_LOCAL ok_error_t infer_indirect_bindings();
151
152 template<class MACHO_T>
153 LIEF_LOCAL ok_error_t parse_symtab(SymbolCommand& cmd, SpanStream& nlist_s,
154 SpanStream& string_s);
155
156 LIEF_LOCAL ok_error_t parse_indirect_symbols(DynamicSymbolCommand& cmd,
157 std::vector<Symbol*>& symtab,
158 BinaryStream& indirect_stream);
159
160
161 template<class MACHO_T>
162 LIEF_LOCAL ok_error_t parse_data_in_code(DataInCode& cmd, BinaryStream& stream);
163
164 using it_opaque_segments =
165 void*; // To avoid including Binary.hpp. It must contains it_opaque_segments
166
167 template<class MACHO_T>
168 LIEF_LOCAL ok_error_t do_bind(DyldBindingInfo::CLASS cls, uint8_t type,
169 uint8_t segment_idx, uint64_t segment_offset,
170 const std::string& symbol_name, int32_t ord,
171 int64_t addend, bool is_weak,
172 bool is_non_weak_definition,
173 it_opaque_segments segments_ptr,
174 uint64_t offset = 0);
175
176
177 template<class MACHO_T>
178 LIEF_LOCAL ok_error_t do_rebase(uint8_t type, uint8_t segment_idx,
179 uint64_t segment_offset,
180 it_opaque_segments segments);
181
182 /*
183 * This set of functions are related to the parsing of LC_DYLD_CHAINED_FIXUPS
184 */
185 template<class MACHO_T>
186 LIEF_LOCAL ok_error_t parse_chained_payload(SpanStream& stream);
187
188 template<class MACHO_T>
189 LIEF_LOCAL ok_error_t
190 parse_chained_import(const details::dyld_chained_fixups_header& header,
191 SpanStream& stream, SpanStream& symbol_pool);
192
193 template<class MACHO_T>
194 LIEF_LOCAL ok_error_t
195 parse_chained_fixup(const details::dyld_chained_fixups_header& header,
196 SpanStream& stream);
197
198 template<class MACHO_T>
199 LIEF_LOCAL ok_error_t parse_fixup_seg(SpanStream& stream,
200 uint32_t seg_info_offset, uint64_t offset,
201 uint32_t seg_idx);
202
203 template<class MACHO_T>
204 LIEF_LOCAL ok_error_t do_fixup(DYLD_CHAINED_FORMAT fmt, int32_t ord,
205 const std::string& symbol_name, int64_t addend,
206 bool is_weak);
207
208 template<class MACHO_T>
209 LIEF_LOCAL ok_error_t
210 process_fixup(SegmentCommand& segment, uint64_t chain_address,
211 uint64_t chain_offset,
212 const details::dyld_chained_starts_in_segment& seg_info);
213
214 template<class MACHO_T>
215 LIEF_LOCAL result<uint64_t>
216 next_chain(uint64_t& chain_address, uint64_t chain_offset,
217 const details::dyld_chained_starts_in_segment& seg_info);
218
219 template<class MACHO_T>
220 LIEF_LOCAL ok_error_t
221 walk_chain(SegmentCommand& segment, uint64_t chain_address,
222 uint64_t chain_offset,
223 const details::dyld_chained_starts_in_segment& seg_info);
224
225 LIEF_LOCAL ok_error_t
226 do_chained_fixup(SegmentCommand& segment, uint64_t chain_address,
227 uint32_t chain_offset,
228 const details::dyld_chained_starts_in_segment& seg_info,
229 const details::dyld_chained_ptr_arm64e& fixup);
230
231 LIEF_LOCAL ok_error_t
232 do_chained_fixup(SegmentCommand& segment, uint64_t chain_address,
233 uint32_t chain_offset,
234 const details::dyld_chained_starts_in_segment& seg_info,
235 const details::dyld_chained_ptr_generic64& fixup);
236
237 LIEF_LOCAL ok_error_t
238 do_chained_fixup(SegmentCommand& segment, uint64_t chain_address,
239 uint32_t chain_offset,
240 const details::dyld_chained_starts_in_segment& seg_info,
241 const details::dyld_chained_ptr_generic32& fixup);
242
243 LIEF_LOCAL ok_error_t
244 do_chained_fixup(SegmentCommand& segment, uint64_t chain_address,
245 uint32_t chain_offset,
246 const details::dyld_chained_starts_in_segment& seg_info,
247 const details::dyld_chained_ptr_arm64e_segmented& fixup);
248
249 template<class MACHO_T>
250 LIEF_LOCAL ok_error_t post_process(SymbolCommand& cmd);
251
252 template<class MACHO_T>
253 LIEF_LOCAL ok_error_t post_process(FunctionStarts& cmd);
254
255 template<class MACHO_T>
256 LIEF_LOCAL ok_error_t post_process(DataInCode& cmd);
257
258 template<class MACHO_T>
259 LIEF_LOCAL ok_error_t post_process(SegmentSplitInfo& cmd);
260
261 template<class MACHO_T>
262 LIEF_LOCAL ok_error_t post_process(DynamicSymbolCommand& cmd);
263
264 template<class MACHO_T>
265 LIEF_LOCAL ok_error_t post_process(LinkerOptHint& cmd);
266
267 template<class MACHO_T>
268 LIEF_LOCAL ok_error_t post_process(AtomInfo& cmd);
269
270 template<class MACHO_T>
271 LIEF_LOCAL ok_error_t post_process(TwoLevelHints& cmd);
272
273 template<class MACHO_T>
274 LIEF_LOCAL ok_error_t post_process(CodeSignature& cmd);
275
276 template<class MACHO_T>
277 LIEF_LOCAL ok_error_t post_process(CodeSignatureDir& cmd);
278
279 template<class MACHO_T>
280 LIEF_LOCAL ok_error_t post_process(FunctionVariants& cmd);
281
282 template<class MACHO_T>
283 LIEF_LOCAL ok_error_t post_process(FunctionVariantFixups& cmd);
284
285 LIEF_LOCAL ok_error_t parse_overlay();
286
287 // Exports
288 // -------
289 LIEF_LOCAL ok_error_t parse_dyldinfo_export();
290 LIEF_LOCAL ok_error_t parse_dyld_exports();
291
292 LIEF_LOCAL ok_error_t parse_export_trie(exports_list_t& exports,
293 BinaryStream& stream, uint64_t start,
294 const std::string& prefix,
295 bool* invalid_names);
296
297 LIEF_LOCAL void copy_from(ChainedBindingInfo& to, ChainedBindingInfo& from);
298
299 std::unique_ptr<BinaryStream> stream_;
300 std::unique_ptr<Binary> binary_;
301 MACHO_TYPES type_ = MACHO_TYPES::MAGIC_64;
302 bool is64_ = true;
303 ParserConfig config_;
304 std::set<uint64_t> visited_;
305 std::unordered_map<std::string, Symbol*> memoized_symbols_;
306 std::map<uint64_t, Symbol*> memoized_symbols_by_address_;
307
308 std::vector<DylibCommand*> binding_libs_;
309 std::set<uint64_t> dyld_reloc_addrs_;
310
311 // Cache of DyldChainedFixups
312 DyldChainedFixups* chained_fixups_ = nullptr;
313};
314
315
316} // namespace MachO
317} // namespace LIEF
318#endif
LIEF::BinaryStream
Class that is used to a read stream of data from different sources.
Definition BinaryStream.hpp:33
LIEF::MachO::AtomInfo
Class which represents the LC_ATOM_INFO command.
Definition AtomInfo.hpp:35
LIEF::MachO::BinaryParser::BinaryParser
BinaryParser(const BinaryParser &copy)=delete
LIEF::MachO::BinaryParser::operator=
BinaryParser & operator=(const BinaryParser &copy)=delete
LIEF::MachO::BinaryParser::parse
static std::unique_ptr< Binary > parse(std::unique_ptr< BinaryStream > stream, uint64_t fat_offset, const ParserConfig &conf)
LIEF::MachO::BinaryParser::parse
static std::unique_ptr< Binary > parse(const std::vector< uint8_t > &data, uint64_t fat_offset, const ParserConfig &conf=ParserConfig::deep())
LIEF::MachO::BinaryParser::parse
static std::unique_ptr< Binary > parse(const std::string &file)
LIEF::MachO::BinaryParser::parse
static std::unique_ptr< Binary > parse(const std::string &file, const ParserConfig &conf)
LIEF::MachO::BinaryParser::parse
static std::unique_ptr< Binary > parse(const std::vector< uint8_t > &data, const ParserConfig &conf=ParserConfig::deep())
LIEF::MachO::ChainedBindingInfo
This class represents a symbol binding operation associated with the LC_DYLD_CHAINED_FIXUPS command.
Definition ChainedBindingInfo.hpp:48
LIEF::MachO::CodeSignatureDir
Definition CodeSignatureDir.hpp:36
LIEF::MachO::CodeSignature
Definition CodeSignature.hpp:37
LIEF::MachO::DataInCode
Interface of the LC_DATA_IN_CODE command This command is used to list slices of code sections that co...
Definition DataInCode.hpp:42
LIEF::MachO::DyldBindingInfo::CLASS
CLASS
Definition DyldBindingInfo.hpp:39
LIEF::MachO::DyldChainedFixups
Class that represents the LC_DYLD_CHAINED_FIXUPS command.
Definition DyldChainedFixups.hpp:49
LIEF::MachO::DylibCommand
Class which represents a library dependency.
Definition DylibCommand.hpp:34
LIEF::MachO::DynamicSymbolCommand
Class that represents the LC_DYSYMTAB command.
Definition DynamicSymbolCommand.hpp:40
LIEF::MachO::ExportInfo
Class that provides an interface over the Dyld export info.
Definition ExportInfo.hpp:38
LIEF::MachO::FunctionStarts
Class which represents the LC_FUNCTION_STARTS command.
Definition FunctionStarts.hpp:39
LIEF::MachO::FunctionVariantFixups
Class which represents the LC_FUNCTION_VARIANT_FIXUPS command.
Definition FunctionVariantFixups.hpp:34
LIEF::MachO::FunctionVariants
Class representing the LC_FUNCTION_VARIANTS load command.
Definition FunctionVariants.hpp:59
LIEF::MachO::LinkerOptHint
Class which represents the LC_LINKER_OPTIMIZATION_HINT command.
Definition LinkerOptHint.hpp:37
LIEF::MachO::Parser
The main interface to parse a Mach-O binary.
Definition MachO/Parser.hpp:42
LIEF::MachO::Section
Class that represents a Mach-O section.
Definition MachO/Section.hpp:47
LIEF::MachO::SegmentCommand
Class which represents a LoadCommand::TYPE::SEGMENT / LoadCommand::TYPE::SEGMENT_64 command.
Definition SegmentCommand.hpp:51
LIEF::MachO::SegmentSplitInfo
Class that represents the LoadCommand::TYPE::SEGMENT_SPLIT_INFO command.
Definition SegmentSplitInfo.hpp:35
LIEF::MachO::SymbolCommand
Class that represents the LC_SYMTAB command.
Definition SymbolCommand.hpp:35
LIEF::MachO::Symbol
Class that represents a Symbol in a Mach-O file.
Definition MachO/Symbol.hpp:47
LIEF::MachO::TwoLevelHints
Class which represents the LC_TWOLEVEL_HINTS command.
Definition TwoLevelHints.hpp:39
LIEF::Parser
Main interface to parse an executable regardless of its format.
Definition Abstract/Parser.hpp:30
LIEF::SpanStream
Definition SpanStream.hpp:32
LIEF::ok_error_t
Opaque structure that is used by LIEF to avoid writing result<void> f(...). Instead,...
Definition errors.hpp:114
LIEF::result
Wrapper that contains an Object (T) or an error.
Definition errors.hpp:77
LIEF::MachO::details
Definition endianness_support.hpp:60
LIEF::MachO
Namespace related to the LIEF's Mach-O module.
Definition Abstract/Header.hpp:36
LIEF::MachO::DYLD_CHAINED_FORMAT
DYLD_CHAINED_FORMAT
Definition DyldChainedFormat.hpp:22
LIEF::MachO::MACHO_TYPES
MACHO_TYPES
Definition MachO/enums.hpp:23
LIEF::MachO::MACHO_TYPES::MAGIC_64
@ MAGIC_64
64-bit big-endian magic
Definition MachO/enums.hpp:27
LIEF
LIEF namespace.
Definition Abstract/Binary.hpp:40
LIEF::MachO::ParserConfig
This structure is used to tweak the MachO Parser (MachO::Parser).
Definition MachO/ParserConfig.hpp:24
LIEF::MachO::ParserConfig::deep
static ParserConfig deep()
Return a parser configuration such as all the objects supported by LIEF are parsed.
LIEF_API
#define LIEF_API
Definition visibility.h:43
LIEF_LOCAL
#define LIEF_LOCAL
Definition visibility.h:44
Generated by doxygen 1.17.0