Merge pull request #116 from commial/container-arch

Container arch
author: serpilliere <serpilliere@users.noreply.github.com> 2015-03-19 13:43:20 +0100
committer: serpilliere <serpilliere@users.noreply.github.com> 2015-03-19 13:43:20 +0100
commit: e472b3b6ab1a86c0522e70f1fc5c8cb6361372eb (patch)
tree: ff384a705779e93badf5bf531ba630e46789e214 /miasm2
parent: f05424a7acf75f7ab490e9df72c0006380def927 (diff)
parent: 595fda5b35238a9e468af5d3d674129d62e369dc (diff)
download: miasm-e472b3b6ab1a86c0522e70f1fc5c8cb6361372eb.tar.gz
miasm-e472b3b6ab1a86c0522e70f1fc5c8cb6361372eb.zip
3 files changed, 49 insertions, 3 deletions
diff --git a/miasm2/analysis/binary.py b/miasm2/analysis/binary.py
index f5cecc87..c71c5e9b 100644
--- a/miasm2/analysis/binary.py
+++ b/miasm2/analysis/binary.py
@@ -88,6 +88,13 @@ class Container(object):
 
     def __init__(self, *args, **kwargs):
         "Alias for 'parse'"
+        # Init attributes
+        self._executable = None
+        self._bin_stream = None
+        self._entry_point = None
+        self._arch = None
+
+        # Launch parsing
         self.parse(*args, **kwargs)
 
     @property
@@ -105,14 +112,18 @@ class Container(object):
         "Return the detected entry_point"
         return self._entry_point
 
+    @property
+    def arch(self):
+        "Return the guessed architecture"
+        return self._arch
+
 
 ## Format dependent classes
 class ContainerPE(Container):
     "Container abstraction for PE"
 
-
     def parse(self, data, vm=None):
-        from miasm2.jitter.loader.pe import vm_load_pe, preload_pe
+        from miasm2.jitter.loader.pe import vm_load_pe, preload_pe, guess_arch
         from elfesteem import pe_init
 
         # Parse signature
@@ -133,6 +144,9 @@ class ContainerPE(Container):
                 self._executable.NTsig.signature_value != 0x4550:
             raise ContainerSignatureException()
 
+        # Guess the architecture
+        self._arch = guess_arch(self._executable)
+
         # Build the bin_stream instance and set the entry point
         try:
             self._bin_stream = bin_stream_pe(self._executable.virt)
@@ -146,7 +160,8 @@ class ContainerELF(Container):
     "Container abstraction for ELF"
 
     def parse(self, data, vm=None):
-        from miasm2.jitter.loader.elf import vm_load_elf, preload_elf
+        from miasm2.jitter.loader.elf import \
+            vm_load_elf, preload_elf, guess_arch
         from elfesteem import elf_init
 
         # Parse signature
@@ -162,6 +177,9 @@ class ContainerELF(Container):
         except Exception, error:
             raise ContainerParsingException('Cannot read ELF: %s' % error)
 
+        # Guess the architecture
+        self._arch = guess_arch(self._executable)
+
         # Build the bin_stream instance and set the entry point
         try:
             self._bin_stream = bin_stream_elf(self._executable.virt)
diff --git a/miasm2/jitter/loader/elf.py b/miasm2/jitter/loader/elf.py
index 916b37c4..c0427e79 100644
--- a/miasm2/jitter/loader/elf.py
+++ b/miasm2/jitter/loader/elf.py
@@ -3,6 +3,8 @@ from collections import defaultdict
 
 from elfesteem import cstruct
 from elfesteem import *
+import elfesteem.elf as elf_csts
+
 from miasm2.jitter.csts import *
 from miasm2.jitter.loader.utils import canon_libname_libfunc, libimp
 from miasm2.core.interval import interval
@@ -80,3 +82,19 @@ def vm_load_elf(vm, fdata, **kargs):
 
 class libimp_elf(libimp):
     pass
+
+
+# machine, size, sex -> arch_name
+ELF_machine = {(elf_csts.EM_ARM, 32, elf_csts.ELFDATA2LSB): "arml",
+               (elf_csts.EM_ARM, 32, elf_csts.ELFDATA2MSB): "armb",
+               (elf_csts.EM_MIPS, 32, elf_csts.ELFDATA2MSB): "mips32b",
+               (elf_csts.EM_MIPS, 32, elf_csts.ELFDATA2LSB): "mips32l",
+               (elf_csts.EM_386, 32, elf_csts.ELFDATA2LSB): "x86_32",
+               (elf_csts.EM_X86_64, 64, elf_csts.ELFDATA2LSB): "x86_64",
+               (elf_csts.EM_SH, 32, elf_csts.ELFDATA2LSB): "sh4",
+               }
+
+def guess_arch(elf):
+    """Return the architecture specified by the ELF container @elf.
+    If unknown, return None"""
+    return ELF_machine.get((elf.Ehdr.machine, elf.size, elf.sex), None)
diff --git a/miasm2/jitter/loader/pe.py b/miasm2/jitter/loader/pe.py
index a3834d03..7c11b9c5 100644
--- a/miasm2/jitter/loader/pe.py
+++ b/miasm2/jitter/loader/pe.py
@@ -406,3 +406,13 @@ class libimp_pe(libimp):
                 all_ads = all_ads[i + 1:]
 
         return new_lib
+
+# machine -> arch
+PE_machine = {0x14c: "x86_32",
+              0x8664: "x86_64",
+              }
+
+def guess_arch(pe):
+    """Return the architecture specified by the PE container @pe.
+    If unknown, return None"""
+    return PE_machine.get(pe.Coffhdr.machine, None)
author	serpilliere <serpilliere@users.noreply.github.com>	2015-03-19 13:43:20 +0100
committer	serpilliere <serpilliere@users.noreply.github.com>	2015-03-19 13:43:20 +0100
commit	e472b3b6ab1a86c0522e70f1fc5c8cb6361372eb (patch)
tree	ff384a705779e93badf5bf531ba630e46789e214 /miasm2
parent	f05424a7acf75f7ab490e9df72c0006380def927 (diff)
parent	595fda5b35238a9e468af5d3d674129d62e369dc (diff)
download	miasm-e472b3b6ab1a86c0522e70f1fc5c8cb6361372eb.tar.gz miasm-e472b3b6ab1a86c0522e70f1fc5c8cb6361372eb.zip