retdec
|
#include <file_format.h>
Public Member Functions | |
FileFormat (const std::string &pathToFile, LoadFlags loadFlags=LoadFlags::NONE) | |
FileFormat (std::istream &inputStream, LoadFlags loadFlags=LoadFlags::NONE) | |
FileFormat (const std::uint8_t *data, std::size_t size, LoadFlags loadFlags=LoadFlags::NONE) | |
virtual | ~FileFormat () |
const LoaderErrorInfo & | getLoaderErrorInfo () const |
Other methods | |
void | initArchitecture (Architecture arch, retdec::utils::Endianness endian=retdec::utils::Endianness::UNKNOWN, std::size_t bytesPerWord=4, retdec::common::Address entryPoint=retdec::common::Address::Undefined, retdec::common::Address sectionVMA=retdec::common::Address::Undefined) |
void | loadStrings () |
void | loadStrings (StringType type, std::size_t charSize) |
void | loadStrings (StringType type, std::size_t charSize, const SecSeg *secSeg) |
void | loadImpHash () |
void | loadExpHash () |
void | loadResourceIconHash () |
bool | isInValidState () const |
LoadFlags | getLoadFlags () const |
Auxiliary offset detection methods | |
const Section * | getSectionFromOffset (unsigned long long offset) const |
const Segment * | getSegmentFromOffset (unsigned long long offset) const |
const SecSeg * | getSectionOrSegmentFromOffset (unsigned long long offset) const |
bool | haveSectionOrSegmentOnOffset (unsigned long long offset) const |
bool | haveDataOnOffset (unsigned long long offset) const |
Auxiliary address detection methods | |
const Section * | getSectionFromAddress (unsigned long long address) const |
const Segment * | getSegmentFromAddress (unsigned long long address) const |
const SecSeg * | getSectionOrSegmentFromAddress (unsigned long long address) const |
bool | haveSectionOrSegmentOnAddress (unsigned long long address) const |
bool | haveDataOnAddress (unsigned long long address) const |
bool | haveReadOnlyDataOnAddress (unsigned long long address) const |
Test if there are some read-only data on provided address – address belongs to some read-only section or segment. More... | |
Byte value storage methods | |
virtual std::size_t | getNibbleLength () const override |
virtual std::size_t | getByteLength () const override |
virtual std::size_t | getWordLength () const override |
virtual std::size_t | getNumberOfNibblesInByte () const override |
Detection methods | |
bool | isX86 () const |
bool | isX86_64 () const |
bool | isX86OrX86_64 () const |
bool | isArm () const |
bool | isPowerPc () const |
bool | isMips () const |
bool | isUnknownArch () const |
bool | isPe () const |
bool | isElf () const |
bool | isCoff () const |
bool | isMacho () const |
bool | isIntelHex () const |
bool | isRawData () const |
bool | isUnknownFormat () const |
bool | isWindowsDriver () const |
bool | hasCrc32 () const |
bool | hasMd5 () const |
bool | hasSha256 () const |
bool | hasSectionTableCrc32 () const |
bool | hasSectionTableMd5 () const |
bool | hasSectionTableSha256 () const |
std::string | getCrc32 () const |
std::string | getMd5 () const |
std::string | getSha256 () const |
std::string | getSectionTableCrc32 () const |
std::string | getSectionTableMd5 () const |
std::string | getSectionTableSha256 () const |
std::string | getPathToFile () const |
Format | getFileFormat () const |
std::size_t | getNumberOfSections () const |
std::size_t | getNumberOfSegments () const |
std::size_t | getNumberOfSymbolTables () const |
std::size_t | getNumberOfRelocationTables () const |
std::size_t | getNumberOfDynamicTables () const |
std::size_t | getFileLength () const |
std::size_t | getLoadedFileLength () const |
std::size_t | getOverlaySize () const |
bool | getOverlayEntropy (double &res) const |
std::size_t | nibblesFromBytes (std::size_t bytes) const |
std::size_t | bytesFromNibbles (std::size_t nibbles) const |
std::size_t | bytesFromNibblesRounded (std::size_t nibbles) const |
bool | getOffsetFromAddress (unsigned long long &result, unsigned long long address) const |
bool | getAddressFromOffset (unsigned long long &result, unsigned long long offset) const |
bool | getBytes (std::vector< std::uint8_t > &result, unsigned long long offset, unsigned long long numberOfBytes) const |
bool | getEpBytes (std::vector< std::uint8_t > &result, unsigned long long numberOfBytes) const |
bool | getHexBytes (std::string &result, unsigned long long offset, unsigned long long numberOfBytes) const |
bool | getHexEpBytes (std::string &result, unsigned long long numberOfBytes) const |
bool | getHexBytesFromEnd (std::string &result, unsigned long long numberOfBytes) const |
bool | getString (std::string &result, unsigned long long offset, unsigned long long numberOfBytes) const |
bool | getStringFromEnd (std::string &result, unsigned long long numberOfBytes) const |
bool | isObjectStretchedOverSections (std::size_t addr, std::size_t size) const |
const Section * | getEpSection () |
const Section * | getSection (const std::string &secName) const |
const Section * | getSection (unsigned long long secIndex) const |
const Section * | getLastSection () const |
const Section * | getLastButOneSection () const |
const Segment * | getEpSegment () |
const Segment * | getSegment (const std::string &segName) const |
const Segment * | getSegment (unsigned long long segIndex) const |
const Segment * | getLastSegment () const |
const Segment * | getLastButOneSegment () const |
const SymbolTable * | getSymbolTable (unsigned long long tabIndex) const |
const RelocationTable * | getRelocationTable (unsigned long long tabIndex) const |
const DynamicTable * | getDynamicTable (unsigned long long tabIndex) const |
const ImportTable * | getImportTable () const |
const ExportTable * | getExportTable () const |
const ResourceTable * | getResourceTable () const |
const ResourceTree * | getResourceTree () const |
const RichHeader * | getRichHeader () const |
const PdbInfo * | getPdbInfo () const |
const CertificateTable * | getCertificateTable () const |
const TlsInfo * | getTlsInfo () const |
const ElfCoreInfo * | getElfCoreInfo () const |
const Symbol * | getSymbol (const std::string &name) const |
const Symbol * | getSymbol (unsigned long long address) const |
const Relocation * | getRelocation (const std::string &name) const |
const Relocation * | getRelocation (unsigned long long address) const |
const Import * | getImport (const std::string &name) const |
const Import * | getImport (unsigned long long address) const |
const Export * | getExport (const std::string &name) const |
const Export * | getExport (unsigned long long address) const |
const Resource * | getManifestResource () const |
const Resource * | getVersionResource () const |
bool | isSignaturePresent () const |
bool | isSignatureVerified () const |
const retdec::common::RangeContainer< std::uint64_t > & | getNonDecodableAddressRanges () const |
Containers | |
const std::vector< Section * > & | getSections () const |
const std::vector< Section * > | getSections (std::initializer_list< std::string > secs) const |
const std::vector< Segment * > & | getSegments () const |
const std::vector< Segment * > | getSegments (std::initializer_list< std::string > segs) const |
const std::vector< SymbolTable * > & | getSymbolTables () const |
const std::vector< RelocationTable * > & | getRelocationTables () const |
const std::vector< DynamicTable * > & | getDynamicTables () const |
const std::vector< unsigned char > & | getBytes () const |
const std::vector< unsigned char > & | getLoadedBytes () const |
const unsigned char * | getBytesData () const |
const unsigned char * | getLoadedBytesData () const |
const std::vector< String > & | getStrings () const |
const std::vector< ElfNoteSecSeg > & | getElfNoteSecSegs () const |
const std::set< std::uint64_t > & | getUnknownRelocations () const |
const std::vector< std::pair< std::string, std::string > > & | getAnomalies () const |
Address interpretation methods | |
virtual bool | getXByte (std::uint64_t address, std::uint64_t x, std::uint64_t &res, retdec::utils::Endianness e=retdec::utils::Endianness::UNKNOWN) const override |
virtual bool | getXBytes (std::uint64_t address, std::uint64_t x, std::vector< std::uint8_t > &res) const override |
virtual bool | setXByte (std::uint64_t address, std::uint64_t x, std::uint64_t val, retdec::utils::Endianness e=retdec::utils::Endianness::UNKNOWN) override |
virtual bool | setXBytes (std::uint64_t address, const std::vector< std::uint8_t > &val) override |
bool | isPointer (unsigned long long address, std::uint64_t *pointer=nullptr) const |
Offset interpretation methods | |
bool | get1ByteOffset (std::uint64_t offset, std::uint64_t &res, retdec::utils::Endianness e=retdec::utils::Endianness::UNKNOWN) const |
bool | get2ByteOffset (std::uint64_t offset, std::uint64_t &res, retdec::utils::Endianness e=retdec::utils::Endianness::UNKNOWN) const |
bool | get4ByteOffset (std::uint64_t offset, std::uint64_t &res, retdec::utils::Endianness e=retdec::utils::Endianness::UNKNOWN) const |
bool | get8ByteOffset (std::uint64_t offset, std::uint64_t &res, retdec::utils::Endianness e=retdec::utils::Endianness::UNKNOWN) const |
bool | get10ByteOffset (std::uint64_t offset, long double &res) const |
bool | getXByteOffset (std::uint64_t offset, std::uint64_t x, std::uint64_t &res, retdec::utils::Endianness e=retdec::utils::Endianness::UNKNOWN) const |
bool | getXBytesOffset (std::uint64_t offset, std::uint64_t x, std::vector< std::uint8_t > &res) const |
bool | getWordOffset (std::uint64_t offset, std::uint64_t &res, retdec::utils::Endianness e=retdec::utils::Endianness::UNKNOWN) const |
bool | getNTBSOffset (std::uint64_t offset, std::string &res, std::size_t size=0) const |
bool | getNTWSOffset (std::uint64_t offset, std::size_t width, std::vector< std::uint64_t > &res) const |
Virtual detection methods | |
virtual std::string | getFileFormatName () const |
virtual std::size_t | getDeclaredFileLength () const |
virtual bool | areSectionsValid () const |
Pure virtual detection methods | |
virtual bool | isObjectFile () const =0 |
virtual bool | isDll () const =0 |
virtual bool | isExecutable () const =0 |
virtual bool | getMachineCode (unsigned long long &result) const =0 |
virtual bool | getAbiVersion (unsigned long long &result) const =0 |
virtual bool | getImageBaseAddress (unsigned long long &imageBase) const =0 |
virtual bool | getEpAddress (unsigned long long &result) const =0 |
virtual bool | getEpOffset (unsigned long long &epOffset) const =0 |
virtual Architecture | getTargetArchitecture () const =0 |
virtual std::size_t | getDeclaredNumberOfSections () const =0 |
virtual std::size_t | getDeclaredNumberOfSegments () const =0 |
virtual std::size_t | getSectionTableOffset () const =0 |
virtual std::size_t | getSectionTableEntrySize () const =0 |
virtual std::size_t | getSegmentTableOffset () const =0 |
virtual std::size_t | getSegmentTableEntrySize () const =0 |
Dump methods | |
void | dump () |
void | dump (std::string &dumpFile) |
void | dumpRegionsValidity () |
void | dumpRegionsValidity (std::string &dumpStr) |
void | dumpResourceTree () |
void | dumpResourceTree (std::string &dumpStr) |
![]() | |
ByteValueStorage ()=default | |
virtual | ~ByteValueStorage ()=default |
virtual Endianness | getEndianness () const =0 |
virtual std::size_t | getBytesPerWord () const =0 |
virtual bool | hasMixedEndianForDouble () const =0 |
Endianness | getInverseEndianness () const |
bool | isLittleEndian () const |
bool | isBigEndian () const |
bool | isUnknownEndian () const |
bool | hexToBig (std::string &str) const |
bool | hexToLittle (std::string &str) const |
bool | bitsToBig (std::string &str) const |
bool | bitsToLittle (std::string &str) const |
bool | bitsToBig (std::vector< unsigned char > &values) const |
bool | bitsToLittle (std::vector< unsigned char > &values) const |
bool | get1Byte (std::uint64_t address, std::uint64_t &res, Endianness e=Endianness::UNKNOWN) const |
bool | get2Byte (std::uint64_t address, std::uint64_t &res, Endianness e=Endianness::UNKNOWN) const |
bool | get4Byte (std::uint64_t address, std::uint64_t &res, Endianness e=Endianness::UNKNOWN) const |
bool | get8Byte (std::uint64_t address, std::uint64_t &res, Endianness e=Endianness::UNKNOWN) const |
bool | get10Byte (std::uint64_t address, long double &res) const |
bool | getWord (std::uint64_t address, std::uint64_t &res, Endianness e=Endianness::UNKNOWN) const |
bool | getFloat (std::uint64_t address, float &res) const |
bool | getDouble (std::uint64_t address, double &res) const |
bool | set1Byte (std::uint64_t address, std::uint64_t val, Endianness e=Endianness::UNKNOWN) |
bool | set2Byte (std::uint64_t address, std::uint64_t val, Endianness e=Endianness::UNKNOWN) |
bool | set4Byte (std::uint64_t address, std::uint64_t val, Endianness e=Endianness::UNKNOWN) |
bool | set8Byte (std::uint64_t address, std::uint64_t val, Endianness e=Endianness::UNKNOWN) |
bool | set10Byte (std::uint64_t address, long double val) |
bool | setWord (std::uint64_t address, std::uint64_t val, Endianness e=Endianness::UNKNOWN) |
bool | setFloat (std::uint64_t address, float val) |
bool | setDouble (std::uint64_t address, double val) |
bool | getXByteArray (std::uint64_t address, std::uint64_t x, std::vector< std::uint64_t > &res, std::size_t size, Endianness e=Endianness::UNKNOWN) const |
bool | get1ByteArray (std::uint64_t address, std::vector< std::uint64_t > &res, std::size_t size, Endianness e=Endianness::UNKNOWN) const |
bool | get2ByteArray (std::uint64_t address, std::vector< std::uint64_t > &res, std::size_t size, Endianness e=Endianness::UNKNOWN) const |
bool | get4ByteArray (std::uint64_t address, std::vector< std::uint64_t > &res, std::size_t size, Endianness e=Endianness::UNKNOWN) const |
bool | get8ByteArray (std::uint64_t address, std::vector< std::uint64_t > &res, std::size_t size, Endianness e=Endianness::UNKNOWN) const |
bool | get10ByteArray (std::uint64_t address, std::vector< long double > &res, std::size_t size) const |
bool | getWordArray (std::uint64_t address, std::vector< std::uint64_t > &res, std::size_t, Endianness e=Endianness::UNKNOWN) const |
bool | getFloatArray (std::uint64_t address, std::vector< float > &res, std::size_t size) const |
bool | getDoubleArray (std::uint64_t address, std::vector< double > &res, std::size_t size) const |
bool | getNTBS (std::uint64_t address, std::string &res, std::size_t size=0) const |
bool | getNTWS (std::uint64_t address, std::size_t width, std::vector< std::uint64_t > &res) const |
bool | getNTWSNice (std::uint64_t address, std::size_t width, std::vector< std::uint64_t > &res) const |
Protected Member Functions | |
Clear methods | |
void | clear () |
Protected detection methods | |
void | computeSectionTableHashes () |
Setters | |
void | setLoadedBytes (std::vector< unsigned char > *lBytes) |
![]() | |
bool | createValueFromBytes (const std::vector< std::uint8_t > &data, std::uint64_t &value, Endianness endian, std::uint64_t offset=0, std::uint64_t size=0) const |
bool | createBytesFromValue (std::uint64_t data, std::uint64_t x, std::vector< std::uint8_t > &value, Endianness endian) const |
bool | get10ByteImpl (const std::vector< std::uint8_t > &data, long double &res) const |
bool | getFloatImpl (const std::vector< std::uint8_t > &data, float &res) const |
bool | getDoubleImpl (const std::vector< std::uint8_t > &data, double &res) const |
bool | getNTBSImpl (const GetNByteFn &get1ByteFn, std::uint64_t address, std::string &res, std::size_t size) const |
bool | getNTWSImpl (const GetXByteFn &getXByteFn, std::uint64_t address, std::size_t width, std::vector< std::uint64_t > &res) const |
bool | getNTWSNiceImpl (const GetXByteFn &getXByteFn, std::uint64_t address, std::size_t width, std::vector< std::uint64_t > &res) const |
Protected Attributes | |
std::string | crc32 |
CRC32 of file content. More... | |
std::string | md5 |
MD5 of file content. More... | |
std::string | sha256 |
SHA256 of file content. More... | |
std::string | sectionCrc32 |
CRC32 of section table. More... | |
std::string | sectionMd5 |
MD5 of section table. More... | |
std::string | sectionSha256 |
SHA256 of section table. More... | |
std::string | filePath |
name of input file More... | |
std::istream & | fileStream |
stream representation of input file More... | |
std::vector< Section * > | sections |
file sections More... | |
std::vector< Segment * > | segments |
file segments More... | |
std::vector< SymbolTable * > | symbolTables |
symbol tables More... | |
std::vector< RelocationTable * > | relocationTables |
relocation tables More... | |
std::vector< DynamicTable * > | dynamicTables |
tables with dynamic records More... | |
std::vector< unsigned char > | bytes |
content of file as bytes More... | |
std::vector< String > | strings |
detected strings More... | |
std::vector< ElfNoteSecSeg > | noteSecSegs |
note sections or segemnts found in ELF file More... | |
std::set< std::uint64_t > | unknownRelocs |
unknown relocations More... | |
ImportTable * | importTable |
table of imports More... | |
ExportTable * | exportTable |
table of exports More... | |
ResourceTable * | resourceTable |
table of resources More... | |
ResourceTree * | resourceTree |
structure of resource tree More... | |
RichHeader * | richHeader |
rich header More... | |
PdbInfo * | pdbInfo |
information about related PDB debug file More... | |
CertificateTable * | certificateTable |
table of certificates More... | |
TlsInfo * | tlsInfo |
thread-local information More... | |
ElfCoreInfo * | elfCoreInfo |
information about core file structures More... | |
Format | fileFormat |
format of input file More... | |
LoaderErrorInfo | _ldrErrInfo |
loader error (e.g. Windows loader error for PE files) More... | |
bool | stateIsValid |
internal state of instance More... | |
std::vector< std::pair< std::size_t, std::size_t > > | secHashInfo |
information for calculation of section table hash More... | |
std::optional< bool > | signatureVerified |
indicates whether the signature is present and also verified More... | |
retdec::common::RangeContainer< std::uint64_t > | nonDecodableRanges |
Address ranges which should not be decoded for instructions. More... | |
std::vector< std::pair< std::string, std::string > > | anomalies |
file format anomalies More... | |
Private Member Functions | |
Initialization methods | |
void | init () |
void | initStream () |
Pure virtual initialization methods | |
virtual std::size_t | initSectionTableHashOffsets ()=0 |
![]() | |
NonCopyable (const NonCopyable &)=delete | |
NonCopyable & | operator= (const NonCopyable &)=delete |
NonCopyable ()=default | |
~NonCopyable ()=default | |
Private Attributes | |
byte_array_buffer | auxBuff |
auxiliary input buffer More... | |
std::ifstream | auxFStream |
auxiliary input file stream More... | |
std::istream | auxIStream |
auxiliary input stream More... | |
std::vector< unsigned char > * | loadedBytes |
reference to serialized content of input file More... | |
LoadFlags | loadFlags |
load flags for configurable file loading More... | |
Additional Inherited Members | |
![]() | |
using | GetNByteFn = std::function< bool(std::uint64_t, std::uint64_t &, Endianness)> |
using | GetXByteFn = std::function< bool(std::uint64_t, std::uint64_t, std::uint64_t &, Endianness)> |
FileFormat - abstract class for parsing files
retdec::fileformat::FileFormat::FileFormat | ( | const std::string & | pathToFile, |
LoadFlags | loadFlags = LoadFlags::NONE |
||
) |
Constructor
pathToFile | Path to input file |
loadFlags | Load flags |
retdec::fileformat::FileFormat::FileFormat | ( | std::istream & | inputStream, |
LoadFlags | loadFlags = LoadFlags::NONE |
||
) |
Constructor
inputStream | Stream which represents input file |
loadFlags | Load flags |
retdec::fileformat::FileFormat::FileFormat | ( | const std::uint8_t * | data, |
std::size_t | size, | ||
LoadFlags | loadFlags = LoadFlags::NONE |
||
) |
Constructor
data | Input data. |
size | Input data size. |
loadFlags | Load flags |
|
virtual |
Destructor
|
virtual |
Determine if loaded sections are OK to use for decompilation purposes. We want at least one valid section which may hold code.
true
if sections are to be used, false
otherwise (use segments). Reimplemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
std::size_t retdec::fileformat::FileFormat::bytesFromNibbles | ( | std::size_t | nibbles | ) | const |
Count number of bytes from number of nibbles
nibbles | Number of nibbles |
std::size_t retdec::fileformat::FileFormat::bytesFromNibblesRounded | ( | std::size_t | nibbles | ) | const |
Count number of bytes from number of nibbles and round up
nibbles | Number of nibbles |
|
protected |
Clear all internal structures
|
protected |
Compute hashes of section table. This method must be called after sections are loaded.
void retdec::fileformat::FileFormat::dump | ( | ) |
Dump information about input file on standard output
void retdec::fileformat::FileFormat::dump | ( | std::string & | dumpFile | ) |
Dump information about input file
dumpFile | Into this parameter is stored dump of input file in an LLVM style |
void retdec::fileformat::FileFormat::dumpRegionsValidity | ( | ) |
Dump information about validity of sections and segments on standard output
void retdec::fileformat::FileFormat::dumpRegionsValidity | ( | std::string & | dumpStr | ) |
Dump information about validity of sections and segments
dumpStr | Parameter for store the dump in LLVM format |
void retdec::fileformat::FileFormat::dumpResourceTree | ( | ) |
Dump information about structure of resource tree on standard output
void retdec::fileformat::FileFormat::dumpResourceTree | ( | std::string & | dumpStr | ) |
bool retdec::fileformat::FileFormat::get10ByteOffset | ( | std::uint64_t | offset, |
long double & | res | ||
) | const |
Get long double from the specified offset If system has 80-bit (10 - byte) long double, copy data directly. Else convert 80-bit (10 - byte) long double into 64-bit (8 - uint8_t) double.
offset | Offset to get double from |
res | Result double |
true
if all is OK, false
otherwise) bool retdec::fileformat::FileFormat::get1ByteOffset | ( | std::uint64_t | offset, |
std::uint64_t & | res, | ||
retdec::utils::Endianness | e = retdec::utils::Endianness::UNKNOWN |
||
) | const |
Get integer (1B) located at provided offset using the specified endian or default file endian
offset | Offset to get integer from |
res | Result integer |
e | Endian - if specified it is forced, otherwise file's endian is used |
true
if all is OK, false
otherwise) bool retdec::fileformat::FileFormat::get2ByteOffset | ( | std::uint64_t | offset, |
std::uint64_t & | res, | ||
retdec::utils::Endianness | e = retdec::utils::Endianness::UNKNOWN |
||
) | const |
Get integer (2B) located at provided offset using the specified endian or default file endian
offset | Offset to get integer from |
res | Result integer |
e | Endian - if specified it is forced, otherwise file's endian is used |
true
if all is OK, false
otherwise) bool retdec::fileformat::FileFormat::get4ByteOffset | ( | std::uint64_t | offset, |
std::uint64_t & | res, | ||
retdec::utils::Endianness | e = retdec::utils::Endianness::UNKNOWN |
||
) | const |
Get integer (4B) located at provided offset using the specified endian or default file endian
offset | Offset to get integer from |
res | Result integer |
e | Endian - if specified it is forced, otherwise file's endian is used |
true
if all is OK, false
otherwise) bool retdec::fileformat::FileFormat::get8ByteOffset | ( | std::uint64_t | offset, |
std::uint64_t & | res, | ||
retdec::utils::Endianness | e = retdec::utils::Endianness::UNKNOWN |
||
) | const |
Get integer (8B) located at provided offset using the specified endian or default file endian
offset | Offset to get integer from |
res | Result integer |
e | Endian - if specified it is forced, otherwise file's endian is used |
true
if all is OK, false
otherwise)
|
pure virtual |
Get file format-dependent version of used ABI
result | Parameter for store the result |
true
if method went OK, false
otherwise Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
bool retdec::fileformat::FileFormat::getAddressFromOffset | ( | unsigned long long & | result, |
unsigned long long | offset | ||
) | const |
Convert offset to address
result | Into this parameter is stored resulted address |
offset | Offset for conversion |
true
if offset was successfully converted to address, false
otherwiseIf method returns false
, result is left unchanged
const std::vector< std::pair< std::string, std::string > > & retdec::fileformat::FileFormat::getAnomalies | ( | ) | const |
Get all anomalies
|
overridevirtual |
Get number of bits in one byte
Implements retdec::utils::ByteValueStorage.
Reimplemented in retdec::fileformat::RawDataFormat.
const std::vector< unsigned char > & retdec::fileformat::FileFormat::getBytes | ( | ) | const |
Get content of input file as bytes
bool retdec::fileformat::FileFormat::getBytes | ( | std::vector< std::uint8_t > & | result, |
unsigned long long | offset, | ||
unsigned long long | numberOfBytes | ||
) | const |
Get bytes from entry point
result | Read bytes |
offset | Start offset for read |
numberOfBytes | Number of bytes for read |
true
if all is OK) const unsigned char * retdec::fileformat::FileFormat::getBytesData | ( | ) | const |
Get content of input file as constant pointer to bytes
const CertificateTable * retdec::fileformat::FileFormat::getCertificateTable | ( | ) | const |
Get information about certificate table
nullptr
if file has no certificates std::string retdec::fileformat::FileFormat::getCrc32 | ( | ) | const |
Get CRC32
|
virtual |
Get declared length of file. This length may be shorter or longer than real length of file.
This method takes into account only offset and size of each file section and segment. This is not valid for some file formats (e.g. ELF, PE, COFF), therefore, this method is virtual and can be replaced in subclass.
Reimplemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
|
pure virtual |
Get declared number of sections. This number may be different than real number of sections in file
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
|
pure virtual |
Get declared number of segments. This number may be different than real number of segments in file
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
const DynamicTable * retdec::fileformat::FileFormat::getDynamicTable | ( | unsigned long long | tabIndex | ) | const |
Get information about dynamic table
tabIndex | Index of selected dynamic table (indexed from 0) |
nullptr
if index of table is invalid const std::vector< DynamicTable * > & retdec::fileformat::FileFormat::getDynamicTables | ( | ) | const |
Get all dynamic tables
const ElfCoreInfo * retdec::fileformat::FileFormat::getElfCoreInfo | ( | ) | const |
Get information about ELF core file
nullptr
if file has no certificates const std::vector< ElfNoteSecSeg > & retdec::fileformat::FileFormat::getElfNoteSecSegs | ( | ) | const |
Get all detected notes
|
pure virtual |
Get virtual address of entry point
result | Parameter for store the result |
true
if file has entry point and entry point address is successfully detected, false
otherwiseIf file has no associated entry point, result is left unchanged.
If file has entry point but detection of entry point address is failed, instance method isInValidState() returns false
after its invocation.
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
bool retdec::fileformat::FileFormat::getEpBytes | ( | std::vector< std::uint8_t > & | result, |
unsigned long long | numberOfBytes | ||
) | const |
Get bytes from entry point
result | Read bytes |
numberOfBytes | Number of bytes for read |
true
if all is OK)If file has no entry point or entry point has not detected, method returns false
If file has entry point but detection of entry point offset is failed or an error occurs while reading bytes from file, instance method isInValidState() returns false
after its invocation.
|
pure virtual |
Get offset of entry point
epOffset | Into this parameter the resulting number is stored |
true
if file has entry point and entry point offset is successfully detected, false
otherwiseIf file has no associated entry point, epOffset is left unchanged.
If file has entry point but detection of entry point offset is failed, instance method isInValidState() returns false
after its invocation.
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
const Section * retdec::fileformat::FileFormat::getEpSection | ( | ) |
Get information about section containing entry point
nullptr
otherwise const Segment * retdec::fileformat::FileFormat::getEpSegment | ( | ) |
Get information about segment containing entry point
nullptr
otherwise const Export * retdec::fileformat::FileFormat::getExport | ( | const std::string & | name | ) | const |
Get export with name name
name | Name of export to get |
nullptr
if such export is not found const Export * retdec::fileformat::FileFormat::getExport | ( | unsigned long long | address | ) | const |
Get export on address address
address | Address of export to get |
nullptr
if such export is not found const ExportTable * retdec::fileformat::FileFormat::getExportTable | ( | ) | const |
Get information about export table
nullptr
if file has no exports Format retdec::fileformat::FileFormat::getFileFormat | ( | ) | const |
Get file format
Format::UNDETECTABLE | Instance is not in consistent state (file format cannot be unambiguously determined) |
|
virtual |
Get name of file format as string
Reimplemented in retdec::fileformat::MachOFormat.
std::size_t retdec::fileformat::FileFormat::getFileLength | ( | ) | const |
Get real length of file. This lenght may be shorter or longer than declared length of file.
bool retdec::fileformat::FileFormat::getHexBytes | ( | std::string & | result, |
unsigned long long | offset, | ||
unsigned long long | numberOfBytes | ||
) | const |
Get bytes from specified offset in hexadecimal string representation
result | Read bytes in hexadecimal string representation |
offset | Start offset for read |
numberOfBytes | Number of bytes for read |
true
if all is OK) bool retdec::fileformat::FileFormat::getHexBytesFromEnd | ( | std::string & | result, |
unsigned long long | numberOfBytes | ||
) | const |
Get bytes from end of file in hexadecimal string representation
result | Parameter for store the result |
numberOfBytes | Number of bytes for read |
true
if operation went OK, false
otherwiseIf length of file is smaller than numberOfBytes, as many bytes as possible are read.
bool retdec::fileformat::FileFormat::getHexEpBytes | ( | std::string & | result, |
unsigned long long | numberOfBytes | ||
) | const |
Get bytes from entry point in hexadecimal string representation
result | Read bytes in hexadecimal string representation |
numberOfBytes | Number of bytes for read |
true
if all is OK)If file has no entry point or entry point has not detected, method returns false
If file has entry point but detection of entry point offset is failed or an error occurs while reading bytes from file, instance method isInValidState() returns false
after its invocation.
|
pure virtual |
Get image base address of file
imageBase | Into this parameter the resulting number is stored |
true
if file has image base address and this address was successfully detected, false
otherwiseIf file has no image base, imageBase is left unchanged
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
const Import * retdec::fileformat::FileFormat::getImport | ( | const std::string & | name | ) | const |
Get import with name name
name | Name of import to get |
nullptr
if such import is not found const Import * retdec::fileformat::FileFormat::getImport | ( | unsigned long long | address | ) | const |
Get import on address address
address | Address of import to get |
nullptr
if such import is not found const ImportTable * retdec::fileformat::FileFormat::getImportTable | ( | ) | const |
Get information about import table
nullptr
if file has no imports const Section * retdec::fileformat::FileFormat::getLastButOneSection | ( | ) | const |
Get information about last but one section
nullptr
if section is not detected const Segment * retdec::fileformat::FileFormat::getLastButOneSegment | ( | ) | const |
Get information about last but one segment
nullptr
if segment is not detected const Section * retdec::fileformat::FileFormat::getLastSection | ( | ) | const |
Get information about last section
nullptr
if section is not detected const Segment * retdec::fileformat::FileFormat::getLastSegment | ( | ) | const |
Get information about last segment
nullptr
if segment is not detected const std::vector< unsigned char > & retdec::fileformat::FileFormat::getLoadedBytes | ( | ) | const |
Get serialized loaded content of input file as bytes
const unsigned char * retdec::fileformat::FileFormat::getLoadedBytesData | ( | ) | const |
Get serialized loaded content of input file as constant pointer to bytes
std::size_t retdec::fileformat::FileFormat::getLoadedFileLength | ( | ) | const |
Get real length of serialized content of input file.
const LoaderErrorInfo & retdec::fileformat::FileFormat::getLoaderErrorInfo | ( | ) | const |
Get reference to the loader error info
LoadFlags retdec::fileformat::FileFormat::getLoadFlags | ( | ) | const |
Getter for load flags.
|
pure virtual |
Get file format-dependent number representing code of target architecture of file
result | Parameter for store the result |
true
if method went OK, false
otherwise Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
const Resource * retdec::fileformat::FileFormat::getManifestResource | ( | ) | const |
Get resource that represents side-by-side assembly manifest
nullptr
if such resource is not found std::string retdec::fileformat::FileFormat::getMd5 | ( | ) | const |
Get MD5
|
overridevirtual |
Get number of bits in one nibble
Implements retdec::utils::ByteValueStorage.
const retdec::common::RangeContainer< std::uint64_t > & retdec::fileformat::FileFormat::getNonDecodableAddressRanges | ( | ) | const |
Get non-decodable address ranges.
bool retdec::fileformat::FileFormat::getNTBSOffset | ( | std::uint64_t | offset, |
std::string & | res, | ||
std::size_t | size = 0 |
||
) | const |
Get NTBS (null-terminated byte string) from specified offset
offset | Offset to get string from |
res | Result string |
size | Requested size of string (if size is zero, read until zero byte) |
true
if all is OK, false
otherwise) bool retdec::fileformat::FileFormat::getNTWSOffset | ( | std::uint64_t | offset, |
std::size_t | width, | ||
std::vector< std::uint64_t > & | res | ||
) | const |
Get NTWS (null-terminated wide string) from specified offset
offset | Offset to get string from |
width | Byte width of one character |
res | Result character array |
true
if all is OK, false
otherwise) std::size_t retdec::fileformat::FileFormat::getNumberOfDynamicTables | ( | ) | const |
Get number of dynamic tables in file
|
overridevirtual |
Get number of nibbles in one byte
Supported architectures are defined as enumeration type Architecture.
Implements retdec::utils::ByteValueStorage.
std::size_t retdec::fileformat::FileFormat::getNumberOfRelocationTables | ( | ) | const |
Get number of relocation tables in file
std::size_t retdec::fileformat::FileFormat::getNumberOfSections | ( | ) | const |
Get number of sections in file
std::size_t retdec::fileformat::FileFormat::getNumberOfSegments | ( | ) | const |
Get number of segments in file
std::size_t retdec::fileformat::FileFormat::getNumberOfSymbolTables | ( | ) | const |
Get number of symbol tables in file
bool retdec::fileformat::FileFormat::getOffsetFromAddress | ( | unsigned long long & | result, |
unsigned long long | address | ||
) | const |
Convert address to offset
result | Into this parameter is stored resulted offset |
address | Address for conversion |
true
if address was successfully converted to offset, false
otherwiseIf method returns false
, result is left unchanged
bool retdec::fileformat::FileFormat::getOverlayEntropy | ( | double & | res | ) | const |
Get overlay data entropy
res | Variable to store the result to |
true
if entropy calculation succeeded, false
otherwise std::size_t retdec::fileformat::FileFormat::getOverlaySize | ( | ) | const |
Get size of overlay. This may be zero. If size of overlay is non-zero, overlay starts at offset which is identical with result of method getDeclaredFileLength().
std::string retdec::fileformat::FileFormat::getPathToFile | ( | ) | const |
Get path to input file
const PdbInfo * retdec::fileformat::FileFormat::getPdbInfo | ( | ) | const |
Get information about related PDB file
nullptr
if file has no such information const Relocation * retdec::fileformat::FileFormat::getRelocation | ( | const std::string & | name | ) | const |
Get relocation with name name
name | Name of relocation to get |
nullptr
if such relocation is not found const Relocation * retdec::fileformat::FileFormat::getRelocation | ( | unsigned long long | address | ) | const |
Get relocation with address address
address | Address of relocation to get |
nullptr
if such relocation is not found const RelocationTable * retdec::fileformat::FileFormat::getRelocationTable | ( | unsigned long long | tabIndex | ) | const |
Get information about relocation table
tabIndex | Index of selected relocation table (indexed from 0) |
nullptr
if index of table is invalid const std::vector< RelocationTable * > & retdec::fileformat::FileFormat::getRelocationTables | ( | ) | const |
Get all relocation tables
const ResourceTable * retdec::fileformat::FileFormat::getResourceTable | ( | ) | const |
Get information about resources
nullptr
if file has no resources const ResourceTree * retdec::fileformat::FileFormat::getResourceTree | ( | ) | const |
Get information about structure of resource tree
nullptr
if file has no resources const RichHeader * retdec::fileformat::FileFormat::getRichHeader | ( | ) | const |
Get information about rich header
nullptr
if file has no rich header const Section * retdec::fileformat::FileFormat::getSection | ( | const std::string & | secName | ) | const |
Get information about section with name secName
secName | Name of section |
nullptr
if section was not foundIf file has more sections with name equal to secName, then is returned first such section.
const Section * retdec::fileformat::FileFormat::getSection | ( | unsigned long long | secIndex | ) | const |
Get information about section with index secIndex
secIndex | Index of section (indexed from 0) |
nullptr
if section was not detected const Section * retdec::fileformat::FileFormat::getSectionFromAddress | ( | unsigned long long | address | ) | const |
Get section which is located at address address
address | Address in memory |
Pointer
to section which is located at address address or nullptr
if there is no such section const Section * retdec::fileformat::FileFormat::getSectionFromOffset | ( | unsigned long long | offset | ) | const |
Get section which is located at offset offset
offset | Offset in file |
Pointer
to section which is located at offset offset or nullptr
if there is no such section const SecSeg * retdec::fileformat::FileFormat::getSectionOrSegmentFromAddress | ( | unsigned long long | address | ) | const |
Get section (preferentially) or segment (if no section) which is located at address address
address | Address in memory |
Pointer
to section or segment which is located at address address or nullptr
if there is no such section or segment const SecSeg * retdec::fileformat::FileFormat::getSectionOrSegmentFromOffset | ( | unsigned long long | offset | ) | const |
Get section (preferentially) or segment (if no section) which is located at offset offset
offset | Offset in file |
Pointer
to section or segment which is located at offset offset or nullptr
if there is no such section or segment const std::vector< Section * > & retdec::fileformat::FileFormat::getSections | ( | ) | const |
Get all sections
const std::vector< Section * > retdec::fileformat::FileFormat::getSections | ( | std::initializer_list< std::string > | secs | ) | const |
Get selected sections
secs | Names of selected sections |
std::string retdec::fileformat::FileFormat::getSectionTableCrc32 | ( | ) | const |
Get section table CRC32
|
pure virtual |
Get size of one record in section table or zero if section table does not exist
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
std::string retdec::fileformat::FileFormat::getSectionTableMd5 | ( | ) | const |
Get section table MD5
|
pure virtual |
Get section table offset or zero if section table does not exist
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
std::string retdec::fileformat::FileFormat::getSectionTableSha256 | ( | ) | const |
Get section table SHA256
const Segment * retdec::fileformat::FileFormat::getSegment | ( | const std::string & | segName | ) | const |
Get information about segment with name segName
segName | Name of segment |
nullptr
if segment was not foundIf file has more segments with name equal to segName, then is returned first such segment.
const Segment * retdec::fileformat::FileFormat::getSegment | ( | unsigned long long | segIndex | ) | const |
Get information about segment with index segIndex
segIndex | Index of segment (indexed from 0) |
nullptr
if segment was not detected const Segment * retdec::fileformat::FileFormat::getSegmentFromAddress | ( | unsigned long long | address | ) | const |
Get segment which is located at address address
address | Address in memory |
Pointer
to segment which is located at address address or nullptr
if there is no such segment const Segment * retdec::fileformat::FileFormat::getSegmentFromOffset | ( | unsigned long long | offset | ) | const |
Get segment which is located at offset offset
offset | Offset in file |
Pointer
to segment which is located at offset offset or nullptr
if there is no such segment const std::vector< Segment * > & retdec::fileformat::FileFormat::getSegments | ( | ) | const |
Get all segments
const std::vector< Segment * > retdec::fileformat::FileFormat::getSegments | ( | std::initializer_list< std::string > | segs | ) | const |
Get selected segments
segs | Name of selected segments |
|
pure virtual |
Get size of one record in segment table or zero if segment table does not exist
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
|
pure virtual |
Get segment table offset or zero if segment table does not exist
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
std::string retdec::fileformat::FileFormat::getSha256 | ( | ) | const |
Get SHA256
bool retdec::fileformat::FileFormat::getString | ( | std::string & | result, |
unsigned long long | offset, | ||
unsigned long long | numberOfBytes | ||
) | const |
Get bytes from specified offset as plain string
result | Parameter for store the result |
offset | Start offset for read |
numberOfBytes | Number of bytes for read |
true
if all is OK) bool retdec::fileformat::FileFormat::getStringFromEnd | ( | std::string & | result, |
unsigned long long | numberOfBytes | ||
) | const |
Get bytes from end of file as plain string
result | Parameter for store the result |
numberOfBytes | Number of bytes for read |
true
if operation went OK, false
otherwiseIf length of file is smaller than numberOfBytes, as many bytes as possible are read.
const std::vector< String > & retdec::fileformat::FileFormat::getStrings | ( | ) | const |
Get all detected strings
const Symbol * retdec::fileformat::FileFormat::getSymbol | ( | const std::string & | name | ) | const |
Get symbol with name name
name | Name of symbol to get |
nullptr
if such symbol is not found const Symbol * retdec::fileformat::FileFormat::getSymbol | ( | unsigned long long | address | ) | const |
Get symbol with address address
address | Address of symbol to get |
nullptr
if such symbol is not found const SymbolTable * retdec::fileformat::FileFormat::getSymbolTable | ( | unsigned long long | tabIndex | ) | const |
Get information about symbol table
tabIndex | Index of selected symbol table (indexed from 0) |
nullptr
if index of table is invalid const std::vector< SymbolTable * > & retdec::fileformat::FileFormat::getSymbolTables | ( | ) | const |
Get all symbol tables
|
pure virtual |
Get target architecture
Architecture::UNKNOWN | Architecture is unknown |
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
const TlsInfo * retdec::fileformat::FileFormat::getTlsInfo | ( | ) | const |
Get information about TLS
nullptr
if file has no certificates const std::set< std::uint64_t > & retdec::fileformat::FileFormat::getUnknownRelocations | ( | ) | const |
const Resource * retdec::fileformat::FileFormat::getVersionResource | ( | ) | const |
Get resource that represents version information
nullptr
if such resource is not found
|
overridevirtual |
Get number of bits in one word
Supported architectures are defined as enumeration type Architecture.
Implements retdec::utils::ByteValueStorage.
bool retdec::fileformat::FileFormat::getWordOffset | ( | std::uint64_t | offset, |
std::uint64_t & | res, | ||
retdec::utils::Endianness | e = retdec::utils::Endianness::UNKNOWN |
||
) | const |
Get word located at provided offset using the specified endian or default file endian
offset | Offset to get integer from |
res | Result integer |
e | Endian - if specified it is forced, otherwise file's endian is used |
true
if all is OK, false
otherwise)
|
overridevirtual |
Get integer (x bytes) located at provided address using the specified endian or default file endian
address | Address to get integer from |
x | Number of bytes for conversion |
res | Result integer |
e | Endian - if specified it is forced, otherwise file's endian is used |
true
if all is OK, false
otherwise) Implements retdec::utils::ByteValueStorage.
bool retdec::fileformat::FileFormat::getXByteOffset | ( | std::uint64_t | offset, |
std::uint64_t | x, | ||
std::uint64_t & | res, | ||
retdec::utils::Endianness | e = retdec::utils::Endianness::UNKNOWN |
||
) | const |
Get integer (x bytes) located at provided offset using the specified endian or default file endian
offset | Offset to get integer from |
x | Number of bytes for conversion |
res | Result integer |
e | Endian - if specified it is forced, otherwise file's endian is used |
true
if all is OK, false
otherwise)
|
overridevirtual |
Get x bytes long byte array from specified address
address | Address to get array from |
x | Number of bytes for get |
res | Result array |
true
if all is OK, false
otherwise) Implements retdec::utils::ByteValueStorage.
bool retdec::fileformat::FileFormat::getXBytesOffset | ( | std::uint64_t | offset, |
std::uint64_t | x, | ||
std::vector< std::uint8_t > & | res | ||
) | const |
Get x bytes long byte array from specified offset
offset | Offset to get array from |
x | Number of bytes for get |
res | Result array |
true
if all is OK, false
otherwise) bool retdec::fileformat::FileFormat::hasCrc32 | ( | ) | const |
Check if CRC32 was computed
true
if CRC32 was computed, false
otherwise bool retdec::fileformat::FileFormat::hasMd5 | ( | ) | const |
Check if MD5 was computed
true
if MD5 was computed, false
otherwise bool retdec::fileformat::FileFormat::hasSectionTableCrc32 | ( | ) | const |
Check if CRC32 of section table was computed
true
if CRC32 of section table was computed, false
otherwise bool retdec::fileformat::FileFormat::hasSectionTableMd5 | ( | ) | const |
Check if MD5 of section table was computed
true
if MD5 of section table was computed, false
otherwise bool retdec::fileformat::FileFormat::hasSectionTableSha256 | ( | ) | const |
Check if SHA256 of section table was computed
true
if SHA256 of section table was computed, false
otherwise bool retdec::fileformat::FileFormat::hasSha256 | ( | ) | const |
Check if SHA256 was computed
true
if SHA256 was computed, false
otherwise bool retdec::fileformat::FileFormat::haveDataOnAddress | ( | unsigned long long | address | ) | const |
Test if there are some data on provided address – address belongs to some section or segment
address | Address to test |
true
if there are data for address, false
otherwise bool retdec::fileformat::FileFormat::haveDataOnOffset | ( | unsigned long long | offset | ) | const |
Test if there are some data on provided offset – offset belongs to some section or segment.
offset | Offset to test |
true
if there are data for offset, false
otherwise bool retdec::fileformat::FileFormat::haveReadOnlyDataOnAddress | ( | unsigned long long | address | ) | const |
Test if there are some read-only data on provided address – address belongs to some read-only section or segment.
address | Address to test |
True
if there are read-only data for address, false
otherwise bool retdec::fileformat::FileFormat::haveSectionOrSegmentOnAddress | ( | unsigned long long | address | ) | const |
Test if the given address in valid section or segment
address | Address to test |
true
if address is valid, false
otherwise bool retdec::fileformat::FileFormat::haveSectionOrSegmentOnOffset | ( | unsigned long long | offset | ) | const |
Test if the given offset in valid section or segment
offset | Offset to test |
true
if offset is valid, false
otherwise
|
private |
Init internal structures
void retdec::fileformat::FileFormat::initArchitecture | ( | Architecture | arch, |
retdec::utils::Endianness | endian = retdec::utils::Endianness::UNKNOWN , |
||
std::size_t | bytesPerWord = 4 , |
||
retdec::common::Address | entryPoint = retdec::common::Address::Undefined , |
||
retdec::common::Address | sectionVMA = retdec::common::Address::Undefined |
||
) |
If fileformat is Intel HEX or raw binary then it does not contain critical information like architecture, endianness or std::uint16_t size. However, fileformat users expect it to contain this information. Therefore, this method needs to be called to set these critical information.
|
privatepure virtual |
Init offsets for calculation of section table hashes
Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
|
private |
Initialize internal state of member fileStream
bool retdec::fileformat::FileFormat::isArm | ( | ) | const |
Find out if target architecture is ARM
true
if target architecture is ARM, false
otherwise bool retdec::fileformat::FileFormat::isCoff | ( | ) | const |
Find out if file format is COFF
true
if file format is COFF, false
otherwise
|
pure virtual |
true
if file id dynamic linked library, false
otherwise Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
bool retdec::fileformat::FileFormat::isElf | ( | ) | const |
Find out if file format is ELF
true
if file format is ELF, false
otherwise
|
pure virtual |
true
if input file is executable file, false
otherwise Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
bool retdec::fileformat::FileFormat::isIntelHex | ( | ) | const |
Find out if file format is Intel HEX
true
if file format is Intel HEX, false
otherwise bool retdec::fileformat::FileFormat::isInValidState | ( | ) | const |
Getter for state of instance
true
if all is OK, false
otherwise bool retdec::fileformat::FileFormat::isMacho | ( | ) | const |
Find out if file format is Macho
true
if file format is Macho, false
otherwise bool retdec::fileformat::FileFormat::isMips | ( | ) | const |
Find out if target architecture is MIPS
true
if target architecture is MIPS, false
otherwise
|
pure virtual |
true
if file is object file, false
otherwise Implemented in retdec::fileformat::RawDataFormat, retdec::fileformat::PeFormat, retdec::fileformat::MachOFormat, retdec::fileformat::IntelHexFormat, retdec::fileformat::ElfFormat, and retdec::fileformat::CoffFormat.
bool retdec::fileformat::FileFormat::isObjectStretchedOverSections | ( | std::size_t | addr, |
std::size_t | size | ||
) | const |
Find out if object is stretched over multiple sections
addr | Addres of object |
size | Object size |
true
if object is stretched over multiple sections, false
otherwise bool retdec::fileformat::FileFormat::isPe | ( | ) | const |
Find out if file format is PE
true
if file format is PE, false
otherwise bool retdec::fileformat::FileFormat::isPointer | ( | unsigned long long | address, |
std::uint64_t * | pointer = nullptr |
||
) | const |
Find out, if there is a pointer (valid address) on the provided address
address | Address to check | |
[out] | pointer | If provided (not nullptr ) it is filled with pointer's value on the provided address |
true
if pointer on address, false
otherwise bool retdec::fileformat::FileFormat::isPowerPc | ( | ) | const |
Find out if target architecture is PowerPC
true
if target architecture is PowerPC, false
otherwise bool retdec::fileformat::FileFormat::isRawData | ( | ) | const |
Find out if file format is Raw Data
true
if file format is Raw Data, false
otherwise bool retdec::fileformat::FileFormat::isSignaturePresent | ( | ) | const |
Get whether the signature is present in the file
true
if present, otherwise false
. bool retdec::fileformat::FileFormat::isSignatureVerified | ( | ) | const |
Get whether the signature is verified
true
if present, otherwise false
. bool retdec::fileformat::FileFormat::isUnknownArch | ( | ) | const |
Find out if target architecture is unknown
true
if target architecture is unknown, false
otherwise bool retdec::fileformat::FileFormat::isUnknownFormat | ( | ) | const |
Find out if file format is unknown
true
if file format is unknown, false
otherwise bool retdec::fileformat::FileFormat::isWindowsDriver | ( | ) | const |
Find out if file is Windows driver
true
if binary is PE windows driver – it imports certain libs, false
otherwise bool retdec::fileformat::FileFormat::isX86 | ( | ) | const |
Find out if target architecture is x86
true
if target architecture is x86, false
otherwise bool retdec::fileformat::FileFormat::isX86_64 | ( | ) | const |
Find out if target architecture is x86_64
true
if target architecture is x86_64, false
otherwise bool retdec::fileformat::FileFormat::isX86OrX86_64 | ( | ) | const |
Find out if target architecture is x86 or x86_64
true
if target architecture is x86 or x86_64, false
otherwise void retdec::fileformat::FileFormat::loadExpHash | ( | ) |
Loads exphash from export table.
void retdec::fileformat::FileFormat::loadImpHash | ( | ) |
Loads imphash from import table.
void retdec::fileformat::FileFormat::loadResourceIconHash | ( | ) |
Loads iconhash from resource table.
void retdec::fileformat::FileFormat::loadStrings | ( | ) |
Load strings from data sections
void retdec::fileformat::FileFormat::loadStrings | ( | StringType | type, |
std::size_t | charSize | ||
) |
Load strings of specified type and with specified character size.
type | Type of the strings. |
charSize | Character size. |
void retdec::fileformat::FileFormat::loadStrings | ( | StringType | type, |
std::size_t | charSize, | ||
const SecSeg * | secSeg | ||
) |
std::size_t retdec::fileformat::FileFormat::nibblesFromBytes | ( | std::size_t | bytes | ) | const |
Count number of nibbles from number of bytes
bytes | Number of bytes |
|
protected |
Set pointer to loaded serialized bytes of input file. In binary file formats (e.g. ELF, PE, COFF) it is not necessary to call this method. In text file formats (e.g. Intel HEX) it is necessary to call this method.
lBytes | Pointer to serialized bytes |
|
overridevirtual |
Implements retdec::utils::ByteValueStorage.
|
overridevirtual |
Implements retdec::utils::ByteValueStorage.
|
protected |
loader error (e.g. Windows loader error for PE files)
|
protected |
file format anomalies
|
private |
auxiliary input buffer
|
private |
auxiliary input file stream
|
private |
auxiliary input stream
|
protected |
content of file as bytes
|
protected |
table of certificates
|
protected |
CRC32 of file content.
|
protected |
tables with dynamic records
|
protected |
information about core file structures
|
protected |
table of exports
|
protected |
format of input file
|
protected |
name of input file
|
protected |
stream representation of input file
|
protected |
table of imports
|
private |
reference to serialized content of input file
|
private |
load flags for configurable file loading
|
protected |
MD5 of file content.
|
protected |
Address ranges which should not be decoded for instructions.
|
protected |
note sections or segemnts found in ELF file
|
protected |
information about related PDB debug file
|
protected |
relocation tables
|
protected |
table of resources
|
protected |
structure of resource tree
|
protected |
rich header
|
protected |
information for calculation of section table hash
|
protected |
CRC32 of section table.
|
protected |
MD5 of section table.
|
protected |
file sections
|
protected |
SHA256 of section table.
|
protected |
file segments
|
protected |
SHA256 of file content.
|
protected |
indicates whether the signature is present and also verified
|
protected |
internal state of instance
|
protected |
detected strings
|
protected |
symbol tables
|
protected |
thread-local information
|
protected |
unknown relocations