5 * This work is licensed under the terms of 3-clause BSD license.
6 * See COPYING file in the top-level directory.
12 #include <linux/coff.h>
16 #include "my_assert.h"
18 /* http://www.delorie.com/djgpp/doc/coff/ */
21 unsigned short f_magic; /* magic number */
22 unsigned short f_nscns; /* number of sections */
23 unsigned int f_timdat; /* time & date stamp */
24 unsigned int f_symptr; /* file pointer to symtab */
25 unsigned int f_nsyms; /* number of symtab entries */
26 unsigned short f_opthdr; /* sizeof(optional hdr) */
27 unsigned short f_flags; /* flags */
31 unsigned short magic; /* type of file */
32 unsigned short vstamp; /* version stamp */
33 unsigned int tsize; /* text size in bytes, padded to FW bdry*/
34 unsigned int dsize; /* initialized data " " */
35 unsigned int bsize; /* uninitialized data " " */
36 unsigned int entry; /* entry pt. */
37 unsigned int text_start; /* base of text used for this file */
38 unsigned int data_start; /* base of data used for this file */
42 char s_name[8]; /* section name */
43 unsigned int s_paddr; /* physical address, aliased s_nlib */
44 unsigned int s_vaddr; /* virtual address */
45 unsigned int s_size; /* section size */
46 unsigned int s_scnptr; /* file ptr to raw data for section */
47 unsigned int s_relptr; /* file ptr to relocation */
48 unsigned int s_lnnoptr; /* file ptr to line numbers */
49 unsigned short s_nreloc; /* number of relocation entries */
50 unsigned short s_nlnno; /* number of line number entries */
51 unsigned int s_flags; /* flags */
55 unsigned int r_vaddr; /* address of relocation */
56 unsigned int r_symndx; /* symbol we're adjusting for */
57 unsigned short r_type; /* type of relocation */
58 } __attribute__((packed)) RELOC;
62 char e_name[E_SYMNMLEN];
64 unsigned int e_zeroes;
65 unsigned int e_offset;
70 unsigned short e_type;
71 unsigned char e_sclass;
72 unsigned char e_numaux;
73 } __attribute__((packed)) SYMENT;
79 //unsigned int fpos; // for patching
80 unsigned int is_text:1;
94 static int symt_cmp(const void *p1_, const void *p2_)
96 const struct my_symtab *p1 = p1_, *p2 = p2_;
97 return p1->addr - p2->addr;
100 void parse_headers(FILE *f, unsigned int *base_out,
101 struct my_sect_info *sect_i,
102 struct my_symtab **symtab_out, long *sym_cnt,
103 struct my_symtab **raw_symtab_out, long *raw_sym_cnt)
105 struct my_symtab *symt_txt = NULL;
106 struct my_symtab *symt_all = NULL;
107 char *stringtab = NULL;
108 unsigned int base = 0;
121 ret = fseek(f, 0, SEEK_END);
126 ret = fseek(f, 0, SEEK_SET);
129 ret = fread(&hdr, 1, sizeof(hdr), f);
130 my_assert(ret, sizeof(hdr));
132 if (hdr.f_magic == 0x5a4d) // MZ
134 ret = fseek(f, 0x3c, SEEK_SET);
136 ret = fread(&val, 1, sizeof(val), f);
137 my_assert(ret, sizeof(val));
139 ret = fseek(f, val, SEEK_SET);
141 ret = fread(&val, 1, sizeof(val), f);
142 my_assert(ret, sizeof(val));
143 my_assert(val, 0x4550); // PE
145 // should be COFF now
146 ret = fread(&hdr, 1, sizeof(hdr), f);
147 my_assert(ret, sizeof(hdr));
150 my_assert(hdr.f_magic, COFF_I386MAGIC);
152 if (hdr.f_opthdr != 0)
154 opthdr_pos = ftell(f);
156 if (hdr.f_opthdr < sizeof(opthdr))
159 ret = fread(&opthdr, 1, sizeof(opthdr), f);
160 my_assert(ret, sizeof(opthdr));
161 my_assert(opthdr.magic, COFF_ZMAGIC);
163 //printf("text_start: %x\n", opthdr.text_start);
165 if (hdr.f_opthdr > sizeof(opthdr)) {
166 ret = fread(&base, 1, sizeof(base), f);
167 my_assert(ret, sizeof(base));
168 //printf("base: %x\n", base);
170 ret = fseek(f, opthdr_pos + hdr.f_opthdr, SEEK_SET);
174 // note: assuming first non-empty one is .text ..
175 for (s = 0; s < hdr.f_nscns; s++) {
176 sect_i->scnhdr_fofs = ftell(f);
178 ret = fread(&scnhdr, 1, sizeof(scnhdr), f);
179 my_assert(ret, sizeof(scnhdr));
181 if (scnhdr.s_size != 0) {
186 my_assert(s < hdr.f_nscns, 1);
189 printf("f_nsyms: %x\n", hdr.f_nsyms);
190 printf("s_name: '%s'\n", scnhdr.s_name);
191 printf("s_vaddr: %x\n", scnhdr.s_vaddr);
192 printf("s_size: %x\n", scnhdr.s_size);
193 //printf("s_scnptr: %x\n", scnhdr.s_scnptr);
194 printf("s_nreloc: %x\n", scnhdr.s_nreloc);
198 ret = fseek(f, scnhdr.s_scnptr, SEEK_SET);
201 sect_i->data = malloc(scnhdr.s_size);
202 my_assert_not(sect_i->data, NULL);
203 ret = fread(sect_i->data, 1, scnhdr.s_size, f);
204 my_assert(ret, scnhdr.s_size);
206 sect_i->sect_fofs = scnhdr.s_scnptr;
207 sect_i->size = scnhdr.s_size;
210 ret = fseek(f, scnhdr.s_relptr, SEEK_SET);
213 reloc_size = scnhdr.s_nreloc * sizeof(sect_i->relocs[0]);
214 sect_i->relocs = malloc(reloc_size + 1);
215 my_assert_not(sect_i->relocs, NULL);
216 ret = fread(sect_i->relocs, 1, reloc_size, f);
217 my_assert(ret, reloc_size);
219 sect_i->reloc_cnt = scnhdr.s_nreloc;
220 sect_i->reloc_fofs = scnhdr.s_relptr;
222 if (base != 0 && base_out != NULL)
223 *base_out = base + scnhdr.s_vaddr;
225 if (symtab_out == NULL || sym_cnt == NULL)
229 if (hdr.f_nsyms != 0) {
232 symt_txt = malloc(hdr.f_nsyms * sizeof(symt_txt[0]) + 1);
233 my_assert_not(symt_txt, NULL);
234 symt_all = malloc(hdr.f_nsyms * sizeof(symt_all[0]) + 1);
235 my_assert_not(symt_all, NULL);
237 ret = fseek(f, hdr.f_symptr
238 + hdr.f_nsyms * sizeof(syment), SEEK_SET);
240 ret = fread(&i, 1, sizeof(i), f);
241 my_assert(ret, sizeof(i));
242 my_assert((unsigned int)i < filesize, 1);
244 stringtab = malloc(i);
245 my_assert_not(stringtab, NULL);
246 memset(stringtab, 0, 4);
247 ret = fread(stringtab + 4, 1, i - 4, f);
248 my_assert(ret, i - 4);
250 ret = fseek(f, hdr.f_symptr, SEEK_SET);
254 for (i = s = 0; i < hdr.f_nsyms; i++) {
255 //long pos = ftell(f);
257 ret = fread(&syment, 1, sizeof(syment), f);
258 my_assert(ret, sizeof(syment));
260 strncpy(symname, syment.e.e_name, 8);
261 //printf("%3d %2d %08x '%s'\n", syment.e_sclass,
262 // syment.e_scnum, syment.e_value, symname);
264 symt_all[i].addr = syment.e_value;
265 //symt_all[i].fpos = pos;
266 if (syment.e.e.e_zeroes == 0)
267 symt_all[i].name = stringtab + syment.e.e.e_offset;
269 symt_all[i].name = strdup(symname);
271 symt_all[i].is_text = (syment.e_scnum == text_scnum);
272 if (symt_all[i].is_text && syment.e_sclass == C_EXT) {
273 symt_txt[s] = symt_all[i];
277 if (syment.e_numaux) {
278 ret = fseek(f, syment.e_numaux * sizeof(syment),
281 i += syment.e_numaux;
285 if (symt_txt != NULL)
286 qsort(symt_txt, s, sizeof(symt_txt[0]), symt_cmp);
289 *symtab_out = symt_txt;
291 *raw_symtab_out = symt_all;
294 static int try_align(uint8_t *d_obj, uint8_t *d_exe, int maxlen)
296 static const uint8_t aligns[8][7] = {
299 { 0x8b, 0xff }, // mov edi, edi
300 { 0x8d, 0x49, 0x00 }, // lea ecx, [ecx]
301 { 0x8d, 0x64, 0x24, 0x00 }, // lea
302 { 0x05, 0x00, 0x00, 0x00, 0x00 }, // add eax, 0
303 { 0x8d, 0x9b, 0x00, 0x00, 0x00, 0x00 },
304 { 0x8d, 0xa4, 0x24, 0x00, 0x00, 0x00, 0x00 },
310 // check exe for common pad/align patterns
311 for (i = 0; i < maxlen; i++)
312 if (d_exe[i] != 0xcc)
316 for (j = 1; j < 8; j++) {
317 if (maxlen - i < j) {
321 if (memcmp(&d_exe[i], aligns[j], j) == 0) {
331 for (j = 0, len = i; len > 0; )
337 if (memcmp(d_obj, aligns[i], i) != 0)
340 memcpy(d_obj, d_exe, i);
351 struct equiv_opcode {
354 unsigned short cmp_rm:1;
355 unsigned short simple:1;
357 uint8_t v_masm_mask[8];
359 uint8_t v_msvc_mask[8];
363 { 0x66,0x83,0xf8,0x03 }, { 0xff,0xff,0xff,0x00 },
364 { 0x66,0x3d,0x03,0x00 }, { 0xff,0xff,0x00,0xff }, },
365 // lea -0x1(%ebx,%eax,1),%esi // op mod/rm sib offs
366 // mov, test, imm grp 1
368 { 0x8d,0x74,0x03 }, { 0xf0,0x07,0xc0 },
369 { 0x8d,0x74,0x18 }, { 0xf0,0x07,0xc0 }, },
370 // movzbl 0x58f24a(%eax,%ecx,1),%eax
372 { 0x0f,0xb6,0x84,0x08 }, { 0xff,0xff,0x07,0xc0 },
373 { 0x0f,0xb6,0x84,0x01 }, { 0xff,0xff,0x07,0xc0 }, },
376 { 0xfe,0x4c,0x03 }, { 0xfe,0xff,0xc0 },
377 { 0xfe,0x4c,0x18 }, { 0xfe,0xff,0xc0 }, },
380 { 0x38,0x0c,0x0c }, { 0xff,0xff,0xc0 },
381 { 0x38,0x0c,0x30 }, { 0xff,0xff,0xc0 }, },
384 { 0x84,0xd3 }, { 0xfe,0xc0 },
385 { 0x84,0xda }, { 0xfe,0xc0 }, },
388 { 0x3a,0xca }, { 0xff,0xc0 },
389 { 0x38,0xd1 }, { 0xff,0xc0 }, },
392 { 0xf3,0x66 }, { 0xfe,0xff },
393 { 0x66,0xf3 }, { 0xff,0xfe }, },
394 // fadd st, st(0) vs st(0), st
396 { 0xd8,0xc0 }, { 0xff,0xf7 },
397 { 0xdc,0xc0 }, { 0xff,0xf7 }, },
400 { 0x00,0x04,0x24,0x90 }, { 0x00,0xc7,0xff,0xff },
401 { 0x00,0x44,0x24,0x00 }, { 0x00,0xc7,0xff,0xff }, },
403 { 0x00,0x04,0x24,0x00,0x90 }, { 0x00,0xc7,0xff,0x00,0xff },
404 { 0x00,0x44,0x24,0x00,0x00 }, { 0x00,0xc7,0xff,0xff,0x00 }, },
406 { 0x00,0x04,0x24,0x00,0x00,0x00,0x00,0x90 }, { 0x00,0xc7,0xff,0x00,0x00,0x00,0x00,0xff },
407 { 0x00,0x44,0x24,0x00,0x00,0x00,0x00,0x00 }, { 0x00,0xc7,0xff,0xff,0x00,0x00,0x00,0x00 }, },
409 // various align insns/fillups
411 { 0x8b,0xff }, { 0xff,0xff },
412 { 0x8b,0xc0 }, { 0xff,0xff }, },
414 { 0x00,0x00 }, { 0x00,0x00 },
415 { 0x8b,0xc0 }, { 0xff,0xff }, },
417 { 0x00,0x00,0x00 }, { 0x50,0x00,0x00 },
418 { 0x2e,0x8b,0xc0 }, { 0xff,0xff,0xff }, },
420 // broad filters (may take too much..)
421 // testb $0x4,0x1d(%esi,%eax,1)
424 { 0xf6,0x44,0x06 }, { 0x00,0x07,0xc0 },
425 { 0xf6,0x44,0x30 }, { 0x00,0x07,0xc0 }, },
428 static int cmp_mask(uint8_t *d, uint8_t *expect, uint8_t *mask, int len)
432 for (i = 0; i < len; i++)
433 if ((d[i] & mask[i]) != (expect[i] & mask[i]))
439 static int check_equiv(uint8_t *d_obj, uint8_t *d_exe, int maxlen)
441 uint8_t vo, ve, vo2, ve2;
445 for (i = 0; i < sizeof(equiv_ops) / sizeof(equiv_ops[0]); i++)
447 struct equiv_opcode *op = &equiv_ops[i];
454 if (cmp_mask(d_obj + ofs, op->v_masm,
455 op->v_masm_mask, len))
457 if (cmp_mask(d_exe + ofs, op->v_msvc,
458 op->v_msvc_mask, len))
469 for (; jo < len; jo++)
470 if (op->v_masm_mask[jo] != 0xff)
472 for (; je < len; je++)
473 if (op->v_msvc_mask[je] != 0xff)
476 if ((jo == len && je != len) || (jo != len && je == len)) {
477 printf("invalid equiv_op #%td\n", op - equiv_ops);
481 return len + ofs; // matched
484 vo = d_obj[jo] & ~op->v_masm_mask[jo];
485 ve = d_exe[je] & ~op->v_msvc_mask[je];
486 if (op->cmp_rm && op->v_masm_mask[jo] == 0xc0) {
491 if (vo != ve || vo2 != ve2)
507 static void fill_int3(unsigned char *d, int len)
510 if (d[0] == 0xcc && d[1] == 0xcc)
516 int main(int argc, char *argv[])
518 unsigned int base = 0, addr, end, sym, *t;
519 struct my_sect_info s_text_obj, s_text_exe;
520 struct my_symtab *raw_syms_obj = NULL;
521 struct my_symtab *syms_obj = NULL;
522 long sym_cnt_obj, raw_sym_cnt_obj;
534 for (arg = 1; arg < argc; arg++) {
535 if (!strcmp(argv[arg], "-n"))
541 if (argc != arg + 2) {
542 printf("usage:\n%s [-n] <a_obj> <exe>\n", argv[0]);
546 f_obj = fopen(argv[arg++], "r+b");
548 fprintf(stderr, "%s: ", argv[1]);
553 f_exe = fopen(argv[arg++], "r");
555 fprintf(stderr, "%s: ", argv[2]);
560 parse_headers(f_obj, NULL, &s_text_obj, &syms_obj, &sym_cnt_obj,
561 &raw_syms_obj, &raw_sym_cnt_obj);
562 parse_headers(f_exe, &base, &s_text_exe, NULL, NULL, NULL, NULL);
564 sztext_cmn = s_text_obj.size;
565 if (sztext_cmn > s_text_exe.size)
566 sztext_cmn = s_text_exe.size;
568 if (sztext_cmn == 0) {
569 printf("bad .text size(s): %ld, %ld\n",
570 s_text_obj.size, s_text_exe.size);
574 for (i = 0; i < s_text_obj.reloc_cnt; i++)
576 unsigned int a = s_text_obj.relocs[i].r_vaddr;
577 //printf("%04x %08x\n", s_text_obj.relocs[i].r_type, a);
579 switch (s_text_obj.relocs[i].r_type) {
580 case 0x06: // RELOC_ADDR32
581 case 0x14: // RELOC_REL32
582 // must preserve stored val,
583 // so trash exe so that cmp passes
584 memcpy(s_text_exe.data + a, s_text_obj.data + a, 4);
587 printf("unknown reloc %x @%08x/%08x\n",
588 s_text_obj.relocs[i].r_type, a, base + a);
594 for (i = 0; i < sztext_cmn; i++)
596 if (s_text_obj.data[i] == s_text_exe.data[i]) {
601 left = sztext_cmn - i;
603 ret = try_align(s_text_obj.data + i, s_text_exe.data + i, left);
609 ret = check_equiv(s_text_obj.data + i, s_text_exe.data + i, left);
615 printf("%x: %02x vs %02x\n", base + i,
616 s_text_obj.data[i], s_text_exe.data[i]);
623 // fill removed funcs with 'int3'
624 for (i = 0; i < sym_cnt_obj; i++) {
625 if (strncmp(syms_obj[i].name, "rm_", 3))
628 addr = syms_obj[i].addr;
629 end = (i < sym_cnt_obj - 1)
630 ? syms_obj[i + 1].addr : s_text_obj.size;
631 if (addr >= s_text_obj.size || end > s_text_obj.size) {
632 printf("addr OOR: %x-%x '%s'\n", addr, end,
636 fill_int3(s_text_obj.data + addr, end - addr);
640 for (i = 0; i < s_text_obj.reloc_cnt; i++) {
641 addr = s_text_obj.relocs[i].r_vaddr;
642 sym = s_text_obj.relocs[i].r_symndx;
643 if (addr > s_text_obj.size - 4) {
644 printf("reloc addr OOR: %x\n", addr);
647 if (sym >= raw_sym_cnt_obj) {
648 printf("reloc sym OOR: %d/%ld\n",
649 sym, raw_sym_cnt_obj);
653 printf("r %08x -> %08x %s\n", base + addr,
654 raw_syms_obj[sym].addr,
655 raw_syms_obj[sym].name);
657 t = (unsigned int *)(s_text_obj.data + addr);
658 if (t[0] == 0xcccccccc
659 || t[-1] == 0xcccccccc) { // jumptab of a func?
661 memmove(&s_text_obj.relocs[i],
662 &s_text_obj.relocs[i + 1],
663 (s_text_obj.reloc_cnt - i - 1)
664 * sizeof(s_text_obj.relocs[0]));
666 s_text_obj.reloc_cnt--;
669 // note: branches/calls already linked,
670 // so only useful for dd refs
671 // XXX: rm'd because of switch tables
672 else if (raw_syms_obj[sym].is_text) {
673 unsigned int addr2 = raw_syms_obj[sym].addr;
674 if (s_text_obj.data[addr2] == 0xcc) {
675 printf("warning: reloc %08x -> %08x "
676 "points to rm'd target '%s'\n",
677 base + addr, base + addr2,
678 raw_syms_obj[sym].name);
685 ret = fseek(f_obj, s_text_obj.sect_fofs, SEEK_SET);
687 ret = fwrite(s_text_obj.data, 1, s_text_obj.size, f_obj);
688 my_assert(ret, s_text_obj.size);
691 ret = fseek(f_obj, s_text_obj.reloc_fofs, SEEK_SET);
693 ret = fwrite(s_text_obj.relocs, sizeof(s_text_obj.relocs[0]),
694 s_text_obj.reloc_cnt, f_obj);
695 my_assert(ret, s_text_obj.reloc_cnt);
697 ret = fseek(f_obj, s_text_obj.scnhdr_fofs, SEEK_SET);
699 ret = fread(&tmphdr, 1, sizeof(tmphdr), f_obj);
700 my_assert(ret, sizeof(tmphdr));
702 tmphdr.s_nreloc = s_text_obj.reloc_cnt;
704 ret = fseek(f_obj, s_text_obj.scnhdr_fofs, SEEK_SET);
706 ret = fwrite(&tmphdr, 1, sizeof(tmphdr), f_obj);
707 my_assert(ret, sizeof(tmphdr));
notaz.gp2x.de / ia32rtools.git / blob