wip

Author: emesare

view/sharedcache/api/python/sharedcache.py

@@ -9,259 +9,75 @@
 from . import _sharedcachecore as sccore
 from .sharedcache_enums import *
 
-
-@dataclasses.dataclass
-class DSCMemoryMapping:
-	name: str
-	vmAddress: int
-	size: int
-
-	def __str__(self):
-		return repr(self)
-
-	def __repr__(self):
-		return f"<DSCMemoryMapping '{self.name}': {self.vmAddress:x}+{self.size:x}>"
-
-
-@dataclasses.dataclass
-class LoadedRegion:
-	name: str
-	headerAddress: int
-	mappings: list[DSCMemoryMapping]
-
-	def __str__(self):
-		return repr(self)
-
-	def __repr__(self):
-		return f"<LoadedRegion {self.name} @ {self.headerAddress:x}>"
-
-
-@dataclasses.dataclass
-class DSCBackingCacheMapping:
-	vmAddress: int
-	size: int
-	fileOffset: int
-
-	def __str__(self):
-		return repr(self)
-
-	def __repr__(self):
-		return f"<DSCBackingCacheMapping {self.vmAddress:x}+{self.size:x} @ {self.fileOffset:x}"
-
-
-@dataclasses.dataclass
-class DSCBackingCache:
-	path: str
-	cacheType: BackingCacheType
-	mappings: list[DSCBackingCacheMapping]
-
-	def __str__(self):
-		return repr(self)
-
-	def __repr__(self):
-		match self.cacheType:
-			case BackingCacheType.BackingCacheTypePrimary:
-				cacheTypeStr = 'Primary'
-			case BackingCacheType.BackingCacheTypeSecondary:
-				cacheTypeStr = 'Secondary'
-			case BackingCacheType.BackingCacheTypeSymbols:
-				cacheTypeStr = 'Symbols'
-		return f"<DSCBackingCache {self.path} {cacheTypeStr} | {len(self.mappings)} mappings>"
-
-
 @dataclasses.dataclass
-class DSCImageMemoryMapping:
-	filePath: str
-	name: str
-	vmAddress: int
-	size: int
-	loaded: bool
-	rawViewOffset: int
+class CacheRegion:
+    regionType: SharedCacheRegionType
+    name: str
+    start: int
+    size: int
+    imageStart: int
+    flags: binaryninja.enums.SegmentFlag
 
-	def __str__(self):
-		return repr(self)
-
-	def __repr__(self):
-		return f"<DSCImageMemoryMapping '{self.name}' {os.path.basename(self.filePath)} raw<{self.rawViewOffset:x}>: {self.vmAddress:x}+{self.size:x}>"
+    def __str__(self):
+        return repr(self)
 
+    def __repr__(self):
+        return f"<CacheRegion '{self.name}': {self.start:x}+{self.size:x}>"
 
 @dataclasses.dataclass
-class DSCImage:
-	name: str
-	headerAddress: int
-	mappings: list[DSCImageMemoryMapping]
-
-	def __str__(self):
-		return repr(self)
-
-	def __repr__(self):
-		return f"<DSCImage {self.name} @ {self.headerAddress:x}>"
-
-
-@dataclasses.dataclass
-class DSCSymbol:
-	name: str
-	image: str
-	address: int
-
-	def __str__(self):
-		return repr(self)
-
-	def __repr__(self):
-		return f"<DSCSymbol {self.name} @ {self.address:x} ({self.image}>"
-
-
-class SharedCache:
-	def __init__(self, view):
-		self.handle = sccore.BNGetSharedCache(view.handle)
-
-	def load_image_with_install_name(self, installName, skipObjC = False):
-		return sccore.BNDSCViewLoadImageWithInstallName(self.handle, installName, skipObjC)
-
-	def load_section_at_address(self, addr):
-		return sccore.BNDSCViewLoadSectionAtAddress(self.handle, addr)
-
-	def load_image_containing_address(self, addr, skipObjC = False):
-		return sccore.BNDSCViewLoadImageContainingAddress(self.handle, addr, skipObjC)
-
-	def process_objc_sections_for_image_with_install_name(self, installName):
-		return sccore.BNDSCViewProcessObjCSectionsForImageWithInstallName(self.handle, installName)
-
-	def process_all_objc_sections(self):
-		return sccore.BNDSCViewProcessAllObjCSections(self.handle)
-
-	@property
-	def caches(self):
-		count = ctypes.c_ulonglong()
-		value = sccore.BNDSCViewGetBackingCaches(self.handle, count)
-		if value is None:
-			return []
-
-		result = []
-		for i in range(count.value):
-			mappings = []
-			for j in range(value[i].mappingCount):
-				mapping = DSCBackingCacheMapping(
-					value[i].mappings[j].vmAddress,
-					value[i].mappings[j].size,
-					value[i].mappings[j].fileOffset
-				)
-				mappings.append(mapping)
-			result.append(DSCBackingCache(
-				value[i].path,
-				value[i].cacheType,
-				mappings
-			))
-
-		sccore.BNDSCViewFreeBackingCaches(value, count)
-		return result
-
-	@property
-	def images(self):
-		count = ctypes.c_ulonglong()
-		value = sccore.BNDSCViewGetAllImages(self.handle, count)
-		if value is None:
-			return []
-
-		result = []
-		for i in range(count.value):
-			mappings = []
-			for j in range(value[i].mappingCount):
-				mapping = DSCImageMemoryMapping(
-					value[i].mappings[j].filePath,
-					value[i].mappings[j].name,
-					value[i].mappings[j].vmAddress,
-					value[i].mappings[j].size,
-					value[i].mappings[j].loaded,
-					value[i].mappings[j].rawViewOffset
-				)
-				mappings.append(mapping)
-			result.append(DSCImage(
-				value[i].name,
-				value[i].headerAddress,
-				mappings
-			))
-
-		sccore.BNDSCViewFreeAllImages(value, count)
-		return result
-
-	@property
-	def loaded_regions(self):
-		"""
-		Get all loaded regions in the shared cache
-
-		The internal logic for loading images treats a region as 'loaded' whenever
-		that region has been mapped into memory, and, if it's located within an image, header information has been applied to that region.
-
-		Individual segments within an image can be loaded independently of the image itself.
-
-		Only once all regions of an image are loaded will the header processor refuse to run on that region.
-		:return:
-		"""
-		count = ctypes.c_ulonglong()
-		value = sccore.BNDSCViewGetLoadedRegions(self.handle, count)
-		if value is None:
-			return []
-
-		result = []
-		for i in range(count.value):
-			mapping = DSCMemoryMapping(
-				value[i].name,
-				value[i].vmAddress,
-				value[i].size,
-			)
-			result.append(mapping)
-		sccore.BNDSCViewFreeLoadedRegions(value, count)
-		return result
-
-	def load_all_symbols_and_wait(self):
-		count = ctypes.c_ulonglong()
-		value = sccore.BNDSCViewLoadAllSymbolsAndWait(self.handle, count)
-		if value is None:
-			return []
-		result = []
-		for i in range(count.value):
-			sym = DSCSymbol(
-				value[i].name,
-				value[i].image,
-				value[i].address
-			)
-			result.append(sym)
-
-		sccore.BNDSCViewFreeSymbols(value, count)
-		return result
-
-	@property
-	def image_names(self):
-		count = ctypes.c_ulonglong()
-		value = sccore.BNDSCViewGetInstallNames(self.handle, count)
-		if value is None:
-			return []
-
-		result = []
-		for i in range(count.value):
-			result.append(value[i].decode('utf-8'))
-
-		BNFreeStringList(value, count)
-		return result
-
-	@property
-	def state(self):
-		return DSCViewState(sccore.BNDSCViewGetState(self.handle))
-
-	def get_name_for_address(self, address):
-		name = sccore.BNDSCViewGetNameForAddress(self.handle, address)
-		if name is None:
-			return ""
-		result = name
-		return result
-
-	def get_image_name_for_address(self, address):
-		name = sccore.BNDSCViewGetImageNameForAddress(self.handle, address)
-		if name is None:
-			return ""
-		result = name
-		return result
-
-	def find_symbol_at_addr_and_apply_to_addr(self, symbolAddress, targetAddress, triggerReanalysis) -> None:
-		sccore.BNDSCFindSymbolAtAddressAndApplyToAddress(self.handle, symbolAddress, targetAddress, triggerReanalysis)
+class CacheImage:
+    name: str
+    headerAddress: int
+    regionStarts: [int]
+
+    def __str__(self):
+        return repr(self)
+
+    def __repr__(self):
+        return f"<CacheImage '{self.name}': {self.headerAddress:x}>"
+
+def region_from_api(region):
+    return CacheRegion(
+        SharedCacheRegionType(region.regionType),
+        region.name.decode('utf-8'),
+        region.start,
+        region.size,
+        region.imageStart,
+        binaryninja.enums.SegmentFlag(region.flags)
+    )
+
+def image_from_api(image):
+    return CacheImage(
+        image.name.decode('utf-8'),
+        image.headerAddress,
+        image.regionStarts
+    )
+
+class SharedCacheController:
+    def __init__(self, view):
+        self.handle = sccore.BNGetSharedCacheController(view.handle)
+
+    @property
+    def regions(self):
+        count = ctypes.c_ulonglong()
+        value = sccore.BNGetSharedCacheRegions(self.handle, count)
+        if value is None:
+            return []
+        result = []
+        for i in range(count.value):
+            result.append(region_from_api(value[i]))
+        sccore.BNSharedCacheFreeRegionList(value, count)
+        return result
+
+
+    @property
+    def images(self):
+        count = ctypes.c_ulonglong()
+        value = sccore.BNGetSharedCacheImages(self.handle, count)
+        if value is None:
+            return []
+        result = []
+        for i in range(count.value):
+            result.append(image_from_api(value[i]))
+        sccore.BNSharedCacheFreeImageList(value, count)
+        return result

view/sharedcache/api/python/sharedcache_enums.py

@@ -1,20 +1,38 @@
 import enum
 
 
-class BackingCacheType(enum.IntEnum):
-	BackingCacheTypePrimary = 0
-	BackingCacheTypeSecondary = 1
-	BackingCacheTypeSymbols = 2
+class SegmentFlag(enum.IntEnum):
+	SegmentExecutable = 1
+	SegmentWritable = 2
+	SegmentReadable = 4
+	SegmentContainsData = 8
+	SegmentContainsCode = 16
+	SegmentDenyWrite = 32
+	SegmentDenyExecute = 64
 
 
-class DSCViewLoadProgress(enum.IntEnum):
-	LoadProgressNotStarted = 0
-	LoadProgressLoadingCaches = 1
-	LoadProgressLoadingImages = 2
-	LoadProgressFinished = 3
+class SharedCacheEntryType(enum.IntEnum):
+	SharedCacheEntryTypePrimary = 0
+	SharedCacheEntryTypeSecondary = 1
+	SharedCacheEntryTypeSymbols = 2
+	SharedCacheEntryTypeDyldData = 3
+	SharedCacheEntryTypeStub = 4
 
 
-class DSCViewState(enum.IntEnum):
-	Unloaded = 0
-	Loaded = 1
-	LoadedWithImages = 2
+class SharedCacheRegionType(enum.IntEnum):
+	SharedCacheRegionTypeImage = 0
+	SharedCacheRegionTypeStubIsland = 1
+	SharedCacheRegionTypeDyldData = 2
+	SharedCacheRegionTypeNonImage = 3
+
+
+class SymbolType(enum.IntEnum):
+	FunctionSymbol = 0
+	ImportAddressSymbol = 1
+	ImportedFunctionSymbol = 2
+	DataSymbol = 3
+	ImportedDataSymbol = 4
+	ExternalSymbol = 5
+	LibraryFunctionSymbol = 6
+	SymbolicFunctionSymbol = 7
+	LocalLabelSymbol = 8