wip

Author: emesare

view/sharedcache/api/python/sharedcache.py

@@ -59,14 +59,14 @@ def __str__(self):
 		return repr(self)
 
 	def __repr__(self):
-		cache_type_str = 'Unknown'
-		if self.cacheType == BackingCacheType.BackingCacheTypePrimary:
-			cache_type_str = 'Primary'
-		elif self.cacheType == BackingCacheType.BackingCacheTypeSecondary:
-			cache_type_str = 'Secondary'
-		elif self.cacheType == BackingCacheType.BackingCacheTypeSymbols:
-			cache_type_str = 'Symbols'
-		return f"<DSCBackingCache {self.path} {cache_type_str} | {len(self.mappings)} mappings>"
+		match self.cacheType:
+			case BackingCacheType.BackingCacheTypePrimary:
+				cacheTypeStr = 'Primary'
+			case BackingCacheType.BackingCacheTypeSecondary:
+				cacheTypeStr = 'Secondary'
+			case BackingCacheType.BackingCacheTypeSymbols:
+				cacheTypeStr = 'Symbols'
+		return f"<DSCBackingCache {self.path} {cacheTypeStr} | {len(self.mappings)} mappings>"
 
 
 @dataclasses.dataclass
@@ -112,75 +112,26 @@ def __repr__(self):
 
 
 class SharedCache:
-	"""
-	SharedCache is the primary class for interacting with the shared cache processor and DSCView metadata.
-
-	You can create a SharedCache object from a BinaryView object by calling `SharedCache(bv)`, where `bv` is the BinaryView.
-
-	By default `bv` in the console will return the instance of the BinaryView that is currently open, \
-		so in the UI, you can use `dsc = SharedCache(bv)` to create a SharedCache object in the scripting console.
-
-	Methods and attributes in this class have documentation which can be viewed by typing `SharedCache.method_or_attribute_name?` in the console.
-	"""
 	def __init__(self, view):
 		self.handle = sccore.BNGetSharedCache(view.handle)
 
-	def load_image_with_install_name(self, install_name, skip_loading_objective_c = False) -> bool:
-		"""
-		Locate an image with the provided install name and load it into the shared cache view
-
-		:param install_name: Install name of the image
-		:param skip_loading_objective_c: Whether to skip process Objective-C information for this image. Default false.
-		:return:
-		"""
-		return sccore.BNDSCViewLoadImageWithInstallName(self.handle, install_name, skip_loading_objective_c)
-
-	def load_section_at_address(self, addr) -> bool:
-		"""
-		Load a singular section at the provided address into the shared cache view.
-
-		This will partial-load the image, only mapping the requested segment containing this section.
+	def load_image_with_install_name(self, installName, skipObjC = False):
+		return sccore.BNDSCViewLoadImageWithInstallName(self.handle, installName, skipObjC)
 
-		Image info will still be processed, but will only be applied to mapped regions.
-
-		:param addr: Address within the section
-		:return:
-		"""
+	def load_section_at_address(self, addr):
 		return sccore.BNDSCViewLoadSectionAtAddress(self.handle, addr)
 
-	def load_image_containing_address(self, addr, skip_loading_objective_c = False) -> bool:
-		"""
-		Load the image containing the provided address into the shared cache view.
-
-		:param addr: Address within the image to load
-		:param skip_loading_objective_c: Whether to skip processing Objective-C information for this image. Default false.
-		:return:
-		"""
-		return sccore.BNDSCViewLoadImageContainingAddress(self.handle, addr, skip_loading_objective_c)
-
-	def process_objc_sections_for_image_with_install_name(self, install_name) -> bool:
-		"""
-		Process Objective-C information for the image with the provided install name.
-
-		:param install_name: Install name of the image
-		:return:
-		"""
-		return sccore.BNDSCViewProcessObjCSectionsForImageWithInstallName(self.handle, install_name, False)
+	def load_image_containing_address(self, addr, skipObjC = False):
+		return sccore.BNDSCViewLoadImageContainingAddress(self.handle, addr, skipObjC)
 
-	def process_all_objc_sections(self) -> bool:
-		"""
-		Process Objective-C information for all images in the shared cache view.
+	def process_objc_sections_for_image_with_install_name(self, installName):
+		return sccore.BNDSCViewProcessObjCSectionsForImageWithInstallName(self.handle, installName)
 
-		:return:
-		"""
+	def process_all_objc_sections(self):
 		return sccore.BNDSCViewProcessAllObjCSections(self.handle)
 
 	@property
-	def caches(self) -> list[DSCBackingCache]:
-		"""
-		Get all backing caches in the shared cache.
-		:return:
-		"""
+	def caches(self):
 		count = ctypes.c_ulonglong()
 		value = sccore.BNDSCViewGetBackingCaches(self.handle, count)
 		if value is None:
@@ -206,11 +157,7 @@ def caches(self) -> list[DSCBackingCache]:
 		return result
 
 	@property
-	def images(self) -> list[DSCImage]:
-		"""
-		Get all images in the shared cache
-		:return:
-		"""
+	def images(self):
 		count = ctypes.c_ulonglong()
 		value = sccore.BNDSCViewGetAllImages(self.handle, count)
 		if value is None:
@@ -239,7 +186,7 @@ def images(self) -> list[DSCImage]:
 		return result
 
 	@property
-	def loaded_regions(self) -> list[LoadedRegion]:
+	def loaded_regions(self):
 		"""
 		Get all loaded regions in the shared cache
 
@@ -267,23 +214,7 @@ def loaded_regions(self) -> list[LoadedRegion]:
 		sccore.BNDSCViewFreeLoadedRegions(value, count)
 		return result
 
-	def load_all_symbols_and_wait(self) -> list[DSCSymbol]:
-		"""
-		Load all symbols in the shared cache. This will block on the current thread waiting for processing to finish.
-
-		While all functions in this API are synchronous, this function can be particularly slow due to the large number
-			of symbols in the shared cache. "and_wait" is appended to the function name to indicate that this function
-			will block until processing is complete, and for performant applications, you should consider calling this
-			function in a separate thread and waiting on its return. An example of this is provided in the shared cache
-			triage view.
-
-		This may take several seconds if this is the first time this function is called. Subsequent calls will be faster.
-
-		In UI-based API usage, it is likely that the triage view will have already performed this operation, and calls
-			to this function will be much faster.
-
-		:return: A list of all symbols in the shared cache
-		"""
+	def load_all_symbols_and_wait(self):
 		count = ctypes.c_ulonglong()
 		value = sccore.BNDSCViewLoadAllSymbolsAndWait(self.handle, count)
 		if value is None:
@@ -301,11 +232,7 @@ def load_all_symbols_and_wait(self) -> list[DSCSymbol]:
 		return result
 
 	@property
-	def image_names(self) -> list[str]:
-		"""
-		Get all image names in the shared cache
-		:return:
-		"""
+	def image_names(self):
 		count = ctypes.c_ulonglong()
 		value = sccore.BNDSCViewGetInstallNames(self.handle, count)
 		if value is None:
@@ -319,71 +246,22 @@ def image_names(self) -> list[str]:
 		return result
 
 	@property
-	def state(self) -> DSCViewState:
-		"""
-		Get the current image state of the shared cache view. Useful for checking if images have been loaded yet or not.
-		:return:
-		"""
+	def state(self):
 		return DSCViewState(sccore.BNDSCViewGetState(self.handle))
 
-	def get_name_for_address(self, address) -> str:
-		"""
-		Get the "name" for the provided address. Specifically, the name of the memory region this address lies in.
-
-		If this lies within an image segment, this will be in the format image_name + "::" + segment_name.
-
-		It may also be the name of a branch pool or other non-image region.
-
-		This is the API call utilized on the first dynamic entry in the right-click context menu.
-
-		:param address: address to check
-		:return:
-		"""
+	def get_name_for_address(self, address):
 		name = sccore.BNDSCViewGetNameForAddress(self.handle, address)
 		if name is None:
 			return ""
 		result = name
 		return result
 
-	def get_image_name_for_address(self, address) -> str:
-		"""
-		Return the install name for the image containing the provided address.
-
-		If the address is not within an image, this will return an empty string.
-
-		This is the API call used in the second dynamic entry in the right-click context menu.
-
-		:param address: address to check
-		:return:
-		"""
+	def get_image_name_for_address(self, address):
 		name = sccore.BNDSCViewGetImageNameForAddress(self.handle, address)
 		if name is None:
 			return ""
 		result = name
 		return result
 
-	def find_symbol_at_addr_and_apply_to_addr(self, symbol_address, target_address, trigger_reanalysis) -> None:
-		"""
-		This is primarily a function utilized for automated backwards symbol propagation for stubs in the workflow, however
-			it is passed through here as well in the event you need to use it to do something similar, or want to create
-			your own version of the workflow.
-
-		This is currently a blocking function.
-
-		This will check the cache for a symbol located at symbol_address, and apply it to target_address, appending a
-			`j_` to the front of the symbol name copy at `target_address`.
-
-		It will additionally backwards-propagate type information that was specifically applied via TypeLibrary to the stub.
-
-		This includes calling conventions and can be seen in stubs pointing to objc_release_x[register] functions.
-
-		This check will not run if:
-		- The symbol address and target address are the same
-		- The target address has already been given a name by this function
-
-		:param symbol_address: Symbol address to check
-		:param target_address: Target address to apply symbol name and type to
-		:param trigger_reanalysis: Whether to reanalyze the function at target_address if the function already existed.
-		:return: None
-		"""
-		sccore.BNDSCFindSymbolAtAddressAndApplyToAddress(self.handle, symbol_address, target_address, trigger_reanalysis)
+	def find_symbol_at_addr_and_apply_to_addr(self, symbolAddress, targetAddress, triggerReanalysis) -> None:
+		sccore.BNDSCFindSymbolAtAddressAndApplyToAddress(self.handle, symbolAddress, targetAddress, triggerReanalysis)

view/sharedcache/api/sharedcache.cpp

@@ -55,10 +55,9 @@ std::vector<std::string> SharedCache::GetAvailableImages()
 	return result;
 }
 
-void SharedCache::ProcessObjCSectionsForImageWithInstallName(std::string installName)
+void SharedCache::ProcessObjCSectionsForImageWithInstallName(const std::string& installName)
 {
-	char* str = BNAllocString(installName.c_str());
-	BNDSCViewProcessObjCSectionsForImageWithInstallName(m_object, str, true);
+	BNDSCViewProcessObjCSectionsForImageWithInstallName(m_object, installName.c_str());
 }
 
 void SharedCache::ProcessAllObjCSections()

view/sharedcache/api/sharedcacheapi.h

@@ -147,7 +147,7 @@ namespace SharedCacheAPI {
 		bool LoadImageContainingAddress(uint64_t addr, bool skipObjC = false);
 		std::vector<std::string> GetAvailableImages();
 
-		void ProcessObjCSectionsForImageWithInstallName(std::string installName);
+		void ProcessObjCSectionsForImageWithInstallName(const std::string& installName);
 		void ProcessAllObjCSections();
 
 		std::vector<DSCSymbol> LoadAllSymbolsAndWait();

view/sharedcache/api/sharedcachecore.h

@@ -127,11 +127,11 @@ extern "C"
 
 	SHAREDCACHE_FFI_API char** BNDSCViewGetInstallNames(BNSharedCache* cache, size_t* count);
 
-	SHAREDCACHE_FFI_API bool BNDSCViewLoadImageWithInstallName(BNSharedCache* cache, char* name, bool skipObjC);
+	SHAREDCACHE_FFI_API bool BNDSCViewLoadImageWithInstallName(BNSharedCache* cache, const char* name, bool skipObjC);
 	SHAREDCACHE_FFI_API bool BNDSCViewLoadSectionAtAddress(BNSharedCache* cache, uint64_t name);
 	SHAREDCACHE_FFI_API bool BNDSCViewLoadImageContainingAddress(BNSharedCache* cache, uint64_t address, bool skipObjC);
 
-	SHAREDCACHE_FFI_API void BNDSCViewProcessObjCSectionsForImageWithInstallName(BNSharedCache* cache, char* name, bool deallocName);
+	SHAREDCACHE_FFI_API void BNDSCViewProcessObjCSectionsForImageWithInstallName(BNSharedCache* cache, const char* name);
 	SHAREDCACHE_FFI_API void BNDSCViewProcessAllObjCSections(BNSharedCache* cache);
 
 	SHAREDCACHE_FFI_API char* BNDSCViewGetNameForAddress(BNSharedCache* cache, uint64_t address);
@@ -156,7 +156,7 @@ extern "C"
 	SHAREDCACHE_FFI_API void BNDSCFindSymbolAtAddressAndApplyToAddress(BNSharedCache* cache, uint64_t symbolLocation, uint64_t targetLocation, bool triggerReanalysis);
 
 	SHAREDCACHE_FFI_API char* BNDSCViewGetImageHeaderForAddress(BNSharedCache* cache, uint64_t address);
-	SHAREDCACHE_FFI_API char* BNDSCViewGetImageHeaderForName(BNSharedCache* cache, char* name);
+	SHAREDCACHE_FFI_API char* BNDSCViewGetImageHeaderForName(BNSharedCache* cache, const char* name);
 
 	SHAREDCACHE_FFI_API BNDSCMemoryUsageInfo BNDSCViewGetMemoryUsageInfo();
 

view/sharedcache/core/CMakeLists.txt

@@ -9,7 +9,7 @@ if((NOT BN_API_PATH) AND (NOT BN_INTERNAL_BUILD))
     endif()
 endif()
 
-file(GLOB SOURCES *.cpp *.h ../../../objectivec/*)
+file(GLOB_RECURSE SOURCES *.cpp *.h ../../../objectivec/*)
 
 add_library(sharedcachecore OBJECT ${SOURCES})
 

view/sharedcache/core/DSCView.cpp

@@ -13,6 +13,9 @@
  * */
 
 #include "DSCView.h"
+
+#include "FileAccessorCache.h"
+#include "MappedFileAccessor.h"
 #include "view/macho/machoview.h"
 #include "SharedCache.h"
 
@@ -196,7 +199,7 @@ bool DSCView::Init()
 	auto metadataVersion = SharedCacheCore::SharedCacheMetadata::ViewMetadataVersion(GetParentView());
 	if (metadataVersion.has_value() && metadataVersion.value() != METADATA_VERSION)
 	{
-		// TODO: This is fucked up lmaooooo
+		// TODO: dont worry this will go away with the refactor, eta this week idk.
 		ShowMessageBox("Invalid Shared Cache Metadata!", "The BNDB shared cache metadata was created with a different version of the Shared Cache view, to continue the metadata has to be recreated. You will need to add your images back again.");
 	}
 
@@ -650,8 +653,11 @@ DSCViewType::DSCViewType() : BinaryViewType(VIEW_NAME, VIEW_NAME)
 
 void DSCViewType::Register()
 {
-	MMappedFileAccessor::InitialVMSetup();
-	std::atexit(VMShutdown);
+	auto fdLimit = AdjustFileDescriptorLimit();
+	BinaryNinja::LogDebug("Shared Cache processing initialized with a max file descriptor limit of %lld", fdLimit);
+
+	// Adjust the global accessor cache to the fdlimit.
+	FileAccessorCache::Global().SetCacheSize(fdLimit);
 
 	static DSCViewType type;
 	BinaryViewType::Register(&type);