class ContainerELF(Container):
"Container abstraction for ELF"
def parse(self, data, vm=None):
from miasm2.jitter.loader.elf import vm_load_elf, guess_arch
from elfesteem import elf_init
# Parse signature
if not data.startswith('\x7fELF'):
raise ContainerSignatureException()
# Build executable instance
try:
if vm is not None:
self._executable = vm_load_elf(vm, data)
else:
self._executable = elf_init.ELF(data)
except Exception, error:
raise ContainerParsingException('Cannot read ELF: %s' % error)
# Guess the architecture
self._arch = guess_arch(self._executable)
# Build the bin_stream instance and set the entry point
try:
self._bin_stream = bin_stream_elf(self._executable.virt)
self._entry_point = self._executable.Ehdr.entry
except Exception, error:
raise ContainerParsingException('Cannot read ELF: %s' % error)
b = open(fname).read()
default_addr = 0
bs = None
if b.startswith('MZ'):
try:
e = pe_init.PE(b)
if e.isPE() and e.NTsig.signature_value == 0x4550:
bs = bin_stream_pe(e.virt)
default_addr = e.rva2virt(e.Opthdr.AddressOfEntryPoint)
except:
log.error('Cannot read PE!')
elif b.startswith('\x7fELF'):
try:
e = elf_init.ELF(b)
bs = bin_stream_elf(e.virt)
default_addr = e.Ehdr.entry
except:
log.error('Cannot read ELF!')
if bs is None or options.shiftoffset is not None:
if options.shiftoffset is None:
options.shiftoffset = "0"
shift = int(options.shiftoffset, 16)
log.warning('fallback to string input (offset=%s)' % hex(shift))
bs = bin_stream_str(b, shift=shift)
log.info('ok')