def extract_section_darwin(inputFile):
"""Extracts the section as a string, the darwin version.
Uses otool to extract the section, then processes it
to a usable state.
"""
otoolCmd = ['otool', '-X', '-s', darwinSegmentName, darwinSectionName, inputFile]
otoolProc = Popen(otoolCmd, stdout=sp.PIPE)
otoolOutput = otoolProc.communicate()[0]
if otoolProc.returncode != 0:
logging.error('otool failed on %s' % inputFile)
sys.exit(-1)
lines = otoolOutput.splitlines()
octets = []
for line in lines:
(_, octetline) = line.split('\t')
octets.extend(octetline.split())
octets = ''.join(octets)
contents = octets.decode('hex').splitlines()
if not contents:
logging.error('{0} contained no {1} segment'.format(inputFile, darwinSegmentName))
return contents
def getSectionSizeAndOffset(sectionName, filename):
"""Returns the size and offset of the section, both in bytes.
Use objdump on the provided binary; parse out the fields
to find the given section. Parses the output,and
extracts thesize and offset of that section (in bytes).
"""
objdumpCmd = ['objdump', '-h', '-w', filename]
objdumpProc = Popen(objdumpCmd, stdout=sp.PIPE)
objdumpOutput = objdumpProc.communicate()[0]
if objdumpProc.returncode != 0:
logging.error('Could not dump %s' % filename)
sys.exit(-1)
for line in [l.decode('utf-8') for l in objdumpOutput.splitlines()] :
fields = line.split()
if len(fields) <= 7:
continue
if fields[1] != sectionName:
continue
try:
idx = int(fields[0])
size = int(fields[2], 16)
offset = int(fields[5], 16)
return (size, offset)
except ValueError:
continue
# The needed section could not be found
logging.warning('Could not find "{0}" ELF section in "{1}", so skipping this entry.'.format(sectionName,filename))
return None
def getFileType(cls, fileName):
# This is a hacky way of determining
# the type of file we are looking at.
# Maybe we should use python-magic instead?
fileP = Popen(['file', fileName], stdout=PIPE)
output = fileP.communicate()[0]
output = output.decode()
if 'ELF' in output and 'executable' in output:
return cls.EXECUTABLE
elif 'current ar archive' in output:
return cls.ARCHIVE
elif 'ELF' in output and 'relocatable' in output:
return cls.OBJECT
else:
return cls.UNKNOWN
def getFileType(cls, fileName):
# This is a hacky way of determining
# the type of file we are looking at.
# Maybe we should use python-magic instead?
fileP = Popen(['file',os.path.realpath(fileName)], stdout=PIPE)
output = fileP.communicate()[0]
output = output.decode('utf8')
if 'ELF' in output and 'executable' in output:
return cls.EXECUTABLE
elif 'ELF' in output and 'shared' in output:
return cls.SHARED
elif 'current ar archive' in output:
return cls.ARCHIVE
elif 'ELF' in output and 'relocatable' in output:
return cls.OBJECT
else:
return cls.UNKNOWN
def getFileType(cls, fileName):
# This is a hacky way of determining
# the type of file we are looking at.
# Maybe we should use python-magic instead?
fileP = Popen(['file', os.path.realpath(fileName)], stdout=PIPE)
output = fileP.communicate()[0]
output = output.decode()
if 'ELF' in output and 'executable' in output:
return cls.ELF_EXECUTABLE
if 'Mach-O' in output and 'executable' in output:
return cls.MACH_EXECUTABLE
elif 'ELF' in output and 'shared' in output:
return cls.ELF_SHARED
elif 'Mach-O' in output and 'dynamically linked shared' in output:
return cls.MACH_SHARED
elif 'current ar archive' in output:
return cls.ARCHIVE
elif 'ELF' in output and 'relocatable' in output:
return cls.ELF_OBJECT
elif 'Mach-O' in output and 'object' in output:
return cls.MACH_OBJECT
else:
return cls.UNKNOWN
