-
Notifications
You must be signed in to change notification settings - Fork 5
/
harbour_helper.h
110 lines (81 loc) · 3.24 KB
/
harbour_helper.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
/*
* Copyright (C) 2019 AO Kaspersky Lab
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free Software
* Foundation; either version 2 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
#pragma once
#include "pe_helper.h"
#include "compat.h"
#include <stdint.h>
extern "C"
{
//harbour internals
#include "include/harbour/hbvmpub.h"
#include "include/harbour/hbpcode.h"
#include "include/harbour/hbpcode_awked.h"
#undef min
#undef max
};
#include <list>
#include <string>
#include <vector>
//harbour symbol class, updated to handle pcode
class executable_hb_symbol: public HB_SYMB
{
public:
std::string m_pcode;
uint32_t pcode_va_start;
uint32_t pcode_va_end;
size_t pcode_size;
executable_hb_symbol( const char* name=0, intptr_t scope=0, intptr_t value=0, intptr_t dynsym=0 );
~executable_hb_symbol();
const char * Name() { return szName; }
const char * Name( const char* newName );
uint16_t Scope() { return scope.value; }
uint16_t Scope( uint16_t newScope ) { return scope.value = newScope; }
void * Value( uint32_t newValue ) { return value.pCodeFunc = reinterpret_cast<void*>( newValue ); }
void * Value( ) { return value.pCodeFunc ; }
void * DynSym( uint32_t newDynSym ) { return pDynSym = reinterpret_cast<void*>( newDynSym ); }
void * DynSym( ) { return pDynSym; }
std::string & pcode() { return m_pcode; };
std::string & pcode( std::string &pcode ) { return m_pcode = pcode; };
bool is_symbol_function()
{
return ( ( (scope.value) & HB_FS_LOCAL ) ? true : false );
}
void print_scope();
};
/* executable parser harbour helper */
class executable_hb
{
public:
ExeState *exe_state;
bool BCC;
bool MINGW;
std::string hb_source_name;
// all hb symbols in order they are placed in executable, so all pcode
// references while decompilation process will properly match
std::vector<executable_hb_symbol*> hb_symbols;
// sorted in executable VA address order, so we can easily calculate the PCODE boudary
std::list<executable_hb_symbol*> hb_symbols_functions_sorted;
executable_hb( ExeState &exe_state );
~executable_hb();
bool find_hb_source_name();
uint32_t pe_find_hb_symbols_table();
bool pe_read_hb_symbols_table( uint32_t hb_symbols_table_raw_offset );
executable_hb_symbol * create_hb_symbol();
bool hb_symbols_fill_pcode();
private:
const std::string hb_source_name_search_key = ".prg";
const std::string bcc_hook_name = "fb:C++HOOK\x90\xE9";
static bool symbol_va_compare( const executable_hb_symbol * elem1, const executable_hb_symbol * elem2 );
};