Line data Source code
1 : use lief_ffi as ffi;
2 : use super::Command;
3 : use crate::common::FromFFI;
4 : use crate::to_slice;
5 :
6 : use crate::macho::header::CpuType;
7 : use std::marker::PhantomData;
8 :
9 : /// Structure that represents the `LC_THREAD` / `LC_UNIXTHREAD` commands and that
10 : /// can be used to get the binary entrypoint when the `LC_MAIN` is not present
11 : ///
12 : /// Generally speaking, this command aims at defining the original state
13 : /// of the main thread which includes the registers' values
14 : pub struct ThreadCommand<'a> {
15 : ptr: cxx::UniquePtr<ffi::MachO_ThreadCommand>,
16 : _owner: PhantomData<&'a ffi::MachO_Binary>
17 : }
18 :
19 : impl ThreadCommand<'_> {
20 :
21 : /// Integer that defines a special *flavor* for the thread.
22 : ///
23 : /// The meaning of this value depends on the architecture. The list of
24 : /// the values can be found in the XNU kernel files:
25 : /// - xnu/osfmk/mach/arm/thread_status.h for the ARM/AArch64 architectures
26 : /// - xnu/osfmk/mach/i386/thread_status.h for the x86/x86-64 architectures
27 20 : pub fn flavor(&self) -> u32 {
28 20 : self.ptr.flavor()
29 20 : }
30 :
31 : /// The CPU architecture that is targeted by this Thread Command
32 0 : pub fn architecture(&self) -> CpuType {
33 0 : CpuType::from(self.ptr.architecture())
34 0 : }
35 :
36 : /// Size of the thread state data with 32-bits alignment.
37 : ///
38 : /// This value should match `state().len()`
39 20 : pub fn count(&self) -> u32 {
40 20 : self.ptr.count()
41 20 : }
42 :
43 : /// Return the initial Program Counter regardless of the underlying architecture.
44 : /// This value, when non null, can be used to determine the binary's entrypoint.
45 : ///
46 : /// Underneath, it works by looking for the PC register value in the [`ThreadCommand::state`]
47 : /// data
48 20 : pub fn pc(&self) -> u64 {
49 20 : self.ptr.pc()
50 20 : }
51 :
52 : /// The actual thread state as a vector of bytes. Depending on the architecture(),
53 : /// these data can be casted into `x86_thread_state_t, x86_thread_state64_t, ...`
54 10 : pub fn state(&self) -> &[u8] {
55 10 : to_slice!(self.ptr.state());
56 10 : }
57 : }
58 :
59 : impl std::fmt::Debug for ThreadCommand<'_> {
60 20 : fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
61 20 : let base = self as &dyn Command;
62 20 : f.debug_struct("ThreadCommand")
63 20 : .field("base", &base)
64 20 : .field("flavor", &self.flavor())
65 20 : .field("count", &self.count())
66 20 : .field("pc", &self.pc())
67 20 : .finish()
68 20 : }
69 : }
70 :
71 : impl FromFFI<ffi::MachO_ThreadCommand> for ThreadCommand<'_> {
72 20 : fn from_ffi(cmd: cxx::UniquePtr<ffi::MachO_ThreadCommand>) -> Self {
73 20 : Self {
74 20 : ptr: cmd,
75 20 : _owner: PhantomData
76 20 : }
77 20 : }
78 : }
79 :
80 : impl Command for ThreadCommand<'_> {
81 80 : fn get_base(&self) -> &ffi::MachO_Command {
82 80 : self.ptr.as_ref().unwrap().as_ref()
83 80 : }
84 : }
|
