diff --git a/Cargo.lock b/Cargo.lock index fec967866..d7e7010dd 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -255,6 +255,16 @@ version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" +[[package]] +name = "bcder" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c627747a6774aab38beb35990d88309481378558875a41da1a4b2e373c906ef0" +dependencies = [ + "bytes", + "smallvec", +] + [[package]] name = "bincode" version = "1.3.3" @@ -684,6 +694,12 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "const-oid" +version = "0.9.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" + [[package]] name = "const-random" version = "0.1.17" @@ -719,6 +735,16 @@ dependencies = [ "unicode-segmentation", ] +[[package]] +name = "core-foundation" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f" +dependencies = [ + "core-foundation-sys", + "libc", +] + [[package]] name = "core-foundation-sys" version = "0.8.6" @@ -1019,6 +1045,23 @@ dependencies = [ "typenum", ] +[[package]] +name = "cryptographic-message-syntax" +version = "0.26.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43c324ba1028cef7e3a71a00cbf585637bb0215dec2f6a2b566d094190a1309b" +dependencies = [ + "bcder", + "bytes", + "chrono", + "hex", + "pem", + "reqwest", + "ring", + "signature", + "x509-certificate", +] + [[package]] name = "csscolorparser" version = "0.6.2" @@ -1079,6 +1122,16 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5729f5117e208430e437df2f4843f5e5952997175992d1414f94c57d61e270b4" +[[package]] +name = "der" +version = "0.7.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fffa369a668c8af7dbf8b5e56c9f744fbd399949ed171606040001947de40b1c" +dependencies = [ + "const-oid", + "zeroize", +] + [[package]] name = "deranged" version = "0.3.11" @@ -1176,6 +1229,15 @@ version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a357d28ed41a50f9c765dbfe56cbc04a64e53e5fc58ba79fbc34c10ef3df831f" +[[package]] +name = "encoding_rs" +version = "0.8.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7268b386296a025e474d5140678f75d6de9493ae55a5d709eeb9dd08149945e1" +dependencies = [ + "cfg-if", +] + [[package]] name = "enum_dispatch" version = "0.3.12" @@ -1319,6 +1381,15 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" +[[package]] +name = "form_urlencoded" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456" +dependencies = [ + "percent-encoding", +] + [[package]] name = "fraction" version = "0.14.0" @@ -1351,6 +1422,54 @@ version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c" +[[package]] +name = "futures-channel" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eac8f7d7865dcb88bd4373ab671c8cf4508703796caa2b1985a9ca867b3fcb78" +dependencies = [ + "futures-core", +] + +[[package]] +name = "futures-core" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d" + +[[package]] +name = "futures-io" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a44623e20b9681a318efdd71c299b6b222ed6f231972bfe2f224ebad6311f0c1" + +[[package]] +name = "futures-sink" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fb8e00e87438d937621c1c6269e53f536c14d3fbd6a042bb24879e57d474fb5" + +[[package]] +name = "futures-task" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38d84fa142264698cdce1a9f9172cf383a0c82de1bddcf3092901442c4097004" + +[[package]] +name = "futures-util" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48" +dependencies = [ + "futures-core", + "futures-io", + "futures-task", + "memchr", + "pin-project-lite", + "pin-utils", + "slab", +] + [[package]] name = "fxhash" version = "0.2.1" @@ -1458,6 +1577,25 @@ dependencies = [ "yansi 1.0.0-rc.1", ] +[[package]] +name = "h2" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bb2c4422095b67ee78da96fbb51a4cc413b3b25883c7717ff7ca1ab31022c9c9" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http", + "indexmap 2.2.2", + "slab", + "tokio", + "tokio-util", + "tracing", +] + [[package]] name = "half" version = "2.3.1" @@ -1546,12 +1684,84 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "http" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8947b1a6fad4393052c7ba1f4cd97bed3e953a95c79c92ad9b051a04611d9fbb" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http-body" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2" +dependencies = [ + "bytes", + "http", + "pin-project-lite", +] + +[[package]] +name = "httparse" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904" + +[[package]] +name = "httpdate" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9" + [[package]] name = "humantime" version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" +[[package]] +name = "hyper" +version = "0.14.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf96e135eb83a2a8ddf766e426a841d8ddd7449d5f00d34ea02b41d2f19eef80" +dependencies = [ + "bytes", + "futures-channel", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "httparse", + "httpdate", + "itoa", + "pin-project-lite", + "socket2", + "tokio", + "tower-service", + "tracing", + "want", +] + +[[package]] +name = "hyper-rustls" +version = "0.24.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec3efd23720e2049821a693cbc7e65ea87c72f1c58ff2f9522ff332b1491e590" +dependencies = [ + "futures-util", + "http", + "hyper", + "rustls", + "tokio", + "tokio-rustls", +] + [[package]] name = "iana-time-zone" version = "0.1.60" @@ -1587,6 +1797,16 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" +[[package]] +name = "idna" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "634d9b1461af396cad843f47fdba5597a4f9e6ddd4bfb6ff5d85028c25cb12f6" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + [[package]] name = "ignore" version = "0.4.22" @@ -1694,6 +1914,12 @@ version = "1.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "aa3eb1c7e05b0f9ddc99a1e9f186a434fa0bfd0087d6369acf5f2814731ab610" +[[package]] +name = "ipnet" +version = "2.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f518f335dce6725a761382244631d86cf0ccb2863413590b31338feb467f9c3" + [[package]] name = "is-terminal" version = "0.4.10" @@ -2017,6 +2243,12 @@ dependencies = [ "cpufeatures", ] +[[package]] +name = "mime" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" + [[package]] name = "minimal-lexical" version = "0.2.1" @@ -2201,6 +2433,16 @@ dependencies = [ "autocfg", ] +[[package]] +name = "num_cpus" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" +dependencies = [ + "hermit-abi 0.3.4", + "libc", +] + [[package]] name = "object" version = "0.32.2" @@ -2339,6 +2581,22 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" +[[package]] +name = "pem" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b8fcc794035347fb64beda2d3b462595dd2753e3f268d89c5aae77e8cf2c310" +dependencies = [ + "base64 0.21.7", + "serde", +] + +[[package]] +name = "percent-encoding" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" + [[package]] name = "pest" version = "2.7.6" @@ -2454,6 +2712,18 @@ dependencies = [ "siphasher", ] +[[package]] +name = "pin-project-lite" +version = "0.2.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8afb450f006bf6385ca15ef45d71d2288452bc3683ce2e2cacc0d18e4be60b58" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + [[package]] name = "pkg-config" version = "0.3.29" @@ -2728,6 +2998,9 @@ name = "rand_core" version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] [[package]] name = "rayon" @@ -2838,6 +3111,47 @@ version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" +[[package]] +name = "reqwest" +version = "0.11.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c6920094eb85afde5e4a138be3f2de8bbdf28000f0029e72c45025a56b042251" +dependencies = [ + "base64 0.21.7", + "bytes", + "encoding_rs", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "hyper", + "hyper-rustls", + "ipnet", + "js-sys", + "log", + "mime", + "once_cell", + "percent-encoding", + "pin-project-lite", + "rustls", + "rustls-pemfile", + "serde", + "serde_json", + "serde_urlencoded", + "sync_wrapper", + "system-configuration", + "tokio", + "tokio-rustls", + "tower-service", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", + "web-sys", + "webpki-roots", + "winreg", +] + [[package]] name = "rgb" version = "0.8.37" @@ -2847,6 +3161,26 @@ dependencies = [ "bytemuck", ] +[[package]] +name = "ring" +version = "0.17.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "688c63d65483050968b2a8937f7995f443e27041a0f7700aa59b0822aedebb74" +dependencies = [ + "cc", + "getrandom", + "libc", + "spin", + "untrusted", + "windows-sys 0.48.0", +] + +[[package]] +name = "roxmltree" +version = "0.19.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3cd14fd5e3b777a7422cca79358c57a8f6e3a703d9ac187448d0daf220c2407f" + [[package]] name = "rustc-demangle" version = "0.1.23" @@ -2872,6 +3206,37 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "rustls" +version = "0.21.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba" +dependencies = [ + "log", + "ring", + "rustls-webpki", + "sct", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" +dependencies = [ + "base64 0.21.7", +] + +[[package]] +name = "rustls-webpki" +version = "0.101.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "rustversion" version = "1.0.14" @@ -2899,6 +3264,16 @@ version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" +[[package]] +name = "sct" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" +dependencies = [ + "ring", + "untrusted", +] + [[package]] name = "semver" version = "0.11.0" @@ -2969,6 +3344,18 @@ dependencies = [ "serde", ] +[[package]] +name = "serde_urlencoded" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" +dependencies = [ + "form_urlencoded", + "itoa", + "ryu", + "serde", +] + [[package]] name = "sha1" version = "0.10.6" @@ -3050,6 +3437,15 @@ dependencies = [ "libc", ] +[[package]] +name = "signature" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" +dependencies = [ + "rand_core", +] + [[package]] name = "similar" version = "2.4.0" @@ -3091,6 +3487,15 @@ dependencies = [ "walkdir", ] +[[package]] +name = "slab" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f92a496fb766b417c996b9c5e57daf2f7ad3b0bebe1ccfca4856390e3d3bb67" +dependencies = [ + "autocfg", +] + [[package]] name = "slice-group-by" version = "0.3.1" @@ -3106,6 +3511,32 @@ dependencies = [ "serde", ] +[[package]] +name = "socket2" +version = "0.5.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7b5fac59a5cb5dd637972e5fca70daf0523c9067fcdc4842f053dae04a18f8e9" +dependencies = [ + "libc", + "windows-sys 0.48.0", +] + +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" + +[[package]] +name = "spki" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d" +dependencies = [ + "base64ct", + "der", +] + [[package]] name = "sptr" version = "0.3.2" @@ -3245,6 +3676,33 @@ dependencies = [ "unicode-ident", ] +[[package]] +name = "sync_wrapper" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" + +[[package]] +name = "system-configuration" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7" +dependencies = [ + "bitflags 1.3.2", + "core-foundation", + "system-configuration-sys", +] + +[[package]] +name = "system-configuration-sys" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75fb188eb626b924683e3b95e3a48e63551fcfb51949de2f06a9d91dbee93c9" +dependencies = [ + "core-foundation-sys", + "libc", +] + [[package]] name = "tap" version = "1.0.1" @@ -3407,12 +3865,67 @@ dependencies = [ "serde_json", ] +[[package]] +name = "tinyvec" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" + [[package]] name = "tlsh-fixed" version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f762ca8308eda1e38512dc88a99f021e5214699ba133de157f588c8bfd0745c7" +[[package]] +name = "tokio" +version = "1.36.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61285f6515fa018fb2d1e46eb21223fff441ee8db5d0f1435e8ab4f5cdb80931" +dependencies = [ + "backtrace", + "bytes", + "libc", + "mio", + "num_cpus", + "pin-project-lite", + "socket2", + "windows-sys 0.48.0", +] + +[[package]] +name = "tokio-rustls" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081" +dependencies = [ + "rustls", + "tokio", +] + +[[package]] +name = "tokio-util" +version = "0.7.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5419f34732d9eb6ee4c3578b7989078579b7f039cbbb9ca2c4da015749371e15" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "pin-project-lite", + "tokio", + "tracing", +] + [[package]] name = "toml" version = "0.5.11" @@ -3422,6 +3935,37 @@ dependencies = [ "serde", ] +[[package]] +name = "tower-service" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" + +[[package]] +name = "tracing" +version = "0.1.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef" +dependencies = [ + "pin-project-lite", + "tracing-core", +] + +[[package]] +name = "tracing-core" +version = "0.1.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54" +dependencies = [ + "once_cell", +] + +[[package]] +name = "try-lock" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" + [[package]] name = "typenum" version = "1.17.0" @@ -3443,12 +3987,27 @@ dependencies = [ "version_check", ] +[[package]] +name = "unicode-bidi" +version = "0.3.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08f95100a766bf4f8f28f90d77e0a5461bbdb219042e7679bebe79004fed8d75" + [[package]] name = "unicode-ident" version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" +[[package]] +name = "unicode-normalization" +version = "0.1.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" +dependencies = [ + "tinyvec", +] + [[package]] name = "unicode-segmentation" version = "1.10.1" @@ -3473,6 +4032,23 @@ version = "0.1.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e1766d682d402817b5ac4490b3c3002d91dfa0d22812f341609f97b08757359c" +[[package]] +name = "untrusted" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" + +[[package]] +name = "url" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31e6302e3bb753d46e83516cae55ae196fc0c309407cf11ab35cc51a4c2a4633" +dependencies = [ + "form_urlencoded", + "idna", + "percent-encoding", +] + [[package]] name = "utf8parse" version = "0.2.1" @@ -3541,6 +4117,15 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "want" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e" +dependencies = [ + "try-lock", +] + [[package]] name = "wasi" version = "0.11.0+wasi-snapshot-preview1" @@ -3572,6 +4157,18 @@ dependencies = [ "wasm-bindgen-shared", ] +[[package]] +name = "wasm-bindgen-futures" +version = "0.4.39" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac36a15a220124ac510204aec1c3e5db8a22ab06fd6706d881dc6149f8ed9a12" +dependencies = [ + "cfg-if", + "js-sys", + "wasm-bindgen", + "web-sys", +] + [[package]] name = "wasm-bindgen-macro" version = "0.2.90" @@ -3980,6 +4577,12 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "webpki-roots" +version = "0.25.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1" + [[package]] name = "wezterm-bidi" version = "0.2.3" @@ -4289,6 +4892,16 @@ version = "0.52.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" +[[package]] +name = "winreg" +version = "0.50.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1" +dependencies = [ + "cfg-if", + "windows-sys 0.48.0", +] + [[package]] name = "wit-parser" version = "0.13.1" @@ -4315,6 +4928,25 @@ dependencies = [ "tap", ] +[[package]] +name = "x509-certificate" +version = "0.23.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "66534846dec7a11d7c50a74b7cdb208b9a581cad890b7866430d438455847c85" +dependencies = [ + "bcder", + "bytes", + "chrono", + "der", + "hex", + "pem", + "ring", + "signature", + "spki", + "thiserror", + "zeroize", +] + [[package]] name = "yaml-rust" version = "0.4.5" @@ -4377,6 +5009,7 @@ dependencies = [ "bstr 1.9.0", "crc32fast", "criterion", + "cryptographic-message-syntax", "fmmap", "globwalk", "goldenfile", @@ -4400,6 +5033,7 @@ dependencies = [ "protobuf-parse", "regex-automata 0.3.8", "regex-syntax 0.7.5 (git+https://github.com/plusvic/regex.git?rev=423493d)", + "roxmltree", "rustc-hash", "serde", "serde_json", @@ -4557,6 +5191,26 @@ dependencies = [ "syn 2.0.48", ] +[[package]] +name = "zeroize" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d" +dependencies = [ + "zeroize_derive", +] + +[[package]] +name = "zeroize_derive" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.48", +] + [[package]] name = "zip" version = "0.6.6" diff --git a/Cargo.toml b/Cargo.toml index 886e77ecd..d8db58d92 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -43,6 +43,7 @@ chrono = "0.4.34" clap = "4.4.8" crc32fast = "1.3.2" criterion = "0.5.1" +cryptographic-message-syntax = "0.26.0" enable-ansi-support = "0.2.1" env_logger = "0.11.1" fmmap = "0.3.2" @@ -76,6 +77,7 @@ protobuf-json-mapping = { git = "https://github.com/plusvic/rust-protobuf.git", protobuf-parse = { git = "https://github.com/plusvic/rust-protobuf.git", rev="b484d8a7" } regex-syntax = { git = "https://github.com/plusvic/regex.git", rev="423493d" } regex-automata = { git = "https://github.com/plusvic/regex.git", rev="423493d" } +roxmltree = "0.19.0" rustc-hash = "1.1.0" smallvec = "1.10.0" serde = "1.0" diff --git a/lib/Cargo.toml b/lib/Cargo.toml index d542bd29f..d93c86650 100644 --- a/lib/Cargo.toml +++ b/lib/Cargo.toml @@ -93,6 +93,8 @@ lnk-module = [ # The `macho` module parses Mach-O files. macho-module = [ "dep:nom", + "dep:cryptographic-message-syntax", + "dep:roxmltree", ] # The `math` module. @@ -155,6 +157,7 @@ bitmask = { workspace = true } bitvec = { workspace = true } bstr = { workspace = true, features = ["serde"] } crc32fast = { workspace = true, optional = true } +cryptographic-message-syntax = { workspace = true, optional = true } fmmap = { workspace = true } indexmap = { workspace = true, features = ["serde"] } intaglio = { workspace = true } @@ -174,8 +177,9 @@ protobuf = { workspace = true } rustc-hash = { workspace = true } regex-syntax = { workspace = true } regex-automata = { workspace = true } -smallvec = { workspace = true, features = ["serde"] } -serde = { workspace = true, features = ["rc"] } +roxmltree = { workspace = true, optional = true } +smallvec = { workspace = true, features=["serde"] } +serde = { workspace = true, features=["rc"] } serde_json = { workspace = true } thiserror = { workspace = true } tlsh-fixed = { workspace = true, optional = true } diff --git a/lib/src/modules/macho/mod.rs b/lib/src/modules/macho/mod.rs index 03a20a5c7..9e5ab0516 100644 --- a/lib/src/modules/macho/mod.rs +++ b/lib/src/modules/macho/mod.rs @@ -182,17 +182,37 @@ fn ep_for_arch_subtype( None } -/// The function for checking if any dylib name present in the main Mach-O or -/// embedded Mach-O files contain a dylib with the desired name +/// Returns true if the Mach-O parsed entitlements contain `entitlement` /// -/// # Arguments -/// -/// * `ctx`: A mutable reference to the scanning context. -/// * `dylib_name`: The name of the dylib to check if present -/// -/// # Returns +/// `entitlement` is case-insensitive. +#[module_export(name = "entitlement_present")] +fn entitlements_present( + ctx: &ScanContext, + entitlement: RuntimeString, +) -> Option { + let macho = ctx.module_output::()?; + let expected = entitlement.as_bstr(ctx); + + for entitlement in macho.entitlements.iter() { + if expected.eq_ignore_ascii_case(entitlement.as_bytes()) { + return Some(true); + } + } + + for file in macho.file.iter() { + for entitlement in file.entitlements.iter() { + if expected.eq_ignore_ascii_case(entitlement.as_bytes()) { + return Some(true); + } + } + } + + Some(false) +} + +/// Returns true if the Mach-O parsed dylibs contain `dylib_name` /// -/// An `Option` containing if the name is found +/// `dylib_name` is case-insensitive. #[module_export(name = "dylib_present")] fn dylibs_present( ctx: &ScanContext, @@ -222,17 +242,9 @@ fn dylibs_present( Some(false) } -/// The function for checking if any rpath present in the main Mach-O or -/// embedded Mach-O files contain a rpath with the desired path -/// -/// # Arguments -/// -/// * `ctx`: A mutable reference to the scanning context. -/// * `rpath`: The name of the dylib to check if present -/// -/// # Returns +/// Returns true if the Mach-O parsed rpaths contain `rpath` /// -/// An `Option` containing if the path is found +/// `rpath` is case-insensitive. #[module_export(name = "rpath_present")] fn rpaths_present(ctx: &ScanContext, rpath: RuntimeString) -> Option { let macho = ctx.module_output::()?; diff --git a/lib/src/modules/macho/parser.rs b/lib/src/modules/macho/parser.rs index 3db9bd373..f222774b5 100644 --- a/lib/src/modules/macho/parser.rs +++ b/lib/src/modules/macho/parser.rs @@ -1,5 +1,6 @@ use crate::modules::protos; use bstr::{BStr, ByteSlice}; +use cryptographic_message_syntax::SignedData; #[cfg(feature = "logging")] use log::error; use nom::bytes::complete::take; @@ -26,11 +27,21 @@ const FAT_CIGAM: u32 = 0xbebafeca; const FAT_MAGIC_64: u32 = 0xcafebabf; const FAT_CIGAM_64: u32 = 0xbfbafeca; +/// Mach-O code signature constants +const _CS_MAGIC_REQUIREMENT: u32 = 0xfade0c00; +const _CS_MAGIC_REQUIREMENTS: u32 = 0xfade0c01; +const _CS_MAGIC_CODEDIRECTORY: u32 = 0xfade0c02; +const _CS_MAGIC_EMBEDDED_SIGNATURE: u32 = 0xfade0cc0; +const _CS_MAGIC_DETACHED_SIGNATURE: u32 = 0xfade0cc1; +const CS_MAGIC_BLOBWRAPPER: u32 = 0xfade0b01; +const CS_MAGIC_EMBEDDED_ENTITLEMENTS: u32 = 0xfade7171; + /// Mach-O dynamic linker constant const LC_REQ_DYLD: u32 = 0x80000000; /// Mach-O load commands const LC_SEGMENT: u32 = 0x00000001; +const LC_SYMTAB: u32 = 0x00000002; const LC_UNIXTHREAD: u32 = 0x00000005; const LC_DYSYMTAB: u32 = 0x0000000b; const LC_LOAD_DYLIB: u32 = 0x0000000c; @@ -39,11 +50,20 @@ const LC_LOAD_DYLINKER: u32 = 0x0000000e; const LC_ID_DYLINKER: u32 = 0x0000000f; const LC_LOAD_WEAK_DYLIB: u32 = 0x18 | LC_REQ_DYLD; const LC_SEGMENT_64: u32 = 0x00000019; +const LC_UUID: u32 = 0x00000001b; const LC_RPATH: u32 = 0x1c | LC_REQ_DYLD; +const LC_CODE_SIGNATURE: u32 = 0x0000001d; const LC_REEXPORT_DYLIB: u32 = 0x1f | LC_REQ_DYLD; +const LC_DYLD_INFO: u32 = 0x00000022; +const LC_DYLD_INFO_ONLY: u32 = 0x22 | LC_REQ_DYLD; +const LC_VERSION_MIN_MACOSX: u32 = 0x00000024; +const LC_VERSION_MIN_IPHONEOS: u32 = 0x00000025; const LC_DYLD_ENVIRONMENT: u32 = 0x00000027; const LC_MAIN: u32 = 0x28 | LC_REQ_DYLD; const LC_SOURCE_VERSION: u32 = 0x0000002a; +const LC_VERSION_MIN_TVOS: u32 = 0x0000002f; +const LC_VERSION_MIN_WATCHOS: u32 = 0x00000030; +const LC_BUILD_VERSION: u32 = 0x00000032; /// Mach-O CPU types const CPU_TYPE_MC680X0: u32 = 0x00000006; @@ -236,12 +256,20 @@ impl<'a> MachO<'a> { segments: Vec::new(), dylibs: Vec::new(), rpaths: Vec::new(), + symtab: None, dysymtab: None, dynamic_linker: None, + dyld_info: None, source_version: None, entry_point_offset: None, entry_point_rva: None, stack_size: None, + code_signature_data: None, + entitlements: Vec::new(), + certificates: None, + uuid: None, + build_version: None, + min_version: None, }; for _ in 0..macho.header.ncmds as usize { @@ -265,10 +293,40 @@ impl<'a> MachO<'a> { } } + if let Some(ref mut symtab) = macho.symtab { + let str_offset = symtab.stroff as usize; + let str_end = symtab.strsize as usize; + + // We don't want the dyld_shared_cache ones for now + if str_offset < data.len() { + let string_table: &[u8] = + &data[str_offset..str_offset + str_end]; + let strings: Vec<&'a [u8]> = string_table + .split(|&c| c == b'\0') + .map(|line| BStr::new(line).trim_end_with(|c| c == '\0')) + .filter(|s| !s.trim().is_empty()) + .collect(); + + symtab.entries.extend(strings); + } + } + if let Some(entry_point_rva) = macho.entry_point_rva { macho.entry_point_offset = macho.rva_to_offset(entry_point_rva); } + if let Some(ref code_signature_data) = macho.code_signature_data { + let offset = code_signature_data.dataoff as usize; + let size = code_signature_data.datasize as usize; + let super_data = &data[offset..offset + size]; + if let Err(_err) = macho.cs_superblob()(super_data) { + #[cfg(feature = "logging")] + error!("Error parsing Mach-O file: {:?}", _err); + // fail silently if it fails, data was not formatted + // correctly but parsing should still proceed for + // everything else + }; + } Ok(macho) } } @@ -282,10 +340,18 @@ pub struct MachOFile<'a> { header: MachOHeader, segments: Vec>, dylibs: Vec>, + symtab: Option>, dysymtab: Option, + dyld_info: Option, dynamic_linker: Option<&'a [u8]>, source_version: Option, rpaths: Vec<&'a [u8]>, + uuid: Option<&'a [u8]>, + code_signature_data: Option, + entitlements: Vec, + certificates: Option, + build_version: Option, + min_version: Option, } impl<'a> MachOFile<'a> { @@ -417,10 +483,40 @@ impl<'a> MachOFile<'a> { let (_, dylinker) = self.dylinker_command()(command_data)?; self.dynamic_linker = Some(dylinker); } + LC_SYMTAB => { + let (_, symtab) = self.symtab_command()(command_data)?; + self.symtab = Some(symtab); + } LC_DYSYMTAB => { let (_, dysymtab) = self.dysymtab_command()(command_data)?; self.dysymtab = Some(dysymtab); } + LC_CODE_SIGNATURE => { + let (_, lid) = self.linkeditdata_command()(command_data)?; + self.code_signature_data = Some(lid); + } + LC_DYLD_INFO | LC_DYLD_INFO_ONLY => { + let (_, dyld_info) = + self.dyld_info_command()(command_data)?; + self.dyld_info = Some(dyld_info); + } + LC_UUID => { + let (_, uuid) = self.uuid_command()(command_data)?; + self.uuid = Some(uuid); + } + LC_BUILD_VERSION => { + let (_, bv) = self.build_version_command()(command_data)?; + self.build_version = Some(bv); + } + LC_VERSION_MIN_MACOSX + | LC_VERSION_MIN_IPHONEOS + | LC_VERSION_MIN_TVOS + | LC_VERSION_MIN_WATCHOS => { + let (_, mut mv) = + self.min_version_command()(command_data)?; + mv.device = command; + self.min_version = Some(mv); + } _ => {} } @@ -545,6 +641,27 @@ impl<'a> MachOFile<'a> { } } + /// Parser that parses a LC_DYSYMTAB command. + fn symtab_command( + &self, + ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], Symtab> + '_ { + map( + tuple(( + u32(self.endianness), // symoff + u32(self.endianness), // nsyms + u32(self.endianness), // stroff + u32(self.endianness), // strsize + )), + |(symoff, nsyms, stroff, strsize)| Symtab { + symoff, + nsyms, + stroff, + strsize, + entries: Vec::new(), + }, + ) + } + /// Parser that parses a LC_DYSYMTAB command. fn dysymtab_command( &self, @@ -608,6 +725,192 @@ impl<'a> MachOFile<'a> { ) } + /// Parser that parses a LC_CODESIGNATURE command + fn linkeditdata_command( + &self, + ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], LinkedItData> + '_ { + map( + tuple(( + u32(self.endianness), // dataoff + u32(self.endianness), // datasize + )), + |(dataoff, datasize)| LinkedItData { dataoff, datasize }, + ) + } + + fn cs_blob( + &self, + ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], CSBlob> + '_ { + move |input: &'a [u8]| { + let (_, (magic, length)) = tuple(( + u32(Endianness::Big), // magic + u32(Endianness::Big), // length, + ))(input)?; + + Ok((&[], CSBlob { magic, length })) + } + } + + fn cs_index( + &self, + ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], CSBlobIndex> + '_ { + move |input: &'a [u8]| { + let (input, (blobtype, offset)) = tuple(( + u32(Endianness::Big), // blobtype + u32(Endianness::Big), // offset, + ))(input)?; + + Ok((input, CSBlobIndex { blobtype, offset, blob: None })) + } + } + + fn cs_superblob( + &mut self, + ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], CSSuperBlob> + '_ { + move |data: &'a [u8]| { + let (remainder, (_magic, _length, count)) = tuple(( + u32(Endianness::Big), // magic + u32(Endianness::Big), // offset, + u32(Endianness::Big), // count, + ))(data)?; + + let mut super_blob = + CSSuperBlob { _magic, _length, count, index: Vec::new() }; + + let mut input: &[u8] = remainder; + let mut cs_index: CSBlobIndex; + + for _ in 0..super_blob.count { + (input, cs_index) = self.cs_index()(input)?; + let offset: usize = cs_index.offset as usize; + let (_, blob) = self.cs_blob()(&data[offset..])?; + + cs_index.blob = Some(blob); + super_blob.index.push(cs_index); + } + + let super_data = data; + + for blob_index in &super_blob.index { + let _blob_type = blob_index.blobtype as usize; + if let Some(blob) = &blob_index.blob { + let offset = blob_index.offset as usize; + let length = blob.length as usize; + let size_of_blob = std::mem::size_of::(); + match blob.magic { + CS_MAGIC_EMBEDDED_ENTITLEMENTS => { + let xml_data = &super_data + [offset + size_of_blob..offset + length]; + let xml_string = std::str::from_utf8(xml_data) + .unwrap_or_default(); + + let opt = roxmltree::ParsingOptions { + allow_dtd: true, + ..roxmltree::ParsingOptions::default() + }; + + if let Ok(parsed_xml) = + roxmltree::Document::parse_with_options( + xml_string, opt, + ) + { + for node in parsed_xml + .descendants() + .filter(|n| n.has_tag_name("key")) + { + if let Some(entitlement) = node.text() { + self.entitlements + .push(entitlement.to_string()); + } + } + } + } + CS_MAGIC_BLOBWRAPPER => { + if let Ok(signage) = SignedData::parse_ber( + &super_data + [offset + size_of_blob..offset + length], + ) { + let signers = signage.signers(); + let certs = signage.certificates(); + let mut cert_info = Certificates { + common_names: Vec::new(), + signer_names: Vec::new(), + }; + + certs.for_each(|cert| { + let name = + cert.subject_common_name().unwrap(); + cert_info.common_names.push(name); + }); + + signers.for_each(|signer| { + let (name, _) = signer + .certificate_issuer_and_serial() + .unwrap(); + cert_info.signer_names.push( + name.user_friendly_str() + .unwrap() + .to_string(), + ); + }); + + self.certificates = Some(cert_info); + } + } + _ => {} + } + } + } + + Ok((&[], super_blob)) + } + } + + /// Parser that parses LC_DYLD_INFO_ONLY and LC_DYLD_INFO commands + fn dyld_info_command( + &self, + ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], DyldInfo> + '_ { + map( + tuple(( + u32(self.endianness), // rebase_off + u32(self.endianness), // rebase_size + u32(self.endianness), // bind_off + u32(self.endianness), // bind_size + u32(self.endianness), // weak_bind_off + u32(self.endianness), // weak_bind_size + u32(self.endianness), // lazy_bind_off + u32(self.endianness), // lazy_bind_size + u32(self.endianness), // export_off + u32(self.endianness), // export_size + )), + |( + rebase_off, + rebase_size, + bind_off, + bind_size, + weak_bind_off, + weak_bind_size, + lazy_bind_off, + lazy_bind_size, + export_off, + export_size, + )| { + DyldInfo { + rebase_off, + rebase_size, + bind_off, + bind_size, + weak_bind_off, + weak_bind_size, + lazy_bind_off, + lazy_bind_size, + export_off, + export_size, + } + }, + ) + } + /// Parser that parses a LC_ID_DYLINKER, LC_LOAD_DYLINKER or /// LC_DYLD_ENVIRONMENT command. fn dylinker_command( @@ -620,6 +923,17 @@ impl<'a> MachOFile<'a> { } } + /// Parser that parses a LC_UUID command. + fn uuid_command( + &self, + ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], &'a [u8]> + '_ { + move |input: &'a [u8]| { + let (_, uuid) = take(16usize)(input)?; + + Ok((&[], BStr::new(uuid).trim_end_with(|c| c == '\0'))) + } + } + /// Parser that parses a LC_SOURCE_VERSION command. fn source_version_command( &self, @@ -638,6 +952,53 @@ impl<'a> MachOFile<'a> { } } + /// Parser that parses a LC_BUILD_VERSION command. + fn build_version_command( + &self, + ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], BuildVersionCommand> + '_ + { + move |input: &'a [u8]| { + let (mut remainder, (platform, minos, sdk, ntools)) = + tuple(( + u32(self.endianness), // platform, + u32(self.endianness), // minos, + u32(self.endianness), // sdk, + u32(self.endianness), // ntools, + ))(input)?; + + let mut tools = Vec::::new(); + + for _ in 0..ntools { + let (data, (tool, version)) = tuple(( + u32(self.endianness), // tool, + u32(self.endianness), // version, + ))(remainder)?; + + remainder = data; + + tools.push(BuildToolObject { tool, version }) + } + + Ok(( + &[], + BuildVersionCommand { platform, minos, sdk, ntools, tools }, + )) + } + } + + fn min_version_command( + &self, + ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], MinVersion> + '_ { + move |input: &'a [u8]| { + let (input, (version, sdk)) = tuple(( + u32(self.endianness), // version + u32(self.endianness), // sdk, + ))(input)?; + + Ok((input, MinVersion { device: 0, version, sdk })) + } + } + fn x86_thread_state( &self, ) -> impl FnMut(&'a [u8]) -> IResult<&'a [u8], u64> + '_ { @@ -864,6 +1225,42 @@ struct Dylib<'a> { compatibility_version: u32, } +struct Certificates { + common_names: Vec, + signer_names: Vec, +} + +struct CSBlob { + magic: u32, + length: u32, +} + +struct CSBlobIndex { + blobtype: u32, + offset: u32, + blob: Option, +} + +struct CSSuperBlob { + _magic: u32, + _length: u32, + count: u32, + index: Vec, +} + +struct LinkedItData { + dataoff: u32, + datasize: u32, +} + +struct Symtab<'a> { + symoff: u32, + nsyms: u32, + stroff: u32, + strsize: u32, + entries: Vec<&'a [u8]>, +} + struct Dysymtab { ilocalsym: u32, nlocalsym: u32, @@ -883,6 +1280,38 @@ struct Dysymtab { nlocrel: u32, } +struct DyldInfo { + rebase_off: u32, + rebase_size: u32, + bind_off: u32, + bind_size: u32, + weak_bind_off: u32, + weak_bind_size: u32, + lazy_bind_off: u32, + lazy_bind_size: u32, + export_off: u32, + export_size: u32, +} + +struct BuildVersionCommand { + platform: u32, + minos: u32, + sdk: u32, + ntools: u32, + tools: Vec, +} + +struct BuildToolObject { + tool: u32, + version: u32, +} + +struct MinVersion { + device: u32, + version: u32, + sdk: u32, +} + /// Parser that reads a 32-bits or 64-bits fn uint( endianness: Endianness, @@ -906,6 +1335,13 @@ fn convert_to_version_string(decimal_number: u32) -> String { format!("{}.{}.{}", major, minor, patch) } +/// Convert a decimal number representation to a build version string representation. +fn convert_to_build_tool_version(decimal_number: u32) -> String { + let a = decimal_number >> 16; + let b = (decimal_number >> 8) & 0xff; + format!("{}.{}", a, b) +} + /// Convert a decimal number representation to a source version string /// representation. fn convert_to_source_version_string(decimal_number: u64) -> String { @@ -940,13 +1376,59 @@ impl From> for protos::macho::Macho { result.source_version = m.source_version.to_owned(); result.dynamic_linker = m.dynamic_linker.map(|dl| dl.into()); + if let Some(symtab) = &m.symtab { + result.symtab = MessageField::some(symtab.into()); + } + if let Some(dysymtab) = &m.dysymtab { result.dysymtab = MessageField::some(dysymtab.into()); } + if let Some(cs_data) = &m.code_signature_data { + result.code_signature_data = + MessageField::some(cs_data.into()); + } + + if let Some(cert_data) = &m.certificates { + result.certificates = MessageField::some(cert_data.into()); + } + + if let Some(dyld_info) = &m.dyld_info { + result.dyld_info = MessageField::some(dyld_info.into()); + }; + + if let Some(uuid) = &m.uuid { + let mut uuid_str = String::new(); + + for (idx, c) in uuid.iter().enumerate() { + match idx { + 3 | 5 | 7 | 9 => { + uuid_str.push_str(format!("{:02X}", c).as_str()); + uuid_str.push('-'); + } + _ => { + uuid_str.push_str(format!("{:02X}", c).as_str()); + } + } + } + + result.uuid = Some(uuid_str.clone()); + } + + if let Some(bv) = &m.build_version { + result.build_version = MessageField::some(bv.into()); + } + + if let Some(mv) = &m.min_version { + result.min_version = MessageField::some(mv.into()); + } + result.segments.extend(m.segments.iter().map(|seg| seg.into())); result.dylibs.extend(m.dylibs.iter().map(|dylib| dylib.into())); - result.rpaths.extend(m.rpaths.iter().map(|rpath| rpath.to_vec())); + result + .rpaths + .extend(m.rpaths.iter().map(|rpath: &&[u8]| rpath.to_vec())); + result.entitlements.extend(m.entitlements.clone()); result .set_number_of_segments(m.segments.len().try_into().unwrap()); @@ -976,13 +1458,56 @@ impl From<&MachOFile<'_>> for protos::macho::File { result.source_version = macho.source_version.to_owned(); result.dynamic_linker = macho.dynamic_linker.map(|dl| dl.into()); + if let Some(symtab) = &macho.symtab { + result.symtab = MessageField::some(symtab.into()); + } + if let Some(dysymtab) = &macho.dysymtab { result.dysymtab = MessageField::some(dysymtab.into()); } + if let Some(cs_data) = &macho.code_signature_data { + result.code_signature_data = MessageField::some(cs_data.into()); + } + + if let Some(cert_data) = &macho.certificates { + result.certificates = MessageField::some(cert_data.into()); + } + + if let Some(dyld_info) = &macho.dyld_info { + result.dyld_info = MessageField::some(dyld_info.into()); + }; + + if let Some(uuid) = &macho.uuid { + let mut uuid_str = String::new(); + + for (idx, c) in uuid.iter().enumerate() { + match idx { + 3 | 5 | 7 | 9 => { + uuid_str.push_str(format!("{:02X}", c).as_str()); + uuid_str.push('-'); + } + _ => { + uuid_str.push_str(format!("{:02X}", c).as_str()); + } + } + } + + result.uuid = Some(uuid_str.clone()); + } + + if let Some(bv) = &macho.build_version { + result.build_version = MessageField::some(bv.into()); + } + + if let Some(mv) = &macho.min_version { + result.min_version = MessageField::some(mv.into()); + } + result.segments.extend(macho.segments.iter().map(|seg| seg.into())); result.dylibs.extend(macho.dylibs.iter().map(|dylib| dylib.into())); result.rpaths.extend(macho.rpaths.iter().map(|rpath| rpath.to_vec())); + result.entitlements.extend(macho.entitlements.clone()); result .set_number_of_segments(result.segments.len().try_into().unwrap()); @@ -1055,6 +1580,20 @@ impl From<&Dylib<'_>> for protos::macho::Dylib { } } +impl From<&Symtab<'_>> for protos::macho::Symtab { + fn from(symtab: &Symtab<'_>) -> Self { + let mut result = protos::macho::Symtab::new(); + result.set_symoff(symtab.symoff); + result.set_nsyms(symtab.nsyms); + result.set_stroff(symtab.stroff); + result.set_strsize(symtab.strsize); + result + .entries + .extend(symtab.entries.iter().map(|entry| entry.to_vec())); + result + } +} + impl From<&Dysymtab> for protos::macho::Dysymtab { fn from(dysymtab: &Dysymtab) -> Self { let mut result = protos::macho::Dysymtab::new(); @@ -1077,3 +1616,74 @@ impl From<&Dysymtab> for protos::macho::Dysymtab { result } } + +impl From<&LinkedItData> for protos::macho::LinkedItData { + fn from(lid: &LinkedItData) -> Self { + let mut result = protos::macho::LinkedItData::new(); + result.set_dataoff(lid.dataoff); + result.set_datasize(lid.datasize); + result + } +} + +impl From<&Certificates> for protos::macho::Certificates { + fn from(cert: &Certificates) -> Self { + let mut result = protos::macho::Certificates::new(); + result.common_names.extend(cert.common_names.clone()); + result.signer_names.extend(cert.signer_names.clone()); + result + } +} + +impl From<&DyldInfo> for protos::macho::DyldInfo { + fn from(dyld_info: &DyldInfo) -> Self { + let mut result = protos::macho::DyldInfo::new(); + result.set_rebase_off(dyld_info.rebase_off); + result.set_rebase_size(dyld_info.rebase_size); + result.set_bind_off(dyld_info.bind_off); + result.set_bind_size(dyld_info.bind_size); + result.set_weak_bind_off(dyld_info.weak_bind_off); + result.set_weak_bind_size(dyld_info.weak_bind_size); + result.set_lazy_bind_off(dyld_info.lazy_bind_off); + result.set_lazy_bind_size(dyld_info.lazy_bind_size); + result.set_export_off(dyld_info.export_off); + result.set_export_size(dyld_info.export_size); + result + } +} + +impl From<&BuildVersionCommand> for protos::macho::BuildVersion { + fn from(bv: &BuildVersionCommand) -> Self { + let mut result = protos::macho::BuildVersion::new(); + result.set_platform(bv.platform); + result.set_ntools(bv.ntools); + result.set_minos(convert_to_version_string(bv.minos)); + result.set_sdk(convert_to_version_string(bv.sdk)); + result.tools.extend(bv.tools.iter().map(|tool| tool.into())); + result + } +} + +impl From<&BuildToolObject> for protos::macho::BuildTool { + fn from(bt: &BuildToolObject) -> Self { + let mut result = protos::macho::BuildTool::new(); + result.set_tool(bt.tool); + result.set_version(convert_to_build_tool_version(bt.version)); + result + } +} + +impl From<&MinVersion> for protos::macho::MinVersion { + fn from(mv: &MinVersion) -> Self { + let mut result = protos::macho::MinVersion::new(); + + result.set_device( + protobuf::EnumOrUnknown::::from_i32( + mv.device as i32, + ).unwrap(), + ); + result.set_version(convert_to_version_string(mv.version)); + result.set_sdk(convert_to_version_string(mv.sdk)); + result + } +} diff --git a/lib/src/modules/macho/tests/mod.rs b/lib/src/modules/macho/tests/mod.rs index 28f028eeb..fc87383ce 100644 --- a/lib/src/modules/macho/tests/mod.rs +++ b/lib/src/modules/macho/tests/mod.rs @@ -15,6 +15,10 @@ fn test_macho_module() { "src/modules/macho/tests/testdata/macho_x86_file.in.zip", ); + let chess_macho_data = create_binary_from_zipped_ihex( + "src/modules/macho/tests/testdata/chess.in.zip", + ); + rule_true!( r#" import "macho" @@ -274,4 +278,37 @@ fn test_macho_module() { "#, &x86_macho_data ); + + rule_true!( + r#" + import "macho" + rule macho_test { + condition: + macho.entitlement_present("com.apple.security.network.client") + } + "#, + &chess_macho_data + ); + + rule_true!( + r#" + import "macho" + rule macho_test { + condition: + macho.entitlement_present("COM.ApplE.security.NetWoRK.client") + } + "#, + &chess_macho_data + ); + + rule_false!( + r#" + import "macho" + rule macho_test { + condition: + macho.entitlement_present("made-up-entitlement") + } + "#, + &chess_macho_data + ); } diff --git a/lib/src/modules/macho/tests/testdata/01ac68a14f0ff5faa72bb33e768bfaae4d21de61f776e2405324c498ef52b21b.out b/lib/src/modules/macho/tests/testdata/01ac68a14f0ff5faa72bb33e768bfaae4d21de61f776e2405324c498ef52b21b.out index d9d65975c..87e46e880 100644 --- a/lib/src/modules/macho/tests/testdata/01ac68a14f0ff5faa72bb33e768bfaae4d21de61f776e2405324c498ef52b21b.out +++ b/lib/src/modules/macho/tests/testdata/01ac68a14f0ff5faa72bb33e768bfaae4d21de61f776e2405324c498ef52b21b.out @@ -8,6 +8,178 @@ flags: 0x18085 reserved: 0 number_of_segments: 3 source_version: "0.0.0.0.0" +symtab: + symoff: 34352 + nsyms: 166 + stroff: 37600 + strsize: 5864 + entries: + - "_APF_Plugin_DisconnectingDataSource" + - "_APF_Plugin_Initialize" + - "_APF_Plugin_Terminate" + - "_APF_Plugin_Unload" + - "__Z10InitializeP15CAPF_PluginInfoP14PLUGINMEMBLOCK" + - "__Z14ACCT_GetJobLogPK15CAPF_DataSourcePPP17HarmonyAttributesRl" + - "__Z16ACCT_ClearJobLogPK15CAPF_DataSource" + - "__Z16CreateControlBarP8stCBInfoP20HarmonySessionHandle" + - "__Z16out_HarmonyAttrsRNSt3__113basic_ostreamIcNS_11char_traitsIcEEEEiP17HarmonyAttributes" + - "__Z17ACCT_GetJobLogXMLP15CAPF_PluginInfoP14PLUGINMEMBLOCKP9VERSIONEXPv" + - "__Z18ACCT_GetFirstIndexPK15CAPF_DataSourceRl" + - "__Z18AllocateStringCopyRPcRK8wxString" + - "__Z19ACCT_ClearJobLogXMLP15CAPF_PluginInfoP14PLUGINMEMBLOCKP9VERSIONEXPv" + - "__Z19ACCT_FreeStringListPP17HarmonyAttributesi" + - "__Z19ACCT_GetEventsExXMLP15CAPF_PluginInfoP14PLUGINMEMBLOCKP9VERSIONEXPv" + - "__Z19CBB_GetResmanEventsP15CAPF_DataSourcePFvP20HarmonyResourceEventPvES3_P15HarmonyNBTicket" + - "__Z19CBB_SetEFControlBarP15CAPF_DataSourceP15CAPF_PluginInfoPv" + - "__Z19CB_ImportControlBarP15CAPF_DataSourceP15CAPF_PluginInfoPv" + - "__Z20ACCT_GetJobLogLengthPK15CAPF_DataSourceRl" + - "__Z20CBB_DeleteControlBarP15CAPF_DataSourceRK8wxString" + - "__Z21ACCT_GetFirstIndexXMLP15CAPF_PluginInfoP14PLUGINMEMBLOCKP9VERSIONEXPv" + - "__Z21ACCT_GetJobLogPortionPK15CAPF_DataSourceRlS2_PPP17HarmonyAttributesS2_" + - "__Z21APF_ds2HarmonyHandlesPK15CAPF_DataSourcePP29harmonyDataSourceSpecificDataPP19HarmonyServerHandle" + - "__Z21APF_harmonyGetSessionP29harmonyDataSourceSpecificData22APF_harmonySessionType" + - "__Z21CBB_GetControlBarDataP15CAPF_DataSourceP15CAPF_PluginInfoPv" + - "__Z22ACCT_FreeStringListXMLP15CAPF_PluginInfoP14PLUGINMEMBLOCKP9VERSIONEXPv" + - "__Z22CBB_FreeControlBarDataP15CAPF_DataSourceP15CAPF_PluginInfoPv" + - "__Z23ACCT_GetJobLogLengthXMLP15CAPF_PluginInfoP14PLUGINMEMBLOCKP9VERSIONEXPv" + - "__Z23APF_ChkTicketOrTimedOutP15CAPF_DataSourceR15HarmonyNBTicketR13HarmonyResult" + - "__Z23GetFeatureSessionHandlePK15CAPF_DataSource22APF_harmonySessionTypePP20HarmonySessionHandle" + - "__Z24ACCT_GetJobLogPortionXMLP15CAPF_PluginInfoP14PLUGINMEMBLOCKP9VERSIONEXPv" + - "__Z24CBB_GetControlbarSupportP15CAPF_DataSourceP15CAPF_PluginInfoPv" + - "__Z25APF_H_GetLocalizedStringsP29harmonyDataSourceSpecificDataPPciS2_i" + - "__Z26APF_H_GetLocalizedStringNBP15CAPF_DataSourceR8wxStringS2_iS2_" + - "__Z36APF_H_GetLocalizedStringNB_AlternateP15CAPF_DataSourceR8wxStringS2_iS2_" + - "__ZlsRNSt3__113basic_ostreamIcNS_11char_traitsIcEEEEP17HarmonyAttributes" + - "_ACCT_clearJobLog" + - "_ACCT_getEventsEx" + - "_ACCT_getFirstIndex" + - "_ACCT_getJobLog" + - "_ACCT_getJobLogLength" + - "_ACCT_getJobLogPortionEx" + - "_ACCT_openSession" + - "_ATTR_openSession" + - "_AUTH_openSession" + - "_FONT_openSession" + - "_FT_openSession" + - "_GA_openSession" + - "_GLOBOBJ_openSession" + - "_JOBM_openSession" + - "_LOCL_getStringWithContext" + - "_LOCL_getStringsWithContext" + - "_LP_openSession" + - "_MTX_openSession" + - "_NB_cancel_block_destroy" + - "_NB_checkTicket" + - "_NB_destroy" + - "_RESMAN_createResource" + - "_RESMAN_deleteResource" + - "_RESMAN_getEventsEx" + - "_RESMAN_getResourceTypes" + - "_RESMAN_getResourceWithSettingsInContainer" + - "_RESMAN_openSession" + - "__Unwind_Resume" + - "__Z10wxOnAssertPKciS0_S0_S0_" + - "__Z12wxMilliSleepm" + - "__Z19wxGet_wxConvUTF8Ptrv" + - "__Z20EFIAPF_ErrLogGen_MACPKclS0_S0_l" + - "__ZN11CAPF_ReqObj13GetInputParamERK8wxStringPPv" + - "__ZN11CAPF_ReqObj13GetInputParamERK8wxStringPl" + - "__ZN11CAPF_ReqObj13GetInputParamERK8wxStringRS0_" + - "__ZN11CAPF_ReqObj14SetOutputParamERK8wxStringPv" + - "__ZN11CAPF_ReqObj14SetOutputParamERK8wxStringl" + - "__ZN11CAPF_ReqObj20CAPF_ReqObj_CalleeExElPvP15CAPF_PluginInfo" + - "__ZN11CAPF_ReqObjD1Ev" + - "__ZN11wxStopWatch5StartEl" + - "__ZN12CAPF_Session9GetKeyIDAEPc" + - "__ZN8wxString10ConvertStrEPKcmRK8wxMBConv" + - "__ZN8wxString4TrimEb" + - "__ZN8wxString4nposE" + - "__ZN9wxPrivate18GetUntypedNullDataEv" + - "__ZNK11wxStopWatch11TimeInMicroEv" + - "__ZNK15CAPF_DataSource10getSessionEv" + - "__ZNK15CAPF_DataSource11getProtocolEv" + - "__ZNK15CAPF_DataSource14getDSWorkClassEi" + - "__ZNK8wxMBConv14DoConvertMB2WCEPKcm" + - "__ZNK8wxString6AsCharERK8wxMBConv" + - "__ZNK8wxString9CmpNoCaseERKS_" + - "__ZNKSt3__16locale9use_facetERNS0_2idE" + - "__ZNKSt3__18ios_base6getlocEv" + - "__ZNSt3__112basic_stringIwNS_11char_traitsIwEENS_9allocatorIwEEE6__initEPKwm" + - "__ZNSt3__112basic_stringIwNS_11char_traitsIwEENS_9allocatorIwEEE6assignEPKwm" + - "__ZNSt3__112basic_stringIwNS_11char_traitsIwEENS_9allocatorIwEEEaSERKS5_" + - "__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryC1ERS3_" + - "__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEE6sentryD1Ev" + - "__ZNSt3__113basic_ostreamIcNS_11char_traitsIcEEElsEi" + - "__ZNSt3__15ctypeIcE2idE" + - "__ZNSt3__16localeD1Ev" + - "__ZNSt3__18ios_base33__set_badbit_and_consider_rethrowEv" + - "__ZNSt3__18ios_base5clearEj" + - "__ZSt9terminatev" + - "__ZTV11CAPF_ReqObj" + - "__ZTV12wxMBConvUTF8" + - "__ZdlPv" + - "__Znwm" + - "___bzero" + - "___cxa_begin_catch" + - "___cxa_end_catch" + - "___gxx_personality_v0" + - "_calloc" + - "_free" + - "_freeHarmonyAttributes" + - "_freeStringList" + - "_global_lpAPFInfo" + - "_harmony_calloc" + - "_harmony_free" + - "_harmony_malloc" + - "_memset" + - "_strcpy" + - "_strlen" + - "_wcslen" + - "_wxConvUTF8Ptr" + - "_wxEmptyString" + - "_wxTheAssertHandler" + - "_wxTrapInAssert" + - "dyld_stub_binder" + - "___clang_call_terminate" + - "__ZNK8wxString9AsCharBufERK8wxMBConv" + - "__ZN22wxScopedCharTypeBufferIcE14CreateNonOwnedEPKcm" + - "__ZN8wxStringC2ERK22wxScopedCharTypeBufferIwE" + - "__ZN8wxString7ImplStrEPKwm" + - "__ZN8wxString17SubstrBufFromTypeIPKwEC2ERKS2_m" + - "__ZN22wxScopedCharTypeBufferIwED2Ev" + - "__ZN22wxScopedCharTypeBufferIwE6DecRefEv" + - "__ZN22wxScopedCharTypeBufferIcED2Ev" + - "__ZN22wxScopedCharTypeBufferIcE6DecRefEv" + - "__ZN8wxStringC2EPKcRK8wxMBConv" + - "__ZN8wxString7ImplStrEPKcRK8wxMBConv" + - "__ZNSt3__124__put_character_sequenceIcNS_11char_traitsIcEEEERNS_13basic_ostreamIT_T0_EES7_PKS4_m" + - "__ZNSt3__116__pad_and_outputIcNS_11char_traitsIcEEEENS_19ostreambuf_iteratorIT_T0_EES6_PKS4_S8_S8_RNS_8ios_baseES4_" + - "GCC_except_table1" + - "GCC_except_table2" + - "GCC_except_table3" + - "GCC_except_table5" + - "GCC_except_table6" + - "GCC_except_table7" + - "GCC_except_table8" + - "GCC_except_table11" + - "GCC_except_table12" + - "GCC_except_table15" + - "GCC_except_table17" + - "GCC_except_table0" + - "GCC_except_table1" + - "GCC_except_table2" + - "GCC_except_table3" + - "GCC_except_table4" + - "GCC_except_table5" + - "GCC_except_table6" + - "GCC_except_table7" + - "GCC_except_table5" + - "GCC_except_table6" + - "GCC_except_table10" + - "GCC_except_table11" + - "GCC_except_table14" + - "GCC_except_table15" + - "__ZL12openSessions" dysymtab: ilocalsym: 0 nlocalsym: 40 @@ -25,6 +197,9 @@ dysymtab: nextrel: 148 locreloff: 0 nlocrel: 0 +code_signature_data: + dataoff: 43472 + datasize: 18800 segments: - segname: "__TEXT" vmaddr: 0x0 @@ -263,4 +438,27 @@ dylibs: - name: "/usr/lib/libSystem.B.dylib" timestamp: 2 # 1970-01-01 00:00:02 UTC compatibility_version: "1.0.0" - current_version: "1252.0.0" \ No newline at end of file + current_version: "1252.0.0" +dyld_info: + rebase_off: 28672 + rebase_size: 8 + bind_off: 28680 + bind_size: 624 + weak_bind_off: 29304 + weak_bind_size: 48 + lazy_bind_off: 29352 + lazy_bind_size: 2464 + export_off: 31816 + export_size: 2448 +certificates: + common_names: + - "Developer ID Certification Authority" + - "Apple Root CA" + - "Developer ID Application: EFI Inc (82PCFB3NFC)" + signer_names: + - "CN=Developer ID Certification Authority, OU=Apple Certification Authority, O=Apple Inc., C=US" +uuid: "B23FC3D5-BDF8-3056-930A-C93E0F547B78" +min_version: + device: MACOSX + version: "10.13.0" + sdk: "10.13.0" \ No newline at end of file diff --git a/lib/src/modules/macho/tests/testdata/3d27411e4465ae14ab2d02e1f2a6dafb2bb8114803e8b26c0652ce4afccb94e1.out b/lib/src/modules/macho/tests/testdata/3d27411e4465ae14ab2d02e1f2a6dafb2bb8114803e8b26c0652ce4afccb94e1.out index f8f0da3ad..c805545cd 100644 --- a/lib/src/modules/macho/tests/testdata/3d27411e4465ae14ab2d02e1f2a6dafb2bb8114803e8b26c0652ce4afccb94e1.out +++ b/lib/src/modules/macho/tests/testdata/3d27411e4465ae14ab2d02e1f2a6dafb2bb8114803e8b26c0652ce4afccb94e1.out @@ -8,6 +8,66 @@ flags: 0x1000085 number_of_segments: 4 dynamic_linker: "/usr/lib/dyld" entry_point: 2752 +symtab: + symoff: 12316 + nsyms: 54 + stroff: 13344 + strsize: 760 + entries: + - "_NXArgc" + - "_NXArgv" + - "___progname" + - "__mh_execute_header" + - "_environ" + - "start" + - "_CFBundleCopyExecutableURL" + - "_CFBundleGetIdentifier" + - "_CFBundleGetInfoDictionary" + - "_CFBundleGetMainBundle" + - "_CFDictionarySetValue" + - "_CFRelease" + - "_CFRetain" + - "_CFURLGetFileSystemRepresentation" + - "_GetCurrentProcess" + - "_NSAddImage" + - "_NSAddressOfSymbol" + - "_NSIsSymbolNameDefined" + - "_NSLinkEditError" + - "_NSLookupAndBindSymbol" + - "_NSLookupSymbolInImage" + - "___CFConstantStringClassReference" + - "___stderrp" + - "_close$UNIX2003" + - "_exit" + - "_fclose" + - "_fcntl$UNIX2003" + - "_fgets" + - "_fopen" + - "_fprintf" + - "_free" + - "_fstat" + - "_getenv" + - "_getrusage" + - "_gettimeofday" + - "_memset" + - "_mmap$UNIX2003" + - "_munmap$UNIX2003" + - "_open$UNIX2003" + - "_putenv$UNIX2003" + - "_realpath$DARWIN_EXTSN" + - "_snprintf" + - "_sprintf" + - "_strcasecmp" + - "_strchr" + - "_strcmp" + - "_strdup" + - "_strlen" + - "_strpbrk" + - "_strrchr" + - "_strtol" + - "_sysctl" + - "_vfprintf" + - "radr://5614542" dysymtab: ilocalsym: 0 nlocalsym: 1 @@ -254,4 +314,9 @@ dylibs: - name: "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices" timestamp: 2 # 1970-01-01 00:00:02 UTC compatibility_version: "1.0.0" - current_version: "38.0.0" \ No newline at end of file + current_version: "38.0.0" +uuid: "EF07AAD0-F2AB-34DF-940C-2965C1872F0C" +min_version: + device: MACOSX + version: "10.5.0" + sdk: "0.0.0" \ No newline at end of file diff --git a/lib/src/modules/macho/tests/testdata/4d0725d5c506c7ec26be89ec12b53a00bae94f868ce65a3352177dd6a75797ff.out b/lib/src/modules/macho/tests/testdata/4d0725d5c506c7ec26be89ec12b53a00bae94f868ce65a3352177dd6a75797ff.out index ef30a53e0..1234f84c1 100644 --- a/lib/src/modules/macho/tests/testdata/4d0725d5c506c7ec26be89ec12b53a00bae94f868ce65a3352177dd6a75797ff.out +++ b/lib/src/modules/macho/tests/testdata/4d0725d5c506c7ec26be89ec12b53a00bae94f868ce65a3352177dd6a75797ff.out @@ -8,6 +8,170 @@ flags: 0x85 number_of_segments: 5 dynamic_linker: "/usr/lib/dyld" entry_point: 3092 +symtab: + symoff: 20480 + nsyms: 254 + stroff: 23860 + strsize: 5268 + entries: + - "__start" + - "dyld_stub_binding_helper" + - "__dyld_func_lookup" + - "_main" + - "-[KGCustomMainWindow initWithContentRect:styleMask:backing:defer:]" + - "-[KGCustomMainWindow canBecomeKeyWindow]" + - "-[KGCustomMainWindow mouseDragged:]" + - "-[KGCustomMainWindow mouseDown:]" + - "-[KGCustomMainWindowView awakeFromNib]" + - "-[KGCustomMainWindowView drawRect:]" + - "-[KGCustomFieldClass awakeFromNib]" + - "-[KGCustomFieldClass drawRect:]" + - "-[KGCustomFieldClass mouseDown:]" + - "-[KGCustomFieldClass mouseUp:]" + - "-[KGCustomFieldClass _remote_mouseDown]" + - "-[KGCustomFieldClass _remote_mouseUp]" + - "-[KGCustomLabel mouseDown:]" + - "-[KGCustomLabel mouseUp:]" + - "-[KGWindowsController awakeFromNib]" + - "-[KGWindowsController exit:]" + - "+[KGCustButton cellClass]" + - "-[KGCustButton initWithCoder:]" + - "-[KGCustButtonView mouseEntered:]" + - "-[KGCustButtonView drawWithFrame:inView:]" + - "-[KGSerialNumberGenerator init]" + - "-[KGSerialNumberGenerator awakeFromNib]" + - "-[KGSerialNumberGenerator createSerial:]" + - "-[KGSerialNumberGenerator generationComplete]" + - "-[KGSerialNumberGenerator copyToCB:]" + - "saveFP" + - "restFP" + - "_pointer_to__darwin_gcc3_preregister_frame_info" + - "_mouseIsHovering" + - "_generationComplete" + - ".objc_class_name_KGCustButton" + - ".objc_class_name_KGCustButtonView" + - ".objc_class_name_KGCustomFieldClass" + - ".objc_class_name_KGCustomLabel" + - ".objc_class_name_KGCustomMainWindow" + - ".objc_class_name_KGCustomMainWindowView" + - ".objc_class_name_KGSerialNumberGenerator" + - ".objc_class_name_KGWindowsController" + - "_NXArgc" + - "_NXArgv" + - "___darwin_gcc3_preregister_frame_info" + - "___progname" + - "__mh_execute_header" + - "_catch_exception_raise" + - "_catch_exception_raise_state" + - "_catch_exception_raise_state_identity" + - "_clock_alarm_reply" + - "_do_mach_notify_dead_name" + - "_do_mach_notify_no_senders" + - "_do_mach_notify_port_deleted" + - "_do_mach_notify_send_once" + - "_do_seqnos_mach_notify_dead_name" + - "_do_seqnos_mach_notify_no_senders" + - "_do_seqnos_mach_notify_port_deleted" + - "_do_seqnos_mach_notify_send_once" + - "_environ" + - "_receive_samples" + - "start" + - ".objc_class_name_NSArray" + - ".objc_class_name_NSAutoreleasePool" + - ".objc_class_name_NSBundle" + - ".objc_class_name_NSButton" + - ".objc_class_name_NSButtonCell" + - ".objc_class_name_NSColor" + - ".objc_class_name_NSImage" + - ".objc_class_name_NSKeyedUnarchiver" + - ".objc_class_name_NSMutableAttributedString" + - ".objc_class_name_NSMutableDictionary" + - ".objc_class_name_NSObject" + - ".objc_class_name_NSPasteboard" + - ".objc_class_name_NSScreen" + - ".objc_class_name_NSString" + - ".objc_class_name_NSTextField" + - ".objc_class_name_NSView" + - ".objc_class_name_NSWindow" + - "_AbsoluteToNanoseconds" + - "_BASSMOD_Free" + - "_BASSMOD_Init" + - "_BASSMOD_MusicLoad" + - "_BASSMOD_MusicPlay" + - "_BASSMOD_SetVolume" + - "_CGWindowLevelForKey" + - "_NSApp" + - "_NSAppKitVersionNumber" + - "_NSApplicationMain" + - "_NSForegroundColorAttributeName" + - "_NSLog" + - "_NSRectFill" + - "_NSStringPboardType" + - "_NSZeroPoint" + - "_UpTime" + - "___CFConstantStringClassReference" + - "___keymgr_dwarf2_register_sections" + - "___sF" + - "__cthread_init_routine" + - "_atexit" + - "_clock" + - "_errno" + - "_exit" + - "_floor" + - "_fwrite" + - "_mach_init_routine" + - "_objc_msgSendSuper" + - "_objc_msgSend_stret" + - "_random" + - "_srandom" + - "_strdup" + - "/__templates/InPaint/main.m" + - "/__templates/InPaint/build/CORE KG 1.build/Release/CORE Keygen.build/Objects-normal/ppc/main.o" + - "_main" + - "/__templates/InPaint/gui source/KGCustomMainWindow.m" + - "/__templates/InPaint/build/CORE KG 1.build/Release/CORE Keygen.build/Objects-normal/ppc/KGCustomMainWindow.o" + - "-[KGCustomMainWindow initWithContentRect:styleMask:backing:defer:]" + - "-[KGCustomMainWindow canBecomeKeyWindow]" + - "-[KGCustomMainWindow mouseDragged:]" + - "-[KGCustomMainWindow mouseDown:]" + - "/__templates/InPaint/gui source/KGCustomMainWindowView.m" + - "/__templates/InPaint/build/CORE KG 1.build/Release/CORE Keygen.build/Objects-normal/ppc/KGCustomMainWindowView.o" + - "-[KGCustomMainWindowView awakeFromNib]" + - "-[KGCustomMainWindowView drawRect:]" + - "/__templates/InPaint/gui source/KGCustomFieldClass.m" + - "/__templates/InPaint/build/CORE KG 1.build/Release/CORE Keygen.build/Objects-normal/ppc/KGCustomFieldClass.o" + - "-[KGCustomFieldClass awakeFromNib]" + - "-[KGCustomFieldClass drawRect:]" + - "-[KGCustomFieldClass mouseDown:]" + - "-[KGCustomFieldClass mouseUp:]" + - "-[KGCustomFieldClass _remote_mouseDown]" + - "-[KGCustomFieldClass _remote_mouseUp]" + - "/__templates/InPaint/gui source/KGCustomLabel.m" + - "/__templates/InPaint/build/CORE KG 1.build/Release/CORE Keygen.build/Objects-normal/ppc/KGCustomLabel.o" + - "-[KGCustomLabel mouseDown:]" + - "-[KGCustomLabel mouseUp:]" + - "/__templates/InPaint/gui source/KGWindowsController.m" + - "/__templates/InPaint/build/CORE KG 1.build/Release/CORE Keygen.build/Objects-normal/ppc/KGWindowsController.o" + - "-[KGWindowsController awakeFromNib]" + - "/Developer/SDKs/MacOSX10.4u.sdk/System/Library/Frameworks/Foundation.framework/Headers/NSGeometry.h" + - "-[KGWindowsController exit:]" + - "/__templates/InPaint/gui source/KGCustButton.m" + - "/__templates/InPaint/build/CORE KG 1.build/Release/CORE Keygen.build/Objects-normal/ppc/KGCustButton.o" + - "+[KGCustButton cellClass]" + - "-[KGCustButton initWithCoder:]" + - "/__templates/InPaint/gui source/KGCustButtonView.m" + - "/__templates/InPaint/build/CORE KG 1.build/Release/CORE Keygen.build/Objects-normal/ppc/KGCustButtonView.o" + - "-[KGCustButtonView mouseEntered:]" + - "-[KGCustButtonView drawWithFrame:inView:]" + - "_mouseIsHovering" + - "/__templates/InPaint/KGSerialNumberGenerator.m" + - "/__templates/InPaint/build/CORE KG 1.build/Release/CORE Keygen.build/Objects-normal/ppc/KGSerialNumberGenerator.o" + - "-[KGSerialNumberGenerator init]" + - "-[KGSerialNumberGenerator awakeFromNib]" + - "-[KGSerialNumberGenerator createSerial:]" + - "-[KGSerialNumberGenerator generationComplete]" + - "-[KGSerialNumberGenerator copyToCB:]" + - "_generationComplete" dysymtab: ilocalsym: 0 nlocalsym: 177 @@ -326,4 +490,5 @@ dylibs: - name: "/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit" timestamp: 2 # 1970-01-01 00:00:02 UTC compatibility_version: "45.0.0" - current_version: "824.48.0" \ No newline at end of file + current_version: "824.48.0" +uuid: "E8EEF819-E139-DC6C-30B0-67A3792D3913" \ No newline at end of file diff --git a/lib/src/modules/macho/tests/testdata/5fad2944f6d9e36f6dc21ad3ea79fa394e400276ef05b93daa78717daffcd803.out b/lib/src/modules/macho/tests/testdata/5fad2944f6d9e36f6dc21ad3ea79fa394e400276ef05b93daa78717daffcd803.out index 071411ebb..bd9251080 100644 --- a/lib/src/modules/macho/tests/testdata/5fad2944f6d9e36f6dc21ad3ea79fa394e400276ef05b93daa78717daffcd803.out +++ b/lib/src/modules/macho/tests/testdata/5fad2944f6d9e36f6dc21ad3ea79fa394e400276ef05b93daa78717daffcd803.out @@ -6,6 +6,37 @@ ncmds: 4 sizeofcmds: 652 flags: 0x2000 number_of_segments: 1 +symtab: + symoff: 3540 + nsyms: 25 + stroff: 3840 + strsize: 496 + entries: + - "_png_set_bgr" + - "_png_set_swap" + - "_png_set_packing" + - "_png_set_packswap" + - "_png_set_shift" + - "_png_set_interlace_handling" + - "_png_set_filler" + - "_png_app_error" + - "_png_set_add_alpha" + - "_png_set_swap_alpha" + - "_png_set_invert_alpha" + - "_png_set_invert_mono" + - "_png_do_invert" + - "_png_do_swap" + - "_png_do_packswap" + - "_png_do_strip_channel" + - "_png_do_bgr" + - "_png_do_check_palette_indexes" + - "_png_set_user_transform_info" + - "_png_get_user_transform_ptr" + - "_png_get_current_row_number" + - "_png_get_current_pass_number" + - "_fourbppswaptable" + - "_onebppswaptable" + - "_twobppswaptable" dysymtab: ilocalsym: 0 nlocalsym: 3 diff --git a/lib/src/modules/macho/tests/testdata/8962a76d0aeaee3326cf840de11543c8beebeb768e712bd3b754b5cd3e151356.out b/lib/src/modules/macho/tests/testdata/8962a76d0aeaee3326cf840de11543c8beebeb768e712bd3b754b5cd3e151356.out index 62b3adab4..862297dcb 100644 --- a/lib/src/modules/macho/tests/testdata/8962a76d0aeaee3326cf840de11543c8beebeb768e712bd3b754b5cd3e151356.out +++ b/lib/src/modules/macho/tests/testdata/8962a76d0aeaee3326cf840de11543c8beebeb768e712bd3b754b5cd3e151356.out @@ -7,6 +7,16 @@ sizeofcmds: 536 flags: 0x2001 number_of_segments: 4 entry_point: 3476 +symtab: + symoff: 16384 + nsyms: 4 + stroff: 16432 + strsize: 40 + entries: + - "__start" + - "_comment" + - "_shellcode" + - "_.str" segments: - segname: "__PAGEZERO" vmaddr: 0x0 diff --git a/lib/src/modules/macho/tests/testdata/94b2f690c776c4d847845be21b422cb8cd171119a7bf7a329ae18e5b34cdb85f.out b/lib/src/modules/macho/tests/testdata/94b2f690c776c4d847845be21b422cb8cd171119a7bf7a329ae18e5b34cdb85f.out index 6d61f2b6e..715be75b2 100644 --- a/lib/src/modules/macho/tests/testdata/94b2f690c776c4d847845be21b422cb8cd171119a7bf7a329ae18e5b34cdb85f.out +++ b/lib/src/modules/macho/tests/testdata/94b2f690c776c4d847845be21b422cb8cd171119a7bf7a329ae18e5b34cdb85f.out @@ -7,6 +7,11 @@ sizeofcmds: 928 flags: 0x1 number_of_segments: 4 entry_point: 3952 +symtab: + symoff: 40960 + nsyms: 3295 + stroff: 80500 + strsize: 46263 segments: - segname: "__PAGEZERO" vmaddr: 0x0 diff --git a/lib/src/modules/macho/tests/testdata/a1da3d22c5ec85143faf5f69fb18d79cb0e7394c7b5065f74b7ce8c52ace75f1.out b/lib/src/modules/macho/tests/testdata/a1da3d22c5ec85143faf5f69fb18d79cb0e7394c7b5065f74b7ce8c52ace75f1.out index 29dcbee41..5409f6215 100644 --- a/lib/src/modules/macho/tests/testdata/a1da3d22c5ec85143faf5f69fb18d79cb0e7394c7b5065f74b7ce8c52ace75f1.out +++ b/lib/src/modules/macho/tests/testdata/a1da3d22c5ec85143faf5f69fb18d79cb0e7394c7b5065f74b7ce8c52ace75f1.out @@ -193,6 +193,18 @@ file: timestamp: 2 # 1970-01-01 00:00:02 UTC compatibility_version: "1.0.0" current_version: "1311.120.1" + symtab: + symoff: 32992 + nsyms: 6 + stroff: 33120 + strsize: 112 + entries: + - "__mh_execute_header" + - "_CallComponentDispatch" + - "_OpenDefaultComponent" + - "_exit" + - "dyld_stub_binder" + - "radr://5614542" dysymtab: ilocalsym: 0 nlocalsym: 1 @@ -210,6 +222,22 @@ file: nextrel: 8 locreloff: 0 nlocrel: 0 + dyld_info: + rebase_off: 32768 + rebase_size: 8 + bind_off: 32776 + bind_size: 24 + weak_bind_off: 0 + weak_bind_size: 0 + lazy_bind_off: 32800 + lazy_bind_size: 72 + export_off: 32872 + export_size: 112 + uuid: "58E31296-DF6F-3EA8-BA92-40781CECDA18" + min_version: + device: MACOSX + version: "10.6.0" + sdk: "12.6.0" - magic: 0xcffaedfe cputype: 0x100000c cpusubtype: 0x0 @@ -319,6 +347,16 @@ file: timestamp: 2 # 1970-01-01 00:00:02 UTC compatibility_version: "1.0.0" current_version: "1311.120.1" + symtab: + symoff: 32944 + nsyms: 4 + stroff: 33024 + strsize: 88 + entries: + - "__mh_execute_header" + - "_CallComponentDispatch" + - "_OpenDefaultComponent" + - "radr://5614542" dysymtab: ilocalsym: 0 nlocalsym: 1 @@ -335,4 +373,16 @@ file: extreloff: 33008 nextrel: 4 locreloff: 0 - nlocrel: 0 \ No newline at end of file + nlocrel: 0 + code_signature_data: + dataoff: 33120 + datasize: 408 + uuid: "DDE8659B-7481-3A87-BF12-0DA778978AD8" + build_version: + platform: 1 + minos: "12.6.0" + sdk: "12.6.0" + ntools: 1 + tools: + - tool: 3 + version: "760.0" \ No newline at end of file diff --git a/lib/src/modules/macho/tests/testdata/chess.in.zip b/lib/src/modules/macho/tests/testdata/chess.in.zip new file mode 100644 index 000000000..4c882410b Binary files /dev/null and b/lib/src/modules/macho/tests/testdata/chess.in.zip differ diff --git a/lib/src/modules/macho/tests/testdata/chess.out b/lib/src/modules/macho/tests/testdata/chess.out new file mode 100644 index 000000000..58923b9c6 --- /dev/null +++ b/lib/src/modules/macho/tests/testdata/chess.out @@ -0,0 +1,839 @@ +magic: 0xcffaedfe +cputype: 0x1000007 +cpusubtype: 0x3 +filetype: 2 +ncmds: 31 +sizeofcmds: 4328 +flags: 0x210085 +reserved: 0 +number_of_segments: 5 +dynamic_linker: "/usr/lib/dyld" +entry_point: 7904 +stack_size: 0 +source_version: "369.0.0.0.0" +symtab: + symoff: 264536 + nsyms: 308 + stroff: 271144 + strsize: 6000 + entries: + - "__mh_execute_header" + - "_AEGetParamPtr" + - "_AEInstallEventHandler" + - "_CFRelease" + - "_CGBitmapContextCreate" + - "_CGColorSpaceCreateDeviceRGB" + - "_CGColorSpaceRelease" + - "_CGContextClearRect" + - "_CGContextDrawImage" + - "_CGContextGetTextPosition" + - "_CGContextRelease" + - "_CGContextSelectFont" + - "_CGContextSetAlpha" + - "_CGContextSetShouldSubpixelQuantizeFonts" + - "_CGContextSetTextDrawingMode" + - "_CGContextShowTextAtPoint" + - "_CGImageGetHeight" + - "_CGImageGetWidth" + - "_CGImageRelease" + - "_CGImageSourceCreateImageAtIndex" + - "_CGImageSourceCreateWithURL" + - "_CGLDescribeRenderer" + - "_CGLQueryRendererInfo" + - "_GetCurrentProcess" + - "_NSAccessibilityActionDescription" + - "_NSAccessibilityButtonRole" + - "_NSAccessibilityChildrenAttribute" + - "_NSAccessibilityContentsAttribute" + - "_NSAccessibilityDescriptionAttribute" + - "_NSAccessibilityEnabledAttribute" + - "_NSAccessibilityFocusedAttribute" + - "_NSAccessibilityGroupRole" + - "_NSAccessibilityParentAttribute" + - "_NSAccessibilityPositionAttribute" + - "_NSAccessibilityPressAction" + - "_NSAccessibilityRoleAttribute" + - "_NSAccessibilityRoleDescription" + - "_NSAccessibilityRoleDescriptionAttribute" + - "_NSAccessibilitySelectedChildrenAttribute" + - "_NSAccessibilitySelectedChildrenChangedNotification" + - "_NSAccessibilitySelectedRowsChangedNotification" + - "_NSAccessibilitySizeAttribute" + - "_NSAccessibilityStaticTextRole" + - "_NSAccessibilityTitleAttribute" + - "_NSAccessibilityTopLevelUIElementAttribute" + - "_NSAccessibilityValueAttribute" + - "_NSAccessibilityWindowAttribute" + - "_NSApp" + - "_NSApplicationMain" + - "_NSBeep" + - "_NSCocoaErrorDomain" + - "_NSDefaultRunLoopMode" + - "_NSEventTrackingRunLoopMode" + - "_NSFullUserName" + - "_NSLocalizedDescriptionKey" + - "_NSLog" + - "_NSRectFill" + - "_NSVoiceDemoText" + - "_NSVoiceLocaleIdentifier" + - "_NSVoiceName" + - "_NSWindowWillCloseNotification" + - "_OBJC_CLASS_$_GKAchievement" + - "_OBJC_CLASS_$_GKDialogController" + - "_OBJC_CLASS_$_GKGameCenterViewController" + - "_OBJC_CLASS_$_GKLocalPlayer" + - "_OBJC_CLASS_$_GKMatchRequest" + - "_OBJC_CLASS_$_GKPlayer" + - "_OBJC_CLASS_$_GKTurnBasedMatch" + - "_OBJC_CLASS_$_GKTurnBasedMatchmakerViewController" + - "_OBJC_CLASS_$_NSAlert" + - "_OBJC_CLASS_$_NSAnimationContext" + - "_OBJC_CLASS_$_NSApplication" + - "_OBJC_CLASS_$_NSArray" + - "_OBJC_CLASS_$_NSAutoreleasePool" + - "_OBJC_CLASS_$_NSBundle" + - "_OBJC_CLASS_$_NSColor" + - "_OBJC_CLASS_$_NSCursor" + - "_OBJC_CLASS_$_NSData" + - "_OBJC_CLASS_$_NSDate" + - "_OBJC_CLASS_$_NSDictionary" + - "_OBJC_CLASS_$_NSDocument" + - "_OBJC_CLASS_$_NSDocumentController" + - "_OBJC_CLASS_$_NSError" + - "_OBJC_CLASS_$_NSEvent" + - "_OBJC_CLASS_$_NSFileHandle" + - "_OBJC_CLASS_$_NSFileManager" + - "_OBJC_CLASS_$_NSFont" + - "_OBJC_CLASS_$_NSImageView" + - "_OBJC_CLASS_$_NSInvocation" + - "_OBJC_CLASS_$_NSLocale" + - "_OBJC_CLASS_$_NSMutableArray" + - "_OBJC_CLASS_$_NSMutableDictionary" + - "_OBJC_CLASS_$_NSMutableString" + - "_OBJC_CLASS_$_NSNotification" + - "_OBJC_CLASS_$_NSNotificationCenter" + - "_OBJC_CLASS_$_NSNotificationQueue" + - "_OBJC_CLASS_$_NSNull" + - "_OBJC_CLASS_$_NSNumber" + - "_OBJC_CLASS_$_NSNumberFormatter" + - "_OBJC_CLASS_$_NSObject" + - "_OBJC_CLASS_$_NSOpenGLPixelFormat" + - "_OBJC_CLASS_$_NSOpenGLView" + - "_OBJC_CLASS_$_NSOperationQueue" + - "_OBJC_CLASS_$_NSPipe" + - "_OBJC_CLASS_$_NSPort" + - "_OBJC_CLASS_$_NSPortMessage" + - "_OBJC_CLASS_$_NSPropertyListSerialization" + - "_OBJC_CLASS_$_NSRegularExpression" + - "_OBJC_CLASS_$_NSRunLoop" + - "_OBJC_CLASS_$_NSScreen" + - "_OBJC_CLASS_$_NSSet" + - "_OBJC_CLASS_$_NSSpeechSynthesizer" + - "_OBJC_CLASS_$_NSString" + - "_OBJC_CLASS_$_NSTableView" + - "_OBJC_CLASS_$_NSTask" + - "_OBJC_CLASS_$_NSTextFieldCell" + - "_OBJC_CLASS_$_NSThread" + - "_OBJC_CLASS_$_NSTrackingArea" + - "_OBJC_CLASS_$_NSURL" + - "_OBJC_CLASS_$_NSUserDefaults" + - "_OBJC_CLASS_$_NSUserDefaultsController" + - "_OBJC_CLASS_$_NSValue" + - "_OBJC_CLASS_$_NSWindow" + - "_OBJC_CLASS_$_NSWindowController" + - "_OBJC_CLASS_$_NSWorkspace" + - "_OBJC_METACLASS_$_NSDocument" + - "_OBJC_METACLASS_$_NSImageView" + - "_OBJC_METACLASS_$_NSObject" + - "_OBJC_METACLASS_$_NSOpenGLView" + - "_OBJC_METACLASS_$_NSTableView" + - "_OBJC_METACLASS_$_NSTextFieldCell" + - "_OBJC_METACLASS_$_NSWindow" + - "_OBJC_METACLASS_$_NSWindowController" + - "_SCNetworkReachabilityCreateWithAddress" + - "_SCNetworkReachabilityGetFlags" + - "_SRAddLanguageObject" + - "_SRAddText" + - "_SRCloseRecognitionSystem" + - "_SRCountItems" + - "_SREmptyLanguageObject" + - "_SRGetIndexedItem" + - "_SRGetProperty" + - "_SRNewLanguageModel" + - "_SRNewPath" + - "_SRNewRecognizer" + - "_SROpenRecognitionSystem" + - "_SRReleaseObject" + - "_SRSetLanguageModel" + - "_SRSetProperty" + - "_SRStartListening" + - "_SRStopListening" + - "__Block_copy" + - "__Block_object_assign" + - "__Block_object_dispose" + - "__Block_release" + - "__DefaultRuneLocale" + - "__NSConcreteGlobalBlock" + - "__NSConcreteStackBlock" + - "__Unwind_Resume" + - "__ZdlPv" + - "__Znwm" + - "___CFConstantStringClassReference" + - "___bzero" + - "___cxa_guard_abort" + - "___cxa_guard_acquire" + - "___cxa_guard_release" + - "___error" + - "___gxx_personality_v0" + - "___maskrune" + - "___sincosf_stret" + - "___stack_chk_fail" + - "___stack_chk_guard" + - "___stderrp" + - "___stdinp" + - "___stdoutp" + - "___tolower" + - "___toupper" + - "__dispatch_main_q" + - "__objc_empty_cache" + - "_abort" + - "_arc4random" + - "_atan2f" + - "_atoi" + - "_calloc" + - "_creat" + - "_dispatch_after" + - "_dispatch_apply" + - "_dispatch_async" + - "_dispatch_get_global_queue" + - "_dispatch_once" + - "_dispatch_queue_create" + - "_dispatch_time" + - "_exit" + - "_fclose" + - "_fileno" + - "_fmodf" + - "_fopen" + - "_fprintf" + - "_fputc" + - "_fputs" + - "_free" + - "_funopen" + - "_fwrite" + - "_getenv" + - "_getrlimit" + - "_gettimeofday" + - "_glBegin" + - "_glBindTexture" + - "_glBlendFunc" + - "_glCallList" + - "_glClear" + - "_glClearColor" + - "_glColor3fv" + - "_glColor4f" + - "_glColor4fv" + - "_glColorMask" + - "_glCullFace" + - "_glDeleteTextures" + - "_glDepthMask" + - "_glDisable" + - "_glEnable" + - "_glEnd" + - "_glEndList" + - "_glFlush" + - "_glGenTextures" + - "_glGetDoublev" + - "_glGetFloatv" + - "_glGetIntegerv" + - "_glGetString" + - "_glHint" + - "_glLightModeli" + - "_glLightf" + - "_glLightfv" + - "_glLighti" + - "_glLoadIdentity" + - "_glMaterialf" + - "_glMaterialfv" + - "_glMatrixMode" + - "_glNewList" + - "_glNormal3f" + - "_glPixelStorei" + - "_glPopAttrib" + - "_glPopMatrix" + - "_glPushAttrib" + - "_glPushMatrix" + - "_glReadPixels" + - "_glRotatef" + - "_glScalef" + - "_glShadeModel" + - "_glStencilFunc" + - "_glStencilOp" + - "_glTexCoord2f" + - "_glTexEnvi" + - "_glTexParameterf" + - "_glTexParameteri" + - "_glTranslatef" + - "_glVertex3d" + - "_glVertex3f" + - "_glVertex3fv" + - "_glViewport" + - "_gluBuild2DMipmaps" + - "_gluCylinder" + - "_gluDeleteQuadric" + - "_gluDisk" + - "_gluLookAt" + - "_gluNewQuadric" + - "_gluOrtho2D" + - "_gluPartialDisk" + - "_gluPerspective" + - "_gluProject" + - "_gluQuadricNormals" + - "_gluQuadricOrientation" + - "_gluQuadricTexture" + - "_gluUnProject" + - "_hypotf" + - "_isatty" + - "_ldexpf" + - "_lroundf" + - "_malloc" + - "_memchr" + - "_memcpy" + - "_memset" + - "_objc_alloc" + - "_objc_autorelease" + - "_objc_enumerationMutation" + - "_objc_msgSend" + - "_objc_msgSendSuper2" + - "_objc_msgSend_stret" + - "_objc_release" + - "_objc_retain" + - "_objc_setProperty_nonatomic" + - "_pow" + - "_putenv" + - "_random" + - "_read" + - "_realloc" + - "_setrlimit" + - "_snprintf" + - "_srandom" + - "_strchr" + - "_strcspn" + - "_strlcpy" + - "_strlen" + - "_strspn" + - "_strstr" + - "_usleep" + - "dyld_stub_binder" + - "radr://5614542" +dysymtab: + ilocalsym: 0 + nlocalsym: 1 + iextdefsym: 1 + nextdefsym: 1 + tocoff: 2 + ntoc: 306 + modtaboff: 0 + nmodtab: 0 + extrefsymoff: 0 + nextrefsyms: 0 + indirectsymoff: 0 + nindirectsyms: 0 + extreloff: 269464 + nextrel: 420 + locreloff: 0 + nlocrel: 0 +code_signature_data: + dataoff: 277152 + datasize: 21152 +segments: + - segname: "__PAGEZERO" + vmaddr: 0x0 + vmsize: 0x1000 + fileoff: 0 + filesize: 0 + maxprot: 0x0 + initprot: 0x0 + nsects: 0 + flags: 0x0 + - segname: "__TEXT" + vmaddr: 0x1000 + vmsize: 0x2f000 + fileoff: 0 + filesize: 192512 + maxprot: 0x5 + initprot: 0x5 + nsects: 11 + flags: 0x0 + sections: + - segname: "__TEXT" + sectname: "__text" + addr: 0x2ee0 + size: 0x22755 + offset: 7904 + align: 2 + reloff: 0 + nreloc: 0 + flags: 0x80000400 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__TEXT" + sectname: "__stubs" + addr: 0x25636 + size: 0x46e + offset: 149046 + align: 1 + reloff: 0 + nreloc: 0 + flags: 0x80000408 + reserved1: 0 + reserved2: 6 + reserved3: 0 + - segname: "__TEXT" + sectname: "__stub_helper" + addr: 0x25aa4 + size: 0x75e + offset: 150180 + align: 2 + reloff: 0 + nreloc: 0 + flags: 0x80000400 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__TEXT" + sectname: "__cstring" + addr: 0x26202 + size: 0x1dfa + offset: 152066 + align: 0 + reloff: 0 + nreloc: 0 + flags: 0x2 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__TEXT" + sectname: "__objc_methname" + addr: 0x27ffc + size: 0x4983 + offset: 159740 + align: 0 + reloff: 0 + nreloc: 0 + flags: 0x2 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__TEXT" + sectname: "__const" + addr: 0x2c980 + size: 0x16f6 + offset: 178560 + align: 4 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__TEXT" + sectname: "__objc_classname" + addr: 0x2e076 + size: 0x2eb + offset: 184438 + align: 0 + reloff: 0 + nreloc: 0 + flags: 0x2 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__TEXT" + sectname: "__objc_methtype" + addr: 0x2e361 + size: 0x153e + offset: 185185 + align: 0 + reloff: 0 + nreloc: 0 + flags: 0x2 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__TEXT" + sectname: "__gcc_except_tab" + addr: 0x2f8a0 + size: 0xc + offset: 190624 + align: 2 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__TEXT" + sectname: "__ustring" + addr: 0x2f8ac + size: 0x6 + offset: 190636 + align: 1 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__TEXT" + sectname: "__unwind_info" + addr: 0x2f8b4 + size: 0x740 + offset: 190644 + align: 2 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA_CONST" + vmaddr: 0x30000 + vmsize: 0x4000 + fileoff: 192512 + filesize: 16384 + maxprot: 0x3 + initprot: 0x3 + nsects: 8 + flags: 0x10 + sections: + - segname: "__DATA_CONST" + sectname: "__got" + addr: 0x30000 + size: 0x150 + offset: 192512 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x6 + reserved1: 189 + reserved2: 0 + reserved3: 0 + - segname: "__DATA_CONST" + sectname: "__mod_init_func" + addr: 0x30150 + size: 0x8 + offset: 192848 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x9 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA_CONST" + sectname: "__const" + addr: 0x30160 + size: 0x6d0 + offset: 192864 + align: 4 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA_CONST" + sectname: "__cfstring" + addr: 0x30830 + size: 0x2c00 + offset: 194608 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA_CONST" + sectname: "__objc_classlist" + addr: 0x33430 + size: 0xd8 + offset: 205872 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA_CONST" + sectname: "__objc_catlist" + addr: 0x33508 + size: 0x0 + offset: 206088 + align: 0 + reloff: 0 + nreloc: 0 + flags: 0x10000000 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA_CONST" + sectname: "__objc_protolist" + addr: 0x33508 + size: 0x60 + offset: 206088 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA_CONST" + sectname: "__objc_imageinfo" + addr: 0x33568 + size: 0x8 + offset: 206184 + align: 2 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + vmaddr: 0x34000 + vmsize: 0xb000 + fileoff: 208896 + filesize: 45056 + maxprot: 0x3 + initprot: 0x3 + nsects: 10 + flags: 0x0 + sections: + - segname: "__DATA" + sectname: "__la_symbol_ptr" + addr: 0x34000 + size: 0x5e8 + offset: 208896 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x7 + reserved1: 231 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + sectname: "__objc_const" + addr: 0x345e8 + size: 0x7418 + offset: 210408 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + sectname: "__objc_selrefs" + addr: 0x3ba00 + size: 0x14b8 + offset: 240128 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x10000005 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + sectname: "__objc_classrefs" + addr: 0x3ceb8 + size: 0x238 + offset: 245432 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x10000000 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + sectname: "__objc_superrefs" + addr: 0x3d0f0 + size: 0x90 + offset: 246000 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x10000000 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + sectname: "__objc_ivar" + addr: 0x3d180 + size: 0x638 + offset: 246144 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + sectname: "__objc_data" + addr: 0x3d7b8 + size: 0x870 + offset: 247736 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + sectname: "__data" + addr: 0x3e030 + size: 0x548 + offset: 249904 + align: 4 + reloff: 0 + nreloc: 0 + flags: 0x0 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + sectname: "__bss" + addr: 0x3e580 + size: 0xa0 + offset: 0 + align: 4 + reloff: 0 + nreloc: 0 + flags: 0x1 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__DATA" + sectname: "__common" + addr: 0x3e620 + size: 0xc + offset: 0 + align: 3 + reloff: 0 + nreloc: 0 + flags: 0x1 + reserved1: 0 + reserved2: 0 + reserved3: 0 + - segname: "__LINKEDIT" + vmaddr: 0x3f000 + vmsize: 0xb000 + fileoff: 253952 + filesize: 44352 + maxprot: 0x1 + initprot: 0x1 + nsects: 0 + flags: 0x0 +dylibs: + - name: "/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "1061.140.1" + - name: "/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "150.0.0" + current_version: "1677.103.0" + - name: "/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "45.0.0" + current_version: "1894.60.100" + - name: "/System/Library/Frameworks/GameKit.framework/Versions/A/GameKit" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "665.26.0" + - name: "/System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "23.0.0" + - name: "/System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "1.0.0" + - name: "/System/Library/Frameworks/Carbon.framework/Versions/A/Carbon" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "2.0.0" + current_version: "162.0.0" + - name: "/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "300.0.0" + current_version: "1677.103.0" + - name: "/usr/lib/libobjc.A.dylib" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "228.0.0" + - name: "/usr/lib/libc++.1.dylib" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "902.1.0" + - name: "/usr/lib/libSystem.B.dylib" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "1281.100.1" + - name: "/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "52.0.0" + - name: "/System/Library/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "64.0.0" + current_version: "1355.20.0" + - name: "/System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "1069.24.0" + - name: "/System/Library/Frameworks/ImageIO.framework/Versions/A/ImageIO" + timestamp: 2 # 1970-01-01 00:00:02 UTC + compatibility_version: "1.0.0" + current_version: "1.0.0" +dyld_info: + rebase_off: 253952 + rebase_size: 1312 + bind_off: 255264 + bind_size: 4104 + weak_bind_off: 259368 + weak_bind_size: 48 + lazy_bind_off: 259416 + lazy_bind_size: 4040 + export_off: 263456 + export_size: 32 +entitlements: + - "com.apple.developer.game-center" + - "com.apple.private.tcc.allow" + - "com.apple.security.app-sandbox" + - "com.apple.security.device.microphone" + - "com.apple.security.files.user-selected.read-write" + - "com.apple.security.network.client" +certificates: + common_names: + - "Apple Code Signing Certification Authority" + - "Apple Root CA" + - "Software Signing" + signer_names: + - "CN=Apple Code Signing Certification Authority, OU=Apple Certification Authority, O=Apple Inc., C=US" +uuid: "18455A71-F835-3D0F-8F7C-215BF86BC7AF" +build_version: + platform: 1 + minos: "10.15.0" + sdk: "10.15.6" + ntools: 1 + tools: + - tool: 3 + version: "556.4" \ No newline at end of file diff --git a/lib/src/modules/macho/tests/testdata/edf47dd000b9fdf4519fb61c28d329a5bf085619bbde2c4146b0cc00ebad21c8.out b/lib/src/modules/macho/tests/testdata/edf47dd000b9fdf4519fb61c28d329a5bf085619bbde2c4146b0cc00ebad21c8.out index 7ecbc278d..156c0e6b9 100644 --- a/lib/src/modules/macho/tests/testdata/edf47dd000b9fdf4519fb61c28d329a5bf085619bbde2c4146b0cc00ebad21c8.out +++ b/lib/src/modules/macho/tests/testdata/edf47dd000b9fdf4519fb61c28d329a5bf085619bbde2c4146b0cc00ebad21c8.out @@ -7,6 +7,11 @@ sizeofcmds: 11416 flags: 0x2918085 reserved: 0 number_of_segments: 5 +symtab: + symoff: 19727320 + nsyms: 18093 + stroff: 20062220 + strsize: 950608 dysymtab: ilocalsym: 0 nlocalsym: 22 @@ -719,4 +724,13 @@ rpaths: - "/usr/lib/swift" - "@executable_path/Frameworks" - "@executable_path/Frameworks" - - "@loader_path/Frameworks" \ No newline at end of file + - "@loader_path/Frameworks" +uuid: "4C4C44DB-5555-3144-A11B-748AE9A63886" +build_version: + platform: 2 + minos: "13.4.0" + sdk: "17.0.0" + ntools: 1 + tools: + - tool: 3 + version: "16.0" \ No newline at end of file diff --git a/lib/src/modules/macho/tests/testdata/macho_ppc_file.out b/lib/src/modules/macho/tests/testdata/macho_ppc_file.out index bf22f456c..5976983b4 100644 --- a/lib/src/modules/macho/tests/testdata/macho_ppc_file.out +++ b/lib/src/modules/macho/tests/testdata/macho_ppc_file.out @@ -8,6 +8,11 @@ flags: 0x85 number_of_segments: 4 dynamic_linker: "/usr/lib/dyld" entry_point: 3768 +symtab: + symoff: 65536 + nsyms: 2367 + stroff: 95048 + strsize: 16520 dysymtab: ilocalsym: 0 nlocalsym: 2170 diff --git a/lib/src/modules/macho/tests/testdata/macho_x86_64_dylib_file.out b/lib/src/modules/macho/tests/testdata/macho_x86_64_dylib_file.out index d9e3c5f80..3ba616be1 100644 --- a/lib/src/modules/macho/tests/testdata/macho_x86_64_dylib_file.out +++ b/lib/src/modules/macho/tests/testdata/macho_x86_64_dylib_file.out @@ -8,6 +8,11 @@ flags: 0x100085 reserved: 1 number_of_segments: 2 source_version: "0.0.0.0.0" +symtab: + symoff: 4152 + nsyms: 2 + stroff: 4184 + strsize: 40 dysymtab: ilocalsym: 0 nlocalsym: 0 @@ -89,4 +94,20 @@ dylibs: - name: "/usr/lib/libSystem.B.dylib" timestamp: 2 # 1970-01-01 00:00:02 UTC compatibility_version: "1.0.0" - current_version: "1213.0.0" \ No newline at end of file + current_version: "1213.0.0" +dyld_info: + rebase_off: 0 + rebase_size: 0 + bind_off: 0 + bind_size: 0 + weak_bind_off: 0 + weak_bind_size: 0 + lazy_bind_off: 0 + lazy_bind_size: 0 + export_off: 4096 + export_size: 24 +uuid: "8C904612-6253-3FA1-B8D2-D5829848A8FC" +min_version: + device: MACOSX + version: "10.9.0" + sdk: "10.10.0" \ No newline at end of file diff --git a/lib/src/modules/macho/tests/testdata/macho_x86_file.out b/lib/src/modules/macho/tests/testdata/macho_x86_file.out index 62ae12055..48aebe4d3 100644 --- a/lib/src/modules/macho/tests/testdata/macho_x86_file.out +++ b/lib/src/modules/macho/tests/testdata/macho_x86_file.out @@ -10,6 +10,11 @@ dynamic_linker: "/usr/lib/dyld" entry_point: 3728 stack_size: 0 source_version: "0.0.0.0.0" +symtab: + symoff: 8328 + nsyms: 5 + stroff: 8412 + strsize: 60 dysymtab: ilocalsym: 0 nlocalsym: 0 @@ -148,5 +153,21 @@ dylibs: timestamp: 2 # 1970-01-01 00:00:02 UTC compatibility_version: "1.0.0" current_version: "1213.0.0" +dyld_info: + rebase_off: 8192 + rebase_size: 16 + bind_off: 8208 + bind_size: 24 + weak_bind_off: 0 + weak_bind_size: 0 + lazy_bind_off: 8232 + lazy_bind_size: 28 + export_off: 8260 + export_size: 44 rpaths: - - "@loader_path/../Frameworks" \ No newline at end of file + - "@loader_path/../Frameworks" +uuid: "5FB5950F-4025-3D4F-A8FB-9648C1740790" +min_version: + device: MACOSX + version: "10.9.0" + sdk: "10.10.0" \ No newline at end of file diff --git a/lib/src/modules/macho/tests/testdata/macho_x86_object_file.out b/lib/src/modules/macho/tests/testdata/macho_x86_object_file.out index 2072f0851..6847a0c38 100644 --- a/lib/src/modules/macho/tests/testdata/macho_x86_object_file.out +++ b/lib/src/modules/macho/tests/testdata/macho_x86_object_file.out @@ -6,6 +6,13 @@ ncmds: 3 sizeofcmds: 228 flags: 0x2000 number_of_segments: 1 +symtab: + symoff: 328 + nsyms: 1 + stroff: 340 + strsize: 16 + entries: + - "__Z9factoriali" dysymtab: ilocalsym: 0 nlocalsym: 0 diff --git a/lib/src/modules/macho/tests/testdata/tiny_universal.out b/lib/src/modules/macho/tests/testdata/tiny_universal.out index 09f2b9845..8c6dff5d1 100644 --- a/lib/src/modules/macho/tests/testdata/tiny_universal.out +++ b/lib/src/modules/macho/tests/testdata/tiny_universal.out @@ -147,6 +147,18 @@ file: timestamp: 2 # 1970-01-01 00:00:02 UTC compatibility_version: "1.0.0" current_version: "1213.0.0" + symtab: + symoff: 8344 + nsyms: 6 + stroff: 8440 + strsize: 72 + entries: + - "__mh_execute_header" + - "_factorial" + - "_main" + - "_printf" + - "_scanf" + - "dyld_stub_binder" dysymtab: ilocalsym: 0 nlocalsym: 0 @@ -164,6 +176,22 @@ file: nextrel: 6 locreloff: 0 nlocrel: 0 + dyld_info: + rebase_off: 8192 + rebase_size: 16 + bind_off: 8208 + bind_size: 24 + weak_bind_off: 0 + weak_bind_size: 0 + lazy_bind_off: 8232 + lazy_bind_size: 28 + export_off: 8260 + export_size: 60 + uuid: "0443555D-A992-3B9E-8BCE-5D9FC8BAC0E9" + min_version: + device: MACOSX + version: "10.9.0" + sdk: "10.10.0" - magic: 0xcffaedfe cputype: 0x1000007 cpusubtype: 0x80000003 @@ -317,6 +345,18 @@ file: timestamp: 2 # 1970-01-01 00:00:02 UTC compatibility_version: "1.0.0" current_version: "1213.0.0" + symtab: + symoff: 8352 + nsyms: 6 + stroff: 8472 + strsize: 72 + entries: + - "__mh_execute_header" + - "_factorial" + - "_main" + - "_printf" + - "_scanf" + - "dyld_stub_binder" dysymtab: ilocalsym: 0 nlocalsym: 0 @@ -333,4 +373,20 @@ file: extreloff: 8448 nextrel: 6 locreloff: 0 - nlocrel: 0 \ No newline at end of file + nlocrel: 0 + dyld_info: + rebase_off: 8192 + rebase_size: 8 + bind_off: 8200 + bind_size: 24 + weak_bind_off: 0 + weak_bind_size: 0 + lazy_bind_off: 8224 + lazy_bind_size: 32 + export_off: 8256 + export_size: 64 + uuid: "57199705-E3C0-352D-BBE8-3990B1A732B7" + min_version: + device: MACOSX + version: "10.9.0" + sdk: "10.10.0" \ No newline at end of file diff --git a/lib/src/modules/protos/macho.proto b/lib/src/modules/protos/macho.proto index 886784349..e1bf29739 100644 --- a/lib/src/modules/protos/macho.proto +++ b/lib/src/modules/protos/macho.proto @@ -11,6 +11,35 @@ option (yara.module_options) = { cargo_feature: "macho-module" }; +message MinVersion { + optional DEVICE_TYPE device = 1; + optional string version = 2; + optional string sdk = 3; +} + +message BuildVersion { + optional uint32 platform = 1; + optional string minos = 2; + optional string sdk = 3; + optional uint32 ntools = 4; + repeated BuildTool tools = 5; +} + +message BuildTool { + optional uint32 tool = 1; + optional string version = 2; +} + +message LinkedItData { + optional uint32 dataoff = 1; + optional uint32 datasize = 2; +} + +message Certificates { + repeated string common_names = 1; + repeated string signer_names = 2; +} + message Dylib { optional bytes name = 1; optional uint32 timestamp = 2 [(yaml.field).fmt = "t"]; @@ -18,6 +47,27 @@ message Dylib { optional string current_version = 4; } +message DyldInfo { + optional uint32 rebase_off = 1; + optional uint32 rebase_size = 2; + optional uint32 bind_off = 3; + optional uint32 bind_size = 4; + optional uint32 weak_bind_off = 5; + optional uint32 weak_bind_size = 6; + optional uint32 lazy_bind_off = 7; + optional uint32 lazy_bind_size = 8; + optional uint32 export_off = 9; + optional uint32 export_size = 10; +} + +message Symtab { + optional uint32 symoff = 1; + optional uint32 nsyms = 2; + optional uint32 stroff = 3; + optional uint32 strsize = 4; + repeated bytes entries = 5; +} + message Dysymtab { optional uint32 ilocalsym = 3; optional uint32 nlocalsym = 4; @@ -93,7 +143,15 @@ message File { repeated Segment segments = 14; repeated Dylib dylibs = 15; repeated bytes rpaths = 16; - optional Dysymtab dysymtab = 17; + repeated string entitlements = 17; + optional Symtab symtab = 18; + optional Dysymtab dysymtab = 19; + optional DyldInfo dyld_info = 20; + optional LinkedItData code_signature_data = 21; + optional Certificates certificates = 22; + optional string uuid = 23; + optional BuildVersion build_version = 24; + optional MinVersion min_version = 25; } message Macho { @@ -111,18 +169,27 @@ message Macho { optional uint64 entry_point = 11; optional uint64 stack_size = 12; optional string source_version = 13; - optional Dysymtab dysymtab = 14; - repeated Segment segments = 15; - repeated Dylib dylibs = 16; - repeated bytes rpaths = 17; + optional Symtab symtab = 14; + optional Dysymtab dysymtab = 15; + optional LinkedItData code_signature_data = 16; + repeated Segment segments = 17; + repeated Dylib dylibs = 18; + optional DyldInfo dyld_info = 19; + repeated bytes rpaths = 20; + repeated string entitlements = 21; + optional Certificates certificates = 22; + optional string uuid = 23; + optional BuildVersion build_version = 24; + optional MinVersion min_version = 25; + // Add fields for Mach-O fat binary header - optional uint32 fat_magic = 18 [(yaml.field).fmt = "x"]; - optional uint32 nfat_arch = 19; - repeated FatArch fat_arch = 20; + optional uint32 fat_magic = 26 [(yaml.field).fmt = "x"]; + optional uint32 nfat_arch = 27; + repeated FatArch fat_arch = 28; // Nested Mach-O files - repeated File file = 21; + repeated File file = 29; } enum HEADER { @@ -354,3 +421,11 @@ enum SECTION_ATTRIBUTES { S_ATTR_EXT_RELOC = 0x00000200; S_ATTR_LOC_RELOC = 0x00000100; } + +enum DEVICE_TYPE { + option (yara.enum_options).inline = true; + MACOSX = 0x00000024; + IPHONEOS = 0x00000025; + TVOS = 0x0000002f; + WATCHOS = 0x00000030; +} \ No newline at end of file diff --git a/lib/src/wasm/builder.rs b/lib/src/wasm/builder.rs index e14f008b2..845fe5e08 100644 --- a/lib/src/wasm/builder.rs +++ b/lib/src/wasm/builder.rs @@ -470,38 +470,38 @@ mod tests { assert_eq!( text, r#"(module - (func (;163;) (type 1) (result i32) + (func (;164;) (type 1) (result i32) i32.const 0 global.set 2 i32.const 0 global.set 3 - call 164 call 165 + call 166 global.get 3 ) - (func (;164;) (type 0) - block ;; label = @1 - call 166 - end + (func (;165;) (type 0) block ;; label = @1 call 167 end - ) - (func (;165;) (type 0) block ;; label = @1 call 168 end ) (func (;166;) (type 0) - i32.const 4 + block ;; label = @1 + call 169 + end ) (func (;167;) (type 0) - i32.const 5 + i32.const 4 ) (func (;168;) (type 0) + i32.const 5 + ) + (func (;169;) (type 0) i32.const 6 ) - (export "main" (func 163)) + (export "main" (func 164)) )"# ); }