Add support for Malbolge disasm and analysis

radareorg · Jan 28, 2014 · 9825896 · 9825896
1 parent ce1a46b
commit 9825896
Show file tree

Hide file tree

Showing 10 changed files with 148 additions and 2 deletions.
diff --git a/doc/fortunes b/doc/fortunes
@@ -199,3 +199,4 @@ This is an unacceptable milion year dungeon.
 The Hard ROP Cafe
 Please remove pregnant women, pregnant children and pregnant pets from the monitor
 Fill the bug. Fill it with love. With the creamy and hot sauce of love.
+If you need to escape from hell, 'e asm.arch = malbolge' might help you
diff --git a/libr/anal/p/Makefile b/libr/anal/p/Makefile
@@ -10,7 +10,7 @@ all: ${ALL_TARGETS} ;
 
 ALL_TARGETS=
 # TODO: rename to enabled plugins
-ARCHS=x86_udis.mk ppc.mk arm.mk avr.mk csr.mk dalvik.mk sh.mk ebc.mk gb.mk
+ARCHS=x86_udis.mk ppc.mk arm.mk avr.mk csr.mk dalvik.mk sh.mk ebc.mk gb.mk malbolge.mk
 include $(ARCHS)
 
 clean:

diff --git a/libr/anal/p/anal_malbolge.c b/libr/anal/p/anal_malbolge.c
@@ -0,0 +1,61 @@
+#include <r_anal.h>
+#include <r_types.h>
+#include <r_lib.h>
+
+static int mal_anal(RAnal *anal, RAnalOp *op, ut64 addr, const ut8 *data, int len)
+{
+	memset(op, '\0', sizeof(RAnalOp));
+	if(len) {
+		switch ((data[0]+addr)%94) {
+			case 4:
+				op->type = R_ANAL_OP_TYPE_UJMP;
+				break;
+			case 5:
+			case 23:
+				op->type = R_ANAL_OP_TYPE_IO;
+				break;
+			case 39:
+				op->type = R_ANAL_OP_TYPE_ROR;
+//				op->type2 = R_ANAL_OP_TYPE_LOAD;
+				break;
+			case 40:
+				op->type = R_ANAL_OP_TYPE_LOAD;
+				break;
+			case 62:
+				op->type = R_ANAL_OP_TYPE_XOR;
+//				op->type2 = R_ANAL_OP_TYPE_LOAD;
+				break;
+			case 81:
+				op->type = R_ANAL_OP_TYPE_TRAP;
+				break;
+			default:
+				op->type = R_ANAL_OP_TYPE_NOP;
+		}
+		return op->size = 1;
+	}
+	return R_FALSE;
+}
+
+struct r_anal_plugin_t r_anal_plugin_malbolge = {
+	.name = "malbolge",
+	.desc = "Malbolge analysis plugin",
+	.arch = R_SYS_ARCH_BF,
+	.license = "LGPL3",
+	.bits = 32,
+	.init = NULL,
+	.fini = NULL,
+	.op = &mal_anal,
+	.set_reg_profile = NULL,
+	.fingerprint_bb = NULL,
+	.fingerprint_fcn = NULL,
+	.diff_bb = NULL,
+	.diff_fcn = NULL,
+	.diff_eval = NULL
+};
+
+#ifndef CORELIB
+struct r_lib_struct_t radare_plugin = {
+	.type = R_LIB_TYPE_ANAL,
+	.data = &r_anal_plugin_malbolge
+};
+#endif
diff --git a/libr/anal/p/malbolge.mk b/libr/anal/p/malbolge.mk
@@ -0,0 +1,9 @@
+OBJ_MALBOLGE=anal_malbolge.o
+
+STATIC_OBJ+=${OBJ_MALBOLGE}
+TARGET_MALBOLGE=anal_malbolge.${EXT_SO}
+
+ALL_TARGETS+=${TARGET_MALBOLGE}
+
+${TARGET_MALBOLGE}: ${OBJ_MALBOLGE}
+	${CC} $(call libname,anal_malbolge) ${LDFLAGS} ${CFLAGS} -o anal_malbolge.${EXT_SO} ${OBJ_MALBOLGE}
diff --git a/libr/asm/p/Makefile b/libr/asm/p/Makefile
@@ -13,7 +13,7 @@ ALL_TARGETS=
 # TODO: rename to enabled plugins
 ARCHS=mips.mk sparc.mk java.mk bf.mk arm.mk dalvik.mk x86_as.mk x86_nz.mk
 ARCHS+=ppc.mk x86_olly.mk x86.mk csr.mk x86_nasm.mk psosvm.mk avr.mk
-ARCHS+=msil.mk sh.mk arm_winedbg.mk c55plus.mk gb.mk snes.mk ebc.mk
+ARCHS+=msil.mk sh.mk arm_winedbg.mk c55plus.mk gb.mk snes.mk ebc.mk malbolge.mk
 include $(ARCHS)
 
 all: ${ALL_TARGETS}

diff --git a/libr/asm/p/asm_malbolge.c b/libr/asm/p/asm_malbolge.c
@@ -0,0 +1,62 @@
+#include <r_asm.h>
+#include <r_types.h>
+#include <r_lib.h>
+#include <string.h>
+
+static int mal_dis(RAsmOp *op, ut64 c, ut8 *buf, ut64 len)
+{
+	if(len) {
+		switch ((buf[0]+c)%94) {
+			case 4:
+				sprintf(op->buf_asm, "jmp [d]");
+				break;
+			case 5:
+				sprintf(op->buf_asm, "out a");
+				break;
+			case 23:
+				sprintf(op->buf_asm, "in a");
+				break;
+			case 39:
+				sprintf(op->buf_asm, "rotr [d],\tmov a, [d]");
+				break;
+			case 40:
+				sprintf(op->buf_asm, "mov d, [d]");
+				break;
+			case 62:
+				sprintf(op->buf_asm, "crz [d], a,\tmov a, [d]");
+				break;
+			case 81:
+				sprintf(op->buf_asm, "end");
+				break;
+			default:
+				sprintf(op->buf_asm, "nop");
+		}
+		return R_TRUE;
+	}
+	return R_FALSE;
+}
+
+static int disassemble(RAsm *a, RAsmOp *op, const ut8 *buf, ut64 len)
+{
+	return op->size = mal_dis(op, a->pc, buf, len);
+}
+
+
+RAsmPlugin r_asm_plugin_malbolge = {
+	.name = "malbolge",
+	.desc = "Malbolge disassembler plugin",
+	.arch = "malbolge",
+	.license = "LGPL3",
+	.bits = 32,
+	.init = NULL,
+	.fini = NULL,
+	.disassemble = &disassemble,
+	.assemble = NULL,
+};
+
+#ifndef CORELIB
+struct r_lib_struct_t radare_plugin = {
+	.type = R_LIB_TYPE_ASM,
+	.data = &r_asm_plugin_malbolge
+};
+#endif
diff --git a/libr/asm/p/malbolge.mk b/libr/asm/p/malbolge.mk
@@ -0,0 +1,9 @@
+OBJ_MALBOLGE=asm_malbolge.o
+
+STATIC_OBJ+=${OBJ_MALBOLGE}
+TARGET_MALBOLGE=asm_malbolge.${EXT_SO}
+
+ALL_TARGETS+=${TARGET_MALBOLGE}
+
+${TARGET_MALBOLGE}: ${OBJ_MALBOLGE}
+	${CC} ${call libname,asm_malbolge} ${CFLAGS} -o ${TARGET_MALBOLGE} ${OBJ_MALBOLGE}
diff --git a/libr/include/r_anal.h b/libr/include/r_anal.h
@@ -1114,6 +1114,7 @@ extern RAnalPlugin r_anal_plugin_arc;
 extern RAnalPlugin r_anal_plugin_ebc;
 extern RAnalPlugin r_anal_plugin_gb;
 extern RAnalPlugin r_anal_plugin_nios2;
+extern RAnalPlugin r_anal_plugin_malbolge;
 
 #ifdef __cplusplus
 }

diff --git a/libr/include/r_asm.h b/libr/include/r_asm.h
@@ -186,6 +186,7 @@ extern RAsmPlugin r_asm_plugin_gb;
 extern RAsmPlugin r_asm_plugin_snes;
 extern RAsmPlugin r_asm_plugin_ebc;
 extern RAsmPlugin r_asm_plugin_nios2;
+extern RAsmPlugin r_asm_plugin_malbolge;
 #endif
 
 #ifdef __cplusplus

diff --git a/plugins.def.cfg b/plugins.def.cfg
@@ -33,6 +33,7 @@ asm.c55plus
 asm.gb
 asm.snes
 asm.ebc
+asm.malbolge
 anal.sh
 anal.x86_udis
 anal.z80
@@ -53,6 +54,7 @@ anal.ppc
 anal.sparc
 anal.ebc
 anal.gb
+anal.malbolge
 bin.any
 bin.bios
 bin.bf