2018-01-04 08:39:54 +01:00
|
|
|
// Copyright 2018 Google Inc. All rights reserved.
|
|
|
|
|
//
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
//
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
//
|
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
2018-10-15 09:35:59 +02:00
|
|
|
package symbol_inject
|
2018-01-04 08:39:54 +01:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"debug/macho"
|
2022-10-27 18:56:20 +02:00
|
|
|
"encoding/binary"
|
2018-01-04 08:39:54 +01:00
|
|
|
"fmt"
|
|
|
|
|
"io"
|
2022-10-27 18:56:20 +02:00
|
|
|
"os"
|
2022-09-01 01:23:43 +02:00
|
|
|
"os/exec"
|
2022-10-27 18:56:20 +02:00
|
|
|
"path/filepath"
|
2018-02-24 07:43:24 +01:00
|
|
|
"sort"
|
2018-03-01 20:20:25 +01:00
|
|
|
"strings"
|
2018-01-04 08:39:54 +01:00
|
|
|
)
|
|
|
|
|
|
2018-03-01 20:20:25 +01:00
|
|
|
func machoSymbolsFromFile(r io.ReaderAt) (*File, error) {
|
2018-01-04 08:39:54 +01:00
|
|
|
machoFile, err := macho.NewFile(r)
|
|
|
|
|
if err != nil {
|
2018-03-01 20:20:25 +01:00
|
|
|
return nil, cantParseError{err}
|
2018-01-04 08:39:54 +01:00
|
|
|
}
|
|
|
|
|
|
2018-03-01 20:20:25 +01:00
|
|
|
return extractMachoSymbols(machoFile)
|
|
|
|
|
}
|
2018-01-04 08:39:54 +01:00
|
|
|
|
2018-03-01 20:20:25 +01:00
|
|
|
func extractMachoSymbols(machoFile *macho.File) (*File, error) {
|
2018-02-24 07:43:24 +01:00
|
|
|
symbols := machoFile.Symtab.Syms
|
2018-03-01 20:20:25 +01:00
|
|
|
sort.SliceStable(symbols, func(i, j int) bool {
|
2018-02-24 07:43:24 +01:00
|
|
|
if symbols[i].Sect != symbols[j].Sect {
|
|
|
|
|
return symbols[i].Sect < symbols[j].Sect
|
|
|
|
|
}
|
|
|
|
|
return symbols[i].Value < symbols[j].Value
|
|
|
|
|
})
|
|
|
|
|
|
2022-09-01 01:23:43 +02:00
|
|
|
file := &File{IsMachoFile: true}
|
2018-03-01 20:20:25 +01:00
|
|
|
|
|
|
|
|
for _, section := range machoFile.Sections {
|
|
|
|
|
file.Sections = append(file.Sections, &Section{
|
|
|
|
|
Name: section.Name,
|
|
|
|
|
Addr: section.Addr,
|
|
|
|
|
Offset: uint64(section.Offset),
|
|
|
|
|
Size: section.Size,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-28 22:05:39 +01:00
|
|
|
for _, symbol := range symbols {
|
2018-03-01 20:20:25 +01:00
|
|
|
if symbol.Sect > 0 {
|
|
|
|
|
section := file.Sections[symbol.Sect-1]
|
|
|
|
|
file.Symbols = append(file.Symbols, &Symbol{
|
|
|
|
|
// symbols in macho files seem to be prefixed with an underscore
|
|
|
|
|
Name: strings.TrimPrefix(symbol.Name, "_"),
|
|
|
|
|
// MachO symbol value is virtual address of the symbol, convert it to offset into the section.
|
|
|
|
|
Addr: symbol.Value - section.Addr,
|
|
|
|
|
// MachO symbols don't have size information.
|
|
|
|
|
Size: 0,
|
|
|
|
|
Section: section,
|
2018-02-28 22:05:39 +01:00
|
|
|
})
|
2018-03-01 20:20:25 +01:00
|
|
|
}
|
|
|
|
|
}
|
2018-02-28 22:05:39 +01:00
|
|
|
|
2018-03-01 20:20:25 +01:00
|
|
|
return file, nil
|
|
|
|
|
}
|
2018-02-28 22:05:39 +01:00
|
|
|
|
2018-03-01 20:20:25 +01:00
|
|
|
func dumpMachoSymbols(r io.ReaderAt) error {
|
|
|
|
|
machoFile, err := macho.NewFile(r)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return cantParseError{err}
|
|
|
|
|
}
|
2018-01-04 08:39:54 +01:00
|
|
|
|
2018-03-01 20:20:25 +01:00
|
|
|
fmt.Println("&macho.File{")
|
2018-01-04 08:39:54 +01:00
|
|
|
|
2018-03-01 20:20:25 +01:00
|
|
|
fmt.Println("\tSections: []*macho.Section{")
|
|
|
|
|
for _, section := range machoFile.Sections {
|
|
|
|
|
fmt.Printf("\t\t&macho.Section{SectionHeader: %#v},\n", section.SectionHeader)
|
|
|
|
|
}
|
|
|
|
|
fmt.Println("\t},")
|
2018-01-04 08:39:54 +01:00
|
|
|
|
2018-03-01 20:20:25 +01:00
|
|
|
fmt.Println("\tSymtab: &macho.Symtab{")
|
|
|
|
|
fmt.Println("\t\tSyms: []macho.Symbol{")
|
|
|
|
|
for _, symbol := range machoFile.Symtab.Syms {
|
|
|
|
|
fmt.Printf("\t\t\t%#v,\n", symbol)
|
2018-01-04 08:39:54 +01:00
|
|
|
}
|
2018-03-01 20:20:25 +01:00
|
|
|
fmt.Println("\t\t},")
|
|
|
|
|
fmt.Println("\t},")
|
|
|
|
|
|
|
|
|
|
fmt.Println("}")
|
2018-01-04 08:39:54 +01:00
|
|
|
|
2018-03-01 20:20:25 +01:00
|
|
|
return nil
|
2018-01-04 08:39:54 +01:00
|
|
|
}
|
2022-09-01 01:23:43 +02:00
|
|
|
|
|
|
|
|
func CodeSignMachoFile(path string) error {
|
2022-10-27 18:56:20 +02:00
|
|
|
filename := filepath.Base(path)
|
|
|
|
|
cmd := exec.Command("/usr/bin/codesign", "--force", "-s", "-", "-i", filename, path)
|
|
|
|
|
if err := cmd.Run(); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return modifyCodeSignFlags(path)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const LC_CODE_SIGNATURE = 0x1d
|
|
|
|
|
const CSSLOT_CODEDIRECTORY = 0
|
|
|
|
|
|
|
|
|
|
// To make codesign not invalidated by stripping, modify codesign flags to 0x20002
|
|
|
|
|
// (adhoc | linkerSigned).
|
|
|
|
|
func modifyCodeSignFlags(path string) error {
|
|
|
|
|
f, err := os.OpenFile(path, os.O_RDWR, 0)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
defer f.Close()
|
|
|
|
|
|
|
|
|
|
// Step 1: find code signature section.
|
|
|
|
|
machoFile, err := macho.NewFile(f)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
var codeSignSectionOffset uint32 = 0
|
|
|
|
|
var codeSignSectionSize uint32 = 0
|
|
|
|
|
for _, l := range machoFile.Loads {
|
|
|
|
|
data := l.Raw()
|
|
|
|
|
cmd := machoFile.ByteOrder.Uint32(data)
|
|
|
|
|
if cmd == LC_CODE_SIGNATURE {
|
|
|
|
|
codeSignSectionOffset = machoFile.ByteOrder.Uint32(data[8:])
|
|
|
|
|
codeSignSectionSize = machoFile.ByteOrder.Uint32(data[12:])
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if codeSignSectionOffset == 0 {
|
|
|
|
|
return fmt.Errorf("code signature section not found")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
data := make([]byte, codeSignSectionSize)
|
|
|
|
|
_, err = f.ReadAt(data, int64(codeSignSectionOffset))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Step 2: get flags offset.
|
|
|
|
|
blobCount := binary.BigEndian.Uint32(data[8:])
|
|
|
|
|
off := 12
|
|
|
|
|
var codeDirectoryOff uint32 = 0
|
|
|
|
|
for blobCount > 0 {
|
|
|
|
|
blobType := binary.BigEndian.Uint32(data[off:])
|
|
|
|
|
if blobType == CSSLOT_CODEDIRECTORY {
|
|
|
|
|
codeDirectoryOff = binary.BigEndian.Uint32(data[off+4:])
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
blobCount--
|
|
|
|
|
off += 8
|
|
|
|
|
}
|
|
|
|
|
if codeDirectoryOff == 0 {
|
|
|
|
|
return fmt.Errorf("no code directory in code signature section")
|
|
|
|
|
}
|
|
|
|
|
flagsOff := codeSignSectionOffset + codeDirectoryOff + 12
|
|
|
|
|
|
|
|
|
|
// Step 3: modify flags.
|
|
|
|
|
flagsData := make([]byte, 4)
|
|
|
|
|
_, err = f.ReadAt(flagsData, int64(flagsOff))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
oldFlags := binary.BigEndian.Uint32(flagsData)
|
|
|
|
|
if oldFlags != 0x2 {
|
|
|
|
|
return fmt.Errorf("unexpected flags in code signature section: 0x%x", oldFlags)
|
|
|
|
|
}
|
|
|
|
|
binary.BigEndian.PutUint32(flagsData, 0x20002)
|
|
|
|
|
_, err = f.WriteAt(flagsData, int64(flagsOff))
|
|
|
|
|
return err
|
2022-09-01 01:23:43 +02:00
|
|
|
}
|
