]>
Commit | Line | Data |
---|---|---|
d6511d55 AM |
1 | #!/bin/sh |
2 | # Quick and dirty, but inefficient shellscript that | |
3 | # turns all memcpy calls into memmove calls | |
4 | # From Ray Strode | |
5 | ||
6 | set -e | |
7 | ||
8 | INPUT="$1" | |
9 | ||
10 | MEMCPY=0x$(objdump -S -j .plt $INPUT | grep memcpy |awk '{ print $1 }') | |
11 | [ $MEMCPY = "0x" ] && echo "Can't find memcpy call in $INPUT PLT" 1>&2 && exit 1 | |
12 | ||
13 | MEMMOVE=0x$(objdump -S -j .plt $INPUT | grep memmove |awk '{ print $1 }') | |
14 | [ $MEMMOVE = "0x" ] && echo "Can't find memmove call in $INPUT PLT" 1>&2 && exit 2 | |
15 | ||
16 | DELTA=$(($MEMMOVE - $MEMCPY)) | |
17 | MEMCPY="$(printf '%x' $MEMCPY)" | |
18 | ||
19 | TEMP_OUTPUT="$(mktemp)" | |
20 | trap "rm -f $TEMP_OUTPUT" ERR | |
21 | ||
22 | cp $INPUT $TEMP_OUTPUT | |
23 | objdump -S -j .text $INPUT | while read offset e8 byte1 byte2 byte3 byte4 call call_offset rest; do | |
24 | test "$call_offset" = "$MEMCPY" || continue; | |
25 | ||
26 | OFFSET=$(printf "0x%x" $((0x${offset%:} + 1))) | |
27 | NUMBER="0x${byte4}${byte3}${byte2}${byte1}" | |
28 | echo -n "Changing call at offset $OFFSET from [${byte1} ${byte2} ${byte3} ${byte4}]" | |
29 | NUMBER=$(printf "0x%08x" $(($NUMBER + $DELTA))) | |
30 | ||
31 | BYTE1=$(printf "%02x" $((($NUMBER >> 24) & 0xff))) | |
32 | BYTE2=$(printf "%02x" $((($NUMBER >> 16) & 0xff))) | |
33 | BYTE3=$(printf "%02x" $((($NUMBER >> 8) & 0xff))) | |
34 | BYTE4=$(printf "%02x" $((($NUMBER >> 0) & 0xff))) | |
35 | ||
36 | echo " to [${BYTE4} ${BYTE3} ${BYTE2} ${BYTE1}]" | |
37 | echo -ne "\x$BYTE4\x$BYTE3\x$BYTE2\x$BYTE1" | dd of=$TEMP_OUTPUT bs=1 seek=$(($OFFSET)) count=4 conv=notrunc 2> /dev/null | |
38 | done | |
39 | ||
40 | mv $TEMP_OUTPUT $INPUT |