From 099f1e8222109bf7397eff6da0c511a07906c9cd Mon Sep 17 00:00:00 2001
From: Christoph Egger <Christoph.Egger@fau.de>
Date: Fri, 13 Mar 2015 14:51:29 +0100
Subject: [PATCH] Basic MachO Support

Currently has no way to find the Entrypoint. Doesn't seem to be too easy
-- we probably need to get it out of the cpu_thread_state struct from
the thread_command in the MachO header.
---
 src/disassembler/llvm/LLVMDisassembler.cxx | 49 ++++++++++++++++++----
 src/disassembler/llvm/LLVMDisassembler.hxx |  1 +
 src/disassembler/llvm/include_llvm.hxx     |  1 +
 3 files changed, 43 insertions(+), 8 deletions(-)

diff --git a/src/disassembler/llvm/LLVMDisassembler.cxx b/src/disassembler/llvm/LLVMDisassembler.cxx
index 96418d8..21766bb 100644
--- a/src/disassembler/llvm/LLVMDisassembler.cxx
+++ b/src/disassembler/llvm/LLVMDisassembler.cxx
@@ -15,6 +15,10 @@ namespace {
 	class COFFT {
 
 	};
+
+	class MACHOT {
+
+	};
 }
 
 /*
@@ -44,6 +48,9 @@ Disassembler * createLLVMDisassembler(const std::string& filename, InformationMa
 	if (COFFObjectFile * object = dyn_cast<COFFObjectFile>(op)) {
 		return new LLVMDisassembler<COFFT>(filename, manager, object);
 	}
+	if (MachOObjectFile * object = dyn_cast<MachOObjectFile>(op)) {
+		return new LLVMDisassembler<MACHOT>(filename, manager, object);
+	}
 
 	return NULL;
 }
@@ -177,7 +184,7 @@ LLVMDisassembler<ELFT>::~LLVMDisassembler() {}
 template <typename ELFT>
 Function* LLVMDisassembler<ELFT>::disassembleFunctionAt(uint64_t address, const std::string& name) {
 	Function * function;
-	SectionRef text_section = sections[".text"];
+	SectionRef text_section = getTextSection();
 	uint64_t base_address, size;
 	text_section.getAddress(base_address);
 	text_section.getSize(size);
@@ -213,7 +220,7 @@ void LLVMDisassembler<ELFT>::disassembleFunction(Function* function) {
 	 * the other ones at the end of the function!
 	 */
 	std::map<uint64_t, BasicBlock*> new_blocks;
-	SectionRef text_section = sections[".text"];
+	SectionRef text_section = getTextSection();
 	StringRef bytes;
 	text_section.getContents(bytes);
 	StringRefMemoryObject ref(bytes);
@@ -308,7 +315,7 @@ void LLVMDisassembler<ELFT>::disassembleFunction(Function* function) {
 
 template <typename ELFT>
 void LLVMDisassembler<ELFT>::disassemble() {
-	SectionRef text_section = sections[".text"];
+	SectionRef text_section = getTextSection();
 	std::vector<Function*> remaining_functions;
 
 	// Assume all function symbols actually start a real function
@@ -327,9 +334,14 @@ void LLVMDisassembler<ELFT>::disassemble() {
 
 		if (!x->second.getAddress(result)) {
 			Function * fun = manager->newFunction(result);
-			fun->setName(x->first);
-			remaining_functions.push_back(fun);
-			LOG4CXX_DEBUG(logger, "Disasembling " << x->first);
+			if (fun) {
+				fun->setName(x->first);
+				remaining_functions.push_back(fun);
+				LOG4CXX_DEBUG(logger, "Disasembling " << x->first);
+			} else {
+				LOG4CXX_DEBUG(logger, "Function at " << std::hex << result
+				              << " already disassembled as " << manager->getFunction(result)->getName());
+			}
 		}
 	}
 
@@ -371,6 +383,12 @@ uint64_t LLVMDisassembler<COFFT>::entryAddress() {
 	}
 }
 
+template<>
+uint64_t LLVMDisassembler<MACHOT>::entryAddress() {
+	// TODO
+	return 0;
+}
+
 template <typename ELFT>
 uint64_t LLVMDisassembler<ELFT>::entryAddress() {
 	const auto elffile = dyn_cast<ELFObjectFile<ELFT>>(o)->getELFFile();
@@ -381,7 +399,7 @@ uint64_t LLVMDisassembler<ELFT>::entryAddress() {
 
 template <typename ELFT>
 void LLVMDisassembler<ELFT>::splitBlocks(Function* function) {
-	SectionRef text_section = sections[".text"];
+	SectionRef text_section = getTextSection();
 	StringRef bytes;
 	text_section.getContents(bytes);
 	StringRefMemoryObject ref(bytes);
@@ -440,6 +458,11 @@ void LLVMDisassembler<COFFT>::readDynamicSymbols() {
 	//TODO
 }
 
+template<>
+void LLVMDisassembler<MACHOT>::readDynamicSymbols() {
+	//TODO
+}
+
 template <typename ELFT>
 void LLVMDisassembler<ELFT>::readDynamicSymbols() {
 	const auto elffile = dyn_cast<ELFObjectFile<ELFT>>(o)->getELFFile();
@@ -502,7 +525,7 @@ void LLVMDisassembler<ELFT>::printEachInstruction(uint64_t start, uint64_t end,
                                                   std::function<void (uint8_t*, size_t,
 	                                                                  const std::string&,
 	                                                                  const std::string&)> fun) {
-	SectionRef text_section = sections[".text"];
+	SectionRef text_section = getTextSection();
 	uint64_t base_address;
 	text_section.getAddress(base_address);
 	uint64_t current_address = start - base_address;
@@ -548,3 +571,13 @@ void LLVMDisassembler<ELFT>::printEachInstruction(uint64_t start, uint64_t end,
 		current_address += inst_size;
 	}
 }
+
+template <typename ELFT>
+SectionRef LLVMDisassembler<ELFT>::getTextSection() {
+	return sections[".text"];
+}
+
+template <>
+SectionRef LLVMDisassembler<MACHOT>::getTextSection() {
+	return sections["__text"];
+}
diff --git a/src/disassembler/llvm/LLVMDisassembler.hxx b/src/disassembler/llvm/LLVMDisassembler.hxx
index d4b13a2..e0b26e1 100644
--- a/src/disassembler/llvm/LLVMDisassembler.hxx
+++ b/src/disassembler/llvm/LLVMDisassembler.hxx
@@ -37,6 +37,7 @@ private:
 	void disassembleFunction(Function* function);
 	void splitBlocks(Function* fun);
 	void disassemble();
+	llvm::object::SectionRef getTextSection();
 
 	void readSymbols();
 	void readSections();
diff --git a/src/disassembler/llvm/include_llvm.hxx b/src/disassembler/llvm/include_llvm.hxx
index c6dba98..46028f5 100644
--- a/src/disassembler/llvm/include_llvm.hxx
+++ b/src/disassembler/llvm/include_llvm.hxx
@@ -9,6 +9,7 @@
 #include <llvm/MC/MCAsmInfo.h>
 #include <llvm/Object/ELFObjectFile.h>
 #include <llvm/Object/COFF.h>
+#include <llvm/Object/MachO.h>
 #include <llvm/Object/ObjectFile.h>
 #include <llvm/Object/Archive.h>
 #include <llvm/MC/MCAsmInfo.h>
-- 
2.39.2