|
| 1 | +#!/usr/bin/env node |
| 2 | +'use strict'; |
| 3 | + |
| 4 | +const assert = require('assert'); |
| 5 | +const fs = require('fs'); |
| 6 | +const Buffer = require('buffer').Buffer; |
| 7 | + |
| 8 | +const ALIGN_64 = 8; |
| 9 | + |
| 10 | +const HEADER_SIZE = 4 * 7; |
| 11 | +const BODY_OFF_64 = 4 * 8; |
| 12 | +const MAGIC_LE_32 = 0xfeedface; |
| 13 | +const MAGIC_LE_64 = 0xfeedfacf; |
| 14 | + |
| 15 | +const CMD_HEADER_SIZE = 8; |
| 16 | +const LC_SEGMENT_64 = 0x19; |
| 17 | +const LC_SEGMENT_64_SIZE = 4 * 2 + 16 + 8 * 4 + 4 * 4; |
| 18 | +const VM_PROT_WRITE = 0x2; |
| 19 | + |
| 20 | +if (process.argv.length < 3) { |
| 21 | + console.error('Usage: %s <core_file>', process.argv[1]); |
| 22 | + process.exit(1); |
| 23 | + return; |
| 24 | +} |
| 25 | + |
| 26 | +const fd = fs.openSync(process.argv[2], 'r'); |
| 27 | + |
| 28 | +function read(start, end) { |
| 29 | + const data = Buffer.alloc(end - start); |
| 30 | + const bytesRead = fs.readSync(fd, data, 0, data.length, start); |
| 31 | + |
| 32 | + assert.strictEqual(data.length, bytesRead, 'Read less than expected'); |
| 33 | + |
| 34 | + return data; |
| 35 | +} |
| 36 | + |
| 37 | +function pad8(s) { |
| 38 | + let r = s; |
| 39 | + while (r.length < 8) |
| 40 | + r = '0' + r; |
| 41 | + return r; |
| 42 | +} |
| 43 | + |
| 44 | +function parseUInt64LE(buf, off) { |
| 45 | + const low = pad8(buf.readUInt32LE(off).toString(16)); |
| 46 | + const high = pad8(buf.readUInt32LE(off + 4).toString(16)); |
| 47 | + return '0x' + high + low; |
| 48 | +} |
| 49 | + |
| 50 | +/* header = { magic, cpu, cpu_sub, filetype, ncmds, sizeofcmds, flags } */ |
| 51 | +const header = read(0, HEADER_SIZE); |
| 52 | +assert.strictEqual(header.readUInt32LE(0), MAGIC_LE_64, 'Invalid magic value'); |
| 53 | + |
| 54 | +const ncmds = header.readUInt32LE(4 * 4); |
| 55 | +const sizeofcmds = header.readUInt32LE(4 * 5); |
| 56 | + |
| 57 | +for (let off = BODY_OFF_64, i = 0; i < ncmds; i++) { |
| 58 | + /* cmd = { type, size } */ |
| 59 | + const cmd = read(off, off + CMD_HEADER_SIZE); |
| 60 | + |
| 61 | + const type = cmd.readUInt32LE(0); |
| 62 | + const size = cmd.readUInt32LE(4); |
| 63 | + off += size; |
| 64 | + |
| 65 | + if (type !== LC_SEGMENT_64) |
| 66 | + continue; |
| 67 | + |
| 68 | + assert.strictEqual(size, LC_SEGMENT_64_SIZE, 'Invalid LC_SEGMENT_64 size'); |
| 69 | + |
| 70 | + const body = read(off - size + 4 * 2, off); |
| 71 | + const vmaddr = parseUInt64LE(body, 16); |
| 72 | + const vmsize = parseUInt64LE(body, 24); |
| 73 | + const prot = body.readUInt32LE(48) | body.readUInt32LE(52); |
| 74 | + if (!(prot & VM_PROT_WRITE)) |
| 75 | + continue; |
| 76 | + |
| 77 | + console.log(vmaddr + ' ' + vmsize); |
| 78 | +} |
0 commit comments