darwin: Add function to find module's TLV data/bss

frida · Sep 2, 2023 · 897969f · 897969f
1 parent 818d88c
commit 897969f
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 0 deletions.
diff --git a/gum/gumdarwinmodule-priv.h b/gum/gumdarwinmodule-priv.h
@@ -21,6 +21,8 @@
 
 #define GUM_SECTION_TYPE_MASK          0x000000ff
 
+#define GUM_S_THREAD_LOCAL_REGULAR           0x11
+#define GUM_S_THREAD_LOCAL_ZEROFILL          0x12
 #define GUM_S_THREAD_LOCAL_VARIABLES         0x13
 
 #define GUM_N_EXT                            0x01
@@ -60,6 +62,7 @@ typedef struct _GumSection64 GumSection64;
 typedef struct _GumNList32 GumNList32;
 typedef struct _GumNList64 GumNList64;
 typedef struct _GumFindDarwinTLVDescriptorsContext GumFindDarwinTLVDescriptorsContext;
+typedef struct _GumFindDarwinTLVInitContext GumFindDarwinTLVInitContext;
 typedef struct _GumFixedSizeTLVThunk32 GumFixedSizeTLVThunk32;
 typedef struct _GumFixedSizeTLVThunk64 GumFixedSizeTLVThunk64;
 typedef struct _GumFixedSizeLibdyldDyld4Section32 GumFixedSizeLibdyldDyld4Section32;
@@ -407,6 +410,12 @@ struct _GumFindDarwinTLVDescriptorsContext {
   gsize descriptor_sz;
 };
 
+struct _GumFindDarwinTLVInitContext {
+  guint32 data_offset;
+  guint64 data_size;
+  guint64 bss_size;
+};
+
 struct _GumFixedSizeTLVThunk32 {
   guint32 thunk;
   guint32 key;

diff --git a/gum/gumdarwinmodule.c b/gum/gumdarwinmodule.c
@@ -1122,6 +1122,38 @@ gum_darwin_module_enumerate_tlv_descriptors (GumDarwinModule * self,
   }
 }
 
+gboolean
+gum_darwin_module_find_tlv_init (const GumDarwinSectionDetails * section,
+                                 gpointer user_data)
+{
+  GumFindDarwinTLVInitContext *ctx = user_data;
+
+  if (section->flags == GUM_S_THREAD_LOCAL_REGULAR)
+  {
+    ctx->data_offset = section->file_offset;
+    ctx->data_size = section->size;
+  }
+
+  if (section->flags == GUM_S_THREAD_LOCAL_ZEROFILL)
+    ctx->bss_size = section->size;
+
+  return TRUE;
+}
+
+void
+gum_darwin_module_get_tlv_init (GumDarwinModule * self, guint32 * data_offset,
+                                guint64 * data_size, guint64 * bss_size)
+{
+  GumFindDarwinTLVInitContext ctx = { 0 };
+
+  gum_darwin_module_enumerate_sections (self,
+      gum_darwin_module_find_tlv_init, &ctx);
+
+  *data_offset = ctx.data_offset;
+  *data_size = ctx.data_size;
+  *bss_size = ctx.bss_size;
+}
+
 void
 gum_darwin_module_enumerate_chained_fixups (
     GumDarwinModule * self,

diff --git a/gum/gumdarwinmodule.h b/gum/gumdarwinmodule.h
@@ -619,6 +619,8 @@ GUM_API guint gum_darwin_module_count_tlv_descriptors (GumDarwinModule * self);
 GUM_API void gum_darwin_module_enumerate_tlv_descriptors (
     GumDarwinModule * self, GumFoundDarwinTLVDescriptorFunc func,
     gpointer user_data);
+GUM_API void gum_darwin_module_get_tlv_init (GumDarwinModule * self,
+    guint32 * data_offset, guint64 * data_size, guint64 * bss_size);
 GUM_API void gum_darwin_module_enumerate_rebases (GumDarwinModule * self,
     GumFoundDarwinRebaseFunc func, gpointer user_data);
 GUM_API void gum_darwin_module_enumerate_binds (GumDarwinModule * self,