if (demangled) free(demangled);						addComment(address, 0, "");						addComment(address, 0, ";********************************************************");						addComment(address, 0, elf_buffer);						addComment(address, 0, ";********************************************************");						pushAddress(address, address);						assignSymbol(address, label, label_func);					}					delete address;				}				break;			}			case ELF_STT_OBJECT: {				char *label = name;				if (!getSymbolByName(label)) {					Address *address = createAddress64(sym.st_value);					char *demangled = cplus_demangle(label, DMGL_PARAMS | DMGL_ANSI);					if (!demangled) demangled = cplus_demangle_v3(label, DMGL_PARAMS | DMGL_ANSI | DMGL_TYPES);					make_valid_name(label, label);					ht_snprintf(elf_buffer, sizeof elf_buffer, "; data object %s, size %qd (%s)", (demangled) ? demangled : label, sym.st_size, bind);					free(demangled);					addComment(address, 0, "");					addComment(address, 0, ";********************************************************");					addComment(address, 0, elf_buffer);					addComment(address, 0, ";********************************************************");					assignSymbol(address, label, label_data);					delete address;				}				break;			}			case ELF_STT_SECTION:			case ELF_STT_FILE:				break;			}			free(name);		}		if (entropy) free(entropy);	}}/* * */void ElfAnalyser::load(ObjectStream &f){    	GET_OBJECT(f, validarea);	Analyser::load(f);}/* * */void ElfAnalyser::done(){	validarea->done();	delete validarea;	Analyser::done();}ObjectID ElfAnalyser::getObjectID() const{	return ATOM_ELF_ANALYSER;}/* * */uint ElfAnalyser::bufPtr(Address *Addr, byte *buf, int size){	FileOfs ofs = addressToFileofs(Addr);/*     if (ofs == INVALID_FILE_OFS) {		int as = 1;	}*/	assert(ofs != INVALID_FILE_OFS);	file->seek(ofs);	return file->read(buf, size);}bool ElfAnalyser::convertAddressToELFAddress(Address *addr, ELFAddress *r){	if (addr->getObjectID()==ATOM_ADDRESS_FLAT_32) {		r->a32 = ((AddressFlat32*)addr)->addr;		return true;	} else if (addr->getObjectID()==ATOM_ADDRESS_X86_FLAT_32) {		r->a32 = ((AddressX86Flat32*)addr)->addr;		return true;	} else if (addr->getObjectID()==ATOM_ADDRESS_FLAT_64) {		r->a64 = ((AddressFlat64*)addr)->addr;		return true;	} else {		return false;	}}Address *ElfAnalyser::createAddress(){	switch (elf_shared->ident.e_ident[ELF_EI_CLASS]) {			case ELFCLASS32: {				switch (elf_shared->header32.e_machine) {					case ELF_EM_386:						return new AddressX86Flat32();				}				return new AddressFlat32();			}			case ELFCLASS64: {/*				switch (elf_shared->header32.e_machine) {					case ELF_EM_386:						return new AddressX86Flat32(0);				}*/				return new AddressFlat64();			}	}	return new AddressFlat32();}Address *ElfAnalyser::createAddress32(uint32 addr){	switch (elf_shared->header32.e_machine) {		case ELF_EM_386:			return new AddressX86Flat32(addr);	}	return new AddressFlat32(addr);}Address *ElfAnalyser::createAddress64(uint64 addr){	return new AddressFlat64(addr);}/* * */Assembler *ElfAnalyser::createAssembler(){	switch (elf_shared->ident.e_ident[ELF_EI_CLASS]) {	case ELFCLASS32:		switch (elf_shared->header32.e_machine) {		case ELF_EM_386:			Assembler *a = new x86asm(X86_OPSIZE32, X86_ADDRSIZE32);			a->init();			return a;		}	case ELFCLASS64:		switch (elf_shared->header64.e_machine) {		case ELF_EM_X86_64:			Assembler *a = new x86_64asm();			a->init();			return a;		}	}	return NULL;}/* * */FileOfs ElfAnalyser::addressToFileofs(Address *Addr){	if (validAddress(Addr, scinitialized)) {		FileOfs ofs;		ELFAddress ea;		if (!convertAddressToELFAddress(Addr, &ea)) return INVALID_FILE_OFS;		if (!elf_addr_to_ofs(&elf_shared->sheaders, elf_shared->ident.e_ident[ELF_EI_CLASS], ea, &ofs)) return INVALID_FILE_OFS;		return ofs;	} else {		return INVALID_FILE_OFS;	}}/* * */const char *ElfAnalyser::getSegmentNameByAddress(Address *Addr){	static char elf_sectionname[33];	elf_section_headers *sections=&elf_shared->sheaders;	int i;	ELFAddress ea;	if (!convertAddressToELFAddress(Addr, &ea)) return NULL;	if (!elf_addr_to_section(sections, elf_shared->ident.e_ident[ELF_EI_CLASS], ea, &i)) return NULL;	if (i == elf_shared->fake_undefined_shidx) {		strcpy(elf_sectionname, "$$HT_FAKE$$");	} else {		ht_strlcpy(elf_sectionname, elf_shared->shnames[i], sizeof elf_sectionname);	}	return elf_sectionname;}/* * */String &ElfAnalyser::getName(String &res){	return file->getDesc(res);}/* * */const char *ElfAnalyser::getType(){	return "ELF/Analyser";}/* * */void ElfAnalyser::initCodeAnalyser(){	Analyser::initCodeAnalyser();}/* * */void ElfAnalyser::initUnasm(){	DPRINTF("elf_analy: ");	int machine = 0;	bool elf64 = false;	switch (elf_shared->ident.e_ident[ELF_EI_CLASS]) {		case ELFCLASS32: machine = elf_shared->header32.e_machine; break;		case ELFCLASS64: machine = elf_shared->header64.e_machine; elf64 = true; break;	}	switch (machine) {	case ELF_EM_386:		DPRINTF("initing analy_x86_disassembler\n");		analy_disasm = new AnalyX86Disassembler();		((AnalyX86Disassembler*)analy_disasm)->init(this, elf64 ? ANALYX86DISASSEMBLER_FLAGS_FLAT64 : 0);		break;	case ELF_EM_X86_64:		if (elf_shared->ident.e_ident[ELF_EI_CLASS] != ELFCLASS64) {			errorbox("x86_64 cant be used in a 32-Bit ELF.");		} else {			analy_disasm = new AnalyX86Disassembler();			((AnalyX86Disassembler*)analy_disasm)->init(this, ANALYX86DISASSEMBLER_FLAGS_AMD64 | ANALYX86DISASSEMBLER_FLAGS_FLAT64);		}		break;	case ELF_EM_IA_64: // Intel ia64		if (elf_shared->ident.e_ident[ELF_EI_CLASS] != ELFCLASS64) {			errorbox("Intel IA64 cant be used in a 32-Bit ELF.");		} else {			analy_disasm = new AnalyIA64Disassembler();			((AnalyIA64Disassembler*)analy_disasm)->init(this);		}		break;	case ELF_EM_PPC: // PowerPC		if (elf_shared->ident.e_ident[ELF_EI_CLASS] != ELFCLASS32) {			errorbox("PowerPC32 cant be used in a 64-Bit ELF.");		} else {			DPRINTF("initing analy_ppc_disassembler\n");			analy_disasm = new AnalyPPCDisassembler();			((AnalyPPCDisassembler*)analy_disasm)->init(this, ANALY_PPC_32);		}		break;	case ELF_EM_PPC64: // PowerPC64		if (elf_shared->ident.e_ident[ELF_EI_CLASS] != ELFCLASS64) {			errorbox("PowerPC64 cant be used in a 32-Bit ELF.");		} else {			DPRINTF("initing analy_ppc_disassembler\n");			analy_disasm = new AnalyPPCDisassembler();			((AnalyPPCDisassembler*)analy_disasm)->init(this, ANALY_PPC_64);		}		break;        case ELF_EM_ARM: // Arm                if (elf_shared->ident.e_ident[ELF_EI_CLASS] != ELFCLASS32) {                        errorbox("ARM cant be used in a 64-Bit ELF.");                } else {                        DPRINTF("initing analy_arm_disassembler\n");                        analy_disasm = new AnalyArmDisassembler();                        ((AnalyArmDisassembler*)analy_disasm)->init(this);                }                break;	default:		DPRINTF("no apropriate disassembler for machine %04x\n", machine);		warnbox("No disassembler for unknown machine type %04x!", machine);	}}/* * */Address *ElfAnalyser::nextValid(Address *Addr){	return (Address *)validarea->findNext(Addr);}/* * */void ElfAnalyser::store(ObjectStream &f) const{	PUT_OBJECT(f, validarea);	Analyser::store(f);}/* * */int ElfAnalyser::queryConfig(int mode){	switch (mode) {		case Q_DO_ANALYSIS:		case Q_ENGAGE_CODE_ANALYSER:		case Q_ENGAGE_DATA_ANALYSER:			return true;		default:			return 0;	}}/* * */Address *ElfAnalyser::fileofsToAddress(FileOfs fileofs){	ELFAddress ea;	if (elf_ofs_to_addr(&elf_shared->sheaders, elf_shared->ident.e_ident[ELF_EI_CLASS], fileofs, &ea)) {		switch (elf_shared->ident.e_ident[ELF_EI_CLASS]) {			case ELFCLASS32: return createAddress32(ea.a32);			case ELFCLASS64: return createAddress64(ea.a64);		}		return new InvalidAddress();	} else {		return new InvalidAddress();	}}/* * */bool ElfAnalyser::validAddress(Address *Addr, tsectype action){	elf_section_headers *sections=&elf_shared->sheaders;	int sec;	byte cls = elf_shared->ident.e_ident[ELF_EI_CLASS];	ELFAddress ea;	if (!convertAddressToELFAddress(Addr, &ea)) return false;	if (!elf_addr_to_section(sections, cls, ea, &sec)) return false;	switch (cls) {	case ELFCLASS32: {		ELF_SECTION_HEADER32 *s = sections->sheaders32 + sec;		switch (action) {		case scvalid:			return true;		case scread:			return true;		case scwrite:		case screadwrite:			return s->sh_flags & ELF_SHF_WRITE;		case sccode:			return (s->sh_flags & ELF_SHF_EXECINSTR) && (s->sh_type == ELF_SHT_PROGBITS);		case scinitialized:			return s->sh_type==ELF_SHT_PROGBITS;		}		return false;	}	case ELFCLASS64: {		ELF_SECTION_HEADER64 *s = sections->sheaders64 + sec;		switch (action) {		case scvalid:			return true;		case scread:			return true;		case scwrite:		case screadwrite:			return s->sh_flags & ELF_SHF_WRITE;		case sccode:			return (s->sh_flags & ELF_SHF_EXECINSTR) && (s->sh_type == ELF_SHT_PROGBITS);		case scinitialized:			return s->sh_type==ELF_SHT_PROGBITS;		}		return false;	}	}	return false;}