get names without ida

README

@@ -83,7 +83,7 @@ shift-n -- rename data
 shift-; -- add comment at data
 
 g -- go to change, address, or name
-c -- analyze code at address, soon
+c -- coming soon, analyze code at iaddr
 
 
 == Installation on Windows (experimental) ==

install.sh

@@ -12,7 +12,11 @@ if [[ "$unamestr" == 'Linux' ]]; then
     sudo apt-get install build-essential python-dev python-pip debootstrap libjpeg-dev zlib1g-dev unzip wget
     if [ ! -f /usr/lib/libcapstone.so ]; then
       # now we need capstone so the user can see assembly
-      wget -O /tmp/cs.deb http://www.capstone-engine.org/download/2.1.2/capstone-2.1.2_amd64.deb
+      if [ $(uname -m) == 'i386']; then
+        wget -O /tmp/cs.deb http://www.capstone-engine.org/download/2.1.2/capstone-2.1.2_i386.deb
+      else
+        wget -O /tmp/cs.deb http://www.capstone-engine.org/download/2.1.2/capstone-2.1.2_amd64.deb
+      fi
       sudo dpkg -i /tmp/cs.deb
       rm /tmp/cs.deb
     fi

middleware/qira_config.py

@@ -20,7 +20,7 @@ CODESEARCHDIR = BASEDIR+"/cda/codesearch-latest/"
 CALLED_AS_CDA = False
 
 # turn this off for now on releases
-WITH_STATIC = True
+WITH_STATIC = False
 WITH_CAPSTONE = True
 
 

middleware/qira_program.py

@@ -174,6 +174,7 @@ class Program:
       self.qirabinary = os.path.realpath(self.qirabinary)
       print "**** using",self.qirabinary,"for",hex(self.fb)
 
+      self.getnames()
       self.getdwarf()
       self.runnable = True
 
@@ -205,7 +206,7 @@ class Program:
       else:
         raise Exception("osx binary not supported")
 
-      self.getdwarf()
+      #self.getdwarf()
       self.runnable = True
 
     else:
@@ -214,7 +215,7 @@ class Program:
     if qira_config.WITH_STATIC:
       # call out to ida
       print "*** running the ida parser"
-      ret = os.system(qira_config.BASEDIR+"/static/ida_parser.py /tmp/qira_binary > /tmp/qida_log")
+      ret = os.system(qira_config.BASEDIR+"/static/python32/Python/python "+qira_config.BASEDIR+"/static/ida_parser.py /tmp/qira_binary > /tmp/qida_log")
       try:
         import json
         ttags = json.load(open("/tmp/qida/tags"))
@@ -414,6 +415,29 @@ class Program:
       print "ERROR: csearch issue",e
       return []
 
+  def getnames(self):
+    from elftools.elf.elffile import ELFFile
+    from elftools.elf.sections import SymbolTableSection
+    from elftools.elf.relocation import RelocationSection
+    elf = ELFFile(open(self.program))
+    ncount = 0
+    for section in elf.iter_sections():
+      if isinstance(section, RelocationSection):
+        symtable = elf.get_section(section['sh_link'])
+        for rel in section.iter_relocations():
+          symbol = symtable.get_symbol(rel['r_info_sym'])
+          #print rel, symbol.name
+          if rel['r_offset'] != 0 and symbol.name != "":
+            self.tags[rel['r_offset']]['name'] = symbol.name
+            ncount += 1
+      if isinstance(section, SymbolTableSection):
+        for nsym, symbol in enumerate(section.iter_symbols()):
+          if symbol['st_value'] != 0 and symbol.name != "":
+            #print symbol['st_value'], symbol.name
+            self.tags[symbol['st_value']]['name'] = symbol.name
+            ncount += 1
+    print "** found %d names" % ncount
+
   def getdwarf(self):
     if not qira_config.WITH_DWARF:
       return