rizinorg · XVilka · Feb 1, 2024 · Feb 1, 2024 · Feb 1, 2024
@@ -44,6 +44,9 @@ RZ_API ut64 rz_coff_perms_from_section_flags(ut32 flags) {
 	if (flags & COFF_SCN_MEM_EXECUTE) {
 		r |= RZ_PERM_X;
 	}
+	if (flags & COFF_SCN_MEM_SHARED) {
+		r |= RZ_PERM_SHAR;
+	}
 	return r;
 }
 

@@ -50,6 +50,7 @@
 #define COFF_SCN_TYPE_NO_PAD     0x00000008
 #define COFF_SCN_CNT_CODE        0x00000020
 #define COFF_SCN_CNT_INIT_DATA   0x00000040
+#define COFF_SCN_CNT_UNIN_DATA   0x00000080 // The section contains uninitialized data.
 #define COFF_SCN_LNK_OTHER       0x00000100
 #define COFF_SCN_LNK_INFO        0x00000200
 #define COFF_SCN_LNK_REMOVE      0x00000800
@@ -82,6 +83,8 @@
 #define COFF_SCN_MEM_READ        0x40000000
 #define COFF_SCN_MEM_WRITE       0x80000000
 
+#define COFF_SCN_ALIGN_MASK 0x00F00000
+
 #define COFF_SYM_SCNUM_UNDEF 0
 #define COFF_SYM_SCNUM_ABS   0xffff
 #define COFF_SYM_SCNUM_DEBUG 0xfffe

@@ -20,15 +20,25 @@
 #define RZ_BIN_PE_SCN_IS_WRITABLE(x)   x &PE_IMAGE_SCN_MEM_WRITE
 
 // SECTION FLAGS FOR EXE/PE/DLL START
+#define IMAGE_SCN_TYPE_REG               0x00000000 // Reserved
+#define IMAGE_SCN_TYPE_D_SECT            0x00000001 // Reserved
+#define IMAGE_SCN_TYPE_NO_LOAD           0x00000002 // Reserved
+#define IMAGE_SCN_TYPE_GROUP             0x00000004 // Reserved
 #define IMAGE_SCN_TYPE_NO_PAD            0x00000008 // The section should not be padded to the next boundary. This flag is obsolete and is replaced by #define IMAGE_SCN_ALIGN_1BYTES. This is valid only for object files.
+#define IMAGE_SCN_TYPE_COPY              0x00000010 // Reserved
 #define IMAGE_SCN_CNT_CODE               0x00000020 // The section contains executable code.
 #define IMAGE_SCN_CNT_INITIALIZED_DATA   0x00000040 // The section contains initialized data.
 #define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 // The section contains uninitialized data.
 #define IMAGE_SCN_LNK_OTHER              0x00000100 // Reserved for future use.
 #define IMAGE_SCN_LNK_INFO               0x00000200 // The section contains comments or other information. The .drectve section has this type. This is valid for object files only.
+#define IMAGE_SCN_TYPE_OVER              0x00000400 // Reserved
 #define IMAGE_SCN_LNK_REMOVE             0x00000800 // The section will not become part of the image. This is valid only for object files.
 #define IMAGE_SCN_LNK_COMDAT             0x00001000 // The section contains COMDAT data. For more information, see COMDAT Sections (Object Only). This is valid only for object files.
+#define IMAGE_SCN_NO_DEFER_SPEC_EXC      0x00004000 // Reset speculative exceptions handling bits in the TLB entries for this section.
+#define IMAGE_SCN_MEM_PROTECTED          0x00004000
 #define IMAGE_SCN_GPREL                  0x00008000 // The section contains data referenced through the global pointer (GP).
+#define IMAGE_SCN_MEM_FARDATA            0x00008000
+#define IMAGE_SCN_MEM_SYSHEAP            0x00010000
 #define IMAGE_SCN_MEM_PURGEABLE          0x00020000 // Reserved for future use.
 #define IMAGE_SCN_MEM_16BIT              0x00020000 // Reserved for future use.
 #define IMAGE_SCN_MEM_LOCKED             0x00040000 // Reserved for future use.
@@ -51,6 +61,10 @@
 #define IMAGE_SCN_MEM_DISCARDABLE        0x02000000 // The section can be discarded as needed.
 #define IMAGE_SCN_MEM_NOT_CACHED         0x04000000 // The section cannot be cached.
 #define IMAGE_SCN_MEM_NOT_PAGED          0x08000000 // The section is not pageable.
+#define IMAGE_SCN_MEM_SHARED             0x10000000 // Section is shareable.
+#define IMAGE_SCN_MEM_EXECUTE            0x20000000 // Section is executable.
+#define IMAGE_SCN_MEM_READ               0x40000000 // Section is readable.
+#define IMAGE_SCN_MEM_WRITE              0x80000000 // Section is writable.
 
 #define PE_SCN_ALIGN_MASK 0x00F00000
 

@@ -110,105 +110,71 @@ void PE_(rz_bin_pe_check_sections)(RzBinPEObj *bin, struct rz_bin_pe_section_t *
 	return;
 }
 
-RzList /*<char *>*/ *PE_(section_flag_to_rzlist)(ut64 flag) {
-	RzList *flag_list = rz_list_new();
-	if (flag & IMAGE_SCN_TYPE_NO_PAD) {
-		rz_list_append(flag_list, "TYPE_NO_PAD");
-	}
-	if (flag & IMAGE_SCN_CNT_CODE) {
-		rz_list_append(flag_list, "CNT_CODE");
-	}
-	if (flag & IMAGE_SCN_CNT_INITIALIZED_DATA) {
-		rz_list_append(flag_list, "CNT_INITIALIZED_DATA");
-	}
-	if (flag & IMAGE_SCN_CNT_UNINITIALIZED_DATA) {
-		rz_list_append(flag_list, "CNT_UNINITIALIZED");
-	}
-	if (flag & IMAGE_SCN_LNK_OTHER) {
-		rz_list_append(flag_list, "LNK_OTHER");
-	}
-	if (flag & IMAGE_SCN_LNK_INFO) {
-		rz_list_append(flag_list, "LNK_INFO");
-	}
-	if (flag & IMAGE_SCN_LNK_REMOVE) {
-		rz_list_append(flag_list, "LNK_REMOVE");
-	}
-	if (flag & IMAGE_SCN_LNK_COMDAT) {
-		rz_list_append(flag_list, "LNK_COMDAT");
-	}
-	if (flag & IMAGE_SCN_GPREL) {
-		rz_list_append(flag_list, "GPREL");
-	}
-	if (flag & IMAGE_SCN_MEM_PURGEABLE) {
-		rz_list_append(flag_list, "MEM_PURGEABLE");
-	}
-	if (flag & IMAGE_SCN_MEM_16BIT) {
-		rz_list_append(flag_list, "MEM_16BIT");
-	}
-	if (flag & IMAGE_SCN_MEM_LOCKED) {
-		rz_list_append(flag_list, "MEM_LOCKED");
-	}
-	if (flag & IMAGE_SCN_MEM_PRELOAD) {
-		rz_list_append(flag_list, "MEM_PRELOAD");
-	}
-	// Alignment flags overlap
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_1BYTES) {
-		rz_list_append(flag_list, "ALIGN_1BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_2BYTES) {
-		rz_list_append(flag_list, "ALIGN_2BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_4BYTES) {
-		rz_list_append(flag_list, "ALIGN_4BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_8BYTES) {
-		rz_list_append(flag_list, "ALIGN_8BYTES");
+#define ADD_FLAG_MASK(x, m) \
+	if ((flag & m) == IMAGE_SCN_##x) { \
+		rz_list_append(flag_list, RZ_STR(x)); \
 	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_16BYTES) {
-		rz_list_append(flag_list, "ALIGN_16BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_32BYTES) {
-		rz_list_append(flag_list, "ALIGN_32BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_64BYTES) {
-		rz_list_append(flag_list, "ALIGN_64BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_128BYTES) {
-		rz_list_append(flag_list, "ALIGN_128BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_256BYTES) {
-		rz_list_append(flag_list, "ALIGN_256BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_512BYTES) {
-		rz_list_append(flag_list, "ALIGN_512BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_1024BYTES) {
-		rz_list_append(flag_list, "ALIGN_1024BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_2048BYTES) {
-		rz_list_append(flag_list, "ALIGN_2048BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_4096BYTES) {
-		rz_list_append(flag_list, "ALIGN_4096BYTES");
-	}
-	if ((flag & PE_SCN_ALIGN_MASK) == IMAGE_SCN_ALIGN_8192BYTES) {
-		rz_list_append(flag_list, "ALIGN_8192BYTES");
-	}
-	if (flag & IMAGE_SCN_LNK_NRELOC_OVFL) {
-		rz_list_append(flag_list, "LNK_NRELOC_OVFL");
-	}
-	if (flag & IMAGE_SCN_MEM_DISCARDABLE) {
-		rz_list_append(flag_list, "IMAGE_SCN_MEM_DISCARDABLE");
-	}
-	if (flag & IMAGE_SCN_MEM_NOT_CACHED) {
-		rz_list_append(flag_list, "MEM_NOT_CACHED");
+
+#define ADD_FLAG(x) \
+	if (flag & IMAGE_SCN_##x) { \
+		rz_list_append(flag_list, RZ_STR(x)); \
 	}
-	if (flag & IMAGE_SCN_MEM_NOT_PAGED) {
-		rz_list_append(flag_list, "MEM_NOT_PAGED");
+
+RzList /*<char *>*/ *PE_(section_flag_to_rzlist)(ut64 flag) {
+	RzList *flag_list = rz_list_new();
+	ADD_FLAG_MASK(TYPE_REG, UT64_MAX);
+	ADD_FLAG(TYPE_REG);
+	ADD_FLAG(TYPE_D_SECT);
+	ADD_FLAG(TYPE_NO_LOAD);
+	ADD_FLAG(TYPE_GROUP);
+	ADD_FLAG(TYPE_NO_PAD);
+	ADD_FLAG(TYPE_COPY);
+	ADD_FLAG(CNT_CODE);
+	ADD_FLAG(CNT_INITIALIZED_DATA);
+	ADD_FLAG(CNT_UNINITIALIZED_DATA);
+	ADD_FLAG(LNK_OTHER);
+	ADD_FLAG(LNK_INFO);
+	ADD_FLAG(TYPE_OVER);
+	ADD_FLAG(LNK_REMOVE);
+	ADD_FLAG(LNK_COMDAT);
+	ADD_FLAG(NO_DEFER_SPEC_EXC);
+	// ADD_FLAG(MEM_PROTECTED); // this has the same value as NO_DEFER_SPEC_EXC
+	ADD_FLAG(GPREL);
+	// ADD_FLAG(MEM_FARDATA); // this has the same value as GPREL
+	ADD_FLAG(MEM_SYSHEAP);
+	ADD_FLAG(MEM_PURGEABLE);
+	// ADD_FLAG(MEM_16BIT); // this has same value as MEM_PURGEABLE
+	ADD_FLAG(MEM_LOCKED);
+	ADD_FLAG(MEM_PRELOAD);
+	ADD_FLAG_MASK(ALIGN_1BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_2BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_4BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_8BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_16BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_32BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_64BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_128BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_256BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_512BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_1024BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_2048BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_4096BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_8192BYTES, PE_SCN_ALIGN_MASK);
+	ADD_FLAG(LNK_NRELOC_OVFL);
+	ADD_FLAG(MEM_DISCARDABLE);
+	ADD_FLAG(MEM_NOT_CACHED);
+	ADD_FLAG(MEM_NOT_PAGED);
+
+	// special check for no read
+	if (!(flag & IMAGE_SCN_MEM_READ)) {
+		rz_list_append(flag_list, "MEM_NO_READ");
 	}
 	return flag_list;
 }
 
+#undef ADD_FLAG_MASK
+#undef ADD_FLAG
+
 bool PE_(read_image_section_header)(RzBuffer *b, ut64 addr, PE_(image_section_header) * section_header) {
 	ut8 buf[sizeof(PE_(image_section_header))];
 	rz_buf_read_at(b, addr, buf, sizeof(buf));

@@ -520,6 +520,60 @@ ut16 CHARACTERISTICS
 	return r >= 20 && rz_coff_supported_arch(tmp);
 }
 
+#define ADD_FLAG_MASK(x, m) \
+	if ((flag & m) == COFF_SCN_##x) { \
+		rz_list_append(flag_list, RZ_STR(x)); \
+	}
+
+#define ADD_FLAG(x) \
+	if (flag & COFF_SCN_##x) { \
+		rz_list_append(flag_list, RZ_STR(x)); \
+	}
+
+RzList /*<char *>*/ *coff_section_flag_to_rzlist(ut64 flag) {
+	RzList *flag_list = rz_list_new();
+	ADD_FLAG(TYPE_NO_PAD);
+	ADD_FLAG(CNT_CODE);
+	ADD_FLAG(CNT_INIT_DATA);
+	ADD_FLAG(CNT_UNIN_DATA);
+	ADD_FLAG(LNK_OTHER);
+	ADD_FLAG(LNK_INFO);
+	ADD_FLAG(LNK_REMOVE);
+	ADD_FLAG(LNK_COMDAT);
+	ADD_FLAG(GPREL);
+	ADD_FLAG(MEM_PURGEABLE);
+	ADD_FLAG(MEM_16BIT);
+	ADD_FLAG(MEM_LOCKED);
+	ADD_FLAG(MEM_PRELOAD);
+	ADD_FLAG_MASK(ALIGN_1BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_2BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_4BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_8BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_16BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_32BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_64BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_128BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_256BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_512BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_1024BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_2048BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_4096BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG_MASK(ALIGN_8192BYTES, COFF_SCN_ALIGN_MASK);
+	ADD_FLAG(LNK_NRELOC_OVFL);
+	ADD_FLAG(MEM_DISCARDABLE);
+	ADD_FLAG(MEM_NOT_CACHED);
+	ADD_FLAG(MEM_NOT_PAGED);
+
+	// special check for no read
+	if (!(flag & COFF_SCN_MEM_READ)) {
+		rz_list_append(flag_list, "MEM_NO_READ");
+	}
+	return flag_list;
+}
+
+#undef ADD_FLAG_MASK
+#undef ADD_FLAG
+
 RzBinPlugin rz_bin_plugin_coff = {
 	.name = "coff",
 	.desc = "COFF format rz_bin plugin",
@@ -540,7 +594,8 @@ RzBinPlugin rz_bin_plugin_coff = {
 	.fields = &fields,
 	.size = &size,
 	.libs = &libs,
-	.relocs = &relocs
+	.relocs = &relocs,
+	.section_flag_to_rzlist = coff_section_flag_to_rzlist,
 };
 
 #ifndef RZ_PLUGIN_INCORE

@@ -4415,7 +4415,7 @@ EXPECT=<<EOF
     "vsize": 4096,
     "perm": "-rw-",
     "flags": [
-      "CNT_UNINITIALIZED",
+      "CNT_UNINITIALIZED_DATA",
       "ALIGN_8BYTES"
     ],
     "paddr": 0,

@@ -33,19 +33,19 @@ nth vaddr      bind type lib name
 23  0x0000b748 NONE FUNC     __TIFFDataSize
 24  0x0000b750 NONE FUNC     __TIFFCheckMalloc
 25  0x0000b758 NONE UNK      __fltused
-paddr      size   vaddr      vsize  align perm name          type flags 
-------------------------------------------------------------------------
-0x000001cc 0x2f   0x00000000 0x2f   0x0   ---- .drectve           
-0x000001fb 0x8670 0x00000030 0x8670 0x0   -r-- .debug_S           
-0x0000ad73 0x70   0x000086a0 0x70   0x0   -r-- .debug_T           
-0x0000ade3 0x625  0x00008710 0x625  0x0   -rw- .data              
-0x0000b408 0x54   0x00008d40 0x54   0x0   -r-- .rdata             
-0x00000000 0x8    0x00008da0 0x8    0x0   -rw- .bss               
-0x0000b45c 0x2895 0x00008db0 0x2895 0x0   -r-x .text_mn           
-0x0000e967 0x8    0x0000b650 0x8    0x0   -r-- .rdata_0xe967      
-0x0000e96f 0x4    0x0000b660 0x4    0x0   -r-- .rdata_0xe96f      
-0x0000e973 0x8    0x0000b670 0x8    0x0   -r-- .rdata_0xe973      
-0x0000e97b 0x4    0x0000b680 0x4    0x0   -r-- .rdata_0xe97b      
+paddr      size   vaddr      vsize  align perm name          type flags       
+------------------------------------------------------------------------------
+0x000001cc 0x2f   0x00000000 0x2f   0x0   ---- .drectve           MEM_NO_READ
+0x000001fb 0x8670 0x00000030 0x8670 0x0   -r-- .debug_S           MEM_NO_READ
+0x0000ad73 0x70   0x000086a0 0x70   0x0   -r-- .debug_T           MEM_NO_READ
+0x0000ade3 0x625  0x00008710 0x625  0x0   -rw- .data              MEM_NO_READ
+0x0000b408 0x54   0x00008d40 0x54   0x0   -r-- .rdata             MEM_NO_READ
+0x00000000 0x8    0x00008da0 0x8    0x0   -rw- .bss               MEM_NO_READ
+0x0000b45c 0x2895 0x00008db0 0x2895 0x0   -r-x .text_mn           MEM_NO_READ
+0x0000e967 0x8    0x0000b650 0x8    0x0   -r-- .rdata_0xe967      MEM_NO_READ
+0x0000e96f 0x4    0x0000b660 0x4    0x0   -r-- .rdata_0xe96f      MEM_NO_READ
+0x0000e973 0x8    0x0000b670 0x8    0x0   -r-- .rdata_0xe973      MEM_NO_READ
+0x0000e97b 0x4    0x0000b680 0x4    0x0   -r-- .rdata_0xe97b      MEM_NO_READ
 EOF
 RUN
 
@@ -93,17 +93,17 @@ EXPECT=<<EOF
  8 fd: 5 +0x00000eec 0x00000d60 - 0x00000e33 r-- vmap..debug$S
  9 fd: 5 +0x00000ff2 0x00000e40 - 0x00000e43 r-- vmap..rtc$IMZ
 10 fd: 5 +0x00001000 0x00000e50 - 0x00000e53 r-- vmap..rtc$TMZ
-paddr      size  vaddr      vsize align perm name           type flags 
------------------------------------------------------------------------
-0x0000017c 0xef  0x00000000 0xef  0x0   ---- .drectve            
-0x0000026b 0xab0 0x000000f0 0xab0 0x0   -r-- .debug_S            
-0x00000d1b 0x74  0x00000ba0 0x74  0x0   -r-- .debug_T            
-0x00000d8f 0x2d  0x00000c20 0x2d  0x0   -r-x .text_mn            
-0x00000dbc 0xd4  0x00000c50 0xd4  0x0   -r-- .debug_S_0xdbc      
-0x00000ec2 0x2a  0x00000d30 0x2a  0x0   -r-x .text_mn_0xec2      
-0x00000eec 0xd4  0x00000d60 0xd4  0x0   -r-- .debug_S_0xeec      
-0x00000ff2 0x4   0x00000e40 0x4   0x0   -r-- .rtc_IMZ            
-0x00001000 0x4   0x00000e50 0x4   0x0   -r-- .rtc_TMZ            
+paddr      size  vaddr      vsize align perm name           type flags       
+-----------------------------------------------------------------------------
+0x0000017c 0xef  0x00000000 0xef  0x0   ---- .drectve            MEM_NO_READ
+0x0000026b 0xab0 0x000000f0 0xab0 0x0   -r-- .debug_S            MEM_NO_READ
+0x00000d1b 0x74  0x00000ba0 0x74  0x0   -r-- .debug_T            MEM_NO_READ
+0x00000d8f 0x2d  0x00000c20 0x2d  0x0   -r-x .text_mn            MEM_NO_READ
+0x00000dbc 0xd4  0x00000c50 0xd4  0x0   -r-- .debug_S_0xdbc      MEM_NO_READ
+0x00000ec2 0x2a  0x00000d30 0x2a  0x0   -r-x .text_mn_0xec2      MEM_NO_READ
+0x00000eec 0xd4  0x00000d60 0xd4  0x0   -r-- .debug_S_0xeec      MEM_NO_READ
+0x00000ff2 0x4   0x00000e40 0x4   0x0   -r-- .rtc_IMZ            MEM_NO_READ
+0x00001000 0x4   0x00000e50 0x4   0x0   -r-- .rtc_TMZ            MEM_NO_READ
 nth paddr      vaddr      bind   type size lib name                   
 ----------------------------------------------------------------------
 0   ---------- ---------- LOCAL  ABS  4        @comp.id-0x01055e97