stage-one/src/main.cpp

#define NOMINMAX
#define _CRT_SECURE_NO_WARNINGS

#include <cli-parser.hpp>
#include <filesystem>
#include <llodctor/llodctor_lib.hpp>
#include <llodctor/llodctor_pe.hpp>
#include <llosymbol_loader/llosymbol_loader_map.hpp>

int __cdecl main( int argc, const char *argv[] )
{
    argparse::argument_parser_t cli_parser( "llo stage-one", "llo stage one demo" );

    cli_parser.add_argument()
        .names( { "-i", "--input" } )
        .description( "input file, must be a supported file format..." )
        .required( true );

    cli_parser.add_argument()
        .names( { "-s", "--symbols" } )
        .description( "path to symbols file, must be a supported file format... pdb, map, etc..." );

    cli_parser.enable_help();
    auto err = cli_parser.parse( argc, argv );

    if ( err )
    {
        std::cout << err << std::endl;
        cli_parser.print_help();
        return -1;
    }

    auto name{ cli_parser.get< std::string >( "input" ) };

    if ( !std::filesystem::exists( name ) )
    {
        std::printf( "[!] input file does not exist...\n" );
        return -1;
    }

    std::vector< std::uint8_t > image;

    if ( !llo::utils::open_binary_file( name, image ) )
    {
        std::printf( "[!] failed to read file off disk...\n" );
        return -1;
    }

    std::shared_ptr< llo::s1::symbol_loader_base_t > symbol_loader = nullptr;

    if ( cli_parser.exists( "symbols" ) )
    {
        std::filesystem::path symbols_file{ cli_parser.get< std::string >( "symbols" ) };
        if ( !symbols_file.extension().compare( ".map" ) )
        {
            symbol_loader = std::make_shared< llo::s1::symbol_loader_map_t >( symbols_file.string() );
        }
        else if ( !symbols_file.extension().compare( ".pdb" ) )
        {
            // TODO:
            // symbol_loader = std::make_shared< llo::s1::symbol_loader_pdb_t >( symbols_file );
        }
        else
        {
            std::printf( "[!] unknown symbol file extension: %s\n", symbols_file.extension().c_str() );
            return -1;
        }
    }

    std::shared_ptr< llo::s1::dctor_base_t > file_dctor = nullptr;
    std::filesystem::path file_path{ name };

    if ( !file_path.extension().compare( ".exe" ) || !file_path.extension().compare( ".dll" ) ||
         !file_path.extension().compare( ".sys" ) )
    {
        file_dctor = std::make_shared< llo::s1::dctor_pe_t >( image, symbol_loader.get() );
    }
    else if ( !file_path.extension().compare( ".lib" ) )
    {
        file_dctor = std::make_shared< llo::s1::dctor_lib_t >( image, symbol_loader.get() );
    }
    else if ( !file_path.extension().compare( ".o" ) || !file_path.extension().compare( ".so" ) )
    {
        // TODO:
        // file_dctor = std::make_shared< llo::s1::dctor_elf_t >( image, symbol_loader.get() );
    }
    else
    {
        std::printf( "[!] unknown file extension: %s\n", file_path.extension().c_str() );
        return -1;
    }

    xed_tables_init();
    llo::lloiff_t iff( name, image );
    file_dctor->generate( iff );

    std::printf( "> iff number of children = %d\n", iff.children.size() );

    for ( auto &section : iff.sections )
    {
        std::printf( "> section name = %s\n", section.section_name.get_data().c_str() );
        std::printf( "> section data = %p\n", section.raw.data() );

        if ( section.characteristics.prot.is_executable )
            std::printf( "> number of instructions = %d\n", section.instrs.size() );

        std::printf( "> size of raw section = %d\n", section.raw.size() );
    }

    for ( auto &child : iff.children )
    {
        for ( auto &section : child->sections )
        {
            std::printf( "> section name = %s\n", section.section_name.get_data().c_str() );
            std::printf( "> section data = %p\n", section.raw.data() );

            if ( section.characteristics.prot.is_executable )
                std::printf( "> number of instructions = %d\n", section.instrs.size() );

            std::printf( "> size of raw section = %d\n", section.raw.size() );
        }
    }
    std::getchar();
}