CRO0: Difference between revisions
m Relocation code |
mNo edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 10: | Line 10: | ||
For dumping symbols and loading a CRO into IDA, see [https://github.com/plutooo/ctr/] and [https://github.com/wwylele/IDA_plugin_CRO]. | For dumping symbols and loading a CRO into IDA, see [https://github.com/plutooo/ctr/] and [https://github.com/wwylele/IDA_plugin_CRO]. | ||
= Structure = | |||
{| class="wikitable" border="1" | {| class="wikitable" border="1" | ||
| Line 432: | Line 434: | ||
return 0xD9012C22; | return 0xD9012C22; | ||
} | } | ||
== nnroControlObject == | |||
Signature: | |||
Result nnroControlObject(void* arg, u32 type); | |||
{| class="wikitable" border="1" | |||
! Type | |||
! Description | |||
|- | |||
| 0 | |||
| Write address of "nnroEitNode_" to memory pointed by arg (*(u32*)arg = &nnroEitNode_) | |||
|- | |||
| 1 | |||
| Set global in CRO to arg, where arg is the CRO end (g_CRO_end = (u32)arg) | |||
|- | |||
| 2 | |||
| Write CRO end to memory pointed by arg (*(u32*)arg = g_CRO_end) | |||
|- | |||
| 3 | |||
| Write begin, end of function list (C initializers?) to memory pointed by arg (*(u32*)arg = (u32)listBegin, ((u32*)arg)[1] = (u32)listEnd) | |||
|- | |||
| 4 | |||
| Write begin, end of function list (C++ initializers?) to memory pointed by arg (*(u32*)arg = (u32)listBegin, ((u32*)arg)[1] = (u32)listEnd) | |||
|} | |||
"EitNode" are nodes of a linked list containing informations about the main executable + loaded modules: | |||
{| class="wikitable" border="1" | |||
! Index Word | |||
! Type | |||
! Description | |||
|- | |||
| 0 | |||
| EitNode* | |||
| Pointer to the previous element of the list | |||
|- | |||
| 1 | |||
| EitNode* | |||
| Pointer to the next element of the list | |||
|- | |||
| 2 | |||
| u32 | |||
| Module code start, for the main executable this is .text base, for CROs this is the value at CRO+0xB0 | |||
|- | |||
| 3 | |||
| u32 | |||
| Module code end (start + size), for the main executable the size is the size of all mapped sections, for CROs it's the value at CRO+0xB4 | |||
|- | |||
| 4 | |||
| u32* | |||
| Unknown, seems to be an array of u32, probably holds debugging informations | |||
|- | |||
| 5 | |||
| u32* | |||
| This points at the end of the previous array | |||
|- | |||
| 6 | |||
| ElfNode* (?) | |||
| Unknown, this is only set for the main executable node, and it points to itself | |||
|} | |||