InEnglish

binstats : Basic statistics on binary code

Monday, 21 April 2014
|
Écrit par
Grégory Soutadé

As you may know, my work consists in developing software for embedded devices. We usually says that an embedded device is a peace of hardware with low resources (memory, CPU, flash...) taking in example phones. Nowaday, smartphones have only core software that is really embedded, the rest is sometimes more powerful than the computer I wrote this post. But, don't care, I don't work in telephony. Here (at Neotion), we do really embedded software, with chipsets clocked from 100Mhz to 200Mhz, with available RAM from 1MB to 32MB, and flash up to 8MB.

After years of developments, we can have one or more software that became too big to fit in its allocated flash partition. So, to find the guilty functions, I wrote a simple PERL script (~130 lines) that will count number of instructions for each function from objdump's output (with -ld switch) and displays statistics per function and per file (it doesn't focus on .data or .bss section). To correctly use the script, you have to compile your program with -ggdb option (to have line numbers and file paths), but you can also set optimisations (-OX).

Example with main.c

#include <stdio.h> int function1(int a, int b) { return a*b+4; } int function2(int a, int b, char* c) { printf("Result %d*%d+4 = %s\n", a, b, c); return 0; } int main(int argc, char** argv) { char buf[32]; sprintf(buf, "%d", function1(5, 4)); function2(5, 4, buf); }
> gcc main.c -ggdb -o test > objdump -ld test > test.txt > ./binstats.pl --in test.txt Total instructions 63 63 (100.00%) /home/soutade/main.c 38 main 16 function2 9 function1

There are also options to filter small files, small functions and paths that helps to focus on big ones. Have fun !

Lua post dissector for Wireshark

Wednesday, 27 November 2013
|
Écrit par
Grégory Soutadé

Logo Wireshark

Wireshark (previously Ethereal) is the best open source protocol dissector/analyzer. You can analyze an incredible amount of protocols, not only Internet ones, but every stream based protocols. Moreover you can add your own filters/dissectors written either in C or in Lua. Nevertheless, the documentation on the net concerning Lua dissectors is light and sparse. It's been hard for me to make something that works even if it's, at the end, not really complicated. I'll try to explain the basis of Lua dissectors.

1) Installation

You need to have a wireshark that supports Lua support (wireshark -v). After that, create or edit ~/.wireshark/init.lua. To load a new plugin, just type

dofile("mydissector.lua")

Create the new file ~/.wireshark/mydissector.lua

2) Post Dissector

There are three types of dissectors :

  • Dissector : you add your own protocol
  • Chained dissector : you add new fields to an existing protocol
  • Post dissector : you interact after all packets has been parsed

An example for each of one can be found here. I'll describe a post dissector, but other types of dissectors has pretty the same format.

Tip 1
If you want to display someting on the console, just do

print(something)


Tip 2
If the base array is not defined, add this to ~/.wireshark/init.lua

-- Display Bases base = { ["NONE"] = 0, ["DEC"] = 1, ["HEX"] = 2, ["OCT"] = 3, ["DEC_HEX"] = 4, ["HEX_DEC"] = 5, }

First, you need to define your protocol : Proto(<internal name>, <displayed name>)

p_dummyproto = Proto("dummyproto","DummyProto")


Then, define your fields : ProtoField.TYPE(<internal name>, <displayed name>, [base], [values], [mask])
TYPE are defined here

-- Simple field without value local f_X = ProtoField.uint16("dummyproto.f_X","Field X") -- Simple field displayed in hex format local f_Y = ProtoField.uint8("dummyproto.f_Y","Field Y", base.HEX) -- Field with precomputed values and bitfield local VALS_ZZ = {[0] = "Single", [1] = "Dual"} local f_Z = ProtoField.uint8("dummyproto.f_Z","Field Z", base.HEX, VALS_ZZ, 0x3)

Third step is to register each field

p_dummyproto.fields = {f_X, f_Y, f_Z}


After that, the big part : protocol dissection. Fields are organized as a tree. You have to parse each byte (or range of bytes) in the given buffer and append your fields. Be careful : objects returned by :add function has userdata type and cannot be directly manipulated.

function p_dummyproto.dissector(buffer,pinfo,tree) -- Access to another field local f_udp_port = Field.new("udp.port") -- If it exists and has the right value if f_udp_port and tostring(f_udp_port) == tostring(5555) then -- Add our protocol dissection with data in buffer[17, 17+14] local subtree = tree:add(p_dummyproto, buffer(17,14)) -- Add a subtree to our root for the first two bytes local t = subtree:add(f_X, buffer(17, 2)) -- Add a sub subtree local t2 = t:add(f_Y, buffer(17, 1)) -- Parse sub data parse_data(t, buffer, 18) end end function parse_data(tree, buffer, start) -- Wireshark integrate bitop from luajit http://bitop.luajit.org/ field_1 = buffer(start, 1):uint() field_1 = bit.band(field_1, 0x3) -- You can also append free text information to current field if field_1 < 16 then tree:append_text(" field information") end end

Finally register your post dissector

register_postdissector(p_dummyproto)


A complete example can be found here. It's a full reimplementation of ARP protocol dissector in Lua.

From Nokia to Android

Thursday, 19 September 2013
|
Écrit par
Grégory Soutadé

Nokia 7373

After 6 years of wonderful services I decided to change my superb Nokia 7373 by a Nexus 4 (thanks to the last price down). Welcome to the 21th century with a big smartphone running Android. One problem : how to transfer my contacts from Nokia to Android ? After reading some articles on the net I didn't find any simple solution. So I developped a perl script that will convert contacts extracted from Nokia Suite to vCad format (.vcf). The procedure is bellow :

  • Extract your contacts with Nokia Suite into a CSV file
  • Run this script (you can see help with -h switch)
  • Copy vcf files to your phone (you can copy them in DCIM directory if you have a Nexus 4, it works)
  • Go to "contact" application and import all vcf files

Now you can use your mobile phone as before. Personally I deactivated contact synchronisation because I do not want to give phone numbers of my friends to Google (even if I suppose it already has). *Beware* this script has been developped for French people : default call prefix is +33 (you can change it) and a cell phone numbers starts with 6 in France (you can change it). If you're in another country you may have to tweak it. Currently it can extract first name, last name, phone numbers and email. Have fun !

Nexus 4

Colored make output

Thursday, 18 April 2013
|
Écrit par
Grégory Soutadé

If I often compile under emacs, I use a lot the terminal. Most of people ignore how it's fast and practical to work, not for every tasks but it's perfect for programing. I already talks about Autojump2, today I will present colout. It's true that the terminal miss some colors. For better displays I personaly use black over white, but when you compile some projects, it's hard to see if errors happens.

I tweak colout (written by nojhan) to fit my needs. It's a simple Python software that will color terminal output if it found specific words. The list of words is fix and embedded into the script (unlike the original one that takes them in parameter). My script is available here.

You only need to add colout file into a bin directory (referenced in your $PATH) and edit your .bashrc with (don't forget to make it executable) :

function make() { /usr/bin/make "$@" 2>&1 | colout ;}

So, when you type "make", it will transparently use colout. The only bad thing is that you loss make's returns value.

Example with :

int main() { int a, b; b = a+1; c = a; return 0; }

colout result

It's better, isn't it ?

Command line loader for "Read for PIC" Board

Sunday, 24 March 2013
|
Écrit par
Grégory Soutadé

Ready for PIC board

Some weeks ago I bought a "Ready for PIC" board from MikroElektronika. These board comes with a PIC18F25K22 flashed with a bootloader that receives a program from UART and load it in memory without flashing. The prototype area is very nice for peoples that do not want to weld, it also contains a FTDI chip and can be powered by USB. Plus MikroElektronika supply a GUI software to interact with the bootloader. These GUI is available for Windows and Linux, that's great ! Contrary to microchip, MikroElektronika wants to sell their expensive C/BASIC/Pascal compiler and provide cool boards at a good price. The only thing I regret is that you cannot reset the PIC with the FTDI, you need to press the reset button before and after code is downloaded (so boring...).

Maybe the GUI is useful for electronics peoples, but I found it (on Linux) heavy and sometimes buggy. Moreover you cannot access to serial output just after code is downloaded. So, I wrote a simple console Python program that will download an HEX file with command line and optionally displays the output of UART. This allows to do quicker and simpler tests. You can find the file here, it's licensed under GPL v3.