package ghidra.app.util.bin.format.pe;

import ghidra.app.cmd.data.CreateArrayCmd;
import ghidra.app.util.importer.MessageLog;
import ghidra.app.util.opinion.AbstractProgramLoader;
import ghidra.program.model.address.Address;
import ghidra.program.model.address.AddressOutOfBoundsException;
import ghidra.program.model.address.AddressSpace;
import ghidra.program.model.data.ArrayDataType;
import ghidra.program.model.data.ByteDataType;
import ghidra.program.model.data.CategoryPath;
import ghidra.program.model.data.IBO32DataType;
import ghidra.program.model.data.PointerDataType;
import ghidra.program.model.data.StructureDataType;
import ghidra.program.model.listing.Data;
import ghidra.program.model.listing.Program;
import ghidra.program.model.mem.Memory;
import ghidra.program.model.mem.MemoryAccessException;
import ghidra.program.model.symbol.SourceType;
import ghidra.program.model.symbol.SymbolTable;
import ghidra.util.exception.InvalidInputException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.function.Supplier;

/* loaded from: input_file:ghidra/app/util/bin/format/pe/ControlFlowGuard.class */
public class ControlFlowGuard {
    public static String GuardCFFunctionTableName = "GuardCFFunctionTable";
    public static String GuardCFAddressTakenIatTableName = "GuardCFAddressTakenIatTable";
    public static String GuardCfgTableEntryName = "GuardCfgTableEntry";

    public static void markup(LoadConfigDirectory loadConfigDirectory, Program program, MessageLog messageLog, NTHeader nTHeader) {
        Objects.requireNonNull(loadConfigDirectory);
        markupCfgFunction("_guard_check_icall", "ControlFlowGuard check", loadConfigDirectory::getCfgCheckFunctionPointer, program, nTHeader, messageLog);
        Objects.requireNonNull(loadConfigDirectory);
        markupCfgFunction("_guard_dispatch_icall", "ControlFlowGuard dispatch", loadConfigDirectory::getCfgDispatchFunctionPointer, program, nTHeader, messageLog);
        markupCfgFunctionTable(loadConfigDirectory, program, messageLog);
        markupCfgAddressTakenIatEntryTable(loadConfigDirectory, program, messageLog);
        Objects.requireNonNull(loadConfigDirectory);
        markupCfgFunction("_guard_ss_verify_failure", "ReturnFlowGuard failure", loadConfigDirectory::getRfgFailureRoutine, program, nTHeader, messageLog);
        Objects.requireNonNull(loadConfigDirectory);
        markupCfgFunction("_guard_ss_verify_failure_default", "ReturnFlowGuard default failure", loadConfigDirectory::getRfgFailureRoutineFunctionPointer, program, nTHeader, messageLog);
        Objects.requireNonNull(loadConfigDirectory);
        markupCfgFunction("_guard_ss_verify_sp_default", "ReturnFlowGuard verify stack pointer", loadConfigDirectory::getRfgVerifyStackPointerFunctionPointer, program, nTHeader, messageLog);
    }

    private static void markupCfgFunctionTable(LoadConfigDirectory loadConfigDirectory, Program program, MessageLog messageLog) {
        long cfgFunctionTablePointer = loadConfigDirectory.getCfgFunctionTablePointer();
        long cfgFunctionCount = loadConfigDirectory.getCfgFunctionCount();
        if (cfgFunctionTablePointer == 0 || cfgFunctionCount <= 0) {
            return;
        }
        Address address = program.getAddressFactory().getDefaultAddressSpace().getAddress(cfgFunctionTablePointer);
        try {
            program.getSymbolTable().createLabel(address, GuardCFFunctionTableName, SourceType.IMPORTED);
        } catch (InvalidInputException e) {
            messageLog.appendMsg("Unable to label ControlFlowGuard function table: " + e.getMessage());
        }
        int flags = (loadConfigDirectory.getCfgGuardFlags().getFlags() & (-268435456)) >> 28;
        IBO32DataType iBO32DataType = new IBO32DataType();
        ByteDataType byteDataType = ByteDataType.dataType;
        CategoryPath categoryPath = new CategoryPath(CategoryPath.ROOT, "CFG");
        StructureDataType structureDataType = (StructureDataType) program.getDataTypeManager().getDataType(categoryPath, GuardCfgTableEntryName);
        if (structureDataType == null) {
            structureDataType = new StructureDataType(categoryPath, GuardCfgTableEntryName, 0);
            structureDataType.setPackingEnabled(false);
            structureDataType.add(iBO32DataType, "Offset", "");
            if (flags > 0) {
                structureDataType.add(new ArrayDataType(byteDataType, flags / byteDataType.getLength(), byteDataType.getLength()), "Pad", "");
            }
        }
        new CreateArrayCmd(address, (int) cfgFunctionCount, structureDataType, structureDataType.getLength()).applyTo(program);
        createCfgFunctions(program, program.getListing().getDataAt(address), messageLog);
    }

    private static void createCfgFunctions(Program program, Data data, MessageLog messageLog) {
        if (data == null) {
            messageLog.appendMsg("Couldn't find Control Flow Guard tables.");
            return;
        }
        if (!data.isArray() || data.getNumComponents() < 1) {
            messageLog.appendMsg("Control Flow Guard table seems to be empty.");
            return;
        }
        Iterator<Address> it = getFunctionAddressesFromTable(program, data).iterator();
        while (it.hasNext()) {
            AbstractProgramLoader.markAsFunction(program, null, it.next());
        }
    }

    private static List<Address> getFunctionAddressesFromTable(Program program, Data data) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < data.getNumComponents(); i++) {
            Object value = data.getComponent(i).getComponent(0).getValue();
            if (value instanceof Address) {
                arrayList.add((Address) value);
            }
        }
        return arrayList;
    }

    private static void markupCfgAddressTakenIatEntryTable(LoadConfigDirectory loadConfigDirectory, Program program, MessageLog messageLog) {
        long guardAddressIatTableTablePointer = loadConfigDirectory.getGuardAddressIatTableTablePointer();
        long guardAddressIatTableCount = loadConfigDirectory.getGuardAddressIatTableCount();
        if (guardAddressIatTableTablePointer == 0 || guardAddressIatTableCount <= 0) {
            return;
        }
        try {
            Address address = program.getAddressFactory().getDefaultAddressSpace().getAddress(guardAddressIatTableTablePointer);
            program.getSymbolTable().createLabel(address, GuardCFAddressTakenIatTableName, SourceType.IMPORTED);
            IBO32DataType iBO32DataType = new IBO32DataType();
            for (long j = 0; j < guardAddressIatTableCount; j++) {
                if (PeUtils.createData(program, address.add(j * iBO32DataType.getLength()), iBO32DataType, messageLog) == null) {
                    break;
                }
            }
        } catch (AddressOutOfBoundsException | InvalidInputException e) {
            messageLog.appendMsg("Unable to label ControlFlowGuard IAT table: " + e.getMessage());
        }
    }

    private static void markupCfgFunction(String str, String str2, Supplier<Long> supplier, Program program, NTHeader nTHeader, MessageLog messageLog) {
        if (supplier.get().longValue() == 0) {
            return;
        }
        AddressSpace defaultAddressSpace = program.getAddressFactory().getDefaultAddressSpace();
        Memory memory = program.getMemory();
        SymbolTable symbolTable = program.getSymbolTable();
        boolean is64bit = nTHeader.getOptionalHeader().is64bit();
        Address address = defaultAddressSpace.getAddress(supplier.get().longValue());
        PeUtils.createData(program, address, PointerDataType.dataType, messageLog);
        try {
            Address address2 = defaultAddressSpace.getAddress(is64bit ? memory.getLong(address) : memory.getInt(address));
            try {
                symbolTable.createLabel(address2, str, SourceType.IMPORTED);
            } catch (AddressOutOfBoundsException | InvalidInputException e) {
                messageLog.appendMsg("Unable to apply label '%s' to %s function at %s: %s".formatted(str, str2, address2, e.getMessage()));
            }
            if (program.getListing().getDefinedDataAt(address2) == null) {
                AbstractProgramLoader.markAsFunction(program, null, address2);
            } else {
                messageLog.appendMsg("Unable to mark %s as function at %s. Data is already defined there.".formatted(str2, address2));
            }
        } catch (MemoryAccessException e2) {
            messageLog.appendMsg("Failed to read %s function pointer address at %s".formatted(str2, address));
        }
    }
}
