chore: fix build and tests.

.github/workflows/ci.yml

@@ -0,0 +1,115 @@
+name: CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+
+jobs:
+  build:
+    runs-on: ubuntu-24.04
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Install dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y \
+          autoconf \
+          automake \
+          libtool \
+          pkg-config \
+          build-essential \
+          libcunit1 \
+          libcunit1-dev \
+          wget \
+          zlib1g-dev \
+          libssl-dev \
+          libsqlite3-dev \
+          libreadline-dev \
+          libncurses5-dev \
+          libbz2-dev \
+          libffi-dev \
+          nasm \
+          gdb
+
+    - name: Enable core dumps
+      run: |
+        ulimit -c unlimited
+        sudo mkdir -p /cores
+        sudo chmod 777 /cores
+        echo "/cores/core.%e.%p" | sudo tee /proc/sys/kernel/core_pattern
+        sudo sysctl -w kernel.core_pattern=/cores/core.%e.%p
+
+    - name: Cache Python 2.7
+      uses: actions/cache@v3
+      id: python-cache
+      with:
+        path: /opt/python2.7
+        key: ${{ runner.os }}-python2.7-v1
+
+    - name: Build Python 2.7
+      if: steps.python-cache.outputs.cache-hit != 'true'
+      run: |
+        wget https://www.python.org/ftp/python/2.7.18/Python-2.7.18.tgz
+        tar xzf Python-2.7.18.tgz
+        cd Python-2.7.18
+        ./configure --prefix=/opt/python2.7 --without-test-modules
+        make -j$(nproc)
+        sudo make install
+        cd ..
+
+    - name: Save Python 2.7 cache
+      if: steps.python-cache.outputs.cache-hit != 'true'
+      uses: actions/cache/save@v3
+      with:
+        path: /opt/python2.7
+        key: ${{ runner.os }}-python2.7-v1
+
+    - name: Download and build udis86 with -fPIC
+      run: |
+        wget https://github.com/vmt/udis86/archive/refs/tags/v1.7.2.tar.gz -O udis86-1.7.2.tar.gz
+        tar xzf udis86-1.7.2.tar.gz
+        cd udis86-1.7.2
+        autoreconf -i
+        CFLAGS="-fPIC" ./configure
+        make PYTHON=/opt/python2.7/bin/python2
+        sudo make install
+        cd ..
+
+    - name: Configure and build project
+      run: |
+        ./autogen.sh
+        CFLAGS="-Wno-stringop-truncation -g" ./configure --enable-tests
+        make
+
+    - name: Run tests
+      run: |
+        cd test
+        make check
+        cd ..
+
+    - name: Display test logs
+      if: always()
+      run: |
+        echo "=== Test Suite Log ==="
+        cat test/test-suite.log
+        echo "====================="
+
+    - name: Analyze core dumps
+      if: always()
+      run: |
+        echo "=== Core Dumps Analysis ==="
+        echo "Current directory: $(pwd)"
+        echo "Core dump directory contents:"
+        ls -la /cores/
+        for core in /cores/core.*; do
+          if [ -f "$core" ]; then
+            echo "Analyzing core dump: $core"
+            executable=$(echo $core | cut -d. -f2)
+            echo "Looking for executable: $executable"
+            find . -name "$executable" -type f
+            gdb -batch -ex "bt full" -ex "info threads" -ex "thread apply all bt" "./test/.libs/$executable" "$core"
+          fi
+        done
+        echo "========================" 

configure.ac

@@ -11,6 +11,9 @@ AC_CONFIG_SRCDIR([src/binary.c])
 AC_CONFIG_HEADERS([config.h])
 AC_CONFIG_MACRO_DIR([m4])
 
+# Add compiler flags
+CFLAGS="$CFLAGS -Wpedantic"
+
 HAVE_TESTS="yes"
 dnl Enable unit-tests
 AC_ARG_ENABLE([tests],

src/Makefile.am

@@ -1,5 +1,5 @@
 CFLAGS_LANGUAGE=-std=c99 -pedantic -D_POSIX_C_SOURCE \
-		-D_SVID_SOURCE
+		-D_DEFAULT_SOURCE
 CFLAGS_WARNS=-Wall -Wextra -Werror
 CFLAGS_INCLUDES=-Iinclude -I$(LIBXML_INCLUDES) -I$(LIBUDIS_INCLUDES)
 

src/binary.c

@@ -598,19 +598,17 @@ static _u32 _malelf_binary_get_segment_32(MalelfBinary *bin,
                                           _u32 segment_idx,
                                           MalelfSegment *segment)
 {
-        MalelfPhdr stphdr;
         Elf32_Phdr *phdr32;
         int error = MALELF_SUCCESS;
 
-        assert(bin != NULL && bin->mem != NULL);
+        assert(bin != NULL && bin->mem != NULL && segment != NULL && segment->phdr != NULL);
 
-        error = malelf_binary_get_phdr(bin, &stphdr);
+        error = malelf_binary_get_phdr(bin, segment->phdr);
         if (error != MALELF_SUCCESS) {
                 return error;
         }
 
-        phdr32 = stphdr.uhdr.h32;
-
+        phdr32 = segment->phdr->uhdr.h32;
         phdr32 += segment_idx;
 
         segment->type = phdr32->p_type;
@@ -619,7 +617,6 @@ static _u32 _malelf_binary_get_segment_32(MalelfBinary *bin,
         segment->size = phdr32->p_filesz;
         segment->offset = phdr32->p_offset;
         segment->mem = bin->mem + phdr32->p_offset;
-        segment->phdr = &stphdr;
 
         return MALELF_SUCCESS;
 }
@@ -628,17 +625,16 @@ static _u32 _malelf_binary_get_segment_64(MalelfBinary *bin,
                                           _u32 segment_idx,
                                           MalelfSegment *segment)
 {
-        MalelfPhdr stphdr;
         Elf64_Phdr *phdr64;
         int error = MALELF_SUCCESS;
 
-        assert(bin != NULL && bin->mem != NULL);
-        error = malelf_binary_get_phdr(bin, &stphdr);
+        assert(bin != NULL && bin->mem != NULL && segment != NULL && segment->phdr != NULL);
+        error = malelf_binary_get_phdr(bin, segment->phdr);
         if (error != MALELF_SUCCESS) {
                 return error;
         }
 
-        phdr64 = stphdr.uhdr.h64;
+        phdr64 = segment->phdr->uhdr.h64;
 
         phdr64 += segment_idx;
 
@@ -648,7 +644,6 @@ static _u32 _malelf_binary_get_segment_64(MalelfBinary *bin,
         segment->offset = phdr64->p_offset;
         segment->size = phdr64->p_filesz;
         segment->mem = bin->mem + phdr64->p_offset;
-        segment->phdr = &stphdr;
 
         return MALELF_SUCCESS;
 }
@@ -778,15 +773,15 @@ static _u32 _malelf_binary_get_section32(_u32 section_idx,
         _u32 error = MALELF_SUCCESS;
         Elf32_Shdr *shdr32;
 
-        MalelfShdr ushdr;
+        assert(bin != NULL && bin->mem != NULL && section != NULL && section->shdr != NULL);
 
-        error = malelf_binary_get_shdr(bin, &ushdr);
+        error = malelf_binary_get_shdr(bin, section->shdr);
 
         if (error != MALELF_SUCCESS) {
                 return error;
         }
 
-        shdr32 = ushdr.uhdr.h32;
+        shdr32 = section->shdr->uhdr.h32;
         shdr32 += section_idx;
 
         error = malelf_binary_get_section_name(bin,
@@ -800,7 +795,6 @@ static _u32 _malelf_binary_get_section32(_u32 section_idx,
         section->offset = shdr32->sh_offset;
         section->addr = shdr32->sh_addr;
         section->size = shdr32->sh_size;
-        section->shdr = &ushdr;
         return MALELF_SUCCESS;
 }
 
@@ -810,15 +804,15 @@ static _u32 _malelf_binary_get_section64(_u32 section_idx,
 {
         int error = MALELF_SUCCESS;
         Elf64_Shdr *shdr64;
-        MalelfShdr ushdr;
+        assert(bin != NULL && bin->mem != NULL && section != NULL && section->shdr != NULL);
 
-        error = malelf_binary_get_shdr(bin, &ushdr);
+        error = malelf_binary_get_shdr(bin, section->shdr);
 
         if (error != MALELF_SUCCESS) {
                 return error;
         }
 
-        shdr64 = ushdr.uhdr.h64;
+        shdr64 = section->shdr->uhdr.h64;
         shdr64 += section_idx;
 
         error = malelf_binary_get_section_name(bin,
@@ -956,12 +950,13 @@ _u32 _malelf_binary_get_section_by_name64(MalelfBinary *bin,
         return error;
 }
 
+// section->shdr must be initialized before calling this function.
 _u32 malelf_binary_get_section_by_name(MalelfBinary *bin,
                                        const char *name,
                                        MalelfSection *section)
 {
         int error = MALELF_SUCCESS;
-        assert(NULL != name && NULL != bin && NULL != bin->mem);
+        assert(NULL != name && NULL != bin && NULL != bin->mem && NULL != section && NULL != section->shdr);
 
 
         switch (bin->class) {
@@ -1278,21 +1273,31 @@ _u32 _malelf_binary_write_elf(MalelfBinary *bin)
                 _u32 last_size = 0;
                 /* writing binary content using the program headers */
                 for (i = 0; i < ehdr_phnum; i++) {
-                        MalelfSegment segment;
+                        MalelfSegment *segment;
+
+                        segment = malelf_malloc(sizeof(MalelfSegment) + sizeof(MalelfPhdr));
+                        if (!segment) {
+                                return MALELF_EALLOC;
+                        }
 
-                        error = malelf_binary_get_segment(bin, i, &segment);
+                        segment->phdr = (MalelfPhdr *)(segment + sizeof(MalelfSegment));
 
-                        if (segment.type == PT_NULL)
+                        error = malelf_binary_get_segment(bin, i, segment);
+
+                        if (segment->type == PT_NULL) {
+                                free(segment);
                                 continue;
+                        }
 
-                        last_offset = segment.offset;
-                        last_size = segment.size;
+                        last_offset = segment->offset;
+                        last_size = segment->size;
 
-                        lseek(bin->fd, segment.offset, SEEK_SET);
+                        lseek(bin->fd, segment->offset, SEEK_SET);
                         error = malelf_write(bin->fd,
-                                             bin->mem + segment.offset,
-                                             segment.size);
+                                             bin->mem + segment->offset,
+                                             segment->size);
 
+                        free(segment);
                         if (MALELF_SUCCESS != error) {
                                 return error;
                         }

src/debug.c

@@ -98,7 +98,6 @@ int __malelf_debug(_u8 logcode,
         char temp[256];
         char fmt_out[LOG_BUFSIZE];
         char stime[26];
-        int timelen;
         char *prefix;
 
         if (!_malelf_debug_ok) {
@@ -115,11 +114,8 @@ int __malelf_debug(_u8 logcode,
         localtime_r(&ltime, &result);
         asctime_r(&result, stime);
 
-        timelen = strlen(stime);
-
         strcat(temp, "[");
-        strncat(temp, stime, timelen);
-        temp[timelen] = 0;
+        strncat(temp, stime, 255);
         strcat(temp, "]");
         strcat(temp, "[%s][%s:%s] %s");
 

src/ehdr.c

@@ -62,6 +62,7 @@ static MalelfEhdrTable _me_machine[] = {
         {"EM_88K",   5, "Motorola 88000"},
         {"EM_860",   7, "Intel 80860"},
         {"EM_MIPS",  8, "MIPS RS3000"},
+        {"EM_X86_64", 64, "x86-64"},
         {"UNKNOWN", 0, "UNKNOWN"}
 };
 
@@ -185,7 +186,7 @@ _u32 malelf_ehdr_get_machine(MalelfEhdr *ehdr,
         }
 
         switch(machine) {
-        case EM_NONE:
+        case EM_NONE:   
                 *me_machine = _me_machine[0];
                 break;
         case EM_M32:
@@ -209,6 +210,9 @@ _u32 malelf_ehdr_get_machine(MalelfEhdr *ehdr,
         case EM_MIPS:
                 *me_machine = _me_machine[7];
                 break;
+        case EM_X86_64:
+                *me_machine = _me_machine[8];
+                break;
         default:
                 *me_machine = _me_machine[8];
                 me_machine->value = machine;

src/include/malelf/binary.h

@@ -34,6 +34,8 @@
 
 MALELF_BEGIN_DECLS
 
+#define pointer_to(p, offset)                                             \
+    ((void *) ((char *) (p) + (offset)))
 
 typedef struct {
         char *fname;         /* Binary filename */

src/include/malelf/debug.h

@@ -35,7 +35,7 @@
 
 #define _MALELF_DEBUG_TEST(code, ...)                           \
         __malelf_debug(code,                                    \
-                       __FUNCTION__,                            \
+                       __func__,                            \
                        __FILE__,                                \
                        TOSTRING(__LINE__),                      \
                        __VA_ARGS__)

src/include/malelf/error.h

@@ -95,7 +95,7 @@ typedef enum {
 
 
 #define MALELF_PERROR(code)\
-    __malelf_perror(code, __FUNCTION__, __FILE__, __LINE__)
+    __malelf_perror(code, __func__, __FILE__, __LINE__)
 
 #define MALELF_FATAL(code)\
     do {\

src/infect.c

@@ -207,6 +207,8 @@ _u32 _malelf_infect_prepare_silvio_padding32(MalelfInfect *infector)
         host_ehdr = (Elf32_Ehdr *) MALELF_ELF_DATA(&host->ehdr);
         host_phdr = (Elf32_Phdr *) MALELF_ELF_DATA(&host->phdr);
 
+        assert(host_ehdr->e_phnum > 0);
+
         for (phdr = host_phdr, i = host_ehdr->e_phnum;
              i-- > 0;
              phdr++) {

src/malware/lib/inc/util.inc.asm → src/malware/lib/inc32/util.inc.asm

@@ -1,4 +1,4 @@
-%include "inc/syscall.inc.asm"
+%include "inc32/syscall.inc.asm"
 
 %macro  prologue 0
         push    ebp