libgoblin

Documentation

https://docs.rs/goblin/

changelog

Usage

Goblin requires rustc 1.40.0.

Add to your Cargo.toml

toml [dependencies] goblin = "0.4"

Features

• awesome crate name
• zero-copy, cross-platform, endian-aware, ELF64/32 implementation - wow!
• zero-copy, cross-platform, endian-aware, 32/64 bit Mach-o parser - zoiks!
• PE 32/64-bit parser - bing!
• a Unix and BSD style archive parser (latter courtesy of [@willglynn]) - huzzah!
• many cfg options - it will make your head spin, and make you angry when reading the source!
• fuzzed - "I am happy to report that goblin withstood 100 million fuzzing runs, 1 million runs each for seed 1\~100." - [@sanxiyn]
• tests

libgoblin aims to be your one-stop shop for binary parsing, loading, and analysis.

Use-cases

Goblin primarily supports the following important use cases:

1. Core, std-free #[repr(C)] structs, tiny compile time, 32/64 (or both) at your leisure.

2. Type punning. Define a function once on a type, but have it work on 32 or 64-bit variants - without really changing anything, and no macros! See examples/automagic.rs for a basic example.

3. std mode. This throws in read and write impls via Pread and Pwrite, reading from file, convenience allocations, extra methods, etc. This is for clients who can allocate and want to read binaries off disk.

4. Endian_fd. A truly terrible name :laughing: this is for binary analysis like in [panopticon] or [falcon] which needs to read binaries of foreign endianness, or as a basis for constructing cross platform foreign architecture binutils, e.g. [cargo-sym] and [bingrep] are simple examples of this, but the sky is the limit.

Here are some things you could do with this crate (or help to implement so they could be done):

1. Write a compiler and use it to generate binaries (all the raw C structs have Pwrite derived).
2. Write a binary analysis tool which loads, parses, and analyzes various binary formats, e.g., [panopticon] or [falcon].
3. Write a semi-functioning dynamic linker.
4. Write a kernel and load binaries using no_std cfg. I.e., it is essentially just struct and const defs (like a C header) - no fd, no output, no std.
5. Write a [bin2json] tool, because why shouldn't binary formats be in JSON?

Cfgs

libgoblin is designed to be massively configurable. The current flags are:

• elf64 - 64-bit elf binaries, repr(C) struct defs
• elf32 - 32-bit elf binaries, repr(C) struct defs
• mach64 - 64-bit mach-o repr(C) struct defs
• mach32 - 32-bit mach-o repr(C) struct defs
• pe32 - 32-bit PE repr(C) struct defs
• pe64 - 64-bit PE repr(C) struct defs
• archive - a Unix Archive parser
• endian_fd - parses according to the endianness in the binary
• std - to allow no_std environments

Contributors

Thank you all :heart: !

In lexicographic order:

• [@2vg]
• [@amanieu]
• [@burjui]
• [@connorkuehl]
• [@dancrossnyc]
• [@ExPixel]
• [@Evian-Zhang]
• [@flanfly]
• [@glandium]
• [@ibabushkin]
• [@jackcmay]
• [@jan-auer]
• [@jessehui]
• [@jdub]
• [@jrmuizel]
• [@jsgf]
• [@keith]
• [@kjempelodott]
• [@ko1n]
• [@le-jzr]
• [@Lichtso]
• [@lion128]
• [@llogiq]
• [@lzutao]
• [@lzybkr]
• [@m4b]
• [@messense]
• [@mitsuhiko]
• [@mre]
• [@Mrmaxmeier]
• [@nico-abram]
• [@pchickey]
• [@philipc]
• [@Pzixel]
• [@quake]
• [@raindev]
• [@rocallahan]
• [@sanxiyn]
• [@sollyucko]
• [@tathanhdinh]
• [@Techno-coder]
• [@ticki]
• [@Timmmm]
• [@Tiwalun]
• [@wickerwacka]
• [@willglynn]
• [@woodruffw]
• [@wyxloading]
• [@xcoldhandsx]

Contributing

1. Please prefix commits with the affected binary component; the more specific the better, e.g., if you only modify relocations in the elf module, then do "elf.reloc: added new constants for Z80"
2. Commit messages must explain their change, no generic "changed", or "fix"; if you push commits like this on a PR, be aware [@m4b] or someone will most likely squash them.
3. If you are making a large change to a module, please raise an issue first and lets discuss; I don't want to waste your time if its not a good technical direction, or etc.
4. If your PR is not getting attention, please respond to all relevant comments raised on the PR, and if still no response, ping [@m4b], [@philipc], or [@willglynn] in github and also feel free to email [@m4b].
5. Please add tests if you are adding a new feature. Feel free to add tests even if you are not, tests are awesome and easy in rust.
6. Once cargo format is officially released, please format your patch using the default settings.