mirror of
https://github.com/QuasarApp/LIEF.git
synced 2025-05-12 11:29:33 +00:00
1e0c4e81d4
- it changes the way how the number of symbols is reduced and how offsets to names are calculated. Instead of n^2 algorithms, it introduces nlog(n) algorithm. When the symbols optimization step is performed map<symbol_name, offset_to_name> is created so it saves another n^2 pass - a couple of performance improvements to filter_iterator - from pre to post incrementation to save an unneeded copy, memoization of end iterator as the compiler cannot do it on its own and recreates it every loop iteration, simplified construction of the end iterator on the test binary that has a couple of hundreds of MB, it reduces the execution time of elf_add_section example form 20 minutes to a couple of seconds - adds an ability to modify single value inplace in the sectiton to save coying it just to do that - the reason behind this patch is to use LIEF as a patchelf replacement so the performance is one of the factors Signed-off-by: Janusz Lisiecki <jlisiecki@nvidia.com>
About
The purpose of this project is to provide a cross platform library which can parse, modify and abstract ELF, PE and MachO formats.
Main features:
- Parsing: LIEF can parse ELF, PE, MachO, OAT, DEX, VDEX, ART and provides an user-friendly API to access to format internals.
- Modify: LIEF enables to modify some parts of these formats
- Abstract: Three formats have common features like sections, symbols, entry point... LIEF factors them.
- API: LIEF can be used in C, C++ and Python
Content
Downloads / Install
First, make sure to have an updated version of setuptools:
pip install setuptools --upgrade
To install the latest version (release):
pip install lief
To install nightlty build:
pip install [--user] --index-url https://lief-project.github.io/packages lief
Packages
 | |||
| Linux | Windows - x86 | Windows - x86-64 | OSX |
|---|---|---|---|
| SDK | SDK | SDK | SDK |
| |||||
| Linux | Windows | OSX | Documentation | ||
|---|---|---|---|---|---|
| SDK |
SDK - x86
SDK - x86-64 |
SDK | Sphinx + Doxygen | ||
Here are guides to install or integrate LIEF:
Getting started
Python
import lief
# ELF
binary = lief.parse("/usr/bin/ls")
print(binary)
# PE
binary = lief.parse("C:\\Windows\\explorer.exe")
print(binary)
# Mach-O
binary = lief.parse("/usr/bin/ls")
print(binary)
C++
#include <LIEF/LIEF.hpp>
int main(int argc, char** argv) {
// ELF
try {
std::unique_ptr<LIEF::ELF::Binary> elf = LIEF::ELF::Parser::parse("/bin/ls");
std::cout << *elf << std::endl;
} catch (const LIEF::exception& err) {
std::cerr << err.what() << std::endl;
}
// PE
try {
std::unique_ptr<LIEF::PE::Binary> pe = LIEF::PE::Parser::parse("C:\\Windows\\explorer.exe");
std::cout << *pe << std::endl;
} catch (const LIEF::exception& err) {
std::cerr << err.what() << std::endl;
}
// Mach-O
try {
std::unique_ptr<LIEF::MachO::FatBinary> macho = LIEF::MachO::Parser::parse("/bin/ls");
std::cout << *macho << std::endl;
} catch (const LIEF::exception& err) {
std::cerr << err.what() << std::endl;
}
return 0;
}
C (Limited API)
#include <LIEF/LIEF.h>
int main(int argc, char** argv) {
Elf_Binary_t* elf = elf_parse("/usr/bin/ls");
Elf_Section_t** sections = elf->sections;
for (size_t i = 0; sections[i] != NULL; ++i) {
printf("%s\n", sections[i]->name);
}
elf_binary_destroy(elf);
return 0;
}
Documentation
Contact
- Mail: lief at quarkslab com
- Gitter: lief-project
About
Authors
Romain Thomas (@rh0main) - Quarkslab
License
LIEF is provided under the Apache 2.0 license.
Bibtex
@MISC {LIEF,
author = "Romain Thomas",
title = "LIEF - Library to Instrument Executable Formats",
howpublished = "https://lief.quarkslab.com/",
month = "April",
year = "2017",
}
