[Dropper] + finish integration for Dropper with a multimedia mini plu…

…gin - PNG #182 #181 Signed-off-by: Gheorghita Mutu <gheorghitamutu@gmail.com>
gdt050579 · Apr 8, 2024 · 552a2ef · 552a2ef
1 parent de14263
commit 552a2ef
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 2 deletions.
diff --git a/GenericPlugins/Dropper/include/Dropper.hpp b/GenericPlugins/Dropper/include/Dropper.hpp
@@ -5,10 +5,12 @@
 
 #include "SpecialStrings.hpp"
 #include "Executables.hpp"
+#include "Multimedia.hpp"
 
 using namespace GView::Utils;
 using namespace GView::GenericPlugins::Droppper::SpecialStrings;
 using namespace GView::GenericPlugins::Droppper::Executables;
+using namespace GView::GenericPlugins::Droppper::Multimedia;
 
 namespace GView::GenericPlugins::Droppper
 {
@@ -23,8 +25,10 @@ class Instance
         // dummy init for now
         std::unique_ptr<IDrop> a = std::make_unique<IpAddress>(false, true);
         std::unique_ptr<IDrop> b = std::make_unique<MZPE>();
+        std::unique_ptr<IDrop> c = std::make_unique<PNG>();
         droppers.push_back(std::move(a));
         droppers.push_back(std::move(b));
+        droppers.push_back(std::move(c));
 
         return true;
     }

diff --git a/GenericPlugins/Dropper/include/IDrop.hpp b/GenericPlugins/Dropper/include/IDrop.hpp
@@ -58,6 +58,14 @@ class IDrop
         return false;
     }
 
+    inline bool IsMagicU64(BufferView precachedBuffer, uint64 magic)
+    {
+        if (precachedBuffer.GetLength() >= 8) {
+            return *reinterpret_cast<const uint64*>(precachedBuffer.GetData()) == magic;
+        }
+        return false;
+    }
+
     // TODO: isn't this a memcmp..?
     inline bool IsBuffer(uint64 offset, DataCache& file, BufferView bv)
     {

diff --git a/GenericPlugins/Dropper/src/Multimedia/PNG.cpp b/GenericPlugins/Dropper/src/Multimedia/PNG.cpp
@@ -2,7 +2,8 @@
 
 namespace GView::GenericPlugins::Droppper::Multimedia
 {
-constexpr uint32 IMAGE_PNG_MAGIC = 0x474E5089;
+// https://en.wikipedia.org/wiki/PNG#File_format
+constexpr uint64 IMAGE_PNG_MAGIC = 0x0A1A0A0D474E5089;
 
 const char* PNG::GetName()
 {
@@ -31,7 +32,24 @@ bool PNG::ShouldGroupInOneFile()
 
 Result PNG::Check(uint64 offset, DataCache& file, BufferView precachedBuffer, uint64& start, uint64& end)
 {
-    return Result::NotFound;
+    CHECK(IsMagicU64(precachedBuffer, IMAGE_PNG_MAGIC), Result::NotFound, "");
+
+    start      = offset;
+    end        = offset + sizeof(IMAGE_PNG_MAGIC);
+    auto found = false;
+    auto pos   = end;
+
+    do {
+        auto buffer = file.CopyToBuffer(end, sizeof(uint32), true);
+        CHECKBK(buffer.IsValid(), "");
+
+        auto chunk_length = Endian::BigToNative(*reinterpret_cast<uint32*>(buffer.GetData()));
+        end += chunk_length;
+        end += sizeof(uint32) * 3; // length + type + CRC32
+        found = chunk_length != 0;
+    } while (found);
+
+    return Result::Buffer;
 }
 
 } // namespace GView::GenericPlugins::Droppper::Multimedia