lldb/examples/python/mach_o.py

#!/usr/bin/python

import cmd
import dict_utils
import file_extract
import optparse
import re
import struct
import string
import StringIO
import sys
import uuid

# Mach header "magic" constants
MH_MAGIC = 0xfeedface
MH_CIGAM = 0xcefaedfe
MH_MAGIC_64 = 0xfeedfacf
MH_CIGAM_64 = 0xcffaedfe
FAT_MAGIC = 0xcafebabe
FAT_CIGAM = 0xbebafeca

# Mach haeder "filetype" constants
MH_OBJECT = 0x00000001
MH_EXECUTE = 0x00000002
MH_FVMLIB = 0x00000003
MH_CORE = 0x00000004
MH_PRELOAD = 0x00000005
MH_DYLIB = 0x00000006
MH_DYLINKER = 0x00000007
MH_BUNDLE = 0x00000008
MH_DYLIB_STUB = 0x00000009
MH_DSYM = 0x0000000a
MH_KEXT_BUNDLE = 0x0000000b

# Mach haeder "flag" constant bits
MH_NOUNDEFS = 0x00000001
MH_INCRLINK = 0x00000002
MH_DYLDLINK = 0x00000004
MH_BINDATLOAD = 0x00000008
MH_PREBOUND = 0x00000010
MH_SPLIT_SEGS = 0x00000020
MH_LAZY_INIT = 0x00000040
MH_TWOLEVEL = 0x00000080
MH_FORCE_FLAT = 0x00000100
MH_NOMULTIDEFS = 0x00000200
MH_NOFIXPREBINDING = 0x00000400
MH_PREBINDABLE = 0x00000800
MH_ALLMODSBOUND = 0x00001000
MH_SUBSECTIONS_VIA_SYMBOLS = 0x00002000
MH_CANONICAL = 0x00004000
MH_WEAK_DEFINES = 0x00008000
MH_BINDS_TO_WEAK = 0x00010000
MH_ALLOW_STACK_EXECUTION = 0x00020000
MH_ROOT_SAFE = 0x00040000
MH_SETUID_SAFE = 0x00080000
MH_NO_REEXPORTED_DYLIBS = 0x00100000
MH_PIE = 0x00200000
MH_DEAD_STRIPPABLE_DYLIB = 0x00400000
MH_HAS_TLV_DESCRIPTORS = 0x00800000
MH_NO_HEAP_EXECUTION = 0x01000000

# Mach load command constants
LC_REQ_DYLD = 0x80000000
LC_SEGMENT = 0x00000001
LC_SYMTAB = 0x00000002
LC_SYMSEG = 0x00000003
LC_THREAD = 0x00000004
LC_UNIXTHREAD = 0x00000005
LC_LOADFVMLIB = 0x00000006
LC_IDFVMLIB = 0x00000007
LC_IDENT = 0x00000008
LC_FVMFILE = 0x00000009
LC_PREPAGE = 0x0000000a
LC_DYSYMTAB = 0x0000000b
LC_LOAD_DYLIB = 0x0000000c
LC_ID_DYLIB = 0x0000000d
LC_LOAD_DYLINKER = 0x0000000e
LC_ID_DYLINKER = 0x0000000f
LC_PREBOUND_DYLIB = 0x00000010
LC_ROUTINES = 0x00000011
LC_SUB_FRAMEWORK = 0x00000012
LC_SUB_UMBRELLA = 0x00000013
LC_SUB_CLIENT = 0x00000014
LC_SUB_LIBRARY = 0x00000015
LC_TWOLEVEL_HINTS = 0x00000016
LC_PREBIND_CKSUM = 0x00000017
LC_LOAD_WEAK_DYLIB = 0x00000018 | LC_REQ_DYLD
LC_SEGMENT_64 = 0x00000019
LC_ROUTINES_64 = 0x0000001a
LC_UUID = 0x0000001b
LC_RPATH = 0x0000001c | LC_REQ_DYLD
LC_CODE_SIGNATURE = 0x0000001d
LC_SEGMENT_SPLIT_INFO = 0x0000001e
LC_REEXPORT_DYLIB = 0x0000001f | LC_REQ_DYLD
LC_LAZY_LOAD_DYLIB = 0x00000020
LC_ENCRYPTION_INFO = 0x00000021
LC_DYLD_INFO = 0x00000022
LC_DYLD_INFO_ONLY = 0x00000022 | LC_REQ_DYLD
LC_LOAD_UPWARD_DYLIB = 0x00000023 | LC_REQ_DYLD
LC_VERSION_MIN_MACOSX = 0x00000024
LC_VERSION_MIN_IPHONEOS = 0x00000025
LC_FUNCTION_STARTS = 0x00000026
LC_DYLD_ENVIRONMENT = 0x00000027

# Mach CPU constants
CPU_ARCH_MASK = 0xff000000
CPU_ARCH_ABI64 = 0x01000000
CPU_TYPE_ANY = 0xffffffff
CPU_TYPE_VAX = 1
CPU_TYPE_MC680x0 = 6
CPU_TYPE_I386 = 7
CPU_TYPE_X86_64 = CPU_TYPE_I386 | CPU_ARCH_ABI64
CPU_TYPE_MIPS = 8
CPU_TYPE_MC98000 = 10
CPU_TYPE_HPPA = 11
CPU_TYPE_ARM = 12
CPU_TYPE_MC88000 = 13
CPU_TYPE_SPARC = 14
CPU_TYPE_I860 = 15
CPU_TYPE_ALPHA = 16
CPU_TYPE_POWERPC = 18
CPU_TYPE_POWERPC64 = CPU_TYPE_POWERPC | CPU_ARCH_ABI64

# VM protection constants
VM_PROT_READ = 1
VM_PROT_WRITE = 2
VM_PROT_EXECUTE = 4

# VM protection constants
N_STAB = 0xe0
N_PEXT = 0x10
N_TYPE = 0x0e
N_EXT = 0x01

# Values for nlist N_TYPE bits of the "Mach.NList.type" field.
N_UNDF = 0x0
N_ABS = 0x2
N_SECT = 0xe
N_PBUD = 0xc
N_INDR = 0xa

# Section indexes for the "Mach.NList.sect_idx" fields
NO_SECT = 0
MAX_SECT = 255

# Stab defines
N_GSYM = 0x20
N_FNAME = 0x22
N_FUN = 0x24
N_STSYM = 0x26
N_LCSYM = 0x28
N_BNSYM = 0x2e
N_OPT = 0x3c
N_RSYM = 0x40
N_SLINE = 0x44
N_ENSYM = 0x4e
N_SSYM = 0x60
N_SO = 0x64
N_OSO = 0x66
N_LSYM = 0x80
N_BINCL = 0x82
N_SOL = 0x84
N_PARAMS = 0x86
N_VERSION = 0x88
N_OLEVEL = 0x8A
N_PSYM = 0xa0
N_EINCL = 0xa2
N_ENTRY = 0xa4
N_LBRAC = 0xc0
N_EXCL = 0xc2
N_RBRAC = 0xe0
N_BCOMM = 0xe2
N_ECOMM = 0xe4
N_ECOML = 0xe8
N_LENG = 0xfe

vm_prot_names = ['---', 'r--', '-w-', 'rw-', '--x', 'r-x', '-wx', 'rwx']


def dump_memory(base_addr, data, hex_bytes_len, num_per_line):
    hex_bytes = data.encode('hex')
    if hex_bytes_len == -1:
        hex_bytes_len = len(hex_bytes)
    addr = base_addr
    ascii_str = ''
    i = 0
    while i < hex_bytes_len:
        if ((i / 2) % num_per_line) == 0:
            if i > 0:
                print ' %s' % (ascii_str)
                ascii_str = ''
            print '0x%8.8x:' % (addr + i),
        hex_byte = hex_bytes[i:i + 2]
        print hex_byte,
        int_byte = int(hex_byte, 16)
        ascii_char = '%c' % (int_byte)
        if int_byte >= 32 and int_byte < 127:
            ascii_str += ascii_char
        else:
            ascii_str += '.'
        i = i + 2
    if ascii_str:
        if (i / 2) % num_per_line:
            padding = num_per_line - ((i / 2) % num_per_line)
        else:
            padding = 0
        print '%*s%s' % (padding * 3 + 1, '', ascii_str)
    print


class TerminalColors:
    '''Simple terminal colors class'''

    def __init__(self, enabled=True):
        # TODO: discover terminal type from "file" and disable if
        # it can't handle the color codes
        self.enabled = enabled

    def reset(self):
        '''Reset all terminal colors and formatting.'''
        if self.enabled:
            return "\x1b[0m"
        return ''

    def bold(self, on=True):
        '''Enable or disable bold depending on the "on" parameter.'''
        if self.enabled:
            if on:
                return "\x1b[1m"
            else:
                return "\x1b[22m"
        return ''

    def italics(self, on=True):
        '''Enable or disable italics depending on the "on" parameter.'''
        if self.enabled:
            if on:
                return "\x1b[3m"
            else:
                return "\x1b[23m"
        return ''

    def underline(self, on=True):
        '''Enable or disable underline depending on the "on" parameter.'''
        if self.enabled:
            if on:
                return "\x1b[4m"
            else:
                return "\x1b[24m"
        return ''

    def inverse(self, on=True):
        '''Enable or disable inverse depending on the "on" parameter.'''
        if self.enabled:
            if on:
                return "\x1b[7m"
            else:
                return "\x1b[27m"
        return ''

    def strike(self, on=True):
        '''Enable or disable strike through depending on the "on" parameter.'''
        if self.enabled:
            if on:
                return "\x1b[9m"
            else:
                return "\x1b[29m"
        return ''

    def black(self, fg=True):
        '''Set the foreground or background color to black.
        The foreground color will be set if "fg" tests True. The background color will be set if "fg" tests False.'''
        if self.enabled:
            if fg:
                return "\x1b[30m"
            else:
                return "\x1b[40m"
        return ''

    def red(self, fg=True):
        '''Set the foreground or background color to red.
        The foreground color will be set if "fg" tests True. The background color will be set if "fg" tests False.'''
        if self.enabled:
            if fg:
                return "\x1b[31m"
            else:
                return "\x1b[41m"
        return ''

    def green(self, fg=True):
        '''Set the foreground or background color to green.
        The foreground color will be set if "fg" tests True. The background color will be set if "fg" tests False.'''
        if self.enabled:
            if fg:
                return "\x1b[32m"
            else:
                return "\x1b[42m"
        return ''

    def yellow(self, fg=True):
        '''Set the foreground or background color to yellow.
        The foreground color will be set if "fg" tests True. The background color will be set if "fg" tests False.'''
        if self.enabled:
            if fg:
                return "\x1b[43m"
            else:
                return "\x1b[33m"
        return ''

    def blue(self, fg=True):
        '''Set the foreground or background color to blue.
        The foreground color will be set if "fg" tests True. The background color will be set if "fg" tests False.'''
        if self.enabled:
            if fg:
                return "\x1b[34m"
            else:
                return "\x1b[44m"
        return ''

    def magenta(self, fg=True):
        '''Set the foreground or background color to magenta.
        The foreground color will be set if "fg" tests True. The background color will be set if "fg" tests False.'''
        if self.enabled:
            if fg:
                return "\x1b[35m"
            else:
                return "\x1b[45m"
        return ''

    def cyan(self, fg=True):
        '''Set the foreground or background color to cyan.
        The foreground color will be set if "fg" tests True. The background color will be set if "fg" tests False.'''
        if self.enabled:
            if fg:
                return "\x1b[36m"
            else:
                return "\x1b[46m"
        return ''

    def white(self, fg=True):
        '''Set the foreground or background color to white.
        The foreground color will be set if "fg" tests True. The background color will be set if "fg" tests False.'''
        if self.enabled:
            if fg:
                return "\x1b[37m"
            else:
                return "\x1b[47m"
        return ''

    def default(self, fg=True):
        '''Set the foreground or background color to the default.
        The foreground color will be set if "fg" tests True. The background color will be set if "fg" tests False.'''
        if self.enabled:
            if fg:
                return "\x1b[39m"
            else:
                return "\x1b[49m"
        return ''


def swap_unpack_char():
    """Returns the unpack prefix that will for non-native endian-ness."""
    if struct.pack('H', 1).startswith("\x00"):
        return '<'
    return '>'


def dump_hex_bytes(addr, s, bytes_per_line=16):
    i = 0
    line = ''
    for ch in s:
        if (i % bytes_per_line) == 0:
            if line:
                print line
            line = '%#8.8x: ' % (addr + i)
        line += "%02X " % ord(ch)
        i += 1
    print line


def dump_hex_byte_string_diff(addr, a, b, bytes_per_line=16):
    i = 0
    line = ''
    a_len = len(a)
    b_len = len(b)
    if a_len < b_len:
        max_len = b_len
    else:
        max_len = a_len
    tty_colors = TerminalColors(True)
    for i in range(max_len):
        ch = None
        if i < a_len:
            ch_a = a[i]
            ch = ch_a
        else:
            ch_a = None
        if i < b_len:
            ch_b = b[i]
            if not ch:
                ch = ch_b
        else:
            ch_b = None
        mismatch = ch_a != ch_b
        if (i % bytes_per_line) == 0:
            if line:
                print line
            line = '%#8.8x: ' % (addr + i)
        if mismatch:
            line += tty_colors.red()
        line += "%02X " % ord(ch)
        if mismatch:
            line += tty_colors.default()
        i += 1

    print line


class Mach:
    """Class that does everything mach-o related"""

    class Arch:
        """Class that implements mach-o architectures"""

        def __init__(self, c=0, s=0):
            self.cpu = c
            self.sub = s

        def set_cpu_type(self, c):
            self.cpu = c

        def set_cpu_subtype(self, s):
            self.sub = s

        def set_arch(self, c, s):
            self.cpu = c
            self.sub = s

        def is_64_bit(self):
            return (self.cpu & CPU_ARCH_ABI64) != 0

        cpu_infos = [
            ["arm", CPU_TYPE_ARM, CPU_TYPE_ANY],
            ["arm", CPU_TYPE_ARM, 0],
            ["armv4", CPU_TYPE_ARM, 5],
            ["armv6", CPU_TYPE_ARM, 6],
            ["armv5", CPU_TYPE_ARM, 7],
            ["xscale", CPU_TYPE_ARM, 8],
            ["armv7", CPU_TYPE_ARM, 9],
            ["armv7f", CPU_TYPE_ARM, 10],
            ["armv7s", CPU_TYPE_ARM, 11],
            ["armv7k", CPU_TYPE_ARM, 12],
            ["armv7m", CPU_TYPE_ARM, 15],
            ["armv7em", CPU_TYPE_ARM, 16],
            ["ppc", CPU_TYPE_POWERPC, CPU_TYPE_ANY],
            ["ppc", CPU_TYPE_POWERPC, 0],
            ["ppc601", CPU_TYPE_POWERPC, 1],
            ["ppc602", CPU_TYPE_POWERPC, 2],
            ["ppc603", CPU_TYPE_POWERPC, 3],
            ["ppc603e", CPU_TYPE_POWERPC, 4],
            ["ppc603ev", CPU_TYPE_POWERPC, 5],
            ["ppc604", CPU_TYPE_POWERPC, 6],
            ["ppc604e", CPU_TYPE_POWERPC, 7],
            ["ppc620", CPU_TYPE_POWERPC, 8],
            ["ppc750", CPU_TYPE_POWERPC, 9],
            ["ppc7400", CPU_TYPE_POWERPC, 10],
            ["ppc7450", CPU_TYPE_POWERPC, 11],
            ["ppc970", CPU_TYPE_POWERPC, 100],
            ["ppc64", CPU_TYPE_POWERPC64, 0],
            ["ppc970-64", CPU_TYPE_POWERPC64, 100],
            ["i386", CPU_TYPE_I386, 3],
            ["i486", CPU_TYPE_I386, 4],
            ["i486sx", CPU_TYPE_I386, 0x84],
            ["i386", CPU_TYPE_I386, CPU_TYPE_ANY],
            ["x86_64", CPU_TYPE_X86_64, 3],
            ["x86_64", CPU_TYPE_X86_64, CPU_TYPE_ANY],
        ]

        def __str__(self):
            for info in self.cpu_infos:
                if self.cpu == info[1] and (self.sub & 0x00ffffff) == info[2]:
                    return info[0]
            return "{0}.{1}".format(self.cpu, self.sub)

    class Magic(dict_utils.Enum):

        enum = {
            'MH_MAGIC': MH_MAGIC,
            'MH_CIGAM': MH_CIGAM,
            'MH_MAGIC_64': MH_MAGIC_64,
            'MH_CIGAM_64': MH_CIGAM_64,
            'FAT_MAGIC': FAT_MAGIC,
            'FAT_CIGAM': FAT_CIGAM
        }

        def __init__(self, initial_value=0):
            dict_utils.Enum.__init__(self, initial_value, self.enum)

        def is_skinny_mach_file(self):
            return self.value == MH_MAGIC or self.value == MH_CIGAM or self.value == MH_MAGIC_64 or self.value == MH_CIGAM_64

        def is_universal_mach_file(self):
            return self.value == FAT_MAGIC or self.value == FAT_CIGAM

        def unpack(self, data):
            data.set_byte_order('native')
            self.value = data.get_uint32()

        def get_byte_order(self):
            if self.value == MH_CIGAM or self.value == MH_CIGAM_64 or self.value == FAT_CIGAM:
                return swap_unpack_char()
            else:
                return '='

        def is_64_bit(self):
            return self.value == MH_MAGIC_64 or self.value == MH_CIGAM_64

    def __init__(self):
        self.magic = Mach.Magic()
        self.content = None
        self.path = None

    def extract(self, path, extractor):
        self.path = path
        self.unpack(extractor)

    def parse(self, path):
        self.path = path
        try:
            f = open(self.path)
            file_extractor = file_extract.FileExtract(f, '=')
            self.unpack(file_extractor)
            # f.close()
        except IOError as xxx_todo_changeme:
            (errno, strerror) = xxx_todo_changeme.args
            print "I/O error({0}): {1}".format(errno, strerror)
        except ValueError:
            print "Could not convert data to an integer."
        except:
            print "Unexpected error:", sys.exc_info()[0]
            raise

    def compare(self, rhs):
        self.content.compare(rhs.content)

    def dump(self, options=None):
        self.content.dump(options)

    def dump_header(self, dump_description=True, options=None):
        self.content.dump_header(dump_description, options)

    def dump_load_commands(self, dump_description=True, options=None):
        self.content.dump_load_commands(dump_description, options)

    def dump_sections(self, dump_description=True, options=None):
        self.content.dump_sections(dump_description, options)

    def dump_section_contents(self, options):
        self.content.dump_section_contents(options)

    def dump_symtab(self, dump_description=True, options=None):
        self.content.dump_symtab(dump_description, options)

    def dump_symbol_names_matching_regex(self, regex, file=None):
        self.content.dump_symbol_names_matching_regex(regex, file)

    def description(self):
        return self.content.description()

    def unpack(self, data):
        self.magic.unpack(data)
        if self.magic.is_skinny_mach_file():
            self.content = Mach.Skinny(self.path)
        elif self.magic.is_universal_mach_file():
            self.content = Mach.Universal(self.path)
        else:
            self.content = None

        if self.content is not None:
            self.content.unpack(data, self.magic)

    def is_valid(self):
        return self.content is not None

    class Universal:

        def __init__(self, path):
            self.path = path
            self.type = 'universal'
            self.file_off = 0
            self.magic = None
            self.nfat_arch = 0
            self.archs = list()

        def description(self):
            s = '%#8.8x: %s (' % (self.file_off, self.path)
            archs_string = ''
            for arch in self.archs:
                if len(archs_string):
                    archs_string += ', '
                archs_string += '%s' % arch.arch
            s += archs_string
            s += ')'
            return s

        def unpack(self, data, magic=None):
            self.file_off = data.tell()
            if magic is None:
                self.magic = Mach.Magic()
                self.magic.unpack(data)
            else:
                self.magic = magic
                self.file_off = self.file_off - 4
            # Universal headers are always in big endian
            data.set_byte_order('big')
            self.nfat_arch = data.get_uint32()
            for i in range(self.nfat_arch):
                self.archs.append(Mach.Universal.ArchInfo())
                self.archs[i].unpack(data)
            for i in range(self.nfat_arch):
                self.archs[i].mach = Mach.Skinny(self.path)
                data.seek(self.archs[i].offset, 0)
                skinny_magic = Mach.Magic()
                skinny_magic.unpack(data)
                self.archs[i].mach.unpack(data, skinny_magic)

        def compare(self, rhs):
            print 'error: comparing two universal files is not supported yet'
            return False

        def dump(self, options):
            if options.dump_header:
                print
                print "Universal Mach File: magic = %s, nfat_arch = %u" % (self.magic, self.nfat_arch)
                print
            if self.nfat_arch > 0:
                if options.dump_header:
                    self.archs[0].dump_header(True, options)
                    for i in range(self.nfat_arch):
                        self.archs[i].dump_flat(options)
                if options.dump_header:
                    print
                for i in range(self.nfat_arch):
                    self.archs[i].mach.dump(options)

        def dump_header(self, dump_description=True, options=None):
            if dump_description:
                print self.description()
            for i in range(self.nfat_arch):
                self.archs[i].mach.dump_header(True, options)
                print

        def dump_load_commands(self, dump_description=True, options=None):
            if dump_description:
                print self.description()
            for i in range(self.nfat_arch):
                self.archs[i].mach.dump_load_commands(True, options)
                print

        def dump_sections(self, dump_description=True, options=None):
            if dump_description:
                print self.description()
            for i in range(self.nfat_arch):
                self.archs[i].mach.dump_sections(True, options)
                print

        def dump_section_contents(self, options):
            for i in range(self.nfat_arch):
                self.archs[i].mach.dump_section_contents(options)
                print

        def dump_symtab(self, dump_description=True, options=None):
            if dump_description:
                print self.description()
            for i in range(self.nfat_arch):
                self.archs[i].mach.dump_symtab(True, options)
                print

        def dump_symbol_names_matching_regex(self, regex, file=None):
            for i in range(self.nfat_arch):
                self.archs[i].mach.dump_symbol_names_matching_regex(
                    regex, file)

        class ArchInfo:

            def __init__(self):
                self.arch = Mach.Arch(0, 0)
                self.offset = 0
                self.size = 0
                self.align = 0
                self.mach = None

            def unpack(self, data):
                # Universal headers are always in big endian
                data.set_byte_order('big')
                self.arch.cpu, self.arch.sub, self.offset, self.size, self.align = data.get_n_uint32(
                    5)

            def dump_header(self, dump_description=True, options=None):
                if options.verbose:
                    print "CPU        SUBTYPE    OFFSET     SIZE       ALIGN"
                    print "---------- ---------- ---------- ---------- ----------"
                else:
                    print "ARCH       FILEOFFSET FILESIZE   ALIGN"
                    print "---------- ---------- ---------- ----------"

            def dump_flat(self, options):
                if options.verbose:
                    print "%#8.8x %#8.8x %#8.8x %#8.8x %#8.8x" % (self.arch.cpu, self.arch.sub, self.offset, self.size, self.align)
                else:
                    print "%-10s %#8.8x %#8.8x %#8.8x" % (self.arch, self.offset, self.size, self.align)

            def dump(self):
                print "   cputype: %#8.8x" % self.arch.cpu
                print "cpusubtype: %#8.8x" % self.arch.sub
                print "    offset: %#8.8x" % self.offset
                print "      size: %#8.8x" % self.size
                print "     align: %#8.8x" % self.align

            def __str__(self):
                return "Mach.Universal.ArchInfo: %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x" % (
                    self.arch.cpu, self.arch.sub, self.offset, self.size, self.align)

            def __repr__(self):
                return "Mach.Universal.ArchInfo: %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x" % (
                    self.arch.cpu, self.arch.sub, self.offset, self.size, self.align)

    class Flags:

        def __init__(self, b):
            self.bits = b

        def __str__(self):
            s = ''
            if self.bits & MH_NOUNDEFS:
                s += 'MH_NOUNDEFS | '
            if self.bits & MH_INCRLINK:
                s += 'MH_INCRLINK | '
            if self.bits & MH_DYLDLINK:
                s += 'MH_DYLDLINK | '
            if self.bits & MH_BINDATLOAD:
                s += 'MH_BINDATLOAD | '
            if self.bits & MH_PREBOUND:
                s += 'MH_PREBOUND | '
            if self.bits & MH_SPLIT_SEGS:
                s += 'MH_SPLIT_SEGS | '
            if self.bits & MH_LAZY_INIT:
                s += 'MH_LAZY_INIT | '
            if self.bits & MH_TWOLEVEL:
                s += 'MH_TWOLEVEL | '
            if self.bits & MH_FORCE_FLAT:
                s += 'MH_FORCE_FLAT | '
            if self.bits & MH_NOMULTIDEFS:
                s += 'MH_NOMULTIDEFS | '
            if self.bits & MH_NOFIXPREBINDING:
                s += 'MH_NOFIXPREBINDING | '
            if self.bits & MH_PREBINDABLE:
                s += 'MH_PREBINDABLE | '
            if self.bits & MH_ALLMODSBOUND:
                s += 'MH_ALLMODSBOUND | '
            if self.bits & MH_SUBSECTIONS_VIA_SYMBOLS:
                s += 'MH_SUBSECTIONS_VIA_SYMBOLS | '
            if self.bits & MH_CANONICAL:
                s += 'MH_CANONICAL | '
            if self.bits & MH_WEAK_DEFINES:
                s += 'MH_WEAK_DEFINES | '
            if self.bits & MH_BINDS_TO_WEAK:
                s += 'MH_BINDS_TO_WEAK | '
            if self.bits & MH_ALLOW_STACK_EXECUTION:
                s += 'MH_ALLOW_STACK_EXECUTION | '
            if self.bits & MH_ROOT_SAFE:
                s += 'MH_ROOT_SAFE | '
            if self.bits & MH_SETUID_SAFE:
                s += 'MH_SETUID_SAFE | '
            if self.bits & MH_NO_REEXPORTED_DYLIBS:
                s += 'MH_NO_REEXPORTED_DYLIBS | '
            if self.bits & MH_PIE:
                s += 'MH_PIE | '
            if self.bits & MH_DEAD_STRIPPABLE_DYLIB:
                s += 'MH_DEAD_STRIPPABLE_DYLIB | '
            if self.bits & MH_HAS_TLV_DESCRIPTORS:
                s += 'MH_HAS_TLV_DESCRIPTORS | '
            if self.bits & MH_NO_HEAP_EXECUTION:
                s += 'MH_NO_HEAP_EXECUTION | '
            # Strip the trailing " |" if we have any flags
            if len(s) > 0:
                s = s[0:-2]
            return s

    class FileType(dict_utils.Enum):

        enum = {
            'MH_OBJECT': MH_OBJECT,
            'MH_EXECUTE': MH_EXECUTE,
            'MH_FVMLIB': MH_FVMLIB,
            'MH_CORE': MH_CORE,
            'MH_PRELOAD': MH_PRELOAD,
            'MH_DYLIB': MH_DYLIB,
            'MH_DYLINKER': MH_DYLINKER,
            'MH_BUNDLE': MH_BUNDLE,
            'MH_DYLIB_STUB': MH_DYLIB_STUB,
            'MH_DSYM': MH_DSYM,
            'MH_KEXT_BUNDLE': MH_KEXT_BUNDLE
        }

        def __init__(self, initial_value=0):
            dict_utils.Enum.__init__(self, initial_value, self.enum)

    class Skinny:

        def __init__(self, path):
            self.path = path
            self.type = 'skinny'
            self.data = None
            self.file_off = 0
            self.magic = 0
            self.arch = Mach.Arch(0, 0)
            self.filetype = Mach.FileType(0)
            self.ncmds = 0
            self.sizeofcmds = 0
            self.flags = Mach.Flags(0)
            self.uuid = None
            self.commands = list()
            self.segments = list()
            self.sections = list()
            self.symbols = list()
            self.sections.append(Mach.Section())

        def description(self):
            return '%#8.8x: %s (%s)' % (self.file_off, self.path, self.arch)

        def unpack(self, data, magic=None):
            self.data = data
            self.file_off = data.tell()
            if magic is None:
                self.magic = Mach.Magic()
                self.magic.unpack(data)
            else:
                self.magic = magic
                self.file_off = self.file_off - 4
            data.set_byte_order(self.magic.get_byte_order())
            self.arch.cpu, self.arch.sub, self.filetype.value, self.ncmds, self.sizeofcmds, bits = data.get_n_uint32(
                6)
            self.flags.bits = bits

            if self.is_64_bit():
                data.get_uint32()  # Skip reserved word in mach_header_64

            for i in range(0, self.ncmds):
                lc = self.unpack_load_command(data)
                self.commands.append(lc)

        def get_data(self):
            if self.data:
                self.data.set_byte_order(self.magic.get_byte_order())
                return self.data
            return None

        def unpack_load_command(self, data):
            lc = Mach.LoadCommand()
            lc.unpack(self, data)
            lc_command = lc.command.get_enum_value()
            if (lc_command == LC_SEGMENT or
                    lc_command == LC_SEGMENT_64):
                lc = Mach.SegmentLoadCommand(lc)
                lc.unpack(self, data)
            elif (lc_command == LC_LOAD_DYLIB or
                  lc_command == LC_ID_DYLIB or
                  lc_command == LC_LOAD_WEAK_DYLIB or
                  lc_command == LC_REEXPORT_DYLIB):
                lc = Mach.DylibLoadCommand(lc)
                lc.unpack(self, data)
            elif (lc_command == LC_LOAD_DYLINKER or
                  lc_command == LC_SUB_FRAMEWORK or
                  lc_command == LC_SUB_CLIENT or
                  lc_command == LC_SUB_UMBRELLA or
                  lc_command == LC_SUB_LIBRARY or
                  lc_command == LC_ID_DYLINKER or
                  lc_command == LC_RPATH):
                lc = Mach.LoadDYLDLoadCommand(lc)
                lc.unpack(self, data)
            elif (lc_command == LC_DYLD_INFO_ONLY):
                lc = Mach.DYLDInfoOnlyLoadCommand(lc)
                lc.unpack(self, data)
            elif (lc_command == LC_SYMTAB):
                lc = Mach.SymtabLoadCommand(lc)
                lc.unpack(self, data)
            elif (lc_command == LC_DYSYMTAB):
                lc = Mach.DYLDSymtabLoadCommand(lc)
                lc.unpack(self, data)
            elif (lc_command == LC_UUID):
                lc = Mach.UUIDLoadCommand(lc)
                lc.unpack(self, data)
            elif (lc_command == LC_CODE_SIGNATURE or
                  lc_command == LC_SEGMENT_SPLIT_INFO or
                  lc_command == LC_FUNCTION_STARTS):
                lc = Mach.DataBlobLoadCommand(lc)
                lc.unpack(self, data)
            elif (lc_command == LC_UNIXTHREAD):
                lc = Mach.UnixThreadLoadCommand(lc)
                lc.unpack(self, data)
            elif (lc_command == LC_ENCRYPTION_INFO):
                lc = Mach.EncryptionInfoLoadCommand(lc)
                lc.unpack(self, data)
            lc.skip(data)
            return lc

        def compare(self, rhs):
            print "\nComparing:"
            print "a) %s %s" % (self.arch, self.path)
            print "b) %s %s" % (rhs.arch, rhs.path)
            result = True
            if self.type == rhs.type:
                for lhs_section in self.sections[1:]:
                    rhs_section = rhs.get_section_by_section(lhs_section)
                    if rhs_section:
                        print 'comparing %s.%s...' % (lhs_section.segname, lhs_section.sectname),
                        sys.stdout.flush()
                        lhs_data = lhs_section.get_contents(self)
                        rhs_data = rhs_section.get_contents(rhs)
                        if lhs_data and rhs_data:
                            if lhs_data == rhs_data:
                                print 'ok'
                            else:
                                lhs_data_len = len(lhs_data)
                                rhs_data_len = len(rhs_data)
                                # if lhs_data_len < rhs_data_len:
                                #     if lhs_data == rhs_data[0:lhs_data_len]:
                                #         print 'section data for %s matches the first %u bytes' % (lhs_section.sectname, lhs_data_len)
                                #     else:
                                #         # TODO: check padding
                                #         result = False
                                # elif lhs_data_len > rhs_data_len:
                                #     if lhs_data[0:rhs_data_len] == rhs_data:
                                #         print 'section data for %s matches the first %u bytes' % (lhs_section.sectname, lhs_data_len)
                                #     else:
                                #         # TODO: check padding
                                #         result = False
                                # else:
                                result = False
                                print 'error: sections differ'
                                # print 'a) %s' % (lhs_section)
                                # dump_hex_byte_string_diff(0, lhs_data, rhs_data)
                                # print 'b) %s' % (rhs_section)
                                # dump_hex_byte_string_diff(0, rhs_data, lhs_data)
                        elif lhs_data and not rhs_data:
                            print 'error: section data missing from b:'
                            print 'a) %s' % (lhs_section)
                            print 'b) %s' % (rhs_section)
                            result = False
                        elif not lhs_data and rhs_data:
                            print 'error: section data missing from a:'
                            print 'a) %s' % (lhs_section)
                            print 'b) %s' % (rhs_section)
                            result = False
                        elif lhs_section.offset or rhs_section.offset:
                            print 'error: section data missing for both a and b:'
                            print 'a) %s' % (lhs_section)
                            print 'b) %s' % (rhs_section)
                            result = False
                        else:
                            print 'ok'
                    else:
                        result = False
                        print 'error: section %s is missing in %s' % (lhs_section.sectname, rhs.path)
            else:
                print 'error: comaparing a %s mach-o file with a %s mach-o file is not supported' % (self.type, rhs.type)
                result = False
            if not result:
                print 'error: mach files differ'
            return result

        def dump_header(self, dump_description=True, options=None):
            if options.verbose:
                print "MAGIC      CPU        SUBTYPE    FILETYPE   NUM CMDS SIZE CMDS  FLAGS"
                print "---------- ---------- ---------- ---------- -------- ---------- ----------"
            else:
                print "MAGIC        ARCH       FILETYPE       NUM CMDS SIZE CMDS  FLAGS"
                print "------------ ---------- -------------- -------- ---------- ----------"

        def dump_flat(self, options):
            if options.verbose:
                print "%#8.8x %#8.8x %#8.8x %#8.8x %#8u %#8.8x %#8.8x" % (self.magic, self.arch.cpu, self.arch.sub, self.filetype.value, self.ncmds, self.sizeofcmds, self.flags.bits)
            else:
                print "%-12s %-10s %-14s %#8u %#8.8x %s" % (self.magic, self.arch, self.filetype, self.ncmds, self.sizeofcmds, self.flags)

        def dump(self, options):
            if options.dump_header:
                self.dump_header(True, options)
            if options.dump_load_commands:
                self.dump_load_commands(False, options)
            if options.dump_sections:
                self.dump_sections(False, options)
            if options.section_names:
                self.dump_section_contents(options)
            if options.dump_symtab:
                self.get_symtab()
                if len(self.symbols):
                    self.dump_sections(False, options)
                else:
                    print "No symbols"
            if options.find_mangled:
                self.dump_symbol_names_matching_regex(re.compile('^_?_Z'))

        def dump_header(self, dump_description=True, options=None):
            if dump_description:
                print self.description()
            print "Mach Header"
            print "       magic: %#8.8x %s" % (self.magic.value, self.magic)
            print "     cputype: %#8.8x %s" % (self.arch.cpu, self.arch)
            print "  cpusubtype: %#8.8x" % self.arch.sub
            print "    filetype: %#8.8x %s" % (self.filetype.get_enum_value(), self.filetype.get_enum_name())
            print "       ncmds: %#8.8x %u" % (self.ncmds, self.ncmds)
            print "  sizeofcmds: %#8.8x" % self.sizeofcmds
            print "       flags: %#8.8x %s" % (self.flags.bits, self.flags)

        def dump_load_commands(self, dump_description=True, options=None):
            if dump_description:
                print self.description()
            for lc in self.commands:
                print lc

        def get_section_by_name(self, name):
            for section in self.sections:
                if section.sectname and section.sectname == name:
                    return section
            return None

        def get_section_by_section(self, other_section):
            for section in self.sections:
                if section.sectname == other_section.sectname and section.segname == other_section.segname:
                    return section
            return None

        def dump_sections(self, dump_description=True, options=None):
            if dump_description:
                print self.description()
            num_sections = len(self.sections)
            if num_sections > 1:
                self.sections[1].dump_header()
                for sect_idx in range(1, num_sections):
                    print "%s" % self.sections[sect_idx]

        def dump_section_contents(self, options):
            saved_section_to_disk = False
            for sectname in options.section_names:
                section = self.get_section_by_name(sectname)
                if section:
                    sect_bytes = section.get_contents(self)
                    if options.outfile:
                        if not saved_section_to_disk:
                            outfile = open(options.outfile, 'w')
                            if options.extract_modules:
                                # print "Extracting modules from mach file..."
                                data = file_extract.FileExtract(
                                    StringIO.StringIO(sect_bytes), self.data.byte_order)
                                version = data.get_uint32()
                                num_modules = data.get_uint32()
                                # print "version = %u, num_modules = %u" %
                                # (version, num_modules)
                                for i in range(num_modules):
                                    data_offset = data.get_uint64()
                                    data_size = data.get_uint64()
                                    name_offset = data.get_uint32()
                                    language = data.get_uint32()
                                    flags = data.get_uint32()
                                    data.seek(name_offset)
                                    module_name = data.get_c_string()
                                    # print "module[%u] data_offset = %#16.16x,
                                    # data_size = %#16.16x, name_offset =
                                    # %#16.16x (%s), language = %u, flags =
                                    # %#x" % (i, data_offset, data_size,
                                    # name_offset, module_name, language,
                                    # flags)
                                    data.seek(data_offset)
                                    outfile.write(data.read_size(data_size))
                            else:
                                print "Saving section %s to '%s'" % (sectname, options.outfile)
                                outfile.write(sect_bytes)
                            outfile.close()
                            saved_section_to_disk = True
                        else:
                            print "error: you can only save a single section to disk at a time, skipping section '%s'" % (sectname)
                    else:
                        print 'section %s:\n' % (sectname)
                        section.dump_header()
                        print '%s\n' % (section)
                        dump_memory(0, sect_bytes, options.max_count, 16)
                else:
                    print 'error: no section named "%s" was found' % (sectname)

        def get_segment(self, segname):
            if len(self.segments) == 1 and self.segments[0].segname == '':
                return self.segments[0]
            for segment in self.segments:
                if segment.segname == segname:
                    return segment
            return None

        def get_first_load_command(self, lc_enum_value):
            for lc in self.commands:
                if lc.command.value == lc_enum_value:
                    return lc
            return None

        def get_symtab(self):
            if self.data and not self.symbols:
                lc_symtab = self.get_first_load_command(LC_SYMTAB)
                if lc_symtab:
                    symtab_offset = self.file_off
                    if self.data.is_in_memory():
                        linkedit_segment = self.get_segment('__LINKEDIT')
                        if linkedit_segment:
                            linkedit_vmaddr = linkedit_segment.vmaddr
                            linkedit_fileoff = linkedit_segment.fileoff
                            symtab_offset = linkedit_vmaddr + lc_symtab.symoff - linkedit_fileoff
                            symtab_offset = linkedit_vmaddr + lc_symtab.stroff - linkedit_fileoff
                    else:
                        symtab_offset += lc_symtab.symoff

                    self.data.seek(symtab_offset)
                    is_64 = self.is_64_bit()
                    for i in range(lc_symtab.nsyms):
                        nlist = Mach.NList()
                        nlist.unpack(self, self.data, lc_symtab)
                        self.symbols.append(nlist)
                else:
                    print "no LC_SYMTAB"

        def dump_symtab(self, dump_description=True, options=None):
            self.get_symtab()
            if dump_description:
                print self.description()
            for i, symbol in enumerate(self.symbols):
                print '[%5u] %s' % (i, symbol)

        def dump_symbol_names_matching_regex(self, regex, file=None):
            self.get_symtab()
            for symbol in self.symbols:
                if symbol.name and regex.search(symbol.name):
                    print symbol.name
                    if file:
                        file.write('%s\n' % (symbol.name))

        def is_64_bit(self):
            return self.magic.is_64_bit()

    class LoadCommand:

        class Command(dict_utils.Enum):
            enum = {
                'LC_SEGMENT': LC_SEGMENT,
                'LC_SYMTAB': LC_SYMTAB,
                'LC_SYMSEG': LC_SYMSEG,
                'LC_THREAD': LC_THREAD,
                'LC_UNIXTHREAD': LC_UNIXTHREAD,
                'LC_LOADFVMLIB': LC_LOADFVMLIB,
                'LC_IDFVMLIB': LC_IDFVMLIB,
                'LC_IDENT': LC_IDENT,
                'LC_FVMFILE': LC_FVMFILE,
                'LC_PREPAGE': LC_PREPAGE,
                'LC_DYSYMTAB': LC_DYSYMTAB,
                'LC_LOAD_DYLIB': LC_LOAD_DYLIB,
                'LC_ID_DYLIB': LC_ID_DYLIB,
                'LC_LOAD_DYLINKER': LC_LOAD_DYLINKER,
                'LC_ID_DYLINKER': LC_ID_DYLINKER,
                'LC_PREBOUND_DYLIB': LC_PREBOUND_DYLIB,
                'LC_ROUTINES': LC_ROUTINES,
                'LC_SUB_FRAMEWORK': LC_SUB_FRAMEWORK,
                'LC_SUB_UMBRELLA': LC_SUB_UMBRELLA,
                'LC_SUB_CLIENT': LC_SUB_CLIENT,
                'LC_SUB_LIBRARY': LC_SUB_LIBRARY,
                'LC_TWOLEVEL_HINTS': LC_TWOLEVEL_HINTS,
                'LC_PREBIND_CKSUM': LC_PREBIND_CKSUM,
                'LC_LOAD_WEAK_DYLIB': LC_LOAD_WEAK_DYLIB,
                'LC_SEGMENT_64': LC_SEGMENT_64,
                'LC_ROUTINES_64': LC_ROUTINES_64,
                'LC_UUID': LC_UUID,
                'LC_RPATH': LC_RPATH,
                'LC_CODE_SIGNATURE': LC_CODE_SIGNATURE,
                'LC_SEGMENT_SPLIT_INFO': LC_SEGMENT_SPLIT_INFO,
                'LC_REEXPORT_DYLIB': LC_REEXPORT_DYLIB,
                'LC_LAZY_LOAD_DYLIB': LC_LAZY_LOAD_DYLIB,
                'LC_ENCRYPTION_INFO': LC_ENCRYPTION_INFO,
                'LC_DYLD_INFO': LC_DYLD_INFO,
                'LC_DYLD_INFO_ONLY': LC_DYLD_INFO_ONLY,
                'LC_LOAD_UPWARD_DYLIB': LC_LOAD_UPWARD_DYLIB,
                'LC_VERSION_MIN_MACOSX': LC_VERSION_MIN_MACOSX,
                'LC_VERSION_MIN_IPHONEOS': LC_VERSION_MIN_IPHONEOS,
                'LC_FUNCTION_STARTS': LC_FUNCTION_STARTS,
                'LC_DYLD_ENVIRONMENT': LC_DYLD_ENVIRONMENT
            }

            def __init__(self, initial_value=0):
                dict_utils.Enum.__init__(self, initial_value, self.enum)

        def __init__(self, c=None, l=0, o=0):
            if c is not None:
                self.command = c
            else:
                self.command = Mach.LoadCommand.Command(0)
            self.length = l
            self.file_off = o

        def unpack(self, mach_file, data):
            self.file_off = data.tell()
            self.command.value, self.length = data.get_n_uint32(2)

        def skip(self, data):
            data.seek(self.file_off + self.length, 0)

        def __str__(self):
            lc_name = self.command.get_enum_name()
            return '%#8.8x: <%#4.4x> %-24s' % (self.file_off,
                                               self.length, lc_name)

    class Section:

        def __init__(self):
            self.index = 0
            self.is_64 = False
            self.sectname = None
            self.segname = None
            self.addr = 0
            self.size = 0
            self.offset = 0
            self.align = 0
            self.reloff = 0
            self.nreloc = 0
            self.flags = 0
            self.reserved1 = 0
            self.reserved2 = 0
            self.reserved3 = 0

        def unpack(self, is_64, data):
            self.is_64 = is_64
            self.sectname = data.get_fixed_length_c_string(16, '', True)
            self.segname = data.get_fixed_length_c_string(16, '', True)
            if self.is_64:
                self.addr, self.size = data.get_n_uint64(2)
                self.offset, self.align, self.reloff, self.nreloc, self.flags, self.reserved1, self.reserved2, self.reserved3 = data.get_n_uint32(
                    8)
            else:
                self.addr, self.size = data.get_n_uint32(2)
                self.offset, self.align, self.reloff, self.nreloc, self.flags, self.reserved1, self.reserved2 = data.get_n_uint32(
                    7)

        def dump_header(self):
            if self.is_64:
                print "INDEX ADDRESS            SIZE               OFFSET     ALIGN      RELOFF     NRELOC     FLAGS      RESERVED1  RESERVED2  RESERVED3  NAME"
                print "===== ------------------ ------------------ ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----------------------"
            else:
                print "INDEX ADDRESS    SIZE       OFFSET     ALIGN      RELOFF     NRELOC     FLAGS      RESERVED1  RESERVED2  NAME"
                print "===== ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----------------------"

        def __str__(self):
            if self.is_64:
                return "[%3u] %#16.16x %#16.16x %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x %s.%s" % (
                    self.index, self.addr, self.size, self.offset, self.align, self.reloff, self.nreloc, self.flags, self.reserved1, self.reserved2, self.reserved3, self.segname, self.sectname)
            else:
                return "[%3u] %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x %#8.8x %s.%s" % (
                    self.index, self.addr, self.size, self.offset, self.align, self.reloff, self.nreloc, self.flags, self.reserved1, self.reserved2, self.segname, self.sectname)

        def get_contents(self, mach_file):
            '''Get the section contents as a python string'''
            if self.size > 0 and mach_file.get_segment(
                    self.segname).filesize > 0:
                data = mach_file.get_data()
                if data:
                    section_data_offset = mach_file.file_off + self.offset
                    # print '%s.%s is at offset 0x%x with size 0x%x' %
                    # (self.segname, self.sectname, section_data_offset,
                    # self.size)
                    data.push_offset_and_seek(section_data_offset)
                    bytes = data.read_size(self.size)
                    data.pop_offset_and_seek()
                    return bytes
            return None

    class DylibLoadCommand(LoadCommand):

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.name = None
            self.timestamp = 0
            self.current_version = 0
            self.compatibility_version = 0

        def unpack(self, mach_file, data):
            byte_order_char = mach_file.magic.get_byte_order()
            name_offset, self.timestamp, self.current_version, self.compatibility_version = data.get_n_uint32(
                4)
            data.seek(self.file_off + name_offset, 0)
            self.name = data.get_fixed_length_c_string(self.length - 24)

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            s += "%#8.8x %#8.8x %#8.8x " % (self.timestamp,
                                            self.current_version,
                                            self.compatibility_version)
            s += self.name
            return s

    class LoadDYLDLoadCommand(LoadCommand):

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.name = None

        def unpack(self, mach_file, data):
            data.get_uint32()
            self.name = data.get_fixed_length_c_string(self.length - 12)

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            s += "%s" % self.name
            return s

    class UnixThreadLoadCommand(LoadCommand):

        class ThreadState:

            def __init__(self):
                self.flavor = 0
                self.count = 0
                self.register_values = list()

            def unpack(self, data):
                self.flavor, self.count = data.get_n_uint32(2)
                self.register_values = data.get_n_uint32(self.count)

            def __str__(self):
                s = "flavor = %u, count = %u, regs =" % (
                    self.flavor, self.count)
                i = 0
                for register_value in self.register_values:
                    if i % 8 == 0:
                        s += "\n                                            "
                    s += " %#8.8x" % register_value
                    i += 1
                return s

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.reg_sets = list()

        def unpack(self, mach_file, data):
            reg_set = Mach.UnixThreadLoadCommand.ThreadState()
            reg_set.unpack(data)
            self.reg_sets.append(reg_set)

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            for reg_set in self.reg_sets:
                s += "%s" % reg_set
            return s

    class DYLDInfoOnlyLoadCommand(LoadCommand):

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.rebase_off = 0
            self.rebase_size = 0
            self.bind_off = 0
            self.bind_size = 0
            self.weak_bind_off = 0
            self.weak_bind_size = 0
            self.lazy_bind_off = 0
            self.lazy_bind_size = 0
            self.export_off = 0
            self.export_size = 0

        def unpack(self, mach_file, data):
            byte_order_char = mach_file.magic.get_byte_order()
            self.rebase_off, self.rebase_size, self.bind_off, self.bind_size, self.weak_bind_off, self.weak_bind_size, self.lazy_bind_off, self.lazy_bind_size, self.export_off, self.export_size = data.get_n_uint32(
                10)

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            s += "rebase_off = %#8.8x, rebase_size = %u, " % (
                self.rebase_off, self.rebase_size)
            s += "bind_off = %#8.8x, bind_size = %u, " % (
                self.bind_off, self.bind_size)
            s += "weak_bind_off = %#8.8x, weak_bind_size = %u, " % (
                self.weak_bind_off, self.weak_bind_size)
            s += "lazy_bind_off = %#8.8x, lazy_bind_size = %u, " % (
                self.lazy_bind_off, self.lazy_bind_size)
            s += "export_off = %#8.8x, export_size = %u, " % (
                self.export_off, self.export_size)
            return s

    class DYLDSymtabLoadCommand(LoadCommand):

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.ilocalsym = 0
            self.nlocalsym = 0
            self.iextdefsym = 0
            self.nextdefsym = 0
            self.iundefsym = 0
            self.nundefsym = 0
            self.tocoff = 0
            self.ntoc = 0
            self.modtaboff = 0
            self.nmodtab = 0
            self.extrefsymoff = 0
            self.nextrefsyms = 0
            self.indirectsymoff = 0
            self.nindirectsyms = 0
            self.extreloff = 0
            self.nextrel = 0
            self.locreloff = 0
            self.nlocrel = 0

        def unpack(self, mach_file, data):
            byte_order_char = mach_file.magic.get_byte_order()
            self.ilocalsym, self.nlocalsym, self.iextdefsym, self.nextdefsym, self.iundefsym, self.nundefsym, self.tocoff, self.ntoc, self.modtaboff, self.nmodtab, self.extrefsymoff, self.nextrefsyms, self.indirectsymoff, self.nindirectsyms, self.extreloff, self.nextrel, self.locreloff, self.nlocrel = data.get_n_uint32(
                18)

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            # s += "ilocalsym = %u, nlocalsym = %u, " % (self.ilocalsym, self.nlocalsym)
            # s += "iextdefsym = %u, nextdefsym = %u, " % (self.iextdefsym, self.nextdefsym)
            # s += "iundefsym %u, nundefsym = %u, " % (self.iundefsym, self.nundefsym)
            # s += "tocoff = %#8.8x, ntoc = %u, " % (self.tocoff, self.ntoc)
            # s += "modtaboff = %#8.8x, nmodtab = %u, " % (self.modtaboff, self.nmodtab)
            # s += "extrefsymoff = %#8.8x, nextrefsyms = %u, " % (self.extrefsymoff, self.nextrefsyms)
            # s += "indirectsymoff = %#8.8x, nindirectsyms = %u, " % (self.indirectsymoff, self.nindirectsyms)
            # s += "extreloff = %#8.8x, nextrel = %u, " % (self.extreloff, self.nextrel)
            # s += "locreloff = %#8.8x, nlocrel = %u" % (self.locreloff,
            # self.nlocrel)
            s += "ilocalsym      = %-10u, nlocalsym     = %u\n" % (
                self.ilocalsym, self.nlocalsym)
            s += "                                             iextdefsym     = %-10u, nextdefsym    = %u\n" % (
                self.iextdefsym, self.nextdefsym)
            s += "                                             iundefsym      = %-10u, nundefsym     = %u\n" % (
                self.iundefsym, self.nundefsym)
            s += "                                             tocoff         = %#8.8x, ntoc          = %u\n" % (
                self.tocoff, self.ntoc)
            s += "                                             modtaboff      = %#8.8x, nmodtab       = %u\n" % (
                self.modtaboff, self.nmodtab)
            s += "                                             extrefsymoff   = %#8.8x, nextrefsyms   = %u\n" % (
                self.extrefsymoff, self.nextrefsyms)
            s += "                                             indirectsymoff = %#8.8x, nindirectsyms = %u\n" % (
                self.indirectsymoff, self.nindirectsyms)
            s += "                                             extreloff      = %#8.8x, nextrel       = %u\n" % (
                self.extreloff, self.nextrel)
            s += "                                             locreloff      = %#8.8x, nlocrel       = %u" % (
                self.locreloff, self.nlocrel)
            return s

    class SymtabLoadCommand(LoadCommand):

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.symoff = 0
            self.nsyms = 0
            self.stroff = 0
            self.strsize = 0

        def unpack(self, mach_file, data):
            byte_order_char = mach_file.magic.get_byte_order()
            self.symoff, self.nsyms, self.stroff, self.strsize = data.get_n_uint32(
                4)

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            s += "symoff = %#8.8x, nsyms = %u, stroff = %#8.8x, strsize = %u" % (
                self.symoff, self.nsyms, self.stroff, self.strsize)
            return s

    class UUIDLoadCommand(LoadCommand):

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.uuid = None

        def unpack(self, mach_file, data):
            uuid_data = data.get_n_uint8(16)
            uuid_str = ''
            for byte in uuid_data:
                uuid_str += '%2.2x' % byte
            self.uuid = uuid.UUID(uuid_str)
            mach_file.uuid = self.uuid

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            s += self.uuid.__str__()
            return s

    class DataBlobLoadCommand(LoadCommand):

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.dataoff = 0
            self.datasize = 0

        def unpack(self, mach_file, data):
            byte_order_char = mach_file.magic.get_byte_order()
            self.dataoff, self.datasize = data.get_n_uint32(2)

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            s += "dataoff = %#8.8x, datasize = %u" % (
                self.dataoff, self.datasize)
            return s

    class EncryptionInfoLoadCommand(LoadCommand):

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.cryptoff = 0
            self.cryptsize = 0
            self.cryptid = 0

        def unpack(self, mach_file, data):
            byte_order_char = mach_file.magic.get_byte_order()
            self.cryptoff, self.cryptsize, self.cryptid = data.get_n_uint32(3)

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            s += "file-range = [%#8.8x - %#8.8x), cryptsize = %u, cryptid = %u" % (
                self.cryptoff, self.cryptoff + self.cryptsize, self.cryptsize, self.cryptid)
            return s

    class SegmentLoadCommand(LoadCommand):

        def __init__(self, lc):
            Mach.LoadCommand.__init__(self, lc.command, lc.length, lc.file_off)
            self.segname = None
            self.vmaddr = 0
            self.vmsize = 0
            self.fileoff = 0
            self.filesize = 0
            self.maxprot = 0
            self.initprot = 0
            self.nsects = 0
            self.flags = 0

        def unpack(self, mach_file, data):
            is_64 = self.command.get_enum_value() == LC_SEGMENT_64
            self.segname = data.get_fixed_length_c_string(16, '', True)
            if is_64:
                self.vmaddr, self.vmsize, self.fileoff, self.filesize = data.get_n_uint64(
                    4)
            else:
                self.vmaddr, self.vmsize, self.fileoff, self.filesize = data.get_n_uint32(
                    4)
            self.maxprot, self.initprot, self.nsects, self.flags = data.get_n_uint32(
                4)
            mach_file.segments.append(self)
            for i in range(self.nsects):
                section = Mach.Section()
                section.unpack(is_64, data)
                section.index = len(mach_file.sections)
                mach_file.sections.append(section)

        def __str__(self):
            s = Mach.LoadCommand.__str__(self)
            if self.command.get_enum_value() == LC_SEGMENT:
                s += "%#8.8x %#8.8x %#8.8x %#8.8x " % (
                    self.vmaddr, self.vmsize, self.fileoff, self.filesize)
            else:
                s += "%#16.16x %#16.16x %#16.16x %#16.16x " % (
                    self.vmaddr, self.vmsize, self.fileoff, self.filesize)
            s += "%s %s %3u %#8.8x" % (vm_prot_names[self.maxprot], vm_prot_names[
                                       self.initprot], self.nsects, self.flags)
            s += ' ' + self.segname
            return s

    class NList:

        class Type:

            class Stab(dict_utils.Enum):
                enum = {
                    'N_GSYM': N_GSYM,
                    'N_FNAME': N_FNAME,
                    'N_FUN': N_FUN,
                    'N_STSYM': N_STSYM,
                    'N_LCSYM': N_LCSYM,
                    'N_BNSYM': N_BNSYM,
                    'N_OPT': N_OPT,
                    'N_RSYM': N_RSYM,
                    'N_SLINE': N_SLINE,
                    'N_ENSYM': N_ENSYM,
                    'N_SSYM': N_SSYM,
                    'N_SO': N_SO,
                    'N_OSO': N_OSO,
                    'N_LSYM': N_LSYM,
                    'N_BINCL': N_BINCL,
                    'N_SOL': N_SOL,
                    'N_PARAMS': N_PARAMS,
                    'N_VERSION': N_VERSION,
                    'N_OLEVEL': N_OLEVEL,
                    'N_PSYM': N_PSYM,
                    'N_EINCL': N_EINCL,
                    'N_ENTRY': N_ENTRY,
                    'N_LBRAC': N_LBRAC,
                    'N_EXCL': N_EXCL,
                    'N_RBRAC': N_RBRAC,
                    'N_BCOMM': N_BCOMM,
                    'N_ECOMM': N_ECOMM,
                    'N_ECOML': N_ECOML,
                    'N_LENG': N_LENG
                }

                def __init__(self, magic=0):
                    dict_utils.Enum.__init__(self, magic, self.enum)

            def __init__(self, t=0):
                self.value = t

            def __str__(self):
                n_type = self.value
                if n_type & N_STAB:
                    stab = Mach.NList.Type.Stab(self.value)
                    return '%s' % stab
                else:
                    type = self.value & N_TYPE
                    type_str = ''
                    if type == N_UNDF:
                        type_str = 'N_UNDF'
                    elif type == N_ABS:
                        type_str = 'N_ABS '
                    elif type == N_SECT:
                        type_str = 'N_SECT'
                    elif type == N_PBUD:
                        type_str = 'N_PBUD'
                    elif type == N_INDR:
                        type_str = 'N_INDR'
                    else:
                        type_str = "??? (%#2.2x)" % type
                    if n_type & N_PEXT:
                        type_str += ' | PEXT'
                    if n_type & N_EXT:
                        type_str += ' | EXT '
                    return type_str

        def __init__(self):
            self.index = 0
            self.name_offset = 0
            self.name = 0
            self.type = Mach.NList.Type()
            self.sect_idx = 0
            self.desc = 0
            self.value = 0

        def unpack(self, mach_file, data, symtab_lc):
            self.index = len(mach_file.symbols)
            self.name_offset = data.get_uint32()
            self.type.value, self.sect_idx = data.get_n_uint8(2)
            self.desc = data.get_uint16()
            if mach_file.is_64_bit():
                self.value = data.get_uint64()
            else:
                self.value = data.get_uint32()
            data.push_offset_and_seek(
                mach_file.file_off +
                symtab_lc.stroff +
                self.name_offset)
            # print "get string for symbol[%u]" % self.index
            self.name = data.get_c_string()
            data.pop_offset_and_seek()

        def __str__(self):
            name_display = ''
            if len(self.name):
                name_display = ' "%s"' % self.name
            return '%#8.8x %#2.2x (%-20s) %#2.2x %#4.4x %16.16x%s' % (self.name_offset,
                                                                      self.type.value, self.type, self.sect_idx, self.desc, self.value, name_display)

    class Interactive(cmd.Cmd):
        '''Interactive command interpreter to mach-o files.'''

        def __init__(self, mach, options):
            cmd.Cmd.__init__(self)
            self.intro = 'Interactive mach-o command interpreter'
            self.prompt = 'mach-o: %s %% ' % mach.path
            self.mach = mach
            self.options = options

        def default(self, line):
            '''Catch all for unknown command, which will exit the interpreter.'''
            print "uknown command: %s" % line
            return True

        def do_q(self, line):
            '''Quit command'''
            return True

        def do_quit(self, line):
            '''Quit command'''
            return True

        def do_header(self, line):
            '''Dump mach-o file headers'''
            self.mach.dump_header(True, self.options)
            return False

        def do_load(self, line):
            '''Dump all mach-o load commands'''
            self.mach.dump_load_commands(True, self.options)
            return False

        def do_sections(self, line):
            '''Dump all mach-o sections'''
            self.mach.dump_sections(True, self.options)
            return False

        def do_symtab(self, line):
            '''Dump all mach-o symbols in the symbol table'''
            self.mach.dump_symtab(True, self.options)
            return False

if __name__ == '__main__':
    parser = optparse.OptionParser(
        description='A script that parses skinny and universal mach-o files.')
    parser.add_option(
        '--arch',
        '-a',
        type='string',
        metavar='arch',
        dest='archs',
        action='append',
        help='specify one or more architectures by name')
    parser.add_option(
        '-v',
        '--verbose',
        action='store_true',
        dest='verbose',
        help='display verbose debug info',
        default=False)
    parser.add_option(
        '-H',
        '--header',
        action='store_true',
        dest='dump_header',
        help='dump the mach-o file header',
        default=False)
    parser.add_option(
        '-l',
        '--load-commands',
        action='store_true',
        dest='dump_load_commands',
        help='dump the mach-o load commands',
        default=False)
    parser.add_option(
        '-s',
        '--symtab',
        action='store_true',
        dest='dump_symtab',
        help='dump the mach-o symbol table',
        default=False)
    parser.add_option(
        '-S',
        '--sections',
        action='store_true',
        dest='dump_sections',
        help='dump the mach-o sections',
        default=False)
    parser.add_option(
        '--section',
        type='string',
        metavar='sectname',
        dest='section_names',
        action='append',
        help='Specify one or more section names to dump',
        default=[])
    parser.add_option(
        '-o',
        '--out',
        type='string',
        dest='outfile',
        help='Used in conjunction with the --section=NAME option to save a single section\'s data to disk.',
        default=False)
    parser.add_option(
        '-i',
        '--interactive',
        action='store_true',
        dest='interactive',
        help='enable interactive mode',
        default=False)
    parser.add_option(
        '-m',
        '--mangled',
        action='store_true',
        dest='find_mangled',
        help='dump all mangled names in a mach file',
        default=False)
    parser.add_option(
        '-c',
        '--compare',
        action='store_true',
        dest='compare',
        help='compare two mach files',
        default=False)
    parser.add_option(
        '-M',
        '--extract-modules',
        action='store_true',
        dest='extract_modules',
        help='Extract modules from file',
        default=False)
    parser.add_option(
        '-C',
        '--count',
        type='int',
        dest='max_count',
        help='Sets the max byte count when dumping section data',
        default=-1)

    (options, mach_files) = parser.parse_args()
    if options.extract_modules:
        if options.section_names:
            print "error: can't use --section option with the --extract-modules option"
            exit(1)
        if not options.outfile:
            print "error: the --output=FILE option must be specified with the --extract-modules option"
            exit(1)
        options.section_names.append("__apple_ast")
    if options.compare:
        if len(mach_files) == 2:
            mach_a = Mach()
            mach_b = Mach()
            mach_a.parse(mach_files[0])
            mach_b.parse(mach_files[1])
            mach_a.compare(mach_b)
        else:
            print 'error: --compare takes two mach files as arguments'
    else:
        if not (options.dump_header or options.dump_load_commands or options.dump_symtab or options.dump_sections or options.find_mangled or options.section_names):
            options.dump_header = True
            options.dump_load_commands = True
        if options.verbose:
            print 'options', options
            print 'mach_files', mach_files
        for path in mach_files:
            mach = Mach()
            mach.parse(path)
            if options.interactive:
                interpreter = Mach.Interactive(mach, options)
                interpreter.cmdloop()
            else:
                mach.dump(options)