/*
 *     __   ___   _
 *    /  \ |   \ | | /\-------<exec-text.c>----------------------------------->
 *   / /\ \| |\ \| |/ /
 *  / /__\ \    /|   /     Author:      ORK
 *  \______/ |\ \| | \     contact:     orkmail<at>katamail<dot>com
 *<--------|_| \_\_|\_\    Date:        15/03/2005
 *
 *
 * This code tries to determine if the memory region containing STACK,
 * HEAP, BSS and DATA is executable. In this version you can specify an
 * address to test.
 * 
 * Inspired by an awgn and alor's code.
 *
 */


#include <sys/types.h>
#include <sys/wait.h>
#include <dlfcn.h>
#include <stdio.h>

#define VERSION "0.2"

#define STACK        1
#define HEAP         2
#define BSS          3
#define DATA         4
#define OTHER        5

#define EXIT_CODE_VALUE 0xef
#define CODE_LEN        10
#define CODE            data_code

char data_code[] = "\x31\xc0"                 // xor    %eax, %eax
                   "\x31\xdb"                 // xor    %ebx, %ebx
	           "\x80\xc3\xef"             // add    $0xef, %bl
                   "\x40"                     // inc    %eax
                   "\xcd\x80";                // int    $0x80

char bss_code[CODE_LEN];
char *addr;

int test(int mem)
{
  int pid;
  int stat = -1;
  char stack_code[CODE_LEN], *heap_code;
  void (*f)(); 

  switch (mem)
    {
    case STACK:
      strncpy(stack_code, CODE, CODE_LEN);
      f = (void (*)()) stack_code;
      printf("(0x%.8X): ", f);
      break;
    case HEAP:
      heap_code = (char *) malloc(CODE_LEN);
      strncpy(heap_code, CODE, CODE_LEN);
      f = (void (*)()) heap_code;
      printf("(0x%.8X): ", f);	
      break;
    case BSS:
      strncpy(bss_code, CODE, CODE_LEN);
      f = (void (*)()) bss_code;
      printf("(0x%.8X): ", f);	
      break;
    case DATA:
      f = (void (*)()) data_code;
      printf("(0x%.8X): ", f);	
      break;
    case OTHER:
      strncpy(addr, CODE, CODE_LEN);
      f = (void (*)()) addr;
    }

  pid = fork();

  if (pid != 0)
    {
      // Parent
      if (waitpid(pid, &stat, 0) == -1) 
	return -1;
      else
	return stat;
    }
  else
    {
      // Child
      (void) (f)();
    }
}

valutate(int ret)
{
  if (WIFEXITED(ret) != 0)
    {
      if (WEXITSTATUS(ret) == EXIT_CODE_VALUE)
	{
	  printf("EXECUTABLE\n");
	}
      else
	{
	  printf("UNEXPECTED ERROR (Ret Code = %X)\n", WEXITSTATUS(ret));
	}
    }
  else
    {
      printf("NOT EXECUTABLE\n");
    }
}


int main(int argc, char *argv[])
{
  int r, h;
  char buff[32];

  printf("Executable Memory Test Version %s  --  By ORK\n\n", VERSION);

  if (argc == 1)
    {
      printf("Examinating Stack ");  
      r = test(STACK);
      valutate (r);
      
      printf("Examinating Heap  ");  
      r = test(HEAP);
      valutate (r);
      
      printf("Examinating BSS   ");  
      r = test(BSS);
      valutate (r);
      
      printf("Examinating DATA  ");  
      r = test(DATA);
      valutate (r);
    }
  else
    {
      for(h = 1; h < argc; h++)
	{
	  addr = (char *) strtoll(argv[h], NULL, 16);
	  printf("Examinating Adress  0x%.8X: ", addr);  
	  r = test(OTHER);
	  valutate (r);
	}
    }
  
  return 0;
}