def make_state_with_stdin(content): s = SimState(arch='AMD64', mode='symbolic') stdin_storage = angr.storage.file.SimFile('stdin', content=content) stdin = angr.storage.file.SimFileDescriptor(stdin_storage) s.register_plugin( 'posix', angr.state_plugins.SimSystemPosix(stdin=stdin_storage, fd={0: stdin})) return s
def test_copy(): s = SimState(arch="AMD64") s.memory.store(0x100, b"ABCDEFGHIJKLMNOP") s.memory.store(0x200, b"XXXXXXXXXXXXXXXX") x = s.solver.BVS('size', s.arch.bits) s.add_constraints(s.solver.ULT(x, 10)) s.memory.copy_contents(0x200, 0x100, x) nose.tools.assert_equal(sorted(s.solver.eval_upto(x, 100)), list(range(10))) result = s.memory.load(0x200, 5) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes)), [ b"ABCDE", b"ABCDX", b"ABCXX", b"ABXXX", b"AXXXX", b"XXXXX" ]) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes, extra_constraints=[x==3])), [ b"ABCXX" ]) s = SimState(arch="AMD64") s.register_plugin('posix', SimSystemPosix(stdin=SimFile(name='stdin', content=b'ABCDEFGHIJKLMNOP', has_end=True))) s.memory.store(0x200, b"XXXXXXXXXXXXXXXX") x = s.solver.BVS('size', s.arch.bits) s.add_constraints(s.solver.ULT(x, 10)) s.posix.get_fd(0).read(0x200, x) nose.tools.assert_equal(sorted(s.solver.eval_upto(x, 100)), list(range(10))) result = s.memory.load(0x200, 5) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes)), [ b"ABCDE", b"ABCDX", b"ABCXX", b"ABXXX", b"AXXXX", b"XXXXX" ]) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes, extra_constraints=[x==3])), [ b"ABCXX" ]) s = SimState(arch="AMD64") s.register_plugin('posix', SimSystemPosix(stdin=SimFile(name='stdin', content=b'ABCDEFGHIJKLMNOP'))) s.memory.store(0x200, b"XXXXXXXXXXXXXXXX") x = s.solver.BVS('size', s.arch.bits) s.add_constraints(s.solver.ULT(x, 10)) read_proc = SIM_PROCEDURES['posix']['read']() ret_x = read_proc.execute(s, arguments=(0, 0x200, x)).ret_expr nose.tools.assert_equal(sorted(s.solver.eval_upto(x, 100)), list(range(10))) result = s.memory.load(0x200, 5) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes)), [ b"ABCDE", b"ABCDX", b"ABCXX", b"ABXXX", b"AXXXX", b"XXXXX" ]) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes, extra_constraints=[x==3])), [ b"ABCXX" ]) nose.tools.assert_equal(sorted(s.solver.eval_upto(ret_x, 100)), list(range(10))) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes, extra_constraints=[ret_x==3])), [ b"ABCXX" ])
def test_copy(): s = SimState(arch="AMD64") s.memory.store(0x100, b"ABCDEFGHIJKLMNOP") s.memory.store(0x200, b"XXXXXXXXXXXXXXXX") x = s.solver.BVS('size', s.arch.bits) s.add_constraints(s.solver.ULT(x, 10)) s.memory.copy_contents(0x200, 0x100, x) nose.tools.assert_equal(sorted(s.solver.eval_upto(x, 100)), list(range(10))) result = s.memory.load(0x200, 5) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes)), [ b"ABCDE", b"ABCDX", b"ABCXX", b"ABXXX", b"AXXXX", b"XXXXX" ]) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes, extra_constraints=[x==3])), [ b"ABCXX" ]) s = SimState(arch="AMD64") s.register_plugin('posix', SimSystemPosix(stdin=SimFile(name='stdin', content=b'ABCDEFGHIJKLMNOP', has_end=True))) s.memory.store(0x200, b"XXXXXXXXXXXXXXXX") x = s.solver.BVS('size', s.arch.bits) s.add_constraints(s.solver.ULT(x, 10)) s.posix.get_fd(0).read(0x200, x) nose.tools.assert_equal(sorted(s.solver.eval_upto(x, 100)), list(range(10))) result = s.memory.load(0x200, 5) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes)), [ b"ABCDE", b"ABCDX", b"ABCXX", b"ABXXX", b"AXXXX", b"XXXXX" ]) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes, extra_constraints=[x==3])), [ b"ABCXX" ]) s = SimState(arch="AMD64") s.register_plugin('posix', SimSystemPosix(stdin=SimFile(name='stdin', content=b'ABCDEFGHIJKLMNOP'))) s.memory.store(0x200, b"XXXXXXXXXXXXXXXX") x = s.solver.BVS('size', s.arch.bits) s.add_constraints(s.solver.ULT(x, 10)) read_proc = SIM_PROCEDURES['posix']['read']() ret_x = read_proc.execute(s, arguments=(0, 0x200, x)).ret_expr nose.tools.assert_equal(sorted(s.solver.eval_upto(x, 100)), list(range(10))) result = s.memory.load(0x200, 5) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes)), [ b"ABCDE", b"ABCDX", b"ABCXX", b"ABXXX", b"AXXXX", b"XXXXX" ]) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes, extra_constraints=[x==3])), [ b"ABCXX" ]) nose.tools.assert_equal(sorted(s.solver.eval_upto(ret_x, 100)), list(range(10))) nose.tools.assert_equal(sorted(s.solver.eval_upto(result, 100, cast_to=bytes, extra_constraints=[ret_x==3])), [ b"ABCXX" ])
def make_state_with_stdin(content): s = SimState(arch='AMD64', mode='symbolic') stdin_storage = angr.storage.file.SimFile('stdin', content=content) stdin = angr.storage.file.SimFileDescriptor(stdin_storage) s.register_plugin('posix', angr.state_plugins.SimSystemPosix(stdin=stdin_storage, fd={0: stdin})) return s