def get_instruction_info(self, data, addr):
        op = self.decode_operation(data, addr)
        if op is None:
            return None

        ii = InstructionInfo()
        ii.length = op.size
        op.branching(ii)
        return ii
Beispiel #2
0
    def perform_get_instruction_info(self, data, addr):
        instr = self.decode_instruction(data, addr)
        if instr is None:
            return None

        result = InstructionInfo()
        result.length = instr.SIZE
        instr.add_branches(result)

        return result
Beispiel #3
0
    def get_instruction_info(self, data, addr):
        opcode, offset, value, length = self.parse_instruction(data, addr)

        info = InstructionInfo()
        info.length = length

        if opcodes[opcode] == 'hlt':
            info.add_branch(BranchType.FunctionReturn)

        return info
 def get_instruction_info(self, data, addr):
     """
     Default get_instruction_info, which sets up the InstructionInfo object and does not
     add a branch.
     :param data:
     :param addr:
     :return:
     """
     info = InstructionInfo()
     info.length = self.length
     return info
Beispiel #5
0
    def get_instruction_info(self, data, addr):
        result = InstructionInfo()
        result.length = ISIZE

        insn = disasm_single(data, addr)

        if not insn:
            return result

        result.length = insn.size
        Brancher.find_branches(insn, result)

        return result
Beispiel #6
0
    def find_branches(cls, insn, result: InstructionInfo):
        func_name = 'branch_' + insn.opcode["cmd"].replace("/", "_")
        if hasattr(cls, func_name):
            getattr(cls, func_name)(insn, result)

            if insn.opcode["is_delay"]:
                result.branch_delay = True
 def get_instruction_info(self, data, addr):
     info = InstructionInfo()
     info.add_branch(BranchType.TrueBranch, addr +
                     self.imm6 + 4)
     info.add_branch(BranchType.FalseBranch, addr + self.length)
     info.length = self.length
     return info
Beispiel #8
0
    def perform_get_instruction_info(self, data, addr):
        # If we can't decode an instruction return None
        if len(data) < 12:
            return None

        # Unpack our operands from the data
        a, b, c = struct.unpack('<3I', data[:12])

        # Create the InstructionInfo object for our instruction
        res = InstructionInfo()
        res.length = 12

        if c != 0:
            if b == a:
                # Unconditional branch jumps to integer index c
                res.add_branch(BranchType.UnconditionalBranch, c * 4)
            else:
                # True branch jumps to integer index c
                res.add_branch(BranchType.TrueBranch, c * 4)
                # False branch continues to next instruction
                res.add_branch(BranchType.FalseBranch, addr + 12)

        return res
Beispiel #9
0
 def branch_bra(insn, result: InstructionInfo):
     result.add_branch(BranchType.UnconditionalBranch,
                       insn.opcode["args"][0].val)
Beispiel #10
0
 def get_instruction_info(self, data, addr):
     info = InstructionInfo()
     info.add_branch(BranchType.FunctionReturn)
     info.length = self.length
     return info
Beispiel #11
0
    def get_instruction_info(self, data, addr):
        ffi = self.ffi
        libvle = self.libvle
        # vle_handle = self.vle_handle
        vle_handle = self.ffi.new('vle_handle*')
        # vle_handle = ffi.new('vle_handle*')
        vle_instr = ffi.new('vle_t*')

        data_len = len(data[0:4])
        data_buf = ffi.new('char[]', data[0:4])
        return_code = libvle.vle_init(vle_handle, data_buf, data_len)
        decoding_success = libvle.vle_next(vle_handle, vle_instr);
        if not decoding_success or vle_instr.name == ffi.NULL or vle_instr.op_type == libvle.OP_TYPE_ILL:
            return None

        result = InstructionInfo()
        result.length = vle_instr.size

        if vle_instr.op_type == libvle.OP_TYPE_JMP:
            result.add_branch(BranchType.UnconditionalBranch, (vle_instr.fields[0].value + addr) & 0xffffffff)
        elif vle_instr.op_type == libvle.OP_TYPE_CJMP:
            if vle_instr.fields[0].type == libvle.TYPE_JMP:
                result.add_branch(BranchType.TrueBranch, (vle_instr.fields[0].value + addr) & 0xffffffff)
                result.add_branch(BranchType.FalseBranch, result.length + addr)
            elif vle_instr.fields[0].type == libvle.TYPE_CR:
                result.add_branch(BranchType.TrueBranch, (vle_instr.fields[1].value + addr) & 0xffffffff)
                result.add_branch(BranchType.FalseBranch, result.length + addr)
            else:
                return None
        elif vle_instr.op_type == libvle.OP_TYPE_CALL:
            target = (vle_instr.fields[0].value + addr) & 0xffffffff
            if target != addr + vle_instr.size:
                result.add_branch(BranchType.CallDestination, target)
        elif vle_instr.op_type == libvle.OP_TYPE_CCALL:
            result.add_branch(BranchType.FalseBranch, result.length + addr)
            result.add_branch(BranchType.CallDestination, (vle_instr.fields[0].value + addr) & 0xffffffff)
        elif vle_instr.op_type == libvle.OP_TYPE_RCALL:
            result.add_branch(BranchType.IndirectBranch)
        elif vle_instr.op_type == libvle.OP_TYPE_RJMP:
            result.add_branch(BranchType.IndirectBranch)
        elif vle_instr.op_type == libvle.OP_TYPE_RET:
            result.add_branch(BranchType.FunctionReturn)
        elif vle_instr.op_type == libvle.OP_TYPE_SWI:
            result.add_branch(BranchType.SystemCall)
        elif vle_instr.op_type == libvle.OP_TYPE_TRAP:
            result.add_branch(BranchType.FunctionReturn)

        # 0x18211100


   # 1d53a:	18 21 11 00 	e_stmvsprw 0(r1)
   # 1d53e:	18 81 11 10 	e_stmvsrrw 16(r1)
   # 1d5a4:	18 81 10 10 	e_ldmvsrrw 16(r1)
   # 1d5a8:	18 21 10 00 	e_ldmvsprw 0(r1)

        return result
Beispiel #12
0
 def branch_jsr_n(insn, result: InstructionInfo):
     result.add_branch(BranchType.IndirectBranch)
Beispiel #13
0
 def get_instruction_info(self, data, addr):
     info = InstructionInfo()
     info.add_branch(BranchType.CallDestination, self.get_imm(data))
     info.length = self.length
     return info
Beispiel #14
0
    def perform_get_instruction_info(self, data, addr):
        instr, _, _, _, _, _, length, src_value, _ = self.decode_instruction(
            data, addr)

        if instr is None:
            return None

        result = InstructionInfo()
        result.length = length

        # Add branches
        if instr in ['ret', 'reti']:
            result.add_branch(BranchType.FunctionReturn)
        elif instr in ['jmp', 'br'] and src_value is not None:
            result.add_branch(BranchType.UnconditionalBranch, src_value)
        elif instr in TYPE3_INSTRUCTIONS:
            result.add_branch(BranchType.TrueBranch, src_value)
            result.add_branch(BranchType.FalseBranch, addr + 2)
        elif instr == 'call' and src_value is not None:
            result.add_branch(BranchType.CallDestination, src_value)

        return result
Beispiel #15
0
    def perform_get_instruction_info(self, data, addr):
        instruction, opcode = self.retrieve_instruction(data)
        if not instruction:
            return

        result = InstructionInfo()
        result.length = self.address_size

        inst_name = instruction.name
        if inst_name in ('bi', 'iret'):
            result.add_branch(FunctionReturn)
        elif inst_name in ('brsl', 'brasl'):
            branch_addr, _ = instruction.decode(opcode, addr)
            result.add_branch(CallDestination, branch_addr)
        elif inst_name == ('bisl', 'biz', 'binz', 'bihnz', 'bisled'):
            _, ra, _ = instruction.decode(opcode, addr)
            result.add_branch(IndirectBranch, ra)
        elif inst_name in ('brz', 'brnz', 'brhz', 'brhnz'):
            branch_addr, _ = instruction.decode(opcode, addr)
            result.add_branch(TrueBranch, branch_addr)
            result.add_branch(FalseBranch, addr + self.address_size)
        elif inst_name in ('br', 'bra'):
            branch_addr, _ = instruction.decode(opcode, addr)
            result.add_branch(UnconditionalBranch, branch_addr)

        return result
    def perform_get_instruction_info(self, data, addr):

        reader = BitReader16(BytestringReader(data))
        try:
            ins = disassemble(reader)
        except InvalidMachineCodeException as e:
            log_error("InvalidMachineCodeException at address: " + hex(addr) +
                      " {0}".format(e))
            return None

        insInfo = InstructionInfo()
        insInfo.length = reader.nytes_read() * 2

        op = ins.mnemonic
        if op in ['re', 'ht']:
            insInfo.add_branch(BranchType.FunctionReturn)
        elif op in ['b', 'brr']:
            # relative direct unconditional
            insInfo.add_branch(BranchType.UnconditionalBranch,
                               addr + 2 * ins.op1.value)
        elif op in [
                'bn', 'be', 'bl', 'ble', 'bg', 'bge', 'bno', 'bo', 'bns', 'bs',
                'bsl', 'bsle', 'bsg', 'bsge'
        ]:
            # relative direct conditional
            insInfo.add_branch(BranchType.TrueBranch, addr + 2 * ins.op1.value)
            insInfo.add_branch(BranchType.FalseBranch, addr + insInfo.length)
        elif op == 'br':
            # absolute indirect unconditonal
            insInfo.add_branch(BranchType.IndirectBranch)
        elif op in [
                'brn', 'bre', 'brl', 'brle', 'brg', 'brge', 'brno', 'bro',
                'brns', 'brs', 'brsl', 'brsle', 'brsg', 'brsge'
        ]:
            # absolute indirect conditonal
            insInfo.add_branch(BranchType.TrueBranch)
            insInfo.add_branch(BranchType.FalseBranch, addr + insInfo.length)
        elif op == 'bra':
            # absolute direct
            insInfo.add_branch(BranchType.UnconditionalBranch,
                               2 * ins.op1.value)
        elif op in ['c', 'car']:
            # relative direct unconditional
            insInfo.add_branch(BranchType.CallDestination,
                               addr + 2 * ins.op1.value)
        elif op in [
                'cn', 'ce', 'cl', 'cle', 'cg', 'cge', 'cno', 'co', 'cns', 'cs',
                'csl', 'csle', 'csg', 'csge'
        ]:
            # relative direct conditional
            insInfo.add_branch(BranchType.CallDestination,
                               addr + 2 * ins.op1.value)
            #insInfo.add_branch(BranchType.TrueBranch, addr + 2 * ins.op1.value)
            insInfo.add_branch(BranchType.FalseBranch, addr + insInfo.length)
        elif op == 'caa':
            insInfo.add_branch(BranchType.CallDestination, 2 * ins.op1.value)
        elif op == 'cr':
            insInfo.add_branch(BranchType.CallDestination)
        elif op in [
                'crn', 'cre', 'crl', 'crle', 'crg', 'crge', 'crno', 'cro',
                'crns', 'crs', 'crsl', 'crsle', 'crsg', 'crsge'
        ]:
            insInfo.add_branch(BranchType.CallDestination)
            insInfo.add_branch(BranchType.FalseBranch, addr + insInfo.length)

        return insInfo
Beispiel #17
0
    def perform_get_instruction_info(self, data, addr):
        instr, src, src_op, dst, dst_op, src_value, dst_value, length = self.decode_instruction(
            data, addr)
        res = InstructionInfo()
        res.length = length

        if instr in {'ret'}:
            res.add_branch(BranchType.FunctionReturn)
        elif instr in BRANCH_INSTRUCTIONS:
            res.add_branch(BranchType.TrueBranch, dst_value)
            res.add_branch(BranchType.FalseBranch, addr + 16)
        elif instr == 'jsra':
            res.add_branch(BranchType.CallDestination, dst_value)
        elif instr == "jmpa":
            res.add_branch(BranchType.UnconditionalBranch, dst_value)

        return res
Beispiel #18
0
 def get_instruction_info(self, data, addr):
     info = InstructionInfo()
     info.add_branch(BranchType.UnconditionalBranch)
     info.length = self.length
     return info
Beispiel #19
0
 def branch_bsr(insn, result: InstructionInfo):
     result.add_branch(BranchType.CallDestination,
                       insn.opcode["args"][0].val)
Beispiel #20
0
 def get_instruction_info(self, data, addr):
     info = InstructionInfo()
     addr_calc = addr + twos_comp(self.offset, 18) + 4
     info.add_branch(BranchType.UnconditionalBranch, addr_calc)
     info.length = self.length
     return info
Beispiel #21
0
    def perform_get_instruction_info(self, data, addr):
        instr, _, _, _, _, dst, length, src_value, _ = self.decode_instruction(
            data, addr)

        if instr is None:
            return None

        result = InstructionInfo()
        result.length = length

        if instr == 'ret':
            result.add_branch(BranchType.FunctionReturn)
        elif instr == 'reti':
            result.add_branch(BranchType.FunctionReturn)
        elif instr == 'call':
            result.add_branch(BranchType.CallDestination, dst * 2)
        elif instr == 'rcall':
            result.add_branch(BranchType.CallDestination,
                              addr + dst * 2 + 1 * 2)
        elif instr == 'jmp':
            result.add_branch(BranchType.UnconditionalBranch, dst * 2)
        elif instr == 'rjmp':
            result.add_branch(BranchType.UnconditionalBranch,
                              addr + dst * 2 + 1 * 2)
        elif (instr == 'breq' or instr == 'brne' or instr == 'brcs'
              or instr == 'brcc' or instr == 'brsh' or instr == 'brlo'
              or instr == 'brmi' or instr == 'brpl' or instr == 'brge'
              or instr == 'brlt' or instr == 'brhs' or instr == 'brhc'
              or instr == 'brts' or instr == 'brtc' or instr == 'brvs'
              or instr == 'brvc' or instr == 'brie' or instr == 'brid'):
            result.add_branch(BranchType.TrueBranch, addr + dst * 2 + 1 * 2)
            result.add_branch(BranchType.FalseBranch, addr + 1 * 2)
        elif (instr == 'brbs' or instr == 'brbc'):
            result.add_branch(BranchType.TrueBranch, addr + dst * 2 + 1 * 2)
            result.add_branch(BranchType.FalseBranch, addr + 1 * 2)
        elif (instr == 'cpse' or instr == 'sbrc' or instr == 'sbrs'
              or instr == 'sbic' or instr == 'sbis'):
            result.add_branch(BranchType.TrueBranch, addr + 2 * 2)
            result.add_branch(BranchType.FalseBranch, addr + 1 * 2)
        elif (instr == 'icall' or instr == 'ijmp'):
            result.add_branch(BranchType.IndirectBranch)

        #TODO

        return result
Beispiel #22
0
    def get_instruction_info(self, data, addr):
        opcode, length = self.parse_instruction(data, addr)

        info = InstructionInfo()
        info.length = length

        if opcodes[opcode] == 'Close':
            info.add_branch(BranchType.UnresolvedBranch)
            info.add_branch(BranchType.FalseBranch, addr + 1)
        elif opcodes[opcode] == 'Open':
            info.add_branch(BranchType.TrueBranch, addr + 1)
            info.add_branch(BranchType.UnresolvedBranch)

        return info
Beispiel #23
0
    def get_instruction_info(self, data, addr):
        try:
            (_, inst_length, _, inst_type, mode,
             value) = M6800._decode_instruction(data, addr)
        except LookupError as error:
            log_error(error.__str__())
            return None

        inst = InstructionInfo()
        inst.length = inst_length

        if inst_type == InstructionType.CONDITIONAL_BRANCH:
            if mode == AddressMode.INDEXED:
                inst.add_branch(BranchType.UnresolvedBranch)
            else:
                inst.add_branch(BranchType.TrueBranch, value)
                inst.add_branch(BranchType.FalseBranch, addr + inst_length)
        elif inst_type == InstructionType.UNCONDITIONAL_BRANCH:
            if mode == AddressMode.INDEXED:
                inst.add_branch(BranchType.UnresolvedBranch)
            else:
                inst.add_branch(BranchType.UnconditionalBranch, value)
        elif inst_type == InstructionType.CALL:
            if mode == AddressMode.INDEXED:
                inst.add_branch(BranchType.UnresolvedBranch)
            else:
                inst.add_branch(BranchType.CallDestination, value)
        elif inst_type == InstructionType.RETURN:
            inst.add_branch(BranchType.FunctionReturn)

        return inst
Beispiel #24
0
    def get_instruction_info(self, data, addr):

        instr = self.disassembler.decode(data, addr)

        if instr is None:
            return None

        result = InstructionInfo()
        result.length = instr.size

        dest = None

        if instr.imm is not None:
            dest = addr + instr.imm

        if instr.name == 'ret' or self._looks_like_ret(instr):
            result.add_branch(BranchType.FunctionReturn)
        elif instr.name in branch_ins:
            result.add_branch(BranchType.TrueBranch, dest)
            result.add_branch(BranchType.FalseBranch, addr + instr.size)
        elif instr.name in direct_jump_ins:
            result.add_branch(BranchType.UnconditionalBranch, dest)
        elif instr.name in indirect_jump_ins:
            result.add_branch(BranchType.UnresolvedBranch)
        elif instr.name in direct_call_ins:
            result.add_branch(BranchType.CallDestination, dest)
        elif instr.name in indirect_call_ins:
            result.add_branch(BranchType.UnresolvedBranch)

        return result
Beispiel #25
0
 def branch_bf(insn, result: InstructionInfo, size=ISIZE):
     result.add_branch(BranchType.TrueBranch, insn.opcode["args"][0].val)
     result.add_branch(BranchType.FalseBranch, insn.addr + size)
Beispiel #26
0
 def get_instruction_info(self, data, addr):
     decoded = mc.decode(data, addr)
     if decoded:
         info = InstructionInfo()
         decoded.analyze(info, addr)
         return info
Beispiel #27
0
    def get_instruction_info(self, data, addr):
        instr_obj = self.decode_instruction(data, addr)

        if not instr_obj:
            return None

        result = InstructionInfo()
        result.length = instr_obj.length

        instr_name = instr_obj.getName()

        # TODO: update this properly
        # Add branches
        if instr_name in ['ret', 'end']:
            result.add_branch(BranchType.FunctionReturn)
        elif instr_name.startswith('jmp'):
            result.add_branch(BranchType.UnconditionalBranch,
                              instr_obj.dst_value)
        elif instr_name in BRANCH_INSTRUCTIONS:
            result.add_branch(BranchType.TrueBranch, instr_obj.dst_value)
            result.add_branch(BranchType.FalseBranch, addr + instr_obj.length)
        elif instr_name == 'call':
            result.add_branch(BranchType.CallDestination, instr_obj.dst_value)
        elif instr_name == 'syscall':
            result.add_branch(BranchType.SystemCall)

        return result
Beispiel #28
0
 def get_instruction_info(self, data, addr):
     if self.get_reg1(data) == self.get_reg2(data):
         # unconditional
         info = InstructionInfo()
         info.add_branch(BranchType.UnconditionalBranch, self.get_imm(data))
         info.length = self.length
         return info
     else:
         # conditional
         info = InstructionInfo()
         info.add_branch(BranchType.TrueBranch, self.get_imm(data))
         info.add_branch(BranchType.FalseBranch, addr + 5)
         info.length = self.length
         return info
Beispiel #29
0
    def get_instruction_info(self, data, addr):
        instruction = disassemble_one(data, addr)

        result = InstructionInfo()
        result.length = instruction.size
        if instruction.name == "JUMP":
            result.add_branch(BranchType.UnresolvedBranch)
        elif instruction.name == "JUMPI":
            result.add_branch(BranchType.UnresolvedBranch)
            result.add_branch(BranchType.FalseBranch, addr + 1)
        elif instruction.name in ('RETURN', 'REVERT', 'SUICIDE', 'INVALID',
                                  'STOP', 'SELFDESTRUCT'):
            result.add_branch(BranchType.FunctionReturn)

        return result
Beispiel #30
0
 def branch_rtv_n(insn, result: InstructionInfo):
     result.add_branch(BranchType.FunctionReturn)