def markArguments(self, args, addr, data):
listing = self.currentProgram.getListing()
function = self.currentProgram.getListing().getFunctionContaining(addr)
evaluate = ConstantPropagationContextEvaluator(True)
if function is None:
return None
ins = listing.getCodeUnitAt(addr)
if ins is None:
return
for block in function.getBody():
if addr >= block.getMinAddress() and addr <= block.getMaxAddress():
base = block.getMinAddress()
break
start = ins.getAddress()
curr = ins.getPrevious()
while curr != None:
if curr.getFlowType().toString() != 'FALL_THROUGH':
break
start = curr.getAddress()
if curr.getAddress().equals(base):
break
curr = curr.getPrevious()
args = args[0:len(data['args'])]
affected = {}
for arg in args:
affected[arg] = {
'addr': None,
'comment': data['args'][args.index(arg)]
}
curr = listing.getCodeUnitAt(start)
while curr != None:
addy = curr.getAddress()
if curr.getAddress().equals(addr):
break
for which in curr.getResultObjects():
if which.toString() in affected:
affected[which.toString()]['addr'] = addy
curr = curr.getNext()
for which in affected:
if affected[which]['addr'] is None:
continue
self.flatProgram.setPostComment(affected[which]['addr'],
affected[which]['comment'])
def resolve_argument(f, addr):
register = currentProgram.getLanguage().getRegister("v1")
startaddr = f.getEntryPoint()
evaluator = ConstantPropagationContextEvaluator(True)
symbolic = SymbolicPropogator(currentProgram)
symbolic.flowConstants(startaddr, f.getBody(), evaluator, True, monitor)
reg_value = symbolic.getRegisterValue(addr, register)
return reg_value.getValue()
def getRegisterValue(self, func, call, register):
symEval = SymbolicPropogator(self.currentProgram)
function = self.currentProgram.getListing().getFunctionContaining(call)
evaluate = ConstantPropagationContextEvaluator(True)
symEval.flowConstants(function.getEntryPoint(), function.getBody(), evaluate, False, self.monitor)
result = symEval.getRegisterValue(call, register)
if result is not None:
return result.getValue()
return None
def resolveConstants(funcsToCalls, program, tMonitor):
addressesToSyscalls = {}
syscallReg = program.getLanguage().getRegister(syscallRegister)
for func in sorted(funcsToCalls, key=lambda a: str(a)):
start = func.getEntryPoint()
eval_ = ConstantPropagationContextEvaluator(True)
symEval = SymbolicPropogator(program)
symEval.flowConstants(start, func.getBody(), eval_, True, tMonitor)
for callSite in funcsToCalls[func]:
val = symEval.getRegisterValue(callSite, syscallReg)
if val is None:
print "Couldn't resolve value of %s" % syscallReg
continue
print "Resolved syscall to 0x%02X" % val.getValue()
addressesToSyscalls[callSite] = val.getValue()
return addressesToSyscalls
def getRegisterValue(self, addr, register):
function = self.currentProgram.getListing().getFunctionContaining(addr)
evaluate = ConstantPropagationContextEvaluator(True)
if function is None:
return None
self.symEval.flowConstants(function.getEntryPoint(),
function.getBody(), evaluate, False,
self.monitor)
result = self.symEval.getRegisterValue(addr, register)
if result is not None:
return result.getValue()
return None
def getRegs(self, regs, addr):
fn = self.currentProgram.getListing().getFunctionContaining(addr)
if not fn:
return
# don't reflow if we already did this function
if fn != self.last_fn:
cpce = ConstantPropagationContextEvaluator(True)
self.symprop.flowConstants(fn.getEntryPoint(), fn.getBody(), cpce,
False, self.monitor)
self.last_fn = fn
res = {}
for rname in regs:
res[rname] = self.symprop.getRegisterValue(
addr, self.currentProgram.getRegister(rname))
return res