def test_1(self):
ctx = TritonContext()
ctx.setArchitecture(ARCH.X86_64)
ctx.setMode(MODE.ONLY_ON_TAINTED, False)
self.assertEqual(ctx.isModeEnabled(MODE.ONLY_ON_TAINTED), False)
inst = Instruction(b"\x48\x89\xc3") # mov rbx, rax
self.assertTrue(ctx.processing(inst))
self.assertTrue(checkAstIntegrity(inst))
self.assertEqual(len(inst.getReadRegisters()), 1)
self.assertEqual(len(inst.getWrittenRegisters()), 2)
ctx.setMode(MODE.ONLY_ON_TAINTED, True)
self.assertEqual(ctx.isModeEnabled(MODE.ONLY_ON_TAINTED), True)
self.assertTrue(ctx.processing(inst))
self.assertTrue(checkAstIntegrity(inst))
self.assertEqual(len(inst.getSymbolicExpressions()), 0)
self.assertEqual(len(inst.getReadRegisters()), 0)
self.assertEqual(len(inst.getReadImmediates()), 0)
self.assertEqual(len(inst.getWrittenRegisters()), 0)
self.assertEqual(len(inst.getLoadAccess()), 0)
self.assertEqual(len(inst.getStoreAccess()), 0)
def test_1(self):
ctx = TritonContext()
ctx.setArchitecture(ARCH.X86_64)
ctx.enableMode(MODE.ONLY_ON_TAINTED, False)
self.assertEqual(ctx.isModeEnabled(MODE.ONLY_ON_TAINTED), False)
inst = Instruction("\x48\x89\xc3") # mov rbx, rax
self.assertTrue(ctx.processing(inst))
self.assertTrue(checkAstIntegrity(inst))
self.assertEqual(len(inst.getReadRegisters()), 1)
self.assertEqual(len(inst.getWrittenRegisters()), 2)
ctx.enableMode(MODE.ONLY_ON_TAINTED, True)
self.assertEqual(ctx.isModeEnabled(MODE.ONLY_ON_TAINTED), True)
self.assertTrue(ctx.processing(inst))
self.assertTrue(checkAstIntegrity(inst))
self.assertEqual(len(inst.getSymbolicExpressions()), 0)
self.assertEqual(len(inst.getReadRegisters()), 0)
self.assertEqual(len(inst.getReadImmediates()), 0)
self.assertEqual(len(inst.getWrittenRegisters()), 0)
self.assertEqual(len(inst.getLoadAccess()), 0)
self.assertEqual(len(inst.getStoreAccess()), 0)
def main():
code = [(0x1000, "\x83\xc4\x08"), (0x1003, "\x5b"), (0x1004, "\xc3")]
ctxt = TritonContext()
ctxt.setArchitecture(ARCH.X86)
#load instructions
for (addr, opcode) in code:
inst = Instruction()
inst.setOpcode(opcode)
inst.setAddress(addr)
if not ctxt.processing(inst):
print "Fail an instruction"
print inst
expr = inst.getSymbolicExpressions()[0]
print expr
def process(code):
Triton = TritonContext()
Triton.setArchitecture(ARCH.X86_64)
for (addr, opcode) in code:
# Build an instruction
inst = Instruction()
# Setup opcode
inst.setOpcode(opcode)
# Setup Address
inst.setAddress(addr)
# Process everything
Triton.processing(inst)
print(inst)
for expr in inst.getSymbolicExpressions():
print('\t', expr)
for k, v in list(Triton.getSymbolicRegisters().items()):
if 'rax' in str(Triton.getRegister(k)):
print(Triton.getRegister(k), v)
class TestInstruction(unittest.TestCase):
"""Testing the Instruction class."""
def setUp(self):
"""Define and process the instruction to test."""
self.Triton = TritonContext()
self.Triton.setArchitecture(ARCH.X86_64)
self.inst = Instruction()
self.inst.setOpcode("\x48\x01\xd8") # add rax, rbx
self.inst.setAddress(0x400000)
self.Triton.setConcreteRegisterValue(self.Triton.registers.rax, 0x1122334455667788)
self.Triton.setConcreteRegisterValue(self.Triton.registers.rbx, 0x8877665544332211)
self.Triton.processing(self.inst)
def test_address(self):
"""Check instruction current and next address."""
self.assertEqual(self.inst.getAddress(), 0x400000)
self.assertEqual(self.inst.getNextAddress(), 0x400003)
def test_memory(self):
"""Check memory access."""
self.assertListEqual(self.inst.getLoadAccess(), [])
self.assertListEqual(self.inst.getStoreAccess(), [])
self.assertFalse(self.inst.isMemoryWrite())
self.assertFalse(self.inst.isMemoryRead())
def test_registers(self):
"""Check register access."""
self.assertEqual(len(self.inst.getReadRegisters()), 2, "access RAX and RBX")
self.assertEqual(len(self.inst.getWrittenRegisters()), 8, "write in RAX, RIP, AF, XF, OF, PF, SF and ZF")
def test_taints(self):
"""Check taints attributes."""
self.assertFalse(self.inst.isTainted())
def test_prefix(self):
"""Check prefix data."""
self.assertFalse(self.inst.isPrefixed())
self.assertEqual(self.inst.getPrefix(), PREFIX.INVALID)
def test_control_flow(self):
"""Check control flow flags."""
self.assertFalse(self.inst.isControlFlow(), "It is not a jmp, ret or call")
self.assertFalse(self.inst.isBranch(), "It is not a jmp")
def test_condition(self):
"""Check condition flags."""
self.assertFalse(self.inst.isConditionTaken())
def test_opcode(self):
"""Check opcode informations."""
self.assertEqual(self.inst.getOpcode(), "\x48\x01\xd8")
self.assertEqual(self.inst.getType(), OPCODE.ADD)
def test_thread(self):
"""Check threads information."""
self.assertEqual(self.inst.getThreadId(), 0)
def test_operand(self):
"""Check operand information."""
self.assertEqual(len(self.inst.getOperands()), 2)
self.assertEqual(self.inst.getOperands()[0].getName(), "rax")
self.assertEqual(self.inst.getOperands()[1].getName(), "rbx")
with self.assertRaises(Exception):
self.inst.getOperands()[2]
def test_symbolic(self):
"""Check symbolic information."""
self.assertEqual(len(self.inst.getSymbolicExpressions()), 8)
def test_size(self):
"""Check size information."""
self.assertEqual(self.inst.getSize(), 3)
def test_disassembly(self):
"""Check disassembly equivalent."""
self.assertEqual(self.inst.getDisassembly(), "add rax, rbx")
if __name__ == '__main__':
Triton = TritonContext()
Triton.setArchitecture(ARCH.X86_64)
for (addr, opcode) in code:
# Build an instruction
inst = Instruction()
# Setup opcode
inst.setOpcode(opcode)
# Setup Address
inst.setAddress(addr)
# Process everything
Triton.processing(inst)
# Display instruction
print(inst)
# Display symbolic expressions
for expr in inst.getSymbolicExpressions():
print('\t', expr)
print()
sys.exit(0)
class TestInstruction(unittest.TestCase):
"""Testing the Instruction class."""
def setUp(self):
"""Define and process the instruction to test."""
self.Triton = TritonContext()
self.Triton.setArchitecture(ARCH.X86_64)
self.inst = Instruction()
self.inst.setOpcode(b"\x48\x01\xd8") # add rax, rbx
self.inst.setAddress(0x400000)
self.Triton.setConcreteRegisterValue(self.Triton.registers.rax, 0x1122334455667788)
self.Triton.setConcreteRegisterValue(self.Triton.registers.rbx, 0x8877665544332211)
self.Triton.processing(self.inst)
def test_address(self):
"""Check instruction current and next address."""
self.assertEqual(self.inst.getAddress(), 0x400000)
self.assertEqual(self.inst.getNextAddress(), 0x400003)
inst = Instruction()
inst.setAddress(-1)
self.assertEqual(inst.getAddress(), 0xffffffffffffffff)
inst.setAddress(-2)
self.assertEqual(inst.getAddress(), 0xfffffffffffffffe)
inst.setAddress(-3)
self.assertEqual(inst.getAddress(), 0xfffffffffffffffd)
def test_memory(self):
"""Check memory access."""
self.assertListEqual(self.inst.getLoadAccess(), [])
self.assertListEqual(self.inst.getStoreAccess(), [])
self.assertFalse(self.inst.isMemoryWrite())
self.assertFalse(self.inst.isMemoryRead())
def test_registers(self):
"""Check register access."""
self.assertEqual(len(self.inst.getReadRegisters()), 2, "access RAX and RBX")
self.assertEqual(len(self.inst.getWrittenRegisters()), 8, "write in RAX, RIP, AF, XF, OF, PF, SF and ZF")
def test_taints(self):
"""Check taints attributes."""
self.assertFalse(self.inst.isTainted())
def test_prefix(self):
"""Check prefix data."""
self.assertFalse(self.inst.isPrefixed())
self.assertEqual(self.inst.getPrefix(), PREFIX.X86.INVALID)
def test_control_flow(self):
"""Check control flow flags."""
self.assertFalse(self.inst.isControlFlow(), "It is not a jmp, ret or call")
self.assertFalse(self.inst.isBranch(), "It is not a jmp")
def test_condition(self):
"""Check condition flags."""
self.assertFalse(self.inst.isConditionTaken())
def test_opcode(self):
"""Check opcode informations."""
self.assertEqual(self.inst.getOpcode(), b"\x48\x01\xd8")
self.assertEqual(self.inst.getType(), OPCODE.X86.ADD)
def test_thread(self):
"""Check threads information."""
self.assertEqual(self.inst.getThreadId(), 0)
def test_operand(self):
"""Check operand information."""
self.assertEqual(len(self.inst.getOperands()), 2)
self.assertEqual(self.inst.getOperands()[0].getName(), "rax")
self.assertEqual(self.inst.getOperands()[1].getName(), "rbx")
with self.assertRaises(Exception):
self.inst.getOperands()[2]
def test_symbolic(self):
"""Check symbolic information."""
self.assertEqual(len(self.inst.getSymbolicExpressions()), 8)
def test_size(self):
"""Check size information."""
self.assertEqual(self.inst.getSize(), 3)
def test_disassembly(self):
"""Check disassembly equivalent."""
self.assertEqual(self.inst.getDisassembly(), "add rax, rbx")
if __name__ == '__main__':
Triton = TritonContext()
Triton.setArchitecture(ARCH.X86_64)
for (addr, opcode) in code:
# Build an instruction
inst = Instruction()
# Setup opcode
inst.setOpcode(opcode)
# Setup Address
inst.setAddress(addr)
# Process everything
Triton.processing(inst)
# Display instruction
print inst
# Display symbolic expressions
for expr in inst.getSymbolicExpressions():
print '\t', expr
print
sys.exit(0)
class TestSymbolicExpression(unittest.TestCase):
"""Testing symbolic expression."""
def setUp(self):
"""Define the arch."""
self.ctx = TritonContext()
self.ctx.setArchitecture(ARCH.X86_64)
self.inst1 = Instruction("\x48\x31\xd8") # xor rax, rbx
self.ctx.setConcreteRegisterValue(self.ctx.registers.al, 0x10)
self.ctx.setConcreteRegisterValue(self.ctx.registers.bl, 0x55)
self.inst2 = Instruction("\x48\x89\x03") # mov [rbx], rax
self.ctx.processing(self.inst1)
self.ctx.processing(self.inst2)
self.expr1 = self.inst1.getSymbolicExpressions()[0]
self.expr2 = self.inst2.getSymbolicExpressions()[8]
def test_expressions(self):
"""Test expressions"""
self.assertEqual(len(self.inst1.getSymbolicExpressions()), 7)
def test_getAst(self):
"""Test getAst"""
self.assertEqual(self.expr1.getAst().evaluate(), 0x45)
def test_getComment(self):
"""Test getComment"""
self.assertEqual(self.expr1.getComment(), "XOR operation")
def test_getId(self):
"""Test getId"""
self.assertEqual(self.expr1.getId(), 0)
def test_getKind(self):
"""Test getKind"""
self.assertEqual(self.expr1.getKind(), SYMEXPR.REG)
self.assertEqual(self.expr2.getKind(), SYMEXPR.MEM)
def test_getNewAst(self):
"""Test getNewAst"""
self.assertTrue(self.expr1.getAst().equalTo(self.expr1.getNewAst()))
def test_getOrigin(self):
"""Test getOrigin"""
self.assertEqual(self.expr1.getOrigin().getId(), REG.X86_64.RAX)
self.assertEqual(str(self.expr1.getOrigin()), "rax:64 bv[63..0]")
self.assertEqual(str(self.expr2.getOrigin()), "[@0x55]:64 bv[63..0]")
def test_isMemory(self):
"""Test isMemory"""
self.assertFalse(self.expr1.isMemory())
def test_isRegister(self):
"""Test isRegister"""
self.assertTrue(self.expr1.isRegister())
def test_isSymbolized(self):
"""Test isSymbolized"""
self.assertFalse(self.expr1.isSymbolized())
def test_isTainted(self):
"""Test isTainted"""
self.assertFalse(self.expr1.isTainted())
def test_setAst(self):
"""Test setAst"""
self.expr1.setAst(self.ctx.getAstContext().bv(1, 64))
self.assertEqual(str(self.expr1.getAst()), "(_ bv1 64)")
def test_setComment(self):
"""Test setComment"""
self.expr1.setComment("test")
self.assertEqual(self.expr1.getComment(), "test")