def test_two_irsb():
irsb1 = pyvex.IRSB(data=b'\x5d\xc3', mem_addr=0, arch=ArchAMD64())
irsb2 = pyvex.IRSB(data=b'\x5d\x5d\x5d\x5d', mem_addr=0, arch=ArchAMD64())
stmts1 = irsb1.statements
stmts2 = irsb2.statements
nose.tools.assert_not_equal(len(stmts1), len(stmts2))
def test_irsb_tyenv():
irsb = pyvex.IRSB(data=b'\x5d\xc3', mem_addr=0, arch=ArchAMD64())
print(irsb.tyenv)
print("Orig")
print(irsb.tyenv)
print("Empty")
irsb2 = pyvex.IRSB.empty_block(arch=ArchAMD64(), addr=0)
print(irsb2.tyenv)
print("Unwrapped")
irsb2.tyenv = copy.deepcopy(irsb.tyenv)
print(irsb2.tyenv)
def test_capstone_x86_syntax():
inst_1 = ArchAMD64(endness=Endness.LE)
nose.tools.assert_is_none(inst_1.capstone_x86_syntax)
inst_1.capstone_x86_syntax = 'intel'
nose.tools.assert_equal(inst_1.capstone_x86_syntax, 'intel')
inst_1.capstone_x86_syntax = 'at&t'
nose.tools.assert_equal(inst_1.capstone_x86_syntax, 'at&t')
def __init__(self, rewriter, stackrz_sz=32, globalrz_sz=64):
self.rewriter = rewriter
self.stackrz_sz = stackrz_sz
self.globalrz_sz = globalrz_sz
self.global_count = 0
# Get the register map
amd64 = ArchAMD64()
self.regmap = defaultdict(lambda: defaultdict(dict))
for reg in amd64.register_list:
if reg.general_purpose:
for subr in reg.subregisters:
base = subr[1]
sz = subr[2] * 8
self.regmap[reg.name][base][sz] = subr[0]
if reg.name in [
"r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15"
]:
self.regmap[reg.name][0][32] = reg.name + "d"
self.regmap[reg.name][0][16] = reg.name + "w"
self.regmap[reg.name][0][8] = reg.name + "b"
if reg.name == "rbp":
self.regmap[reg.name][0][32] = "ebp"
self.regmap[reg.name][0][16] = "bp"
self.regmap[reg.name][0][8] = "bpl"
# Some stats
self.memcheck_sites = defaultdict(list)
# Skip instrumentation: Set of offsets (addresses) to skip memcheck
# instrumentation for.
self.skip_instrument = set()
def test_call_to(self):
self.project.arch = ArchAMD64()
self.project.kb.functions._add_call_to(0x400000, 0x400410, 0x400420,
0x400414)
assert 0x400000 in self.project.kb.functions.keys()
assert 0x400420 in self.project.kb.functions.keys()
def test_irsb_deepCopy():
irsb = pyvex.IRSB(data=b'\x5d\xc3', mem_addr=0, arch=ArchAMD64())
stmts = irsb.statements
irsb2 = copy.deepcopy(irsb)
stmts2 = irsb2.statements
nose.tools.assert_equal(len(stmts), len(stmts2))
def test_call_to():
project = angr.Project(test_location + "/x86_64/fauxware")
project.arch = ArchAMD64()
project.kb.functions._add_call_to(0x400000, 0x400410, 0x400420, 0x400414)
nose.tools.assert_in(0x400000, project.kb.functions.keys())
nose.tools.assert_in(0x400420, project.kb.functions.keys())
def test_call_to():
project = angr.Project(os.path.join(test_location, 'x86_64', 'fauxware'))
project.arch = ArchAMD64()
project.kb.functions._add_call_to(0x400000, 0x400410, 0x400420, 0x400414)
nose.tools.assert_in(0x400000, project.kb.functions.keys())
nose.tools.assert_in(0x400420, project.kb.functions.keys())
def test_irexpr_rdtmp():
m = pyvex.IRExpr.RdTmp.get_instance(123)
nose.tools.assert_equal(m.tag, "Iex_RdTmp")
nose.tools.assert_equal(m.tmp, 123)
irsb = pyvex.IRSB(b'\x90\x5d\xc3', mem_addr=0x0, arch=ArchAMD64())
print("TMP:",irsb.next.tmp)
def test_call_to():
# pylint: disable=unused-argument,no-self-use,attribute-defined-outside-init
class dummy(object):
'''
This is a mock object.
'''
def __init__(self):
self._attrs = {}
def __getattr__(self, item):
if item not in self._attrs:
self._attrs[item] = dummy()
return self._attrs[item]
def find_symbol_name(self, *args, **kwargs):
return 'unknown'
project = dummy()
project.arch = ArchAMD64()
fm = angr.FunctionManager(project, None)
fm.call_to(0x400000, 0x400410, 0x400420, 0x400414)
nose.tools.assert_in(0x400000, fm.functions.keys())
nose.tools.assert_in(0x400420, fm.functions.keys())
def test_call_to(self):
self.project.arch = ArchAMD64()
self.project.kb.functions._add_call_to(0x400000, 0x400410, 0x400420,
0x400414)
nose.tools.assert_in(0x400000, self.project.kb.functions.keys())
nose.tools.assert_in(0x400420, self.project.kb.functions.keys())
def test_irsb_empty():
nose.tools.assert_raises(Exception, pyvex.IRSB)
nose.tools.assert_raises(Exception,
pyvex.IRSB,
data='',
arch=ArchAMD64(),
mem_addr=0)
def test_irexpr_rdtmp():
m = pyvex.IRExpr.RdTmp(123)
nose.tools.assert_equal(m.tag, "Iex_RdTmp")
nose.tools.assert_equal(m.tmp, 123)
m.tmp = 1337
nose.tools.assert_equal(m.tmp, 1337)
nose.tools.assert_raises(Exception, pyvex.IRExpr.RdTmp)
irsb = pyvex.IRSB('\x90\x5d\xc3', mem_addr=0x0, arch=ArchAMD64())
print("TMP:", irsb.next.tmp)
def test_irsb_addStmt():
irsb = pyvex.IRSB(data=b'\x5d\xc3', mem_addr=0, arch=ArchAMD64())
stmts = irsb.statements
irsb2 = copy.deepcopy(irsb)
irsb2.statements = []
nose.tools.assert_equal(len(irsb2.statements), 0)
for n, i in enumerate(stmts):
nose.tools.assert_equal(len(irsb2.statements), n)
irsb2.statements.append(copy.deepcopy(i))
irsb2.pp()
def test_sys_v_abi_compliance():
arch = ArchAMD64()
st = SimState(arch=arch)
cc = DEFAULT_CC[arch.name](arch=arch)
st.regs.sp = -1
# setup callsite with one argument (0x1337), "returning" to 0
cc.setup_callsite(st, 0, [0x1337])
# (rsp+8) must be aligned to 16 as required by System V ABI.
# ref: https://raw.githubusercontent.com/wiki/hjl-tools/x86-psABI/x86-64-psABI-1.0.pdf , page 18t
nose.tools.assert_true(st.solver.is_true(((st.regs.rsp + 8) % 16 == 0)),
'System V ABI calling convention violated!')
def test_keystone_x86_syntax():
inst_1 = ArchAMD64(endness=Endness.LE)
nose.tools.assert_is_none(inst_1.keystone_x86_syntax)
inst_1.keystone_x86_syntax = 'intel'
nose.tools.assert_equal(inst_1.keystone_x86_syntax, 'intel')
inst_1.keystone_x86_syntax = 'at&t'
nose.tools.assert_equal(inst_1.keystone_x86_syntax, 'at&t')
inst_1.keystone_x86_syntax = 'nasm'
nose.tools.assert_equal(inst_1.keystone_x86_syntax, 'nasm')
inst_1.keystone_x86_syntax = 'masm'
nose.tools.assert_equal(inst_1.keystone_x86_syntax, 'masm')
inst_1.keystone_x86_syntax = 'gas'
nose.tools.assert_equal(inst_1.keystone_x86_syntax, 'gas')
inst_1.keystone_x86_syntax = 'radix16'
nose.tools.assert_equal(inst_1.keystone_x86_syntax, 'radix16')
def test_irsb_popret():
irsb = pyvex.IRSB(data=b'\x5d\xc3', mem_addr=0, arch=ArchAMD64())
stmts = irsb.statements
irsb.pp()
nose.tools.assert_greater(len(stmts), 0)
nose.tools.assert_equal(irsb.jumpkind, "Ijk_Ret")
nose.tools.assert_equal(irsb.offsIP, 184)
cursize = len(irsb.tyenv.types)
nose.tools.assert_greater(cursize, 0)
print(irsb.statements[10].data)
print(irsb.statements[10].data.tmp)
print(irsb.tyenv.types[irsb.statements[10].data.tmp])
nose.tools.assert_equal(irsb.tyenv.lookup(irsb.statements[10].data.tmp), 'Ity_I64')
def _init_reg_pool(self):
# Possible extension: add xmm registers into the pool
amd64 = ArchAMD64()
regmap = dict()
for reg in amd64.register_list:
if reg.general_purpose:
regmap[reg.name] = reg
# Remove rip, rsp from regpool
del regmap["rip"]
del regmap["rsp"]
# Add a fake register for rflags
rflags = Register("rflags", 64)
regmap["rflags"] = rflags
return regmap
def test_memory():
try:
import resource
except ImportError:
print(
"Cannot import the resource package. Are you using Windows? Skip test_memory()."
)
return
arches = [ArchX86(), ArchPPC32(endness=Endness.BE), ArchAMD64(), ArchARM()]
# we're not including ArchMIPS32 cause it segfaults sometimes
# disable logging, as that may fill up log buffers somewhere
logging.disable(logging.ERROR)
for _ in range(10000):
try:
s = os.urandom(32)
a = random.choice(arches)
p = pyvex.IRSB(data=s, mem_addr=0, arch=a)
except pyvex.PyVEXError:
pass
kb_start = resource.getrusage(resource.RUSAGE_SELF).ru_maxrss
for _ in range(20000):
try:
s = os.urandom(32)
a = random.choice(arches)
p = pyvex.IRSB(data=s, mem_addr=0, arch=a)
except pyvex.PyVEXError:
pass
del p
gc.collect()
logging.disable(logging.NOTSET)
kb_end = resource.getrusage(resource.RUSAGE_SELF).ru_maxrss
pyvex.pvc.clear_log()
pyvex.pvc.LibVEX_ShowAllocStats()
print(LibVEXLifter.get_vex_log())
# allow a 5mb leeway
nose.tools.assert_less(kb_end - kb_start, 5000)
def test_memory():
arches = [ArchX86(), ArchPPC32(endness=Endness.BE), ArchAMD64(), ArchARM()]
# we're not including ArchMIPS32 cause it segfaults sometimes
# disable logging, as that may fill up log buffers somewhere
logging.disable(logging.ERROR)
for i in xrange(10000):
try:
s = hex(random.randint(2**100, 2**100 * 16))[2:]
a = random.choice(arches)
p = pyvex.IRSB(data=s, mem_addr=0, arch=a)
except pyvex.PyVEXError:
pass
kb_start = resource.getrusage(resource.RUSAGE_SELF).ru_maxrss
for i in xrange(20000):
try:
s = hex(random.randint(2**100, 2**100 * 16))[2:]
a = random.choice(arches)
p = pyvex.IRSB(data=s, mem_addr=0, arch=a)
except pyvex.PyVEXError:
pass
del p
gc.collect()
logging.disable(logging.NOTSET)
kb_end = resource.getrusage(resource.RUSAGE_SELF).ru_maxrss
pyvex.pvc.clear_log()
pyvex.pvc.LibVEX_ShowAllocStats()
print(LibVEXLifter.get_vex_log())
# allow a 5mb leeway
nose.tools.assert_less(kb_end - kb_start, 5000)
def test_arch_amd64_passes():
endness = Endness.BE
ArchAMD64(endness)
def test_irstmt_pp():
irsb = pyvex.IRSB(data=b'\x5d\xc3', mem_addr=0, arch=ArchAMD64())
stmts = irsb.statements
for i in stmts:
print("STMT: ", end=' ')
print(i)
def test_capstone_x86_syntax_fails_2():
inst_1 = ArchAMD64(endness=Endness.LE)
inst_1.capstone_x86_syntax = 'int'
assert inst_1.capstone_x86_syntax
def test_arch_amd64():
endness = Endness.LE
assert ArchAMD64(endness)
def test_keystone_x86_syntax_fails_4():
inst_1 = ArchAMD64(endness=Endness.LE)
inst_1.keystone_x86_syntax = 'ma'
assert inst_1.keystone_x86_syntax