def section_collect(self):
"""
Load sections information
"""
def secmapper(l):
items = l.split()
return Types.Section(items[0], int(items[1], 16),
int(items[3], 16))
lines = read_file('sections.info')
self.sec = map(secmapper, lines)[::-1]
self.text_mem_addrs = map(str.strip, read_file('text_mem.info'))
def set_datas(self, funcs):
"""
Load data values and perform analysis
:param funcs: function list
"""
self.section_collect()
self.data_collect()
self.locations = self.label_locate()
self.label_set = set(map(lambda e: e[1], self.label))
self.label_arr = sorted(self.label_set)
fl = sorted(funcs,
cmp=lambda f1, f2: f1.func_begin_addr - f2.func_begin_addr)
self.fl_sort = map(
lambda f: ft(f.func_name, f.func_begin_addr, f.func_end_addr), fl)
self.text_mem_addrs = map(lambda a: int(a.strip().rstrip(':'), 16),
read_file('text_mem.info'))
self.text_mem_arr = self.text_mem_addrs
self.label_mem_arr = sorted(self.label_mem_addrs)
self.set_assumption_flag()
self.set_excluded_ranges()
self.begin_addrs = map(lambda f: f.func_begin_addr, funcs)
if ELF_utils.elf_32(): self.data_refer_solve()
else: self.data_refer_solve_64()
def plt_sec_collect(self):
"""
Load .plt information
"""
lines = read_file('plt_sec.info')
for l in lines:
items = l.split()
self.plt_sec = (int(items[1], 16), int(items[3], 16))
def global_bss():
"""
Load external bss variable information
"""
lines = read_file('globalbss.info')
def mapper(l):
items = l.strip().split()
return (items[0][1:].upper(), items[1])
return map(mapper, lines)
def plt_collect(self):
"""
Load extenal functions information
"""
lines = read_file('plts.info')
for l in lines:
items = l.split()
addr = int(items[0][1:], 16)
name = items[1].split('@')[0][1:]
self.plt_hash[addr] = name
def get_funcs(self):
"""
Evalute function info and return updated function list
"""
self.func_begins = map(lambda a: int(a, 16), read_file('faddr.txt'))
self.func_begins += [
f.func_begin_addr for f in self.funcs if f.func_begin_addr != 0
]
self.build_func_info()
fl = self.get_func_list()
print ' Sliced', len(self.func_begins), 'functions'
return fl
def disassemble(filepath, funcs, secs):
"""
Read disassemble dump, parse instrctions and reconstruct symbolic information
:param filepath: path to target executable
:param funcs: list of functions
:param secs: list of sections
:return: instruction list, updated function list, symbol reconstruction object
"""
ailpar = AilParser()
re = reassemble()
dis_valid = dis_validator()
il = []
fl = []
total = 0.0
cond = False
while not cond and total < 600.0:
once = TR.get_utime()
ailpar.set_funcs(funcs)
ailpar.set_secs(secs)
ailpar.processInstrs(read_file('instrs.info'))
fl = ailpar.get_funcs()
il = re.visit_heuristic_analysis(ailpar.get_instrs())
il = re.lib32_processing(il, fl)
il = re.add_func_label(Disam.get_userfuncs(fl), il)
print colored('2: DISASSEMBLY VALIDATION', 'green')
dis_valid.visit(il)
adjust_list = dis_valid.trim_results()
if len(adjust_list) != 0:
print ' disassembly error found!'
if config.arch == config.ARCH_ARMT: exit('Not implemented')
Disam.disasm_skip(filepath, adjust_list[0][0],
adjust_list[0][1])
total += TR.elapsed(once)
else:
cond = True
return (il, fl, re)