def populate(self, known_instrs):
        addr = self.entry
        while True:
            known_instrs[addr] = self

            if self.exe.architecture() == "x86":
                opcode = self.exe.read(addr, 15)
                result = X86.disassemble32(opcode, addr)
                opcode = opcode[0:result.length]
                instr = X86Instruction(opcode, addr, result, 4)
                arch = X86
            elif self.exe.architecture() == "x86_64":
                opcode = self.exe.read(addr, 15)
                result = X86.disassemble64(opcode, addr)
                opcode = opcode[0:result.length]
                instr = X86Instruction(opcode, addr, result, 8)
                arch = X86
            elif self.exe.architecture() == "ppc":
                opcode = self.exe.read(addr, 4)
                if len(opcode) == 4:
                    result = PPC.disassemble(struct.unpack(">I", opcode)[0], addr)
                    instr = PPCInstruction(opcode, addr, result)
                else:
                    instr = PPCInstruction("", addr, PPC.Instruction())
                arch = PPC
            elif self.exe.architecture() == "arm":
                opcode = self.exe.read(addr & (~1), 4)
                if len(opcode) == 4:
                    result = Arm.disassemble(struct.unpack("<I", opcode)[0], addr)
                    instr = ArmInstruction(opcode, addr, result)
                else:
                    instr = ArmInstruction("", addr, Arm.Instruction())
                arch = Arm
            else:
                break

            self.instrs += [instr]
            instr.format_text(self, self.analysis.options)
            if not instr.isValid():
                break

            if instr.isBlockEnding():
                if instr.isConditionalBranch():
                    self.true_path = instr.target
                    self.false_path = addr + instr.length()
                    self.exits += [self.true_path, self.false_path]
                elif instr.target != None:
                    self.exits += [instr.target]
                break

            addr += instr.length()
            if addr in known_instrs:
                self.exits += [addr]
                break
Example #2
0
    def populate(self, known_instrs):
        addr = self.entry
        while True:
            known_instrs[addr] = self

            if self.exe.architecture() == "x86":
                opcode = self.exe.read(addr, 15)
                result = X86.disassemble32(opcode, addr)
                opcode = opcode[0:result.length]
                instr = X86Instruction(opcode, addr, result, 4)
                arch = X86
            elif self.exe.architecture() == "x86_64":
                opcode = self.exe.read(addr, 15)
                result = X86.disassemble64(opcode, addr)
                opcode = opcode[0:result.length]
                instr = X86Instruction(opcode, addr, result, 8)
                arch = X86
            elif self.exe.architecture() == "ppc":
                opcode = self.exe.read(addr, 4)
                if len(opcode) == 4:
                    result = PPC.disassemble(
                        struct.unpack(">I", opcode)[0], addr)
                    instr = PPCInstruction(opcode, addr, result)
                else:
                    instr = PPCInstruction("", addr, PPC.Instruction())
                arch = PPC
            elif self.exe.architecture() == "arm":
                opcode = self.exe.read(addr & (~1), 4)
                if len(opcode) == 4:
                    result = Arm.disassemble(
                        struct.unpack("<I", opcode)[0], addr)
                    instr = ArmInstruction(opcode, addr, result)
                else:
                    instr = ArmInstruction("", addr, Arm.Instruction())
                arch = Arm
            else:
                break

            self.instrs += [instr]
            instr.format_text(self, self.analysis.options)
            if not instr.isValid():
                break

            if instr.isBlockEnding():
                if instr.isConditionalBranch():
                    self.true_path = instr.target
                    self.false_path = addr + instr.length()
                    self.exits += [self.true_path, self.false_path]
                elif instr.target != None:
                    self.exits += [instr.target]
                break

            addr += instr.length()
            if addr in known_instrs:
                self.exits += [addr]
                break