Example #1
0
    def detectFuncParameters(self, reil_code, memaccess, callstack, inputs,
                             counter):

        ins = reil_code[-1]

        assert (ins.isCall() and ins.called_function <> None)

        # first we locate the stack pointer to know where the parameters are located
        esp_op = RegOp("esp", "DWORD")
        (val, ptbase) = getTypedValue(reil_code, callstack, memaccess, esp_op,
                                      Type("Ptr32", None))

        #ptbase = getType(reil_code, callstack, memaccess, esp_op, Type("Ptr32", None))

        # we reset the path
        #reil_code.reverse()
        #reil_code.reset()

        #val = getValueFromCode(reil_code, callstack, inputs, memaccess, esp_op)
        #ptbase.addTag("offset", val)

        #if str(ptbase) == "Ptr32":
        #  print "Unable to detect arguments for", ins.called_function
        #  return

        func_cons = funcs.get(ins.called_function, Function)
        func = func_cons(pbase=(ptbase, val))
        #assert(0)
        parameters = []

        for (par_pt, memop, needed) in func.getParameterLocations():
            if needed:

                reil_code.reverse()
                reil_code.reset()

                (val, pt) = getTypedValue(reil_code, callstack, memaccess,
                                          memop, par_pt)

                #pt = getType(reil_code, callstack, memaccess, memop, par_pt)

                #reil_code.reverse()
                #reil_code.reset()

                #val = getValueFromCode(reil_code, callstack, inputs, memaccess, memop)
                #print  "parameter of",ins.called_function, "at", str(location) , "has value:", val.name
                parameters.append((memop, pt, val))
            else:
                parameters.append((None, None, None))

        if parameters <> []:
            self.parameters[counter] = self.__getParameters__(ins, parameters)
Example #2
0
  def detectFuncParameters(self, reil_code, memaccess, callstack, inputs, counter):
    
    ins = reil_code[-1]
    
    assert(ins.isCall() and ins.called_function <> None)
    
    # first we locate the stack pointer to know where the parameters are located
    esp_op = RegOp("esp","DWORD")
    (val,ptbase) = getTypedValue(reil_code, callstack, memaccess, esp_op, Type("Ptr32", None))
 
    #ptbase = getType(reil_code, callstack, memaccess, esp_op, Type("Ptr32", None)) 
    
    # we reset the path
    #reil_code.reverse()
    #reil_code.reset()
    
    #val = getValueFromCode(reil_code, callstack, inputs, memaccess, esp_op)
    #ptbase.addTag("offset", val)
    
    #if str(ptbase) == "Ptr32":
    #  print "Unable to detect arguments for", ins.called_function
    #  return
    
    func_cons = funcs.get(ins.called_function, Function)
    func = func_cons(pbase = (ptbase, val))
    #assert(0)
    parameters = []
    
    for (par_pt, memop, needed) in func.getParameterLocations():
      if needed:
      
        reil_code.reverse()
        reil_code.reset()
        
        (val,pt) = getTypedValue(reil_code, callstack, memaccess, memop, par_pt)

        #pt = getType(reil_code, callstack, memaccess, memop, par_pt)
        
        #reil_code.reverse()
        #reil_code.reset()
        
        #val = getValueFromCode(reil_code, callstack, inputs, memaccess, memop)
        #print  "parameter of",ins.called_function, "at", str(location) , "has value:", val.name
        parameters.append((memop, pt, val))
      else:
        parameters.append((None, None, None))
    
    if parameters <> []:
      self.parameters[counter] = self.__getParameters__(ins, parameters)
Example #3
0
 def detectMemAccess(self, reil_code, callstack, inputs, counter):
   #print reil_code.first, reil_code.last
   ins = reil_code[-1]
   
   assert(ins.isReadWrite()) 
   addr_op = ins.getMemReg()
   #pt = getType(reil_code, callstack, self, addr_op, Type("Ptr32", None)) 
   
   #if str(pt) == "Ptr32":
   #  pt = Type("GPtr32", None)
   #  pt.addTag("source.name","0x00000000")
   #  pt.addTag("source.index",0)
   
   # we reset the path
   #reil_code.reverse()
   #reil_code.reset()
   
   (val,pt) = getTypedValue(reil_code, callstack, self, addr_op, Type("Ptr32", None))
   
   self.access[counter] = self.__mkMemAccess__(ins, pt, val)
Example #4
0
    def detectMemAccess(self, reil_code, callstack, inputs, counter):
        #print reil_code.first, reil_code.last
        ins = reil_code[-1]

        assert (ins.isReadWrite())
        addr_op = ins.getMemReg()
        #pt = getType(reil_code, callstack, self, addr_op, Type("Ptr32", None))

        #if str(pt) == "Ptr32":
        #  pt = Type("GPtr32", None)
        #  pt.addTag("source.name","0x00000000")
        #  pt.addTag("source.index",0)

        # we reset the path
        #reil_code.reverse()
        #reil_code.reset()

        (val, pt) = getTypedValue(reil_code, callstack, self, addr_op,
                                  Type("Ptr32", None))

        self.access[counter] = self.__mkMemAccess__(ins, pt, val)