def __init__(self, func, expr_index, as_ast=True, instr_index=None): instr = core.BNGetHighLevelILByIndex(func.handle, expr_index, as_ast) self._function = func self._expr_index = expr_index if instr_index is None: self._instr_index = core.BNGetHighLevelILInstructionForExpr( func.handle, expr_index) else: self._instr_index = instr_index self._operation = HighLevelILOperation(instr.operation) self._size = instr.size self._address = instr.address self._source_operand = instr.sourceOperand self._parent = instr.parent self._as_ast = as_ast operands = HighLevelILInstruction.ILOperations[instr.operation] self._operands = [] i = 0 for operand in operands: name, operand_type = operand if operand_type == "int": value = instr.operands[i] value = (value & ((1 << 63) - 1)) - (value & (1 << 63)) elif operand_type == "float": if instr.size == 4: value = struct.unpack( "f", struct.pack("I", instr.operands[i] & 0xffffffff))[0] elif instr.size == 8: value = struct.unpack("d", struct.pack("Q", instr.operands[i]))[0] else: value = instr.operands[i] elif operand_type == "expr": value = HighLevelILInstruction(func, instr.operands[i], self._as_ast) elif operand_type == "intrinsic": value = lowlevelil.ILIntrinsic(func.arch, instr.operands[i]) elif operand_type == "var": value = function.Variable.from_identifier( self._function.source_function, instr.operands[i]) elif operand_type == "var_ssa": var = function.Variable.from_identifier( self._function.source_function, instr.operands[i]) version = instr.operands[i + 1] i += 1 value = mediumlevelil.SSAVariable(var, version) elif operand_type == "int_list": count = ctypes.c_ulonglong() operand_list = core.BNHighLevelILGetOperandList( func.handle, self._expr_index, i, count) value = [] for j in range(count.value): value.append(operand_list[j]) core.BNHighLevelILFreeOperandList(operand_list) elif operand_type == "expr_list": count = ctypes.c_ulonglong() operand_list = core.BNHighLevelILGetOperandList( func.handle, self._expr_index, i, count) i += 1 value = [] for j in range(count.value): value.append( HighLevelILInstruction(func, operand_list[j], self._as_ast)) core.BNHighLevelILFreeOperandList(operand_list) elif operand_type == "var_ssa_list": count = ctypes.c_ulonglong() operand_list = core.BNHighLevelILGetOperandList( func.handle, self._expr_index, i, count) i += 1 value = [] for j in range(count.value // 2): var_id = operand_list[j * 2] var_version = operand_list[(j * 2) + 1] value.append( mediumlevelil.SSAVariable( function.Variable.from_identifier( self._function.source_function, var_id), var_version)) core.BNHighLevelILFreeOperandList(operand_list) elif operand_type == "member_index": value = instr.operands[i] if (value & (1 << 63)) != 0: value = None elif operand_type == "label": value = GotoLabel(self.function, instr.operands[i]) self._operands.append(value) self.__dict__[name] = value i += 1
def __init__(self, func, expr_index, instr_index=None): instr = core.BNGetMediumLevelILByIndex(func.handle, expr_index) self.function = func self.expr_index = expr_index if instr_index is None: self.instr_index = core.BNGetMediumLevelILInstructionForExpr(func.handle, expr_index) else: self.instr_index = instr_index self.operation = MediumLevelILOperation(instr.operation) self.size = instr.size self.address = instr.address self.source_operand = instr.sourceOperand operands = MediumLevelILInstruction.ILOperations[instr.operation] self.operands = [] i = 0 for operand in operands: name, operand_type = operand if operand_type == "int": value = instr.operands[i] value = (value & ((1 << 63) - 1)) - (value & (1 << 63)) elif operand_type == "float": if instr.size == 4: value = struct.unpack("f", struct.pack("I", instr.operands[i] & 0xffffffff))[0] elif instr.size == 8: value = struct.unpack("d", struct.pack("Q", instr.operands[i]))[0] else: value = instr.operands[i] elif operand_type == "expr": value = MediumLevelILInstruction(func, instr.operands[i]) elif operand_type == "intrinsic": value = lowlevelil.ILIntrinsic(func.arch, instr.operands[i]) elif operand_type == "var": value = function.Variable.from_identifier(self.function.source_function, instr.operands[i]) elif operand_type == "var_ssa": var = function.Variable.from_identifier(self.function.source_function, instr.operands[i]) version = instr.operands[i + 1] i += 1 value = SSAVariable(var, version) elif operand_type == "var_ssa_dest_and_src": var = function.Variable.from_identifier(self.function.source_function, instr.operands[i]) dest_version = instr.operands[i + 1] src_version = instr.operands[i + 2] i += 2 self.operands.append(SSAVariable(var, dest_version)) self.dest = SSAVariable(var, dest_version) value = SSAVariable(var, src_version) elif operand_type == "int_list": count = ctypes.c_ulonglong() operand_list = core.BNMediumLevelILGetOperandList(func.handle, self.expr_index, i, count) value = [] for j in range(count.value): value.append(operand_list[j]) core.BNMediumLevelILFreeOperandList(operand_list) elif operand_type == "var_list": count = ctypes.c_ulonglong() operand_list = core.BNMediumLevelILGetOperandList(func.handle, self.expr_index, i, count) i += 1 value = [] for j in range(count.value): value.append(function.Variable.from_identifier(self.function.source_function, operand_list[j])) core.BNMediumLevelILFreeOperandList(operand_list) elif operand_type == "var_ssa_list": count = ctypes.c_ulonglong() operand_list = core.BNMediumLevelILGetOperandList(func.handle, self.expr_index, i, count) i += 1 value = [] for j in range(count.value // 2): var_id = operand_list[j * 2] var_version = operand_list[(j * 2) + 1] value.append(SSAVariable(function.Variable.from_identifier(self.function.source_function, var_id), var_version)) core.BNMediumLevelILFreeOperandList(operand_list) elif operand_type == "expr_list": count = ctypes.c_ulonglong() operand_list = core.BNMediumLevelILGetOperandList(func.handle, self.expr_index, i, count) i += 1 value = [] for j in range(count.value): value.append(MediumLevelILInstruction(func, operand_list[j])) core.BNMediumLevelILFreeOperandList(operand_list) self.operands.append(value) self.__dict__[name] = value i += 1