def emulate_decoding_routine(vw, function_index, function, context): ''' Emulate a function with a given context and extract the CPU and memory contexts at interesting points during emulation. These "interesting points" include calls to other functions and the final state. Emulation terminates if the CPU executes an unexpected region of memory, or the function returns. Implementation note: currently limits emulation to 20,000 instructions. This prevents unexpected infinite loops. This number is taken from emulating the decoding of "Hello world" using RC4. :param vw: The vivisect workspace in which the function is defined. :type function_index: viv_utils.FunctionIndex :type function: int :param function: The address of the function to emulate. :type context: funtion_argument_getter.FunctionContext :param context: The initial state of the CPU and memory prior to the function being called. :rtype: Sequence[decoding_manager.Delta] ''' emu = makeEmulator(vw) emu.setEmuSnap(context.emu_snap) floss_logger.debug("Emulating function at 0x%08X called at 0x%08X, return address: 0x%08X", function, context.decoded_at_va, context.return_address) deltas = decoding_manager.emulate_function( emu, function_index, function, context.return_address, 20000) return deltas
def emulate_decoding_routine(vw, function_index, function, context, max_instruction_count): ''' Emulate a function with a given context and extract the CPU and memory contexts at interesting points during emulation. These "interesting points" include calls to other functions and the final state. Emulation terminates if the CPU executes an unexpected region of memory, or the function returns. Implementation note: currently limits emulation to 20,000 instructions. This prevents unexpected infinite loops. This number is taken from emulating the decoding of "Hello world" using RC4. :param vw: The vivisect workspace in which the function is defined. :type function_index: viv_utils.FunctionIndex :type function: int :param function: The address of the function to emulate. :type context: funtion_argument_getter.FunctionContext :param context: The initial state of the CPU and memory prior to the function being called. :type max_instruction_count: int :param max_instruction_count: The maximum number of instructions to emulate per function. :rtype: Sequence[decoding_manager.Delta] ''' emu = makeEmulator(vw) emu.setEmuSnap(context.emu_snap) floss_logger.debug("Emulating function at 0x%08X called at 0x%08X, return address: 0x%08X", function, context.decoded_at_va, context.return_address) deltas = decoding_manager.emulate_function( emu, function_index, function, context.return_address, max_instruction_count) return deltas