dst, src = op.operands
op_1 = state.read_value(dst)
op_2 = state.read_value(src)
if isinstance(op_1, Immediate) and isinstance(op_2, Immediate):
val = Immediate(op_1.value & op_2.value)
else:
val = Unknown()
new_state.store_value(dst, val)
return new_state
if __name__ == '__main__':
import sys
if len(sys.argv) != 2:
print('Usage: {} <file>'.format(sys.argv[0]))
sys.exit()
e = ELF(sys.argv[1])
main_addr = e.symbols['main']
cfg = CFG(e, main_addr)
start = MachineState()
start.regs[X86_REG_RSP] = StackPointer(0)
vars = ConstantAnalysis(cfg, entry_state=start)
for op_addr in sorted(cfg.ops):
op = cfg.ops[op_addr]
print('{:120s} -- {}'.format(vars.before_states[op], op_str(op)))
def show_state(self, op, state):
print('{}: esp = {}'.format(op_str(op), hex(state[0][0])))
def show_state(self, op, state):
print('{}: {}'.format(op_str(op), state))
if len(stack) != 0:
ebp = stack[0]
stack = stack[1:]
else:
ebp = lattice.top
if op.id == X86_INS_PUSH and op.operands[
0].type == X86_OP_REG and op.operands[0].reg == X86_REG_RBP:
stack = (ebp, ) + stack
return ((flow_esp(esp), ebp), stack)
def show_state(self, op, state):
print('{}: esp = {}'.format(op_str(op), hex(state[0][0])))
if __name__ == '__main__':
import sys
if len(sys.argv) != 2:
print('Usage: {} <file>'.format(sys.argv[0]))
sys.exit()
e = ELF(sys.argv[1])
main_addr = e.symbols['main']
cfg = CFG(e, main_addr)
esp = EspAnalysis(cfg, entry_state=0)
for op_addr in sorted(cfg.ops):
op = cfg.ops[op_addr]
print('{} -- esp = {}'.format(op_str(op), esp.before_states[op]))