Python make_local_memory_handler Exemples

Exemple #1

 def is_address_local(self, obj, structType=None):
     """
     Costly , checks if obj is mapped to local memory space.
     Returns the memory mapping if found.
     False, otherwise.
     """
     addr = self.get_pointee_address(obj)
     log.debug('get_pointee_address returned %x', addr)
     if addr == 0:
         return False
     # maintain a cache to improve performance.
     # if not found in cache, try to reload local process memory space.
     # the pointer memory space could have been allocated recently.
     # the calling function is most certainly going to fail anyway
     if self.__local_process_memory_handler is not None:
         ret = self.__local_process_memory_handler.is_valid_address(
             obj, structType)
         if ret:
             return ret
     # loading dependencies
     from haystack.mappings.process import make_local_memory_handler
     memory_handler = make_local_memory_handler()
     self.__local_process_memory_handler = memory_handler
     return self.__local_process_memory_handler.is_valid_address(
         obj, structType)

Exemple #2

Fichier : test_base.py Projet : awesome-security/python-haystack

    def test_mmap_hack32(self):
        my_target = target.TargetPlatform.make_target_linux_32()
        my_ctypes = my_target.get_target_ctypes()
        my_utils = my_target.get_target_ctypes_utils()

        real_ctypes_long = my_ctypes.get_real_ctypes_member('c_ulong')
        fname = os.path.normpath(os.path.abspath(__file__))
        fin = open(fname, 'rb')
        local_mmap_bytebuffer = mmap.mmap(fin.fileno(),
                                          1024,
                                          access=mmap.ACCESS_READ)
        # yeap, that right, I'm stealing the pointer value. DEAL WITH IT.
        heapmap = struct.unpack(
            'L',
            real_ctypes_long.from_address(
                id(local_mmap_bytebuffer) + 2 *
                (my_ctypes.sizeof(real_ctypes_long))))[0]
        log.debug('MMAP HACK: heapmap: 0x%0.8x', heapmap)
        maps = make_local_memory_handler(force=True)
        # print 'MMAP HACK: heapmap: 0x%0.8x' % heapmap
        # for m in maps:
        #    print m
        ret = [m for m in maps if heapmap in m]
        # heapmap is a pointer value in local memory
        self.assertEqual(len(ret), 1)
        # heapmap is a pointer value to this executable?
        self.assertEqual(ret[0].pathname, fname)
        self.assertIn('CTypesProxy-4:4:12', str(my_ctypes))
        fin.close()
        fin = None

Exemple #3

Fichier : test_base.py Projet : cy-fir/python-haystack

    def test_mmap_hack32(self):
        my_target = target.TargetPlatform.make_target_linux_32()
        my_ctypes = my_target.get_target_ctypes()
        my_utils = my_target.get_target_ctypes_utils()

        real_ctypes_long = my_ctypes.get_real_ctypes_member('c_ulong')
        fname = os.path.normpath(os.path.abspath(__file__))
        fin = file(fname)
        local_mmap_bytebuffer = mmap.mmap(fin.fileno(), 1024, access=mmap.ACCESS_READ)
        # yeap, that right, I'm stealing the pointer value. DEAL WITH IT.
        heapmap = struct.unpack('L', real_ctypes_long.from_address(id(local_mmap_bytebuffer) +
                                                                     2 * (my_ctypes.sizeof(real_ctypes_long))))[0]
        log.debug('MMAP HACK: heapmap: 0x%0.8x', heapmap)
        maps = make_local_memory_handler(force=True)
        # print 'MMAP HACK: heapmap: 0x%0.8x' % heapmap
        # for m in maps:
        #    print m
        ret = [m for m in maps if heapmap in m]
        # heapmap is a pointer value in local memory
        self.assertEquals(len(ret), 1)
        # heapmap is a pointer value to this executable?
        self.assertEquals(ret[0].pathname, fname)
        self.assertIn('CTypesProxy-4:4:12', str(my_ctypes))
        fin.close()
        fin = None

Exemple #4

Fichier : test_utils.py Projet : cy-fir/python-haystack

    def test_is_address_local(self):
        my_target = target.TargetPlatform.make_target_platform_local()
        my_ctypes = my_target.get_target_ctypes()
        my_utils = my_target.get_target_ctypes_utils()
        ctypes5_gen64 = haystack.model.import_module_for_target_ctypes("test.src.ctypes5_gen64", my_ctypes)
        # kinda chicken and egg here...

        # one call
        mappings = make_local_memory_handler()
        m = mappings.get_mappings()[0]

        # struct a - basic types
        s = ctypes.sizeof(ctypes5_gen64.struct_a)

        a = ctypes5_gen64.struct_a.from_address(m.start)
        pa = my_ctypes.c_void_p(m.start)
        ptr_a = my_ctypes.POINTER(ctypes5_gen64.struct_a)(a)

        b = ctypes5_gen64.struct_a.from_address(m.end - s)
        pb = my_ctypes.c_void_p(m.end - s)
        ptr_b = my_ctypes.POINTER(ctypes5_gen64.struct_a)(b)

        c = ctypes5_gen64.struct_a.from_address(m.end - 1)
        pc = my_ctypes.c_void_p(m.end - 1)
        ptr_c = my_ctypes.POINTER(ctypes5_gen64.struct_a)(c)

        self.assertTrue(my_utils.is_address_local(pa, structType=None))
        self.assertTrue(
            my_utils.is_address_local(
                pa,
                structType=ctypes5_gen64.struct_a))
        self.assertTrue(my_utils.is_address_local(ptr_a, structType=None))
        self.assertTrue(
            my_utils.is_address_local(
                ptr_a,
                structType=ctypes5_gen64.struct_a))

        self.assertTrue(my_utils.is_address_local(pb, structType=None))
        self.assertTrue(
            my_utils.is_address_local(
                pb,
                structType=ctypes5_gen64.struct_a))
        self.assertTrue(my_utils.is_address_local(ptr_b, structType=None))
        self.assertTrue(
            my_utils.is_address_local(
                ptr_b,
                structType=ctypes5_gen64.struct_a))

        self.assertTrue(my_utils.is_address_local(pc, structType=None))
        self.assertFalse(
            my_utils.is_address_local(
                pc,
                structType=ctypes5_gen64.struct_a))
        self.assertTrue(my_utils.is_address_local(ptr_c, structType=None))
        self.assertFalse(
            my_utils.is_address_local(
                ptr_c,
                structType=ctypes5_gen64.struct_a))

Exemple #5

    def test_is_address_local(self):
        my_target = target.TargetPlatform.make_target_platform_local()
        my_ctypes = my_target.get_target_ctypes()
        my_utils = my_target.get_target_ctypes_utils()
        ctypes5_gen64 = haystack.model.import_module_for_target_ctypes(
            "test.src.ctypes5_gen64", my_ctypes)
        # kinda chicken and egg here...

        # one call
        mappings = make_local_memory_handler()
        m = mappings.get_mappings()[0]

        # struct a - basic types
        s = ctypes.sizeof(ctypes5_gen64.struct_a)

        a = ctypes5_gen64.struct_a.from_address(m.start)
        pa = my_ctypes.c_void_p(m.start)
        ptr_a = my_ctypes.POINTER(ctypes5_gen64.struct_a)(a)

        b = ctypes5_gen64.struct_a.from_address(m.end - s)
        pb = my_ctypes.c_void_p(m.end - s)
        ptr_b = my_ctypes.POINTER(ctypes5_gen64.struct_a)(b)

        c = ctypes5_gen64.struct_a.from_address(m.end - 1)
        pc = my_ctypes.c_void_p(m.end - 1)
        ptr_c = my_ctypes.POINTER(ctypes5_gen64.struct_a)(c)

        self.assertTrue(my_utils.is_address_local(pa, structType=None))
        self.assertTrue(
            my_utils.is_address_local(pa, structType=ctypes5_gen64.struct_a))
        self.assertTrue(my_utils.is_address_local(ptr_a, structType=None))
        self.assertTrue(
            my_utils.is_address_local(ptr_a,
                                      structType=ctypes5_gen64.struct_a))

        self.assertTrue(my_utils.is_address_local(pb, structType=None))
        self.assertTrue(
            my_utils.is_address_local(pb, structType=ctypes5_gen64.struct_a))
        self.assertTrue(my_utils.is_address_local(ptr_b, structType=None))
        self.assertTrue(
            my_utils.is_address_local(ptr_b,
                                      structType=ctypes5_gen64.struct_a))

        self.assertTrue(my_utils.is_address_local(pc, structType=None))
        self.assertFalse(
            my_utils.is_address_local(pc, structType=ctypes5_gen64.struct_a))
        self.assertTrue(my_utils.is_address_local(ptr_c, structType=None))
        self.assertFalse(
            my_utils.is_address_local(ptr_c,
                                      structType=ctypes5_gen64.struct_a))

Exemple #6

Fichier : utils.py Projet : trolldbois/python-haystack

 def is_address_local(self, obj, structType=None):
     """
     Costly , checks if obj is mapped to local memory space.
     Returns the memory mapping if found.
     False, otherwise.
     """
     addr = self.get_pointee_address(obj)
     log.debug('get_pointee_address returned %x',addr)
     if addr == 0:
         return False
     # maintain a cache to improve performance.
     # if not found in cache, try to reload local process memory space.
     # the pointer memory space could have been allocated recently.
     # the calling function is most certainly going to fail anyway
     if self.__local_process_memory_handler is not None:
         ret = self.__local_process_memory_handler.is_valid_address(obj, structType)
         if ret:
             return ret
     # loading dependencies
     from haystack.mappings.process import make_local_memory_handler
     memory_handler = make_local_memory_handler()
     self.__local_process_memory_handler = memory_handler
     return self.__local_process_memory_handler.is_valid_address(obj, structType)

Exemple #7

Fichier : test_model.py Projet : cy-fir/python-haystack

 def setUpClass(cls):
     cls.memory_handler = process.make_local_memory_handler()
     cls.my_target = cls.memory_handler.get_target_platform()
     cls.my_model = model.Model(cls.my_target.get_target_ctypes())