def test_state_hook(self):
initial_state = State(ConstraintSet(), FakePlatform())
def fake_hook(_: StateBase) -> None:
return None
self.assertTrue(len(initial_state._hooks) == 0)
self.assertTrue(len(initial_state._after_hooks) == 0)
# This hook should be propagated to child state
initial_state.add_hook(0x4000, fake_hook, after=False)
self.assertTrue(len(initial_state._hooks) == 1)
self.assertTrue(len(initial_state._after_hooks) == 0)
with initial_state as new_state:
# Child state has parent's hook
self.assertTrue(len(new_state._hooks) == 1)
self.assertTrue(len(new_state._after_hooks) == 0)
# Try adding the same hook
new_state.add_hook(0x4000, fake_hook, after=False)
# Should not add again
self.assertTrue(len(new_state._hooks) == 1)
# Add two hooks for after and before instruction
new_state.add_hook(0x4001, fake_hook, after=True)
new_state.add_hook(0x4001, fake_hook, after=False)
# A new hook added to both lists
self.assertTrue(len(new_state._hooks) == 2)
self.assertTrue(len(new_state._after_hooks) == 1)
# Ensure parent state was not affected
self.assertTrue(len(initial_state._hooks) == 1)
self.assertTrue(len(initial_state._after_hooks) == 0)
# Remove one of the hooks we added
new_state.remove_hook(0x4000, fake_hook, after=False)
# Try to remove a non-existent hook
self.assertFalse(
new_state.remove_hook(0x4000, fake_hook, after=True))
# Ensure removal
self.assertTrue(len(new_state._hooks) == 1)
self.assertTrue(len(new_state._after_hooks) == 1)
# Ensure parent state wasn't affected
self.assertTrue(len(initial_state._hooks) == 1)
self.assertTrue(len(initial_state._after_hooks) == 0)
# Add hook to all PC in our parent state
initial_state.add_hook(None, fake_hook, after=True)
# Ensure only the hooks we added are still here
self.assertTrue(len(initial_state._hooks) == 1)
self.assertTrue(len(initial_state._after_hooks) == 1)
def process_hook(state: State) -> None:
# We can't remove because the globally applied hooks are stored in
# the Manticore class, not State
self.assertFalse(state.remove_hook(0x400610, process_hook, after=True))
# We can remove this one because it was applied specifically to this
# State (or its parent)
self.assertTrue(state.remove_hook(None, do_nothing, after=True))
state.add_hook(None, do_nothing, after=False)
state.add_hook(None, do_nothing, after=True)
state.add_hook(0x400647, fin, after=True)
state.add_hook(0x400647, fin, after=False)
def process_hook(state: State) -> None:
# We can't remove because the globally applied hooks are stored in
# the Manticore class, not State
self.assertFalse(
state.remove_hook(12, process_hook, after=True, syscall=True))
# We can remove this one because it was applied specifically to this
# State (or its parent)
self.assertTrue(
state.remove_hook(None, do_nothing, after=True, syscall=True))
state.add_hook(None, do_nothing, after=False, syscall=True)
state.add_hook(None, do_nothing, after=True, syscall=True)
# Should execute directly after sys_brk invocation
state.add_hook("sys_brk", fin, after=True, syscall=True)
