def set_ranges(self, ranges):
self.setRowCount(0)
i = 0
for range in ranges:
self.insertRow(i)
q = MemoryAddressWidget(range['base'])
q.set_size(range['size'])
self.setItem(i, 0, q)
q = NotEditableTableWidgetItem(str(range['size']))
q.setFlags(Qt.NoItemFlags)
self.setItem(i, 1, q)
q = NotEditableTableWidgetItem(range['protection'])
q.setFlags(Qt.NoItemFlags)
q.setTextAlignment(Qt.AlignCenter)
self.setItem(i, 2, q)
if 'file' in range:
q = NotEditableTableWidgetItem(range['file']['path'])
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.lightGray)
self.setItem(i, 3, q)
else:
self.setItem(i, 3, NotEditableTableWidgetItem(''))
i += 1
self.resizeRowsToContents()
self.horizontalHeader().setStretchLastSection(True)
self.sortByColumn(0, 0)
def _add_mem_address_item_if_needed(self, row):
if not isinstance(self.memory_panel.item(row, 0), MemoryAddressWidget):
address = self.memory_panel.range.base + (row * 16)
q = MemoryAddressWidget(hex(address))
q.set_address(address)
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.red)
self.memory_panel.setItem(row, 0, q)
col = 0
offset = address - self.memory_panel.range.base
while col < 16:
q = ByteWidget()
if offset + col >= self.memory_panel.range.size:
break
try:
q.set_value(self.memory_panel.range.data[offset + col])
except:
self.work = False
break
q.set_ptr(address + col)
q.set_offset(offset + col)
self.memory_panel.setItem(row, col + 1, q)
col += 1
tail = offset + 16
if tail > self.memory_panel.range.tail:
tail = self.memory_panel.range.tail
t = ''
for byte in self.memory_panel.range.data[offset:tail]:
if not PY3K:
byte = ord(byte)
if 0x20 <= byte <= 0x7E:
t += chr(byte)
else:
t += '.'
q = NotEditableTableWidgetItem(t)
q.setFlags(Qt.NoItemFlags)
q.setForeground(Qt.darkYellow)
self.memory_panel.setItem(row, 17, q)
def disasm(self, _range=None):
self.setRowCount(0)
if _range:
self.range = _range
if self.range is None:
return 1
if len(self.history) == 0 or self.history[
len(self.history) - 1] != self.range.start_address:
self.history.append(self.range.start_address)
if len(self.history) > 25:
self.history.pop(0)
md = Cs(self.cs_arch, self.cs_mode)
md.detail = True
insts = 0
for i in md.disasm(self.range.data[self.range.start_offset:],
self.range.start_address):
if insts > 128:
break
instruction = Instruction(self.dwarf, i)
row = self.rowCount()
self.insertRow(row)
w = MemoryAddressWidget('0x%x' % i.address)
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.red)
w.set_offset(self.range.base - i.address)
self.setItem(row, 0, w)
w = NotEditableTableWidgetItem(
binascii.hexlify(instruction.bytes).decode('utf8'))
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.darkYellow)
self.setItem(row, 1, w)
if instruction.is_jump and instruction.jump_address != 0:
w = MemoryAddressWidget(instruction.op_str)
w.set_address(instruction.jump_address)
else:
w = NotEditableTableWidgetItem(instruction.op_str)
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.lightGray)
self.setItem(row, 3, w)
w = NotEditableTableWidgetItem(instruction.mnemonic.upper())
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.white)
w.setTextAlignment(Qt.AlignCenter)
w.setFont(QFont(None, 11, QFont.Bold))
self.setItem(row, 2, w)
if instruction.symbol_name is not None:
w = NotEditableTableWidgetItem(
'%s (%s)' %
(instruction.symbol_name, instruction.symbol_module))
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.lightGray)
self.setItem(row, 4, w)
insts += 1
self.scrollToTop()
return 0
def add_hook(self, emulator, instruction):
# check if the previous hook is waiting for a register result
if self._require_register_result is not None:
res = '%s = %s' % (
self._require_register_result[1],
hex(emulator.uc.reg_read(self._require_register_result[0])))
self.setItem(self.rowCount() - 1, 4,
NotEditableTableWidgetItem(res))
# invalidate
self._require_register_result = None
# check if the code jumped
if self._last_instruction_address > 0:
if instruction.address > self._last_instruction_address + self.app.get_dwarf().pointer_size or\
instruction.address < self._last_instruction_address:
# insert an empty line
self.insertRow(self.rowCount())
self._last_instruction_address = instruction.address
row = self.rowCount()
self.insertRow(row)
address = instruction.address
if instruction.thumb:
address = address | 1
w = MemoryAddressWidget('0x%x' % address)
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.red)
self.setItem(row, 0, w)
w = NotEditableTableWidgetItem(
binascii.hexlify(instruction.bytes).decode('utf8'))
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.darkYellow)
self.setItem(row, 1, w)
if instruction.is_jump and instruction.jump_address != 0:
w = MemoryAddressWidget(instruction.op_str)
w.set_address(instruction.jump_address)
else:
w = NotEditableTableWidgetItem(instruction.op_str)
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.lightGray)
self.setItem(row, 3, w)
w = NotEditableTableWidgetItem(instruction.mnemonic.upper())
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.white)
w.setTextAlignment(Qt.AlignCenter)
w.setFont(QFont(None, 11, QFont.Bold))
self.setItem(row, 2, w)
# implicit regs read are notified later through mem access
if len(instruction.regs_read) == 0:
if len(instruction.operands) > 0:
for i in instruction.operands:
if i.type == CS_OP_REG:
self._require_register_result = [
i.value.reg,
instruction.reg_name(i.value.reg)
]
break
if instruction.symbol_name is not None:
w = NotEditableTableWidgetItem(
'%s (%s)' %
(instruction.symbol_name, instruction.symbol_module))
w.setFlags(Qt.NoItemFlags)
w.setForeground(Qt.lightGray)
self.setItem(row, 4, w)
self.scrollToBottom()
