def arm_epilogue(blk):
if len(blk.bap.stmts) > 1:
last_stmt = blk.bap.stmts[-1]
if isinstance(last_stmt, JmpStmt) \
and isinstance(last_stmt.kind, RetKind):
stmt = blk.bap.stmts[-2]
if isinstance(stmt.lhs, RegVar) \
and stmt.lhs.name == 'SP' \
and isinstance(stmt.rhs, BinOpExp) \
and isinstance(stmt.rhs.e1, RegVar) \
and isinstance(stmt.rhs.e2, IntExp) \
and stmt.rhs.e1.name == 'SP':
for i in range(len(blk.bap.stmts) - 3, -1, -1):
stmt = blk.bap.stmts[i]
if isinstance(stmt, DefStmt) \
and isinstance(stmt.lhs, RegVar) \
and isinstance(stmt.rhs, LoadExp):
base_pointer, offset, access = mem_addr(
stmt.rhs.addr, blk, stmt.pc)
if base_pointer is not None and base_pointer.base_register == 'SP':
make_temp_offset(base_pointer.base_register,
offset, blk, stmt.pc)
make_giv_reg(stmt.lhs.name, stmt.lhs.index, blk,
stmt.pc)
else:
break
else:
break
def x86_call_args(blk):
if len(blk.bap.stmts) > 0:
last_stmt_bap = blk.bap.stmts[-1]
if isinstance(last_stmt_bap, JmpStmt) \
and isinstance(last_stmt_bap.kind, CallKind):
tmp_args = dict()
call = last_stmt_bap
for i in range(len(blk.bap.stmts) - 4, -1, -1):
stmt = blk.bap.stmts[i]
if isinstance(stmt, DefStmt):
lhs = stmt.lhs
rhs = stmt.rhs
if isinstance(lhs, MemVar) and isinstance(rhs, StoreExp):
addr = rhs.addr
exp = rhs.exp
base_pointer, offset, access = mem_addr(
addr, blk, stmt.pc)
if base_pointer is not None \
and not isinstance(exp, GivReg) \
and not isinstance(exp, VirtualVar) \
and base_pointer.base_register in ('ESP', 'RSP'):
key = (base_pointer.base_register, offset)
if key not in tmp_args:
tmp_args[key] = (exp, stmt.pc)
for base_pointer, offset in sorted(tmp_args.keys()):
key = (base_pointer, offset)
if offset == 0 or \
(base_pointer, offset - blk.binary.config.ADDRESS_BYTE_SIZE) in tmp_args:
exp, pc = tmp_args[key]
make_temp_offset(base_pointer, offset, blk, pc)
call.kind.args[key] = (exp, pc)
else:
break
def x64_epilogue(blk):
for stmt in blk.bap.stmts:
if stmt.insn is not None \
and stmt.insn.startswith('POP') \
and isinstance(stmt, DefStmt) \
and isinstance(stmt.lhs, RegVar) \
and isinstance(stmt.rhs, LoadExp):
base_pointer, offset, access = mem_addr(stmt.rhs.addr, blk,
stmt.pc)
if base_pointer is not None \
and base_pointer.base_register == 'RSP':
make_temp_offset(base_pointer.base_register, offset, blk,
stmt.pc)
make_giv_reg(stmt.lhs.name, stmt.lhs.index, blk, stmt.pc)
def arm_prologue(blk):
for stmt in blk.bap.stmts:
if stmt.pc is not None \
and stmt.pc == blk.function.low_pc \
and isinstance(stmt, DefStmt) \
and isinstance(stmt.lhs, MemVar) \
and isinstance(stmt.rhs, StoreExp) \
and isinstance(stmt.rhs.exp, RegVar):
base_pointer, offset, access = mem_addr(stmt.rhs.addr, blk,
stmt.pc)
if base_pointer is not None and base_pointer.base_register == 'SP':
make_temp_offset(base_pointer.base_register, offset, blk,
stmt.pc)
make_giv_reg(stmt.rhs.exp.name, stmt.rhs.exp.index, blk,
stmt.pc)
else:
break
def x64_temp_offsets(blk):
for stmt in blk.bap.stmts:
if stmt.insn is not None \
and (stmt.insn.startswith('PUSH')
or stmt.insn.startswith('POP')
or stmt.insn.startswith('CALL')
or stmt.insn.startswith('RET')):
if isinstance(stmt, DefStmt) \
and type(stmt.rhs) in (LoadExp, StoreExp):
base_pointer, offset, access = mem_addr(
stmt.rhs.addr, blk, stmt.pc)
if base_pointer is not None and base_pointer.base_register == 'RSP':
make_temp_offset(base_pointer.base_register, offset, blk,
stmt.pc)
if isinstance(stmt, JmpStmt) \
and isinstance(stmt.kind, RetKind) \
and isinstance(stmt.kind.label, IndirectLabel):
if isinstance(stmt.kind.label.exp, LoadExp):
base_pointer, offset, access = mem_addr(
stmt.kind.label.exp, blk, stmt.pc)
if base_pointer is not None and base_pointer.base_register == 'RSP':
make_temp_offset(base_pointer.base_register, offset,
blk, stmt.pc)
elif isinstance(stmt.kind.label.exp, VirtualExp) \
and isinstance(get_virtual_exp(stmt.kind.label.exp, blk).exp, LoadExp):
base_pointer, offset, access = mem_addr(
stmt.kind.label.exp, blk, stmt.pc)
if base_pointer is not None and base_pointer.base_register == 'RSP':
make_temp_offset(base_pointer.base_register, offset,
blk, stmt.pc)