Esempio n. 1
0
 def loadMembers(self, mappings, maxDepth):
   if not LoadableMembersStructure.loadMembers(self, mappings, maxDepth):
     return False
   # Load and memcopy key and iv
   log.debug('Enc Memcopying a Key with %d bytes'%self.key_len)
   attr_obj_address = getaddress(self.key)
   log.debug('got key @%x '%(attr_obj_address))
   memoryMap = is_valid_address_value( attr_obj_address, mappings)
   # DEBUG - I do question the buffer_copy.
   log.debug('memoryMap is %s - \nmake array '%(memoryMap))
   array=(ctypes.c_ubyte*self.key_len).from_buffer_copy(memoryMap.readArray(attr_obj_address, ctypes.c_ubyte, self.key_len))
   # save key as bitstream
   ##key_contents = ctypes.c_ubyte.from_buffer(array)
   key_contents = array
   log.debug('keep ref ')
   model.keepRef(key_contents, model.get_subtype(self.key), attr_obj_address)
   
   log.debug('Enc Memcopying a IV with %d bytes'%( self.block_size) )
   attr_obj_address=getaddress(self.iv)
   memoryMap = is_valid_address_value( attr_obj_address, mappings)
   log.debug('make array ')
   array=(ctypes.c_ubyte*self.block_size).from_buffer_copy(memoryMap.readArray(attr_obj_address, ctypes.c_ubyte,self.block_size))
   # save iv contents as bitstream
   ##iv_contents = ctypes.c_ubyte.from_buffer(array)
   iv_contents = array
   log.debug('keep ref')
   model.keepRef(iv_contents, model.get_subtype(self.iv), attr_obj_address)
   
   log.debug('ENC KEY(%d bytes) and IV(%d bytes) acquired'%(self.key_len,self.block_size))
   return True
Esempio n. 2
0
 def loadMembers(self, mappings, maxDepth):
   if not LoadableMembersStructure.loadMembers(self, mappings, maxDepth):
     return False
   #log.debug('evp    app_data    attr_obj_address=0x%lx'%(self.evp.app_data) )
   #log.debug('evp    cipher_data attr_obj_address=0x%lx'%(self.evp.cipher_data) )  ##none
   cipher = model.getRef( Cipher, getaddress(self.cipher) )
   ciphername = cipher.name.toString() 
   # cast evp.app_data into a valid struct
   if ciphername in self.cipherContexts:
     # evp.cipher.nid should be 0
     struct = self.cipherContexts[ciphername]
     if (struct is None):
       log.warning("Unsupported cipher %s"%(ciphername))
       return True
     attr_obj_address = self.evp.app_data
     memoryMap = is_valid_address_value( attr_obj_address, mappings, struct)
     log.debug( "CipherContext CAST app_data into : %s "%( struct) )
     if not memoryMap:
       log.warning('On second toughts, app_data seems to be at an invalid address. That should not happen (often).')
       log.warning('%s addr:0x%lx size:0x%lx addr+size:0x%lx '%(is_valid_address_value( attr_obj_address, mappings), 
                                   attr_obj_address, ctypes.sizeof(struct), attr_obj_address+ctypes.sizeof(struct)))
       return False # DEBUG kill it
     # read the void * and keep a ref
     st = memoryMap.readStruct(attr_obj_address, struct )
     model.keepRef(st, struct, attr_obj_address)
     # yeah... no. "self.evp.app_data = xx" means SEGFAULT.
     evp_app_data = ctypes.c_void_p(ctypes.addressof(st)) 
     
     log.debug('Copied 0x%lx into app_data (0x%lx)'%(attr_obj_address, evp_app_data.value) )
     log.debug('LOADED app_data as %s from 0x%lx (%s) into 0x%lx'%(struct, 
           attr_obj_address, is_valid_address_value(attr_obj_address,mappings,struct), evp_app_data.value))
     log.debug('\t\t---------\n%s\t\t---------'%(st.toString() ) )
   else:
     log.debug("Unknown cipher %s, can't load a data struct for the EVP_CIPHER_CTX->app_data"%(ciphername))
   return True
Esempio n. 3
0
 def iterateList(self, mappings):
   ''' iterate forward, then backward, until null or duplicate '''    
   done = [0]
   obj = self
   #print 'going forward '
   for fieldname in [forward, backward]:
     link = getattr(obj, fieldname)
     addr = utils.getaddress(link)
     log.debug('iterateList got a <%s>/0x%x'%(link.__class__.__name__,addr))
     nb=0
     while addr not in done:
       #print '%x %s'%(addr, addr in done)
       done.append(addr)
       memoryMap = utils.is_valid_address_value( addr, mappings, structType)
       if memoryMap == False:
         raise ValueError('the link of this linked list has a bad value')
       st = memoryMap.readStruct( addr, structType)
       model.keepRef(st, structType, addr)
       log.debug("keepRefx2 %s.%s @%x"%(structType, fieldname, addr  ))
       yield addr
       # next
       link = getattr(st, fieldname)
       addr = utils.getaddress(link)
     #print 'going backward after %x'%(addr)
   raise StopIteration
Esempio n. 4
0
def _get_chunk(mappings, heap, entry_addr):
    from haystack.model import keepRef
    m = mappings.getMmapForAddr(entry_addr)
    chunk_header = m.readStruct(entry_addr, _HEAP_ENTRY)
    keepRef(chunk_header, _HEAP_ENTRY, entry_addr)
    chunk_header._orig_addr_ = entry_addr
    return chunk_header
Esempio n. 5
0
 def iterateList(self, mappings):
     ''' iterate forward, then backward, until null or duplicate '''
     done = [0]
     obj = self
     #print 'going forward '
     for fieldname in [forward, backward]:
         link = getattr(obj, fieldname)
         addr = utils.getaddress(link)
         log.debug('iterateList got a <%s>/0x%x' %
                   (link.__class__.__name__, addr))
         nb = 0
         while addr not in done:
             #print '%x %s'%(addr, addr in done)
             done.append(addr)
             memoryMap = utils.is_valid_address_value(
                 addr, mappings, structType)
             if memoryMap == False:
                 raise ValueError(
                     'the link of this linked list has a bad value')
             st = memoryMap.readStruct(addr, structType)
             model.keepRef(st, structType, addr)
             log.debug("keepRefx2 %s.%s @%x" %
                       (structType, fieldname, addr))
             yield addr
             # next
             link = getattr(st, fieldname)
             addr = utils.getaddress(link)
         #print 'going backward after %x'%(addr)
     raise StopIteration
Esempio n. 6
0
    def _loadListEntries(self, fieldname, mappings, maxDepth):
        ''' 
    we need to load the pointed entry as a valid struct at the right offset, 
    and parse it.
    
    When does it stop following FLink/BLink ?
      sentinel is headAddr only
    '''

        structType, offset = self._getListFieldInfo(fieldname)

        # DO NOT think HEAD is a valid entry.
        # if its a ListEntries, self has already been loaded anyway.
        headAddr = self._orig_address_ + utils.offsetof(type(self), fieldname)
        head = getattr(self, fieldname)

        for entry in head._iterateList(mappings):
            # DO NOT think HEAD is a valid entry
            if entry == headAddr:
                continue
            link = entry + offset
            log.debug('got a element of list at %s 0x%x/0x%x offset:%d' %
                      (fieldname, entry, link, offset))
            # use cache if possible, avoid loops.
            #XXX
            from haystack import model
            ref = model.getRef(structType, link)
            if ref:  # struct has already been loaded, bail out
                log.debug("%s loading from references cache %s/0x%lx" %
                          (fieldname, structType, link))
                continue  # do not reload
            else:
                #  OFFSET read, specific to a LIST ENTRY model
                memoryMap = utils.is_valid_address_value(
                    link, mappings, structType)
                if memoryMap is False:
                    log.error(
                        'error while validating address 0x%x type:%s @end:0x%x'
                        % (link, structType.__name__,
                           link + ctypes.sizeof(structType)))
                    log.error('self : %s , fieldname : %s' %
                              (self.__class__.__name__, fieldname))
                    raise ValueError(
                        'error while validating address 0x%x type:%s @end:0x%x'
                        % (link, structType.__name__,
                           link + ctypes.sizeof(structType)))
                st = memoryMap.readStruct(
                    link, structType)  # point at the right offset
                st._orig_addr_ = link
                model.keepRef(st, structType, link)
                log.debug("keepRef %s.%s @%x" % (structType, fieldname, link))
                # load the list entry structure members
                if not st.loadMembers(mappings, maxDepth - 1):
                    log.error('Error while loading members on %s' %
                              (self.__class__.__name__))
                    print st
                    raise ValueError('error while loading members')

        return True
Esempio n. 7
0
def _get_chunk(mappings, heap, entry_addr):
    from haystack.model import keepRef

    m = mappings.getMmapForAddr(entry_addr)
    chunk_header = m.readStruct(entry_addr, _HEAP_ENTRY)
    keepRef(chunk_header, _HEAP_ENTRY, entry_addr)
    chunk_header._orig_addr_ = entry_addr
    return chunk_header
Esempio n. 8
0
    def test_getRef(self):
        model.keepRef(1, int, 0xcafecafe)
        model.keepRef(2, float, 0xcafecafe)

        self.assertEquals(model.getRef(int, 0xcafecafe), 1)
        self.assertEquals(model.getRef(float, 0xcafecafe), 2)
        self.assertIsNone(model.getRef(str, 0xcafecafe))
        self.assertIsNone(model.getRef(str, 0xdeadbeef))
        self.assertIsNone(model.getRef(int, 0xdeadbeef))
Esempio n. 9
0
  def test_getRef(self):
    model.keepRef(1, int, 0xcafecafe)
    model.keepRef(2, float, 0xcafecafe)

    self.assertEquals( model.getRef(int,0xcafecafe), 1)
    self.assertEquals( model.getRef(float,0xcafecafe), 2)
    self.assertIsNone( model.getRef(str,0xcafecafe))
    self.assertIsNone( model.getRef(str,0xdeadbeef))
    self.assertIsNone( model.getRef(int,0xdeadbeef))
Esempio n. 10
0
def list_head_loadRealMembers(self, mappings, maxDepth, attrtype, listHeadName, addresses):
  '''
    Copy ->next and ->prev target structure's memeory space.
    attach prev and next correctly.
    @param attrtype the target structure type
    @param listHeadName the member name of the list_head in the target structure
    @param addresses original pointers for prev and next
  '''
  attrname = listHeadName
  addr_prev,addr_next = addresses
  null = list_head()
  for listWay, addr in [('prev',addr_prev),('next',addr_next)]:
    attr = getattr(self,listWay)
    if addr is None or not bool(attr):
      attr.contents = null
      continue # do not load unvalid address
    #print listHeadName,listWay, hex(addr)
    #elif not is_address_local(attr) :
    #  continue # coul
    cache = model.getRef(attrtype, addr ) # is the next/prev Item in cache
    if cache:
      # get the offset into the buffer and associate the .list_head->{next,prev} to it
      attr.contents = gen.list_head.from_address(ctypes.addressof( getattr(cache, attrname)) ) #loadMember is done
      log.debug("assigned &%s.%s in self "%(attrname,listWay ))
      # DO NOT recurse
      continue
    log.debug('re-loading %s.%s.%s from 0x%x'%(attrtype,attrname,listWay, addr))
    memoryMap = is_valid_address_value( addr, mappings, attrtype)
    if(not memoryMap):
      # big BUG Badaboum, why did pointer changed validity/value ?
      log.warning("%s.%s %s not loadable 0x%lx but VALID "%(attrname,listWay, attr, addr ))
      attr.contents = null
      continue
    else:
      log.debug("self.%s.%s -> 0x%lx (is_valid_address_value: %s)"%(attrname,listWay, addr, memoryMap ))
      # save the total struct to local memspace
      nextItem = memoryMap.readStruct(addr, attrtype )
      #if not nextItem.isValid(mappings):
      #  log.warning('%s.%s (%s) is INVALID'%(attrname,listWay, attrtype))
      #  return False
      log.debug("%s.%s is loaded: '%s'"%(attrname,listWay, nextItem ))
      # save the ref and load the task
      model.keepRef( nextItem, attrtype, addr)
      # get the offset into the buffer and associate the .tasks->next to it
      attr.contents = gen.list_head.from_address(ctypes.addressof( getattr(nextItem, attrname) )) #loadMember is done
      log.debug("assigned &%s.%s in self "%(attrname,listWay ))
      # recursive validation checks on new struct
      if not bool(attr):
        log.warning('Member %s.%s is null after copy: %s'%(attrname, listWay ,attr))
        attr.contents = null
      else:
        # recursive loading - model revalidation
        if not nextItem.loadMembers(mappings, maxDepth-1):
          return False
      continue
  return True
Esempio n. 11
0
 def getNextChunk(self, mappings, orig_addr):
   mmap = model.is_valid_address_value(orig_addr, mappings)
   if not mmap:
     raise ValueError
   if self.size > 0 :
     next_addr = self.next_addr(orig_addr)
     next_chunk = mmap.readStruct(next_addr, malloc_chunk )
     model.keepRef( next_chunk, malloc_chunk, next_addr)
     return next_chunk, next_addr
   return None, None
Esempio n. 12
0
 def getNextChunk(self, mappings, orig_addr):
     mmap = model.is_valid_address_value(orig_addr, mappings)
     if not mmap:
         raise ValueError
     if self.size > 0:
         next_addr = self.next_addr(orig_addr)
         next_chunk = mmap.readStruct(next_addr, malloc_chunk)
         model.keepRef(next_chunk, malloc_chunk, next_addr)
         return next_chunk, next_addr
     return None, None
Esempio n. 13
0
 def getPrevChunk(self, mappings, orig_addr):
     mmap = model.is_valid_address_value(orig_addr, mappings)
     if not mmap:
         raise ValueError
     if self.prev_size > 0:
         prev_addr = self.prev_addr(orig_addr)
         prev_chunk = mmap.readStruct(prev_addr, malloc_chunk)
         model.keepRef(prev_chunk, malloc_chunk, prev_addr)
         return prev_chunk, prev_addr
     return None, None
Esempio n. 14
0
 def getPrevChunk(self, mappings, orig_addr):
   mmap = model.is_valid_address_value(orig_addr, mappings)
   if not mmap:
     raise ValueError
   if self.prev_size > 0 :
     prev_addr = self.prev_addr(orig_addr)
     prev_chunk = mmap.readStruct(prev_addr, malloc_chunk )
     model.keepRef( prev_chunk, malloc_chunk, prev_addr)
     return prev_chunk, prev_addr
   return None, None
Esempio n. 15
0
 def getNextChunk(self, mappings, orig_addr):
   ## do next_chunk
   mmap = model.is_valid_address_value(orig_addr, mappings)
   if not mmap:
     raise ValueError
   next_addr = orig_addr + self.real_size()
   # check if its in mappings
   if not model.is_valid_address_value(next_addr, mappings):
     return None,None
   next_chunk = mmap.readStruct(next_addr, malloc_chunk )
   model.keepRef( next_chunk, malloc_chunk, next_addr)
   return next_chunk, next_addr
Esempio n. 16
0
 def getPrevChunk(self, mappings, orig_addr):
   ## do prev_chunk
   if self.check_prev_inuse():
     raise TypeError('Previous chunk is in use. can read its size.')
   mmap = model.is_valid_address_value(orig_addr, mappings)
   if not mmap:
     raise ValueError
   if self.prev_size > 0 :
     prev_addr = orig_addr - self.prev_size
     prev_chunk = mmap.readStruct(prev_addr, malloc_chunk )
     model.keepRef( prev_chunk, malloc_chunk, prev_addr)
     return prev_chunk, prev_addr
   return None, None
Esempio n. 17
0
  def loadMembers(self, mappings, maxDepth):
    if not LoadableMembersStructure.loadMembers(self, mappings, maxDepth):
      return False
    # Load and memcopy key 
    log.debug('Memcopying a Key with %d bytes'%self.key_len)
    attr_obj_address=getaddress(self.key)
    memoryMap = is_valid_address_value( attr_obj_address, mappings)    
    array=(ctypes.c_ubyte*self.key_len).from_buffer_copy(memoryMap.readArray(attr_obj_address, ctypes.c_ubyte, self.key_len))
    model.keepRef(array, model.get_subtype(self.key), attr_obj_address)

    log.debug('unmac_ctx has been nulled and ignored. its not often used by any ssh impl. Not useful for us anyway.')
    log.debug('MAC KEY(%d bytes) acquired'%(self.key_len))
    return True
Esempio n. 18
0
  def _loadListEntries(self, fieldname, mappings, maxDepth):
    ''' 
    we need to load the pointed entry as a valid struct at the right offset, 
    and parse it.
    
    When does it stop following FLink/BLink ?
      sentinel is headAddr only
    '''
    
    structType, offset = self._getListFieldInfo(fieldname)
    
    # DO NOT think HEAD is a valid entry.
    # if its a ListEntries, self has already been loaded anyway.
    headAddr = self._orig_address_ + utils.offsetof( type(self), fieldname)
    head = getattr(self, fieldname)
    
    for entry in head._iterateList(mappings):
      # DO NOT think HEAD is a valid entry
      if entry == headAddr:
        continue
      link = entry + offset
      log.debug('got a element of list at %s 0x%x/0x%x offset:%d'%(fieldname, entry, link, offset))
      # use cache if possible, avoid loops.
      #XXX 
      from haystack import model
      ref = model.getRef( structType, link)
      if ref: # struct has already been loaded, bail out
        log.debug("%s loading from references cache %s/0x%lx"%(fieldname, structType, link ))
        continue # do not reload
      else:
        #  OFFSET read, specific to a LIST ENTRY model
        memoryMap = utils.is_valid_address_value( link, mappings, structType)
        if memoryMap is False:
          log.error('error while validating address 0x%x type:%s @end:0x%x'%(link, 
                  structType.__name__, link+ctypes.sizeof(structType)) )
          log.error('self : %s , fieldname : %s'%(self.__class__.__name__, fieldname))
          raise ValueError('error while validating address 0x%x type:%s @end:0x%x'%(link, 
                  structType.__name__, link+ctypes.sizeof(structType)) )
        st = memoryMap.readStruct( link, structType) # point at the right offset
        st._orig_addr_ = link
        model.keepRef(st, structType, link)
        log.debug("keepRef %s.%s @%x"%(structType, fieldname, link  ))
        # load the list entry structure members
        if not st.loadMembers(mappings, maxDepth-1):
          log.error('Error while loading members on %s'%(self.__class__.__name__))
          print st
          raise ValueError('error while loading members')

    return True
Esempio n. 19
0
    def test_ref_unicity_2(self):
        model.keepRef(1, int, 0xcafecafe)
        model.keepRef(2, int, 0xcafecafe)
        model.keepRef(3, int, 0xcafecafe)
        me = model.getRefByAddr(0xcafecafe)
        self.assertEquals(len(me), 1)

        model.keepRef('4', str, 0xcafecafe)
        me = model.getRefByAddr(0xcafecafe)
        self.assertEquals(len(me), 2)
        return
Esempio n. 20
0
  def test_ref_unicity_2(self):
    model.keepRef(1, int, 0xcafecafe)
    model.keepRef(2, int, 0xcafecafe)
    model.keepRef(3, int, 0xcafecafe)
    me = model.getRefByAddr( 0xcafecafe )
    self.assertEquals( len(me), 1)

    model.keepRef('4', str, 0xcafecafe)
    me = model.getRefByAddr( 0xcafecafe )
    self.assertEquals( len(me), 2)
    return
Esempio n. 21
0
 def loadMembers(self, mappings, maxDepth):
   if not LoadableMembers.loadMembers(self, mappings, maxDepth):
     return False
   #log.debug('evp    app_data    attr_obj_address=0x%lx'%(self.evp.app_data) )
   #log.debug('evp    cipher_data attr_obj_address=0x%lx'%(self.evp.cipher_data) )  ##none
   #log.debug('cipher app_data    attr_obj_address=0x%lx'%(getaddress(self.cipher.contents.cipher_data)) )
   # cast evp.app_data into a valid struct
   if self.cipher.contents.name.string in self.cipherContexts:
     struct,fieldname=self.cipherContexts[self.cipher.contents.name.string]
     if(struct is None):
       log.warning("Unsupported cipher %s"%(self.cipher.contents.name.string))
       return True
     attr=getattr(self.evp,fieldname)
     #attr_obj_address=getaddress(attr) or attr  # c_void_p is a basic type.
     attr_obj_address = attr
     #print attr
     memoryMap = is_valid_address_value( attr_obj_address, mappings, struct)
     log.debug( "CipherContext CAST %s into : %s "%(fieldname, struct) )
     if not memoryMap:
       log.warning('On second toughts, %s seems to be at an invalid address. That should not happen (often).'%(fieldname))
       log.warning('%s addr:0x%lx size:0x%lx addr+size:0x%lx '%(is_valid_address_value( attr_obj_address, mappings), 
                                   attr_obj_address, ctypes.sizeof(struct), attr_obj_address+ctypes.sizeof(struct)))
       log.warning('%s : %s'%(fieldname, attr))
       return False # DEBUG kill it
     #st=struct.from_buffer_copy(memoryMap.readStruct(attr_obj_address, struct ) )
     # XXX CAST do not copy buffer when casting, sinon on perds des bytes
     ## attr.contents=(type(attr.contents)).from_buffer(st)
     ### c_void_p -> allocate local_mem and change value
     ### XXX dangling pointer ?
     #attr.value = ctypes.addressof(st)
     #setattr(self.evp, fieldname, ctypes.c_void_p(ctypes.addressof(st)) )
     st=memoryMap.readStruct(attr_obj_address, struct )
     model.keepRef(st)
     setattr(self.evp, fieldname, ctypes.c_void_p(ctypes.addressof(st)) )
     
     attr=getattr(self.evp,fieldname)      
     log.debug('Copied 0x%lx into %s (0x%lx)'%(ctypes.addressof(st), fieldname, attr))      
     log.debug('LOADED app_data evp.%s as %s from 0x%lx (%s) into 0x%lx'%(fieldname,struct, 
           attr_obj_address, is_valid_address_value(attr_obj_address,mappings,struct), attr ))
     log.debug('\t\t---------\n%s\t\t---------'%st.toString())
   else:
     log.warning("Unknown cipher %s, can't load a data struct for the EVP_CIPHER_CTX->app_data"%(self.cipher.contents.name.string))
   return True
Esempio n. 22
0
def EVP_CIPHER_CTX_loadMembers(self, mappings, maxDepth):
  if not super(EVP_CIPHER_CTX,self).loadMembers(mappings, maxDepth):
    return False
  log.debug('trying to load cipher_data Structs.')
  '''
  if bool(cipher) and bool(self.cipher.nid) and is_valid_address(cipher_data):
    memcopy( self.cipher_data, cipher_data_addr, self.cipher.ctx_size)
    # cast possible on cipher.nid -> cipherType
  '''
  cipher = model.getRef( evp_cipher_st, getaddress(self.cipher) )
  if cipher.nid == 0: # NID_undef, not openssl doing
    log.info('The cipher is home made - the cipher context data should be application dependant (app_data)')
    return True
    
  struct = getCipherDataType( cipher.nid) 
  log.debug('cipher type is %s - loading %s'%( getCipherName(cipher.nid), struct ))
  if(struct is None):
    log.warning("Unsupported cipher %s"%(cipher.nid))
    return True
  
  # c_void_p is a basic type.
  attr_obj_address = self.cipher_data
  memoryMap = is_valid_address_value( attr_obj_address, mappings, struct)
  log.debug( "cipher_data CAST into : %s "%(struct) )
  if not memoryMap:
    log.warning('in CTX On second toughts, cipher_data seems to be at an invalid address. That should not happen (often).')
    log.warning('%s addr:0x%lx size:0x%lx addr+size:0x%lx '%(is_valid_address_value( attr_obj_address, mappings), 
                                attr_obj_address, ctypes.sizeof(struct), attr_obj_address+ctypes.sizeof(struct)))
    return True
  #ok
  st = memoryMap.readStruct(attr_obj_address, struct )
  model.keepRef(st, struct, attr_obj_address)
  self.cipher_data = ctypes.c_void_p(ctypes.addressof(st)) 
  ###print 'self.cipher_data in loadmembers',self.cipher_data
  # check debug
  attr=getattr(self, 'cipher_data')      
  log.debug('Copied 0x%lx into %s (0x%lx)'%(ctypes.addressof(st), 'cipher_data', attr))      
  log.debug('LOADED cipher_data as %s from 0x%lx (%s) into 0x%lx'%(struct, 
        attr_obj_address, is_valid_address_value(attr_obj_address, mappings, struct), attr ))
  log.debug('\t\t---------\n%s\t\t---------'%st.toString())
  return True
Esempio n. 23
0
    def test_delRef(self):
        model.keepRef(1, int, 0xcafecafe)
        model.keepRef(2, float, 0xcafecafe)
        model.keepRef(3, str, 0xcafecafe)

        self.assertTrue(model.hasRef(int, 0xcafecafe))
        self.assertTrue(model.hasRef(float, 0xcafecafe))
        self.assertTrue(model.hasRef(str, 0xcafecafe))

        model.delRef(str, 0xcafecafe)
        self.assertTrue(model.hasRef(int, 0xcafecafe))
        self.assertTrue(model.hasRef(float, 0xcafecafe))
        self.assertFalse(model.hasRef(str, 0xcafecafe))

        model.delRef(str, 0xcafecafe)
        self.assertTrue(model.hasRef(int, 0xcafecafe))
        self.assertTrue(model.hasRef(float, 0xcafecafe))
        self.assertFalse(model.hasRef(str, 0xcafecafe))

        model.delRef(int, 0xcafecafe)
        self.assertFalse(model.hasRef(int, 0xcafecafe))
        self.assertTrue(model.hasRef(float, 0xcafecafe))
        self.assertFalse(model.hasRef(str, 0xcafecafe))

        model.delRef(float, 0xcafecafe)
        self.assertFalse(model.hasRef(int, 0xcafecafe))
        self.assertFalse(model.hasRef(float, 0xcafecafe))
        self.assertFalse(model.hasRef(str, 0xcafecafe))
Esempio n. 24
0
def _HEAP_SEGMENT_loadMember(self, attr, attrname, attrtype, mappings,
                             maxDepth):
    #log.debug('_loadMember attrname : %s'%(attrname))
    if attrname == 'LastValidEntry':
        # isPointerType code.
        _attrType = model.get_subtype(attrtype)
        attr_obj_address = utils.getaddress(attr)
        ####
        memoryMap = utils.is_valid_address(attr, mappings, _attrType)
        if (not memoryMap):
            log.debug("LastValidEntry out of mapping - 0x%lx - ignore " %
                      (attr_obj_address))
            return True
        from haystack.model import getRef, keepRef, delRef  # TODO CLEAN
        ref = getRef(_attrType, attr_obj_address)
        if ref:
            #log.debug("%s %s loading from references cache %s/0x%lx"%(attrname,attr,_attrType,attr_obj_address ))
            #DO NOT CHANGE STUFF SOUPID attr.contents = ref
            return True
        #log.debug("%s %s loading from 0x%lx (is_valid_address: %s)"%(attrname,attr,attr_obj_address, memoryMap ))
        ##### Read the struct in memory and make a copy to play with.
        ### ERRROR attr.contents=_attrType.from_buffer_copy(memoryMap.readStruct(attr_obj_address, _attrType ))
        contents = memoryMap.readStruct(attr_obj_address, _attrType)
        # save that validated and loaded ref and original addr so we dont need to recopy it later
        keepRef(contents, _attrType, attr_obj_address)
        #log.debug("%s %s loaded memcopy from 0x%lx to 0x%lx"%(attrname, attr, attr_obj_address, (utils.getaddress(attr))   ))
        # recursive validation checks on new struct
        if not bool(attr):
            log.warning('Member %s is null after copy: %s' % (attrname, attr))
            return True
        # go and load the pointed struct members recursively
        if not contents.loadMembers(mappings, maxDepth):
            log.debug('member %s was not loaded' % (attrname))
            #invalidate the cache ref.
            delRef(_attrType, attr_obj_address)
            return False
        return True
    else:
        return super(_HEAP_SEGMENT, self)._loadMember(attr, attrname, attrtype,
                                                      mappings, maxDepth)
Esempio n. 25
0
  def test_delRef(self):
    model.keepRef(1, int, 0xcafecafe)
    model.keepRef(2, float, 0xcafecafe)
    model.keepRef(3, str, 0xcafecafe)

    self.assertTrue( model.hasRef(int,0xcafecafe))
    self.assertTrue( model.hasRef(float,0xcafecafe))
    self.assertTrue( model.hasRef(str,0xcafecafe))

    model.delRef(str, 0xcafecafe)
    self.assertTrue( model.hasRef(int,0xcafecafe))
    self.assertTrue( model.hasRef(float,0xcafecafe))
    self.assertFalse( model.hasRef(str,0xcafecafe))

    model.delRef(str, 0xcafecafe)
    self.assertTrue( model.hasRef(int,0xcafecafe))
    self.assertTrue( model.hasRef(float,0xcafecafe))
    self.assertFalse( model.hasRef(str,0xcafecafe))

    model.delRef(int, 0xcafecafe)
    self.assertFalse( model.hasRef(int,0xcafecafe))
    self.assertTrue( model.hasRef(float,0xcafecafe))
    self.assertFalse( model.hasRef(str,0xcafecafe))

    model.delRef(float, 0xcafecafe)
    self.assertFalse( model.hasRef(int,0xcafecafe))
    self.assertFalse( model.hasRef(float,0xcafecafe))
    self.assertFalse( model.hasRef(str,0xcafecafe))
Esempio n. 26
0
 def toPyObject(self):
   ''' 
   Returns a Plain Old python object as a perfect copy of this ctypes object.
   array would be lists, pointers, inner structures, and circular 
   reference should be handled nicely.
   '''
   # get self class.
   #log.debug("%s %s %s_py"%(self.__class__.__module__, sys.modules[self.__class__.__module__], self.__class__.__name__) )
   my_class = getattr(sys.modules[self.__class__.__module__],"%s_py"%(self.__class__.__name__) )
   my_self = my_class()
   #keep ref
   if hasRef(my_class, ctypes.addressof(self) ):
     return getRef(my_class, ctypes.addressof(self) )
   # we are saving us in a partially resolved state, to keep from loops.
   keepRef(my_self, my_class, ctypes.addressof(self) )
   for field,typ in self.getFields():
     attr = getattr(self,field)
     member = self._attrToPyObject(attr,field,typ)
     setattr(my_self, field, member)
   # save the original type (me) and the field
   setattr(my_self, '_ctype_', type(self))
   return my_self
Esempio n. 27
0
def _HEAP_SEGMENT_loadMember(self, attr, attrname, attrtype, mappings, maxDepth):
    # log.debug('_loadMember attrname : %s'%(attrname))
    if attrname == "LastValidEntry":
        # isPointerType code.
        _attrType = model.get_subtype(attrtype)
        attr_obj_address = utils.getaddress(attr)
        ####
        memoryMap = utils.is_valid_address(attr, mappings, _attrType)
        if not memoryMap:
            log.debug("LastValidEntry out of mapping - 0x%lx - ignore " % (attr_obj_address))
            return True
        from haystack.model import getRef, keepRef, delRef  # TODO CLEAN

        ref = getRef(_attrType, attr_obj_address)
        if ref:
            # log.debug("%s %s loading from references cache %s/0x%lx"%(attrname,attr,_attrType,attr_obj_address ))
            # DO NOT CHANGE STUFF SOUPID attr.contents = ref
            return True
        # log.debug("%s %s loading from 0x%lx (is_valid_address: %s)"%(attrname,attr,attr_obj_address, memoryMap ))
        ##### Read the struct in memory and make a copy to play with.
        ### ERRROR attr.contents=_attrType.from_buffer_copy(memoryMap.readStruct(attr_obj_address, _attrType ))
        contents = memoryMap.readStruct(attr_obj_address, _attrType)
        # save that validated and loaded ref and original addr so we dont need to recopy it later
        keepRef(contents, _attrType, attr_obj_address)
        # log.debug("%s %s loaded memcopy from 0x%lx to 0x%lx"%(attrname, attr, attr_obj_address, (utils.getaddress(attr))   ))
        # recursive validation checks on new struct
        if not bool(attr):
            log.warning("Member %s is null after copy: %s" % (attrname, attr))
            return True
        # go and load the pointed struct members recursively
        if not contents.loadMembers(mappings, maxDepth):
            log.debug("member %s was not loaded" % (attrname))
            # invalidate the cache ref.
            delRef(_attrType, attr_obj_address)
            return False
        return True
    else:
        return super(_HEAP_SEGMENT, self)._loadMember(attr, attrname, attrtype, mappings, maxDepth)
Esempio n. 28
0
    def test_hasRef(self):

        model.keepRef(1, int, 0xcafecafe)
        model.keepRef(2, float, 0xcafecafe)
        model.keepRef(3, str, 0xcafecafe)

        self.assertTrue(model.hasRef(int, 0xcafecafe))
        self.assertTrue(model.hasRef(float, 0xcafecafe))
        self.assertTrue(model.hasRef(str, 0xcafecafe))
        self.assertFalse(model.hasRef(unicode, 0xcafecafe))
        self.assertFalse(model.hasRef(int, 0xdeadbeef))
Esempio n. 29
0
  def test_hasRef(self):

    model.keepRef(1, int, 0xcafecafe)
    model.keepRef(2, float, 0xcafecafe)
    model.keepRef(3, str, 0xcafecafe)

    self.assertTrue( model.hasRef(int,0xcafecafe))
    self.assertTrue( model.hasRef(float,0xcafecafe))
    self.assertTrue( model.hasRef(str,0xcafecafe))
    self.assertFalse( model.hasRef(unicode,0xcafecafe))
    self.assertFalse( model.hasRef(int,0xdeadbeef))
Esempio n. 30
0
  def _loadMember(self,attr,attrname,attrtype,mappings, maxDepth):
    # skip static basic data members
    if not self._isLoadableMember(attr, attrname, attrtype):
      log.debug("%s %s not loadable  bool(attr) = %s"%(attrname,attrtype, bool(attr)) )
      return True
    # load it, fields are valid
    elif isStructType(attrtype) or isUnionType(attrtype): # DEBUG TEST
      offset = offsetof(type(self),attrname)
      log.debug('st: %s %s is STRUCT at @%x'%(attrname,attrtype, self._orig_address_ + offset) )
      # TODO pydoc for impl.
      attr._orig_address_ = self._orig_address_ + offset
      if not attr.loadMembers(mappings, maxDepth+1):
        log.debug("st: %s %s not valid, erreur while loading inner struct "%(attrname,attrtype) )
        return False
      log.debug("st: %s %s inner struct LOADED "%(attrname,attrtype) )
      return True
    elif isBasicTypeArray(attr):
      return True
    if isArrayType(attrtype):
      log.debug('a: %s is arraytype %s recurse load'%(attrname,repr(attr)) )#
      attrLen=len(attr)
      if attrLen == 0:
        return True
      elType=type(attr[0])
      for i in range(0,attrLen):
        # FIXME BUG DOES NOT WORK - offsetof("%s[%d]") is called, and %s exists, not %s[%d]
        #if not self._loadMember(attr[i], "%s[%d]"%(attrname,i), elType, mappings, maxDepth):
        if not self._loadMember(attr[i], attrname, elType, mappings, maxDepth):
          return False
      return True
    # we have PointerType here . Basic or complex
    # exception cases
    if isCStringPointer(attrtype) : 
      # can't use basic c_char_p because we can't load in foreign memory
      attr_obj_address = getaddress(attr.ptr)
      if not bool(attr_obj_address):
        log.debug('%s %s is a CString, the pointer is null (validation must have occurred earlier) '%(attrname, attr))
        return True
      memoryMap = is_valid_address_value(attr_obj_address, mappings)
      if not memoryMap :
        log.warning('Error on addr while fetching a CString. should not happen')
        return False
      MAX_SIZE=255
      
      ref = getRef(CString,attr_obj_address)
      if ref:
        log.debug("%s %s loading from references cache %s/0x%lx"%(attrname,attr,CString,attr_obj_address ))
        return True
      log.debug("%s %s is defined as a CString, loading from 0x%lx is_valid_address %s"%(
                      attrname,attr,attr_obj_address, is_valid_address(attr,mappings) ))
      txt,full = memoryMap.readCString(attr_obj_address, MAX_SIZE )
      if not full:
        log.warning('buffer size was too small for this CString')

      # that will SEGFAULT attr.string = txt - instead keepRef to String
      keepRef( txt, CString, attr_obj_address)
      log.debug('kept CString ref for "%s" at @%x'%(txt, attr_obj_address))
      return True
    elif isPointerType(attrtype): # not functionType, it's not loadable
      _attrType = get_subtype(attrtype)
      attr_obj_address=getaddress(attr)
      ####
      # memcpy and save objet ref + pointer in attr
      # we know the field is considered valid, so if it's not in memory_space, we can ignore it
      memoryMap = is_valid_address( attr, mappings, _attrType)
      if(not memoryMap):
        # big BUG Badaboum, why did pointer changed validity/value ?
        log.warning("%s %s not loadable 0x%lx but VALID "%(attrname, attr,attr_obj_address ))
        return True

      ref = getRef(_attrType,attr_obj_address) 
      if ref:
        log.debug("%s %s loading from references cache %s/0x%lx"%(attrname,attr,_attrType,attr_obj_address ))
        #DO NOT CHANGE STUFF SOUPID attr.contents = ref. attr.contents will SEGFAULT
        return True
      log.debug("%s %s loading from 0x%lx (is_valid_address: %s)"%(attrname,attr,attr_obj_address, memoryMap ))
      ##### Read the struct in memory and make a copy to play with.
      #### DO NOT COPY THE STRUCT, we have a working readStruct for that...
      ### ERRROR attr.contents=_attrType.from_buffer_copy(memoryMap.readStruct(attr_obj_address, _attrType ))
      contents=memoryMap.readStruct(attr_obj_address, _attrType )
      # save that validated and loaded ref and original addr so we dont need to recopy it later
      keepRef( contents, _attrType, attr_obj_address)
      log.debug("keepRef %s.%s @%x"%(_attrType, attrname, attr_obj_address  ))
      log.debug("%s %s loaded memcopy from 0x%lx to 0x%lx"%(attrname, attr, attr_obj_address, (getaddress(attr))   ))
      # recursive validation checks on new struct
      if not bool(attr):
        log.warning('Member %s is null after copy: %s'%(attrname,attr))
        return True
      # go and load the pointed struct members recursively
      if not contents.loadMembers(mappings, maxDepth):
        log.debug('member %s was not loaded'%(attrname))
        #invalidate the cache ref.
        delRef( _attrType, attr_obj_address)
        return False
      return True
    #TATAFN
    return True
Esempio n. 31
0
def list_head_loadRealMembers(self, mappings, maxDepth, attrtype, listHeadName,
                              addresses):
    '''
    Copy ->next and ->prev target structure's memeory space.
    attach prev and next correctly.
    @param attrtype the target structure type
    @param listHeadName the member name of the list_head in the target structure
    @param addresses original pointers for prev and next
  '''
    attrname = listHeadName
    addr_prev, addr_next = addresses
    null = list_head()
    for listWay, addr in [('prev', addr_prev), ('next', addr_next)]:
        attr = getattr(self, listWay)
        if addr is None or not bool(attr):
            attr.contents = null
            continue  # do not load unvalid address
        #print listHeadName,listWay, hex(addr)
        #elif not is_address_local(attr) :
        #  continue # coul
        cache = model.getRef(attrtype, addr)  # is the next/prev Item in cache
        if cache:
            # get the offset into the buffer and associate the .list_head->{next,prev} to it
            attr.contents = gen.list_head.from_address(
                ctypes.addressof(getattr(cache,
                                         attrname)))  #loadMember is done
            log.debug("assigned &%s.%s in self " % (attrname, listWay))
            # DO NOT recurse
            continue
        log.debug('re-loading %s.%s.%s from 0x%x' %
                  (attrtype, attrname, listWay, addr))
        memoryMap = is_valid_address_value(addr, mappings, attrtype)
        if (not memoryMap):
            # big BUG Badaboum, why did pointer changed validity/value ?
            log.warning("%s.%s %s not loadable 0x%lx but VALID " %
                        (attrname, listWay, attr, addr))
            attr.contents = null
            continue
        else:
            log.debug("self.%s.%s -> 0x%lx (is_valid_address_value: %s)" %
                      (attrname, listWay, addr, memoryMap))
            # save the total struct to local memspace
            nextItem = memoryMap.readStruct(addr, attrtype)
            #if not nextItem.isValid(mappings):
            #  log.warning('%s.%s (%s) is INVALID'%(attrname,listWay, attrtype))
            #  return False
            log.debug("%s.%s is loaded: '%s'" % (attrname, listWay, nextItem))
            # save the ref and load the task
            model.keepRef(nextItem, attrtype, addr)
            # get the offset into the buffer and associate the .tasks->next to it
            attr.contents = gen.list_head.from_address(
                ctypes.addressof(getattr(nextItem,
                                         attrname)))  #loadMember is done
            log.debug("assigned &%s.%s in self " % (attrname, listWay))
            # recursive validation checks on new struct
            if not bool(attr):
                log.warning('Member %s.%s is null after copy: %s' %
                            (attrname, listWay, attr))
                attr.contents = null
            else:
                # recursive loading - model revalidation
                if not nextItem.loadMembers(mappings, maxDepth - 1):
                    return False
            continue
    return True