def p_brackets_6(t):
'''brackets : MINUS NUMBER PLUS symbol LBRA expression RBRA %prec UMINUS'''
if not x86_afs.ad in t[6]:
t[6][x86_afs.ad] = True
t[0] = t[6]
for f in t[4]:
t[0][f] = t[4][f]
t[0][x86_afs.imm] = - int(int32(uint32(int(t[2]))))
def p_brackets_5(t):
'''brackets : NUMBER PLUS symbol LBRA expression RBRA '''
if not x86_afs.ad in t[5]:
t[5][x86_afs.ad] = True
t[0] = t[5]
for f in t[3]:
t[0][f] = t[3][f]
t[0][x86_afs.imm] = int(int32(uint32(int(t[1]))))
def is_mem_in_target(self, e, t):
ex = ExprOp('-', e.arg, t.arg)
ex = expr_simp(self.eval_expr(ex, {}))
if not isinstance(ex, ExprInt):
return None
ptr_diff = int32(ex.arg)
if ptr_diff < 0:
return False
if ptr_diff + e.size / 8 <= t.size / 8:
return True
return False
def get_mem_overlapping(self, e, eval_cache={}):
if not isinstance(e, ExprMem):
raise ValueError('mem overlap bad arg')
ov = []
"""
for k in self.pool:
if not isinstance(k, ExprMem):
continue
ex = ExprOp('-', k.arg, e.arg)
ex = expr_simp(self.eval_expr(ex, {}))
if not isinstance(ex, ExprInt):
continue
ptr_diff = int32(ex.arg)
if ptr_diff >=0 and ptr_diff < e.size/8:
ov.append((-ptr_diff, k))
elif ptr_diff <0 and ptr_diff + k.size/8>0:
ov.append((-ptr_diff, k))
"""
# suppose max mem size is 64 bytes, compute all reachable addresses
to_test = []
#comp = {}
#print("FINDING %s" % e)
for i in range(-7, e.size // 8):
ex = expr_simp(
self.eval_expr(e.arg + ExprInt(uint32(i)), eval_cache))
#print("%s %s"%(i, ex))
to_test.append((i, ex))
for i, x in to_test:
if not x in self.pool.pool_mem:
continue
ex = expr_simp(self.eval_expr(e.arg - x, eval_cache))
if not isinstance(ex, ExprInt):
raise ValueError("%s should be ExprInt instead of %s" %
(ex, ex.__class__.__name__))
ptr_diff = int32(ex.arg)
#print("ptrdiff %s %s'%(ptr_diff, i))
if ptr_diff >= self.pool.pool_mem[x][1].get_size() / 8:
#print("too long!")
continue
ov.append((i, self.pool.pool_mem[x][0]))
#"""
"""
print(ov)
if len(ov)>0:
print("XXXX %s" % [(x[0], str(x[1])) for x in ov])
"""
return ov
def substract_mems(self, a, b):
ex = ExprOp('-', b.arg, a.arg)
ex = expr_simp(self.eval_expr(ex, {}))
if not isinstance(ex, ExprInt):
return None
ptr_diff = int(int32(ex.arg))
out = []
if ptr_diff < 0:
# [a ]
#[b ]XXX
sub_size = b.size + ptr_diff * 8
if sub_size >= a.size:
pass
else:
ex = ExprOp('+', a.arg, ExprInt(uint32(sub_size / 8)))
ex = expr_simp(self.eval_expr(ex, {}))
rest_ptr = ex
rest_size = a.size - sub_size
val = self.pool[a][sub_size:a.size]
out = [(ExprMem(rest_ptr, rest_size), val)]
else:
#[a ]
#XXXX[b ]YY
#[a ]
#XXXX[b ]
out = []
#part X
if ptr_diff > 0:
val = self.pool[a][0:ptr_diff * 8]
out.append((ExprMem(a.arg, ptr_diff * 8), val))
#part Y
if ptr_diff * 8 + b.size < a.size:
ex = ExprOp('+', b.arg, ExprInt(uint32(b.size / 8)))
ex = expr_simp(self.eval_expr(ex, {}))
val = self.pool[a][ptr_diff * 8 + b.size:a.size]
out.append((ExprMem(ex, val.get_size()), val))
return out
def p_brackets_4(t):
'''brackets : MINUS NUMBER LBRA expression RBRA'''
if not x86_afs.ad in t[4]:
t[4][x86_afs.ad] = True
t[0] = t[4]
t[0][x86_afs.imm] = - int(int32(uint32(int(t[2]))))
def p_brackets_3(t):
'''brackets : NUMBER LBRA expression RBRA '''
if not x86_afs.ad in t[3]:
t[3][x86_afs.ad] = True
t[0] = t[3]
t[0][x86_afs.imm] = int(int32(uint32(int(t[1]))))
def p_expression_5(t):
'''expression : NUMBER'''
t[0] = {x86_afs.imm:int(int32(uint32(int(t[1]))))}