Esempio n. 1
0
def getinstructions(forknum, clnum, clstart, clend):
  trace = program.traces[forknum]
  slce = qira_analysis.slice(trace, clnum)
  ret = []
  for i in range(clstart, clend):
    rret = trace.db.fetch_changes_by_clnum(i, 1)
    if len(rret) == 0:
      continue
    else:
      rret = rret[0]

    if rret['address'] in program.instructions:
      # fetch the instruction from the qemu dump
      rret['instruction'] = program.instructions[rret['address']]
    else:
      # otherwise use the memory
      rawins = trace.fetch_memory(i, rret['address'], rret['data'])
      if len(rawins) == rret['data']:
        raw = ''.join(map(lambda x: chr(x[1]), sorted(rawins.items())))
        rret['instruction'] = program.disasm(raw, rret['address'])

    if rret['address'] in program.dwarves:
      rret['comment'] = program.dwarves[rret['address']][2]
    if i in slce:
      rret['slice'] = True
    else:
      rret['slice'] = False
    # for numberless javascript
    rret['address'] = ghex(rret['address'])
    try:
      rret['depth'] = trace.dmap[i]
    except:
      rret['depth'] = 0
    ret.append(rret)
  emit('instructions', ret)
Esempio n. 2
0
def getinstructions(forknum, clnum, clstart, clend):
    trace = program.traces[forknum]
    slce = qira_analysis.slice(trace, clnum)
    ret = []
    for i in range(clstart, clend):
        rret = trace.db.fetch_changes_by_clnum(i, 1)
        if len(rret) == 0:
            continue
        else:
            rret = rret[0]

        if rret['address'] in program.instructions:
            # fetch the instruction from the qemu dump
            rret['instruction'] = program.instructions[rret['address']]
        else:
            # otherwise use the memory
            rawins = trace.fetch_memory(i, rret['address'], rret['data'])
            if len(rawins) == rret['data']:
                raw = ''.join(map(lambda x: chr(x[1]), sorted(rawins.items())))
                rret['instruction'] = program.disasm(raw, rret['address'])

        if rret['address'] in program.dwarves:
            rret['comment'] = program.dwarves[rret['address']][2]
        if i in slce:
            rret['slice'] = True
        else:
            rret['slice'] = False
        # for numberless javascript
        rret['address'] = ghex(rret['address'])
        try:
            rret['depth'] = trace.dmap[i]
        except:
            rret['depth'] = 0
        ret.append(rret)
    emit('instructions', ret)
Esempio n. 3
0
def getinstructions(forknum, clnum, clstart, clend):
  trace = program.traces[forknum]
  slce = qira_analysis.slice(trace, clnum)
  ret = []
  for i in range(clstart, clend):
    rret = trace.db.fetch_changes_by_clnum(i, 1)
    if len(rret) == 0:
      continue
    else:
      rret = rret[0]

    #ned: always use program.disasm if possible for smarter
    #representation of instruction
    if qira_config.WITH_CAPSTONE or 'instruction' not in program.tags[rret['address']]:
      try:
        # use the memory
        rawins = trace.fetch_memory(i, rret['address'], rret['data'])
        if len(rawins) == rret['data']:
          raw = ''.join(map(lambda x: chr(x[1]), sorted(rawins.items())))
          try:
            thumb = program.tags[rret['address']]['thumb']
          except KeyError:
            thumb = False
          insdata = program.disasm(raw, rret['address'], thumb)
        else:
          raise Exception("lack of swag")
      except Exception,e:
        print "getinstructions failed: {}".format(sys.exc_info()[0]), e
        # fetch the instruction from the qemu dump
        insdata = {"repr": program.tags[rret['address']]['instruction']}
    else:
      insdata = {"repr": program.tags[rret['address']]['instruction']}

    #if the capstone disas succeeded, besides repr we'll have:
    #mnemonic, op_str, regs_read, regs_write if applicable
    #we can use these on the frontend somehow - pass as JSON?
    #some other arch specific stuff may also be available if desired
    rret['instruction'] = insdata['repr']
    
    if 'name' in program.tags[rret['address']]:
      #print "setting name"
      rret['name'] = program.tags[rret['address']]['name']
    if 'comment' in program.tags[rret['address']]:
      rret['comment'] = program.tags[rret['address']]['comment']
    elif rret['address'] in program.dwarves:
      rret['comment'] = program.dwarves[rret['address']][2]
    if i in slce:
      rret['slice'] = True
    else:
      rret['slice'] = False
    # for numberless javascript
    rret['address'] = ghex(rret['address'])
    try:
      rret['depth'] = trace.dmap[i - trace.minclnum]
    except:
      rret['depth'] = 0
    ret.append(rret)
Esempio n. 4
0
def getinstructions(forknum, clnum, clstart, clend):
  trace = program.traces[forknum]
  slce = qira_analysis.slice(trace, clnum)
  ret = []
  for i in range(clstart, clend):
    rret = trace.db.fetch_changes_by_clnum(i, 1)
    if len(rret) == 0:
      continue
    else:
      rret = rret[0]

    #ned: always use program.disasm if possible for smarter
    #representation of instruction
    if qira_config.WITH_CAPSTONE or 'instruction' not in program.tags[rret['address']]:
      try:
        # use the memory
        rawins = trace.fetch_memory(i, rret['address'], rret['data'])
        if len(rawins) == rret['data']:
          raw = ''.join(map(lambda x: chr(x[1]), sorted(rawins.items())))
          insdata = program.disasm(raw, rret['address'])
        else:
          raise Exception("lack of swag")
      except Exception,e:
        # fetch the instruction from the qemu dump
        insdata = {"repr": program.tags[rret['address']]['instruction']}
    else:
      insdata = {"repr": program.tags[rret['address']]['instruction']}

    #if the capstone disas succeeded, besides repr we'll have:
    #mnemonic, op_str, regs_read, regs_write if applicable
    #we can use these on the frontend somehow - pass as JSON?
    #some other arch specific stuff may also be available if desired
    rret['instruction'] = insdata['repr']
    
    if 'name' in program.tags[rret['address']]:
      #print "setting name"
      rret['name'] = program.tags[rret['address']]['name']
    if 'comment' in program.tags[rret['address']]:
      rret['comment'] = program.tags[rret['address']]['comment']
    elif rret['address'] in program.dwarves:
      rret['comment'] = program.dwarves[rret['address']][2]
    if i in slce:
      rret['slice'] = True
    else:
      rret['slice'] = False
    # for numberless javascript
    rret['address'] = ghex(rret['address'])
    try:
      rret['depth'] = trace.dmap[i - trace.minclnum]
    except:
      rret['depth'] = 0
    ret.append(rret)
Esempio n. 5
0
def slice(forknum, clnum):
  trace = program.traces[forknum]
  data = qira_analysis.slice(trace, clnum)
  print "slice",forknum,clnum, data
  emit('slice', forknum, data);
Esempio n. 6
0
def getinstructions(forknum, clnum, clstart, clend):
  trace = program.traces[forknum]
  slce = qira_analysis.slice(trace, clnum)
  ret = []

  def get_instruction(i):
    rret = trace.db.fetch_changes_by_clnum(i, 1)
    if len(rret) == 0:
      return None
    else:
      rret = rret[0]

    instr = program.static[rret['address']]['instruction']
    rret['instruction'] = str(instr)

    # check if static fails at this
    if rret['instruction'] == "":
      # TODO: wrong place to get the arch
      arch = program.static[rret['address']]['arch']

      # we have the address and raw bytes, disassemble
      raw = trace.fetch_raw_memory(i, rret['address'], rret['data'])
      rret['instruction'] = str(model.Instruction(raw, rret['address'], arch))

    #display_call_args calls make_function_at
    if qira_config.WITH_STATIC:
      if instr.is_call():
        args = qira_analysis.display_call_args(instr,trace,i)
        if args != "":
          rret['instruction'] += " {"+args+"}"

    if 'name' in program.static[rret['address']]:
      #print "setting name"
      rret['name'] = program.static[rret['address']]['name']
    if 'comment' in program.static[rret['address']]:
      rret['comment'] = program.static[rret['address']]['comment']

    if i in slce:
      rret['slice'] = True
    else:
      rret['slice'] = False
    # for numberless javascript
    rret['address'] = ghex(rret['address'])
    try:
      rret['depth'] = trace.dmap[i - trace.minclnum]
    except:
      rret['depth'] = 0

    # hack to only display calls
    if True or instr.is_call():
    #if instr.is_call():
      return rret
    else:
      return None

  top = []
  clcurr = clnum-1
  while len(top) != (clnum - clstart) and clcurr >= 0:
    rret = get_instruction(clcurr)
    if rret != None:
      top.append(rret)
    clcurr -= 1

  clcurr = clnum
  while len(ret) != (clend - clnum) and clcurr <= clend:
    rret = get_instruction(clcurr)
    if rret != None:
      ret.append(rret)
    clcurr += 1

  ret = top[::-1] + ret
  emit('instructions', ret)
Esempio n. 7
0
def slice(forknum, clnum):
  trace = program.traces[forknum]
  data = qira_analysis.slice(trace, clnum)
  print "slice",forknum,clnum, data
  emit('slice', forknum, data);
Esempio n. 8
0
def getinstructions(forknum, clnum, clstart, clend):
  trace = program.traces[forknum]
  slce = qira_analysis.slice(trace, clnum)
  ret = []

  def get_instruction(i):
    rret = trace.db.fetch_changes_by_clnum(i, 1)
    if len(rret) == 0:
      return None
    else:
      rret = rret[0]

    instr = program.static[rret['address']]['instruction']
    rret['instruction'] = str(instr)

    # check if static fails at this
    if rret['instruction'] == "":
      # TODO: wrong place to get the arch
      arch = program.static[rret['address']]['arch']

      # we have the address and raw bytes, disassemble
      raw = trace.fetch_raw_memory(i, rret['address'], rret['data'])
      rret['instruction'] = str(model.Instruction(raw, rret['address'], arch))

    #display_call_args calls make_function_at
    if qira_config.WITH_STATIC:
      if instr.is_call():
        args = qira_analysis.display_call_args(instr,trace,i)
        if args != "":
          rret['instruction'] += " {"+args+"}"

    if 'name' in program.static[rret['address']]:
      #print "setting name"
      rret['name'] = program.static[rret['address']]['name']
    if 'comment' in program.static[rret['address']]:
      rret['comment'] = program.static[rret['address']]['comment']

    if i in slce:
      rret['slice'] = True
    else:
      rret['slice'] = False
    # for numberless javascript
    rret['address'] = ghex(rret['address'])
    try:
      rret['depth'] = trace.dmap[i - trace.minclnum]
    except:
      rret['depth'] = 0

    # hack to only display calls
    if True or instr.is_call():
    #if instr.is_call():
      return rret
    else:
      return None

  top = []
  clcurr = clnum-1
  while len(top) != (clnum - clstart) and clcurr >= 0:
    rret = get_instruction(clcurr)
    if rret != None:
      top.append(rret)
    clcurr -= 1

  clcurr = clnum
  while len(ret) != (clend - clnum) and clcurr <= clend:
    rret = get_instruction(clcurr)
    if rret != None:
      ret.append(rret)
    clcurr += 1

  ret = top[::-1] + ret
  emit('instructions', ret)