def is_address_local(self, obj, structType=None):
"""
Costly , checks if obj is mapped to local memory space.
Returns the memory mapping if found.
False, otherwise.
"""
addr = self.get_pointee_address(obj)
log.debug('get_pointee_address returned %x', addr)
if addr == 0:
return False
# maintain a cache to improve performance.
# if not found in cache, try to reload local process memory space.
# the pointer memory space could have been allocated recently.
# the calling function is most certainly going to fail anyway
if self.__local_process_memory_handler is not None:
ret = self.__local_process_memory_handler.is_valid_address(
obj, structType)
if ret:
return ret
# loading dependencies
from haystack.mappings.process import make_local_memory_handler
memory_handler = make_local_memory_handler()
self.__local_process_memory_handler = memory_handler
return self.__local_process_memory_handler.is_valid_address(
obj, structType)
def test_mmap_hack32(self):
my_target = target.TargetPlatform.make_target_linux_32()
my_ctypes = my_target.get_target_ctypes()
my_utils = my_target.get_target_ctypes_utils()
real_ctypes_long = my_ctypes.get_real_ctypes_member('c_ulong')
fname = os.path.normpath(os.path.abspath(__file__))
fin = open(fname, 'rb')
local_mmap_bytebuffer = mmap.mmap(fin.fileno(),
1024,
access=mmap.ACCESS_READ)
# yeap, that right, I'm stealing the pointer value. DEAL WITH IT.
heapmap = struct.unpack(
'L',
real_ctypes_long.from_address(
id(local_mmap_bytebuffer) + 2 *
(my_ctypes.sizeof(real_ctypes_long))))[0]
log.debug('MMAP HACK: heapmap: 0x%0.8x', heapmap)
maps = make_local_memory_handler(force=True)
# print 'MMAP HACK: heapmap: 0x%0.8x' % heapmap
# for m in maps:
# print m
ret = [m for m in maps if heapmap in m]
# heapmap is a pointer value in local memory
self.assertEqual(len(ret), 1)
# heapmap is a pointer value to this executable?
self.assertEqual(ret[0].pathname, fname)
self.assertIn('CTypesProxy-4:4:12', str(my_ctypes))
fin.close()
fin = None
def test_mmap_hack32(self):
my_target = target.TargetPlatform.make_target_linux_32()
my_ctypes = my_target.get_target_ctypes()
my_utils = my_target.get_target_ctypes_utils()
real_ctypes_long = my_ctypes.get_real_ctypes_member('c_ulong')
fname = os.path.normpath(os.path.abspath(__file__))
fin = file(fname)
local_mmap_bytebuffer = mmap.mmap(fin.fileno(), 1024, access=mmap.ACCESS_READ)
# yeap, that right, I'm stealing the pointer value. DEAL WITH IT.
heapmap = struct.unpack('L', real_ctypes_long.from_address(id(local_mmap_bytebuffer) +
2 * (my_ctypes.sizeof(real_ctypes_long))))[0]
log.debug('MMAP HACK: heapmap: 0x%0.8x', heapmap)
maps = make_local_memory_handler(force=True)
# print 'MMAP HACK: heapmap: 0x%0.8x' % heapmap
# for m in maps:
# print m
ret = [m for m in maps if heapmap in m]
# heapmap is a pointer value in local memory
self.assertEquals(len(ret), 1)
# heapmap is a pointer value to this executable?
self.assertEquals(ret[0].pathname, fname)
self.assertIn('CTypesProxy-4:4:12', str(my_ctypes))
fin.close()
fin = None
def test_is_address_local(self):
my_target = target.TargetPlatform.make_target_platform_local()
my_ctypes = my_target.get_target_ctypes()
my_utils = my_target.get_target_ctypes_utils()
ctypes5_gen64 = haystack.model.import_module_for_target_ctypes("test.src.ctypes5_gen64", my_ctypes)
# kinda chicken and egg here...
# one call
mappings = make_local_memory_handler()
m = mappings.get_mappings()[0]
# struct a - basic types
s = ctypes.sizeof(ctypes5_gen64.struct_a)
a = ctypes5_gen64.struct_a.from_address(m.start)
pa = my_ctypes.c_void_p(m.start)
ptr_a = my_ctypes.POINTER(ctypes5_gen64.struct_a)(a)
b = ctypes5_gen64.struct_a.from_address(m.end - s)
pb = my_ctypes.c_void_p(m.end - s)
ptr_b = my_ctypes.POINTER(ctypes5_gen64.struct_a)(b)
c = ctypes5_gen64.struct_a.from_address(m.end - 1)
pc = my_ctypes.c_void_p(m.end - 1)
ptr_c = my_ctypes.POINTER(ctypes5_gen64.struct_a)(c)
self.assertTrue(my_utils.is_address_local(pa, structType=None))
self.assertTrue(
my_utils.is_address_local(
pa,
structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(ptr_a, structType=None))
self.assertTrue(
my_utils.is_address_local(
ptr_a,
structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(pb, structType=None))
self.assertTrue(
my_utils.is_address_local(
pb,
structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(ptr_b, structType=None))
self.assertTrue(
my_utils.is_address_local(
ptr_b,
structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(pc, structType=None))
self.assertFalse(
my_utils.is_address_local(
pc,
structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(ptr_c, structType=None))
self.assertFalse(
my_utils.is_address_local(
ptr_c,
structType=ctypes5_gen64.struct_a))
def test_is_address_local(self):
my_target = target.TargetPlatform.make_target_platform_local()
my_ctypes = my_target.get_target_ctypes()
my_utils = my_target.get_target_ctypes_utils()
ctypes5_gen64 = haystack.model.import_module_for_target_ctypes(
"test.src.ctypes5_gen64", my_ctypes)
# kinda chicken and egg here...
# one call
mappings = make_local_memory_handler()
m = mappings.get_mappings()[0]
# struct a - basic types
s = ctypes.sizeof(ctypes5_gen64.struct_a)
a = ctypes5_gen64.struct_a.from_address(m.start)
pa = my_ctypes.c_void_p(m.start)
ptr_a = my_ctypes.POINTER(ctypes5_gen64.struct_a)(a)
b = ctypes5_gen64.struct_a.from_address(m.end - s)
pb = my_ctypes.c_void_p(m.end - s)
ptr_b = my_ctypes.POINTER(ctypes5_gen64.struct_a)(b)
c = ctypes5_gen64.struct_a.from_address(m.end - 1)
pc = my_ctypes.c_void_p(m.end - 1)
ptr_c = my_ctypes.POINTER(ctypes5_gen64.struct_a)(c)
self.assertTrue(my_utils.is_address_local(pa, structType=None))
self.assertTrue(
my_utils.is_address_local(pa, structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(ptr_a, structType=None))
self.assertTrue(
my_utils.is_address_local(ptr_a,
structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(pb, structType=None))
self.assertTrue(
my_utils.is_address_local(pb, structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(ptr_b, structType=None))
self.assertTrue(
my_utils.is_address_local(ptr_b,
structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(pc, structType=None))
self.assertFalse(
my_utils.is_address_local(pc, structType=ctypes5_gen64.struct_a))
self.assertTrue(my_utils.is_address_local(ptr_c, structType=None))
self.assertFalse(
my_utils.is_address_local(ptr_c,
structType=ctypes5_gen64.struct_a))
def is_address_local(self, obj, structType=None):
"""
Costly , checks if obj is mapped to local memory space.
Returns the memory mapping if found.
False, otherwise.
"""
addr = self.get_pointee_address(obj)
log.debug('get_pointee_address returned %x',addr)
if addr == 0:
return False
# maintain a cache to improve performance.
# if not found in cache, try to reload local process memory space.
# the pointer memory space could have been allocated recently.
# the calling function is most certainly going to fail anyway
if self.__local_process_memory_handler is not None:
ret = self.__local_process_memory_handler.is_valid_address(obj, structType)
if ret:
return ret
# loading dependencies
from haystack.mappings.process import make_local_memory_handler
memory_handler = make_local_memory_handler()
self.__local_process_memory_handler = memory_handler
return self.__local_process_memory_handler.is_valid_address(obj, structType)
def setUpClass(cls):
cls.memory_handler = process.make_local_memory_handler()
cls.my_target = cls.memory_handler.get_target_platform()
cls.my_model = model.Model(cls.my_target.get_target_ctypes())