def create_cmp_j_instructions(mode, expr, val, target, kind): cmp_inst = instruction_x86("CMP", mode, [expr, val]) cmp_inst.additional_info = additional_info() cmp_inst.additional_info.g1.value = 0 jz_inst = instruction_x86(kind, mode, [target]) jz_inst.additional_info = additional_info() jz_inst.additional_info.g1.value = 0 return [cmp_inst, jz_inst]
def create_jump_instruction(mode, target): """ :param mode: 32 or 64, depends on architecture :param target: Expr to jump to :return: created instruction """ tmp_ln = instruction_x86("JMP", mode, [target]) tmp_ln.additional_info = additional_info() tmp_ln.additional_info.g1.value = 0 return tmp_ln
def process(self, pending, merging_val, reached_funcs): if len(self.flat_loops) == 0: # add all reached functions for func_addr, possible_merge_vars, loc_key in self.possible_merge_funcs: reached_funcs.add(func_addr) for expr, val in possible_merge_vars: pending.setdefault(func_addr, {}).setdefault(expr, set()).add(val) return None assert len(self.asmcfg.heads()) == 1 # add merging var to the ircfg if self.pad: initial_block_bak = self.ircfg.blocks[LocKey(0)] if merging_val and self.merging_var: asgn_blk = AssignBlock( [ExprAssign(self.merging_var, merging_val)]) else: asgn_blk = AssignBlock() assignblks = tuple( [asgn_blk, *self.ircfg.blocks[LocKey(0)].assignblks]) self.ircfg.blocks[LocKey(0)] = IRBlock(LocKey(0), assignblks) head = self.asmcfg.heads()[0] head_block = self.asmcfg.loc_key_to_block(head) new_head = self._deobfuscate_cff_loops( head_block, self.asmcfg.machine.mn.regs.regs_init) if self.pad: self.ircfg.blocks[LocKey(0)] = initial_block_bak if merging_val and self.merging_var: mode = self.asmcfg.mode fix_dct = { self.asmcfg.machine.mn.regs.regs_init[self.ir_arch.sp]: self.ir_arch.sp } mov = instruction_x86( "MOV", mode, [self.merging_var.replace_expr(fix_dct), merging_val]) mov.additional_info = additional_info() mov.additional_info.g1.value = 0 self.out_asmcfg.loc_key_to_block(LocKey(0)).lines.insert( 0, mov) loc_keys = self.relevant_nodes for func_addr, possible_merge_vars, loc_key in self.possible_merge_funcs: if loc_key in loc_keys: reached_funcs.add(func_addr) for expr, val in possible_merge_vars: pending.setdefault(func_addr, {}).setdefault(expr, set()).add(val) return new_head
def create_nop(mode): nop_inst = instruction_x86("NOP", mode, []) nop_inst.additional_info = additional_info() nop_inst.additional_info.g1.value = 0 return nop_inst
def create_cond_branch_instruction(mode, name, target): tmp_ln = instruction_x86(name, mode, [target]) tmp_ln.additional_info = additional_info() tmp_ln.additional_info.g1.value = 0 return tmp_ln
def create_mov_instruction(mode, dst, src): tmp_ln = instruction_x86("MOV", mode, [dst, src]) tmp_ln.additional_info = additional_info() tmp_ln.additional_info.g1.value = 0 return tmp_ln