def __run_code(self, asm_list, address, ctx_init):
reil_instrs = self.__asm_to_reil(asm_list, address)
_, arm_ctx_out, _ = pyasmjit.arm_execute("\n".join(asm_list), ctx_init)
reil_ctx_out, _ = self.reil_emulator.execute(reil_instrs, start=address << 8, registers=ctx_init)
return arm_ctx_out, reil_ctx_out
def _run_code(self, asm_list, address, ctx_init):
reil_instrs = self._asm_to_reil(asm_list, address)
_, arm_ctx_out, _ = pyasmjit.arm_execute("\n".join(asm_list), ctx_init)
reil_ctx_out, _ = self.reil_emulator.execute(reil_instrs, start=address << 8, registers=ctx_init)
return arm_ctx_out, reil_ctx_out
def test_add(self):
code = """
add r7, r7, r8
"""
ctx_in = {
'r7': 0x1,
'r8': 0x2,
}
rv, ctx_out, _ = pyasmjit.arm_execute(code, ctx_in)
self.assertEqual(0x3, ctx_out['r7'])
def _test_asm_instruction_with_mem(self, asm, reg_mem):
print(asm)
mem_dir = pyasmjit.arm_alloc(4096)
arm_instrs = map(self.arm_parser.parse, asm)
self.__set_address(0xdeadbeef, arm_instrs)
reil_instrs = map(self.arm_translator.translate, arm_instrs)
ctx_init = self.__init_context()
ctx_init[reg_mem] = mem_dir
arm_rv, arm_ctx_out, arm_mem_out = pyasmjit.arm_execute(
"\n".join(asm), ctx_init)
self.reil_emulator._mem._memory = {
} # TODO: Check how to clean emulator memory.
reil_ctx_out, reil_mem_out = self.reil_emulator.execute(
reil_instrs, 0xdeadbeef << 8, context=ctx_init)
base_dir = mem_dir
for idx, b in enumerate(
struct.unpack("B" * len(arm_mem_out), arm_mem_out)):
if (
base_dir + idx
) in reil_mem_out._memory: # TODO: Don't access variable directly.
self.assertTrue(b == reil_mem_out._memory[base_dir + idx])
else:
self.assertTrue(
b == 0x0) # Memory in pyasmjit is initialized to 0
cmp_result = self.__compare_contexts(ctx_init, arm_ctx_out,
reil_ctx_out)
if not cmp_result:
self.__save_failing_context(ctx_init)
self.assertTrue(
cmp_result,
self.__print_contexts(ctx_init, arm_ctx_out, reil_ctx_out))
pyasmjit.arm_free(
) # There is only one memory pool, so there is no need (for now) to specify the address
def __test_asm_instruction_with_mem(self, asm_list, address_register):
# TODO: Merge with previous test function.
mem_addr = pyasmjit.arm_alloc(4096)
self.reil_emulator.reset()
reil_instrs = self.__asm_to_reil(asm_list, 0xdeadbeef)
ctx_init = self.__init_context()
ctx_init[address_register] = mem_addr
_, arm_ctx_out, arm_mem_out = pyasmjit.arm_execute(
"\n".join(asm_list), ctx_init)
reil_ctx_out, reil_mem_out = self.reil_emulator.execute(
reil_instrs, 0xdeadbeef << 8, registers=ctx_init)
base_addr = mem_addr
for idx, b in enumerate(
struct.unpack("B" * len(arm_mem_out), arm_mem_out)):
addr = base_addr + idx
# TODO: Don't access variable directly.
if addr in reil_mem_out._memory:
self.assertTrue(b == reil_mem_out.read(addr, 1))
else:
# Memory in pyasmjit is initialized to 0.
self.assertTrue(b == 0x0)
cmp_result = self.__compare_contexts(ctx_init, arm_ctx_out,
reil_ctx_out)
if not cmp_result:
self.__save_failing_context(ctx_init)
self.assertTrue(
cmp_result,
self.__print_contexts(ctx_init, arm_ctx_out, reil_ctx_out))
# NOTE: There is only one memory pool, so there is no need
# (for now) to specify the address.
pyasmjit.arm_free()
def _test_asm_instruction_with_mem(self, asm, reg_mem):
print(asm)
mem_dir = pyasmjit.arm_alloc(4096)
arm_instrs = map(self.arm_parser.parse, asm)
self.__set_address(0xdeadbeef, arm_instrs)
reil_instrs = map(self.arm_translator.translate, arm_instrs)
ctx_init = self.__init_context()
ctx_init[reg_mem] = mem_dir
arm_rv, arm_ctx_out, arm_mem_out = pyasmjit.arm_execute("\n".join(asm), ctx_init)
self.reil_emulator._mem._memory = {} # TODO: Check how to clean emulator memory.
reil_ctx_out, reil_mem_out = self.reil_emulator.execute(
reil_instrs,
0xdeadbeef << 8,
context=ctx_init
)
base_dir = mem_dir
for idx, b in enumerate(struct.unpack("B" * len(arm_mem_out), arm_mem_out)):
if (base_dir + idx) in reil_mem_out._memory: # TODO: Don't access variable directly.
self.assertTrue(b == reil_mem_out._memory[base_dir + idx])
else:
self.assertTrue(b == 0x0) # Memory in pyasmjit is initialized to 0
cmp_result = self.__compare_contexts(ctx_init, arm_ctx_out, reil_ctx_out)
if not cmp_result:
self.__save_failing_context(ctx_init)
self.assertTrue(cmp_result, self.__print_contexts(ctx_init, arm_ctx_out, reil_ctx_out))
pyasmjit.arm_free() # There is only one memory pool, so there is no need (for now) to specify the address
def __test_asm_instruction_with_mem(self, asm_list, address_register):
# TODO: Merge with previous test function.
mem_addr = pyasmjit.arm_alloc(4096)
self.reil_emulator.reset()
reil_instrs = self.__asm_to_reil(asm_list, 0xdeadbeef)
ctx_init = self.__init_context()
ctx_init[address_register] = mem_addr
_, arm_ctx_out, arm_mem_out = pyasmjit.arm_execute("\n".join(asm_list), ctx_init)
reil_ctx_out, reil_mem_out = self.reil_emulator.execute(reil_instrs, 0xdeadbeef << 8, registers=ctx_init)
base_addr = mem_addr
for idx, b in enumerate(struct.unpack("B" * len(arm_mem_out), arm_mem_out)):
addr = base_addr + idx
# TODO: Don't access variable directly.
if addr in reil_mem_out._memory:
self.assertTrue(b == reil_mem_out.read(addr, 1))
else:
# Memory in pyasmjit is initialized to 0.
self.assertTrue(b == 0x0)
cmp_result = self.__compare_contexts(ctx_init, arm_ctx_out, reil_ctx_out)
if not cmp_result:
self.__save_failing_context(ctx_init)
self.assertTrue(cmp_result, self.__print_contexts(ctx_init, arm_ctx_out, reil_ctx_out))
# NOTE: There is only one memory pool, so there is no need
# (for now) to specify the address.
pyasmjit.arm_free()
def _test_asm_instruction(self, asm):
print(asm)
arm_instrs = map(self.arm_parser.parse, asm)
self.__set_address(0xdeadbeef, arm_instrs)
reil_instrs = map(self.arm_translator.translate, arm_instrs)
ctx_init = self.__init_context()
arm_rv, arm_ctx_out, _ = pyasmjit.arm_execute("\n".join(asm), ctx_init)
reil_ctx_out, reil_mem_out = self.reil_emulator.execute(
reil_instrs, 0xdeadbeef << 8, context=ctx_init)
cmp_result = self.__compare_contexts(ctx_init, arm_ctx_out,
reil_ctx_out)
if not cmp_result:
self.__save_failing_context(ctx_init)
self.assertTrue(
cmp_result,
self.__print_contexts(ctx_init, arm_ctx_out, reil_ctx_out))
def _test_asm_instruction(self, asm):
print(asm)
arm_instrs = map(self.arm_parser.parse, asm)
self.__set_address(0xdeadbeef, arm_instrs)
reil_instrs = map(self.arm_translator.translate, arm_instrs)
ctx_init = self.__init_context()
arm_rv, arm_ctx_out, _ = pyasmjit.arm_execute("\n".join(asm), ctx_init)
reil_ctx_out, reil_mem_out = self.reil_emulator.execute(
reil_instrs,
0xdeadbeef << 8,
context=ctx_init
)
cmp_result = self.__compare_contexts(ctx_init, arm_ctx_out, reil_ctx_out)
if not cmp_result:
self.__save_failing_context(ctx_init)
self.assertTrue(cmp_result, self.__print_contexts(ctx_init, arm_ctx_out, reil_ctx_out))
movs r8, r2, lsl #31
mov r7, #0x7FFFFFFF
mov r8, #0x7FFFFFFF
adds r7, r7, r8
#subs r10, r10, #0xFFFFFFFF
"""
context_in = {
'r0': 0x0,
'r1': 0x1,
'r2': 0x2,
'r3': 0x3,
'r4': 0x4,
'r5': 0x5,
'r6': 0x6,
'r7': 0x7,
'r8': 0x8,
'r9': 0x9,
'r10': 0xa,
'r11': 0xb,
'r12': 0xc,
'apsr': 0x0,
}
print code
print context_in
rv, context_out, mem = pyasmjit.arm_execute(code, context_in)
print context_out
movs r8, r2, lsl #31
mov r7, #0x7FFFFFFF
mov r8, #0x7FFFFFFF
adds r7, r7, r8
#subs r10, r10, #0xFFFFFFFF
"""
context_in = {
'r0' : 0x0,
'r1' : 0x1,
'r2' : 0x2,
'r3' : 0x3,
'r4' : 0x4,
'r5' : 0x5,
'r6' : 0x6,
'r7' : 0x7,
'r8' : 0x8,
'r9' : 0x9,
'r10' : 0xa,
'r11' : 0xb,
'r12' : 0xc,
'apsr' : 0x0,
}
print code
print context_in
rv, context_out, mem = pyasmjit.arm_execute(code, context_in)
print context_out
