def buildPathGraph():
g = vg_gcore.Graph()
n0 = g.addNode()
n1 = g.addNode()
n2 = g.addNode()
n3 = g.addNode()
n4 = g.addNode()
g.addEdge(n0, n1)
g.addEdge(n0, n2)
g.addEdge(n1, n3)
g.addEdge(n1, n4)
return g, n0, n4
def test_visgraph_subcluster(self):
g = v_graphcore.Graph()
a = g.addNode('a')
b = g.addNode('b')
c = g.addNode('c')
d = g.addNode('d')
e = g.addNode('e')
r = g.addNode('f')
g.addEdgeByNids('a', 'b')
g.addEdgeByNids('a', 'c')
g.addEdgeByNids('d', 'e')
g.addEdgeByNids('d', 'f')
subs = g.getClusterGraphs()
self.assertEqual(len(subs), 2)
subtests = [set(['a', 'b', 'c']), set(['d', 'e', 'f'])]
for sub in subs:
if sub.getNode('a'):
self.assertIsNone(sub.getNode('d'))
self.assertIsNone(sub.getNode('e'))
self.assertIsNone(sub.getNode('f'))
akids = [edge[2] for edge in sub.getRefsFromByNid('a')]
self.assertTrue('b' in akids)
self.assertTrue('c' in akids)
elif sub.getNode('d'):
self.assertIsNone(sub.getNode('a'))
self.assertIsNone(sub.getNode('b'))
self.assertIsNone(sub.getNode('c'))
dkids = [edge[2] for edge in sub.getRefsFromByNid('d')]
self.assertTrue('e' in dkids)
self.assertTrue('f' in dkids)
else:
raise Exception('Invalid SubCluster!')
def test_visgraph_nodeprops(self):
g = v_graphcore.Graph()
a = g.addNode('a')
g.setNodeProp(a, 'foo', 'bar')
self.assertEqual(a[1].get('foo'), 'bar')
self.assertTrue(a in g.getNodesByProp('foo'))
self.assertTrue(a in g.getNodesByProp('foo', 'bar'))
self.assertFalse(a in g.getNodesByProp('foo', 'blah'))
g.delNodeProp(a, 'foo')
self.assertFalse(a in g.getNodesByProp('foo'))
self.assertFalse(a in g.getNodesByProp('foo', 'bar'))
self.assertIsNone(a[1].get('foo'))
def test_visgraph_edgeprops(self):
g = v_graphcore.Graph()
a = g.addNode('a')
b = g.addNode('b')
e = g.addEdge(a, b)
g.setEdgeProp(e, 'foo', 'bar')
self.assertEqual(e[3].get('foo'), 'bar')
self.assertTrue(e in g.getEdgesByProp('foo'))
self.assertTrue(e in g.getEdgesByProp('foo', 'bar'))
self.assertFalse(e in g.getEdgesByProp('foo', 'blah'))
g.delEdgeProp(e, 'foo')
self.assertFalse(e in g.getEdgesByProp('foo'))
self.assertFalse(e in g.getEdgesByProp('foo', 'bar'))
self.assertIsNone(e[3].get('foo'))
def test_visgraph_formnode(self):
g = v_graphcore.Graph()
def wootctor(n):
g.setNodeProp(n, 'lul', 1)
n1 = g.formNode('woot', 10, ctor=wootctor)
self.assertEqual(n1[1].get('lul'), 1)
g.setNodeProp(n1, 'lul', 2)
g.setNodeProp(n1, 'foo', 'bar')
n2 = g.formNode('woot', 20, ctor=wootctor)
n3 = g.formNode('woot', 10, ctor=wootctor)
self.assertEqual(n1[0], n3[0])
self.assertEqual(n1[1].get('lul'), 2)
self.assertEqual(n3[1].get('foo'), 'bar')
self.assertNotEqual(n1[0], n2[0])
def analyze(vw):
logger.info('...analyzing pointers.')
done = {}
# Let's analyze Relocations we know are pointers
for rva, rtype in vw.reloc_by_va.items():
if rtype != RTYPE_BASEPTR:
continue
for xfr, xto, xtype, xinfo in vw.getXrefsFrom(rva):
logger.debug('pointer(1): 0x%x -> 0x%x', xfr, xto)
vw.analyzePointer(xto)
done[xfr] = xto
# Now, we'll analyze the pointers placed by the file wrapper (ELF, PE, MACHO, etc...)
for pva, tva, fname, pname in vw.getVaSetRows('PointersFromFile'):
if vw.getLocation(pva) is None:
if tva is None:
logger.debug('making pointer(2) 0x%x (%r)', pva, pname)
else:
logger.debug('making pointer(2) 0x%x -> 0x%x (%r)', pva, tva,
pname)
vw.makePointer(pva, tva, follow=True)
done[pva] = tva
for lva, lsz, lt, li in vw.getLocations(LOC_POINTER):
tva = vw.readMemoryPtr(lva)
if not vw.isValidPointer(tva):
continue
if vw.getLocation(tva) is not None:
# event if it's a pointer, we may not have made a name for it
if vw.getName(lva) is None:
done[lva] = tva
continue
logger.debug('following previously discovered pointer 0x%x -> 0x%x',
lva, tva)
try:
logger.debug('pointer(3): 0x%x -> 0x%x', lva, tva)
vw.followPointer(tva)
done[lva] = tva
except Exception as e:
logger.error(
'followPointer() failed for 0x%.8x (pval: 0x%.8x) (err: %s)',
lva, tva, e)
# Now, lets find likely free-hanging pointers
for addr, pval in vw.findPointers():
if vw.isDeadData(pval):
continue
try:
logger.debug('pointer(4): 0x%x -> 0x%x', addr, pval)
vw.makePointer(addr, follow=True)
done[addr] = pval
except Exception as e:
logger.error(
'makePointer() failed for 0x%.8x (pval: 0x%.8x) (err: %s)',
addr, pval, e)
# link the possible pointers up
pgraph = g_core.Graph()
while done:
ptr, tgt = done.popitem()
try:
pgraph.addNode(ptr)
except g_exc.DuplicateNode:
pass
try:
pgraph.addNode(tgt)
except g_exc.DuplicateNode:
pass
pgraph.addEdgeByNids(ptr, tgt)
leafs = [node for node in pgraph.getNodes() if pgraph.isLeafNode(node)]
for leaf in leafs:
va, props = leaf
name = vw.getName(va)
# if there's not a name at the bottom, not work making ptr names
if not name:
continue
links = [(ptr, tgt)
for edge, ptr, tgt, props in pgraph.getRefsToByNid(va)]
while links:
ptr, tgt = links.pop(0)
pname = vw.getName(ptr)
if pname:
continue
if not vw.isLocType(ptr, LOC_POINTER):
continue
tgtname = vw.getName(tgt)
if tgtname:
name = vw._addNamePrefix(tgtname, tgt, 'ptr',
'_') + '_%.8x' % ptr
logger.debug('0x%x: adding name prefix: %r (%r)', tgt,
tgtname, name)
vw.makeName(ptr, name)
for edge, n1, n2, props in pgraph.getRefsToByNid(ptr):
links.append((n1, n2))
self._v_nodecol = NodeColumn(vg, nodes, self.scene())
self._v_vg = vg
if __name__ == '__main__':
import sys
import visgraph.graphcore as vg_graphcore
app = QtGui.QApplication(sys.argv)
app.setFont(QtGui.QFont('Courier'))
initnodes = [(i, {'repr': 'node%d' % i}) for i in xrange(30)]
# Build up a fake graph
vg = vg_graphcore.Graph()
for nid, nprops in initnodes:
vg.addNode(nodeid=nid, repr='node %d' % nid)
for nid, nprops in initnodes:
for knid, knprops in initnodes:
if nid == knid:
continue
vg.addEdge(nid, knid)
win = QGraphTreeView(vg, initnodes, parent=None)
win.show()
app.exec_()
def __init__(self, graph=None):
cmd.Cmd.__init__(self)
if graph is None:
graph = vg_gcore.Graph()
self.graph = graph
