def _add_vmt_methods(bv: BinaryView, vmt: DelphiVMT, out_struct: types.Structure) -> bool: offset_ptr_size = vmt.offset_ptr_size if not vmt.seek_to_vmt_offset(vmt.vmt_offsets.cVmtParent + offset_ptr_size): return False for _ in range(len(vmt.virtual_methods)): value = vmt.read_ptr() if value == 0: continue if value not in vmt.virtual_methods: prev_offset = vmt.br_offset - offset_ptr_size raise RuntimeError( f'Invalid method address detected at 0x{prev_offset:08x} ({vmt.class_name})') # Create function if not exists if bv.get_function_at(value) is None: bv.create_user_function(value) function = bv.get_function_at(value) # Set method name if not already set function_name = function.name method_name = vmt.virtual_methods[value] if function_name.startswith('sub_'): bv.define_user_symbol(Symbol( SymbolType.FunctionSymbol, value, method_name )) # Add field to structure field_type = Type.pointer( bv.arch, Type.function( function.return_type, [(Type.void() if x.type is None else x.type) for x in function.parameter_vars], function.calling_convention ) ) field_name = method_name.split('.')[-1] out_struct.append(field_type, field_name) return True
) if sign_bit: full_width_value |= full_width_mask ^ ((1 << ((size + offset) * 8)) - 1) self._state.regs[full_width_reg] = full_width_value if __name__ == '__main__': bv = BinaryView() # bv.write(0, b'\x89\xd8\x90\x90\x90') # bv.write(0, b'\xb8\x01\x00\x00\x00') bv.write(0, b'\x01 \xa0\xe3') # bv.platform = Architecture['x86'].standalone_platform bv.platform = Architecture['armv7'].standalone_platform bv.create_user_function(0) bv.update_analysis_and_wait() function = bv.get_function_at(0) emu = InstructionEmulator(bv, {'r2': 1337}) print(emu._state.regs) emu.execute(function.llil[0]) print(emu._state.regs)