def _locate_parameter(library, disas, start_idx, target_register, mem_tag): retval = None idx = start_idx while idx > 0: idx -= 1 earlier_insn = disas[idx] _, written = earlier_insn.regs_access() if target_register not in written: continue elif earlier_insn.id != capstone.x86_const.X86_INS_LEA: break # Here we know it was a <lea ..., %rsi>, and these # accesses will mostly be RIP-relative on x86_64 so we only support # <lea xxx(%rip), %rsi> for now. _, val = list(earlier_insn.operands) if val.type == mem_tag and val.value.mem.base == capstone.x86.X86_REG_RIP: straddr = earlier_insn.address + val.value.mem.disp + earlier_insn.size elffile = ELFFile(library.fd) stroff = next(elffile.address_offsets(straddr)) strval = parse_cstring_from_stream(library.fd, stroff) retval = strval.decode('utf-8') break return retval
def __getitem__(self, offset): return parse_cstring_from_stream(self.stream, self.offset + offset)
def test_large2(self): text = self._make_random_bytes(5000) + b'\x00' + b'jujajaja' sio = BytesIO(text) self.assertEqual(parse_cstring_from_stream(sio), text[:5000]) self.assertEqual(parse_cstring_from_stream(sio, 2348), text[2348:5000])
def test_large1(self): text = b'i' * 400 + b'\x00' + b'bb' sio = BytesIO(text) self.assertEqual(parse_cstring_from_stream(sio), b'i' * 400) self.assertEqual(parse_cstring_from_stream(sio, 150), b'i' * 250)
def test_small2(self): sio = BytesIO(b'12345\x006789\x00abcdefg\x00iii') self.assertEqual(parse_cstring_from_stream(sio), b'12345') self.assertEqual(parse_cstring_from_stream(sio, 5), b'') self.assertEqual(parse_cstring_from_stream(sio, 6), b'6789')
def test_small1(self): sio = BytesIO(b'abcdefgh\x0012345') self.assertEqual(parse_cstring_from_stream(sio), b'abcdefgh') self.assertEqual(parse_cstring_from_stream(sio, 2), b'cdefgh') self.assertEqual(parse_cstring_from_stream(sio, 8), b'')