def make_function_at(static, addr): if static[addr]['function'] != None: # already function return rc = static.r2core rc.cmd("af @ %d" % (addr, )) this_function = Function(addr) static['functions'].add(this_function) info = rc.cmd_json("afj %d" % (addr, ))[0] callrefs = info['callrefs'] for ref in callrefs: if ref["type"] == "J": static[ref['addr']]['crefs'].add(addr) if ref["type"] == "C": static[ref['addr']]['xrefs'].add(addr) function_details = rc.cmd_json("pdfj @ %d" % addr) if function_details['addr'] == addr: for opcode in function_details['ops']: static[opcode['offset']]['function'] = this_function i = static[opcode['offset']]['instruction'] addr_re = re.compile(r'\| (0x[a-f0-9]+) ') blocks = rc.cmd_json("agj %d" % addr)[0]['blocks'] for block in blocks: this_block = Block(block['offset']) this_function.add_block(this_block) for op in block['ops']: address = op['offset'] this_block.add(address) static[address]['block'] = this_block static['blocks'].add(this_block)
def make_function_at(static, addr): if static[addr]["function"] != None: # already function return rc = static.r2core rc.cmd("af @ %d" % (addr,)) this_function = Function(addr) static["functions"].add(this_function) info = rc.cmd_json("afj %d" % (addr,))[0] callrefs = info["callrefs"] for ref in callrefs: if ref["type"] == "J": static[ref["addr"]]["crefs"].add(addr) if ref["type"] == "C": static[ref["addr"]]["xrefs"].add(addr) function_details = rc.cmd_json("pdfj @ %d" % addr) if function_details["addr"] == addr: for opcode in function_details["ops"]: static[opcode["offset"]]["function"] = this_function i = static[opcode["offset"]]["instruction"] addr_re = re.compile(r"\| (0x[a-f0-9]+) ") blocks = rc.cmd_json("agj %d" % addr)[0]["blocks"] for block in blocks: this_block = Block(block["offset"]) this_function.add_block(this_block) for op in block["ops"]: address = op["offset"] this_block.add(address) static[address]["block"] = this_block static["blocks"].add(this_block)
def make_function_at(static, addr): if static[addr]['function'] != None: # already function return rc = static.r2core rc.cmd("af @ %d" % (addr,)) this_function = Function(addr) static['functions'].add(this_function) info = rc.cmd_json("afj %d" % (addr,))[0] callrefs = info['callrefs'] for ref in callrefs: if ref["type"] == "J": static[ref['addr']]['crefs'].add(addr) if ref["type"] == "C": static[ref['addr']]['xrefs'].add(addr) function_details = rc.cmd_json("pdfj @ %d" % addr) if function_details['addr'] == addr: for opcode in function_details['ops']: static[opcode['offset']]['function'] = this_function i = static[opcode['offset']]['instruction'] addr_re = re.compile(r'\| (0x[a-f0-9]+) ') blocks = rc.cmd_json("agj %d" % addr)[0]['blocks'] for block in blocks: this_block = Block(block['offset']) this_function.add_block(this_block) addresses = addr_re.findall(block['code']) for address in addresses: address = int(address[2:],16) this_block.add(address) static[address]['block'] = this_block static['blocks'].add(this_block)
def make_function_at(static, address, recurse=True): if static[address]['function'] != None: # already function return start = time.time() block_starts = set([address]) function_starts = set() this_function = Function(address) static['functions'].add(this_function) def disassemble(address): raw = static.memory(address, 0x10) d = static[address]['instruction'] static[address]['function'] = this_function for (c, flag) in d.dests(): if flag == DESTTYPE.call: static._auto_update_name(c, "sub_%x" % (c)) function_starts.add(c) #print "%s %x is in %x xrefs" % (d,address, c) static[c]['xrefs'].add(address) # add this to the potential function boundary starts continue if c != address + d.size(): #print "%s %x is in %x crefs" % (d,address, c) static[c]['crefs'].add(address) static._auto_update_name(c, "loc_%x" % (c)) block_starts.add(c) #if we come after a jump and are an implicit xref, we are the start #of a new block elif d.is_jump() and not d.is_call(): static._auto_update_name(c, "loc_%x" % (c)) block_starts.add(c) return d.dests() # recursive descent pass pending = Queue.Queue() done = set() pending.put(address) while not pending.empty(): dests = disassemble(pending.get()) for (d, flag) in dests: if flag == DESTTYPE.call: #this will get handled in the function pass continue if d not in done: pending.put(d) done.add(d) if (time.time() - start) > 0.01: time.sleep(0.01) start = time.time() #print map(hex, done) # block finding pass for b in block_starts: this_block = Block(b) this_function.add_block(this_block) address = b i = static[address]['instruction'] while not i.is_ending() and i.size() != 0: if address + i.size() in block_starts: break address += i.size() i = static[address]['instruction'] this_block.add(address) static[address]['block'] = this_block if (time.time() - start) > 0.01: time.sleep(0.01) start = time.time() static['blocks'].add(this_block) # find more functions if recurse: for f in function_starts: if static[f]['function'] == None: make_function_at(static, f)
def make_function_at(static, address, recurse = True): if static['arch'] != "i386" and static['arch'] != "x86-64": print "*** static only works with x86(_64), someone should fix it" return if static[address]['function'] != None: # already function return block_starts = set([address]) function_starts = set() this_function = Function(address) static['functions'].add(this_function) def disassemble(address): raw = static.memory(address, 0x10) d = static[address]['instruction'] static[address]['function'] = this_function for (c,flag) in d.dests(): if flag == DESTTYPE.call: static._auto_update_name(c,"sub_%x"%(c)) function_starts.add(c) #print "%s %x is in %x xrefs" % (d,address, c) static[c]['xrefs'].add(address) # add this to the potential function boundary starts continue if c != address + d.size(): #print "%s %x is in %x crefs" % (d,address, c) static[c]['crefs'].add(address) static._auto_update_name(c,"loc_%x"%(c)) block_starts.add(c) #if we come after a jump and are an implicit xref, we are the start #of a new block elif d.is_jump(): static._auto_update_name(c,"loc_%x"%(c)) block_starts.add(c) return d.dests() # recursive descent pass pending = Queue.Queue() done = set() pending.put(address) while not pending.empty(): dests = disassemble(pending.get()) for (d,flag) in dests: if flag == DESTTYPE.call: #this will get handled in the function pass continue if d not in done: pending.put(d) done.add(d) #print map(hex, done) # block finding pass for b in block_starts: this_block = Block(b) this_function.add_block(this_block) address = b i = static[address]['instruction'] while not i.is_ending() and i.size() != 0: if address + i.size() in block_starts: break address += i.size() i = static[address]['instruction'] this_block.add(address) static[address]['block'] = this_block static['blocks'].add(this_block) # find more functions for f in function_starts: if static[f]['function'] == None: make_function_at(static, f)