def free(everything): global low,high #print "FREE " + hex(everything['arg_0']) addr = everything['arg_0'] if addr == 0: return size = pin.get_pointer(pin.get_pointer(everything['reg_gdi'])-guard_size) free_list.append((addr,size+guard_size)) if low == -1: low = addr high = addr+size+guard_size pin.set_pointer(everything['reg_gdi'], 0)
def realloc_before(everything): global last_allocated_size global hit, real if hit == 1: hit = 0 else: name = pin.get_pointer(everything["reg_gdi"]) size = pin.get_pointer(everything["reg_gsi"]) if((size) == 0): pin.set_pointer(everything['reg_gdi'], 0) pin.set_pointer(everything['reg_gsi'], 0) elif(int(name) == 0): return else: last_allocated_size = everything['arg_1'] pin.set_pointer(everything['reg_gsi'], pin.get_pointer(everything['reg_gsi'])+guard_size*2) pin.set_pointer(everything['reg_gdi'], pin.get_pointer(everything['reg_gdi'])-(guard_size)) real = 1 hit = 1
def realloc_after(everything): global real if real == 1: pin.set_pointer((pin.get_pointer(everything['reg_gax'])), last_allocated_size) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+8+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+16+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+24+8, canary) pin.set_pointer((pin.get_pointer(everything['reg_gax'])+last_allocated_size+32+8), canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+8+last_allocated_size+32+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+16+last_allocated_size+32+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+24+last_allocated_size+32+8, canary) pin.set_pointer(everything['reg_gax'], pin.get_pointer(everything['reg_gax'])+40) real = 0
def malloc_after(everything): global last_allocated_size address = everything['return'] #print "MALLOC " + hex((pin.get_pointer(everything['reg_gax']))) pin.set_pointer((pin.get_pointer(everything['reg_gax'])), last_allocated_size) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+8+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+16+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+24+8, canary) pin.set_pointer((pin.get_pointer(everything['reg_gax'])+last_allocated_size+32+8), canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+8+last_allocated_size+32+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+16+last_allocated_size+32+8, canary) pin.set_pointer(pin.get_pointer(everything['reg_gax'])+24+last_allocated_size+32+8, canary) pin.set_pointer(everything['reg_gax'], pin.get_pointer(everything['reg_gax'])+guard_size)
def malloc_before(everything): global last_allocated_size last_allocated_size = everything['arg_0'] # print "MALLOCING: " + hex(everything['arg_0']) new_size = guard_size*2+last_allocated_size pin.set_pointer(everything['reg_gdi'], pin.get_pointer(everything['reg_gdi'])+guard_size*2)
def memset_pre(everything): pin.set_pointer(everything['reg_gsi'], 0x43)