Exemplo n.º 1
0
 def getJobs(index,varstr,codestr):
     syscall_definition=memcpy_handler.gen_match_str(varstr)
     m=re.search(syscall_definition,codestr)
     start_pos=m.span()[1]
     end_pos,islast=ArgHandler.nextarg(codestr,start_pos)
     if end_pos is None:
         print "Error! memcpy second arg wrong!" 
         x=1/0
     elif islast:
         print "Error! memcpy third arg missing!" 
         x=1/0
     former_vars,follow_vars=ArgHandler.vars_in_pointer_offset_style(codestr[start_pos:end_pos])
     jobs=[]
     jobs.append(TaintJob(index,TaintVar(former_vars[0],['*'])))
     if follow_vars:
         for v in follow_vars:
             jobs.append(TaintJob(index,TaintVar(v,[])))
     start_pos=end_pos+1
     end_pos,islast=ArgHandler.nextarg(codestr,start_pos)
     if end_pos is None or not islast:
         print "Error! memcpy third arg wrong!" 
         x=1/0
     vs=Filter.expression2vars(codestr[start_pos:end_pos])
     for v in vs:
         jobs.append(TaintJob(index,TaintVar(v,[])))
     return jobs
Exemplo n.º 2
0
 def getJobs(index,varstr,codestr):
     syscall_definition=sscanf_handler.gen_match_str(varstr)
     m0=re.search(syscall_definition,codestr)
     sscanf_str=m0.group()
     start_pos=re.search("sscanf\s*\(",sscanf_str).span()[1]
     end_pos,islast=ArgHandler.nextarg(sscanf_str,start_pos)
     if end_pos is None:
         print "Error! sscanf second arg wrong!" 
         x=1/0
     elif islast:
         print "Error! sscanf format string arg missing!" 
         x=1/0
     former_vars,follow_vars=ArgHandler.vars_in_pointer_offset_style(sscanf_str[start_pos:end_pos])
     jobs=[]
     jobs.append(TaintJob(index,TaintVar(former_vars[0],['*'])))
     if follow_vars:
         for v in follow_vars:
             jobs.append(TaintJob(index,TaintVar(v,[])))
     start_pos=end_pos+1
     end_pos,islast=ArgHandler.nextarg(sscanf_str,start_pos)
     if end_pos is None or islast:
         print "Error! format string wrong or third arg missing !" 
         x=1/0
     vs=Filter.expression2vars(sscanf_str[start_pos:end_pos])
     for v in vs:
         jobs.append(TaintJob(index,TaintVar(v,[])))
     return jobs
Exemplo n.º 3
0
 def getJobs(index,varstr,codestr):
     syscall_definition=strcpy_handler.gen_match_str(varstr)
     m=re.search(syscall_definition,codestr)
     start_pos=m.span()[1]
     end_pos,islast=ArgHandler.nextarg(codestr,start_pos)
     if end_pos is None or not islast:
         print "Error! strcpy second arg wrong!" 
         x=1/0
     jobs=[]
     former_vars,follow_vars=ArgHandler.vars_in_pointer_offset_style(codestr[start_pos:end_pos])
     jobs.append(TaintJob(index,TaintVar(former_vars[0],['*'])))
     print "handle strcpy! new job var:",former_vars[0],['*']
     if follow_vars:
         for v in follow_vars:
             jobs.append(TaintJob(index,TaintVar(v,[])))
             print "handle strcpy! new job var:",v,[]
     return jobs
Exemplo n.º 4
0
 def getJobs(index,varstr,codestr):
     syscall_definition=memset_handler.gen_match_str(varstr)
     m=re.search(syscall_definition,codestr)
     start_pos=m.span()[1]
     end_pos,islast=ArgHandler.nextarg(codestr,start_pos)
     if end_pos is None:
         print "Error! memset second arg wrong!"
         x=1/0
     elif islast:
         print "Error! memset third arg missing!" 
         x=1/0
     start_pos=end_pos+1
     end_pos,islast=ArgHandler.nextarg(codestr,start_pos)
     if end_pos is None or not islast :
         print "Error! memset third arg wrong!" 
         x=1/0
     third_param=codestr[start_pos:end_pos]
     vs=Filter.expression2vars(third_param)
     jobs=[]
     for v in vs:
         jobs.append(TaintJob(index,TaintVar(v,[])))
         print "handle memset! new job var:",v,[]
     return jobs