Exemplo n.º 1
0
def createLibFunctionItems(lib, parent_item):
    """Create tree items of library function in the lib hierarchy.

    Agrs:
        lib: The library object containing functions
        parent_item: The corresponding library tree item

    Returns:
        A tuple of (ip, fl_item), where ip is an instruction pointer
        to a leak from a function and fl_item is the tree item to
        this function.
    """
    assert isinstance(lib, Library)

    ip_fl_tuples = []
    for j in sorted_keys(lib.entries):
        fl = lib.entries[j]
        fl_item = LibHierarchyItem("{}".format(getCtxName(fl.fentry)), fl, parent_item)
        parent_item.appendChild(fl_item)

        assert isinstance(fl, FunctionLeak)
        for i in sorted_keys(fl.dataleaks):
            dl = fl.dataleaks[i]
            assert isinstance(dl, DataLeak)
            ip_fl_tuples.append((dl.ip, fl_item))

        for j in sorted_keys(fl.cfleaks):
            cf = fl.cfleaks[j]
            assert isinstance(cf, CFLeak)
            ip_fl_tuples.append((cf.ip, fl_item))

    return ip_fl_tuples
Exemplo n.º 2
0
    def flatten(self, flat=None):
        main = False
        if flat is None:
            flat = LibHierarchy()
            main = True

        for leak in sorted_keys(self.dataleaks):
            c = copy.deepcopy(leak)
            flat.merge(c)
        for leak in sorted_keys(self.cfleaks):
            c = copy.deepcopy(leak)
            flat.merge(c)

        for k in sorted_keys(self.children):
            self.children[k].flatten(flat)

        if main:
            return flat
Exemplo n.º 3
0
    def setupData(self, call_hierarchy, parent=None):
        if call_hierarchy is None:
            return None

        if call_hierarchy.parent is None:
            self.root_item = CallHierarchyItem("Call Hierarchy",
                                               call_hierarchy)
            if len(call_hierarchy.children) > 0:
                self.setupData(
                    call_hierarchy.children[next(iter(
                        call_hierarchy.children))], self.root_item)
        else:
            call_hierarchy_item = CallHierarchyItem(
                "{}".format(getCtxName(call_hierarchy.ctxt.callee)),
                call_hierarchy, parent)

            parent.appendChild(call_hierarchy_item)

            parent = call_hierarchy_item
            for k in sorted_keys(call_hierarchy.children):
                self.setupData(call_hierarchy.children[k], parent)
Exemplo n.º 4
0
 def __str__(self):
     string = ""
     for e in sorted_keys(self.entries):
         string += str(e) + "\n"
     return string
Exemplo n.º 5
0
 def doprint(self, printer):
     for e in sorted_keys(self.mymap):
         self.mymap[e].doprint(printer)
Exemplo n.º 6
0
def parse_leaks(lib_hierarchy):
    assert isinstance(lib_hierarchy, LibHierarchy)

    with utils.datafs.get_binfile(IP_INFO_FILE) as f:
        short_info_map = loadipinfo(f)

    for ip in sorted_keys(lib_hierarchy.entries):
        lib = lib_hierarchy.entries[ip]
        assert isinstance(lib, Library)

        lib_name = lib.libentry.name.split("/")[-1]
        lib_item = LibHierarchyItem("{}".format(lib_name), lib, lib_model.root_item)
        lib_model.root_item.appendChild(lib_item)

        bin_file_path = lib.libentry.name

        with utils.datafs.get_file(f"{bin_file_path}.asm") as f:
            asm_dump = f.read().split("\n")

        debug(0, f"[REPORT] lib_name: {lib_name}")
        debug(0, f"[REPORT] bin_path: {bin_file_path}")

        fl_entries = createLibFunctionItems(lib, lib_item)  # tuple (ip, fl_item)

        for (addr, lib_tree_item) in fl_entries:
            if addr not in short_info_map:
                debug(0, "Cannot find addr in short_info_map")
                debug(0, "(Could be a wrong combination of pickle and zip file?)")
                sys.exit(ErrorCode.INVALID_COMB_OF_FILES)

            leak_docs = LeakDocs(
                lib_name,
                lib_tree_item,
                addr,
                None,
                None,
            )
            if leak_docs.leak.meta is None:
                leak_docs.leak.meta = LeakMetaInfo()
            if leak_docs.leak.meta.flag == LeakFlags.DONTCARE or (
                leak_docs.leak.meta.flag != LeakFlags.LEAK
                and leak_docs.leak.status.is_generic_leak() is False
                and leak_docs.leak.status.is_specific_leak() is False
            ):
                continue

            short_info = short_info_map[addr]
            assert isinstance(short_info, IpInfoShort)

            # ASM
            if short_info.asm_line_nr < 0:
                continue
            search_str = format(utils.getLocalIp(addr), "x") + ":"
            debug(1, f"ASM search_str: {search_str}")
            search_idx = [
                idx for (idx, line) in enumerate(asm_dump) if search_str in line
            ]
            assert len(search_idx) >= 1  # search for ff0 will trigger 1ff0 as well
            search_idx = search_idx[0]
            leak_docs.asm = LeakDump(
                bin_file_path,
                search_idx,
                asm_dump[search_idx - 5 : search_idx],
                asm_dump[search_idx],
                asm_dump[search_idx + 1 : search_idx + 5],
            )

            # SRC
            src_line_nr = short_info.src_line_nr - 1
            debug(1, f"SRC src_line_nr: {src_line_nr}")
            debug(1, f"SRC src_file: {short_info.src_file}")
            leak_dump_src = None
            if short_info.src_file is None:
                debug(1, "Source file path missing: %s", short_info.src_file)
            else:
                with utils.datafs.get_file(short_info.src_file) as f:
                    src_dump = f.read().split("\n")
                debug(1, src_dump[src_line_nr])
                leak_docs.src = LeakDump(
                    short_info.src_file,
                    src_line_nr,
                    src_dump[src_line_nr - 5 : src_line_nr],
                    src_dump[src_line_nr],
                    src_dump[src_line_nr + 1 : src_line_nr + 5],
                )

            leaks_docs.append(leak_docs)
            libs_leaks_docs[lib_name].append(leak_docs)