Exemplo n.º 1
0
def get_dw_at_location_offset_dw_form_sec_offset(structs, expression):
    visitor = ExprDumper(structs)
    visitor.process_expr(expression)
    print "Full DW_AT_location as string: ",
    print visitor.get_str()
    dw_at_location_as_string = visitor.get_str()
    parts = dw_at_location_as_string.split()
    first_part = parts[0]
    assert first_part == 'DW_OP_fbreg:'
    second_part = parts[1].strip(';')
    return int(second_part)
Exemplo n.º 2
0
def get_dw_at_location_offset(structs, expression):
    visitor = ExprDumper(structs)
    visitor.process_expr(expression)
    print "Full DW_AT_location as string: ",
    print visitor.get_str()
    dw_at_location_as_string = visitor.get_str()
    first_part, second_part = dw_at_location_as_string.split()
    #print first_part   # 'DW_OP_fbreg:'
    assert first_part == 'DW_OP_fbreg:'
    #print "Second part of DW_AT_location: ",
    #print second_part  # e.g. '-20'
    return int(second_part)
Exemplo n.º 3
0
def extract_DWARF_expr(expr, structs):
    """ Textual description of a DWARF expression encoded in 'expr'.
        structs should come from the entity encompassing the expression - it's
        needed to be able to parse it correctly.
    """
    # Since this function can be called a lot, initializing a fresh new
    # ExprDumper per call is expensive. So a rudimentary caching scheme is in
    # place to create only one such dumper per instance of structs.
    cache_key = id(structs)
    if cache_key not in _DWARF_EXPR_DUMPER_CACHE:
        _DWARF_EXPR_DUMPER_CACHE[cache_key] = \
            ExprDumper(structs)
    dwarf_expr_dumper = _DWARF_EXPR_DUMPER_CACHE[cache_key]
    dwarf_expr_dumper.clear()
    dwarf_expr_dumper.process_expr(expr)
    return dwarf_expr_dumper
Exemplo n.º 4
0
 def setUp(self):
     self.visitor = ExprDumper(self.structs32)
     set_global_machine_arch('x64')
Exemplo n.º 5
0
class TestExprDumper(unittest.TestCase):
    structs32 = DWARFStructs(
            little_endian=True,
            dwarf_format=32,
            address_size=4)

    def setUp(self):
        self.visitor = ExprDumper(self.structs32)
        set_global_machine_arch('x64')

    def test_basic_single(self):
        self.visitor.process_expr([0x1b])
        self.assertEqual(self.visitor.get_str(),
            'DW_OP_div')

        self.setUp()
        self.visitor.process_expr([0x74, 0x82, 0x01])
        self.assertEqual(self.visitor.get_str(),
            'DW_OP_breg4 (rsi): 130')

        self.setUp()
        self.visitor.process_expr([0x91, 0x82, 0x01])
        self.assertEqual(self.visitor.get_str(),
            'DW_OP_fbreg: 130')

        self.setUp()
        self.visitor.process_expr([0x51])
        self.assertEqual(self.visitor.get_str(),
            'DW_OP_reg1 (rdx)')

        self.setUp()
        self.visitor.process_expr([0x90, 16])
        self.assertEqual(self.visitor.get_str(),
            'DW_OP_regx: 16 (rip)')

        self.setUp()
        self.visitor.process_expr([0x9d, 0x8f, 0x0A, 0x90, 0x01])
        self.assertEqual(self.visitor.get_str(),
            'DW_OP_bit_piece: 1295 144')

    def test_basic_sequence(self):
        self.visitor.process_expr([0x03, 0x01, 0x02, 0, 0, 0x06, 0x06])
        self.assertEqual(self.visitor.get_str(),
            'DW_OP_addr: 201; DW_OP_deref; DW_OP_deref')

        self.setUp()
        self.visitor.process_expr([0x15, 0xFF, 0x0b, 0xf1, 0xff])
        self.assertEqual(self.visitor.get_str(),
            'DW_OP_pick: 255; DW_OP_const2s: -15')

        self.setUp()
        self.visitor.process_expr([0x1d, 0x1e, 0x1d, 0x1e, 0x1d, 0x1e])
        self.assertEqual(self.visitor.get_str(),
            'DW_OP_mod; DW_OP_mul; DW_OP_mod; DW_OP_mul; DW_OP_mod; DW_OP_mul')
Exemplo n.º 6
0
 def setUp(self):
     self.visitor = ExprDumper(self.structs32)
     set_global_machine_arch('x64')
Exemplo n.º 7
0
class TestExprDumper(unittest.TestCase):
    structs32 = DWARFStructs(little_endian=True,
                             dwarf_format=32,
                             address_size=4)

    def setUp(self):
        self.visitor = ExprDumper(self.structs32)
        set_global_machine_arch('x64')

    def test_basic_single(self):
        self.assertEqual(self.visitor.dump_expr([0x1b]), 'DW_OP_div')

        self.assertEqual(self.visitor.dump_expr([0x74, 0x82, 0x01]),
                         'DW_OP_breg4 (rsi): 130')

        self.assertEqual(self.visitor.dump_expr([0x91, 0x82, 0x01]),
                         'DW_OP_fbreg: 130')

        self.assertEqual(self.visitor.dump_expr([0x51]), 'DW_OP_reg1 (rdx)')

        self.assertEqual(self.visitor.dump_expr([0x90, 16]),
                         'DW_OP_regx: 16 (rip)')

        self.assertEqual(
            self.visitor.dump_expr([0x9d, 0x8f, 0x0A, 0x90, 0x01]),
            'DW_OP_bit_piece: 1295 144')

        self.assertEqual(
            self.visitor.dump_expr(
                [0x0e, 0xff, 0x00, 0xff, 0x00, 0xff, 0x00, 0xff, 0x00]),
            'DW_OP_const8u: 71777214294589695')

    def test_basic_sequence(self):
        self.assertEqual(
            self.visitor.dump_expr([0x03, 0x01, 0x02, 0, 0, 0x06, 0x06]),
            'DW_OP_addr: 201; DW_OP_deref; DW_OP_deref')

        self.assertEqual(
            self.visitor.dump_expr([0x15, 0xFF, 0x0b, 0xf1, 0xff]),
            'DW_OP_pick: 255; DW_OP_const2s: -15')

        self.assertEqual(
            self.visitor.dump_expr([0x1d, 0x1e, 0x1d, 0x1e, 0x1d, 0x1e]),
            'DW_OP_mod; DW_OP_mul; DW_OP_mod; DW_OP_mul; DW_OP_mod; DW_OP_mul')

        self.assertEqual(self.visitor.dump_expr([0x08, 0x0f, 0xe0]),
                         'DW_OP_const1u: 15; DW_OP_GNU_push_tls_address')
Exemplo n.º 8
0
def get_dw_at_location_offset_0x54(structs, expression):
    visitor = ExprDumper(structs)
    visitor.process_expr(expression)
    print "Full DW_AT_location as string: ",
    print visitor.get_str()
    dw_at_location_as_string = visitor.get_str()