def detectFuncParameters(self, reil_code, memaccess, callstack, inputs, counter):
pins = parse_reil(reil_code[-1])
ins = Instruction(pins,None)
assert(ins.instruction == "call" and ins.called_function <> None)
# first we locate the stack pointer to know where the parameters are located
esp = Operand("esp","DWORD")
pbase = getTypedValueFromCode(reil_code, callstack, inputs, memaccess, esp)
#print pbase.name
#print pbase.mem_source
#
func_cons = funcs.get(ins.called_function, Function)
func = func_cons(pbase = pbase)
parameters = []
for (par_type, location, needed) in func.getParameterLocations():
#print (ins.called_function, par_type, location.mem_source, needed)
if needed:
reil_code.reverse()
reil_code.reset()
val = getTypedValueFromCode(reil_code, callstack, inputs, memaccess, location)
#print "parameter of",ins.called_function, "at", str(location) , "has value:", val.name
parameters.append((location, val))
else:
parameters.append((None, None))
if parameters <> []:
self.parameters[counter] = self.__getParameters__(ins, parameters)
def detectFuncParameters(self, reil_code, memaccess, callstack, inputs,
counter):
ins = reil_code[-1]
assert (ins.isCall() and ins.called_function <> None)
# first we locate the stack pointer to know where the parameters are located
esp = Operand("esp", "DWORD")
pbase = getTypedValueFromCode(reil_code, callstack, inputs, memaccess,
esp)
func_cons = funcs.get(ins.called_function, Function)
func = func_cons(pbase=pbase)
parameters = []
for (par_type, location, needed) in func.getParameterLocations():
if needed:
reil_code.reverse()
reil_code.reset()
val = getTypedValueFromCode(reil_code, callstack, inputs,
memaccess, location)
#print "parameter of",ins.called_function, "at", str(location) , "has value:", val.name
parameters.append((location, val))
else:
parameters.append((None, None))
if parameters <> []:
self.parameters[counter] = self.__getParameters__(ins, parameters)
def detectMemAccess(self, reil_code, callstack, inputs, counter):
pins = parse_reil(reil_code[-1])
ins = Instruction(pins, None)
assert (ins.instruction in ["stm", "ldm"])
addr_op = ins.getMemReg()
#print "op:", addr_op, ins.address
val = getTypedValueFromCode(reil_code, callstack, inputs, self,
addr_op)
#print val
if (val.isMem()):
#if self.__isArgMem__(val, callstack.callstack[1]):
# print "arg detected at", ins, "with", str(val)
# self.access[counter] = self.__getArgMemAccess__(ins, val, callstack.callstack[1])
#else:
#print val
self.access[counter] = self.__getMemAccess__(ins, val)
elif (val.isImm):
self.access[counter] = self.__getGlobalMemAccess__(
ins, int(val.name))
else:
assert (0)
def detectMemAccess(self, reil_code, callstack, inputs, counter):
ins = reil_code[-1]
assert(ins.instruction in ["stm", "ldm"])
addr_op = ins.getMemReg()
val = getTypedValueFromCode(reil_code, callstack, inputs, self, addr_op)
if (val.isMem()):
#if self.__isArgMem__(val, callstack.callstack[1]):
# print "arg detected at", ins, "with", str(val)
# self.access[counter] = self.__getArgMemAccess__(ins, val, callstack.callstack[1])
#else:
#print val
self.access[counter] = self.__getMemAccess__(ins, val)
elif (val.isImm):
self.access[counter] = self.__getGlobalMemAccess__(ins, int(val.name))
else:
assert(0)