def loadMembers(self, mappings, maxDepth):
if not LoadableMembersStructure.loadMembers(self, mappings, maxDepth):
return False
# Load and memcopy key and iv
log.debug('Enc Memcopying a Key with %d bytes'%self.key_len)
attr_obj_address = getaddress(self.key)
log.debug('got key @%x '%(attr_obj_address))
memoryMap = is_valid_address_value( attr_obj_address, mappings)
# DEBUG - I do question the buffer_copy.
log.debug('memoryMap is %s - \nmake array '%(memoryMap))
array=(ctypes.c_ubyte*self.key_len).from_buffer_copy(memoryMap.readArray(attr_obj_address, ctypes.c_ubyte, self.key_len))
# save key as bitstream
##key_contents = ctypes.c_ubyte.from_buffer(array)
key_contents = array
log.debug('keep ref ')
model.keepRef(key_contents, model.get_subtype(self.key), attr_obj_address)
log.debug('Enc Memcopying a IV with %d bytes'%( self.block_size) )
attr_obj_address=getaddress(self.iv)
memoryMap = is_valid_address_value( attr_obj_address, mappings)
log.debug('make array ')
array=(ctypes.c_ubyte*self.block_size).from_buffer_copy(memoryMap.readArray(attr_obj_address, ctypes.c_ubyte,self.block_size))
# save iv contents as bitstream
##iv_contents = ctypes.c_ubyte.from_buffer(array)
iv_contents = array
log.debug('keep ref')
model.keepRef(iv_contents, model.get_subtype(self.iv), attr_obj_address)
log.debug('ENC KEY(%d bytes) and IV(%d bytes) acquired'%(self.key_len,self.block_size))
return True
def loadMembers(self, mappings, maxDepth):
if not LoadableMembersStructure.loadMembers(self, mappings, maxDepth):
return False
#log.debug('evp app_data attr_obj_address=0x%lx'%(self.evp.app_data) )
#log.debug('evp cipher_data attr_obj_address=0x%lx'%(self.evp.cipher_data) ) ##none
cipher = model.getRef( Cipher, getaddress(self.cipher) )
ciphername = cipher.name.toString()
# cast evp.app_data into a valid struct
if ciphername in self.cipherContexts:
# evp.cipher.nid should be 0
struct = self.cipherContexts[ciphername]
if (struct is None):
log.warning("Unsupported cipher %s"%(ciphername))
return True
attr_obj_address = self.evp.app_data
memoryMap = is_valid_address_value( attr_obj_address, mappings, struct)
log.debug( "CipherContext CAST app_data into : %s "%( struct) )
if not memoryMap:
log.warning('On second toughts, app_data seems to be at an invalid address. That should not happen (often).')
log.warning('%s addr:0x%lx size:0x%lx addr+size:0x%lx '%(is_valid_address_value( attr_obj_address, mappings),
attr_obj_address, ctypes.sizeof(struct), attr_obj_address+ctypes.sizeof(struct)))
return False # DEBUG kill it
# read the void * and keep a ref
st = memoryMap.readStruct(attr_obj_address, struct )
model.keepRef(st, struct, attr_obj_address)
# yeah... no. "self.evp.app_data = xx" means SEGFAULT.
evp_app_data = ctypes.c_void_p(ctypes.addressof(st))
log.debug('Copied 0x%lx into app_data (0x%lx)'%(attr_obj_address, evp_app_data.value) )
log.debug('LOADED app_data as %s from 0x%lx (%s) into 0x%lx'%(struct,
attr_obj_address, is_valid_address_value(attr_obj_address,mappings,struct), evp_app_data.value))
log.debug('\t\t---------\n%s\t\t---------'%(st.toString() ) )
else:
log.debug("Unknown cipher %s, can't load a data struct for the EVP_CIPHER_CTX->app_data"%(ciphername))
return True
def iterateList(self, mappings):
''' iterate forward, then backward, until null or duplicate '''
done = [0]
obj = self
#print 'going forward '
for fieldname in [forward, backward]:
link = getattr(obj, fieldname)
addr = utils.getaddress(link)
log.debug('iterateList got a <%s>/0x%x'%(link.__class__.__name__,addr))
nb=0
while addr not in done:
#print '%x %s'%(addr, addr in done)
done.append(addr)
memoryMap = utils.is_valid_address_value( addr, mappings, structType)
if memoryMap == False:
raise ValueError('the link of this linked list has a bad value')
st = memoryMap.readStruct( addr, structType)
model.keepRef(st, structType, addr)
log.debug("keepRefx2 %s.%s @%x"%(structType, fieldname, addr ))
yield addr
# next
link = getattr(st, fieldname)
addr = utils.getaddress(link)
#print 'going backward after %x'%(addr)
raise StopIteration
def _get_chunk(mappings, heap, entry_addr):
from haystack.model import keepRef
m = mappings.getMmapForAddr(entry_addr)
chunk_header = m.readStruct(entry_addr, _HEAP_ENTRY)
keepRef(chunk_header, _HEAP_ENTRY, entry_addr)
chunk_header._orig_addr_ = entry_addr
return chunk_header
def iterateList(self, mappings):
''' iterate forward, then backward, until null or duplicate '''
done = [0]
obj = self
#print 'going forward '
for fieldname in [forward, backward]:
link = getattr(obj, fieldname)
addr = utils.getaddress(link)
log.debug('iterateList got a <%s>/0x%x' %
(link.__class__.__name__, addr))
nb = 0
while addr not in done:
#print '%x %s'%(addr, addr in done)
done.append(addr)
memoryMap = utils.is_valid_address_value(
addr, mappings, structType)
if memoryMap == False:
raise ValueError(
'the link of this linked list has a bad value')
st = memoryMap.readStruct(addr, structType)
model.keepRef(st, structType, addr)
log.debug("keepRefx2 %s.%s @%x" %
(structType, fieldname, addr))
yield addr
# next
link = getattr(st, fieldname)
addr = utils.getaddress(link)
#print 'going backward after %x'%(addr)
raise StopIteration
def _loadListEntries(self, fieldname, mappings, maxDepth):
'''
we need to load the pointed entry as a valid struct at the right offset,
and parse it.
When does it stop following FLink/BLink ?
sentinel is headAddr only
'''
structType, offset = self._getListFieldInfo(fieldname)
# DO NOT think HEAD is a valid entry.
# if its a ListEntries, self has already been loaded anyway.
headAddr = self._orig_address_ + utils.offsetof(type(self), fieldname)
head = getattr(self, fieldname)
for entry in head._iterateList(mappings):
# DO NOT think HEAD is a valid entry
if entry == headAddr:
continue
link = entry + offset
log.debug('got a element of list at %s 0x%x/0x%x offset:%d' %
(fieldname, entry, link, offset))
# use cache if possible, avoid loops.
#XXX
from haystack import model
ref = model.getRef(structType, link)
if ref: # struct has already been loaded, bail out
log.debug("%s loading from references cache %s/0x%lx" %
(fieldname, structType, link))
continue # do not reload
else:
# OFFSET read, specific to a LIST ENTRY model
memoryMap = utils.is_valid_address_value(
link, mappings, structType)
if memoryMap is False:
log.error(
'error while validating address 0x%x type:%s @end:0x%x'
% (link, structType.__name__,
link + ctypes.sizeof(structType)))
log.error('self : %s , fieldname : %s' %
(self.__class__.__name__, fieldname))
raise ValueError(
'error while validating address 0x%x type:%s @end:0x%x'
% (link, structType.__name__,
link + ctypes.sizeof(structType)))
st = memoryMap.readStruct(
link, structType) # point at the right offset
st._orig_addr_ = link
model.keepRef(st, structType, link)
log.debug("keepRef %s.%s @%x" % (structType, fieldname, link))
# load the list entry structure members
if not st.loadMembers(mappings, maxDepth - 1):
log.error('Error while loading members on %s' %
(self.__class__.__name__))
print st
raise ValueError('error while loading members')
return True
def _get_chunk(mappings, heap, entry_addr):
from haystack.model import keepRef
m = mappings.getMmapForAddr(entry_addr)
chunk_header = m.readStruct(entry_addr, _HEAP_ENTRY)
keepRef(chunk_header, _HEAP_ENTRY, entry_addr)
chunk_header._orig_addr_ = entry_addr
return chunk_header
def test_getRef(self):
model.keepRef(1, int, 0xcafecafe)
model.keepRef(2, float, 0xcafecafe)
self.assertEquals(model.getRef(int, 0xcafecafe), 1)
self.assertEquals(model.getRef(float, 0xcafecafe), 2)
self.assertIsNone(model.getRef(str, 0xcafecafe))
self.assertIsNone(model.getRef(str, 0xdeadbeef))
self.assertIsNone(model.getRef(int, 0xdeadbeef))
def test_getRef(self):
model.keepRef(1, int, 0xcafecafe)
model.keepRef(2, float, 0xcafecafe)
self.assertEquals( model.getRef(int,0xcafecafe), 1)
self.assertEquals( model.getRef(float,0xcafecafe), 2)
self.assertIsNone( model.getRef(str,0xcafecafe))
self.assertIsNone( model.getRef(str,0xdeadbeef))
self.assertIsNone( model.getRef(int,0xdeadbeef))
def list_head_loadRealMembers(self, mappings, maxDepth, attrtype, listHeadName, addresses):
'''
Copy ->next and ->prev target structure's memeory space.
attach prev and next correctly.
@param attrtype the target structure type
@param listHeadName the member name of the list_head in the target structure
@param addresses original pointers for prev and next
'''
attrname = listHeadName
addr_prev,addr_next = addresses
null = list_head()
for listWay, addr in [('prev',addr_prev),('next',addr_next)]:
attr = getattr(self,listWay)
if addr is None or not bool(attr):
attr.contents = null
continue # do not load unvalid address
#print listHeadName,listWay, hex(addr)
#elif not is_address_local(attr) :
# continue # coul
cache = model.getRef(attrtype, addr ) # is the next/prev Item in cache
if cache:
# get the offset into the buffer and associate the .list_head->{next,prev} to it
attr.contents = gen.list_head.from_address(ctypes.addressof( getattr(cache, attrname)) ) #loadMember is done
log.debug("assigned &%s.%s in self "%(attrname,listWay ))
# DO NOT recurse
continue
log.debug('re-loading %s.%s.%s from 0x%x'%(attrtype,attrname,listWay, addr))
memoryMap = is_valid_address_value( addr, mappings, attrtype)
if(not memoryMap):
# big BUG Badaboum, why did pointer changed validity/value ?
log.warning("%s.%s %s not loadable 0x%lx but VALID "%(attrname,listWay, attr, addr ))
attr.contents = null
continue
else:
log.debug("self.%s.%s -> 0x%lx (is_valid_address_value: %s)"%(attrname,listWay, addr, memoryMap ))
# save the total struct to local memspace
nextItem = memoryMap.readStruct(addr, attrtype )
#if not nextItem.isValid(mappings):
# log.warning('%s.%s (%s) is INVALID'%(attrname,listWay, attrtype))
# return False
log.debug("%s.%s is loaded: '%s'"%(attrname,listWay, nextItem ))
# save the ref and load the task
model.keepRef( nextItem, attrtype, addr)
# get the offset into the buffer and associate the .tasks->next to it
attr.contents = gen.list_head.from_address(ctypes.addressof( getattr(nextItem, attrname) )) #loadMember is done
log.debug("assigned &%s.%s in self "%(attrname,listWay ))
# recursive validation checks on new struct
if not bool(attr):
log.warning('Member %s.%s is null after copy: %s'%(attrname, listWay ,attr))
attr.contents = null
else:
# recursive loading - model revalidation
if not nextItem.loadMembers(mappings, maxDepth-1):
return False
continue
return True
def getNextChunk(self, mappings, orig_addr):
mmap = model.is_valid_address_value(orig_addr, mappings)
if not mmap:
raise ValueError
if self.size > 0 :
next_addr = self.next_addr(orig_addr)
next_chunk = mmap.readStruct(next_addr, malloc_chunk )
model.keepRef( next_chunk, malloc_chunk, next_addr)
return next_chunk, next_addr
return None, None
def getNextChunk(self, mappings, orig_addr):
mmap = model.is_valid_address_value(orig_addr, mappings)
if not mmap:
raise ValueError
if self.size > 0:
next_addr = self.next_addr(orig_addr)
next_chunk = mmap.readStruct(next_addr, malloc_chunk)
model.keepRef(next_chunk, malloc_chunk, next_addr)
return next_chunk, next_addr
return None, None
def getPrevChunk(self, mappings, orig_addr):
mmap = model.is_valid_address_value(orig_addr, mappings)
if not mmap:
raise ValueError
if self.prev_size > 0:
prev_addr = self.prev_addr(orig_addr)
prev_chunk = mmap.readStruct(prev_addr, malloc_chunk)
model.keepRef(prev_chunk, malloc_chunk, prev_addr)
return prev_chunk, prev_addr
return None, None
def getPrevChunk(self, mappings, orig_addr):
mmap = model.is_valid_address_value(orig_addr, mappings)
if not mmap:
raise ValueError
if self.prev_size > 0 :
prev_addr = self.prev_addr(orig_addr)
prev_chunk = mmap.readStruct(prev_addr, malloc_chunk )
model.keepRef( prev_chunk, malloc_chunk, prev_addr)
return prev_chunk, prev_addr
return None, None
def getNextChunk(self, mappings, orig_addr):
## do next_chunk
mmap = model.is_valid_address_value(orig_addr, mappings)
if not mmap:
raise ValueError
next_addr = orig_addr + self.real_size()
# check if its in mappings
if not model.is_valid_address_value(next_addr, mappings):
return None,None
next_chunk = mmap.readStruct(next_addr, malloc_chunk )
model.keepRef( next_chunk, malloc_chunk, next_addr)
return next_chunk, next_addr
def getPrevChunk(self, mappings, orig_addr):
## do prev_chunk
if self.check_prev_inuse():
raise TypeError('Previous chunk is in use. can read its size.')
mmap = model.is_valid_address_value(orig_addr, mappings)
if not mmap:
raise ValueError
if self.prev_size > 0 :
prev_addr = orig_addr - self.prev_size
prev_chunk = mmap.readStruct(prev_addr, malloc_chunk )
model.keepRef( prev_chunk, malloc_chunk, prev_addr)
return prev_chunk, prev_addr
return None, None
def loadMembers(self, mappings, maxDepth):
if not LoadableMembersStructure.loadMembers(self, mappings, maxDepth):
return False
# Load and memcopy key
log.debug('Memcopying a Key with %d bytes'%self.key_len)
attr_obj_address=getaddress(self.key)
memoryMap = is_valid_address_value( attr_obj_address, mappings)
array=(ctypes.c_ubyte*self.key_len).from_buffer_copy(memoryMap.readArray(attr_obj_address, ctypes.c_ubyte, self.key_len))
model.keepRef(array, model.get_subtype(self.key), attr_obj_address)
log.debug('unmac_ctx has been nulled and ignored. its not often used by any ssh impl. Not useful for us anyway.')
log.debug('MAC KEY(%d bytes) acquired'%(self.key_len))
return True
def _loadListEntries(self, fieldname, mappings, maxDepth):
'''
we need to load the pointed entry as a valid struct at the right offset,
and parse it.
When does it stop following FLink/BLink ?
sentinel is headAddr only
'''
structType, offset = self._getListFieldInfo(fieldname)
# DO NOT think HEAD is a valid entry.
# if its a ListEntries, self has already been loaded anyway.
headAddr = self._orig_address_ + utils.offsetof( type(self), fieldname)
head = getattr(self, fieldname)
for entry in head._iterateList(mappings):
# DO NOT think HEAD is a valid entry
if entry == headAddr:
continue
link = entry + offset
log.debug('got a element of list at %s 0x%x/0x%x offset:%d'%(fieldname, entry, link, offset))
# use cache if possible, avoid loops.
#XXX
from haystack import model
ref = model.getRef( structType, link)
if ref: # struct has already been loaded, bail out
log.debug("%s loading from references cache %s/0x%lx"%(fieldname, structType, link ))
continue # do not reload
else:
# OFFSET read, specific to a LIST ENTRY model
memoryMap = utils.is_valid_address_value( link, mappings, structType)
if memoryMap is False:
log.error('error while validating address 0x%x type:%s @end:0x%x'%(link,
structType.__name__, link+ctypes.sizeof(structType)) )
log.error('self : %s , fieldname : %s'%(self.__class__.__name__, fieldname))
raise ValueError('error while validating address 0x%x type:%s @end:0x%x'%(link,
structType.__name__, link+ctypes.sizeof(structType)) )
st = memoryMap.readStruct( link, structType) # point at the right offset
st._orig_addr_ = link
model.keepRef(st, structType, link)
log.debug("keepRef %s.%s @%x"%(structType, fieldname, link ))
# load the list entry structure members
if not st.loadMembers(mappings, maxDepth-1):
log.error('Error while loading members on %s'%(self.__class__.__name__))
print st
raise ValueError('error while loading members')
return True
def test_ref_unicity_2(self):
model.keepRef(1, int, 0xcafecafe)
model.keepRef(2, int, 0xcafecafe)
model.keepRef(3, int, 0xcafecafe)
me = model.getRefByAddr(0xcafecafe)
self.assertEquals(len(me), 1)
model.keepRef('4', str, 0xcafecafe)
me = model.getRefByAddr(0xcafecafe)
self.assertEquals(len(me), 2)
return
def test_ref_unicity_2(self):
model.keepRef(1, int, 0xcafecafe)
model.keepRef(2, int, 0xcafecafe)
model.keepRef(3, int, 0xcafecafe)
me = model.getRefByAddr( 0xcafecafe )
self.assertEquals( len(me), 1)
model.keepRef('4', str, 0xcafecafe)
me = model.getRefByAddr( 0xcafecafe )
self.assertEquals( len(me), 2)
return
def loadMembers(self, mappings, maxDepth):
if not LoadableMembers.loadMembers(self, mappings, maxDepth):
return False
#log.debug('evp app_data attr_obj_address=0x%lx'%(self.evp.app_data) )
#log.debug('evp cipher_data attr_obj_address=0x%lx'%(self.evp.cipher_data) ) ##none
#log.debug('cipher app_data attr_obj_address=0x%lx'%(getaddress(self.cipher.contents.cipher_data)) )
# cast evp.app_data into a valid struct
if self.cipher.contents.name.string in self.cipherContexts:
struct,fieldname=self.cipherContexts[self.cipher.contents.name.string]
if(struct is None):
log.warning("Unsupported cipher %s"%(self.cipher.contents.name.string))
return True
attr=getattr(self.evp,fieldname)
#attr_obj_address=getaddress(attr) or attr # c_void_p is a basic type.
attr_obj_address = attr
#print attr
memoryMap = is_valid_address_value( attr_obj_address, mappings, struct)
log.debug( "CipherContext CAST %s into : %s "%(fieldname, struct) )
if not memoryMap:
log.warning('On second toughts, %s seems to be at an invalid address. That should not happen (often).'%(fieldname))
log.warning('%s addr:0x%lx size:0x%lx addr+size:0x%lx '%(is_valid_address_value( attr_obj_address, mappings),
attr_obj_address, ctypes.sizeof(struct), attr_obj_address+ctypes.sizeof(struct)))
log.warning('%s : %s'%(fieldname, attr))
return False # DEBUG kill it
#st=struct.from_buffer_copy(memoryMap.readStruct(attr_obj_address, struct ) )
# XXX CAST do not copy buffer when casting, sinon on perds des bytes
## attr.contents=(type(attr.contents)).from_buffer(st)
### c_void_p -> allocate local_mem and change value
### XXX dangling pointer ?
#attr.value = ctypes.addressof(st)
#setattr(self.evp, fieldname, ctypes.c_void_p(ctypes.addressof(st)) )
st=memoryMap.readStruct(attr_obj_address, struct )
model.keepRef(st)
setattr(self.evp, fieldname, ctypes.c_void_p(ctypes.addressof(st)) )
attr=getattr(self.evp,fieldname)
log.debug('Copied 0x%lx into %s (0x%lx)'%(ctypes.addressof(st), fieldname, attr))
log.debug('LOADED app_data evp.%s as %s from 0x%lx (%s) into 0x%lx'%(fieldname,struct,
attr_obj_address, is_valid_address_value(attr_obj_address,mappings,struct), attr ))
log.debug('\t\t---------\n%s\t\t---------'%st.toString())
else:
log.warning("Unknown cipher %s, can't load a data struct for the EVP_CIPHER_CTX->app_data"%(self.cipher.contents.name.string))
return True
def EVP_CIPHER_CTX_loadMembers(self, mappings, maxDepth):
if not super(EVP_CIPHER_CTX,self).loadMembers(mappings, maxDepth):
return False
log.debug('trying to load cipher_data Structs.')
'''
if bool(cipher) and bool(self.cipher.nid) and is_valid_address(cipher_data):
memcopy( self.cipher_data, cipher_data_addr, self.cipher.ctx_size)
# cast possible on cipher.nid -> cipherType
'''
cipher = model.getRef( evp_cipher_st, getaddress(self.cipher) )
if cipher.nid == 0: # NID_undef, not openssl doing
log.info('The cipher is home made - the cipher context data should be application dependant (app_data)')
return True
struct = getCipherDataType( cipher.nid)
log.debug('cipher type is %s - loading %s'%( getCipherName(cipher.nid), struct ))
if(struct is None):
log.warning("Unsupported cipher %s"%(cipher.nid))
return True
# c_void_p is a basic type.
attr_obj_address = self.cipher_data
memoryMap = is_valid_address_value( attr_obj_address, mappings, struct)
log.debug( "cipher_data CAST into : %s "%(struct) )
if not memoryMap:
log.warning('in CTX On second toughts, cipher_data seems to be at an invalid address. That should not happen (often).')
log.warning('%s addr:0x%lx size:0x%lx addr+size:0x%lx '%(is_valid_address_value( attr_obj_address, mappings),
attr_obj_address, ctypes.sizeof(struct), attr_obj_address+ctypes.sizeof(struct)))
return True
#ok
st = memoryMap.readStruct(attr_obj_address, struct )
model.keepRef(st, struct, attr_obj_address)
self.cipher_data = ctypes.c_void_p(ctypes.addressof(st))
###print 'self.cipher_data in loadmembers',self.cipher_data
# check debug
attr=getattr(self, 'cipher_data')
log.debug('Copied 0x%lx into %s (0x%lx)'%(ctypes.addressof(st), 'cipher_data', attr))
log.debug('LOADED cipher_data as %s from 0x%lx (%s) into 0x%lx'%(struct,
attr_obj_address, is_valid_address_value(attr_obj_address, mappings, struct), attr ))
log.debug('\t\t---------\n%s\t\t---------'%st.toString())
return True
def test_delRef(self):
model.keepRef(1, int, 0xcafecafe)
model.keepRef(2, float, 0xcafecafe)
model.keepRef(3, str, 0xcafecafe)
self.assertTrue(model.hasRef(int, 0xcafecafe))
self.assertTrue(model.hasRef(float, 0xcafecafe))
self.assertTrue(model.hasRef(str, 0xcafecafe))
model.delRef(str, 0xcafecafe)
self.assertTrue(model.hasRef(int, 0xcafecafe))
self.assertTrue(model.hasRef(float, 0xcafecafe))
self.assertFalse(model.hasRef(str, 0xcafecafe))
model.delRef(str, 0xcafecafe)
self.assertTrue(model.hasRef(int, 0xcafecafe))
self.assertTrue(model.hasRef(float, 0xcafecafe))
self.assertFalse(model.hasRef(str, 0xcafecafe))
model.delRef(int, 0xcafecafe)
self.assertFalse(model.hasRef(int, 0xcafecafe))
self.assertTrue(model.hasRef(float, 0xcafecafe))
self.assertFalse(model.hasRef(str, 0xcafecafe))
model.delRef(float, 0xcafecafe)
self.assertFalse(model.hasRef(int, 0xcafecafe))
self.assertFalse(model.hasRef(float, 0xcafecafe))
self.assertFalse(model.hasRef(str, 0xcafecafe))
def _HEAP_SEGMENT_loadMember(self, attr, attrname, attrtype, mappings,
maxDepth):
#log.debug('_loadMember attrname : %s'%(attrname))
if attrname == 'LastValidEntry':
# isPointerType code.
_attrType = model.get_subtype(attrtype)
attr_obj_address = utils.getaddress(attr)
####
memoryMap = utils.is_valid_address(attr, mappings, _attrType)
if (not memoryMap):
log.debug("LastValidEntry out of mapping - 0x%lx - ignore " %
(attr_obj_address))
return True
from haystack.model import getRef, keepRef, delRef # TODO CLEAN
ref = getRef(_attrType, attr_obj_address)
if ref:
#log.debug("%s %s loading from references cache %s/0x%lx"%(attrname,attr,_attrType,attr_obj_address ))
#DO NOT CHANGE STUFF SOUPID attr.contents = ref
return True
#log.debug("%s %s loading from 0x%lx (is_valid_address: %s)"%(attrname,attr,attr_obj_address, memoryMap ))
##### Read the struct in memory and make a copy to play with.
### ERRROR attr.contents=_attrType.from_buffer_copy(memoryMap.readStruct(attr_obj_address, _attrType ))
contents = memoryMap.readStruct(attr_obj_address, _attrType)
# save that validated and loaded ref and original addr so we dont need to recopy it later
keepRef(contents, _attrType, attr_obj_address)
#log.debug("%s %s loaded memcopy from 0x%lx to 0x%lx"%(attrname, attr, attr_obj_address, (utils.getaddress(attr)) ))
# recursive validation checks on new struct
if not bool(attr):
log.warning('Member %s is null after copy: %s' % (attrname, attr))
return True
# go and load the pointed struct members recursively
if not contents.loadMembers(mappings, maxDepth):
log.debug('member %s was not loaded' % (attrname))
#invalidate the cache ref.
delRef(_attrType, attr_obj_address)
return False
return True
else:
return super(_HEAP_SEGMENT, self)._loadMember(attr, attrname, attrtype,
mappings, maxDepth)
def test_delRef(self):
model.keepRef(1, int, 0xcafecafe)
model.keepRef(2, float, 0xcafecafe)
model.keepRef(3, str, 0xcafecafe)
self.assertTrue( model.hasRef(int,0xcafecafe))
self.assertTrue( model.hasRef(float,0xcafecafe))
self.assertTrue( model.hasRef(str,0xcafecafe))
model.delRef(str, 0xcafecafe)
self.assertTrue( model.hasRef(int,0xcafecafe))
self.assertTrue( model.hasRef(float,0xcafecafe))
self.assertFalse( model.hasRef(str,0xcafecafe))
model.delRef(str, 0xcafecafe)
self.assertTrue( model.hasRef(int,0xcafecafe))
self.assertTrue( model.hasRef(float,0xcafecafe))
self.assertFalse( model.hasRef(str,0xcafecafe))
model.delRef(int, 0xcafecafe)
self.assertFalse( model.hasRef(int,0xcafecafe))
self.assertTrue( model.hasRef(float,0xcafecafe))
self.assertFalse( model.hasRef(str,0xcafecafe))
model.delRef(float, 0xcafecafe)
self.assertFalse( model.hasRef(int,0xcafecafe))
self.assertFalse( model.hasRef(float,0xcafecafe))
self.assertFalse( model.hasRef(str,0xcafecafe))
def toPyObject(self):
'''
Returns a Plain Old python object as a perfect copy of this ctypes object.
array would be lists, pointers, inner structures, and circular
reference should be handled nicely.
'''
# get self class.
#log.debug("%s %s %s_py"%(self.__class__.__module__, sys.modules[self.__class__.__module__], self.__class__.__name__) )
my_class = getattr(sys.modules[self.__class__.__module__],"%s_py"%(self.__class__.__name__) )
my_self = my_class()
#keep ref
if hasRef(my_class, ctypes.addressof(self) ):
return getRef(my_class, ctypes.addressof(self) )
# we are saving us in a partially resolved state, to keep from loops.
keepRef(my_self, my_class, ctypes.addressof(self) )
for field,typ in self.getFields():
attr = getattr(self,field)
member = self._attrToPyObject(attr,field,typ)
setattr(my_self, field, member)
# save the original type (me) and the field
setattr(my_self, '_ctype_', type(self))
return my_self
def _HEAP_SEGMENT_loadMember(self, attr, attrname, attrtype, mappings, maxDepth):
# log.debug('_loadMember attrname : %s'%(attrname))
if attrname == "LastValidEntry":
# isPointerType code.
_attrType = model.get_subtype(attrtype)
attr_obj_address = utils.getaddress(attr)
####
memoryMap = utils.is_valid_address(attr, mappings, _attrType)
if not memoryMap:
log.debug("LastValidEntry out of mapping - 0x%lx - ignore " % (attr_obj_address))
return True
from haystack.model import getRef, keepRef, delRef # TODO CLEAN
ref = getRef(_attrType, attr_obj_address)
if ref:
# log.debug("%s %s loading from references cache %s/0x%lx"%(attrname,attr,_attrType,attr_obj_address ))
# DO NOT CHANGE STUFF SOUPID attr.contents = ref
return True
# log.debug("%s %s loading from 0x%lx (is_valid_address: %s)"%(attrname,attr,attr_obj_address, memoryMap ))
##### Read the struct in memory and make a copy to play with.
### ERRROR attr.contents=_attrType.from_buffer_copy(memoryMap.readStruct(attr_obj_address, _attrType ))
contents = memoryMap.readStruct(attr_obj_address, _attrType)
# save that validated and loaded ref and original addr so we dont need to recopy it later
keepRef(contents, _attrType, attr_obj_address)
# log.debug("%s %s loaded memcopy from 0x%lx to 0x%lx"%(attrname, attr, attr_obj_address, (utils.getaddress(attr)) ))
# recursive validation checks on new struct
if not bool(attr):
log.warning("Member %s is null after copy: %s" % (attrname, attr))
return True
# go and load the pointed struct members recursively
if not contents.loadMembers(mappings, maxDepth):
log.debug("member %s was not loaded" % (attrname))
# invalidate the cache ref.
delRef(_attrType, attr_obj_address)
return False
return True
else:
return super(_HEAP_SEGMENT, self)._loadMember(attr, attrname, attrtype, mappings, maxDepth)
def test_hasRef(self):
model.keepRef(1, int, 0xcafecafe)
model.keepRef(2, float, 0xcafecafe)
model.keepRef(3, str, 0xcafecafe)
self.assertTrue(model.hasRef(int, 0xcafecafe))
self.assertTrue(model.hasRef(float, 0xcafecafe))
self.assertTrue(model.hasRef(str, 0xcafecafe))
self.assertFalse(model.hasRef(unicode, 0xcafecafe))
self.assertFalse(model.hasRef(int, 0xdeadbeef))
def test_hasRef(self):
model.keepRef(1, int, 0xcafecafe)
model.keepRef(2, float, 0xcafecafe)
model.keepRef(3, str, 0xcafecafe)
self.assertTrue( model.hasRef(int,0xcafecafe))
self.assertTrue( model.hasRef(float,0xcafecafe))
self.assertTrue( model.hasRef(str,0xcafecafe))
self.assertFalse( model.hasRef(unicode,0xcafecafe))
self.assertFalse( model.hasRef(int,0xdeadbeef))
def _loadMember(self,attr,attrname,attrtype,mappings, maxDepth):
# skip static basic data members
if not self._isLoadableMember(attr, attrname, attrtype):
log.debug("%s %s not loadable bool(attr) = %s"%(attrname,attrtype, bool(attr)) )
return True
# load it, fields are valid
elif isStructType(attrtype) or isUnionType(attrtype): # DEBUG TEST
offset = offsetof(type(self),attrname)
log.debug('st: %s %s is STRUCT at @%x'%(attrname,attrtype, self._orig_address_ + offset) )
# TODO pydoc for impl.
attr._orig_address_ = self._orig_address_ + offset
if not attr.loadMembers(mappings, maxDepth+1):
log.debug("st: %s %s not valid, erreur while loading inner struct "%(attrname,attrtype) )
return False
log.debug("st: %s %s inner struct LOADED "%(attrname,attrtype) )
return True
elif isBasicTypeArray(attr):
return True
if isArrayType(attrtype):
log.debug('a: %s is arraytype %s recurse load'%(attrname,repr(attr)) )#
attrLen=len(attr)
if attrLen == 0:
return True
elType=type(attr[0])
for i in range(0,attrLen):
# FIXME BUG DOES NOT WORK - offsetof("%s[%d]") is called, and %s exists, not %s[%d]
#if not self._loadMember(attr[i], "%s[%d]"%(attrname,i), elType, mappings, maxDepth):
if not self._loadMember(attr[i], attrname, elType, mappings, maxDepth):
return False
return True
# we have PointerType here . Basic or complex
# exception cases
if isCStringPointer(attrtype) :
# can't use basic c_char_p because we can't load in foreign memory
attr_obj_address = getaddress(attr.ptr)
if not bool(attr_obj_address):
log.debug('%s %s is a CString, the pointer is null (validation must have occurred earlier) '%(attrname, attr))
return True
memoryMap = is_valid_address_value(attr_obj_address, mappings)
if not memoryMap :
log.warning('Error on addr while fetching a CString. should not happen')
return False
MAX_SIZE=255
ref = getRef(CString,attr_obj_address)
if ref:
log.debug("%s %s loading from references cache %s/0x%lx"%(attrname,attr,CString,attr_obj_address ))
return True
log.debug("%s %s is defined as a CString, loading from 0x%lx is_valid_address %s"%(
attrname,attr,attr_obj_address, is_valid_address(attr,mappings) ))
txt,full = memoryMap.readCString(attr_obj_address, MAX_SIZE )
if not full:
log.warning('buffer size was too small for this CString')
# that will SEGFAULT attr.string = txt - instead keepRef to String
keepRef( txt, CString, attr_obj_address)
log.debug('kept CString ref for "%s" at @%x'%(txt, attr_obj_address))
return True
elif isPointerType(attrtype): # not functionType, it's not loadable
_attrType = get_subtype(attrtype)
attr_obj_address=getaddress(attr)
####
# memcpy and save objet ref + pointer in attr
# we know the field is considered valid, so if it's not in memory_space, we can ignore it
memoryMap = is_valid_address( attr, mappings, _attrType)
if(not memoryMap):
# big BUG Badaboum, why did pointer changed validity/value ?
log.warning("%s %s not loadable 0x%lx but VALID "%(attrname, attr,attr_obj_address ))
return True
ref = getRef(_attrType,attr_obj_address)
if ref:
log.debug("%s %s loading from references cache %s/0x%lx"%(attrname,attr,_attrType,attr_obj_address ))
#DO NOT CHANGE STUFF SOUPID attr.contents = ref. attr.contents will SEGFAULT
return True
log.debug("%s %s loading from 0x%lx (is_valid_address: %s)"%(attrname,attr,attr_obj_address, memoryMap ))
##### Read the struct in memory and make a copy to play with.
#### DO NOT COPY THE STRUCT, we have a working readStruct for that...
### ERRROR attr.contents=_attrType.from_buffer_copy(memoryMap.readStruct(attr_obj_address, _attrType ))
contents=memoryMap.readStruct(attr_obj_address, _attrType )
# save that validated and loaded ref and original addr so we dont need to recopy it later
keepRef( contents, _attrType, attr_obj_address)
log.debug("keepRef %s.%s @%x"%(_attrType, attrname, attr_obj_address ))
log.debug("%s %s loaded memcopy from 0x%lx to 0x%lx"%(attrname, attr, attr_obj_address, (getaddress(attr)) ))
# recursive validation checks on new struct
if not bool(attr):
log.warning('Member %s is null after copy: %s'%(attrname,attr))
return True
# go and load the pointed struct members recursively
if not contents.loadMembers(mappings, maxDepth):
log.debug('member %s was not loaded'%(attrname))
#invalidate the cache ref.
delRef( _attrType, attr_obj_address)
return False
return True
#TATAFN
return True
def list_head_loadRealMembers(self, mappings, maxDepth, attrtype, listHeadName,
addresses):
'''
Copy ->next and ->prev target structure's memeory space.
attach prev and next correctly.
@param attrtype the target structure type
@param listHeadName the member name of the list_head in the target structure
@param addresses original pointers for prev and next
'''
attrname = listHeadName
addr_prev, addr_next = addresses
null = list_head()
for listWay, addr in [('prev', addr_prev), ('next', addr_next)]:
attr = getattr(self, listWay)
if addr is None or not bool(attr):
attr.contents = null
continue # do not load unvalid address
#print listHeadName,listWay, hex(addr)
#elif not is_address_local(attr) :
# continue # coul
cache = model.getRef(attrtype, addr) # is the next/prev Item in cache
if cache:
# get the offset into the buffer and associate the .list_head->{next,prev} to it
attr.contents = gen.list_head.from_address(
ctypes.addressof(getattr(cache,
attrname))) #loadMember is done
log.debug("assigned &%s.%s in self " % (attrname, listWay))
# DO NOT recurse
continue
log.debug('re-loading %s.%s.%s from 0x%x' %
(attrtype, attrname, listWay, addr))
memoryMap = is_valid_address_value(addr, mappings, attrtype)
if (not memoryMap):
# big BUG Badaboum, why did pointer changed validity/value ?
log.warning("%s.%s %s not loadable 0x%lx but VALID " %
(attrname, listWay, attr, addr))
attr.contents = null
continue
else:
log.debug("self.%s.%s -> 0x%lx (is_valid_address_value: %s)" %
(attrname, listWay, addr, memoryMap))
# save the total struct to local memspace
nextItem = memoryMap.readStruct(addr, attrtype)
#if not nextItem.isValid(mappings):
# log.warning('%s.%s (%s) is INVALID'%(attrname,listWay, attrtype))
# return False
log.debug("%s.%s is loaded: '%s'" % (attrname, listWay, nextItem))
# save the ref and load the task
model.keepRef(nextItem, attrtype, addr)
# get the offset into the buffer and associate the .tasks->next to it
attr.contents = gen.list_head.from_address(
ctypes.addressof(getattr(nextItem,
attrname))) #loadMember is done
log.debug("assigned &%s.%s in self " % (attrname, listWay))
# recursive validation checks on new struct
if not bool(attr):
log.warning('Member %s.%s is null after copy: %s' %
(attrname, listWay, attr))
attr.contents = null
else:
# recursive loading - model revalidation
if not nextItem.loadMembers(mappings, maxDepth - 1):
return False
continue
return True