def __init__(self, arch, handle = None): if handle is None: self.arch = arch self.handle = core.BNCreatePlatform(arch.handle, self.__class__.name) else: self.handle = handle self.__dict__["name"] = core.BNGetPlatformName(self.handle) self.arch = architecture.Architecture(core.BNGetPlatformArchitecture(self.handle))
def arch(self):
"""Basic block architecture (read-only)"""
# The arch for a BasicBlock isn't going to change so just cache
# it the first time we need it
if self._arch is not None:
return self._arch
arch = core.BNGetBasicBlockArchitecture(self.handle)
if arch is None:
return None
self._arch = architecture.Architecture(arch)
return self._arch
def outgoing_edges(self): """List of basic block outgoing edges (read-only)""" count = ctypes.c_ulonglong(0) edges = core.BNGetBasicBlockOutgoingEdges(self.handle, count) result = [] for i in xrange(0, count.value): branch_type = edges[i].type target = edges[i].target if edges[i].arch: arch = architecture.Architecture(edges[i].arch) else: arch = None result.append(BasicBlockEdge(branch_type, target, arch)) core.BNFreeBasicBlockOutgoingEdgeList(edges) return result
def Disassemble(line_generator):
abi_line = re.compile("(ABI: \'(.*)\')")
abi = None
tools = None
# Process global headers
for line in line_generator:
yield line
abi_header = abi_line.search(line)
if abi_header:
abi = abi_header.group(2)
# Look up the tools here so we don't do a lookup for each code block.
tools = architecture.Architecture(abi)
break
# The rest of the file consists of:
# o Lines that should pass through unchanged
# o Blocks of register values, which follow a 'pid: ...' line and end with
# 'backtrace:' line
# o Blocks of code represented as words, which start with 'code around ...'
# and end with a line that doesn't look like a list of words.
#
# The only constraint on the ordering of these blocks is that the register
# values must come before the first code block.
#
# It's easiest to nest register processing in the codeblock search loop.
register_list_re = re.compile('^pid: ')
codeblock_re = re.compile('^code around ([a-z0-9]+)|memory near (pc)')
register_text = {}
for line in line_generator:
yield line
if register_list_re.search(line):
register_text = {}
for output in ProcessRegisterList(line_generator, register_text):
yield output
code_match = codeblock_re.search(line)
if code_match:
code_reg = ''.join(code_match.groups(''))
for output in ProcessCodeBlock(abi, tools, code_reg, register_text,
line_generator):
yield output
def __init__(self, arch=None, name=None, handle=None, confidence=types.max_confidence):
if handle is None:
if arch is None or name is None:
raise ValueError("Must specify either handle or architecture and name")
self.arch = arch
self._pending_reg_lists = {}
self._cb = core.BNCustomCallingConvention()
self._cb.context = 0
self._cb.getCallerSavedRegisters = self._cb.getCallerSavedRegisters.__class__(self._get_caller_saved_regs)
self._cb.getIntegerArgumentRegisters = self._cb.getIntegerArgumentRegisters.__class__(self._get_int_arg_regs)
self._cb.getFloatArgumentRegisters = self._cb.getFloatArgumentRegisters.__class__(self._get_float_arg_regs)
self._cb.freeRegisterList = self._cb.freeRegisterList.__class__(self._free_register_list)
self._cb.areArgumentRegistersSharedIndex = self._cb.areArgumentRegistersSharedIndex.__class__(self._arg_regs_share_index)
self._cb.isStackReservedForArgumentRegisters = self._cb.isStackReservedForArgumentRegisters.__class__(self._stack_reserved_for_arg_regs)
self._cb.isStackAdjustedOnReturn = self._cb.isStackAdjustedOnReturn.__class__(self._stack_adjusted_on_return)
self._cb.getIntegerReturnValueRegister = self._cb.getIntegerReturnValueRegister.__class__(self._get_int_return_reg)
self._cb.getHighIntegerReturnValueRegister = self._cb.getHighIntegerReturnValueRegister.__class__(self._get_high_int_return_reg)
self._cb.getFloatReturnValueRegister = self._cb.getFloatReturnValueRegister.__class__(self._get_float_return_reg)
self._cb.getGlobalPointerRegister = self._cb.getGlobalPointerRegister.__class__(self._get_global_pointer_reg)
self._cb.getImplicitlyDefinedRegisters = self._cb.getImplicitlyDefinedRegisters.__class__(self._get_implicitly_defined_regs)
self._cb.getIncomingRegisterValue = self._cb.getIncomingRegisterValue.__class__(self._get_incoming_reg_value)
self._cb.getIncomingFlagValue = self._cb.getIncomingFlagValue.__class__(self._get_incoming_flag_value)
self.handle = core.BNCreateCallingConvention(arch.handle, name, self._cb)
self.__class__._registered_calling_conventions.append(self)
else:
self.handle = handle
self.arch = architecture.Architecture(core.BNGetCallingConventionArchitecture(self.handle))
self.__dict__["name"] = core.BNGetCallingConventionName(self.handle)
self.__dict__["arg_regs_share_index"] = core.BNAreArgumentRegistersSharedIndex(self.handle)
self.__dict__["stack_reserved_for_arg_regs"] = core.BNIsStackReservedForArgumentRegisters(self.handle)
self.__dict__["stack_adjusted_on_return"] = core.BNIsStackAdjustedOnReturn(self.handle)
count = ctypes.c_ulonglong()
regs = core.BNGetCallerSavedRegisters(self.handle, count)
result = []
arch = self.arch
for i in xrange(0, count.value):
result.append(arch.get_reg_name(regs[i]))
core.BNFreeRegisterList(regs, count.value)
self.__dict__["caller_saved_regs"] = result
count = ctypes.c_ulonglong()
regs = core.BNGetIntegerArgumentRegisters(self.handle, count)
result = []
arch = self.arch
for i in xrange(0, count.value):
result.append(arch.get_reg_name(regs[i]))
core.BNFreeRegisterList(regs, count.value)
self.__dict__["int_arg_regs"] = result
count = ctypes.c_ulonglong()
regs = core.BNGetFloatArgumentRegisters(self.handle, count)
result = []
arch = self.arch
for i in xrange(0, count.value):
result.append(arch.get_reg_name(regs[i]))
core.BNFreeRegisterList(regs, count.value)
self.__dict__["float_arg_regs"] = result
reg = core.BNGetIntegerReturnValueRegister(self.handle)
if reg == 0xffffffff:
self.__dict__["int_return_reg"] = None
else:
self.__dict__["int_return_reg"] = self.arch.get_reg_name(reg)
reg = core.BNGetHighIntegerReturnValueRegister(self.handle)
if reg == 0xffffffff:
self.__dict__["high_int_return_reg"] = None
else:
self.__dict__["high_int_return_reg"] = self.arch.get_reg_name(reg)
reg = core.BNGetFloatReturnValueRegister(self.handle)
if reg == 0xffffffff:
self.__dict__["float_return_reg"] = None
else:
self.__dict__["float_return_reg"] = self.arch.get_reg_name(reg)
reg = core.BNGetGlobalPointerRegister(self.handle)
if reg == 0xffffffff:
self.__dict__["global_pointer_reg"] = None
else:
self.__dict__["global_pointer_reg"] = self.arch.get_reg_name(reg)
count = ctypes.c_ulonglong()
regs = core.BNGetImplicitlyDefinedRegisters(self.handle, count)
result = []
arch = self.arch
for i in xrange(0, count.value):
result.append(arch.get_reg_name(regs[i]))
core.BNFreeRegisterList(regs, count.value)
self.__dict__["implicitly_defined_regs"] = result
self.confidence = confidence
def arch(self): """Basic block architecture (read-only)""" arch = core.BNGetBasicBlockArchitecture(self.handle) if arch is None: return None return architecture.Architecture(arch)
def __init__(self, arch, handle=None):
if handle is None:
self.arch = arch
self._pending_reg_lists = {}
self._cb = core.BNCustomCallingConvention()
self._cb.context = 0
self._cb.getCallerSavedRegisters = self._cb.getCallerSavedRegisters.__class__(
self._get_caller_saved_regs)
self._cb.getIntegerArgumentRegisters = self._cb.getIntegerArgumentRegisters.__class__(
self._get_int_arg_regs)
self._cb.getFloatArgumentRegisters = self._cb.getFloatArgumentRegisters.__class__(
self._get_float_arg_regs)
self._cb.freeRegisterList = self._cb.freeRegisterList.__class__(
self._free_register_list)
self._cb.areArgumentRegistersSharedIndex = self._cb.areArgumentRegistersSharedIndex.__class__(
self._arg_regs_share_index)
self._cb.isStackReservedForArgumentRegisters = self._cb.isStackReservedForArgumentRegisters.__class__(
self._stack_reserved_for_arg_regs)
self._cb.getIntegerReturnValueRegister = self._cb.getIntegerReturnValueRegister.__class__(
self._get_int_return_reg)
self._cb.getHighIntegerReturnValueRegister = self._cb.getHighIntegerReturnValueRegister.__class__(
self._get_high_int_return_reg)
self._cb.getFloatReturnValueRegister = self._cb.getFloatReturnValueRegister.__class__(
self._get_float_return_reg)
self.handle = core.BNCreateCallingConvention(
arch.handle, self.__class__.name, self._cb)
self.__class__._registered_calling_conventions.append(self)
else:
self.handle = handle
self.arch = architecture.Architecture(
core.BNGetCallingConventionArchitecture(self.handle))
self.__dict__["name"] = core.BNGetCallingConventionName(
self.handle)
self.__dict__[
"arg_regs_share_index"] = core.BNAreArgumentRegistersSharedIndex(
self.handle)
self.__dict__[
"stack_reserved_for_arg_regs"] = core.BNIsStackReservedForArgumentRegisters(
self.handle)
count = ctypes.c_ulonglong()
regs = core.BNGetCallerSavedRegisters(self.handle, count)
result = []
arch = self.arch
for i in xrange(0, count.value):
result.append(arch.get_reg_name(regs[i]))
core.BNFreeRegisterList(regs, count.value)
self.__dict__["caller_saved_regs"] = result
count = ctypes.c_ulonglong()
regs = core.BNGetIntegerArgumentRegisters(self.handle, count)
result = []
arch = self.arch
for i in xrange(0, count.value):
result.append(arch.get_reg_name(regs[i]))
core.BNFreeRegisterList(regs, count.value)
self.__dict__["int_arg_regs"] = result
count = ctypes.c_ulonglong()
regs = core.BNGetFloatArgumentRegisters(self.handle, count)
result = []
arch = self.arch
for i in xrange(0, count.value):
result.append(arch.get_reg_name(regs[i]))
core.BNFreeRegisterList(regs, count.value)
self.__dict__["float_arg_regs"] = result
reg = core.BNGetIntegerReturnValueRegister(self.handle)
if reg == 0xffffffff:
self.__dict__["int_return_reg"] = None
else:
self.__dict__["int_return_reg"] = self.arch.get_reg_name(reg)
reg = core.BNGetHighIntegerReturnValueRegister(self.handle)
if reg == 0xffffffff:
self.__dict__["high_int_return_reg"] = None
else:
self.__dict__["high_int_return_reg"] = self.arch.get_reg_name(
reg)
reg = core.BNGetFloatReturnValueRegister(self.handle)
if reg == 0xffffffff:
self.__dict__["float_return_reg"] = None
else:
self.__dict__["float_return_reg"] = self.arch.get_reg_name(reg)