def test_main(): f1 = FunctionFactory.create_function( FileUtil.read_file("./lldb_sub_103CE4E48.txt")) # F.dumps(f1) registers = Parser.load_register_from_lldb_text("./tmp/lldb_registers.txt") # 取 dumpM [($sp - 0x330), 4096] 还要更大.. # 更新:建议 dumpM ($sp - 0x380) # mems = Parser.load_mem_from_lldb_text("./tmp/lldb_mem_0x16dcb8680.txt") mems = Parser.load_mem_from_lldb_text("./tmp/lldb_mem_0x1701f4680.txt") arm = ARMEleciron().init_environment(registers, mems, [f1]) R.r("pc").s_value(f1.func_address) # pc修复 # <+20036>: mem read ($x5 + 0xc0) => mem read ($sp + 0x208 + 0xc0) # mem_0x10bb45100_line20036 = Parser.load_mem_from_lldb_text("./tmp/lldb_mem_0x010bb45100.txt") # 20036 [x9] mem_0x10bb45100_line20036 = Parser.load_mem_from_lldb_text( "./tmp/lldb_mem_0x1094f1100.txt") # 20036 [x9] arm.init_mems(mem_0x10bb45100_line20036) # <+1540>:mem read $sp - 24 mem_0x1701f4668_line1540 = Parser.load_mem_from_lldb_text( "./tmp/lldb_mem_0x1701f4668.txt") arm.init_mems(mem_0x1701f4668_line1540) # <+464> -> <+476> -> <+492> -> <+1252 -> <+2508> -> <+42060>: 是返回位置 # 20200812测试 0x103CE4E48 :dumpM 0x1701f39b0($sp-0x1000) 0x3096 # 20200815测试:共有5处放0x28... 观察前4处:0x170030e38($sp+0x488) > 0x170030d20 > 0x170030560 > 0x170030bc8、 # 1. 0x170030e38 + 0x860 是单个值取位置。 lldb_func_symbol482833$$Aweme_348.txt <+324> # BP.register(OpCodePosition('Op.and_("w9", "w9", 0x80000000)')) # 断点到:+25492 # BP.register(OpCodePosition('Op.cmp("w10", R.r("w9") >> 26)')) # BP.register(OpCodePosition('Op.stur("x3", (R.r("x8") - 0xd0).ptr)')) # BP.register(OpLineNoPosition("1540")) # BP.register(OpLineNoPosition("27964")) arm.start()
def get_values_organized_by_metric(filename_array): file_array_read = [] for filename in filename_array: file_array_read.append(FileUtil.read_file(filename=filename)) return file_array_read