def buildPathGraph(): g = vg_gcore.Graph() n0 = g.addNode() n1 = g.addNode() n2 = g.addNode() n3 = g.addNode() n4 = g.addNode() g.addEdge(n0, n1) g.addEdge(n0, n2) g.addEdge(n1, n3) g.addEdge(n1, n4) return g, n0, n4
def test_visgraph_subcluster(self): g = v_graphcore.Graph() a = g.addNode('a') b = g.addNode('b') c = g.addNode('c') d = g.addNode('d') e = g.addNode('e') r = g.addNode('f') g.addEdgeByNids('a', 'b') g.addEdgeByNids('a', 'c') g.addEdgeByNids('d', 'e') g.addEdgeByNids('d', 'f') subs = g.getClusterGraphs() self.assertEqual(len(subs), 2) subtests = [set(['a', 'b', 'c']), set(['d', 'e', 'f'])] for sub in subs: if sub.getNode('a'): self.assertIsNone(sub.getNode('d')) self.assertIsNone(sub.getNode('e')) self.assertIsNone(sub.getNode('f')) akids = [edge[2] for edge in sub.getRefsFromByNid('a')] self.assertTrue('b' in akids) self.assertTrue('c' in akids) elif sub.getNode('d'): self.assertIsNone(sub.getNode('a')) self.assertIsNone(sub.getNode('b')) self.assertIsNone(sub.getNode('c')) dkids = [edge[2] for edge in sub.getRefsFromByNid('d')] self.assertTrue('e' in dkids) self.assertTrue('f' in dkids) else: raise Exception('Invalid SubCluster!')
def test_visgraph_nodeprops(self): g = v_graphcore.Graph() a = g.addNode('a') g.setNodeProp(a, 'foo', 'bar') self.assertEqual(a[1].get('foo'), 'bar') self.assertTrue(a in g.getNodesByProp('foo')) self.assertTrue(a in g.getNodesByProp('foo', 'bar')) self.assertFalse(a in g.getNodesByProp('foo', 'blah')) g.delNodeProp(a, 'foo') self.assertFalse(a in g.getNodesByProp('foo')) self.assertFalse(a in g.getNodesByProp('foo', 'bar')) self.assertIsNone(a[1].get('foo'))
def test_visgraph_edgeprops(self): g = v_graphcore.Graph() a = g.addNode('a') b = g.addNode('b') e = g.addEdge(a, b) g.setEdgeProp(e, 'foo', 'bar') self.assertEqual(e[3].get('foo'), 'bar') self.assertTrue(e in g.getEdgesByProp('foo')) self.assertTrue(e in g.getEdgesByProp('foo', 'bar')) self.assertFalse(e in g.getEdgesByProp('foo', 'blah')) g.delEdgeProp(e, 'foo') self.assertFalse(e in g.getEdgesByProp('foo')) self.assertFalse(e in g.getEdgesByProp('foo', 'bar')) self.assertIsNone(e[3].get('foo'))
def test_visgraph_formnode(self): g = v_graphcore.Graph() def wootctor(n): g.setNodeProp(n, 'lul', 1) n1 = g.formNode('woot', 10, ctor=wootctor) self.assertEqual(n1[1].get('lul'), 1) g.setNodeProp(n1, 'lul', 2) g.setNodeProp(n1, 'foo', 'bar') n2 = g.formNode('woot', 20, ctor=wootctor) n3 = g.formNode('woot', 10, ctor=wootctor) self.assertEqual(n1[0], n3[0]) self.assertEqual(n1[1].get('lul'), 2) self.assertEqual(n3[1].get('foo'), 'bar') self.assertNotEqual(n1[0], n2[0])
def analyze(vw): logger.info('...analyzing pointers.') done = {} # Let's analyze Relocations we know are pointers for rva, rtype in vw.reloc_by_va.items(): if rtype != RTYPE_BASEPTR: continue for xfr, xto, xtype, xinfo in vw.getXrefsFrom(rva): logger.debug('pointer(1): 0x%x -> 0x%x', xfr, xto) vw.analyzePointer(xto) done[xfr] = xto # Now, we'll analyze the pointers placed by the file wrapper (ELF, PE, MACHO, etc...) for pva, tva, fname, pname in vw.getVaSetRows('PointersFromFile'): if vw.getLocation(pva) is None: if tva is None: logger.debug('making pointer(2) 0x%x (%r)', pva, pname) else: logger.debug('making pointer(2) 0x%x -> 0x%x (%r)', pva, tva, pname) vw.makePointer(pva, tva, follow=True) done[pva] = tva for lva, lsz, lt, li in vw.getLocations(LOC_POINTER): tva = vw.readMemoryPtr(lva) if not vw.isValidPointer(tva): continue if vw.getLocation(tva) is not None: # event if it's a pointer, we may not have made a name for it if vw.getName(lva) is None: done[lva] = tva continue logger.debug('following previously discovered pointer 0x%x -> 0x%x', lva, tva) try: logger.debug('pointer(3): 0x%x -> 0x%x', lva, tva) vw.followPointer(tva) done[lva] = tva except Exception as e: logger.error( 'followPointer() failed for 0x%.8x (pval: 0x%.8x) (err: %s)', lva, tva, e) # Now, lets find likely free-hanging pointers for addr, pval in vw.findPointers(): if vw.isDeadData(pval): continue try: logger.debug('pointer(4): 0x%x -> 0x%x', addr, pval) vw.makePointer(addr, follow=True) done[addr] = pval except Exception as e: logger.error( 'makePointer() failed for 0x%.8x (pval: 0x%.8x) (err: %s)', addr, pval, e) # link the possible pointers up pgraph = g_core.Graph() while done: ptr, tgt = done.popitem() try: pgraph.addNode(ptr) except g_exc.DuplicateNode: pass try: pgraph.addNode(tgt) except g_exc.DuplicateNode: pass pgraph.addEdgeByNids(ptr, tgt) leafs = [node for node in pgraph.getNodes() if pgraph.isLeafNode(node)] for leaf in leafs: va, props = leaf name = vw.getName(va) # if there's not a name at the bottom, not work making ptr names if not name: continue links = [(ptr, tgt) for edge, ptr, tgt, props in pgraph.getRefsToByNid(va)] while links: ptr, tgt = links.pop(0) pname = vw.getName(ptr) if pname: continue if not vw.isLocType(ptr, LOC_POINTER): continue tgtname = vw.getName(tgt) if tgtname: name = vw._addNamePrefix(tgtname, tgt, 'ptr', '_') + '_%.8x' % ptr logger.debug('0x%x: adding name prefix: %r (%r)', tgt, tgtname, name) vw.makeName(ptr, name) for edge, n1, n2, props in pgraph.getRefsToByNid(ptr): links.append((n1, n2))
self._v_nodecol = NodeColumn(vg, nodes, self.scene()) self._v_vg = vg if __name__ == '__main__': import sys import visgraph.graphcore as vg_graphcore app = QtGui.QApplication(sys.argv) app.setFont(QtGui.QFont('Courier')) initnodes = [(i, {'repr': 'node%d' % i}) for i in xrange(30)] # Build up a fake graph vg = vg_graphcore.Graph() for nid, nprops in initnodes: vg.addNode(nodeid=nid, repr='node %d' % nid) for nid, nprops in initnodes: for knid, knprops in initnodes: if nid == knid: continue vg.addEdge(nid, knid) win = QGraphTreeView(vg, initnodes, parent=None) win.show() app.exec_()
def __init__(self, graph=None): cmd.Cmd.__init__(self) if graph is None: graph = vg_gcore.Graph() self.graph = graph