RubyGems - metasm - Versions diffs - 1.0.1 → 1.0.2 - Mend

metasm 1.0.1 → 1.0.2

Files changed (235) hide show

checksums.yaml +7 -0
data/.gitignore +1 -0
data/.hgtags +3 -0
data/Gemfile +1 -0
data/INSTALL +61 -0
data/LICENCE +458 -0
data/README +29 -21
data/Rakefile +10 -0
data/TODO +10 -12
data/doc/code_organisation.txt +2 -0
data/doc/core/DynLdr.txt +247 -0
data/doc/core/ExeFormat.txt +43 -0
data/doc/core/Expression.txt +220 -0
data/doc/core/GNUExports.txt +27 -0
data/doc/core/Ia32.txt +236 -0
data/doc/core/SerialStruct.txt +108 -0
data/doc/core/VirtualString.txt +145 -0
data/doc/core/WindowsExports.txt +61 -0
data/doc/core/index.txt +1 -0
data/doc/style.css +6 -3
data/doc/usage/debugger.txt +327 -0
data/doc/usage/index.txt +1 -0
data/doc/use_cases.txt +2 -2
data/metasm.gemspec +22 -0
data/{lib/metasm.rb → metasm.rb} +11 -3
data/{lib/metasm → metasm}/compile_c.rb +13 -7
data/metasm/cpu/arc.rb +8 -0
data/metasm/cpu/arc/decode.rb +425 -0
data/metasm/cpu/arc/main.rb +191 -0
data/metasm/cpu/arc/opcodes.rb +588 -0
data/{lib/metasm → metasm/cpu}/arm.rb +7 -5
data/{lib/metasm → metasm/cpu}/arm/debug.rb +2 -2
data/{lib/metasm → metasm/cpu}/arm/decode.rb +13 -12
data/{lib/metasm → metasm/cpu}/arm/encode.rb +23 -8
data/{lib/metasm → metasm/cpu}/arm/main.rb +0 -3
data/metasm/cpu/arm/opcodes.rb +324 -0
data/{lib/metasm → metasm/cpu}/arm/parse.rb +25 -13
data/{lib/metasm → metasm/cpu}/arm/render.rb +2 -2
data/metasm/cpu/arm64.rb +15 -0
data/metasm/cpu/arm64/debug.rb +38 -0
data/metasm/cpu/arm64/decode.rb +289 -0
data/metasm/cpu/arm64/encode.rb +41 -0
data/metasm/cpu/arm64/main.rb +105 -0
data/metasm/cpu/arm64/opcodes.rb +232 -0
data/metasm/cpu/arm64/parse.rb +20 -0
data/metasm/cpu/arm64/render.rb +95 -0
data/{lib/metasm/ppc.rb → metasm/cpu/bpf.rb} +2 -4
data/metasm/cpu/bpf/decode.rb +142 -0
data/metasm/cpu/bpf/main.rb +60 -0
data/metasm/cpu/bpf/opcodes.rb +81 -0
data/metasm/cpu/bpf/render.rb +41 -0
data/metasm/cpu/cy16.rb +9 -0
data/metasm/cpu/cy16/decode.rb +253 -0
data/metasm/cpu/cy16/main.rb +63 -0
data/metasm/cpu/cy16/opcodes.rb +78 -0
data/metasm/cpu/cy16/render.rb +41 -0
data/metasm/cpu/dalvik.rb +11 -0
data/{lib/metasm → metasm/cpu}/dalvik/decode.rb +35 -13
data/{lib/metasm → metasm/cpu}/dalvik/main.rb +51 -2
data/{lib/metasm → metasm/cpu}/dalvik/opcodes.rb +19 -11
data/metasm/cpu/ia32.rb +17 -0
data/{lib/metasm → metasm/cpu}/ia32/compile_c.rb +5 -7
data/{lib/metasm → metasm/cpu}/ia32/debug.rb +5 -5
data/{lib/metasm → metasm/cpu}/ia32/decode.rb +246 -59
data/{lib/metasm → metasm/cpu}/ia32/decompile.rb +7 -7
data/{lib/metasm → metasm/cpu}/ia32/encode.rb +19 -13
data/{lib/metasm → metasm/cpu}/ia32/main.rb +51 -8
data/metasm/cpu/ia32/opcodes.rb +1424 -0
data/{lib/metasm → metasm/cpu}/ia32/parse.rb +47 -16
data/{lib/metasm → metasm/cpu}/ia32/render.rb +31 -4
data/metasm/cpu/mips.rb +14 -0
data/{lib/metasm → metasm/cpu}/mips/compile_c.rb +1 -1
data/metasm/cpu/mips/debug.rb +42 -0
data/{lib/metasm → metasm/cpu}/mips/decode.rb +46 -16
data/{lib/metasm → metasm/cpu}/mips/encode.rb +4 -3
data/{lib/metasm → metasm/cpu}/mips/main.rb +11 -4
data/{lib/metasm → metasm/cpu}/mips/opcodes.rb +86 -17
data/{lib/metasm → metasm/cpu}/mips/parse.rb +1 -1
data/{lib/metasm → metasm/cpu}/mips/render.rb +1 -1
data/{lib/metasm/dalvik.rb → metasm/cpu/msp430.rb} +1 -1
data/metasm/cpu/msp430/decode.rb +247 -0
data/metasm/cpu/msp430/main.rb +62 -0
data/metasm/cpu/msp430/opcodes.rb +101 -0
data/{lib/metasm → metasm/cpu}/pic16c/decode.rb +6 -7
data/{lib/metasm → metasm/cpu}/pic16c/main.rb +0 -0
data/{lib/metasm → metasm/cpu}/pic16c/opcodes.rb +1 -1
data/{lib/metasm/mips.rb → metasm/cpu/ppc.rb} +4 -4
data/{lib/metasm → metasm/cpu}/ppc/decode.rb +18 -12
data/{lib/metasm → metasm/cpu}/ppc/decompile.rb +3 -3
data/{lib/metasm → metasm/cpu}/ppc/encode.rb +2 -2
data/{lib/metasm → metasm/cpu}/ppc/main.rb +17 -12
data/{lib/metasm → metasm/cpu}/ppc/opcodes.rb +11 -5
data/metasm/cpu/ppc/parse.rb +55 -0
data/metasm/cpu/python.rb +8 -0
data/metasm/cpu/python/decode.rb +136 -0
data/metasm/cpu/python/main.rb +36 -0
data/metasm/cpu/python/opcodes.rb +180 -0
data/{lib/metasm → metasm/cpu}/sh4.rb +1 -1
data/{lib/metasm → metasm/cpu}/sh4/decode.rb +48 -17
data/{lib/metasm → metasm/cpu}/sh4/main.rb +13 -4
data/{lib/metasm → metasm/cpu}/sh4/opcodes.rb +7 -8
data/metasm/cpu/x86_64.rb +15 -0
data/{lib/metasm → metasm/cpu}/x86_64/compile_c.rb +28 -17
data/{lib/metasm → metasm/cpu}/x86_64/debug.rb +4 -4
data/{lib/metasm → metasm/cpu}/x86_64/decode.rb +57 -15
data/{lib/metasm → metasm/cpu}/x86_64/encode.rb +55 -26
data/{lib/metasm → metasm/cpu}/x86_64/main.rb +14 -6
data/metasm/cpu/x86_64/opcodes.rb +136 -0
data/{lib/metasm → metasm/cpu}/x86_64/parse.rb +10 -2
data/metasm/cpu/x86_64/render.rb +35 -0
data/metasm/cpu/z80.rb +9 -0
data/metasm/cpu/z80/decode.rb +313 -0
data/metasm/cpu/z80/main.rb +67 -0
data/metasm/cpu/z80/opcodes.rb +224 -0
data/metasm/cpu/z80/render.rb +59 -0
data/{lib/metasm/os/main.rb → metasm/debug.rb} +160 -401
data/{lib/metasm → metasm}/decode.rb +35 -4
data/{lib/metasm → metasm}/decompile.rb +15 -16
data/{lib/metasm → metasm}/disassemble.rb +201 -45
data/{lib/metasm → metasm}/disassemble_api.rb +651 -87
data/{lib/metasm → metasm}/dynldr.rb +220 -133
data/{lib/metasm → metasm}/encode.rb +10 -1
data/{lib/metasm → metasm}/exe_format/a_out.rb +9 -6
data/{lib/metasm → metasm}/exe_format/autoexe.rb +1 -0
data/{lib/metasm → metasm}/exe_format/bflt.rb +57 -27
data/{lib/metasm → metasm}/exe_format/coff.rb +11 -3
data/{lib/metasm → metasm}/exe_format/coff_decode.rb +53 -20
data/{lib/metasm → metasm}/exe_format/coff_encode.rb +11 -13
data/{lib/metasm → metasm}/exe_format/dex.rb +13 -5
data/{lib/metasm → metasm}/exe_format/dol.rb +1 -0
data/{lib/metasm → metasm}/exe_format/elf.rb +93 -57
data/{lib/metasm → metasm}/exe_format/elf_decode.rb +143 -34
data/{lib/metasm → metasm}/exe_format/elf_encode.rb +122 -31
data/metasm/exe_format/gb.rb +65 -0
data/metasm/exe_format/javaclass.rb +424 -0
data/{lib/metasm → metasm}/exe_format/macho.rb +204 -16
data/{lib/metasm → metasm}/exe_format/main.rb +26 -3
data/{lib/metasm → metasm}/exe_format/mz.rb +1 -0
data/{lib/metasm → metasm}/exe_format/nds.rb +7 -4
data/{lib/metasm → metasm}/exe_format/pe.rb +71 -8
data/metasm/exe_format/pyc.rb +167 -0
data/{lib/metasm → metasm}/exe_format/serialstruct.rb +67 -14
data/{lib/metasm → metasm}/exe_format/shellcode.rb +7 -3
data/metasm/exe_format/shellcode_rwx.rb +114 -0
data/metasm/exe_format/swf.rb +205 -0
data/{lib/metasm → metasm}/exe_format/xcoff.rb +7 -7
data/metasm/exe_format/zip.rb +335 -0
data/metasm/gui.rb +13 -0
data/{lib/metasm → metasm}/gui/cstruct.rb +35 -41
data/{lib/metasm → metasm}/gui/dasm_coverage.rb +11 -11
data/{lib/metasm → metasm}/gui/dasm_decomp.rb +7 -20
data/{lib/metasm → metasm}/gui/dasm_funcgraph.rb +0 -0
data/metasm/gui/dasm_graph.rb +1695 -0
data/{lib/metasm → metasm}/gui/dasm_hex.rb +12 -8
data/{lib/metasm → metasm}/gui/dasm_listing.rb +43 -28
data/{lib/metasm → metasm}/gui/dasm_main.rb +310 -53
data/{lib/metasm → metasm}/gui/dasm_opcodes.rb +5 -19
data/{lib/metasm → metasm}/gui/debug.rb +93 -27
data/{lib/metasm → metasm}/gui/gtk.rb +162 -40
data/{lib/metasm → metasm}/gui/qt.rb +12 -2
data/{lib/metasm → metasm}/gui/win32.rb +179 -42
data/{lib/metasm → metasm}/gui/x11.rb +59 -59
data/{lib/metasm → metasm}/main.rb +389 -264
data/{lib/metasm/os/remote.rb → metasm/os/gdbremote.rb} +146 -54
data/{lib/metasm → metasm}/os/gnu_exports.rb +1 -1
data/{lib/metasm → metasm}/os/linux.rb +628 -151
data/metasm/os/main.rb +330 -0
data/{lib/metasm → metasm}/os/windows.rb +132 -42
data/{lib/metasm → metasm}/os/windows_exports.rb +141 -0
data/{lib/metasm → metasm}/parse.rb +26 -24
data/{lib/metasm → metasm}/parse_c.rb +221 -116
data/{lib/metasm → metasm}/preprocessor.rb +55 -40
data/{lib/metasm → metasm}/render.rb +14 -38
data/misc/hexdump.rb +2 -1
data/misc/lint.rb +58 -0
data/misc/txt2html.rb +9 -7
data/samples/bindiff.rb +3 -4
data/samples/dasm-plugins/bindiff.rb +15 -0
data/samples/dasm-plugins/bookmark.rb +133 -0
data/samples/dasm-plugins/c_constants.rb +57 -0
data/samples/dasm-plugins/colortheme_solarized.rb +125 -0
data/samples/dasm-plugins/cppobj_funcall.rb +60 -0
data/samples/dasm-plugins/dasm_all.rb +70 -0
data/samples/dasm-plugins/demangle_cpp.rb +31 -0
data/samples/dasm-plugins/deobfuscate.rb +251 -0
data/samples/dasm-plugins/dump_text.rb +35 -0
data/samples/dasm-plugins/export_graph_svg.rb +86 -0
data/samples/dasm-plugins/findgadget.rb +75 -0
data/samples/dasm-plugins/hl_opcode.rb +32 -0
data/samples/dasm-plugins/hotfix_gtk_dbg.rb +19 -0
data/samples/dasm-plugins/imm2off.rb +34 -0
data/samples/dasm-plugins/match_libsigs.rb +93 -0
data/samples/dasm-plugins/patch_file.rb +95 -0
data/samples/dasm-plugins/scanfuncstart.rb +36 -0
data/samples/dasm-plugins/scanxrefs.rb +26 -0
data/samples/dasm-plugins/selfmodify.rb +197 -0
data/samples/dasm-plugins/stringsxrefs.rb +28 -0
data/samples/dasmnavig.rb +1 -1
data/samples/dbg-apihook.rb +24 -9
data/samples/dbg-plugins/heapscan.rb +283 -0
data/samples/dbg-plugins/heapscan/compiled_heapscan_lin.c +155 -0
data/samples/dbg-plugins/heapscan/compiled_heapscan_win.c +128 -0
data/samples/dbg-plugins/heapscan/graphheap.rb +616 -0
data/samples/dbg-plugins/heapscan/heapscan.rb +709 -0
data/samples/dbg-plugins/heapscan/winheap.h +174 -0
data/samples/dbg-plugins/heapscan/winheap7.h +307 -0
data/samples/dbg-plugins/trace_func.rb +214 -0
data/samples/disassemble-gui.rb +35 -5
data/samples/disassemble.rb +31 -6
data/samples/dump_upx.rb +24 -12
data/samples/dynamic_ruby.rb +12 -3
data/samples/exeencode.rb +6 -5
data/samples/factorize-headers-peimports.rb +1 -1
data/samples/lindebug.rb +175 -381
data/samples/metasm-shell.rb +1 -2
data/samples/peldr.rb +2 -2
data/tests/all.rb +1 -1
data/tests/arc.rb +26 -0
data/tests/dynldr.rb +22 -4
data/tests/expression.rb +55 -0
data/tests/graph_layout.rb +285 -0
data/tests/ia32.rb +79 -26
data/tests/mips.rb +9 -2
data/tests/x86_64.rb +66 -18
metadata +330 -218
data/lib/metasm/arm/opcodes.rb +0 -177
data/lib/metasm/gui.rb +0 -23
data/lib/metasm/gui/dasm_graph.rb +0 -1354
data/lib/metasm/ia32.rb +0 -14
data/lib/metasm/ia32/opcodes.rb +0 -873
data/lib/metasm/ppc/parse.rb +0 -52
data/lib/metasm/x86_64.rb +0 -12
data/lib/metasm/x86_64/opcodes.rb +0 -118
data/samples/gdbclient.rb +0 -583
data/samples/rubstop.rb +0 -399

data/{lib/metasm → metasm/cpu}/pic16c/main.rb RENAMED

File without changes

data/{lib/metasm → metasm/cpu}/pic16c/opcodes.rb RENAMED

@@ -4,7 +4,7 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
-require 'metasm/pic16c/main'
+require 'metasm/cpu/pic16c/main'
 module Metasm
 class Pic16c

data/{lib/metasm/mips.rb → metasm/cpu/ppc.rb} RENAMED

@@ -5,7 +5,7 @@
 require 'metasm/main'
-require 'metasm/mips/parse'
-require 'metasm/mips/encode'
-require 'metasm/mips/decode'
-require 'metasm/mips/render'
+require 'metasm/cpu/ppc/parse'
+require 'metasm/cpu/ppc/encode'
+require 'metasm/cpu/ppc/decode'
+require 'metasm/cpu/ppc/decompile'

data/{lib/metasm → metasm/cpu}/ppc/decode.rb RENAMED

@@ -4,7 +4,7 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
-require 'metasm/ppc/opcodes'
+require 'metasm/cpu/ppc/opcodes'
 require 'metasm/decode'
 module Metasm
@@ -13,8 +13,8 @@ class PowerPC
 		# bit = 0 if can be mutated by an field value, 1 if fixed by opcode
 		return if not op.bin.kind_of? Integer
 		op.bin_mask = 0
-		op.args.each { |f|
-			op.bin_mask |= @fields_mask[f] << @fields_shift[f]
+		op.fields.each { |k, (m, s)|
+			op.bin_mask |= m << s
 		}
 		op.bin_mask = 0xffff_ffff ^ op.bin_mask
 	end
@@ -37,7 +37,7 @@ class PowerPC
 	end
 	def decode_findopcode(edata)
-		return if edata.ptr >= edata.data.length
+		return if edata.ptr+4 > edata.length
 		di = DecodedInstruction.new(self)
 		val = edata.decode_imm(:u32, @endianness)
 		edata.ptr -= 4
@@ -67,14 +67,20 @@ class PowerPC
 			when :fra, :frb, :frc, :frs, :frt; FPR.new field_val[a]
 			when :ra_i16, :ra_i16s, :ra_i16q
 				i = field_val[{:ra_i16 => :d, :ra_i16s => :ds, :ra_i16q => :dq}[a]]
-			       	Memref.new GPR.new(field_val[:ra]), Expression[i]
-			when :bd, :d, :ds, :dq, :si, :ui, :li, :sh, :ma, :mb, :me, :ma_, :mb_, :me_; Expression[field_val[a]]
-			when :ign_bo_zzz, :ign_bo_z, :ign_bo_at, :ign_bo_at2, :ign_bi, :aa, :lk, :oe, :rc, :l; next
+				Memref.new GPR.new(field_val[:ra]), Expression[i]
+			when :bd, :d, :ds, :dq, :si, :ui, :li, :sh, :mb, :me, :mb_, :me_, :u; Expression[field_val[a]]
+			when :ba, :bf, :bfa, :bt; CR.new field_val[a]
+			when :bb, :bh, :flm, :fxm, :l_, :l__, :lev, :nb, :sh_, :spr, :sr, :tbr, :th, :to
+				puts "PPC.decode: unsupported argument #{a.inspect}" if $VERBOSE	# TODO
+				Expression[field_val[a]]
 			else raise SyntaxError, "Internal error: invalid argument #{a} in #{op.name}"
 			end
 		}
 		di.bin_length += edata.ptr - before_ptr
+		return if edata.ptr > edata.length
 		decode_aliases(di.instruction)
 		di
@@ -84,8 +90,8 @@ class PowerPC
 		case i.opname
 		when /^n?or\.?$/
 			if i.args[1] == i.args[2]
-	 			i.args.pop
-	 			i.opname = {'or' => 'mr', 'or.' => 'mr.', 'nor' => 'not', 'nor.' => 'not.'}[i.opname]
+				i.args.pop
+				i.opname = {'or' => 'mr', 'or.' => 'mr.', 'nor' => 'not', 'nor.' => 'not.'}[i.opname]
 			end
 		when /^addi/
 			if a = i.args[2].reduce and a.kind_of? Integer and a < 0
@@ -107,7 +113,7 @@ class PowerPC
 	# else just add the offset +off+ of the instruction + its length (off may be an Expression)
 	# assumes edata.ptr points just after the instruction (as decode_instr_op left it)
 	# do not call twice on the same di !
- 	def decode_instr_interpret(di, addr)
+	def decode_instr_interpret(di, addr)
 		if di.opcode.props[:setip] and di.instruction.args.last.kind_of? Expression and di.opcode.name[0] != ?t and di.opcode.name[-1] != ?a
 			arg = Expression[addr, :+, di.instruction.args.last].reduce
 			di.instruction.args[-1] = Expression[arg]
@@ -191,11 +197,11 @@ class PowerPC
 				ptr = m.pointer.externals.grep(Symbol).first
 				ret[ptr] = m.pointer if ptr != a0
 				ret
-		       	}
+			}
 			when 'lwz'; lambda { |di, a0, m| { a0 => Expression[m] } }
 			when 'stwu'; lambda { |di, a0, m|
 				{ m => Expression[a0], m.pointer.externals.grep(Symbol).first => m.pointer }
-		       	}
+			}
 			when 'stw'; lambda { |di, a0, m| { m => Expression[a0] } }
 			when 'rlwinm'; lambda { |di, a0, a1, sh, mb, me|
 				mb, me = mb.reduce, me.reduce

data/{lib/metasm → metasm/cpu}/ppc/decompile.rb RENAMED

@@ -4,7 +4,7 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
-require 'metasm/ppc/main'
+require 'metasm/cpu/ppc/main'
 module Metasm
 class PowerPC
@@ -25,7 +25,7 @@ class PowerPC
 	# returns { blockaddr => [list of vars that are needed by a following block] }
 	def decompile_func_finddeps(dcmp, blocks, func)
 		deps_r = {} ; deps_w = {} ; deps_to = {}
-		deps_subfunc = {} 	# things read/written by subfuncs
+		deps_subfunc = {}	# things read/written by subfuncs
 		# find read/writes by each block
 		blocks.each { |b, to|
@@ -43,7 +43,7 @@ class PowerPC
 					end
 				}
 				#a << :eax if di.opcode.name == 'ret'		# standard ABI
 				deps_r[b] |= a.map { |ee| Expression[ee].externals.grep(::Symbol) }.flatten - [:unknown] - deps_w[b]
 				deps_w[b] |= w.map { |ee| Expression[ee].externals.grep(::Symbol) }.flatten - [:unknown]
 			}

data/{lib/metasm → metasm/cpu}/ppc/encode.rb RENAMED

@@ -4,7 +4,7 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
-require 'metasm/ppc/opcodes'
+require 'metasm/cpu/ppc/opcodes'
 require 'metasm/encode'
 module Metasm
@@ -31,7 +31,7 @@ class PowerPC
 		op.args.zip(instr.args).each { |sym, arg|
 			case sym
-			when :rs, :rt, :rd
+			when :rs, :rt, :rd, :ba, :bf, :bfa, :bt
 				set_field[sym, arg.i]
 			when :ft
 				set_field[sym, arg.i]

data/{lib/metasm → metasm/cpu}/ppc/main.rb RENAMED

@@ -11,10 +11,15 @@ module Metasm
 class PowerPC < CPU
 	class Reg
 		include Renderable
+		class << self
+			attr_accessor :s_to_i, :i_to_s
+		end
 		def ==(o)
 			o.class == self.class and (not respond_to?(:i) or o.i == i)
 		end
+		def render ; [self.class.i_to_s[@i]] ; end
 	end
 	# general purpose reg
@@ -24,17 +29,14 @@ class PowerPC < CPU
 			@i = i
 		end
-		Sym = (0..31).map { |i| "r#{i}".to_sym }
-		Sym[1] = :sp
+		@s_to_i = (0..31).inject({}) { |h, i| h.update((i == 1 ? 'sp' : "r#{i}") => i) }
+		@i_to_s = @s_to_i.invert
+		Sym = @s_to_i.sort.transpose.last
 		def symbolic ; Sym[@i] end
-		def render ; [@i == 1 ? 'sp' : "r#@i"] end
 	end
 	# special purpose reg
 	class SPR < Reg
-		class << self
-			attr_accessor :s_to_i, :i_to_s
-		end
 		@s_to_i = {'xer' => 1, 'lr' => 8, 'ctr' => 9, 'dec' => 22, 'srr0' => 26, 'srr1' => 27,
 			'sprg0' => 272, 'sprg1' => 273, 'sprg2' => 274, 'sprg3' => 275, 'pvr' => 287}
 		@i_to_s = @s_to_i.invert
@@ -50,14 +52,15 @@ class PowerPC < CPU
 	end
 	# floating point
-	class FPR
+	class FPR < Reg
 		attr_accessor :i
 		def initialize(i)
 			@i = i
 		end
-		include Renderable
-		def render ; ["fp#@i"] end
+		@s_to_i = (0..31).inject({}) { |h, i| h.update "fp#{i}" => i }
+		@i_to_s = @s_to_i.invert
+		Sym = @s_to_i.sort.transpose.last
 	end
 	# machine state reg
@@ -73,8 +76,10 @@ class PowerPC < CPU
 			@i = i
 		end
+		@s_to_i = (0..31).inject({}) { |h, i| h.update "cr#{i}" => i }
+		@i_to_s = @s_to_i.invert
+		Sym = @s_to_i.sort.transpose.last
 		def symbolic ; "cr#@i".to_sym end
-		def render ; ["cr#@i"] end
 	end
 	# indirection : reg+reg or reg+16b_off
@@ -89,13 +94,13 @@ class PowerPC < CPU
 			b = @base.symbolic
 			b = nil if b == :r0	# XXX is it true ?
 			o = @offset
-			o = o.symbolic if o.kind_of? Reg
+			o = o.symbolic if o.kind_of?(Reg)
 			Indirection[Expression[b, :+, o].reduce, 4, orig]
 		end
 		include Renderable
 		def render
-			if @offset.kind_of? Reg
+			if @offset.kind_of?(Reg)
 				['(', @base, ' + ', @offset, ')']
 			else
 				[@offset, '(', @base, ')']

data/{lib/metasm → metasm/cpu}/ppc/opcodes.rb RENAMED

@@ -4,14 +4,17 @@
 #    Licence is LGPL, see LICENCE in the top-level directory
-require 'metasm/ppc/main'
+require 'metasm/cpu/ppc/main'
 module Metasm
 class PowerPC
 	def addop(name, bin, *argprops)
-		o = Opcode.new name, bin
-		o.args.concat(argprops & @fields_mask.keys)
-		(argprops & @valid_props).each { |p| o.props[p] = true }
+		o = Opcode.new name, bin
+		argprops.each { |a|
+			o.args << a if @valid_args[a]
+			o.fields[a] = [@fields_mask[a], @fields_shift[a]] if @fields_mask[a]
+			o.props[a] = true if @valid_props[a]
+		}
 		@opcode_list << o
 	end
@@ -113,6 +116,9 @@ class PowerPC
 			:tbr => 0x3FF, :th => 15, :to => 31, :u => 15, :ui => 0xFFFF,
 			:ign_bo_zzz => 0b101111111, :ign_bo_z => 1, :ign_bo_at => 3, :ign_bo_at2 => 0b100111111
+		@valid_args = @fields_mask.dup
+		[:ign_bo_zzz, :ign_bo_z, :ign_bo_at, :ign_bo_at2, :aa, :lk, :oe, :rc, :l].each { |k| @valid_args.delete k }
 		@fields_shift[:ra_i16]  = @fields_shift[:ra_i16s] = @fields_shift[:ra_i16q] = 0
 		@fields_mask[:ra_i16]  = (@fields_mask[:d]  << @fields_shift[:d]) | (@fields_mask[:ra] << @fields_shift[:ra])
 		@fields_mask[:ra_i16s] = (@fields_mask[:ds] << @fields_shift[:d]) | (@fields_mask[:ra] << @fields_shift[:ra])
@@ -123,7 +129,7 @@ class PowerPC
 		addop_branchcond 'b', 0x40000000, :bd
 		addop_branchcond 'b', 0x4C000020, :lr
 		addop_branchcond 'b', 0x4C000420, :ctr
 		addop 'sc',     0x44000002, :lev
 		addop 'crand',  0x4C000202, :bt, :ba, :bb
 		addop 'crxor',  0x4C000182, :bt, :ba, :bb

data/metasm/cpu/ppc/parse.rb ADDED

@@ -0,0 +1,55 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/cpu/ppc/opcodes'
+require 'metasm/parse'
+module Metasm
+class PowerPC
+# TODO
+	def parse_arg_valid?(op, sym, arg)
+		case sym
+		when :ra, :rb, :rs, :rt; arg.kind_of?(GPR)
+		when :fra, :frb, :frc, :frs, :frt; arg.kind_of?(FPR)
+		when :ra_i16, :ra_i16s, :ra_i16q; arg.kind_of?(Memref)
+		when :bd, :d, :ds, :dq, :si, :ui, :li, :sh, :mb, :me, :mb_, :me_, :u; arg.kind_of?(Expression)
+		when :ba, :bf, :bfa, :bt; arg.kind_of?(CR)
+		when :ign_bo_zzz, :ign_bo_z, :ign_bo_at, :ign_bo_at2, :aa, :lk, :oe, :rc, :l; # ?
+		when :bb, :bh, :flm, :fxm, :l_, :l__, :lev, :nb, :sh_, :spr, :sr, :tbr, :th, :to
+			# TODO
+		else raise "internal error: mips arg #{sym.inspect}"
+		end
+	end
+	def parse_argument(pgm)
+		pgm.skip_space
+		return if not tok = pgm.readtok
+		if tok.type == :string
+			return GPR.new(GPR.s_to_i[tok.raw]) if GPR.s_to_i[tok.raw]
+			return SPR.new(SPR.s_to_i[tok.raw]) if SPR.s_to_i[tok.raw]
+			return FPR.new(FPR.s_to_i[tok.raw]) if FPR.s_to_i[tok.raw]
+			return CR.new(CR.s_to_i[tok.raw]) if CR.s_to_i[tok.raw]
+			return MSR.new if tok.raw == 'msr'
+		end
+		pgm.unreadtok tok
+		arg = Expression.parse pgm
+		pgm.skip_space
+		# check memory indirection: 'off(base reg)'	# XXX scaled index ?
+		if arg and pgm.nexttok and pgm.nexttok.type == :punct and pgm.nexttok.raw == '('
+			pgm.readtok
+			pgm.skip_space_eol
+			ntok = pgm.readtok
+			raise tok, "Invalid base #{ntok}" unless ntok and ntok.type == :string and GPR.s_to_i[ntok.raw]
+			base = GPR.new GPR.s_to_i[ntok.raw]
+			pgm.skip_space_eol
+			ntok = pgm.readtok
+			raise tok, "Invalid memory reference, ')' expected" if not ntok or ntok.type != :punct or ntok.raw != ')'
+			arg = Memref.new base, arg
+		end
+		arg
+	end
+end
+end

data/metasm/cpu/python.rb ADDED

@@ -0,0 +1,8 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2010 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/main'
+require 'metasm/cpu/python/decode'

data/metasm/cpu/python/decode.rb ADDED

@@ -0,0 +1,136 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2010 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/cpu/python/opcodes'
+require 'metasm/decode'
+module Metasm
+class Python
+	def build_bin_lookaside
+		opcode_list.inject({}) { |la, op| la.update op.bin => op }
+	end
+	def decode_findopcode(edata)
+		di = DecodedInstruction.new(self)
+		byte = edata.decode_imm(:u8, :little)
+		di if di.opcode = @bin_lookaside[byte]
+	end
+	def decode_instr_op(edata, di)
+		di.bin_length = 1
+		di.instruction.opname = di.opcode.name
+		di.opcode.args.each { |a|
+			case a
+			when :cmp
+				di.bin_length += 2
+				v = edata.decode_imm(:i16, @endianness)
+				di.instruction.args << (CMP_OP[v] || Expression[v])
+			when :i16
+				di.bin_length += 2
+				di.instruction.args << Expression[edata.decode_imm(:i16, @endianness)]
+			when :u8
+				di.bin_length += 1
+				di.instruction.args << Expression[edata.decode_imm(:u8, @endianness)]
+			else
+				raise "unsupported arg #{a.inspect}"
+			end
+		}
+		return if edata.ptr > edata.length
+		di
+	end
+	def decode_instr_interpret(di, addr)
+		case di.opcode.name
+		when 'LOAD_CONST'
+			if c = prog_code(addr)
+				cst = c[:consts][di.instruction.args.first.reduce]
+				if cst.kind_of? Hash and cst[:type] == :code
+					di.add_comment "lambda #{Expression[cst[:fileoff]]}"
+				else
+					di.add_comment cst.inspect
+				end
+			end
+		when 'LOAD_NAME', 'LOAD_ATTR', 'LOAD_GLOBAL', 'STORE_NAME', 'IMPORT_NAME', 'LOAD_FAST'
+			if c = prog_code(addr)
+				di.add_comment c[:names][di.instruction.args.first.reduce].inspect
+			end
+		end
+		di
+	end
+	def backtrace_binding
+		@backtrace_binding ||= init_backtrace_binding
+	end
+	def init_backtrace_binding
+		@backtrace_binding ||= {}
+		opcode_list.each { |op|
+			binding = case op
+				  when 'nop'; lambda { |*a| {} }
+				  end
+			@backtrace_binding[op] ||= binding if binding
+		}
+		@backtrace_binding
+	end
+	def get_backtrace_binding(di)
+		a = di.instruction.args.map { |arg|
+			case arg
+			when Var; arg.symbolic
+			else arg
+			end
+		}
+		if binding = backtrace_binding[di.opcode.basename]
+			binding[di, *a]
+		else
+			puts "unhandled instruction to backtrace: #{di}" if $VERBOSE
+			{ :incomplete_binding => Expression[1] }
+		end
+	end
+	def get_xrefs_x(dasm, di)
+		return [] if not di.opcode.props[:setip]
+		arg =	case di.opcode.name
+			when 'JUMP_FORWARD', 'FOR_ITER'
+				# relative offset
+				di.instruction.args.last.reduce + di.next_addr
+			when 'CALL_FUNCTION_VAR'
+				'lol'
+			when /CALL/
+					:unknown
+			else
+				# absolute offset from :code start
+				off = di.instruction.args.last.reduce
+				if c = prog_code(di)
+					off += c[:fileoff]
+				end
+				off
+			end
+		[Expression[(arg.kind_of?(Var) ? arg.symbolic : arg)]]
+	end
+	def prog_code(addr)
+		addr = addr.address if addr.kind_of? DecodedInstruction
+		@last_prog_code ||= nil
+		return @last_prog_code if @last_prog_code and @last_prog_code[:fileoff] <= addr and @last_prog_code[:fileoff] + @last_prog_code[:code].length > addr
+		@last_prog_code = @program.code_at_off(addr) if @program
+	end
+	def backtrace_is_function_return(expr, di=nil)
+		#Expression[expr].reduce == Expression['wtf']
+	end
+end
+end