angr 9.2.103__py3-none-macosx_11_0_arm64.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of angr might be problematic. Click here for more details.
- angr/__init__.py +153 -0
- angr/__main__.py +59 -0
- angr/analyses/__init__.py +46 -0
- angr/analyses/analysis.py +359 -0
- angr/analyses/backward_slice.py +691 -0
- angr/analyses/binary_optimizer.py +683 -0
- angr/analyses/bindiff.py +1251 -0
- angr/analyses/boyscout.py +77 -0
- angr/analyses/callee_cleanup_finder.py +75 -0
- angr/analyses/calling_convention.py +956 -0
- angr/analyses/cdg.py +197 -0
- angr/analyses/cfg/__init__.py +11 -0
- angr/analyses/cfg/cfb.py +436 -0
- angr/analyses/cfg/cfg.py +73 -0
- angr/analyses/cfg/cfg_arch_options.py +82 -0
- angr/analyses/cfg/cfg_base.py +2917 -0
- angr/analyses/cfg/cfg_emulated.py +3570 -0
- angr/analyses/cfg/cfg_fast.py +5053 -0
- angr/analyses/cfg/cfg_fast_soot.py +669 -0
- angr/analyses/cfg/cfg_job_base.py +204 -0
- angr/analyses/cfg/indirect_jump_resolvers/__init__.py +8 -0
- angr/analyses/cfg/indirect_jump_resolvers/amd64_elf_got.py +63 -0
- angr/analyses/cfg/indirect_jump_resolvers/amd64_pe_iat.py +52 -0
- angr/analyses/cfg/indirect_jump_resolvers/arm_elf_fast.py +151 -0
- angr/analyses/cfg/indirect_jump_resolvers/const_resolver.py +141 -0
- angr/analyses/cfg/indirect_jump_resolvers/default_resolvers.py +68 -0
- angr/analyses/cfg/indirect_jump_resolvers/jumptable.py +2368 -0
- angr/analyses/cfg/indirect_jump_resolvers/mips_elf_fast.py +517 -0
- angr/analyses/cfg/indirect_jump_resolvers/propagator_utils.py +26 -0
- angr/analyses/cfg/indirect_jump_resolvers/resolver.py +74 -0
- angr/analyses/cfg/indirect_jump_resolvers/x86_elf_pic_plt.py +93 -0
- angr/analyses/cfg/indirect_jump_resolvers/x86_pe_iat.py +51 -0
- angr/analyses/cfg_slice_to_sink/__init__.py +2 -0
- angr/analyses/cfg_slice_to_sink/cfg_slice_to_sink.py +117 -0
- angr/analyses/cfg_slice_to_sink/graph.py +84 -0
- angr/analyses/cfg_slice_to_sink/transitions.py +25 -0
- angr/analyses/class_identifier.py +62 -0
- angr/analyses/code_tagging.py +123 -0
- angr/analyses/complete_calling_conventions.py +424 -0
- angr/analyses/congruency_check.py +384 -0
- angr/analyses/data_dep/__init__.py +2 -0
- angr/analyses/data_dep/data_dependency_analysis.py +605 -0
- angr/analyses/data_dep/dep_nodes.py +170 -0
- angr/analyses/data_dep/sim_act_location.py +46 -0
- angr/analyses/datagraph_meta.py +105 -0
- angr/analyses/ddg.py +1695 -0
- angr/analyses/decompiler/__init__.py +13 -0
- angr/analyses/decompiler/ail_simplifier.py +1408 -0
- angr/analyses/decompiler/ailgraph_walker.py +48 -0
- angr/analyses/decompiler/block_io_finder.py +293 -0
- angr/analyses/decompiler/block_similarity.py +188 -0
- angr/analyses/decompiler/block_simplifier.py +434 -0
- angr/analyses/decompiler/call_counter.py +43 -0
- angr/analyses/decompiler/callsite_maker.py +403 -0
- angr/analyses/decompiler/ccall_rewriters/__init__.py +6 -0
- angr/analyses/decompiler/ccall_rewriters/amd64_ccalls.py +489 -0
- angr/analyses/decompiler/ccall_rewriters/rewriter_base.py +19 -0
- angr/analyses/decompiler/clinic.py +2166 -0
- angr/analyses/decompiler/condition_processor.py +1184 -0
- angr/analyses/decompiler/decompilation_cache.py +38 -0
- angr/analyses/decompiler/decompilation_options.py +274 -0
- angr/analyses/decompiler/decompiler.py +544 -0
- angr/analyses/decompiler/empty_node_remover.py +211 -0
- angr/analyses/decompiler/expression_counters.py +76 -0
- angr/analyses/decompiler/expression_narrower.py +92 -0
- angr/analyses/decompiler/goto_manager.py +73 -0
- angr/analyses/decompiler/graph_region.py +413 -0
- angr/analyses/decompiler/jump_target_collector.py +36 -0
- angr/analyses/decompiler/jumptable_entry_condition_rewriter.py +66 -0
- angr/analyses/decompiler/optimization_passes/__init__.py +108 -0
- angr/analyses/decompiler/optimization_passes/base_ptr_save_simplifier.py +144 -0
- angr/analyses/decompiler/optimization_passes/code_motion.py +360 -0
- angr/analyses/decompiler/optimization_passes/const_derefs.py +265 -0
- angr/analyses/decompiler/optimization_passes/cross_jump_reverter.py +108 -0
- angr/analyses/decompiler/optimization_passes/deadblock_remover.py +73 -0
- angr/analyses/decompiler/optimization_passes/div_simplifier.py +391 -0
- angr/analyses/decompiler/optimization_passes/engine_base.py +303 -0
- angr/analyses/decompiler/optimization_passes/expr_op_swapper.py +136 -0
- angr/analyses/decompiler/optimization_passes/flip_boolean_cmp.py +91 -0
- angr/analyses/decompiler/optimization_passes/inlined_string_transformation_simplifier.py +386 -0
- angr/analyses/decompiler/optimization_passes/ite_expr_converter.py +226 -0
- angr/analyses/decompiler/optimization_passes/ite_region_converter.py +189 -0
- angr/analyses/decompiler/optimization_passes/lowered_switch_simplifier.py +757 -0
- angr/analyses/decompiler/optimization_passes/mod_simplifier.py +86 -0
- angr/analyses/decompiler/optimization_passes/multi_simplifier.py +227 -0
- angr/analyses/decompiler/optimization_passes/optimization_pass.py +397 -0
- angr/analyses/decompiler/optimization_passes/register_save_area_simplifier.py +198 -0
- angr/analyses/decompiler/optimization_passes/ret_addr_save_simplifier.py +172 -0
- angr/analyses/decompiler/optimization_passes/ret_deduplicator.py +219 -0
- angr/analyses/decompiler/optimization_passes/return_duplicator_base.py +448 -0
- angr/analyses/decompiler/optimization_passes/return_duplicator_high.py +57 -0
- angr/analyses/decompiler/optimization_passes/return_duplicator_low.py +121 -0
- angr/analyses/decompiler/optimization_passes/spilled_register_finder.py +18 -0
- angr/analyses/decompiler/optimization_passes/stack_canary_simplifier.py +293 -0
- angr/analyses/decompiler/optimization_passes/switch_default_case_duplicator.py +110 -0
- angr/analyses/decompiler/optimization_passes/win_stack_canary_simplifier.py +281 -0
- angr/analyses/decompiler/optimization_passes/x86_gcc_getpc_simplifier.py +87 -0
- angr/analyses/decompiler/peephole_optimizations/__init__.py +69 -0
- angr/analyses/decompiler/peephole_optimizations/a_div_const_add_a_mul_n_div_const.py +38 -0
- angr/analyses/decompiler/peephole_optimizations/a_mul_const_div_shr_const.py +38 -0
- angr/analyses/decompiler/peephole_optimizations/a_shl_const_sub_a.py +31 -0
- angr/analyses/decompiler/peephole_optimizations/a_sub_a_div.py +25 -0
- angr/analyses/decompiler/peephole_optimizations/a_sub_a_div_const_mul_const.py +56 -0
- angr/analyses/decompiler/peephole_optimizations/a_sub_a_sub_n.py +19 -0
- angr/analyses/decompiler/peephole_optimizations/arm_cmpf.py +235 -0
- angr/analyses/decompiler/peephole_optimizations/base.py +120 -0
- angr/analyses/decompiler/peephole_optimizations/basepointeroffset_add_n.py +33 -0
- angr/analyses/decompiler/peephole_optimizations/basepointeroffset_and_mask.py +35 -0
- angr/analyses/decompiler/peephole_optimizations/bitwise_or_to_logical_or.py +34 -0
- angr/analyses/decompiler/peephole_optimizations/bool_expr_xor_1.py +27 -0
- angr/analyses/decompiler/peephole_optimizations/bswap.py +131 -0
- angr/analyses/decompiler/peephole_optimizations/cmpord_rewriter.py +72 -0
- angr/analyses/decompiler/peephole_optimizations/coalesce_same_cascading_ifs.py +27 -0
- angr/analyses/decompiler/peephole_optimizations/const_mull_a_shift.py +91 -0
- angr/analyses/decompiler/peephole_optimizations/constant_derefs.py +43 -0
- angr/analyses/decompiler/peephole_optimizations/conv_a_sub0_shr_and.py +70 -0
- angr/analyses/decompiler/peephole_optimizations/conv_shl_shr.py +51 -0
- angr/analyses/decompiler/peephole_optimizations/eager_eval.py +225 -0
- angr/analyses/decompiler/peephole_optimizations/extended_byte_and_mask.py +55 -0
- angr/analyses/decompiler/peephole_optimizations/inlined_strcpy.py +146 -0
- angr/analyses/decompiler/peephole_optimizations/inlined_strcpy_consolidation.py +102 -0
- angr/analyses/decompiler/peephole_optimizations/inlined_wstrcpy.py +159 -0
- angr/analyses/decompiler/peephole_optimizations/invert_negated_logical_conjuction_disjunction.py +50 -0
- angr/analyses/decompiler/peephole_optimizations/one_sub_bool.py +33 -0
- angr/analyses/decompiler/peephole_optimizations/remove_cascading_conversions.py +19 -0
- angr/analyses/decompiler/peephole_optimizations/remove_empty_if_body.py +45 -0
- angr/analyses/decompiler/peephole_optimizations/remove_noop_conversions.py +26 -0
- angr/analyses/decompiler/peephole_optimizations/remove_redundant_bitmasks.py +48 -0
- angr/analyses/decompiler/peephole_optimizations/remove_redundant_conversions.py +160 -0
- angr/analyses/decompiler/peephole_optimizations/remove_redundant_ite_branch.py +29 -0
- angr/analyses/decompiler/peephole_optimizations/remove_redundant_ite_comparisons.py +54 -0
- angr/analyses/decompiler/peephole_optimizations/remove_redundant_nots.py +17 -0
- angr/analyses/decompiler/peephole_optimizations/remove_redundant_reinterprets.py +43 -0
- angr/analyses/decompiler/peephole_optimizations/remove_redundant_shifts.py +44 -0
- angr/analyses/decompiler/peephole_optimizations/remove_redundant_shifts_around_comparators.py +40 -0
- angr/analyses/decompiler/peephole_optimizations/rewrite_bit_extractions.py +85 -0
- angr/analyses/decompiler/peephole_optimizations/rewrite_mips_gp_loads.py +47 -0
- angr/analyses/decompiler/peephole_optimizations/rol_ror.py +77 -0
- angr/analyses/decompiler/peephole_optimizations/sar_to_signed_div.py +105 -0
- angr/analyses/decompiler/peephole_optimizations/simplify_pc_relative_loads.py +37 -0
- angr/analyses/decompiler/peephole_optimizations/single_bit_cond_to_boolexpr.py +52 -0
- angr/analyses/decompiler/peephole_optimizations/single_bit_xor.py +26 -0
- angr/analyses/decompiler/peephole_optimizations/tidy_stack_addr.py +133 -0
- angr/analyses/decompiler/redundant_label_remover.py +116 -0
- angr/analyses/decompiler/region_identifier.py +1098 -0
- angr/analyses/decompiler/region_simplifiers/__init__.py +1 -0
- angr/analyses/decompiler/region_simplifiers/cascading_cond_transformer.py +93 -0
- angr/analyses/decompiler/region_simplifiers/cascading_ifs.py +81 -0
- angr/analyses/decompiler/region_simplifiers/expr_folding.py +606 -0
- angr/analyses/decompiler/region_simplifiers/goto.py +177 -0
- angr/analyses/decompiler/region_simplifiers/if_.py +142 -0
- angr/analyses/decompiler/region_simplifiers/ifelse.py +90 -0
- angr/analyses/decompiler/region_simplifiers/loop.py +135 -0
- angr/analyses/decompiler/region_simplifiers/node_address_finder.py +23 -0
- angr/analyses/decompiler/region_simplifiers/region_simplifier.py +211 -0
- angr/analyses/decompiler/region_simplifiers/switch_cluster_simplifier.py +644 -0
- angr/analyses/decompiler/region_simplifiers/switch_expr_simplifier.py +83 -0
- angr/analyses/decompiler/region_walker.py +23 -0
- angr/analyses/decompiler/return_maker.py +70 -0
- angr/analyses/decompiler/seq_to_blocks.py +19 -0
- angr/analyses/decompiler/sequence_walker.py +235 -0
- angr/analyses/decompiler/structured_codegen/__init__.py +10 -0
- angr/analyses/decompiler/structured_codegen/base.py +132 -0
- angr/analyses/decompiler/structured_codegen/c.py +3811 -0
- angr/analyses/decompiler/structured_codegen/dummy.py +14 -0
- angr/analyses/decompiler/structured_codegen/dwarf_import.py +186 -0
- angr/analyses/decompiler/structuring/__init__.py +15 -0
- angr/analyses/decompiler/structuring/dream.py +1225 -0
- angr/analyses/decompiler/structuring/phoenix.py +2546 -0
- angr/analyses/decompiler/structuring/recursive_structurer.py +186 -0
- angr/analyses/decompiler/structuring/structurer_base.py +954 -0
- angr/analyses/decompiler/structuring/structurer_nodes.py +414 -0
- angr/analyses/decompiler/utils.py +787 -0
- angr/analyses/disassembly.py +1302 -0
- angr/analyses/disassembly_utils.py +104 -0
- angr/analyses/dominance_frontier.py +39 -0
- angr/analyses/find_objects_static.py +203 -0
- angr/analyses/flirt.py +185 -0
- angr/analyses/forward_analysis/__init__.py +2 -0
- angr/analyses/forward_analysis/forward_analysis.py +527 -0
- angr/analyses/forward_analysis/job_info.py +64 -0
- angr/analyses/forward_analysis/visitors/__init__.py +4 -0
- angr/analyses/forward_analysis/visitors/call_graph.py +28 -0
- angr/analyses/forward_analysis/visitors/function_graph.py +85 -0
- angr/analyses/forward_analysis/visitors/graph.py +250 -0
- angr/analyses/forward_analysis/visitors/loop.py +28 -0
- angr/analyses/forward_analysis/visitors/single_node_graph.py +38 -0
- angr/analyses/identifier/__init__.py +1 -0
- angr/analyses/identifier/custom_callable.py +138 -0
- angr/analyses/identifier/errors.py +9 -0
- angr/analyses/identifier/func.py +57 -0
- angr/analyses/identifier/functions/__init__.py +36 -0
- angr/analyses/identifier/functions/atoi.py +75 -0
- angr/analyses/identifier/functions/based_atoi.py +128 -0
- angr/analyses/identifier/functions/fdprintf.py +122 -0
- angr/analyses/identifier/functions/free.py +64 -0
- angr/analyses/identifier/functions/int2str.py +302 -0
- angr/analyses/identifier/functions/malloc.py +113 -0
- angr/analyses/identifier/functions/memcmp.py +69 -0
- angr/analyses/identifier/functions/memcpy.py +89 -0
- angr/analyses/identifier/functions/memset.py +43 -0
- angr/analyses/identifier/functions/printf.py +122 -0
- angr/analyses/identifier/functions/recv_until.py +315 -0
- angr/analyses/identifier/functions/skip_calloc.py +72 -0
- angr/analyses/identifier/functions/skip_realloc.py +99 -0
- angr/analyses/identifier/functions/skip_recv_n.py +107 -0
- angr/analyses/identifier/functions/snprintf.py +114 -0
- angr/analyses/identifier/functions/sprintf.py +115 -0
- angr/analyses/identifier/functions/strcasecmp.py +32 -0
- angr/analyses/identifier/functions/strcmp.py +112 -0
- angr/analyses/identifier/functions/strcpy.py +43 -0
- angr/analyses/identifier/functions/strlen.py +26 -0
- angr/analyses/identifier/functions/strncmp.py +103 -0
- angr/analyses/identifier/functions/strncpy.py +65 -0
- angr/analyses/identifier/functions/strtol.py +91 -0
- angr/analyses/identifier/identify.py +848 -0
- angr/analyses/identifier/runner.py +359 -0
- angr/analyses/init_finder.py +264 -0
- angr/analyses/loop_analysis.py +353 -0
- angr/analyses/loopfinder.py +174 -0
- angr/analyses/propagator/__init__.py +1 -0
- angr/analyses/propagator/engine_ail.py +1560 -0
- angr/analyses/propagator/engine_base.py +53 -0
- angr/analyses/propagator/engine_vex.py +328 -0
- angr/analyses/propagator/outdated_definition_walker.py +158 -0
- angr/analyses/propagator/propagator.py +422 -0
- angr/analyses/propagator/tmpvar_finder.py +17 -0
- angr/analyses/propagator/top_checker_mixin.py +14 -0
- angr/analyses/propagator/values.py +116 -0
- angr/analyses/propagator/vex_vars.py +67 -0
- angr/analyses/proximity_graph.py +452 -0
- angr/analyses/reaching_definitions/__init__.py +65 -0
- angr/analyses/reaching_definitions/call_trace.py +72 -0
- angr/analyses/reaching_definitions/dep_graph.py +392 -0
- angr/analyses/reaching_definitions/engine_ail.py +1172 -0
- angr/analyses/reaching_definitions/engine_vex.py +1102 -0
- angr/analyses/reaching_definitions/external_codeloc.py +0 -0
- angr/analyses/reaching_definitions/function_handler.py +603 -0
- angr/analyses/reaching_definitions/heap_allocator.py +69 -0
- angr/analyses/reaching_definitions/rd_initializer.py +235 -0
- angr/analyses/reaching_definitions/rd_state.py +613 -0
- angr/analyses/reaching_definitions/reaching_definitions.py +594 -0
- angr/analyses/reaching_definitions/subject.py +64 -0
- angr/analyses/reassembler.py +2970 -0
- angr/analyses/soot_class_hierarchy.py +283 -0
- angr/analyses/stack_pointer_tracker.py +832 -0
- angr/analyses/static_hooker.py +51 -0
- angr/analyses/typehoon/__init__.py +1 -0
- angr/analyses/typehoon/dfa.py +108 -0
- angr/analyses/typehoon/lifter.py +91 -0
- angr/analyses/typehoon/simple_solver.py +1258 -0
- angr/analyses/typehoon/translator.py +242 -0
- angr/analyses/typehoon/typeconsts.py +294 -0
- angr/analyses/typehoon/typehoon.py +239 -0
- angr/analyses/typehoon/typevars.py +565 -0
- angr/analyses/typehoon/variance.py +10 -0
- angr/analyses/variable_recovery/__init__.py +2 -0
- angr/analyses/variable_recovery/annotations.py +57 -0
- angr/analyses/variable_recovery/engine_ail.py +746 -0
- angr/analyses/variable_recovery/engine_base.py +962 -0
- angr/analyses/variable_recovery/engine_vex.py +580 -0
- angr/analyses/variable_recovery/irsb_scanner.py +131 -0
- angr/analyses/variable_recovery/variable_recovery.py +552 -0
- angr/analyses/variable_recovery/variable_recovery_base.py +452 -0
- angr/analyses/variable_recovery/variable_recovery_fast.py +589 -0
- angr/analyses/veritesting.py +635 -0
- angr/analyses/vfg.py +1945 -0
- angr/analyses/vsa_ddg.py +423 -0
- angr/analyses/vtable.py +92 -0
- angr/analyses/xrefs.py +263 -0
- angr/angrdb/__init__.py +9 -0
- angr/angrdb/db.py +208 -0
- angr/angrdb/models.py +183 -0
- angr/angrdb/serializers/__init__.py +2 -0
- angr/angrdb/serializers/cfg_model.py +41 -0
- angr/angrdb/serializers/comments.py +59 -0
- angr/angrdb/serializers/funcs.py +60 -0
- angr/angrdb/serializers/kb.py +110 -0
- angr/angrdb/serializers/labels.py +58 -0
- angr/angrdb/serializers/loader.py +81 -0
- angr/angrdb/serializers/structured_code.py +128 -0
- angr/angrdb/serializers/variables.py +58 -0
- angr/angrdb/serializers/xrefs.py +48 -0
- angr/annocfg.py +320 -0
- angr/blade.py +430 -0
- angr/block.py +506 -0
- angr/callable.py +162 -0
- angr/calling_conventions.py +2383 -0
- angr/code_location.py +168 -0
- angr/codenode.py +140 -0
- angr/concretization_strategies/__init__.py +97 -0
- angr/concretization_strategies/any.py +15 -0
- angr/concretization_strategies/any_named.py +32 -0
- angr/concretization_strategies/controlled_data.py +54 -0
- angr/concretization_strategies/eval.py +18 -0
- angr/concretization_strategies/logging.py +32 -0
- angr/concretization_strategies/max.py +24 -0
- angr/concretization_strategies/nonzero.py +14 -0
- angr/concretization_strategies/nonzero_range.py +20 -0
- angr/concretization_strategies/norepeats.py +35 -0
- angr/concretization_strategies/norepeats_range.py +35 -0
- angr/concretization_strategies/range.py +17 -0
- angr/concretization_strategies/signed_add.py +24 -0
- angr/concretization_strategies/single.py +12 -0
- angr/concretization_strategies/solutions.py +18 -0
- angr/concretization_strategies/unlimited_range.py +15 -0
- angr/distributed/__init__.py +3 -0
- angr/distributed/server.py +198 -0
- angr/distributed/worker.py +183 -0
- angr/engines/__init__.py +41 -0
- angr/engines/concrete.py +178 -0
- angr/engines/engine.py +212 -0
- angr/engines/failure.py +27 -0
- angr/engines/hook.py +67 -0
- angr/engines/light/__init__.py +2 -0
- angr/engines/light/data.py +715 -0
- angr/engines/light/engine.py +1441 -0
- angr/engines/pcode/__init__.py +2 -0
- angr/engines/pcode/behavior.py +995 -0
- angr/engines/pcode/cc.py +123 -0
- angr/engines/pcode/emulate.py +446 -0
- angr/engines/pcode/engine.py +256 -0
- angr/engines/pcode/lifter.py +1423 -0
- angr/engines/procedure.py +71 -0
- angr/engines/soot/__init__.py +1 -0
- angr/engines/soot/engine.py +415 -0
- angr/engines/soot/exceptions.py +14 -0
- angr/engines/soot/expressions/__init__.py +56 -0
- angr/engines/soot/expressions/arrayref.py +21 -0
- angr/engines/soot/expressions/base.py +22 -0
- angr/engines/soot/expressions/binop.py +27 -0
- angr/engines/soot/expressions/cast.py +21 -0
- angr/engines/soot/expressions/condition.py +34 -0
- angr/engines/soot/expressions/constants.py +45 -0
- angr/engines/soot/expressions/instanceOf.py +11 -0
- angr/engines/soot/expressions/instancefieldref.py +7 -0
- angr/engines/soot/expressions/invoke.py +117 -0
- angr/engines/soot/expressions/length.py +7 -0
- angr/engines/soot/expressions/local.py +7 -0
- angr/engines/soot/expressions/new.py +15 -0
- angr/engines/soot/expressions/newArray.py +51 -0
- angr/engines/soot/expressions/newMultiArray.py +84 -0
- angr/engines/soot/expressions/paramref.py +7 -0
- angr/engines/soot/expressions/phi.py +29 -0
- angr/engines/soot/expressions/staticfieldref.py +7 -0
- angr/engines/soot/expressions/thisref.py +6 -0
- angr/engines/soot/expressions/unsupported.py +6 -0
- angr/engines/soot/field_dispatcher.py +49 -0
- angr/engines/soot/method_dispatcher.py +49 -0
- angr/engines/soot/statements/__init__.py +30 -0
- angr/engines/soot/statements/assign.py +29 -0
- angr/engines/soot/statements/base.py +80 -0
- angr/engines/soot/statements/goto.py +11 -0
- angr/engines/soot/statements/identity.py +14 -0
- angr/engines/soot/statements/if_.py +16 -0
- angr/engines/soot/statements/invoke.py +11 -0
- angr/engines/soot/statements/return_.py +19 -0
- angr/engines/soot/statements/switch.py +38 -0
- angr/engines/soot/statements/throw.py +12 -0
- angr/engines/soot/values/__init__.py +24 -0
- angr/engines/soot/values/arrayref.py +124 -0
- angr/engines/soot/values/base.py +4 -0
- angr/engines/soot/values/constants.py +17 -0
- angr/engines/soot/values/instancefieldref.py +42 -0
- angr/engines/soot/values/local.py +17 -0
- angr/engines/soot/values/paramref.py +17 -0
- angr/engines/soot/values/staticfieldref.py +37 -0
- angr/engines/soot/values/strref.py +37 -0
- angr/engines/soot/values/thisref.py +148 -0
- angr/engines/successors.py +540 -0
- angr/engines/syscall.py +53 -0
- angr/engines/unicorn.py +483 -0
- angr/engines/vex/__init__.py +4 -0
- angr/engines/vex/claripy/__init__.py +1 -0
- angr/engines/vex/claripy/ccall.py +2097 -0
- angr/engines/vex/claripy/datalayer.py +149 -0
- angr/engines/vex/claripy/irop.py +1279 -0
- angr/engines/vex/heavy/__init__.py +5 -0
- angr/engines/vex/heavy/actions.py +237 -0
- angr/engines/vex/heavy/concretizers.py +394 -0
- angr/engines/vex/heavy/dirty.py +467 -0
- angr/engines/vex/heavy/heavy.py +379 -0
- angr/engines/vex/heavy/inspect.py +51 -0
- angr/engines/vex/heavy/resilience.py +85 -0
- angr/engines/vex/heavy/super_fastpath.py +34 -0
- angr/engines/vex/lifter.py +424 -0
- angr/engines/vex/light/__init__.py +3 -0
- angr/engines/vex/light/light.py +555 -0
- angr/engines/vex/light/resilience.py +73 -0
- angr/engines/vex/light/slicing.py +51 -0
- angr/errors.py +604 -0
- angr/exploration_techniques/__init__.py +176 -0
- angr/exploration_techniques/bucketizer.py +96 -0
- angr/exploration_techniques/common.py +56 -0
- angr/exploration_techniques/dfs.py +34 -0
- angr/exploration_techniques/director.py +523 -0
- angr/exploration_techniques/driller_core.py +102 -0
- angr/exploration_techniques/explorer.py +146 -0
- angr/exploration_techniques/lengthlimiter.py +20 -0
- angr/exploration_techniques/local_loop_seer.py +64 -0
- angr/exploration_techniques/loop_seer.py +239 -0
- angr/exploration_techniques/manual_mergepoint.py +80 -0
- angr/exploration_techniques/memory_watcher.py +40 -0
- angr/exploration_techniques/oppologist.py +93 -0
- angr/exploration_techniques/slicecutor.py +115 -0
- angr/exploration_techniques/spiller.py +282 -0
- angr/exploration_techniques/spiller_db.py +27 -0
- angr/exploration_techniques/stochastic.py +57 -0
- angr/exploration_techniques/suggestions.py +156 -0
- angr/exploration_techniques/symbion.py +78 -0
- angr/exploration_techniques/tech_builder.py +47 -0
- angr/exploration_techniques/threading.py +77 -0
- angr/exploration_techniques/timeout.py +31 -0
- angr/exploration_techniques/tracer.py +1101 -0
- angr/exploration_techniques/unique.py +104 -0
- angr/exploration_techniques/veritesting.py +36 -0
- angr/factory.py +385 -0
- angr/flirt/__init__.py +126 -0
- angr/flirt/build_sig.py +316 -0
- angr/graph_utils.py +0 -0
- angr/keyed_region.py +532 -0
- angr/knowledge_base/__init__.py +1 -0
- angr/knowledge_base/knowledge_base.py +145 -0
- angr/knowledge_plugins/__init__.py +18 -0
- angr/knowledge_plugins/callsite_prototypes.py +52 -0
- angr/knowledge_plugins/cfg/__init__.py +16 -0
- angr/knowledge_plugins/cfg/cfg_manager.py +94 -0
- angr/knowledge_plugins/cfg/cfg_model.py +1057 -0
- angr/knowledge_plugins/cfg/cfg_node.py +541 -0
- angr/knowledge_plugins/cfg/indirect_jump.py +67 -0
- angr/knowledge_plugins/cfg/memory_data.py +156 -0
- angr/knowledge_plugins/comments.py +15 -0
- angr/knowledge_plugins/custom_strings.py +37 -0
- angr/knowledge_plugins/data.py +21 -0
- angr/knowledge_plugins/debug_variables.py +221 -0
- angr/knowledge_plugins/functions/__init__.py +2 -0
- angr/knowledge_plugins/functions/function.py +1694 -0
- angr/knowledge_plugins/functions/function_manager.py +501 -0
- angr/knowledge_plugins/functions/function_parser.py +295 -0
- angr/knowledge_plugins/functions/soot_function.py +131 -0
- angr/knowledge_plugins/indirect_jumps.py +34 -0
- angr/knowledge_plugins/key_definitions/__init__.py +16 -0
- angr/knowledge_plugins/key_definitions/atoms.py +314 -0
- angr/knowledge_plugins/key_definitions/constants.py +23 -0
- angr/knowledge_plugins/key_definitions/definition.py +217 -0
- angr/knowledge_plugins/key_definitions/environment.py +92 -0
- angr/knowledge_plugins/key_definitions/heap_address.py +32 -0
- angr/knowledge_plugins/key_definitions/key_definition_manager.py +81 -0
- angr/knowledge_plugins/key_definitions/live_definitions.py +1074 -0
- angr/knowledge_plugins/key_definitions/liveness.py +170 -0
- angr/knowledge_plugins/key_definitions/rd_model.py +176 -0
- angr/knowledge_plugins/key_definitions/tag.py +77 -0
- angr/knowledge_plugins/key_definitions/undefined.py +67 -0
- angr/knowledge_plugins/key_definitions/unknown_size.py +83 -0
- angr/knowledge_plugins/key_definitions/uses.py +180 -0
- angr/knowledge_plugins/labels.py +109 -0
- angr/knowledge_plugins/patches.py +125 -0
- angr/knowledge_plugins/plugin.py +23 -0
- angr/knowledge_plugins/propagations/__init__.py +2 -0
- angr/knowledge_plugins/propagations/prop_value.py +193 -0
- angr/knowledge_plugins/propagations/propagation_manager.py +60 -0
- angr/knowledge_plugins/propagations/propagation_model.py +74 -0
- angr/knowledge_plugins/propagations/states.py +1064 -0
- angr/knowledge_plugins/structured_code/__init__.py +1 -0
- angr/knowledge_plugins/structured_code/manager.py +59 -0
- angr/knowledge_plugins/sync/__init__.py +1 -0
- angr/knowledge_plugins/sync/sync_controller.py +329 -0
- angr/knowledge_plugins/types.py +87 -0
- angr/knowledge_plugins/variables/__init__.py +1 -0
- angr/knowledge_plugins/variables/variable_access.py +114 -0
- angr/knowledge_plugins/variables/variable_manager.py +1191 -0
- angr/knowledge_plugins/xrefs/__init__.py +3 -0
- angr/knowledge_plugins/xrefs/xref.py +157 -0
- angr/knowledge_plugins/xrefs/xref_manager.py +122 -0
- angr/knowledge_plugins/xrefs/xref_types.py +13 -0
- angr/lib/angr_native.dylib +0 -0
- angr/misc/__init__.py +8 -0
- angr/misc/ansi.py +46 -0
- angr/misc/autoimport.py +89 -0
- angr/misc/bug_report.py +125 -0
- angr/misc/hookset.py +106 -0
- angr/misc/import_hooks.py +63 -0
- angr/misc/loggers.py +130 -0
- angr/misc/picklable_lock.py +45 -0
- angr/misc/plugins.py +291 -0
- angr/misc/range.py +21 -0
- angr/misc/testing.py +23 -0
- angr/misc/ux.py +31 -0
- angr/misc/weakpatch.py +58 -0
- angr/procedures/__init__.py +2 -0
- angr/procedures/advapi32/__init__.py +0 -0
- angr/procedures/cgc/__init__.py +3 -0
- angr/procedures/cgc/_terminate.py +10 -0
- angr/procedures/cgc/allocate.py +76 -0
- angr/procedures/cgc/deallocate.py +59 -0
- angr/procedures/cgc/fdwait.py +62 -0
- angr/procedures/cgc/random.py +60 -0
- angr/procedures/cgc/receive.py +91 -0
- angr/procedures/cgc/transmit.py +63 -0
- angr/procedures/definitions/__init__.py +784 -0
- angr/procedures/definitions/cgc.py +19 -0
- angr/procedures/definitions/glibc.py +8384 -0
- angr/procedures/definitions/gnulib.py +35 -0
- angr/procedures/definitions/libstdcpp.py +20 -0
- angr/procedures/definitions/linux_kernel.py +6167 -0
- angr/procedures/definitions/linux_loader.py +6 -0
- angr/procedures/definitions/msvcr.py +15 -0
- angr/procedures/definitions/parse_syscalls_from_local_system.py +49 -0
- angr/procedures/definitions/parse_win32json.py +2556 -0
- angr/procedures/definitions/types_win32.py +34481 -0
- angr/procedures/definitions/wdk_api-ms-win-dx-d3dkmt-l1-1-4.py +44 -0
- angr/procedures/definitions/wdk_api-ms-win-dx-d3dkmt-l1-1-6.py +40 -0
- angr/procedures/definitions/wdk_clfs.py +154 -0
- angr/procedures/definitions/wdk_fltmgr.py +570 -0
- angr/procedures/definitions/wdk_fwpkclnt.py +44 -0
- angr/procedures/definitions/wdk_fwpuclnt.py +330 -0
- angr/procedures/definitions/wdk_gdi32.py +380 -0
- angr/procedures/definitions/wdk_hal.py +92 -0
- angr/procedures/definitions/wdk_ksecdd.py +76 -0
- angr/procedures/definitions/wdk_ndis.py +252 -0
- angr/procedures/definitions/wdk_ntoskrnl.py +3463 -0
- angr/procedures/definitions/wdk_offreg.py +86 -0
- angr/procedures/definitions/wdk_pshed.py +50 -0
- angr/procedures/definitions/wdk_secur32.py +54 -0
- angr/procedures/definitions/wdk_vhfum.py +48 -0
- angr/procedures/definitions/win32_aclui.py +44 -0
- angr/procedures/definitions/win32_activeds.py +82 -0
- angr/procedures/definitions/win32_advapi32.py +1698 -0
- angr/procedures/definitions/win32_advpack.py +138 -0
- angr/procedures/definitions/win32_amsi.py +52 -0
- angr/procedures/definitions/win32_api-ms-win-appmodel-runtime-l1-1-1.py +58 -0
- angr/procedures/definitions/win32_api-ms-win-appmodel-runtime-l1-1-3.py +48 -0
- angr/procedures/definitions/win32_api-ms-win-appmodel-runtime-l1-1-6.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-apiquery-l2-1-0.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-backgroundtask-l1-1-0.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-comm-l1-1-1.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-comm-l1-1-2.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-enclave-l1-1-1.py +44 -0
- angr/procedures/definitions/win32_api-ms-win-core-errorhandling-l1-1-3.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-featurestaging-l1-1-0.py +48 -0
- angr/procedures/definitions/win32_api-ms-win-core-featurestaging-l1-1-1.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-file-fromapp-l1-1-0.py +60 -0
- angr/procedures/definitions/win32_api-ms-win-core-handle-l1-1-0.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-ioring-l1-1-0.py +62 -0
- angr/procedures/definitions/win32_api-ms-win-core-marshal-l1-1-0.py +46 -0
- angr/procedures/definitions/win32_api-ms-win-core-memory-l1-1-3.py +46 -0
- angr/procedures/definitions/win32_api-ms-win-core-memory-l1-1-4.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-memory-l1-1-5.py +44 -0
- angr/procedures/definitions/win32_api-ms-win-core-memory-l1-1-6.py +46 -0
- angr/procedures/definitions/win32_api-ms-win-core-memory-l1-1-7.py +42 -0
- angr/procedures/definitions/win32_api-ms-win-core-memory-l1-1-8.py +44 -0
- angr/procedures/definitions/win32_api-ms-win-core-path-l1-1-0.py +82 -0
- angr/procedures/definitions/win32_api-ms-win-core-psm-appnotify-l1-1-0.py +42 -0
- angr/procedures/definitions/win32_api-ms-win-core-psm-appnotify-l1-1-1.py +42 -0
- angr/procedures/definitions/win32_api-ms-win-core-realtime-l1-1-1.py +44 -0
- angr/procedures/definitions/win32_api-ms-win-core-realtime-l1-1-2.py +44 -0
- angr/procedures/definitions/win32_api-ms-win-core-slapi-l1-1-0.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-state-helpers-l1-1-0.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-synch-l1-2-0.py +44 -0
- angr/procedures/definitions/win32_api-ms-win-core-sysinfo-l1-2-0.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-sysinfo-l1-2-3.py +42 -0
- angr/procedures/definitions/win32_api-ms-win-core-sysinfo-l1-2-4.py +42 -0
- angr/procedures/definitions/win32_api-ms-win-core-sysinfo-l1-2-6.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-core-util-l1-1-1.py +42 -0
- angr/procedures/definitions/win32_api-ms-win-core-winrt-error-l1-1-0.py +43 -0
- angr/procedures/definitions/win32_api-ms-win-core-winrt-error-l1-1-1.py +37 -0
- angr/procedures/definitions/win32_api-ms-win-core-winrt-l1-1-0.py +39 -0
- angr/procedures/definitions/win32_api-ms-win-core-winrt-registration-l1-1-0.py +23 -0
- angr/procedures/definitions/win32_api-ms-win-core-winrt-robuffer-l1-1-0.py +23 -0
- angr/procedures/definitions/win32_api-ms-win-core-winrt-roparameterizediid-l1-1-0.py +27 -0
- angr/procedures/definitions/win32_api-ms-win-core-winrt-string-l1-1-0.py +75 -0
- angr/procedures/definitions/win32_api-ms-win-core-winrt-string-l1-1-1.py +23 -0
- angr/procedures/definitions/win32_api-ms-win-core-wow64-l1-1-1.py +44 -0
- angr/procedures/definitions/win32_api-ms-win-devices-query-l1-1-0.py +56 -0
- angr/procedures/definitions/win32_api-ms-win-devices-query-l1-1-1.py +48 -0
- angr/procedures/definitions/win32_api-ms-win-dx-d3dkmt-l1-1-0.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-gaming-deviceinformation-l1-1-0.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-gaming-expandedresources-l1-1-0.py +44 -0
- angr/procedures/definitions/win32_api-ms-win-gaming-tcui-l1-1-0.py +52 -0
- angr/procedures/definitions/win32_api-ms-win-gaming-tcui-l1-1-1.py +42 -0
- angr/procedures/definitions/win32_api-ms-win-gaming-tcui-l1-1-2.py +52 -0
- angr/procedures/definitions/win32_api-ms-win-gaming-tcui-l1-1-3.py +42 -0
- angr/procedures/definitions/win32_api-ms-win-gaming-tcui-l1-1-4.py +54 -0
- angr/procedures/definitions/win32_api-ms-win-mm-misc-l1-1-1.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-net-isolation-l1-1-0.py +54 -0
- angr/procedures/definitions/win32_api-ms-win-security-base-l1-2-2.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-security-isolatedcontainer-l1-1-0.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-security-isolatedcontainer-l1-1-1.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-service-core-l1-1-3.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-service-core-l1-1-4.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-service-core-l1-1-5.py +42 -0
- angr/procedures/definitions/win32_api-ms-win-shcore-scaling-l1-1-0.py +44 -0
- angr/procedures/definitions/win32_api-ms-win-shcore-scaling-l1-1-1.py +50 -0
- angr/procedures/definitions/win32_api-ms-win-shcore-scaling-l1-1-2.py +40 -0
- angr/procedures/definitions/win32_api-ms-win-shcore-stream-winrt-l1-1-0.py +27 -0
- angr/procedures/definitions/win32_api-ms-win-wsl-api-l1-1-0.py +52 -0
- angr/procedures/definitions/win32_apphelp.py +40 -0
- angr/procedures/definitions/win32_authz.py +104 -0
- angr/procedures/definitions/win32_avicap32.py +46 -0
- angr/procedures/definitions/win32_avifil32.py +158 -0
- angr/procedures/definitions/win32_avrt.py +66 -0
- angr/procedures/definitions/win32_bcp47mrm.py +42 -0
- angr/procedures/definitions/win32_bcrypt.py +144 -0
- angr/procedures/definitions/win32_bcryptprimitives.py +42 -0
- angr/procedures/definitions/win32_bluetoothapis.py +120 -0
- angr/procedures/definitions/win32_bthprops.py +33 -0
- angr/procedures/definitions/win32_bthprops_cpl.py +50 -0
- angr/procedures/definitions/win32_cabinet.py +82 -0
- angr/procedures/definitions/win32_certadm.py +74 -0
- angr/procedures/definitions/win32_certpoleng.py +54 -0
- angr/procedures/definitions/win32_cfgmgr32.py +516 -0
- angr/procedures/definitions/win32_chakra.py +212 -0
- angr/procedures/definitions/win32_cldapi.py +110 -0
- angr/procedures/definitions/win32_clfsw32.py +156 -0
- angr/procedures/definitions/win32_clusapi.py +598 -0
- angr/procedures/definitions/win32_comctl32.py +268 -0
- angr/procedures/definitions/win32_comdlg32.py +80 -0
- angr/procedures/definitions/win32_compstui.py +46 -0
- angr/procedures/definitions/win32_computecore.py +146 -0
- angr/procedures/definitions/win32_computenetwork.py +124 -0
- angr/procedures/definitions/win32_computestorage.py +62 -0
- angr/procedures/definitions/win32_comsvcs.py +52 -0
- angr/procedures/definitions/win32_coremessaging.py +23 -0
- angr/procedures/definitions/win32_credui.py +76 -0
- angr/procedures/definitions/win32_crypt32.py +496 -0
- angr/procedures/definitions/win32_cryptnet.py +48 -0
- angr/procedures/definitions/win32_cryptui.py +58 -0
- angr/procedures/definitions/win32_cryptxml.py +76 -0
- angr/procedures/definitions/win32_cscapi.py +46 -0
- angr/procedures/definitions/win32_d2d1.py +64 -0
- angr/procedures/definitions/win32_d3d10.py +92 -0
- angr/procedures/definitions/win32_d3d10_1.py +42 -0
- angr/procedures/definitions/win32_d3d11.py +44 -0
- angr/procedures/definitions/win32_d3d12.py +54 -0
- angr/procedures/definitions/win32_d3d9.py +60 -0
- angr/procedures/definitions/win32_d3dcompiler_47.py +90 -0
- angr/procedures/definitions/win32_d3dcsx.py +56 -0
- angr/procedures/definitions/win32_davclnt.py +74 -0
- angr/procedures/definitions/win32_dbgeng.py +46 -0
- angr/procedures/definitions/win32_dbghelp.py +476 -0
- angr/procedures/definitions/win32_dbgmodel.py +40 -0
- angr/procedures/definitions/win32_dciman32.py +78 -0
- angr/procedures/definitions/win32_dcomp.py +62 -0
- angr/procedures/definitions/win32_ddraw.py +52 -0
- angr/procedures/definitions/win32_deviceaccess.py +40 -0
- angr/procedures/definitions/win32_dflayout.py +40 -0
- angr/procedures/definitions/win32_dhcpcsvc.py +68 -0
- angr/procedures/definitions/win32_dhcpcsvc6.py +50 -0
- angr/procedures/definitions/win32_dhcpsapi.py +430 -0
- angr/procedures/definitions/win32_diagnosticdataquery.py +108 -0
- angr/procedures/definitions/win32_dinput8.py +40 -0
- angr/procedures/definitions/win32_directml.py +42 -0
- angr/procedures/definitions/win32_dmprocessxmlfiltered.py +40 -0
- angr/procedures/definitions/win32_dnsapi.py +166 -0
- angr/procedures/definitions/win32_drt.py +70 -0
- angr/procedures/definitions/win32_drtprov.py +56 -0
- angr/procedures/definitions/win32_drttransport.py +42 -0
- angr/procedures/definitions/win32_dsound.py +58 -0
- angr/procedures/definitions/win32_dsparse.py +76 -0
- angr/procedures/definitions/win32_dsprop.py +52 -0
- angr/procedures/definitions/win32_dssec.py +46 -0
- angr/procedures/definitions/win32_dsuiext.py +46 -0
- angr/procedures/definitions/win32_dwmapi.py +100 -0
- angr/procedures/definitions/win32_dwrite.py +40 -0
- angr/procedures/definitions/win32_dxcompiler.py +42 -0
- angr/procedures/definitions/win32_dxcore.py +40 -0
- angr/procedures/definitions/win32_dxgi.py +50 -0
- angr/procedures/definitions/win32_dxva2.py +114 -0
- angr/procedures/definitions/win32_eappcfg.py +66 -0
- angr/procedures/definitions/win32_eappprxy.py +74 -0
- angr/procedures/definitions/win32_efswrt.py +42 -0
- angr/procedures/definitions/win32_elscore.py +48 -0
- angr/procedures/definitions/win32_esent.py +496 -0
- angr/procedures/definitions/win32_evr.py +52 -0
- angr/procedures/definitions/win32_faultrep.py +46 -0
- angr/procedures/definitions/win32_fhsvcctl.py +52 -0
- angr/procedures/definitions/win32_firewallapi.py +44 -0
- angr/procedures/definitions/win32_fltlib.py +94 -0
- angr/procedures/definitions/win32_fontsub.py +42 -0
- angr/procedures/definitions/win32_forceinline.py +44 -0
- angr/procedures/definitions/win32_fwpuclnt.py +422 -0
- angr/procedures/definitions/win32_fxsutility.py +42 -0
- angr/procedures/definitions/win32_gdi32.py +900 -0
- angr/procedures/definitions/win32_gdiplus.py +1296 -0
- angr/procedures/definitions/win32_glu32.py +142 -0
- angr/procedures/definitions/win32_gpedit.py +50 -0
- angr/procedures/definitions/win32_hhctrl_ocx.py +42 -0
- angr/procedures/definitions/win32_hid.py +128 -0
- angr/procedures/definitions/win32_hlink.py +94 -0
- angr/procedures/definitions/win32_hrtfapo.py +40 -0
- angr/procedures/definitions/win32_httpapi.py +124 -0
- angr/procedures/definitions/win32_icm32.py +80 -0
- angr/procedures/definitions/win32_icmui.py +42 -0
- angr/procedures/definitions/win32_icu.py +2088 -0
- angr/procedures/definitions/win32_ieframe.py +96 -0
- angr/procedures/definitions/win32_imagehlp.py +90 -0
- angr/procedures/definitions/win32_imgutil.py +56 -0
- angr/procedures/definitions/win32_imm32.py +202 -0
- angr/procedures/definitions/win32_infocardapi.py +72 -0
- angr/procedures/definitions/win32_inkobjcore.py +92 -0
- angr/procedures/definitions/win32_iphlpapi.py +440 -0
- angr/procedures/definitions/win32_iscsidsc.py +196 -0
- angr/procedures/definitions/win32_isolatedwindowsenvironmentutils.py +42 -0
- angr/procedures/definitions/win32_kernel32.py +3199 -0
- angr/procedures/definitions/win32_kernelbase.py +50 -0
- angr/procedures/definitions/win32_keycredmgr.py +46 -0
- angr/procedures/definitions/win32_ksproxy_ax.py +50 -0
- angr/procedures/definitions/win32_ksuser.py +54 -0
- angr/procedures/definitions/win32_ktmw32.py +116 -0
- angr/procedures/definitions/win32_licenseprotection.py +42 -0
- angr/procedures/definitions/win32_loadperf.py +62 -0
- angr/procedures/definitions/win32_magnification.py +76 -0
- angr/procedures/definitions/win32_mapi32.py +170 -0
- angr/procedures/definitions/win32_mdmlocalmanagement.py +44 -0
- angr/procedures/definitions/win32_mdmregistration.py +68 -0
- angr/procedures/definitions/win32_mf.py +162 -0
- angr/procedures/definitions/win32_mfcore.py +42 -0
- angr/procedures/definitions/win32_mfplat.py +328 -0
- angr/procedures/definitions/win32_mfplay.py +40 -0
- angr/procedures/definitions/win32_mfreadwrite.py +48 -0
- angr/procedures/definitions/win32_mfsensorgroup.py +58 -0
- angr/procedures/definitions/win32_mfsrcsnk.py +42 -0
- angr/procedures/definitions/win32_mgmtapi.py +56 -0
- angr/procedures/definitions/win32_mi.py +40 -0
- angr/procedures/definitions/win32_mmdevapi.py +40 -0
- angr/procedures/definitions/win32_mpr.py +132 -0
- angr/procedures/definitions/win32_mprapi.py +262 -0
- angr/procedures/definitions/win32_mqrt.py +106 -0
- angr/procedures/definitions/win32_mrmsupport.py +92 -0
- angr/procedures/definitions/win32_msacm32.py +122 -0
- angr/procedures/definitions/win32_msajapi.py +1132 -0
- angr/procedures/definitions/win32_mscms.py +196 -0
- angr/procedures/definitions/win32_mscoree.py +92 -0
- angr/procedures/definitions/win32_msctfmonitor.py +44 -0
- angr/procedures/definitions/win32_msdelta.py +70 -0
- angr/procedures/definitions/win32_msdmo.py +60 -0
- angr/procedures/definitions/win32_msdrm.py +206 -0
- angr/procedures/definitions/win32_msi.py +566 -0
- angr/procedures/definitions/win32_msimg32.py +44 -0
- angr/procedures/definitions/win32_mspatcha.py +70 -0
- angr/procedures/definitions/win32_mspatchc.py +56 -0
- angr/procedures/definitions/win32_msports.py +52 -0
- angr/procedures/definitions/win32_msrating.py +76 -0
- angr/procedures/definitions/win32_mssign32.py +58 -0
- angr/procedures/definitions/win32_mstask.py +42 -0
- angr/procedures/definitions/win32_msvfw32.py +124 -0
- angr/procedures/definitions/win32_mswsock.py +70 -0
- angr/procedures/definitions/win32_mtxdm.py +40 -0
- angr/procedures/definitions/win32_ncrypt.py +116 -0
- angr/procedures/definitions/win32_ndfapi.py +70 -0
- angr/procedures/definitions/win32_netapi32.py +450 -0
- angr/procedures/definitions/win32_netsh.py +54 -0
- angr/procedures/definitions/win32_netshell.py +42 -0
- angr/procedures/definitions/win32_newdev.py +60 -0
- angr/procedures/definitions/win32_ninput.py +98 -0
- angr/procedures/definitions/win32_normaliz.py +42 -0
- angr/procedures/definitions/win32_ntdll.py +185 -0
- angr/procedures/definitions/win32_ntdllk.py +40 -0
- angr/procedures/definitions/win32_ntdsapi.py +200 -0
- angr/procedures/definitions/win32_ntlanman.py +58 -0
- angr/procedures/definitions/win32_odbc32.py +406 -0
- angr/procedures/definitions/win32_odbcbcp.py +92 -0
- angr/procedures/definitions/win32_ole32.py +672 -0
- angr/procedures/definitions/win32_oleacc.py +72 -0
- angr/procedures/definitions/win32_oleaut32.py +848 -0
- angr/procedures/definitions/win32_oledlg.py +84 -0
- angr/procedures/definitions/win32_ondemandconnroutehelper.py +48 -0
- angr/procedures/definitions/win32_opengl32.py +748 -0
- angr/procedures/definitions/win32_opmxbox.py +44 -0
- angr/procedures/definitions/win32_p2p.py +254 -0
- angr/procedures/definitions/win32_p2pgraph.py +112 -0
- angr/procedures/definitions/win32_pdh.py +234 -0
- angr/procedures/definitions/win32_peerdist.py +94 -0
- angr/procedures/definitions/win32_powrprof.py +206 -0
- angr/procedures/definitions/win32_prntvpt.py +60 -0
- angr/procedures/definitions/win32_projectedfslib.py +76 -0
- angr/procedures/definitions/win32_propsys.py +474 -0
- angr/procedures/definitions/win32_psapi.py +92 -0
- angr/procedures/definitions/win32_quartz.py +42 -0
- angr/procedures/definitions/win32_query.py +46 -0
- angr/procedures/definitions/win32_qwave.py +60 -0
- angr/procedures/definitions/win32_rasapi32.py +206 -0
- angr/procedures/definitions/win32_rasdlg.py +50 -0
- angr/procedures/definitions/win32_resutils.py +278 -0
- angr/procedures/definitions/win32_rometadata.py +23 -0
- angr/procedures/definitions/win32_rpcns4.py +160 -0
- angr/procedures/definitions/win32_rpcproxy.py +46 -0
- angr/procedures/definitions/win32_rpcrt4.py +932 -0
- angr/procedures/definitions/win32_rstrtmgr.py +60 -0
- angr/procedures/definitions/win32_rtm.py +190 -0
- angr/procedures/definitions/win32_rtutils.py +120 -0
- angr/procedures/definitions/win32_rtworkq.py +104 -0
- angr/procedures/definitions/win32_sas.py +40 -0
- angr/procedures/definitions/win32_scarddlg.py +48 -0
- angr/procedures/definitions/win32_schannel.py +56 -0
- angr/procedures/definitions/win32_sechost.py +42 -0
- angr/procedures/definitions/win32_secur32.py +216 -0
- angr/procedures/definitions/win32_sensapi.py +44 -0
- angr/procedures/definitions/win32_sensorsutilsv2.py +118 -0
- angr/procedures/definitions/win32_setupapi.py +706 -0
- angr/procedures/definitions/win32_sfc.py +50 -0
- angr/procedures/definitions/win32_shdocvw.py +44 -0
- angr/procedures/definitions/win32_shell32.py +526 -0
- angr/procedures/definitions/win32_shlwapi.py +758 -0
- angr/procedures/definitions/win32_slc.py +102 -0
- angr/procedures/definitions/win32_slcext.py +46 -0
- angr/procedures/definitions/win32_slwga.py +40 -0
- angr/procedures/definitions/win32_snmpapi.py +90 -0
- angr/procedures/definitions/win32_spoolss.py +90 -0
- angr/procedures/definitions/win32_srclient.py +40 -0
- angr/procedures/definitions/win32_srpapi.py +60 -0
- angr/procedures/definitions/win32_sspicli.py +52 -0
- angr/procedures/definitions/win32_sti.py +40 -0
- angr/procedures/definitions/win32_t2embed.py +66 -0
- angr/procedures/definitions/win32_tapi32.py +536 -0
- angr/procedures/definitions/win32_tbs.py +66 -0
- angr/procedures/definitions/win32_tdh.py +92 -0
- angr/procedures/definitions/win32_tokenbinding.py +58 -0
- angr/procedures/definitions/win32_traffic.py +78 -0
- angr/procedures/definitions/win32_txfw32.py +56 -0
- angr/procedures/definitions/win32_ualapi.py +46 -0
- angr/procedures/definitions/win32_uiautomationcore.py +234 -0
- angr/procedures/definitions/win32_urlmon.py +192 -0
- angr/procedures/definitions/win32_user32.py +1565 -0
- angr/procedures/definitions/win32_userenv.py +126 -0
- angr/procedures/definitions/win32_usp10.py +118 -0
- angr/procedures/definitions/win32_uxtheme.py +192 -0
- angr/procedures/definitions/win32_verifier.py +40 -0
- angr/procedures/definitions/win32_version.py +66 -0
- angr/procedures/definitions/win32_vertdll.py +52 -0
- angr/procedures/definitions/win32_virtdisk.py +96 -0
- angr/procedures/definitions/win32_vmdevicehost.py +64 -0
- angr/procedures/definitions/win32_vmsavedstatedumpprovider.py +124 -0
- angr/procedures/definitions/win32_vssapi.py +40 -0
- angr/procedures/definitions/win32_wcmapi.py +48 -0
- angr/procedures/definitions/win32_wdsbp.py +52 -0
- angr/procedures/definitions/win32_wdsclientapi.py +112 -0
- angr/procedures/definitions/win32_wdsmc.py +50 -0
- angr/procedures/definitions/win32_wdspxe.py +100 -0
- angr/procedures/definitions/win32_wdstptc.py +64 -0
- angr/procedures/definitions/win32_webauthn.py +64 -0
- angr/procedures/definitions/win32_webservices.py +424 -0
- angr/procedures/definitions/win32_websocket.py +64 -0
- angr/procedures/definitions/win32_wecapi.py +68 -0
- angr/procedures/definitions/win32_wer.py +80 -0
- angr/procedures/definitions/win32_wevtapi.py +108 -0
- angr/procedures/definitions/win32_winbio.py +146 -0
- angr/procedures/definitions/win32_windows_ai_machinelearning.py +40 -0
- angr/procedures/definitions/win32_windows_data_pdf.py +23 -0
- angr/procedures/definitions/win32_windows_media_mediacontrol.py +54 -0
- angr/procedures/definitions/win32_windows_networking.py +40 -0
- angr/procedures/definitions/win32_windows_ui_xaml.py +42 -0
- angr/procedures/definitions/win32_windowscodecs.py +56 -0
- angr/procedures/definitions/win32_winfax.py +150 -0
- angr/procedures/definitions/win32_winhttp.py +150 -0
- angr/procedures/definitions/win32_winhvemulation.py +46 -0
- angr/procedures/definitions/win32_winhvplatform.py +170 -0
- angr/procedures/definitions/win32_wininet.py +630 -0
- angr/procedures/definitions/win32_winml.py +40 -0
- angr/procedures/definitions/win32_winmm.py +390 -0
- angr/procedures/definitions/win32_winscard.py +178 -0
- angr/procedures/definitions/win32_winspool.py +363 -0
- angr/procedures/definitions/win32_winspool_drv.py +382 -0
- angr/procedures/definitions/win32_wintrust.py +158 -0
- angr/procedures/definitions/win32_winusb.py +106 -0
- angr/procedures/definitions/win32_wlanapi.py +158 -0
- angr/procedures/definitions/win32_wlanui.py +40 -0
- angr/procedures/definitions/win32_wldap32.py +524 -0
- angr/procedures/definitions/win32_wldp.py +56 -0
- angr/procedures/definitions/win32_wmvcore.py +60 -0
- angr/procedures/definitions/win32_wnvapi.py +42 -0
- angr/procedures/definitions/win32_wofutil.py +60 -0
- angr/procedures/definitions/win32_ws2_32.py +358 -0
- angr/procedures/definitions/win32_wscapi.py +50 -0
- angr/procedures/definitions/win32_wsclient.py +44 -0
- angr/procedures/definitions/win32_wsdapi.py +102 -0
- angr/procedures/definitions/win32_wsmsvc.py +104 -0
- angr/procedures/definitions/win32_wsnmp32.py +136 -0
- angr/procedures/definitions/win32_wtsapi32.py +164 -0
- angr/procedures/definitions/win32_xaudio2_8.py +46 -0
- angr/procedures/definitions/win32_xinput1_4.py +52 -0
- angr/procedures/definitions/win32_xinputuap.py +35 -0
- angr/procedures/definitions/win32_xmllite.py +50 -0
- angr/procedures/definitions/win32_xolehlp.py +46 -0
- angr/procedures/definitions/win32_xpsprint.py +42 -0
- angr/procedures/glibc/__ctype_b_loc.py +22 -0
- angr/procedures/glibc/__ctype_tolower_loc.py +22 -0
- angr/procedures/glibc/__ctype_toupper_loc.py +22 -0
- angr/procedures/glibc/__errno_location.py +6 -0
- angr/procedures/glibc/__init__.py +3 -0
- angr/procedures/glibc/__libc_init.py +36 -0
- angr/procedures/glibc/__libc_start_main.py +294 -0
- angr/procedures/glibc/dynamic_loading.py +19 -0
- angr/procedures/glibc/scanf.py +10 -0
- angr/procedures/glibc/sscanf.py +5 -0
- angr/procedures/gnulib/__init__.py +3 -0
- angr/procedures/gnulib/xalloc_die.py +13 -0
- angr/procedures/gnulib/xstrtol_fatal.py +13 -0
- angr/procedures/java/__init__.py +38 -0
- angr/procedures/java/unconstrained.py +64 -0
- angr/procedures/java_io/__init__.py +0 -0
- angr/procedures/java_io/read.py +11 -0
- angr/procedures/java_io/write.py +16 -0
- angr/procedures/java_jni/__init__.py +475 -0
- angr/procedures/java_jni/array_operations.py +309 -0
- angr/procedures/java_jni/class_and_interface_operations.py +31 -0
- angr/procedures/java_jni/field_access.py +176 -0
- angr/procedures/java_jni/global_and_local_refs.py +56 -0
- angr/procedures/java_jni/method_calls.py +364 -0
- angr/procedures/java_jni/not_implemented.py +25 -0
- angr/procedures/java_jni/object_operations.py +95 -0
- angr/procedures/java_jni/string_operations.py +86 -0
- angr/procedures/java_jni/version_information.py +11 -0
- angr/procedures/java_lang/__init__.py +0 -0
- angr/procedures/java_lang/character.py +31 -0
- angr/procedures/java_lang/double.py +24 -0
- angr/procedures/java_lang/exit.py +12 -0
- angr/procedures/java_lang/getsimplename.py +15 -0
- angr/procedures/java_lang/integer.py +42 -0
- angr/procedures/java_lang/load_library.py +8 -0
- angr/procedures/java_lang/math.py +14 -0
- angr/procedures/java_lang/string.py +78 -0
- angr/procedures/java_lang/stringbuilder.py +43 -0
- angr/procedures/java_lang/system.py +17 -0
- angr/procedures/java_util/__init__.py +0 -0
- angr/procedures/java_util/collection.py +34 -0
- angr/procedures/java_util/iterator.py +45 -0
- angr/procedures/java_util/list.py +98 -0
- angr/procedures/java_util/map.py +132 -0
- angr/procedures/java_util/random.py +11 -0
- angr/procedures/java_util/scanner_nextline.py +22 -0
- angr/procedures/libc/__init__.py +3 -0
- angr/procedures/libc/abort.py +8 -0
- angr/procedures/libc/access.py +10 -0
- angr/procedures/libc/atoi.py +14 -0
- angr/procedures/libc/atol.py +12 -0
- angr/procedures/libc/calloc.py +7 -0
- angr/procedures/libc/closelog.py +9 -0
- angr/procedures/libc/err.py +13 -0
- angr/procedures/libc/error.py +55 -0
- angr/procedures/libc/exit.py +10 -0
- angr/procedures/libc/fclose.py +20 -0
- angr/procedures/libc/feof.py +19 -0
- angr/procedures/libc/fflush.py +15 -0
- angr/procedures/libc/fgetc.py +24 -0
- angr/procedures/libc/fgets.py +68 -0
- angr/procedures/libc/fopen.py +64 -0
- angr/procedures/libc/fprintf.py +24 -0
- angr/procedures/libc/fputc.py +22 -0
- angr/procedures/libc/fputs.py +23 -0
- angr/procedures/libc/fread.py +22 -0
- angr/procedures/libc/free.py +8 -0
- angr/procedures/libc/fscanf.py +20 -0
- angr/procedures/libc/fseek.py +32 -0
- angr/procedures/libc/ftell.py +21 -0
- angr/procedures/libc/fwrite.py +18 -0
- angr/procedures/libc/getchar.py +13 -0
- angr/procedures/libc/getdelim.py +96 -0
- angr/procedures/libc/getegid.py +7 -0
- angr/procedures/libc/geteuid.py +7 -0
- angr/procedures/libc/getgid.py +7 -0
- angr/procedures/libc/gets.py +66 -0
- angr/procedures/libc/getuid.py +7 -0
- angr/procedures/libc/malloc.py +11 -0
- angr/procedures/libc/memcmp.py +69 -0
- angr/procedures/libc/memcpy.py +37 -0
- angr/procedures/libc/memset.py +69 -0
- angr/procedures/libc/openlog.py +9 -0
- angr/procedures/libc/perror.py +12 -0
- angr/procedures/libc/printf.py +33 -0
- angr/procedures/libc/putchar.py +12 -0
- angr/procedures/libc/puts.py +16 -0
- angr/procedures/libc/rand.py +7 -0
- angr/procedures/libc/realloc.py +7 -0
- angr/procedures/libc/rewind.py +11 -0
- angr/procedures/libc/scanf.py +20 -0
- angr/procedures/libc/setbuf.py +8 -0
- angr/procedures/libc/setvbuf.py +6 -0
- angr/procedures/libc/snprintf.py +33 -0
- angr/procedures/libc/sprintf.py +22 -0
- angr/procedures/libc/srand.py +6 -0
- angr/procedures/libc/sscanf.py +13 -0
- angr/procedures/libc/stpcpy.py +18 -0
- angr/procedures/libc/strcat.py +13 -0
- angr/procedures/libc/strchr.py +44 -0
- angr/procedures/libc/strcmp.py +28 -0
- angr/procedures/libc/strcpy.py +13 -0
- angr/procedures/libc/strlen.py +99 -0
- angr/procedures/libc/strncat.py +18 -0
- angr/procedures/libc/strncmp.py +180 -0
- angr/procedures/libc/strncpy.py +18 -0
- angr/procedures/libc/strnlen.py +13 -0
- angr/procedures/libc/strstr.py +94 -0
- angr/procedures/libc/strtol.py +263 -0
- angr/procedures/libc/strtoul.py +9 -0
- angr/procedures/libc/system.py +12 -0
- angr/procedures/libc/time.py +9 -0
- angr/procedures/libc/tmpnam.py +19 -0
- angr/procedures/libc/tolower.py +7 -0
- angr/procedures/libc/toupper.py +7 -0
- angr/procedures/libc/ungetc.py +19 -0
- angr/procedures/libc/vsnprintf.py +16 -0
- angr/procedures/libc/wchar.py +15 -0
- angr/procedures/libstdcpp/__init__.py +0 -0
- angr/procedures/libstdcpp/_unwind_resume.py +10 -0
- angr/procedures/libstdcpp/std____throw_bad_alloc.py +12 -0
- angr/procedures/libstdcpp/std____throw_bad_cast.py +12 -0
- angr/procedures/libstdcpp/std____throw_length_error.py +12 -0
- angr/procedures/libstdcpp/std____throw_logic_error.py +12 -0
- angr/procedures/libstdcpp/std__terminate.py +12 -0
- angr/procedures/linux_kernel/__init__.py +3 -0
- angr/procedures/linux_kernel/access.py +17 -0
- angr/procedures/linux_kernel/arch_prctl.py +33 -0
- angr/procedures/linux_kernel/arm_user_helpers.py +58 -0
- angr/procedures/linux_kernel/brk.py +17 -0
- angr/procedures/linux_kernel/cwd.py +27 -0
- angr/procedures/linux_kernel/fstat.py +137 -0
- angr/procedures/linux_kernel/fstat64.py +169 -0
- angr/procedures/linux_kernel/futex.py +17 -0
- angr/procedures/linux_kernel/getegid.py +16 -0
- angr/procedures/linux_kernel/geteuid.py +16 -0
- angr/procedures/linux_kernel/getgid.py +16 -0
- angr/procedures/linux_kernel/getpid.py +13 -0
- angr/procedures/linux_kernel/getrlimit.py +24 -0
- angr/procedures/linux_kernel/gettid.py +8 -0
- angr/procedures/linux_kernel/getuid.py +16 -0
- angr/procedures/linux_kernel/iovec.py +43 -0
- angr/procedures/linux_kernel/lseek.py +39 -0
- angr/procedures/linux_kernel/mmap.py +15 -0
- angr/procedures/linux_kernel/mprotect.py +41 -0
- angr/procedures/linux_kernel/munmap.py +7 -0
- angr/procedures/linux_kernel/openat.py +28 -0
- angr/procedures/linux_kernel/set_tid_address.py +7 -0
- angr/procedures/linux_kernel/sigaction.py +16 -0
- angr/procedures/linux_kernel/sigprocmask.py +20 -0
- angr/procedures/linux_kernel/stat.py +22 -0
- angr/procedures/linux_kernel/sysinfo.py +58 -0
- angr/procedures/linux_kernel/tgkill.py +7 -0
- angr/procedures/linux_kernel/time.py +30 -0
- angr/procedures/linux_kernel/uid.py +29 -0
- angr/procedures/linux_kernel/uname.py +28 -0
- angr/procedures/linux_kernel/unlink.py +22 -0
- angr/procedures/linux_kernel/vsyscall.py +15 -0
- angr/procedures/linux_loader/__init__.py +3 -0
- angr/procedures/linux_loader/_dl_initial_error_catch_tsd.py +6 -0
- angr/procedures/linux_loader/_dl_rtld_lock.py +14 -0
- angr/procedures/linux_loader/sim_loader.py +53 -0
- angr/procedures/linux_loader/tls.py +40 -0
- angr/procedures/msvcr/__getmainargs.py +15 -0
- angr/procedures/msvcr/__init__.py +4 -0
- angr/procedures/msvcr/_initterm.py +37 -0
- angr/procedures/msvcr/fmode.py +28 -0
- angr/procedures/ntdll/__init__.py +0 -0
- angr/procedures/ntdll/exceptions.py +57 -0
- angr/procedures/posix/__init__.py +3 -0
- angr/procedures/posix/accept.py +29 -0
- angr/procedures/posix/bind.py +12 -0
- angr/procedures/posix/bzero.py +6 -0
- angr/procedures/posix/chroot.py +26 -0
- angr/procedures/posix/close.py +9 -0
- angr/procedures/posix/closedir.py +6 -0
- angr/procedures/posix/dup.py +55 -0
- angr/procedures/posix/fcntl.py +9 -0
- angr/procedures/posix/fdopen.py +77 -0
- angr/procedures/posix/fileno.py +17 -0
- angr/procedures/posix/fork.py +10 -0
- angr/procedures/posix/getenv.py +34 -0
- angr/procedures/posix/gethostbyname.py +42 -0
- angr/procedures/posix/getpass.py +18 -0
- angr/procedures/posix/getsockopt.py +10 -0
- angr/procedures/posix/htonl.py +11 -0
- angr/procedures/posix/htons.py +11 -0
- angr/procedures/posix/inet_ntoa.py +61 -0
- angr/procedures/posix/listen.py +12 -0
- angr/procedures/posix/mmap.py +140 -0
- angr/procedures/posix/open.py +17 -0
- angr/procedures/posix/opendir.py +9 -0
- angr/procedures/posix/poll.py +54 -0
- angr/procedures/posix/pread64.py +45 -0
- angr/procedures/posix/pthread.py +87 -0
- angr/procedures/posix/pwrite64.py +45 -0
- angr/procedures/posix/read.py +12 -0
- angr/procedures/posix/readdir.py +59 -0
- angr/procedures/posix/recv.py +12 -0
- angr/procedures/posix/recvfrom.py +12 -0
- angr/procedures/posix/select.py +46 -0
- angr/procedures/posix/send.py +22 -0
- angr/procedures/posix/setsockopt.py +8 -0
- angr/procedures/posix/sigaction.py +20 -0
- angr/procedures/posix/sim_time.py +45 -0
- angr/procedures/posix/sleep.py +7 -0
- angr/procedures/posix/socket.py +18 -0
- angr/procedures/posix/strcasecmp.py +23 -0
- angr/procedures/posix/strdup.py +17 -0
- angr/procedures/posix/strtok_r.py +65 -0
- angr/procedures/posix/syslog.py +15 -0
- angr/procedures/posix/tz.py +8 -0
- angr/procedures/posix/unlink.py +10 -0
- angr/procedures/posix/usleep.py +7 -0
- angr/procedures/posix/write.py +12 -0
- angr/procedures/procedure_dict.py +48 -0
- angr/procedures/stubs/CallReturn.py +12 -0
- angr/procedures/stubs/NoReturnUnconstrained.py +12 -0
- angr/procedures/stubs/Nop.py +6 -0
- angr/procedures/stubs/PathTerminator.py +8 -0
- angr/procedures/stubs/Redirect.py +15 -0
- angr/procedures/stubs/ReturnChar.py +10 -0
- angr/procedures/stubs/ReturnUnconstrained.py +24 -0
- angr/procedures/stubs/UnresolvableCallTarget.py +8 -0
- angr/procedures/stubs/UnresolvableJumpTarget.py +8 -0
- angr/procedures/stubs/UserHook.py +15 -0
- angr/procedures/stubs/__init__.py +3 -0
- angr/procedures/stubs/b64_decode.py +12 -0
- angr/procedures/stubs/caller.py +13 -0
- angr/procedures/stubs/crazy_scanf.py +17 -0
- angr/procedures/stubs/format_parser.py +677 -0
- angr/procedures/stubs/syscall_stub.py +26 -0
- angr/procedures/testing/__init__.py +3 -0
- angr/procedures/testing/manyargs.py +8 -0
- angr/procedures/testing/retreg.py +8 -0
- angr/procedures/tracer/__init__.py +4 -0
- angr/procedures/tracer/random.py +8 -0
- angr/procedures/tracer/receive.py +21 -0
- angr/procedures/tracer/transmit.py +24 -0
- angr/procedures/uclibc/__init__.py +3 -0
- angr/procedures/uclibc/__uClibc_main.py +9 -0
- angr/procedures/win32/EncodePointer.py +6 -0
- angr/procedures/win32/ExitProcess.py +8 -0
- angr/procedures/win32/GetCommandLine.py +11 -0
- angr/procedures/win32/GetCurrentProcessId.py +6 -0
- angr/procedures/win32/GetCurrentThreadId.py +6 -0
- angr/procedures/win32/GetLastInputInfo.py +37 -0
- angr/procedures/win32/GetModuleHandle.py +30 -0
- angr/procedures/win32/GetProcessAffinityMask.py +34 -0
- angr/procedures/win32/InterlockedExchange.py +14 -0
- angr/procedures/win32/IsProcessorFeaturePresent.py +6 -0
- angr/procedures/win32/VirtualAlloc.py +113 -0
- angr/procedures/win32/VirtualProtect.py +59 -0
- angr/procedures/win32/__init__.py +3 -0
- angr/procedures/win32/critical_section.py +11 -0
- angr/procedures/win32/dynamic_loading.py +103 -0
- angr/procedures/win32/file_handles.py +47 -0
- angr/procedures/win32/gethostbyname.py +10 -0
- angr/procedures/win32/heap.py +42 -0
- angr/procedures/win32/is_bad_ptr.py +25 -0
- angr/procedures/win32/local_storage.py +85 -0
- angr/procedures/win32/mutex.py +10 -0
- angr/procedures/win32/sim_time.py +135 -0
- angr/procedures/win32/system_paths.py +34 -0
- angr/procedures/win32_kernel/ExAllocatePool.py +12 -0
- angr/procedures/win32_kernel/ExFreePoolWithTag.py +7 -0
- angr/procedures/win32_kernel/__init__.py +3 -0
- angr/procedures/win_user32/__init__.py +0 -0
- angr/procedures/win_user32/chars.py +12 -0
- angr/procedures/win_user32/keyboard.py +13 -0
- angr/procedures/win_user32/messagebox.py +49 -0
- angr/project.py +834 -0
- angr/protos/__init__.py +13 -0
- angr/protos/cfg_pb2.py +31 -0
- angr/protos/function_pb2.py +37 -0
- angr/protos/primitives_pb2.py +124 -0
- angr/protos/variables_pb2.py +126 -0
- angr/protos/xrefs_pb2.py +34 -0
- angr/py.typed +1 -0
- angr/serializable.py +63 -0
- angr/service.py +35 -0
- angr/sim_manager.py +971 -0
- angr/sim_options.py +444 -0
- angr/sim_procedure.py +606 -0
- angr/sim_state.py +1003 -0
- angr/sim_state_options.py +409 -0
- angr/sim_type.py +3372 -0
- angr/sim_variable.py +562 -0
- angr/simos/__init__.py +31 -0
- angr/simos/cgc.py +152 -0
- angr/simos/javavm.py +471 -0
- angr/simos/linux.py +519 -0
- angr/simos/simos.py +450 -0
- angr/simos/snimmuc_nxp.py +152 -0
- angr/simos/userland.py +163 -0
- angr/simos/windows.py +562 -0
- angr/slicer.py +353 -0
- angr/state_hierarchy.py +262 -0
- angr/state_plugins/__init__.py +29 -0
- angr/state_plugins/callstack.py +404 -0
- angr/state_plugins/cgc.py +153 -0
- angr/state_plugins/concrete.py +297 -0
- angr/state_plugins/debug_variables.py +194 -0
- angr/state_plugins/filesystem.py +469 -0
- angr/state_plugins/gdb.py +146 -0
- angr/state_plugins/globals.py +62 -0
- angr/state_plugins/heap/__init__.py +5 -0
- angr/state_plugins/heap/heap_base.py +126 -0
- angr/state_plugins/heap/heap_brk.py +134 -0
- angr/state_plugins/heap/heap_freelist.py +210 -0
- angr/state_plugins/heap/heap_libc.py +45 -0
- angr/state_plugins/heap/heap_ptmalloc.py +646 -0
- angr/state_plugins/heap/utils.py +21 -0
- angr/state_plugins/history.py +548 -0
- angr/state_plugins/inspect.py +376 -0
- angr/state_plugins/javavm_classloader.py +133 -0
- angr/state_plugins/jni_references.py +93 -0
- angr/state_plugins/libc.py +1263 -0
- angr/state_plugins/light_registers.py +170 -0
- angr/state_plugins/log.py +85 -0
- angr/state_plugins/loop_data.py +92 -0
- angr/state_plugins/plugin.py +155 -0
- angr/state_plugins/posix.py +709 -0
- angr/state_plugins/preconstrainer.py +195 -0
- angr/state_plugins/scratch.py +175 -0
- angr/state_plugins/sim_action.py +334 -0
- angr/state_plugins/sim_action_object.py +148 -0
- angr/state_plugins/sim_event.py +58 -0
- angr/state_plugins/solver.py +1129 -0
- angr/state_plugins/symbolizer.py +292 -0
- angr/state_plugins/trace_additions.py +752 -0
- angr/state_plugins/uc_manager.py +85 -0
- angr/state_plugins/unicorn_engine.py +1899 -0
- angr/state_plugins/view.py +341 -0
- angr/storage/__init__.py +9 -0
- angr/storage/file.py +1219 -0
- angr/storage/memory_mixins/__init__.py +393 -0
- angr/storage/memory_mixins/__init__.pyi +49 -0
- angr/storage/memory_mixins/actions_mixin.py +69 -0
- angr/storage/memory_mixins/address_concretization_mixin.py +388 -0
- angr/storage/memory_mixins/bvv_conversion_mixin.py +74 -0
- angr/storage/memory_mixins/clouseau_mixin.py +131 -0
- angr/storage/memory_mixins/conditional_store_mixin.py +24 -0
- angr/storage/memory_mixins/convenient_mappings_mixin.py +257 -0
- angr/storage/memory_mixins/default_filler_mixin.py +146 -0
- angr/storage/memory_mixins/dirty_addrs_mixin.py +9 -0
- angr/storage/memory_mixins/hex_dumper_mixin.py +85 -0
- angr/storage/memory_mixins/javavm_memory/__init__.py +1 -0
- angr/storage/memory_mixins/javavm_memory/javavm_memory_mixin.py +394 -0
- angr/storage/memory_mixins/keyvalue_memory/__init__.py +1 -0
- angr/storage/memory_mixins/keyvalue_memory/keyvalue_memory_mixin.py +36 -0
- angr/storage/memory_mixins/label_merger_mixin.py +31 -0
- angr/storage/memory_mixins/multi_value_merger_mixin.py +68 -0
- angr/storage/memory_mixins/name_resolution_mixin.py +70 -0
- angr/storage/memory_mixins/paged_memory/__init__.py +0 -0
- angr/storage/memory_mixins/paged_memory/page_backer_mixins.py +266 -0
- angr/storage/memory_mixins/paged_memory/paged_memory_mixin.py +750 -0
- angr/storage/memory_mixins/paged_memory/paged_memory_multivalue_mixin.py +63 -0
- angr/storage/memory_mixins/paged_memory/pages/__init__.py +33 -0
- angr/storage/memory_mixins/paged_memory/pages/cooperation.py +330 -0
- angr/storage/memory_mixins/paged_memory/pages/history_tracking_mixin.py +87 -0
- angr/storage/memory_mixins/paged_memory/pages/ispo_mixin.py +53 -0
- angr/storage/memory_mixins/paged_memory/pages/list_page.py +346 -0
- angr/storage/memory_mixins/paged_memory/pages/multi_values.py +290 -0
- angr/storage/memory_mixins/paged_memory/pages/mv_list_page.py +434 -0
- angr/storage/memory_mixins/paged_memory/pages/permissions_mixin.py +33 -0
- angr/storage/memory_mixins/paged_memory/pages/refcount_mixin.py +51 -0
- angr/storage/memory_mixins/paged_memory/pages/ultra_page.py +468 -0
- angr/storage/memory_mixins/paged_memory/privileged_mixin.py +36 -0
- angr/storage/memory_mixins/paged_memory/stack_allocation_mixin.py +73 -0
- angr/storage/memory_mixins/regioned_memory/__init__.py +6 -0
- angr/storage/memory_mixins/regioned_memory/abstract_address_descriptor.py +35 -0
- angr/storage/memory_mixins/regioned_memory/abstract_merger_mixin.py +43 -0
- angr/storage/memory_mixins/regioned_memory/region_category_mixin.py +7 -0
- angr/storage/memory_mixins/regioned_memory/region_data.py +245 -0
- angr/storage/memory_mixins/regioned_memory/region_meta_mixin.py +125 -0
- angr/storage/memory_mixins/regioned_memory/regioned_address_concretization_mixin.py +118 -0
- angr/storage/memory_mixins/regioned_memory/regioned_memory_mixin.py +462 -0
- angr/storage/memory_mixins/regioned_memory/static_find_mixin.py +70 -0
- angr/storage/memory_mixins/simple_interface_mixin.py +73 -0
- angr/storage/memory_mixins/simplification_mixin.py +13 -0
- angr/storage/memory_mixins/size_resolution_mixin.py +140 -0
- angr/storage/memory_mixins/slotted_memory.py +140 -0
- angr/storage/memory_mixins/smart_find_mixin.py +159 -0
- angr/storage/memory_mixins/symbolic_merger_mixin.py +12 -0
- angr/storage/memory_mixins/top_merger_mixin.py +24 -0
- angr/storage/memory_mixins/underconstrained_mixin.py +67 -0
- angr/storage/memory_mixins/unwrapper_mixin.py +26 -0
- angr/storage/memory_object.py +194 -0
- angr/storage/pcap.py +65 -0
- angr/tablespecs.py +90 -0
- angr/utils/__init__.py +33 -0
- angr/utils/algo.py +33 -0
- angr/utils/constants.py +7 -0
- angr/utils/cowdict.py +64 -0
- angr/utils/dynamic_dictlist.py +92 -0
- angr/utils/enums_conv.py +80 -0
- angr/utils/env.py +11 -0
- angr/utils/formatting.py +124 -0
- angr/utils/funcid.py +133 -0
- angr/utils/graph.py +822 -0
- angr/utils/lazy_import.py +12 -0
- angr/utils/library.py +214 -0
- angr/utils/loader.py +55 -0
- angr/utils/mp.py +64 -0
- angr/utils/segment_list.py +558 -0
- angr/utils/timing.py +45 -0
- angr/utils/typing.py +17 -0
- angr/vaults.py +370 -0
- angr-9.2.103.dist-info/LICENSE +24 -0
- angr-9.2.103.dist-info/METADATA +119 -0
- angr-9.2.103.dist-info/RECORD +1300 -0
- angr-9.2.103.dist-info/WHEEL +5 -0
- angr-9.2.103.dist-info/entry_points.txt +2 -0
- angr-9.2.103.dist-info/top_level.txt +1 -0
|
@@ -0,0 +1,1191 @@
|
|
|
1
|
+
from typing import Literal, TYPE_CHECKING
|
|
2
|
+
import logging
|
|
3
|
+
from collections import defaultdict
|
|
4
|
+
from itertools import count, chain
|
|
5
|
+
|
|
6
|
+
import networkx
|
|
7
|
+
|
|
8
|
+
from cle.backends.elf.compilation_unit import CompilationUnit
|
|
9
|
+
from cle.backends.elf.variable import Variable
|
|
10
|
+
from claripy.utils.orderedset import OrderedSet
|
|
11
|
+
|
|
12
|
+
from ...protos import variables_pb2
|
|
13
|
+
from ...serializable import Serializable
|
|
14
|
+
from ...sim_variable import SimVariable, SimStackVariable, SimMemoryVariable, SimRegisterVariable
|
|
15
|
+
from ...sim_type import (
|
|
16
|
+
TypeRef,
|
|
17
|
+
SimType,
|
|
18
|
+
SimStruct,
|
|
19
|
+
SimTypePointer,
|
|
20
|
+
SimTypeBottom,
|
|
21
|
+
SimTypeChar,
|
|
22
|
+
SimTypeShort,
|
|
23
|
+
SimTypeInt,
|
|
24
|
+
SimTypeLong,
|
|
25
|
+
)
|
|
26
|
+
from ...keyed_region import KeyedRegion
|
|
27
|
+
from ..plugin import KnowledgeBasePlugin
|
|
28
|
+
from ..types import TypesStore
|
|
29
|
+
from .variable_access import VariableAccess, VariableAccessSort
|
|
30
|
+
|
|
31
|
+
if TYPE_CHECKING:
|
|
32
|
+
from angr.code_location import CodeLocation
|
|
33
|
+
|
|
34
|
+
l = logging.getLogger(name=__name__)
|
|
35
|
+
|
|
36
|
+
|
|
37
|
+
class VariableType:
|
|
38
|
+
"""
|
|
39
|
+
Describes variable types.
|
|
40
|
+
"""
|
|
41
|
+
|
|
42
|
+
REGISTER = 0
|
|
43
|
+
MEMORY = 1
|
|
44
|
+
|
|
45
|
+
|
|
46
|
+
class LiveVariables:
|
|
47
|
+
"""
|
|
48
|
+
A collection of live variables at a program point.
|
|
49
|
+
"""
|
|
50
|
+
|
|
51
|
+
__slots__ = (
|
|
52
|
+
"register_region",
|
|
53
|
+
"stack_region",
|
|
54
|
+
)
|
|
55
|
+
|
|
56
|
+
def __init__(self, register_region, stack_region):
|
|
57
|
+
self.register_region = register_region
|
|
58
|
+
self.stack_region = stack_region
|
|
59
|
+
|
|
60
|
+
|
|
61
|
+
def _defaultdict_set():
|
|
62
|
+
return defaultdict(set)
|
|
63
|
+
|
|
64
|
+
|
|
65
|
+
class VariableManagerInternal(Serializable):
|
|
66
|
+
"""
|
|
67
|
+
Manage variables for a function. It is meant to be used internally by VariableManager, but it's common to be
|
|
68
|
+
given a reference to one in response to a query for "the variables for a given function". Maybe a better name
|
|
69
|
+
would be "VariableManagerScope".
|
|
70
|
+
"""
|
|
71
|
+
|
|
72
|
+
def __init__(self, manager, func_addr=None):
|
|
73
|
+
self.manager: "VariableManager" = manager
|
|
74
|
+
|
|
75
|
+
self.func_addr = func_addr
|
|
76
|
+
|
|
77
|
+
self._variables: set[SimVariable] = OrderedSet() # all variables that are added to any region
|
|
78
|
+
self._global_region = KeyedRegion()
|
|
79
|
+
self._stack_region = KeyedRegion()
|
|
80
|
+
self._register_region = KeyedRegion()
|
|
81
|
+
self._live_variables = {} # a mapping between addresses of program points and live variable collections
|
|
82
|
+
|
|
83
|
+
self._variable_accesses: dict[SimVariable, set[VariableAccess]] = defaultdict(set)
|
|
84
|
+
self._insn_to_variable: dict[int, set[tuple[SimVariable, int]]] = defaultdict(set)
|
|
85
|
+
self._stmt_to_variable: dict[tuple[int, int] | tuple[int, int, int], set[tuple[SimVariable, int]]] = (
|
|
86
|
+
defaultdict(set)
|
|
87
|
+
)
|
|
88
|
+
self._variable_to_stmt: dict[SimVariable, set[tuple[int, int] | tuple[int, int, int]]] = defaultdict(set)
|
|
89
|
+
self._atom_to_variable: dict[
|
|
90
|
+
tuple[int, int] | tuple[int, int, int], dict[int, set[tuple[SimVariable, int]]]
|
|
91
|
+
] = defaultdict(_defaultdict_set)
|
|
92
|
+
self._ident_to_variable: dict[str, SimVariable] = {}
|
|
93
|
+
self._variable_counters = {
|
|
94
|
+
"register": count(),
|
|
95
|
+
"stack": count(),
|
|
96
|
+
"argument": count(),
|
|
97
|
+
"phi": count(),
|
|
98
|
+
"global": count(),
|
|
99
|
+
}
|
|
100
|
+
|
|
101
|
+
self._unified_variables: set[SimVariable] = set()
|
|
102
|
+
self._variables_to_unified_variables: dict[SimVariable, SimVariable] = {}
|
|
103
|
+
|
|
104
|
+
self._phi_variables = {}
|
|
105
|
+
self._variables_to_phivars = defaultdict(set)
|
|
106
|
+
self._phi_variables_by_block = defaultdict(set)
|
|
107
|
+
|
|
108
|
+
self.types = TypesStore(self.manager._kb)
|
|
109
|
+
self.variable_to_types: dict[SimVariable, SimType] = {}
|
|
110
|
+
self.variables_with_manual_types = set()
|
|
111
|
+
|
|
112
|
+
# optimization
|
|
113
|
+
self._variables_without_writes = set()
|
|
114
|
+
|
|
115
|
+
self.ret_val_size = None
|
|
116
|
+
|
|
117
|
+
#
|
|
118
|
+
# Serialization
|
|
119
|
+
#
|
|
120
|
+
|
|
121
|
+
def __setstate__(self, state):
|
|
122
|
+
self.__dict__.update(state)
|
|
123
|
+
|
|
124
|
+
def __getstate__(self):
|
|
125
|
+
attributes = [
|
|
126
|
+
"func_addr",
|
|
127
|
+
"_variables",
|
|
128
|
+
"_global_region",
|
|
129
|
+
"_stack_region",
|
|
130
|
+
"_register_region",
|
|
131
|
+
"_live_variables",
|
|
132
|
+
"_variable_accesses",
|
|
133
|
+
"_insn_to_variable",
|
|
134
|
+
"_stmt_to_variable",
|
|
135
|
+
"_variable_to_stmt",
|
|
136
|
+
"_atom_to_variable",
|
|
137
|
+
"_ident_to_variable",
|
|
138
|
+
"_variable_counters",
|
|
139
|
+
"_unified_variables",
|
|
140
|
+
"_variables_to_unified_variables",
|
|
141
|
+
"_phi_variables",
|
|
142
|
+
"_variables_to_phivars",
|
|
143
|
+
"_phi_variables_by_block",
|
|
144
|
+
"types",
|
|
145
|
+
"variable_to_types",
|
|
146
|
+
"variables_with_manual_types",
|
|
147
|
+
"_variables_without_writes",
|
|
148
|
+
"ret_val_size",
|
|
149
|
+
]
|
|
150
|
+
d = {k: getattr(self, k) for k in attributes}
|
|
151
|
+
d["manager"] = None
|
|
152
|
+
d["types"].kb = None
|
|
153
|
+
return d
|
|
154
|
+
|
|
155
|
+
def set_manager(self, manager: "VariableManager"):
|
|
156
|
+
self.manager = manager
|
|
157
|
+
self.types.kb = manager._kb
|
|
158
|
+
|
|
159
|
+
@classmethod
|
|
160
|
+
def _get_cmsg(cls):
|
|
161
|
+
return variables_pb2.VariableManagerInternal()
|
|
162
|
+
|
|
163
|
+
def serialize_to_cmessage(self):
|
|
164
|
+
# pylint:disable=no-member,unused-variable
|
|
165
|
+
cmsg = self._get_cmsg()
|
|
166
|
+
|
|
167
|
+
# variables
|
|
168
|
+
register_variables = []
|
|
169
|
+
stack_variables = []
|
|
170
|
+
memory_variables = []
|
|
171
|
+
|
|
172
|
+
for variable in self._variables:
|
|
173
|
+
vc = variable.serialize_to_cmessage()
|
|
174
|
+
if isinstance(variable, SimRegisterVariable):
|
|
175
|
+
register_variables.append(vc)
|
|
176
|
+
elif isinstance(variable, SimStackVariable):
|
|
177
|
+
stack_variables.append(vc)
|
|
178
|
+
elif isinstance(variable, SimMemoryVariable):
|
|
179
|
+
memory_variables.append(vc)
|
|
180
|
+
else:
|
|
181
|
+
raise NotImplementedError()
|
|
182
|
+
for variable in self._phi_variables:
|
|
183
|
+
vc = variable.serialize_to_cmessage()
|
|
184
|
+
vc.base.is_phi = True
|
|
185
|
+
if isinstance(variable, SimRegisterVariable):
|
|
186
|
+
register_variables.append(vc)
|
|
187
|
+
elif isinstance(variable, SimStackVariable):
|
|
188
|
+
stack_variables.append(vc)
|
|
189
|
+
elif isinstance(variable, SimMemoryVariable):
|
|
190
|
+
memory_variables.append(vc)
|
|
191
|
+
else:
|
|
192
|
+
raise NotImplementedError()
|
|
193
|
+
|
|
194
|
+
cmsg.regvars.extend(register_variables)
|
|
195
|
+
cmsg.stackvars.extend(stack_variables)
|
|
196
|
+
cmsg.memvars.extend(memory_variables)
|
|
197
|
+
|
|
198
|
+
# accesses
|
|
199
|
+
accesses = []
|
|
200
|
+
for variable_accesses in self._variable_accesses.values():
|
|
201
|
+
for variable_access in variable_accesses:
|
|
202
|
+
accesses.append(variable_access.serialize_to_cmessage())
|
|
203
|
+
cmsg.accesses.extend(accesses)
|
|
204
|
+
|
|
205
|
+
# unified variables
|
|
206
|
+
unified_register_variables = []
|
|
207
|
+
unified_stack_variables = []
|
|
208
|
+
unified_memory_variables = []
|
|
209
|
+
|
|
210
|
+
unified_variable_idents: set[str] = set()
|
|
211
|
+
for variable in self._unified_variables:
|
|
212
|
+
unified_variable_idents.add(variable.ident)
|
|
213
|
+
if isinstance(variable, SimRegisterVariable):
|
|
214
|
+
unified_register_variables.append(variable.serialize_to_cmessage())
|
|
215
|
+
elif isinstance(variable, SimStackVariable):
|
|
216
|
+
unified_stack_variables.append(variable.serialize_to_cmessage())
|
|
217
|
+
elif isinstance(variable, SimMemoryVariable):
|
|
218
|
+
unified_memory_variables.append(variable.serialize_to_cmessage())
|
|
219
|
+
else:
|
|
220
|
+
raise NotImplementedError()
|
|
221
|
+
|
|
222
|
+
cmsg.unified_regvars.extend(unified_register_variables)
|
|
223
|
+
cmsg.unified_stackvars.extend(unified_stack_variables)
|
|
224
|
+
cmsg.unified_memvars.extend(unified_memory_variables)
|
|
225
|
+
|
|
226
|
+
relations = []
|
|
227
|
+
for variable, unified in self._variables_to_unified_variables.items():
|
|
228
|
+
if unified.ident not in unified_variable_idents:
|
|
229
|
+
l.error(
|
|
230
|
+
"The unified variable %s is missing from the unified variables of function %#x. Please "
|
|
231
|
+
"report it on GitHub.",
|
|
232
|
+
unified.ident,
|
|
233
|
+
self.func_addr,
|
|
234
|
+
)
|
|
235
|
+
continue
|
|
236
|
+
relation = variables_pb2.Var2Unified()
|
|
237
|
+
relation.var_ident = variable.ident
|
|
238
|
+
relation.unified_var_ident = unified.ident
|
|
239
|
+
relations.append(relation)
|
|
240
|
+
cmsg.var2unified.extend(relations)
|
|
241
|
+
|
|
242
|
+
# phi vars
|
|
243
|
+
phi_relations = []
|
|
244
|
+
for phi, vars_ in self._phi_variables.items():
|
|
245
|
+
for var in vars_:
|
|
246
|
+
if var not in self._variables and var not in self._phi_variables:
|
|
247
|
+
l.error("Ignore variable %s because it is not in the registered list.", var.ident)
|
|
248
|
+
continue
|
|
249
|
+
relation = variables_pb2.Phi2Var()
|
|
250
|
+
relation.phi_ident = phi.ident
|
|
251
|
+
relation.var_ident = var.ident
|
|
252
|
+
phi_relations.append(relation)
|
|
253
|
+
cmsg.phi2var.extend(phi_relations)
|
|
254
|
+
|
|
255
|
+
# TODO: Types
|
|
256
|
+
|
|
257
|
+
return cmsg
|
|
258
|
+
|
|
259
|
+
@classmethod
|
|
260
|
+
def parse_from_cmessage(
|
|
261
|
+
cls, cmsg, variable_manager=None, func_addr=None, **kwargs
|
|
262
|
+
) -> "VariableManagerInternal": # pylint:disable=arguments-differ
|
|
263
|
+
model = VariableManagerInternal(variable_manager, func_addr=func_addr)
|
|
264
|
+
|
|
265
|
+
variable_by_ident = {}
|
|
266
|
+
|
|
267
|
+
# variables
|
|
268
|
+
all_vars = []
|
|
269
|
+
|
|
270
|
+
for regvar_pb2 in cmsg.regvars:
|
|
271
|
+
all_vars.append((regvar_pb2.base.is_phi, SimRegisterVariable.parse_from_cmessage(regvar_pb2)))
|
|
272
|
+
for stackvar_pb2 in cmsg.stackvars:
|
|
273
|
+
all_vars.append((stackvar_pb2.base.is_phi, SimStackVariable.parse_from_cmessage(stackvar_pb2)))
|
|
274
|
+
for memvar_pb2 in cmsg.memvars:
|
|
275
|
+
all_vars.append((memvar_pb2.base.is_phi, SimMemoryVariable.parse_from_cmessage(memvar_pb2)))
|
|
276
|
+
for is_phi, var in all_vars:
|
|
277
|
+
variable_by_ident[var.ident] = var
|
|
278
|
+
if is_phi:
|
|
279
|
+
model._phi_variables[var] = set()
|
|
280
|
+
else:
|
|
281
|
+
model._variables.add(var)
|
|
282
|
+
model._ident_to_variable[var.ident] = var
|
|
283
|
+
|
|
284
|
+
# variable accesses
|
|
285
|
+
for varaccess_pb2 in cmsg.accesses:
|
|
286
|
+
variable_access = VariableAccess.parse_from_cmessage(varaccess_pb2, variable_by_ident=variable_by_ident)
|
|
287
|
+
variable = variable_access.variable
|
|
288
|
+
offset = variable_access.offset
|
|
289
|
+
tpl = (variable, offset)
|
|
290
|
+
|
|
291
|
+
model._variable_accesses[variable_access.variable].add(variable_access)
|
|
292
|
+
model._insn_to_variable[variable_access.location.ins_addr].add(tpl)
|
|
293
|
+
loc = (
|
|
294
|
+
(variable_access.location.block_addr, variable_access.location.stmt_idx)
|
|
295
|
+
if variable_access.location.block_idx is None
|
|
296
|
+
else (
|
|
297
|
+
variable_access.location.block_addr,
|
|
298
|
+
variable_access.location.block_idx,
|
|
299
|
+
variable_access.location.stmt_idx,
|
|
300
|
+
)
|
|
301
|
+
)
|
|
302
|
+
model._stmt_to_variable[loc].add(tpl)
|
|
303
|
+
model._variable_to_stmt[variable].add(loc)
|
|
304
|
+
if variable_access.atom_hash is not None:
|
|
305
|
+
model._atom_to_variable[loc][variable_access.atom_hash].add(tpl)
|
|
306
|
+
|
|
307
|
+
# unified variables
|
|
308
|
+
unified_variable_by_ident = {}
|
|
309
|
+
for regvar_pb2 in cmsg.unified_regvars:
|
|
310
|
+
regvar = SimRegisterVariable.parse_from_cmessage(regvar_pb2)
|
|
311
|
+
unified_variable_by_ident[regvar.ident] = regvar
|
|
312
|
+
model._unified_variables.add(regvar)
|
|
313
|
+
for stackvar_pb2 in cmsg.unified_stackvars:
|
|
314
|
+
stackvar = SimStackVariable.parse_from_cmessage(stackvar_pb2)
|
|
315
|
+
unified_variable_by_ident[stackvar.ident] = stackvar
|
|
316
|
+
model._unified_variables.add(stackvar)
|
|
317
|
+
for memvar_pb2 in cmsg.unified_memvars:
|
|
318
|
+
memvar = SimMemoryVariable.parse_from_cmessage(memvar_pb2)
|
|
319
|
+
unified_variable_by_ident[memvar.ident] = memvar
|
|
320
|
+
model._unified_variables.add(memvar)
|
|
321
|
+
|
|
322
|
+
for var2unified in cmsg.var2unified:
|
|
323
|
+
variable = variable_by_ident[var2unified.var_ident]
|
|
324
|
+
unified = unified_variable_by_ident.get(var2unified.unified_var_ident, None)
|
|
325
|
+
if unified is None:
|
|
326
|
+
l.warning(
|
|
327
|
+
"Unified variable %s is not found in unified_variable_by_ident.", var2unified.unified_var_ident
|
|
328
|
+
)
|
|
329
|
+
# as a stop gap, we make the variable unify to itself
|
|
330
|
+
model._variables_to_unified_variables[variable] = variable
|
|
331
|
+
continue
|
|
332
|
+
model._variables_to_unified_variables[variable] = unified
|
|
333
|
+
|
|
334
|
+
for phi2var in cmsg.phi2var:
|
|
335
|
+
phi = variable_by_ident.get(phi2var.phi_ident, None)
|
|
336
|
+
if phi is None:
|
|
337
|
+
l.warning("Phi variable %s is not found in variable_by_ident.", phi2var.phi_ident)
|
|
338
|
+
continue
|
|
339
|
+
var = variable_by_ident.get(phi2var.var_ident, None)
|
|
340
|
+
if var is None:
|
|
341
|
+
l.warning("Variable %s is not found in variable_by_ident.", phi2var.var_ident)
|
|
342
|
+
continue
|
|
343
|
+
model._phi_variables[phi].add(var)
|
|
344
|
+
model._variables_to_phivars[var].add(phi)
|
|
345
|
+
|
|
346
|
+
# TODO: Types
|
|
347
|
+
|
|
348
|
+
for var in model._variables:
|
|
349
|
+
if isinstance(var, SimStackVariable):
|
|
350
|
+
region = model._stack_region
|
|
351
|
+
offset = var.offset
|
|
352
|
+
elif isinstance(var, SimRegisterVariable):
|
|
353
|
+
region = model._register_region
|
|
354
|
+
offset = var.reg
|
|
355
|
+
elif isinstance(var, SimMemoryVariable):
|
|
356
|
+
region = model._global_region
|
|
357
|
+
offset = var.addr
|
|
358
|
+
else:
|
|
359
|
+
raise ValueError("Unsupported sort %s in parse_from_cmessage()." % type(var))
|
|
360
|
+
|
|
361
|
+
region.add_variable(offset, var)
|
|
362
|
+
|
|
363
|
+
model._variables_without_writes = set(model.get_variables_without_writes())
|
|
364
|
+
|
|
365
|
+
return model
|
|
366
|
+
|
|
367
|
+
#
|
|
368
|
+
# Public methods
|
|
369
|
+
#
|
|
370
|
+
|
|
371
|
+
def next_variable_ident(self, sort):
|
|
372
|
+
if sort not in self._variable_counters:
|
|
373
|
+
raise ValueError("Unsupported variable sort %s" % sort)
|
|
374
|
+
|
|
375
|
+
if sort == "register":
|
|
376
|
+
prefix = "r"
|
|
377
|
+
elif sort == "stack":
|
|
378
|
+
prefix = "s"
|
|
379
|
+
elif sort == "argument":
|
|
380
|
+
prefix = "arg"
|
|
381
|
+
elif sort == "global":
|
|
382
|
+
prefix = "g"
|
|
383
|
+
else:
|
|
384
|
+
prefix = "m"
|
|
385
|
+
|
|
386
|
+
ident = "i%s_%d" % (prefix, next(self._variable_counters[sort]))
|
|
387
|
+
return ident
|
|
388
|
+
|
|
389
|
+
def add_variable(self, sort, start, variable: SimVariable):
|
|
390
|
+
if sort == "stack":
|
|
391
|
+
region = self._stack_region
|
|
392
|
+
elif sort == "register":
|
|
393
|
+
region = self._register_region
|
|
394
|
+
elif sort == "global":
|
|
395
|
+
region = self._global_region
|
|
396
|
+
else:
|
|
397
|
+
raise ValueError("Unsupported sort %s in add_variable()." % sort)
|
|
398
|
+
|
|
399
|
+
# find if there is already an existing variable with the same identifier
|
|
400
|
+
if variable.ident in self._ident_to_variable:
|
|
401
|
+
existing_var = self._ident_to_variable[variable.ident]
|
|
402
|
+
if existing_var.name is not None and not variable.renamed:
|
|
403
|
+
variable.name = existing_var.name
|
|
404
|
+
variable.renamed = existing_var.renamed
|
|
405
|
+
self._ident_to_variable[variable.ident] = variable
|
|
406
|
+
region.add_variable(start, variable)
|
|
407
|
+
self._variables.add(variable)
|
|
408
|
+
self._variables_without_writes.add(variable)
|
|
409
|
+
|
|
410
|
+
def set_variable(self, sort, start, variable: SimVariable):
|
|
411
|
+
if sort == "stack":
|
|
412
|
+
region = self._stack_region
|
|
413
|
+
elif sort == "register":
|
|
414
|
+
region = self._register_region
|
|
415
|
+
elif sort == "global":
|
|
416
|
+
region = self._global_region
|
|
417
|
+
else:
|
|
418
|
+
raise ValueError("Unsupported sort %s in set_variable()." % sort)
|
|
419
|
+
# find if there is already an existing variable with the same identifier
|
|
420
|
+
if variable.ident in self._ident_to_variable:
|
|
421
|
+
existing_var = self._ident_to_variable[variable.ident]
|
|
422
|
+
if existing_var.name is not None and not variable.renamed:
|
|
423
|
+
variable.name = existing_var.name
|
|
424
|
+
variable.renamed = existing_var.renamed
|
|
425
|
+
region.set_variable(start, variable)
|
|
426
|
+
self._variables.add(variable)
|
|
427
|
+
self._variables_without_writes.add(variable)
|
|
428
|
+
|
|
429
|
+
def write_to(self, variable, offset, location, overwrite=False, atom=None):
|
|
430
|
+
self._record_variable_access(
|
|
431
|
+
VariableAccessSort.WRITE, variable, offset, location, overwrite=overwrite, atom=atom
|
|
432
|
+
)
|
|
433
|
+
|
|
434
|
+
def read_from(self, variable, offset, location, overwrite=False, atom=None):
|
|
435
|
+
self._record_variable_access(
|
|
436
|
+
VariableAccessSort.READ, variable, offset, location, overwrite=overwrite, atom=atom
|
|
437
|
+
)
|
|
438
|
+
|
|
439
|
+
def reference_at(self, variable, offset, location, overwrite=False, atom=None):
|
|
440
|
+
self._record_variable_access(
|
|
441
|
+
VariableAccessSort.REFERENCE, variable, offset, location, overwrite=overwrite, atom=atom
|
|
442
|
+
)
|
|
443
|
+
|
|
444
|
+
def _record_variable_access(
|
|
445
|
+
self,
|
|
446
|
+
sort: int,
|
|
447
|
+
variable,
|
|
448
|
+
offset,
|
|
449
|
+
location: "CodeLocation",
|
|
450
|
+
overwrite=False,
|
|
451
|
+
atom=None,
|
|
452
|
+
):
|
|
453
|
+
atom_hash = (hash(atom) & 0xFFFF_FFFF) if atom is not None else None
|
|
454
|
+
if overwrite:
|
|
455
|
+
self._variable_accesses[variable] = {VariableAccess(variable, sort, location, offset, atom_hash=atom_hash)}
|
|
456
|
+
else:
|
|
457
|
+
self._variable_accesses[variable].add(VariableAccess(variable, sort, location, offset, atom_hash=atom_hash))
|
|
458
|
+
self.record_variable(location, variable, offset, overwrite=overwrite, atom=atom)
|
|
459
|
+
if sort == VariableAccessSort.WRITE and variable in self._variables_without_writes:
|
|
460
|
+
self._variables_without_writes.discard(variable)
|
|
461
|
+
|
|
462
|
+
def record_variable(self, location: "CodeLocation", variable, offset, overwrite=False, atom=None):
|
|
463
|
+
if variable.ident not in self._ident_to_variable:
|
|
464
|
+
self._ident_to_variable[variable.ident] = variable
|
|
465
|
+
self._variables.add(variable)
|
|
466
|
+
var_and_offset = variable, offset
|
|
467
|
+
atom_hash = (hash(atom) & 0xFFFF_FFFF) if atom is not None else None
|
|
468
|
+
key = (
|
|
469
|
+
(location.block_addr, location.stmt_idx)
|
|
470
|
+
if location.block_idx is None
|
|
471
|
+
else (location.block_addr, location.block_idx, location.stmt_idx)
|
|
472
|
+
)
|
|
473
|
+
if overwrite:
|
|
474
|
+
self._insn_to_variable[location.ins_addr] = {var_and_offset}
|
|
475
|
+
self._stmt_to_variable[key] = {var_and_offset}
|
|
476
|
+
self._variable_to_stmt[variable].add(key)
|
|
477
|
+
if atom_hash is not None:
|
|
478
|
+
self._atom_to_variable[key][atom_hash] = {var_and_offset}
|
|
479
|
+
else:
|
|
480
|
+
self._insn_to_variable[location.ins_addr].add(var_and_offset)
|
|
481
|
+
self._stmt_to_variable[key].add(var_and_offset)
|
|
482
|
+
self._variable_to_stmt[variable].add(key)
|
|
483
|
+
if atom_hash is not None:
|
|
484
|
+
self._atom_to_variable[key][atom_hash].add(var_and_offset)
|
|
485
|
+
|
|
486
|
+
def remove_variable_by_atom(self, location: "CodeLocation", variable: SimVariable, atom):
|
|
487
|
+
key = (
|
|
488
|
+
(location.block_addr, location.stmt_idx)
|
|
489
|
+
if location.block_idx is None
|
|
490
|
+
else (location.block_addr, location.block_idx, location.stmt_idx)
|
|
491
|
+
)
|
|
492
|
+
if key in self._stmt_to_variable:
|
|
493
|
+
for var_and_offset in list(self._stmt_to_variable[key]):
|
|
494
|
+
if var_and_offset[0] == variable:
|
|
495
|
+
self._stmt_to_variable[key].remove(var_and_offset)
|
|
496
|
+
if not self._stmt_to_variable[key]:
|
|
497
|
+
del self._stmt_to_variable[key]
|
|
498
|
+
|
|
499
|
+
atom_hash = (hash(atom) & 0xFFFF_FFFF) if atom is not None else None
|
|
500
|
+
if key in self._atom_to_variable and atom_hash is not None and atom_hash in self._atom_to_variable[key]:
|
|
501
|
+
for var_and_offset in list(self._atom_to_variable[key][atom_hash]):
|
|
502
|
+
if var_and_offset[0] == variable:
|
|
503
|
+
self._atom_to_variable[key][atom_hash].discard(var_and_offset)
|
|
504
|
+
if not self._atom_to_variable[key][atom_hash]:
|
|
505
|
+
del self._atom_to_variable[key][atom_hash]
|
|
506
|
+
if not self._atom_to_variable[key]:
|
|
507
|
+
del self._atom_to_variable[key]
|
|
508
|
+
|
|
509
|
+
def make_phi_node(self, block_addr, *variables):
|
|
510
|
+
"""
|
|
511
|
+
Create a phi variable for variables at block `block_addr`.
|
|
512
|
+
|
|
513
|
+
:param int block_addr: The address of the current block.
|
|
514
|
+
:param variables: Variables that the phi variable represents.
|
|
515
|
+
:return: The created phi variable.
|
|
516
|
+
"""
|
|
517
|
+
|
|
518
|
+
existing_phis = set()
|
|
519
|
+
non_phis = set()
|
|
520
|
+
for var in variables:
|
|
521
|
+
if self.is_phi_variable(var):
|
|
522
|
+
existing_phis.add(var)
|
|
523
|
+
else:
|
|
524
|
+
non_phis.add(var)
|
|
525
|
+
if var in self._variables_to_phivars:
|
|
526
|
+
for phivar in self._variables_to_phivars[var]:
|
|
527
|
+
existing_phis.add(phivar)
|
|
528
|
+
|
|
529
|
+
if len(existing_phis) >= 1:
|
|
530
|
+
# iterate through existing phi variables to see if any of it is already used as the phi variable for this
|
|
531
|
+
# block. if so, we reuse it to avoid redundant variable allocations
|
|
532
|
+
for phi in existing_phis:
|
|
533
|
+
if block_addr in self._phi_variables_by_block and phi in self._phi_variables_by_block[block_addr]:
|
|
534
|
+
if not non_phis.issubset(self.get_phi_subvariables(phi)):
|
|
535
|
+
# Update the variables that this phi variable represents
|
|
536
|
+
self._phi_variables[phi] |= non_phis
|
|
537
|
+
return phi
|
|
538
|
+
|
|
539
|
+
# allocate a new phi variable
|
|
540
|
+
repre = next(iter(variables))
|
|
541
|
+
repre_type = type(repre)
|
|
542
|
+
repre_size = max(var.size for var in variables)
|
|
543
|
+
if repre_type is SimRegisterVariable:
|
|
544
|
+
ident_sort = "register"
|
|
545
|
+
a = SimRegisterVariable(repre.reg, repre_size, ident=self.next_variable_ident(ident_sort))
|
|
546
|
+
elif repre_type is SimMemoryVariable:
|
|
547
|
+
ident_sort = "global"
|
|
548
|
+
a = SimMemoryVariable(repre.addr, repre_size, ident=self.next_variable_ident(ident_sort))
|
|
549
|
+
elif repre_type is SimStackVariable:
|
|
550
|
+
ident_sort = "stack"
|
|
551
|
+
a = SimStackVariable(repre.offset, repre_size, ident=self.next_variable_ident(ident_sort))
|
|
552
|
+
else:
|
|
553
|
+
raise TypeError('make_phi_node(): Unsupported variable type "%s".' % type(repre))
|
|
554
|
+
|
|
555
|
+
# Keep a record of all phi variables
|
|
556
|
+
self._phi_variables[a] = set(variables)
|
|
557
|
+
self._phi_variables_by_block[block_addr].add(a)
|
|
558
|
+
for var in variables:
|
|
559
|
+
self._variables_to_phivars[var].add(a)
|
|
560
|
+
|
|
561
|
+
return a
|
|
562
|
+
|
|
563
|
+
def set_live_variables(self, addr, register_region, stack_region):
|
|
564
|
+
lv = LiveVariables(register_region, stack_region)
|
|
565
|
+
self._live_variables[addr] = lv
|
|
566
|
+
|
|
567
|
+
def find_variables_by_insn(self, ins_addr, sort):
|
|
568
|
+
if ins_addr not in self._insn_to_variable:
|
|
569
|
+
return None
|
|
570
|
+
|
|
571
|
+
if sort in (VariableType.MEMORY, "memory"):
|
|
572
|
+
vars_and_offset = [
|
|
573
|
+
(var, offset)
|
|
574
|
+
for var, offset in self._insn_to_variable[ins_addr]
|
|
575
|
+
if isinstance(var, (SimStackVariable, SimMemoryVariable))
|
|
576
|
+
]
|
|
577
|
+
elif sort in (VariableType.REGISTER, "register"):
|
|
578
|
+
vars_and_offset = [
|
|
579
|
+
(var, offset)
|
|
580
|
+
for var, offset in self._insn_to_variable[ins_addr]
|
|
581
|
+
if isinstance(var, SimRegisterVariable)
|
|
582
|
+
]
|
|
583
|
+
else:
|
|
584
|
+
l.error('find_variable_by_insn(): Unsupported variable sort "%s".', sort)
|
|
585
|
+
return []
|
|
586
|
+
|
|
587
|
+
return vars_and_offset
|
|
588
|
+
|
|
589
|
+
def is_variable_used_at(self, variable: SimVariable, loc: tuple[int, int]) -> bool:
|
|
590
|
+
return loc in self._variable_to_stmt[variable]
|
|
591
|
+
|
|
592
|
+
def find_variable_by_stmt(self, block_addr, stmt_idx, sort, block_idx: int | None = None):
|
|
593
|
+
return next(iter(self.find_variables_by_stmt(block_addr, stmt_idx, sort, block_idx=block_idx)), None)
|
|
594
|
+
|
|
595
|
+
def find_variables_by_stmt(
|
|
596
|
+
self, block_addr: int, stmt_idx: int, sort: str, block_idx: int | None = None
|
|
597
|
+
) -> list[tuple[SimVariable, int]]:
|
|
598
|
+
key = (block_addr, stmt_idx) if block_idx is None else (block_addr, block_idx, stmt_idx)
|
|
599
|
+
|
|
600
|
+
if key not in self._stmt_to_variable:
|
|
601
|
+
return []
|
|
602
|
+
|
|
603
|
+
variables = self._stmt_to_variable[key]
|
|
604
|
+
if not variables:
|
|
605
|
+
return []
|
|
606
|
+
|
|
607
|
+
if sort == "memory":
|
|
608
|
+
var_and_offsets = list(
|
|
609
|
+
(var, offset)
|
|
610
|
+
for var, offset in self._stmt_to_variable[key]
|
|
611
|
+
if isinstance(var, (SimStackVariable, SimMemoryVariable))
|
|
612
|
+
)
|
|
613
|
+
elif sort == "register":
|
|
614
|
+
var_and_offsets = list(
|
|
615
|
+
(var, offset) for var, offset in self._stmt_to_variable[key] if isinstance(var, SimRegisterVariable)
|
|
616
|
+
)
|
|
617
|
+
else:
|
|
618
|
+
l.error('find_variables_by_stmt(): Unsupported variable sort "%s".', sort)
|
|
619
|
+
return []
|
|
620
|
+
|
|
621
|
+
return var_and_offsets
|
|
622
|
+
|
|
623
|
+
def find_variable_by_atom(self, block_addr, stmt_idx, atom, block_idx: int | None = None):
|
|
624
|
+
return next(iter(self.find_variables_by_atom(block_addr, stmt_idx, atom, block_idx=block_idx)), None)
|
|
625
|
+
|
|
626
|
+
def find_variables_by_atom(
|
|
627
|
+
self, block_addr, stmt_idx, atom, block_idx: int | None = None
|
|
628
|
+
) -> set[tuple[SimVariable, int]]:
|
|
629
|
+
if block_idx is None:
|
|
630
|
+
key = block_addr, stmt_idx
|
|
631
|
+
else:
|
|
632
|
+
key = block_addr, block_idx, stmt_idx
|
|
633
|
+
|
|
634
|
+
if key not in self._atom_to_variable:
|
|
635
|
+
return set()
|
|
636
|
+
|
|
637
|
+
atom_hash = hash(atom) & 0xFFFF_FFFF
|
|
638
|
+
if atom_hash not in self._atom_to_variable[key]:
|
|
639
|
+
return set()
|
|
640
|
+
|
|
641
|
+
return self._atom_to_variable[key][atom_hash]
|
|
642
|
+
|
|
643
|
+
def find_variables_by_stack_offset(self, offset: int) -> set[SimVariable]:
|
|
644
|
+
return self._stack_region.get_variables_by_offset(offset)
|
|
645
|
+
|
|
646
|
+
def find_variables_by_register(self, reg: str | int) -> set[SimVariable]:
|
|
647
|
+
if type(reg) is str:
|
|
648
|
+
reg = self.manager._kb._project.arch.registers.get(reg)[0]
|
|
649
|
+
return self._register_region.get_variables_by_offset(reg)
|
|
650
|
+
|
|
651
|
+
def get_variable_accesses(self, variable: SimVariable, same_name: bool = False) -> list[VariableAccess]:
|
|
652
|
+
if not same_name:
|
|
653
|
+
if variable in self._variable_accesses:
|
|
654
|
+
return list(self._variable_accesses[variable])
|
|
655
|
+
|
|
656
|
+
return []
|
|
657
|
+
|
|
658
|
+
# find all variables with the same variable name
|
|
659
|
+
|
|
660
|
+
vars_list = []
|
|
661
|
+
|
|
662
|
+
for var in self._variable_accesses.keys():
|
|
663
|
+
if variable.name == var.name:
|
|
664
|
+
vars_list.append(var)
|
|
665
|
+
|
|
666
|
+
accesses = []
|
|
667
|
+
for var in vars_list:
|
|
668
|
+
accesses.extend(self.get_variable_accesses(var))
|
|
669
|
+
|
|
670
|
+
return accesses
|
|
671
|
+
|
|
672
|
+
def get_variables(
|
|
673
|
+
self, sort: Literal["stack", "reg"] | None = None, collapse_same_ident=False
|
|
674
|
+
) -> list[SimStackVariable | SimRegisterVariable]:
|
|
675
|
+
"""
|
|
676
|
+
Get a list of variables.
|
|
677
|
+
|
|
678
|
+
:param sort: Sort of the variable to get.
|
|
679
|
+
:param collapse_same_ident: Whether variables of the same identifier should be collapsed or not.
|
|
680
|
+
:return: A list of variables.
|
|
681
|
+
"""
|
|
682
|
+
|
|
683
|
+
variables = []
|
|
684
|
+
|
|
685
|
+
if collapse_same_ident:
|
|
686
|
+
raise NotImplementedError()
|
|
687
|
+
|
|
688
|
+
for var in self._variables:
|
|
689
|
+
if sort == "stack" and not isinstance(var, SimStackVariable):
|
|
690
|
+
continue
|
|
691
|
+
if sort == "reg" and not isinstance(var, SimRegisterVariable):
|
|
692
|
+
continue
|
|
693
|
+
variables.append(var)
|
|
694
|
+
|
|
695
|
+
return variables
|
|
696
|
+
|
|
697
|
+
def get_unified_variables(
|
|
698
|
+
self, sort: Literal["stack", "reg"] | None = None
|
|
699
|
+
) -> list[SimStackVariable | SimRegisterVariable]:
|
|
700
|
+
"""
|
|
701
|
+
Get a list of unified variables.
|
|
702
|
+
|
|
703
|
+
:param sort: Sort of the variable to get.
|
|
704
|
+
:return: A list of variables.
|
|
705
|
+
"""
|
|
706
|
+
|
|
707
|
+
variables = []
|
|
708
|
+
|
|
709
|
+
for var in self._unified_variables:
|
|
710
|
+
if sort == "stack" and not isinstance(var, SimStackVariable):
|
|
711
|
+
continue
|
|
712
|
+
if sort == "reg" and not isinstance(var, SimRegisterVariable):
|
|
713
|
+
continue
|
|
714
|
+
variables.append(var)
|
|
715
|
+
|
|
716
|
+
return variables
|
|
717
|
+
|
|
718
|
+
def get_global_variables(self, addr):
|
|
719
|
+
"""
|
|
720
|
+
Get global variable by the address of the variable.
|
|
721
|
+
|
|
722
|
+
:param int addr: Address of the variable.
|
|
723
|
+
:return: A set of variables or an empty set if no variable exists.
|
|
724
|
+
"""
|
|
725
|
+
return self._global_region.get_variables_by_offset(addr)
|
|
726
|
+
|
|
727
|
+
def is_phi_variable(self, var):
|
|
728
|
+
"""
|
|
729
|
+
Test if `var` is a phi variable.
|
|
730
|
+
|
|
731
|
+
:param SimVariable var: The variable instance.
|
|
732
|
+
:return: True if `var` is a phi variable, False otherwise.
|
|
733
|
+
:rtype: bool
|
|
734
|
+
"""
|
|
735
|
+
|
|
736
|
+
return var in self._phi_variables
|
|
737
|
+
|
|
738
|
+
def get_phi_subvariables(self, var):
|
|
739
|
+
"""
|
|
740
|
+
Get sub-variables that phi variable `var` represents.
|
|
741
|
+
|
|
742
|
+
:param SimVariable var: The variable instance.
|
|
743
|
+
:return: A set of sub-variables, or an empty set if `var` is not a phi variable.
|
|
744
|
+
:rtype: set
|
|
745
|
+
"""
|
|
746
|
+
|
|
747
|
+
if not self.is_phi_variable(var):
|
|
748
|
+
return set()
|
|
749
|
+
return self._phi_variables[var]
|
|
750
|
+
|
|
751
|
+
def get_phi_variables(self, block_addr):
|
|
752
|
+
"""
|
|
753
|
+
Get a dict of phi variables and their corresponding variables.
|
|
754
|
+
|
|
755
|
+
:param int block_addr: Address of the block.
|
|
756
|
+
:return: A dict of phi variables of an empty dict if there are no phi variables at the block.
|
|
757
|
+
:rtype: dict
|
|
758
|
+
"""
|
|
759
|
+
|
|
760
|
+
if block_addr not in self._phi_variables_by_block:
|
|
761
|
+
return {}
|
|
762
|
+
variables = {}
|
|
763
|
+
for phi in self._phi_variables_by_block[block_addr]:
|
|
764
|
+
variables[phi] = self._phi_variables[phi]
|
|
765
|
+
return variables
|
|
766
|
+
|
|
767
|
+
def get_variables_without_writes(self) -> list[SimVariable]:
|
|
768
|
+
"""
|
|
769
|
+
Get all variables that have never been written to.
|
|
770
|
+
|
|
771
|
+
:return: A list of variables that are never written to.
|
|
772
|
+
"""
|
|
773
|
+
|
|
774
|
+
def has_write_access(accesses):
|
|
775
|
+
return any(acc for acc in accesses if acc.access_type == VariableAccessSort.WRITE)
|
|
776
|
+
|
|
777
|
+
input_variables = []
|
|
778
|
+
|
|
779
|
+
for variable, accesses in self._variable_accesses.items():
|
|
780
|
+
if variable in self._phi_variables:
|
|
781
|
+
# a phi variable is definitely not an input variable
|
|
782
|
+
continue
|
|
783
|
+
if not has_write_access(accesses):
|
|
784
|
+
input_variables.append(variable)
|
|
785
|
+
|
|
786
|
+
return input_variables
|
|
787
|
+
|
|
788
|
+
def input_variables(self, exclude_specials: bool = True):
|
|
789
|
+
"""
|
|
790
|
+
Get all variables that have never been written to.
|
|
791
|
+
|
|
792
|
+
:return: A list of variables that are never written to.
|
|
793
|
+
"""
|
|
794
|
+
|
|
795
|
+
def has_read_access(accesses):
|
|
796
|
+
return any(acc for acc in accesses if acc.access_type == VariableAccessSort.READ)
|
|
797
|
+
|
|
798
|
+
input_variables = []
|
|
799
|
+
|
|
800
|
+
for variable in self._variables_without_writes:
|
|
801
|
+
if variable in self._phi_variables:
|
|
802
|
+
# a phi variable is definitely not an input variable
|
|
803
|
+
continue
|
|
804
|
+
if variable in self._variable_accesses:
|
|
805
|
+
accesses = self._variable_accesses[variable]
|
|
806
|
+
if has_read_access(accesses):
|
|
807
|
+
if not exclude_specials or not variable.category:
|
|
808
|
+
input_variables.append(variable)
|
|
809
|
+
|
|
810
|
+
return input_variables
|
|
811
|
+
|
|
812
|
+
def assign_variable_names(self, labels=None, types=None):
|
|
813
|
+
"""
|
|
814
|
+
Assign default names to all SSA variables.
|
|
815
|
+
|
|
816
|
+
:param labels: Known labels in the binary.
|
|
817
|
+
:return: None
|
|
818
|
+
"""
|
|
819
|
+
|
|
820
|
+
for var in self._variables:
|
|
821
|
+
if (types is None or SimStackVariable in types) and isinstance(var, SimStackVariable):
|
|
822
|
+
if var.name is not None:
|
|
823
|
+
continue
|
|
824
|
+
if var.ident.startswith("iarg"):
|
|
825
|
+
var.name = "arg_%x" % var.offset
|
|
826
|
+
else:
|
|
827
|
+
var.name = "s_%x" % (-var.offset)
|
|
828
|
+
# var.name = var.ident
|
|
829
|
+
elif (types is None or SimRegisterVariable in types) and isinstance(var, SimRegisterVariable):
|
|
830
|
+
if var.name is not None:
|
|
831
|
+
continue
|
|
832
|
+
var.name = var.ident
|
|
833
|
+
elif (types is None or SimMemoryVariable in types) and isinstance(var, SimMemoryVariable):
|
|
834
|
+
if var.name is not None:
|
|
835
|
+
continue
|
|
836
|
+
if labels is not None and var.addr in labels:
|
|
837
|
+
var.name = labels[var.addr]
|
|
838
|
+
if "@@" in var.name:
|
|
839
|
+
var.name = var.name[: var.name.index("@@")]
|
|
840
|
+
elif isinstance(var.addr, int):
|
|
841
|
+
var.name = "g_%x" % var.addr
|
|
842
|
+
elif var.ident is not None:
|
|
843
|
+
var.name = var.ident
|
|
844
|
+
else:
|
|
845
|
+
var.name = "g_%s" % var.addr
|
|
846
|
+
|
|
847
|
+
def assign_unified_variable_names(
|
|
848
|
+
self, labels=None, arg_names: list[str] | None = None, reset: bool = False
|
|
849
|
+
) -> None:
|
|
850
|
+
"""
|
|
851
|
+
Assign default names to all unified variables.
|
|
852
|
+
|
|
853
|
+
:param labels: Known labels in the binary.
|
|
854
|
+
:param arg_names: Known argument names.
|
|
855
|
+
:param reset: Reset all variable names or not.
|
|
856
|
+
"""
|
|
857
|
+
|
|
858
|
+
def _id_from_varident(ident: str) -> int:
|
|
859
|
+
return int(ident[ident.find("_") + 1 :])
|
|
860
|
+
|
|
861
|
+
if not self._unified_variables:
|
|
862
|
+
return
|
|
863
|
+
|
|
864
|
+
sorted_stack_variables = []
|
|
865
|
+
sorted_reg_variables = []
|
|
866
|
+
arg_vars = []
|
|
867
|
+
|
|
868
|
+
for var in self._unified_variables:
|
|
869
|
+
if isinstance(var, SimStackVariable):
|
|
870
|
+
if var.ident and var.ident.startswith("arg_"):
|
|
871
|
+
arg_vars.append(var)
|
|
872
|
+
else:
|
|
873
|
+
sorted_stack_variables.append(var)
|
|
874
|
+
|
|
875
|
+
elif isinstance(var, SimRegisterVariable):
|
|
876
|
+
if var.ident and var.ident.startswith("arg_"):
|
|
877
|
+
arg_vars.append(var)
|
|
878
|
+
else:
|
|
879
|
+
sorted_reg_variables.append(var)
|
|
880
|
+
|
|
881
|
+
elif isinstance(var, SimMemoryVariable):
|
|
882
|
+
if not reset and var.name is not None:
|
|
883
|
+
continue
|
|
884
|
+
# assign names directly
|
|
885
|
+
if labels is not None and var.addr in labels:
|
|
886
|
+
var.name = labels[var.addr]
|
|
887
|
+
if "@@" in var.name:
|
|
888
|
+
var.name = var.name[: var.name.index("@@")]
|
|
889
|
+
elif var.ident:
|
|
890
|
+
var.name = var.ident
|
|
891
|
+
else:
|
|
892
|
+
var.name = f"g_{var.addr:x}"
|
|
893
|
+
|
|
894
|
+
# rename variables in a fixed order
|
|
895
|
+
var_ctr = count(0)
|
|
896
|
+
|
|
897
|
+
sorted_stack_variables = sorted(sorted_stack_variables, key=lambda v: v.offset)
|
|
898
|
+
sorted_reg_variables = sorted(sorted_reg_variables, key=lambda v: _id_from_varident(v.ident))
|
|
899
|
+
|
|
900
|
+
for var in chain(sorted_stack_variables, sorted_reg_variables):
|
|
901
|
+
idx = next(var_ctr)
|
|
902
|
+
if var.name is not None and not reset:
|
|
903
|
+
continue
|
|
904
|
+
if isinstance(var, SimStackVariable):
|
|
905
|
+
var.name = f"v{idx}"
|
|
906
|
+
elif isinstance(var, SimRegisterVariable):
|
|
907
|
+
var.name = f"v{idx}"
|
|
908
|
+
# clear the hash cache
|
|
909
|
+
var._hash = None
|
|
910
|
+
|
|
911
|
+
# rename arguments but keeping the original order
|
|
912
|
+
arg_ctr = count(0)
|
|
913
|
+
arg_vars = sorted(arg_vars, key=lambda v: _id_from_varident(v.ident))
|
|
914
|
+
for var in arg_vars:
|
|
915
|
+
idx = next(arg_ctr)
|
|
916
|
+
if var.name is not None and not reset:
|
|
917
|
+
continue
|
|
918
|
+
var.name = arg_names[idx] if arg_names else f"a{idx}"
|
|
919
|
+
var._hash = None
|
|
920
|
+
|
|
921
|
+
def _register_struct_type(self, ty: SimStruct, name: str | None = None) -> TypeRef:
|
|
922
|
+
if not name:
|
|
923
|
+
name = ty.name
|
|
924
|
+
if not name:
|
|
925
|
+
name = self.types.unique_type_name()
|
|
926
|
+
if name in self.types:
|
|
927
|
+
return self.types[name]
|
|
928
|
+
ty = TypeRef(name, ty).with_arch(self.manager._kb._project.arch)
|
|
929
|
+
self.types[name] = ty
|
|
930
|
+
return ty
|
|
931
|
+
|
|
932
|
+
def set_variable_type(
|
|
933
|
+
self,
|
|
934
|
+
var: SimVariable,
|
|
935
|
+
ty: SimType,
|
|
936
|
+
name: str | None = None,
|
|
937
|
+
override_bot: bool = True,
|
|
938
|
+
all_unified: bool = False,
|
|
939
|
+
mark_manual: bool = False,
|
|
940
|
+
) -> None:
|
|
941
|
+
if isinstance(ty, SimTypeBottom) and override_bot:
|
|
942
|
+
# we fall back to assigning a default unsigned integer type for the variable
|
|
943
|
+
if var.size is not None:
|
|
944
|
+
size_to_type = {
|
|
945
|
+
1: SimTypeChar,
|
|
946
|
+
2: SimTypeShort,
|
|
947
|
+
4: SimTypeInt,
|
|
948
|
+
8: SimTypeLong,
|
|
949
|
+
}
|
|
950
|
+
if var.size in size_to_type:
|
|
951
|
+
ty = size_to_type[var.size](signed=False, label=ty.label).with_arch(self.manager._kb._project.arch)
|
|
952
|
+
|
|
953
|
+
if name:
|
|
954
|
+
if name not in self.types:
|
|
955
|
+
self.types[name] = TypeRef(name, ty).with_arch(self.manager._kb._project.arch)
|
|
956
|
+
ty = self.types[name]
|
|
957
|
+
elif isinstance(ty, SimTypePointer) and isinstance(ty.pts_to, SimStruct):
|
|
958
|
+
typeref = self._register_struct_type(ty.pts_to)
|
|
959
|
+
ty = ty.copy().with_arch(self.manager._kb._project.arch)
|
|
960
|
+
ty.pts_to = typeref
|
|
961
|
+
elif isinstance(ty, SimStruct):
|
|
962
|
+
ty = self._register_struct_type(ty, name=name)
|
|
963
|
+
|
|
964
|
+
self.variable_to_types[var] = ty
|
|
965
|
+
if mark_manual:
|
|
966
|
+
self.variables_with_manual_types.add(var)
|
|
967
|
+
if all_unified:
|
|
968
|
+
unified = self._variables_to_unified_variables.get(var, None)
|
|
969
|
+
if unified is not None:
|
|
970
|
+
for other_var, other_unified in self._variables_to_unified_variables.items():
|
|
971
|
+
if other_unified is unified and other_var is not var:
|
|
972
|
+
self.variable_to_types[other_var] = ty
|
|
973
|
+
if mark_manual:
|
|
974
|
+
self.variables_with_manual_types.add(other_var)
|
|
975
|
+
|
|
976
|
+
def get_variable_type(self, var) -> SimType | None:
|
|
977
|
+
return self.variable_to_types.get(var, None)
|
|
978
|
+
|
|
979
|
+
def remove_types(self):
|
|
980
|
+
self.types.clear()
|
|
981
|
+
self.variable_to_types.clear()
|
|
982
|
+
|
|
983
|
+
def unify_variables(self) -> None:
|
|
984
|
+
"""
|
|
985
|
+
Map SSA variables to a unified variable. Fill in self._unified_variables.
|
|
986
|
+
"""
|
|
987
|
+
|
|
988
|
+
stack_vars: dict[int, list[SimStackVariable]] = defaultdict(list)
|
|
989
|
+
reg_vars: set[SimRegisterVariable] = set()
|
|
990
|
+
|
|
991
|
+
# unify stack variables based on their locations
|
|
992
|
+
for v in self.get_variables():
|
|
993
|
+
if v in self._variables_to_unified_variables:
|
|
994
|
+
# do not unify twice
|
|
995
|
+
continue
|
|
996
|
+
if isinstance(v, SimStackVariable):
|
|
997
|
+
stack_vars[v.offset].append(v)
|
|
998
|
+
elif isinstance(v, SimRegisterVariable):
|
|
999
|
+
reg_vars.add(v)
|
|
1000
|
+
|
|
1001
|
+
for _, vs in stack_vars.items():
|
|
1002
|
+
unified = vs[0].copy()
|
|
1003
|
+
for v in vs:
|
|
1004
|
+
self.set_unified_variable(v, unified)
|
|
1005
|
+
|
|
1006
|
+
# unify register variables based on phi nodes
|
|
1007
|
+
graph = networkx.DiGraph() # an edge v1 -> v2 means v2 is the phi variable for v1
|
|
1008
|
+
for v, subvs in self._phi_variables.items():
|
|
1009
|
+
if not isinstance(v, SimRegisterVariable):
|
|
1010
|
+
continue
|
|
1011
|
+
for subv in subvs:
|
|
1012
|
+
graph.add_edge(subv, v)
|
|
1013
|
+
|
|
1014
|
+
# prune the graph: remove nodes that have never been used
|
|
1015
|
+
while True:
|
|
1016
|
+
unused_nodes = set()
|
|
1017
|
+
for node in [nn for nn in graph.nodes() if graph.out_degree[nn] == 0]:
|
|
1018
|
+
if not self.get_variable_accesses(node):
|
|
1019
|
+
# this node has never been used - discard it
|
|
1020
|
+
unused_nodes.add(node)
|
|
1021
|
+
if unused_nodes:
|
|
1022
|
+
graph.remove_nodes_from(unused_nodes)
|
|
1023
|
+
else:
|
|
1024
|
+
break
|
|
1025
|
+
|
|
1026
|
+
# convert the directional graph into a non-directional graph
|
|
1027
|
+
graph_ = networkx.Graph()
|
|
1028
|
+
graph_.add_nodes_from(graph.nodes)
|
|
1029
|
+
graph_.add_edges_from(graph.edges)
|
|
1030
|
+
|
|
1031
|
+
for nodes in networkx.connected_components(graph_):
|
|
1032
|
+
if len(nodes) <= 1:
|
|
1033
|
+
continue
|
|
1034
|
+
# side effect of sorting: arg_x variables are always in the front of the list
|
|
1035
|
+
nodes = list(sorted(nodes, key=lambda x: x.ident))
|
|
1036
|
+
unified = nodes[0].copy()
|
|
1037
|
+
for v in nodes:
|
|
1038
|
+
self.set_unified_variable(v, unified)
|
|
1039
|
+
for v in nodes:
|
|
1040
|
+
reg_vars.discard(v)
|
|
1041
|
+
|
|
1042
|
+
for v in reg_vars:
|
|
1043
|
+
self.set_unified_variable(v, v)
|
|
1044
|
+
|
|
1045
|
+
def set_unified_variable(self, variable: SimVariable, unified: SimVariable) -> None:
|
|
1046
|
+
"""
|
|
1047
|
+
Set the unified variable for a given SSA variable.
|
|
1048
|
+
|
|
1049
|
+
:param variable: The SSA variable.
|
|
1050
|
+
:param unified: The unified variable.
|
|
1051
|
+
:return: None
|
|
1052
|
+
"""
|
|
1053
|
+
old_unified = self._variables_to_unified_variables.get(variable, None)
|
|
1054
|
+
if old_unified is not None and old_unified is not unified:
|
|
1055
|
+
self._unified_variables.discard(old_unified)
|
|
1056
|
+
if old_unified.name is not None and not unified.renamed:
|
|
1057
|
+
unified.name = old_unified.name
|
|
1058
|
+
unified.renamed = old_unified.renamed
|
|
1059
|
+
|
|
1060
|
+
self._unified_variables.add(unified)
|
|
1061
|
+
self._variables_to_unified_variables[variable] = unified
|
|
1062
|
+
|
|
1063
|
+
def unified_variable(self, variable: SimVariable) -> SimVariable | None:
|
|
1064
|
+
"""
|
|
1065
|
+
Return the unified variable for a given SSA variable,
|
|
1066
|
+
|
|
1067
|
+
:param variable: The SSA variable.
|
|
1068
|
+
:return: The unified variable, or None if there is no such SSA variable.
|
|
1069
|
+
"""
|
|
1070
|
+
|
|
1071
|
+
return self._variables_to_unified_variables.get(variable, None)
|
|
1072
|
+
|
|
1073
|
+
|
|
1074
|
+
class VariableManager(KnowledgeBasePlugin):
|
|
1075
|
+
"""
|
|
1076
|
+
Manage variables.
|
|
1077
|
+
"""
|
|
1078
|
+
|
|
1079
|
+
def __init__(self, kb):
|
|
1080
|
+
super().__init__(kb=kb)
|
|
1081
|
+
self.global_manager = VariableManagerInternal(self)
|
|
1082
|
+
self.function_managers: dict[int, VariableManagerInternal] = {}
|
|
1083
|
+
|
|
1084
|
+
def __contains__(self, key) -> bool:
|
|
1085
|
+
if key == "global":
|
|
1086
|
+
return True
|
|
1087
|
+
return key in self.function_managers
|
|
1088
|
+
|
|
1089
|
+
def __getitem__(self, key) -> VariableManagerInternal:
|
|
1090
|
+
"""
|
|
1091
|
+
Get the VariableManagerInternal object for a function or a region.
|
|
1092
|
+
|
|
1093
|
+
:param str or int key: Key of the region. "global" for the global region, or a function address for the
|
|
1094
|
+
function.
|
|
1095
|
+
:return: The VariableManagerInternal object.
|
|
1096
|
+
"""
|
|
1097
|
+
|
|
1098
|
+
if key == "global": # pylint:disable=no-else-return
|
|
1099
|
+
return self.global_manager
|
|
1100
|
+
|
|
1101
|
+
else:
|
|
1102
|
+
# key refers to a function address
|
|
1103
|
+
return self.get_function_manager(key)
|
|
1104
|
+
|
|
1105
|
+
def __delitem__(self, key) -> None:
|
|
1106
|
+
"""
|
|
1107
|
+
Remove the existing VariableManagerInternal object for a function or a region.
|
|
1108
|
+
|
|
1109
|
+
:param Union[str,int] key: Key of the region. "global" for the global region, or a function address for the
|
|
1110
|
+
function.
|
|
1111
|
+
:return: None
|
|
1112
|
+
"""
|
|
1113
|
+
|
|
1114
|
+
if key == "global":
|
|
1115
|
+
self.global_manager = VariableManagerInternal(self)
|
|
1116
|
+
else:
|
|
1117
|
+
del self.function_managers[key]
|
|
1118
|
+
|
|
1119
|
+
def has_function_manager(self, key: int) -> bool:
|
|
1120
|
+
return key in self.function_managers
|
|
1121
|
+
|
|
1122
|
+
def get_function_manager(self, func_addr) -> VariableManagerInternal:
|
|
1123
|
+
if isinstance(func_addr, str):
|
|
1124
|
+
func_addr = self._kb.labels.lookup(func_addr)
|
|
1125
|
+
elif not isinstance(func_addr, int):
|
|
1126
|
+
raise TypeError('Argument "func_addr" must be an int.')
|
|
1127
|
+
|
|
1128
|
+
if func_addr not in self.function_managers:
|
|
1129
|
+
self.function_managers[func_addr] = VariableManagerInternal(self, func_addr=func_addr)
|
|
1130
|
+
|
|
1131
|
+
return self.function_managers[func_addr]
|
|
1132
|
+
|
|
1133
|
+
def initialize_variable_names(self) -> None:
|
|
1134
|
+
self.global_manager.assign_variable_names()
|
|
1135
|
+
for manager in self.function_managers.values():
|
|
1136
|
+
manager.assign_variable_names()
|
|
1137
|
+
|
|
1138
|
+
def get_variable_accesses(self, variable: SimVariable, same_name: bool = False) -> list[VariableAccess]:
|
|
1139
|
+
"""
|
|
1140
|
+
Get a list of all references to the given variable.
|
|
1141
|
+
|
|
1142
|
+
:param variable: The variable.
|
|
1143
|
+
:param same_name: Whether to include all variables with the same variable name, or just based on the
|
|
1144
|
+
variable identifier.
|
|
1145
|
+
:return: All references to the variable.
|
|
1146
|
+
"""
|
|
1147
|
+
|
|
1148
|
+
if variable.region == "global":
|
|
1149
|
+
return self.global_manager.get_variable_accesses(variable, same_name=same_name)
|
|
1150
|
+
|
|
1151
|
+
elif variable.region in self.function_managers:
|
|
1152
|
+
return self.function_managers[variable.region].get_variable_accesses(variable, same_name=same_name)
|
|
1153
|
+
|
|
1154
|
+
l.warning("get_variable_accesses(): Region %s is not found.", variable.region)
|
|
1155
|
+
return []
|
|
1156
|
+
|
|
1157
|
+
def copy(self):
|
|
1158
|
+
raise NotImplementedError
|
|
1159
|
+
|
|
1160
|
+
@staticmethod
|
|
1161
|
+
def convert_variable_list(vlist: list[Variable], manager: VariableManagerInternal):
|
|
1162
|
+
for v in vlist:
|
|
1163
|
+
simv = None
|
|
1164
|
+
if v.type is None:
|
|
1165
|
+
l.warning("skipped unknown type for %s", v.name)
|
|
1166
|
+
continue
|
|
1167
|
+
if v.sort == "global":
|
|
1168
|
+
simv = SimMemoryVariable(v.addr, v.type.byte_size)
|
|
1169
|
+
elif v.sort == "register":
|
|
1170
|
+
simv = SimRegisterVariable(v.addr, v.type.byte_size)
|
|
1171
|
+
elif v.sort == "stack":
|
|
1172
|
+
simv = SimStackVariable(v.addr, v.type.byte_size)
|
|
1173
|
+
else:
|
|
1174
|
+
l.warning("undefined variable sort %s for %s", v.sort, v.addr)
|
|
1175
|
+
continue
|
|
1176
|
+
simv.name = v.name
|
|
1177
|
+
manager.add_variable(v.sort, v.addr, simv)
|
|
1178
|
+
|
|
1179
|
+
def load_from_dwarf(self, cu_list: list[CompilationUnit] = None):
|
|
1180
|
+
cu_list = cu_list or self._kb._project.loader.main_object.compilation_units
|
|
1181
|
+
if cu_list is None:
|
|
1182
|
+
l.warning("no CompilationUnit found")
|
|
1183
|
+
return
|
|
1184
|
+
for cu in cu_list:
|
|
1185
|
+
self.convert_variable_list(cu.global_variables, self.global_manager)
|
|
1186
|
+
for low_pc, subp in cu.functions.items():
|
|
1187
|
+
manager = self.get_function_manager(low_pc)
|
|
1188
|
+
self.convert_variable_list(subp.local_variables, manager)
|
|
1189
|
+
|
|
1190
|
+
|
|
1191
|
+
KnowledgeBasePlugin.register_default("variables", VariableManager)
|