angr 9.2.119__py3-none-macosx_11_0_arm64.whl → 9.2.121__py3-none-macosx_11_0_arm64.whl

angr/engines/vex/claripy/__init__.py

@@ -1,2 +1,5 @@
 from __future__ import annotations
+
 from .datalayer import ClaripyDataMixin
+
+__all__ = ("ClaripyDataMixin",)

angr/engines/vex/claripy/ccall.py

@@ -7,7 +7,6 @@ from angr.state_plugins.sim_action_object import _raw_ast, SimActionObject
 from angr import errors
 
 l = logging.getLogger(name=__name__)
-# l.setLevel(logging.DEBUG)
 
 # pylint: disable=R0911
 # pylint: disable=W0613
@@ -44,7 +43,7 @@ def boolean_extend(O, a, b, size):
 def op_concretize(op):
     if type(op) is int:
         return op
-    op_e = op.ite_excavated
+    op_e = claripy.excavate_ite(op)
     if op_e.op == "If":
         cases = list(claripy.reverse_ite_cases(op_e))
         if all(c.op == "BVV" for _, c in cases):
@@ -57,7 +56,7 @@ def op_concretize(op):
 
 
 def strip_simaction(val):
-    if type(val) == SimActionObject:
+    if isinstance(val, SimActionObject):
         return _raw_ast(val)
     return val
 

angr/engines/vex/claripy/datalayer.py

@@ -1,14 +1,15 @@
 from __future__ import annotations
+
 import logging
 
 import claripy
 import pyvex
 
-from . import irop
-from . import ccall
-from ..light import VEXMixin
-from .... import errors
-from .... import sim_options as o
+from angr import errors
+from angr import sim_options as o
+from angr.engines.vex.light import VEXMixin
+
+from . import ccall, irop
 
 l = logging.getLogger(__name__)
 zero = claripy.BVV(0, 32)
@@ -39,13 +40,8 @@ class ClaripyDataMixin(VEXMixin):
 
     # util methods
 
-    def _is_true(self, v):
-        return claripy.is_true(v)
-
-    def _is_false(self, v):
-        return claripy.is_false(v)
-
-    def _optimize_guarded_addr(self, addr, guard):
+    @staticmethod
+    def _optimize_guarded_addr(addr, guard):
         # optimization: is the guard the same as the condition inside the address? if so, unpack the address and remove
         # the guarding condition.
         if (
@@ -65,6 +61,7 @@ class ClaripyDataMixin(VEXMixin):
 
     # statements
 
+    # pylint: disable=too-many-positional-arguments
     def _perform_vex_stmt_LoadG(self, addr, alt, guard, dst, cvt, end):
         addr = self._optimize_guarded_addr(addr, guard)
         super()._perform_vex_stmt_LoadG(addr, alt, guard, dst, cvt, end)

angr/engines/vex/heavy/__init__.py

@@ -1,6 +1,16 @@
 from __future__ import annotations
+
+from .actions import TrackActionsMixin
 from .heavy import HeavyVEXMixin
 from .inspect import SimInspectMixin
-from .actions import TrackActionsMixin
 from .resilience import HeavyResilienceMixin
 from .super_fastpath import SuperFastpathMixin
+
+
+__all__ = (
+    "TrackActionsMixin",
+    "HeavyVEXMixin",
+    "SimInspectMixin",
+    "HeavyResilienceMixin",
+    "SuperFastpathMixin",
+)

angr/engines/vex/heavy/actions.py

@@ -1,10 +1,11 @@
 from __future__ import annotations
-import pyvex
 
-from .heavy import HeavyVEXMixin
+import pyvex
 
-from angr.state_plugins.sim_action import SimActionObject, SimActionData, SimActionExit, SimActionOperation
 from angr import sim_options as o
+from angr.state_plugins.sim_action import SimActionData, SimActionExit, SimActionObject, SimActionOperation
+
+from .heavy import HeavyVEXMixin
 
 
 class TrackActionsMixin(HeavyVEXMixin):
@@ -15,12 +16,6 @@ class TrackActionsMixin(HeavyVEXMixin):
 
     __tls = ("__tmp_deps",)
 
-    def _is_true(self, v):
-        return super()._is_true(v[0])
-
-    def _is_false(self, v):
-        return super()._is_false(v[0])
-
     def _optimize_guarded_addr(self, addr, guard):
         addr, addr_deps = addr
         guard, _ = guard
@@ -97,8 +92,8 @@ class TrackActionsMixin(HeavyVEXMixin):
             a = self.__tmp_deps.get(tmp, frozenset())
         return result, a
 
-    def _perform_vex_expr_Get(self, offset_bundle, ty, **kwargs):
-        offset, offset_deps = offset_bundle
+    def _perform_vex_expr_Get(self, offset, ty, **kwargs):
+        offset, offset_deps = offset
         result = super()._perform_vex_expr_Get(offset, ty, **kwargs)
 
         if o.TRACK_REGISTER_ACTIONS in self.state.options:
@@ -117,15 +112,15 @@ class TrackActionsMixin(HeavyVEXMixin):
             a = frozenset()
         return result, a
 
-    def _perform_vex_expr_Load(self, addr_bundle, ty, end, condition=None, **kwargs):
-        addr, addr_deps = addr_bundle
+    def _perform_vex_expr_Load(self, addr, ty, endness, condition=None, **kwargs):
+        addr, addr_deps = addr
 
         if condition is not None:
             condition, condition_deps = condition
         else:
             condition_deps = None
 
-        result = super()._perform_vex_expr_Load(addr, ty, end, condition=condition, **kwargs)
+        result = super()._perform_vex_expr_Load(addr, ty, endness, condition=condition, **kwargs)
 
         if o.TRACK_MEMORY_ACTIONS in self.state.options:
             addr_ao = SimActionObject(addr, deps=addr_deps, state=self.state)
@@ -162,9 +157,9 @@ class TrackActionsMixin(HeavyVEXMixin):
             self.__tmp_deps[tmp] = data_deps
         super()._perform_vex_stmt_WrTmp(tmp, data, deps=data_deps)
 
-    def _perform_vex_stmt_Put(self, offset_bundle, data_bundle, **kwargs):
-        offset, offset_deps = offset_bundle
-        data, data_deps = data_bundle
+    def _perform_vex_stmt_Put(self, offset, data, **kwargs):
+        offset, _ = offset
+        data, data_deps = data
         # track the put
         if o.TRACK_REGISTER_ACTIONS in self.state.options:
             data_ao = SimActionObject(data, deps=data_deps, state=self.state)
@@ -178,9 +173,9 @@ class TrackActionsMixin(HeavyVEXMixin):
 
         super()._perform_vex_stmt_Put(offset, data, action=a, **kwargs)
 
-    def _perform_vex_stmt_Store(self, addr_bundle, data_bundle, end, condition=None, **kwargs):
-        addr, addr_deps = addr_bundle
-        data, data_deps = data_bundle
+    def _perform_vex_stmt_Store(self, addr, data, endness, condition=None, **kwargs):
+        addr, addr_deps = addr
+        data, data_deps = data
 
         if condition is not None:
             condition, condition_deps = condition
@@ -210,11 +205,11 @@ class TrackActionsMixin(HeavyVEXMixin):
         else:
             a = None
 
-        super()._perform_vex_stmt_Store(addr, data, end, action=a, condition=condition, **kwargs)
+        super()._perform_vex_stmt_Store(addr, data, endness, action=a, condition=condition, **kwargs)
 
-    def _perform_vex_stmt_Exit(self, guard_bundle, target_bundle, jumpkind):
-        guard, guard_deps = guard_bundle
-        target, target_deps = target_bundle
+    def _perform_vex_stmt_Exit(self, guard, expr, jumpkind):
+        guard, guard_deps = guard
+        target, target_deps = expr
 
         if o.TRACK_JMP_ACTIONS in self.state.options:
             guard_ao = SimActionObject(guard, deps=guard_deps, state=self.state)

angr/engines/vex/heavy/heavy.py

@@ -4,12 +4,12 @@ import claripy
 import pyvex
 
 from angr.engines.engine import SuccessorsMixin
-from ..light import VEXMixin
-from ..lifter import VEXLifter
-from ..claripy.datalayer import ClaripyDataMixin, symbol
-from ....utils.constants import DEFAULT_STATEMENT
-from .... import sim_options as o
-from .... import errors
+from angr.engines.vex.light import VEXMixin
+from angr.engines.vex.lifter import VEXLifter
+from angr.engines.vex.claripy.datalayer import ClaripyDataMixin, symbol
+from angr.utils.constants import DEFAULT_STATEMENT
+from angr import sim_options as o
+from angr import errors
 from . import dirty
 
 l = logging.getLogger(__name__)
@@ -251,7 +251,13 @@ class HeavyVEXMixin(SuccessorsMixin, ClaripyDataMixin, SimStateStorageMixin, VEX
 
         # Raise an exception if we're suddenly in self-modifying code
         if (self.project is None or self.project.selfmodifying_code) and self.state.scratch.dirty_addrs:
-            for subaddr in range(stmt.len):
+            instruction_len = stmt.len
+            if instruction_len == 0:
+                # We don't know how long this instruction is.
+                # Conservatively assume it is the maximum instruction
+                # length for the purpose of dirty checks.
+                instruction_len = self.project.arch.max_inst_bytes
+            for subaddr in range(instruction_len):
                 if subaddr + stmt.addr in self.state.scratch.dirty_addrs:
                     raise errors.SimReliftException(self.state)
 

angr/engines/vex/heavy/inspect.py

@@ -1,6 +1,6 @@
 from __future__ import annotations
-from ..light import VEXMixin
-from ....state_plugins import BP_BEFORE, BP_AFTER, NO_OVERRIDE
+from angr.engines.vex.light import VEXMixin
+from angr.state_plugins import BP_BEFORE, BP_AFTER, NO_OVERRIDE
 
 
 class SimInspectMixin(VEXMixin):

angr/engines/vex/heavy/resilience.py

@@ -4,8 +4,8 @@ import pyvex
 from angr import sim_options as o
 
 from .concretizers import concretizers
-from ..light.resilience import VEXResilienceMixin, raiseme
-from ..claripy.datalayer import ClaripyDataMixin, symbol, value
+from angr.engines.vex.light.resilience import VEXResilienceMixin, raiseme
+from angr.engines.vex.claripy.datalayer import ClaripyDataMixin, symbol, value
 
 
 class HeavyResilienceMixin(VEXResilienceMixin, ClaripyDataMixin):

angr/engines/vex/heavy/super_fastpath.py

@@ -2,9 +2,9 @@ from __future__ import annotations
 import pyvex
 import claripy
 
-from .... import sim_options as o
-from ....errors import SimMissingTempError
-from ..light.slicing import VEXSlicingMixin
+from angr import sim_options as o
+from angr.errors import SimMissingTempError
+from angr.engines.vex.light.slicing import VEXSlicingMixin
 
 
 class SuperFastpathMixin(VEXSlicingMixin):

angr/engines/vex/lifter.py

@@ -8,11 +8,11 @@ import cle
 from archinfo import ArchARM
 import claripy
 
-from ..engine import SimEngineBase
-from ...state_plugins.inspect import BP_AFTER, BP_BEFORE, NO_OVERRIDE
-from ...misc.ux import once
-from ...errors import SimEngineError, SimTranslationError, SimError
-from ... import sim_options as o
+from angr.engines.engine import SimEngineBase
+from angr.state_plugins.inspect import BP_AFTER, BP_BEFORE, NO_OVERRIDE
+from angr.misc.ux import once
+from angr.errors import SimEngineError, SimTranslationError, SimError
+from angr import sim_options as o
 
 l = logging.getLogger(__name__)
 
@@ -93,6 +93,7 @@ class VEXLifter(SimEngineBase):
         collect_data_refs=False,
         cross_insn_opt=None,
         load_from_ro_regions=False,
+        const_prop=False,
     ):
         """
         Lift an IRSB.
@@ -170,7 +171,7 @@ class VEXLifter(SimEngineBase):
         have_patches = self.project and self.project.kb.patches.items()
 
         # FIXME: cache ignores provided state
-        use_cache = self._use_cache and not (skip_stmts or collect_data_refs or have_patches)
+        use_cache = self._use_cache and not (skip_stmts or collect_data_refs or have_patches or const_prop)
 
         # phase 2: thumb normalization
         thumb = int(thumb)
@@ -261,6 +262,7 @@ class VEXLifter(SimEngineBase):
                     collect_data_refs=collect_data_refs,
                     load_from_ro_regions=load_from_ro_regions,
                     cross_insn_opt=cross_insn_opt,
+                    const_prop=const_prop,
                 )
 
                 if subphase == 0 and irsb.statements is not None:

angr/engines/vex/light/__init__.py

@@ -1,4 +1,11 @@
 from __future__ import annotations
+
 from .light import VEXMixin
 from .resilience import VEXResilienceMixin
 from .slicing import VEXSlicingMixin
+
+__all__ = (
+    "VEXMixin",
+    "VEXResilienceMixin",
+    "VEXSlicingMixin",
+)

angr/engines/vex/light/light.py

@@ -3,8 +3,8 @@ import logging
 
 import pyvex
 
-from ...engine import SimEngineBase
-from ....utils.constants import DEFAULT_STATEMENT
+from angr.engines.engine import SimEngineBase
+from angr.utils.constants import DEFAULT_STATEMENT
 
 l = logging.getLogger(name=__name__)
 
@@ -394,7 +394,7 @@ class VEXMixin(SimEngineBase):
         # guarded address). This way we get rid of the redundant load that should have existed in the first place.
 
         ty, cvt_op = cvt_properties[cvt]
-        if self._is_false(guard):
+        if self.state.solver.is_true(guard[0] == 0):
             self._perform_vex_stmt_LoadG_wrtmp(dst, alt)
             return
         load_result = self._perform_vex_stmt_LoadG_load(
@@ -436,7 +436,7 @@ class VEXMixin(SimEngineBase):
 
     def _perform_vex_stmt_StoreG(self, addr, data, guard, ty, endness, **kwargs):
         # perform the same optimization as in _perform_vex_stmt_LoadG
-        if self._is_false(guard):
+        if self.state.solver.is_true(guard[0] == 0):
             return
         self._perform_vex_stmt_StoreG_store(
             addr, data, endness, condition=self._perform_vex_stmt_StoreG_guard_condition(guard), **kwargs

angr/engines/vex/light/slicing.py

@@ -1,6 +1,6 @@
 from __future__ import annotations
 from .light import VEXMixin
-from ....utils.constants import DEFAULT_STATEMENT
+from angr.utils.constants import DEFAULT_STATEMENT
 
 
 class VEXSlicingMixin(VEXMixin):

angr/errors.py

@@ -66,10 +66,6 @@ class AngrBackwardSlicingError(AngrError):
     pass
 
 
-class AngrGirlScoutError(AngrError):
-    pass
-
-
 class AngrCallableError(AngrSurveyorError):
     pass
 

angr/exploration_techniques/__init__.py

@@ -141,7 +141,6 @@ from .tech_builder import TechniqueBuilder
 from .stochastic import StochasticSearch
 from .unique import UniqueSearch
 from .symbion import Symbion
-from ..errors import AngrError, AngrExplorationTechniqueError
 from .memory_watcher import MemoryWatcher
 from .bucketizer import Bucketizer
 from .local_loop_seer import LocalLoopSeer

angr/exploration_techniques/bucketizer.py

@@ -3,11 +3,10 @@ import math
 from collections import defaultdict
 import logging
 
-from ..engines.successors import SimSuccessors
+from angr.engines.successors import SimSuccessors
 from . import ExplorationTechnique
 
 _l = logging.getLogger(__name__)
-_l.setLevel(logging.DEBUG)
 
 
 class Bucketizer(ExplorationTechnique):
@@ -15,9 +14,6 @@ class Bucketizer(ExplorationTechnique):
     Loop bucketization: Pick log(n) paths out of n possible paths, and stash (or drop) everything else.
     """
 
-    def __init__(self):
-        super().__init__()
-
     def successors(self, simgr, state, **kwargs):
         # step first
         successors: SimSuccessors = super().successors(simgr, state, **kwargs)
@@ -50,7 +46,8 @@ class Bucketizer(ExplorationTechnique):
         successors.successors = new_successors
         return successors
 
-    def _get_transition_dict(self, state):
+    @staticmethod
+    def _get_transition_dict(state):
         """
 
         :param SimState state:
@@ -64,7 +61,8 @@ class Bucketizer(ExplorationTechnique):
             state.globals["transition"] = t
         return t
 
-    def _record_transition(self, state, transition):
+    @staticmethod
+    def _record_transition(state, transition):
         """
 
         :param SimState state:
@@ -72,12 +70,13 @@ class Bucketizer(ExplorationTechnique):
         :return:
         """
 
-        t = self._get_transition_dict(state).copy()
+        t = Bucketizer._get_transition_dict(state).copy()
         t[transition] += 1
 
         state.globals["transition"] = t
 
-    def _accept_transition(self, state, transition):
+    @staticmethod
+    def _accept_transition(state, transition):
         """
 
         :param SimState state:
@@ -85,7 +84,7 @@ class Bucketizer(ExplorationTechnique):
         :return:
         """
 
-        t = self._get_transition_dict(state)
+        t = Bucketizer._get_transition_dict(state)
 
         if t[transition] == 0:
             _l.error("Impossible: Transition %s has 0 occurrences.", transition)

angr/exploration_techniques/common.py

@@ -1,6 +1,6 @@
 from __future__ import annotations
-from .. import engines
-from ..errors import SimError, AngrError, AngrExplorationTechniqueError
+from angr import engines
+from angr.errors import SimError, AngrError, AngrExplorationTechniqueError
 
 
 def condition_to_lambda(condition, default=False):

angr/exploration_techniques/director.py

@@ -6,10 +6,10 @@ import networkx
 
 import claripy
 
-from ..sim_type import SimType, SimTypePointer, SimTypeChar, SimTypeString, SimTypeReg
-from ..calling_conventions import default_cc
-from ..knowledge_base import KnowledgeBase
-from ..errors import AngrDirectorError
+from angr.sim_type import SimType, SimTypePointer, SimTypeChar, SimTypeString, SimTypeReg
+from angr.calling_conventions import default_cc
+from angr.knowledge_base import KnowledgeBase
+from angr.errors import AngrDirectorError
 from . import ExplorationTechnique
 
 l = logging.getLogger(name=__name__)

angr/exploration_techniques/explorer.py

@@ -4,8 +4,8 @@ import claripy
 
 from . import ExplorationTechnique
 from .common import condition_to_lambda
-from .. import sim_options
-from ..state_plugins.sim_event import resource_event
+from angr import sim_options
+from angr.state_plugins.sim_event import resource_event
 
 l = logging.getLogger(name=__name__)
 
@@ -48,7 +48,7 @@ class Explorer(ExplorationTechnique):
         self._warned_unicorn = False
 
         # TODO: This is a hack for while CFGFast doesn't handle procedure continuations
-        from .. import analyses  # pylint: disable=import-outside-toplevel
+        from angr import analyses  # pylint: disable=import-outside-toplevel
 
         if isinstance(cfg, analyses.CFGFast):
             l.error("CFGFast is currently inappropriate for use with Explorer.")

angr/exploration_techniques/loop_seer.py

@@ -2,8 +2,8 @@ from __future__ import annotations
 import logging
 
 from . import ExplorationTechnique
-from ..knowledge_base import KnowledgeBase
-from ..knowledge_plugins.functions import Function
+from angr.knowledge_base import KnowledgeBase
+from angr.knowledge_plugins.functions import Function
 
 
 l = logging.getLogger(name=__name__)
@@ -233,4 +233,4 @@ class LoopSeer(ExplorationTechnique):
         return f
 
 
-from ..analyses.loopfinder import Loop
+from angr.analyses.loopfinder import Loop

angr/exploration_techniques/oppologist.py

@@ -6,9 +6,9 @@ import logging
 
 l = logging.getLogger(name=__name__)
 
-from ..errors import AngrError, SimError, SimUnsupportedError, SimCCallError
-from .. import sim_options
-from ..engines.successors import SimSuccessors
+from angr.errors import AngrError, SimError, SimUnsupportedError, SimCCallError
+from angr import sim_options
+from angr.engines.successors import SimSuccessors
 
 exc_list = (AngrError, SimError, claripy.ClaripyError, TypeError, ValueError, ArithmeticError, MemoryError)
 

angr/exploration_techniques/slicecutor.py

@@ -1,5 +1,5 @@
 from __future__ import annotations
-from ..errors import AngrExitError
+from angr.errors import AngrExitError
 from . import ExplorationTechnique
 
 import logging

angr/exploration_techniques/spiller.py

@@ -279,4 +279,4 @@ class Spiller(ExplorationTechnique):
         return id(state)
 
 
-from .. import vaults
+from angr import vaults

angr/exploration_techniques/suggestions.py

@@ -3,10 +3,10 @@ import logging
 import claripy
 
 from . import ExplorationTechnique
-from ..misc.ux import once
-from ..misc.picklable_lock import PicklableLock
-from ..state_plugins.sim_action import SimActionConstraint
-from ..state_plugins.sim_action_object import SimActionObject
+from angr.misc.ux import once
+from angr.misc.picklable_lock import PicklableLock
+from angr.state_plugins.sim_action import SimActionConstraint
+from angr.state_plugins.sim_action_object import SimActionObject
 
 l = logging.getLogger(__name__)
 

angr/exploration_techniques/symbion.py

@@ -4,7 +4,6 @@ from .common import condition_to_lambda
 from . import ExplorationTechnique
 
 l = logging.getLogger("angr.exploration_techniques.symbion")
-# l.setLevel(logging.DEBUG)
 
 
 class Symbion(ExplorationTechnique):

angr/exploration_techniques/threading.py

@@ -4,8 +4,8 @@ import concurrent.futures
 import logging
 
 from . import ExplorationTechnique
-from ..engines.engine import TLSMixin
-from ..misc.ux import once
+from angr.engines.engine import TLSMixin
+from angr.misc.ux import once
 
 l = logging.getLogger(__name__)
 

angr/exploration_techniques/tracer.py

@@ -7,8 +7,8 @@ import claripy
 from capstone import CS_GRP_CALL, CS_GRP_IRET, CS_GRP_JUMP, CS_GRP_RET
 
 from . import ExplorationTechnique
-from .. import BP_BEFORE, BP_AFTER, sim_options
-from ..errors import AngrTracerError, SimIRSBNoDecodeError
+from angr import BP_BEFORE, BP_AFTER, sim_options
+from angr.errors import AngrTracerError, SimIRSBNoDecodeError
 
 if TYPE_CHECKING:
     from angr.sim_state import SimState
@@ -60,7 +60,7 @@ class RepHook:
         return p.execute(state, None, arguments=e_args)
 
     def run(self, state):
-        from .. import SIM_PROCEDURES  # pylint: disable=import-outside-toplevel
+        from angr import SIM_PROCEDURES  # pylint: disable=import-outside-toplevel
 
         dst = state.regs.edi if state.arch.name == "X86" else state.regs.rdi
 

angr/exploration_techniques/veritesting.py

@@ -1,7 +1,7 @@
 from __future__ import annotations
 from . import ExplorationTechnique
 
-from ..sim_options import EFFICIENT_STATE_MERGING
+from angr.sim_options import EFFICIENT_STATE_MERGING
 
 
 class Veritesting(ExplorationTechnique):

angr/factory.py

@@ -289,6 +289,7 @@ class AngrObjectFactory:
         collect_data_refs=False,
         cross_insn_opt=True,
         load_from_ro_regions=False,
+        const_prop=False,
         initial_regs=None,
         skip_stmts=False,
     ) -> Block: ...
@@ -312,6 +313,8 @@ class AngrObjectFactory:
         insn_text=None,  # backward compatibility
         strict_block_end=None,
         collect_data_refs=False,
+        load_from_ro_regions=False,
+        const_prop=False,
         cross_insn_opt=True,
         skip_stmts=False,
     ) -> SootBlock: ...
@@ -335,6 +338,7 @@ class AngrObjectFactory:
         collect_data_refs=False,
         cross_insn_opt=True,
         load_from_ro_regions=False,
+        const_prop=False,
         initial_regs=None,
         skip_stmts=False,
     ):
@@ -372,6 +376,7 @@ class AngrObjectFactory:
             collect_data_refs=collect_data_refs,
             cross_insn_opt=cross_insn_opt,
             load_from_ro_regions=load_from_ro_regions,
+            const_prop=const_prop,
             initial_regs=initial_regs,
             skip_stmts=skip_stmts,
         )

angr/flirt/__init__.py

@@ -1,7 +1,6 @@
 # This submodule stores and manages FLIRT signatures
 from __future__ import annotations
 
-from typing import Set, List, Dict, Optional
 import os
 import json
 from collections import defaultdict