PyPI - angr - Versions diffs - 9.2.129__py3-none-macosx_11_0_arm64.whl → 9.2.131__py3-none-macosx_11_0_arm64.whl - Mend

angr 9.2.129__py3-none-macosx_11_0_arm64.whl → 9.2.131__py3-none-macosx_11_0_arm64.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of angr might be problematic. Click here for more details.

Files changed (41) hide show

angr/analyses/decompiler/structuring/phoenix.py CHANGED Viewed

@@ -20,6 +20,7 @@ from angr.utils.graph import dominates, to_acyclic_graph, dfs_back_edges
 from angr.analyses.decompiler.sequence_walker import SequenceWalker
 from angr.analyses.decompiler.utils import (
     remove_last_statement,
+    remove_last_statements,
     extract_jump_targets,
     switch_extract_cmp_bounds,
     is_empty_or_label_only_node,
@@ -1191,8 +1192,10 @@ class PhoenixStructurer(StructurerBase):
             # update node_a
             node_a = next(iter(nn for nn in graph.nodes if nn.addr == target))
         if isinstance(node_a, IncompleteSwitchCaseNode):
-            self._unpack_incompleteswitchcasenode(graph, node_a)
-            self._unpack_incompleteswitchcasenode(full_graph, node_a)
+            r = self._unpack_incompleteswitchcasenode(graph, node_a)
+            if not r:
+                return False
+            self._unpack_incompleteswitchcasenode(full_graph, node_a)  # this shall not fail
             # update node_a
             node_a = next(iter(nn for nn in graph.nodes if nn.addr == target))
@@ -1307,7 +1310,9 @@ class PhoenixStructurer(StructurerBase):
         ):
             out_nodes = set()
             for succ in successors:
-                out_nodes |= set(full_graph.successors(succ))
+                out_nodes |= {
+                    succ for succ in full_graph.successors(succ) if succ is not node and succ not in successors
+                }
             out_nodes = list(out_nodes)
             if len(out_nodes) <= 1:
                 new_node = IncompleteSwitchCaseNode(node.addr, node, successors)
@@ -1507,7 +1512,10 @@ class PhoenixStructurer(StructurerBase):
                     if node_default is not None:
                         all_case_nodes.append(node_default)
                     case_node: SequenceNode = next(nn for nn in all_case_nodes if nn.addr == out_src.addr)
-                    case_node_last_stmt = self.cond_proc.get_last_statement(case_node)
+                    try:
+                        case_node_last_stmt = self.cond_proc.get_last_statement(case_node)
+                    except EmptyBlockNotice:
+                        case_node_last_stmt = None
                     if not isinstance(case_node_last_stmt, Jump):
                         jump_stmt = Jump(
                             None, Const(None, None, head.addr, self.project.arch.bits), None, ins_addr=out_src.addr
@@ -1538,7 +1546,7 @@ class PhoenixStructurer(StructurerBase):
         if node_a is not None:
             # remove the last statement in node_a
-            remove_last_statement(node_a)
+            remove_last_statements(node_a)
         return True
@@ -2308,7 +2316,7 @@ class PhoenixStructurer(StructurerBase):
             if new_src is not None:
                 self.replace_nodes(full_graph, src, new_src)
         if remove_src_last_stmt:
-            remove_last_statement(src)
+            remove_last_statements(src)
     def _should_use_multistmtexprs(self, node: Block | BaseNode) -> bool:
         """
@@ -2459,7 +2467,7 @@ class PhoenixStructurer(StructurerBase):
         return True, new_seq
     @staticmethod
-    def _unpack_incompleteswitchcasenode(graph: networkx.DiGraph, incscnode: IncompleteSwitchCaseNode):
+    def _unpack_incompleteswitchcasenode(graph: networkx.DiGraph, incscnode: IncompleteSwitchCaseNode) -> bool:
         preds = list(graph.predecessors(incscnode))
         succs = list(graph.successors(incscnode))
         if len(succs) <= 1:
@@ -2470,6 +2478,8 @@ class PhoenixStructurer(StructurerBase):
                 graph.add_edge(incscnode.head, case_node)
                 if succs:
                     graph.add_edge(case_node, succs[0])
+            return True
+        return False
     @staticmethod
     def _count_statements(node: BaseNode | Block) -> int:

angr/analyses/decompiler/utils.py CHANGED Viewed

@@ -45,6 +45,33 @@ def remove_last_statement(node):
     return stmt
+def remove_last_statements(node) -> bool:
+    if type(node) is CodeNode:
+        return remove_last_statements(node.node)
+    if type(node) is ailment.Block:
+        if not node.statements:
+            return False
+        node.statements = node.statements[:-1]
+        return True
+    if type(node) is MultiNode or type(node) is SequenceNode:
+        if node.nodes:
+            remove_last_statements(node.nodes[-1])
+            if BaseNode.test_empty_node(node.nodes[-1]):
+                node.nodes = node.nodes[:-1]
+            return True
+        return False
+    if type(node) is ConditionNode:
+        r = False
+        if node.true_node is None and node.false_node is not None:
+            r |= remove_last_statements(node.false_node)
+        if node.true_node is not None and node.false_node is None:
+            r |= remove_last_statements(node.true_node)
+        return r
+    if type(node) is LoopNode:
+        return remove_last_statements(node.sequence_node)
+    raise NotImplementedError
 def append_statement(node, stmt):
     if type(node) is CodeNode:
         append_statement(node.node, stmt)

angr/analyses/s_propagator.py CHANGED Viewed

@@ -214,16 +214,34 @@ class SPropagatorAnalysis(Analysis):
             if self._sp_tracker is not None and vvar.category == VirtualVariableCategory.REGISTER:
                 if vvar.oident == self.project.arch.sp_offset:
+                    sp_bits = (
+                        (self.project.arch.registers["sp"][1] * self.project.arch.byte_width)
+                        if "sp" in self.project.arch.registers
+                        else None
+                    )
                     for vvar_at_use, useloc in vvar_uselocs[vvar.varid]:
                         sb_offset = self._sp_tracker.offset_before(useloc.ins_addr, self.project.arch.sp_offset)
                         if sb_offset is not None:
-                            replacements[useloc][vvar_at_use] = StackBaseOffset(None, self.project.arch.bits, sb_offset)
+                            v = StackBaseOffset(None, self.project.arch.bits, sb_offset)
+                            if sp_bits is not None and vvar.bits < sp_bits:
+                                # truncation needed
+                                v = Convert(None, sp_bits, vvar.bits, False, v)
+                            replacements[useloc][vvar_at_use] = v
                     continue
                 if not self._bp_as_gpr and vvar.oident == self.project.arch.bp_offset:
+                    bp_bits = (
+                        (self.project.arch.registers["bp"][1] * self.project.arch.byte_width)
+                        if "bp" in self.project.arch.registers
+                        else None
+                    )
                     for vvar_at_use, useloc in vvar_uselocs[vvar.varid]:
                         sb_offset = self._sp_tracker.offset_before(useloc.ins_addr, self.project.arch.bp_offset)
                         if sb_offset is not None:
-                            replacements[useloc][vvar_at_use] = StackBaseOffset(None, self.project.arch.bits, sb_offset)
+                            v = StackBaseOffset(None, self.project.arch.bits, sb_offset)
+                            if bp_bits is not None and vvar.bits < bp_bits:
+                                # truncation needed
+                                v = Convert(None, bp_bits, vvar.bits, False, v)
+                            replacements[useloc][vvar_at_use] = v
                     continue
         # find all tmp definitions

angr/analyses/typehoon/simple_solver.py CHANGED Viewed

@@ -190,7 +190,11 @@ class Sketch:
                 for _, dst, data in self.graph.out_edges(node, data=True):
                     if "label" in data and data["label"] == label:
                         succs.append(dst)
-                assert len(succs) <= 1
+                if len(succs) > 1:
+                    _l.warning(
+                        "Multiple successors found for node %s with label %s. Picking the first one.", node, label
+                    )
+                    succs = succs[:1]
                 if not succs:
                     return None
                 node = succs[0]
@@ -1166,7 +1170,10 @@ class SimpleSolver:
             for labels, succ in path_and_successors:
                 last_label = labels[-1] if labels else None
                 if isinstance(last_label, HasField):
-                    candidate_bases[last_label.offset].add(last_label.bits // 8)
+                    # TODO: Really determine the maximum possible size of the field when MAX_POINTSTO_BITS is in use
+                    candidate_bases[last_label.offset].add(
+                        1 if last_label.bits == MAX_POINTSTO_BITS else (last_label.bits // 8)
+                    )
             node_to_base = {}

angr/analyses/typehoon/typehoon.py CHANGED Viewed

@@ -103,8 +103,11 @@ class Typehoon(Analysis):
         print(f"### {sum(map(len, self._constraints.values()))} constraints")
         for func_var in self._constraints:
             print(f"{func_var}:")
+            lst = []
             for constraint in self._constraints[func_var]:
-                print("    " + constraint.pp_str(typevar_to_var))
+                lst.append("    " + constraint.pp_str(typevar_to_var))
+            lst = sorted(lst)
+            print("\n".join(lst))
         print("### end of constraints ###")
     def pp_solution(self) -> None:

angr/analyses/variable_recovery/engine_ail.py CHANGED Viewed

@@ -384,7 +384,7 @@ class SimEngineVRAIL(
     def _ail_handle_Cmp(self, expr):  # pylint:disable=useless-return
         self._expr(expr.operands[0])
         self._expr(expr.operands[1])
-        return RichR(self.state.top(1))
+        return RichR(self.state.top(expr.bits))
     _ail_handle_CmpF = _ail_handle_Cmp
     _ail_handle_CmpEQ = _ail_handle_Cmp
@@ -459,16 +459,17 @@ class SimEngineVRAIL(
         r0 = self._expr(arg0)
         r1 = self._expr(arg1)
+        result_size = arg0.bits
         if r0.data.concrete and r1.data.concrete:
-            # constants
-            result_size = arg0.bits
-            return RichR(r0.data * r1.data, typevar=typeconsts.int_type(result_size), type_constraints=None)
-        r = self.state.top(expr.bits)
-        return RichR(
-            r,
-            typevar=r0.typevar,
-        )
+            v = r0.data * r1.data
+            tv = r0.typevar
+        elif r1.data.concrete:
+            v = r0.data * r1.data
+            tv = typeconsts.int_type(result_size)
+        else:
+            v = self.state.top(expr.bits)
+            tv = typeconsts.int_type(result_size)
+        return RichR(v, typevar=tv, type_constraints=None)
     def _ail_handle_Mull(self, expr):
         arg0, arg1 = expr.operands
@@ -608,7 +609,6 @@ class SimEngineVRAIL(
             )
         shiftamount = r1.data.concrete_value
         return RichR(r0.data << shiftamount, typevar=typeconsts.int_type(result_size), type_constraints=None)
     def _ail_handle_Shr(self, expr):
@@ -676,8 +676,8 @@ class SimEngineVRAIL(
         r0 = self._expr(arg0)
         r1 = self._expr(arg1)
+        result_size = arg0.bits
         if r0.data.concrete and r1.data.concrete:
-            result_size = arg0.bits
             return RichR(
                 r0.data & r1.data,
                 typevar=typeconsts.int_type(result_size),
@@ -685,7 +685,7 @@ class SimEngineVRAIL(
             )
         r = self.state.top(expr.bits)
-        return RichR(r, typevar=r0.typevar)
+        return RichR(r, typevar=typeconsts.int_type(result_size))
     def _ail_handle_Or(self, expr):
         arg0, arg1 = expr.operands
@@ -693,8 +693,8 @@ class SimEngineVRAIL(
         r0 = self._expr(arg0)
         r1 = self._expr(arg1)
+        result_size = arg0.bits
         if r0.data.concrete and r1.data.concrete:
-            result_size = arg0.bits
             return RichR(
                 r0.data | r1.data,
                 typevar=typeconsts.int_type(result_size),
@@ -702,7 +702,7 @@ class SimEngineVRAIL(
             )
         r = self.state.top(expr.bits)
-        return RichR(r, typevar=r0.typevar)
+        return RichR(r, typevar=typeconsts.int_type(result_size))
     def _ail_handle_LogicalAnd(self, expr):
         arg0, arg1 = expr.operands

angr/analyses/variable_recovery/engine_base.py CHANGED Viewed

@@ -133,6 +133,9 @@ class SimEngineVRBase(SimEngineLight):
                 if abs_offset.op == "__lshift__" and abs_offset.args[1].concrete:
                     offset = abs_offset.args[0]
                     elem_size = 2 ** abs_offset.args[1].concrete_value
+                elif abs_offset.op == "__mul__" and abs_offset.args[1].concrete:
+                    offset = abs_offset.args[0]
+                    elem_size = abs_offset.args[1].concrete_value
             if base_addr is not None and offset is not None and elem_size is not None:
                 return base_addr, offset, elem_size

angr/analyses/variable_recovery/engine_vex.py CHANGED Viewed

@@ -214,8 +214,23 @@ class SimEngineVRVEX(
         for target_func in self.call_info.get(current_addr, []):
             self._handle_function_concrete(target_func)
-        # handles return statements
-        if self.block.vex.jumpkind == "Ijk_Ret":
+        if self.block.vex.jumpkind == "Ijk_Call":
+            # emulates return values from calls
+            cc = None
+            for target_func in self.call_info.get(self.state.block_addr, []):
+                if target_func.calling_convention is not None:
+                    cc = target_func.calling_convention
+                    break
+            if cc is None:
+                cc = default_cc(self.arch.name, platform=self.project.simos.name)(self.arch)
+            if isinstance(cc.RETURN_VAL, SimRegArg):
+                reg_offset, reg_size = self.arch.registers[cc.RETURN_VAL.reg_name]
+                data = self._top(reg_size * self.arch.byte_width)
+                self._assign_to_register(reg_offset, data, reg_size, create_variable=False)
+        elif self.block.vex.jumpkind == "Ijk_Ret":
+            # handles return statements
             # determine the size of the return register
             # TODO: Handle multiple return registers
             cc = self.state.function.calling_convention

angr/engines/light/engine.py CHANGED Viewed

@@ -1272,19 +1272,21 @@ class SimEngineLightAILMixin(SimEngineLightMixin):
         if expr_1 is None:
             expr_1 = arg1
-        try:
-            return expr_0 * expr_1
-        except TypeError:
-            return ailment.Expr.BinaryOp(
-                expr.idx,
-                "Mull",
-                [expr_0, expr_1],
-                expr.signed,
-                bits=expr.bits,
-                floating_point=expr.floating_point,
-                rounding_mode=expr.rounding_mode,
-                **expr.tags,
-            )
+        if isinstance(expr_0, claripy.ast.Bits) and isinstance(expr_1, claripy.ast.Bits):
+            expr0_ext = claripy.ZeroExt(expr.bits - expr_0.size(), expr_0) if expr.bits > expr_0.size() else expr_0
+            expr1_ext = claripy.ZeroExt(expr.bits - expr_1.size(), expr_1) if expr.bits > expr_1.size() else expr_1
+            return expr0_ext * expr1_ext
+        return ailment.Expr.BinaryOp(
+            expr.idx,
+            "Mull",
+            [expr_0, expr_1],
+            expr.signed,
+            bits=expr.bits,
+            floating_point=expr.floating_point,
+            rounding_mode=expr.rounding_mode,
+            **expr.tags,
+        )
     def _ail_handle_And(self, expr):
         arg0, arg1 = expr.operands

angr/engines/vex/claripy/irop.py CHANGED Viewed

@@ -17,6 +17,7 @@ import pyvex
 import claripy
 from angr.errors import UnsupportedIROpError, SimOperationError, SimValueError, SimZeroDivisionException
+from angr.state_plugins.sim_action_object import SimActionObject
 l = logging.getLogger(name=__name__)
@@ -425,8 +426,18 @@ class SimIROp:
                 print(f"... {k}: {v}")
     def calculate(self, *args):
-        if not all(isinstance(a, claripy.ast.Base) for a in args):
-            raise SimOperationError("IROp needs all args as claripy expressions")
+        # calculate may recieve SimActionObjects (if AST_DEPS is enabled) or
+        # claripy expressions, so we need to unpack the SAOs before passing them
+        # to claripy.
+        unpacked_args = []
+        for arg in args:
+            if isinstance(arg, SimActionObject):
+                unpacked_args.append(arg.to_claripy())
+            elif isinstance(arg, claripy.ast.Base):
+                unpacked_args.append(arg)
+            else:
+                raise SimOperationError(f"Unsupported argument type {type(arg)}")
+        args = unpacked_args
         if not self._float:
             args = tuple(arg.raw_to_bv() for arg in args)

angr/lib/angr_native.dylib CHANGED Viewed

Binary file

angr/utils/bits.py CHANGED Viewed

@@ -14,3 +14,8 @@ def truncate_bits(value: int, nbits: int) -> int:
 def ffs(x: int) -> int:
     return (x & -x).bit_length() - 1
+def sign_extend(value: int, bits: int) -> int:
+    sign_bit = 1 << (bits - 1)
+    return (value & (sign_bit - 1)) - (value & sign_bit)

angr/utils/formatting.py CHANGED Viewed

@@ -1,4 +1,5 @@
 from __future__ import annotations
+import os
 import sys
 from collections.abc import Sequence, Callable
@@ -23,7 +24,9 @@ def setup_terminal():
             colorama.init()
     global ansi_color_enabled  # pylint:disable=global-statement
-    ansi_color_enabled = isatty
+    # https://no-color.org/
+    no_color = os.environ.get("NO_COLOR", "")
+    ansi_color_enabled = isatty and not no_color
 def ansi_color(s: str, color: str | None) -> str:

{angr-9.2.129.dist-info → angr-9.2.131.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: angr
-Version: 9.2.129
+Version: 9.2.131
 Summary: A multi-architecture binary analysis toolkit, with the ability to perform dynamic symbolic execution and various static analyses on binaries
 Home-page: https://github.com/angr/angr
 License: BSD-2-Clause
@@ -16,13 +16,13 @@ Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: CppHeaderParser
 Requires-Dist: GitPython
-Requires-Dist: ailment==9.2.129
-Requires-Dist: archinfo==9.2.129
+Requires-Dist: ailment==9.2.131
+Requires-Dist: archinfo==9.2.131
 Requires-Dist: cachetools
 Requires-Dist: capstone==5.0.3
 Requires-Dist: cffi>=1.14.0
-Requires-Dist: claripy==9.2.129
-Requires-Dist: cle==9.2.129
+Requires-Dist: claripy==9.2.131
+Requires-Dist: cle==9.2.131
 Requires-Dist: itanium-demangler
 Requires-Dist: mulpyplexer
 Requires-Dist: nampa
@@ -31,7 +31,7 @@ Requires-Dist: protobuf>=5.28.2
 Requires-Dist: psutil
 Requires-Dist: pycparser>=2.18
 Requires-Dist: pyformlang
-Requires-Dist: pyvex==9.2.129
+Requires-Dist: pyvex==9.2.131
 Requires-Dist: rich>=13.1.0
 Requires-Dist: sortedcontainers
 Requires-Dist: sympy