angr 9.2.135__py3-none-win_amd64.whl → 9.2.137__py3-none-win_amd64.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of angr might be problematic. Click here for more details.

Files changed (199) hide show
  1. angr/__init__.py +1 -1
  2. angr/analyses/__init__.py +3 -7
  3. angr/analyses/analysis.py +4 -0
  4. angr/analyses/backward_slice.py +1 -2
  5. angr/analyses/binary_optimizer.py +3 -4
  6. angr/analyses/bindiff.py +4 -6
  7. angr/analyses/boyscout.py +1 -3
  8. angr/analyses/callee_cleanup_finder.py +4 -4
  9. angr/analyses/calling_convention/calling_convention.py +6 -4
  10. angr/analyses/calling_convention/fact_collector.py +10 -3
  11. angr/analyses/cdg.py +1 -2
  12. angr/analyses/cfg/cfb.py +1 -3
  13. angr/analyses/cfg/cfg.py +2 -2
  14. angr/analyses/cfg/cfg_base.py +40 -68
  15. angr/analyses/cfg/cfg_emulated.py +1 -104
  16. angr/analyses/cfg/cfg_fast.py +90 -27
  17. angr/analyses/cfg/cfg_fast_soot.py +1 -1
  18. angr/analyses/cfg/indirect_jump_resolvers/__init__.py +2 -0
  19. angr/analyses/cfg/indirect_jump_resolvers/const_resolver.py +46 -10
  20. angr/analyses/cfg/indirect_jump_resolvers/default_resolvers.py +5 -1
  21. angr/analyses/cfg/indirect_jump_resolvers/jumptable.py +65 -14
  22. angr/analyses/cfg/indirect_jump_resolvers/memload_resolver.py +81 -0
  23. angr/analyses/cfg/indirect_jump_resolvers/propagator_utils.py +24 -5
  24. angr/analyses/cfg/indirect_jump_resolvers/x86_pe_iat.py +2 -5
  25. angr/analyses/class_identifier.py +1 -2
  26. angr/analyses/complete_calling_conventions.py +3 -0
  27. angr/analyses/congruency_check.py +2 -3
  28. angr/analyses/data_dep/data_dependency_analysis.py +2 -2
  29. angr/analyses/ddg.py +1 -4
  30. angr/analyses/decompiler/ail_simplifier.py +15 -5
  31. angr/analyses/decompiler/block_simplifier.py +2 -2
  32. angr/analyses/decompiler/ccall_rewriters/__init__.py +2 -0
  33. angr/analyses/decompiler/ccall_rewriters/amd64_ccalls.py +1 -1
  34. angr/analyses/decompiler/ccall_rewriters/x86_ccalls.py +69 -0
  35. angr/analyses/decompiler/clinic.py +119 -72
  36. angr/analyses/decompiler/condition_processor.py +2 -0
  37. angr/analyses/decompiler/decompiler.py +1 -0
  38. angr/analyses/decompiler/dephication/dephication_base.py +2 -0
  39. angr/analyses/decompiler/dephication/rewriting_engine.py +8 -6
  40. angr/analyses/decompiler/dephication/seqnode_dephication.py +10 -1
  41. angr/analyses/decompiler/optimization_passes/duplication_reverter/ail_merge_graph.py +2 -2
  42. angr/analyses/decompiler/optimization_passes/duplication_reverter/duplication_reverter.py +2 -2
  43. angr/analyses/decompiler/optimization_passes/ite_region_converter.py +1 -1
  44. angr/analyses/decompiler/optimization_passes/lowered_switch_simplifier.py +1 -1
  45. angr/analyses/decompiler/optimization_passes/return_duplicator_base.py +1 -2
  46. angr/analyses/decompiler/optimization_passes/stack_canary_simplifier.py +1 -1
  47. angr/analyses/decompiler/sequence_walker.py +6 -2
  48. angr/analyses/decompiler/ssailification/rewriting.py +11 -1
  49. angr/analyses/decompiler/ssailification/rewriting_engine.py +56 -19
  50. angr/analyses/decompiler/ssailification/ssailification.py +13 -3
  51. angr/analyses/decompiler/ssailification/traversal.py +28 -2
  52. angr/analyses/decompiler/ssailification/traversal_state.py +6 -1
  53. angr/analyses/decompiler/structured_codegen/c.py +44 -21
  54. angr/analyses/decompiler/structuring/phoenix.py +118 -15
  55. angr/analyses/decompiler/utils.py +113 -8
  56. angr/analyses/disassembly.py +5 -5
  57. angr/analyses/fcp/__init__.py +4 -0
  58. angr/analyses/fcp/fcp.py +429 -0
  59. angr/analyses/identifier/identify.py +1 -3
  60. angr/analyses/loopfinder.py +4 -3
  61. angr/analyses/patchfinder.py +1 -1
  62. angr/analyses/propagator/engine_base.py +4 -3
  63. angr/analyses/propagator/propagator.py +14 -53
  64. angr/analyses/reaching_definitions/function_handler.py +1 -1
  65. angr/analyses/reassembler.py +1 -2
  66. angr/analyses/s_liveness.py +5 -1
  67. angr/analyses/s_propagator.py +26 -7
  68. angr/analyses/s_reaching_definitions/s_rda_model.py +2 -1
  69. angr/analyses/s_reaching_definitions/s_rda_view.py +20 -1
  70. angr/analyses/s_reaching_definitions/s_reaching_definitions.py +11 -1
  71. angr/analyses/soot_class_hierarchy.py +1 -2
  72. angr/analyses/stack_pointer_tracker.py +29 -3
  73. angr/analyses/static_hooker.py +1 -2
  74. angr/analyses/typehoon/simple_solver.py +2 -2
  75. angr/analyses/variable_recovery/engine_ail.py +19 -7
  76. angr/analyses/variable_recovery/engine_base.py +16 -14
  77. angr/analyses/variable_recovery/engine_vex.py +2 -2
  78. angr/analyses/variable_recovery/variable_recovery_fast.py +23 -3
  79. angr/analyses/veritesting.py +4 -7
  80. angr/analyses/vfg.py +1 -1
  81. angr/analyses/vsa_ddg.py +1 -2
  82. angr/block.py +62 -22
  83. angr/callable.py +1 -3
  84. angr/calling_conventions.py +3 -3
  85. angr/codenode.py +5 -1
  86. angr/concretization_strategies/__init__.py +1 -83
  87. angr/concretization_strategies/any.py +2 -1
  88. angr/concretization_strategies/any_named.py +1 -1
  89. angr/concretization_strategies/base.py +81 -0
  90. angr/concretization_strategies/controlled_data.py +2 -1
  91. angr/concretization_strategies/eval.py +2 -1
  92. angr/concretization_strategies/logging.py +3 -1
  93. angr/concretization_strategies/max.py +2 -1
  94. angr/concretization_strategies/nonzero.py +2 -1
  95. angr/concretization_strategies/nonzero_range.py +2 -1
  96. angr/concretization_strategies/norepeats.py +2 -1
  97. angr/concretization_strategies/norepeats_range.py +2 -1
  98. angr/concretization_strategies/range.py +2 -1
  99. angr/concretization_strategies/signed_add.py +2 -1
  100. angr/concretization_strategies/single.py +2 -1
  101. angr/concretization_strategies/solutions.py +2 -1
  102. angr/concretization_strategies/unlimited_range.py +2 -1
  103. angr/engines/__init__.py +8 -5
  104. angr/engines/engine.py +3 -5
  105. angr/engines/failure.py +4 -5
  106. angr/engines/pcode/emulate.py +1 -1
  107. angr/engines/pcode/lifter.py +31 -18
  108. angr/engines/procedure.py +5 -7
  109. angr/engines/soot/expressions/__init__.py +20 -23
  110. angr/engines/soot/expressions/base.py +4 -4
  111. angr/engines/soot/expressions/invoke.py +1 -2
  112. angr/engines/soot/statements/__init__.py +10 -12
  113. angr/engines/soot/values/__init__.py +10 -12
  114. angr/engines/soot/values/arrayref.py +3 -3
  115. angr/engines/soot/values/instancefieldref.py +3 -2
  116. angr/engines/successors.py +18 -12
  117. angr/engines/syscall.py +4 -6
  118. angr/engines/unicorn.py +3 -2
  119. angr/engines/vex/claripy/ccall.py +8 -10
  120. angr/engines/vex/claripy/datalayer.py +4 -5
  121. angr/engines/vex/lifter.py +9 -6
  122. angr/exploration_techniques/__init__.py +0 -2
  123. angr/exploration_techniques/spiller.py +1 -3
  124. angr/exploration_techniques/stochastic.py +2 -3
  125. angr/factory.py +3 -9
  126. angr/flirt/build_sig.py +8 -15
  127. angr/knowledge_plugins/cfg/cfg_model.py +20 -17
  128. angr/knowledge_plugins/functions/function.py +70 -79
  129. angr/knowledge_plugins/functions/function_manager.py +8 -7
  130. angr/knowledge_plugins/functions/function_parser.py +1 -1
  131. angr/knowledge_plugins/functions/soot_function.py +21 -24
  132. angr/knowledge_plugins/propagations/propagation_model.py +4 -5
  133. angr/knowledge_plugins/propagations/states.py +0 -511
  134. angr/knowledge_plugins/variables/variable_manager.py +16 -10
  135. angr/lib/angr_native.dll +0 -0
  136. angr/procedures/libc/memcpy.py +4 -4
  137. angr/procedures/procedure_dict.py +3 -2
  138. angr/protos/__init__.py +2 -5
  139. angr/protos/cfg_pb2.py +21 -18
  140. angr/protos/function_pb2.py +17 -14
  141. angr/protos/primitives_pb2.py +44 -39
  142. angr/protos/variables_pb2.py +36 -31
  143. angr/protos/xrefs_pb2.py +15 -12
  144. angr/sim_procedure.py +15 -16
  145. angr/sim_variable.py +13 -1
  146. angr/simos/__init__.py +2 -0
  147. angr/simos/javavm.py +4 -6
  148. angr/simos/xbox.py +32 -0
  149. angr/state_plugins/__init__.py +0 -2
  150. angr/state_plugins/callstack.py +4 -4
  151. angr/state_plugins/cgc.py +3 -2
  152. angr/state_plugins/gdb.py +6 -5
  153. angr/state_plugins/globals.py +1 -2
  154. angr/state_plugins/heap/heap_brk.py +1 -2
  155. angr/state_plugins/history.py +10 -12
  156. angr/state_plugins/inspect.py +3 -5
  157. angr/state_plugins/libc.py +2 -2
  158. angr/state_plugins/log.py +8 -10
  159. angr/state_plugins/loop_data.py +1 -2
  160. angr/state_plugins/posix.py +7 -7
  161. angr/state_plugins/preconstrainer.py +2 -3
  162. angr/state_plugins/scratch.py +5 -8
  163. angr/state_plugins/sim_action.py +3 -3
  164. angr/state_plugins/solver.py +8 -3
  165. angr/state_plugins/symbolizer.py +5 -4
  166. angr/state_plugins/uc_manager.py +3 -3
  167. angr/state_plugins/unicorn_engine.py +5 -1
  168. angr/state_plugins/view.py +3 -5
  169. angr/storage/file.py +3 -5
  170. angr/storage/memory_mixins/address_concretization_mixin.py +2 -2
  171. angr/storage/memory_mixins/bvv_conversion_mixin.py +3 -3
  172. angr/storage/memory_mixins/clouseau_mixin.py +1 -3
  173. angr/storage/memory_mixins/name_resolution_mixin.py +1 -3
  174. angr/storage/memory_mixins/paged_memory/paged_memory_mixin.py +13 -15
  175. angr/storage/memory_mixins/paged_memory/pages/__init__.py +1 -22
  176. angr/storage/memory_mixins/paged_memory/pages/base.py +31 -0
  177. angr/storage/memory_mixins/paged_memory/pages/list_page.py +1 -1
  178. angr/storage/memory_mixins/paged_memory/pages/mv_list_page.py +1 -1
  179. angr/storage/memory_mixins/paged_memory/pages/ultra_page.py +2 -4
  180. angr/storage/memory_mixins/paged_memory/privileged_mixin.py +3 -4
  181. angr/storage/memory_mixins/regioned_memory/abstract_merger_mixin.py +4 -2
  182. angr/storage/memory_mixins/smart_find_mixin.py +1 -1
  183. angr/storage/memory_mixins/underconstrained_mixin.py +1 -1
  184. angr/storage/memory_mixins/unwrapper_mixin.py +1 -3
  185. angr/utils/enums_conv.py +28 -12
  186. angr/utils/segment_list.py +25 -22
  187. angr/utils/timing.py +18 -1
  188. angr/vaults.py +5 -6
  189. {angr-9.2.135.dist-info → angr-9.2.137.dist-info}/METADATA +7 -7
  190. {angr-9.2.135.dist-info → angr-9.2.137.dist-info}/RECORD +194 -192
  191. {angr-9.2.135.dist-info → angr-9.2.137.dist-info}/WHEEL +1 -1
  192. angr/analyses/propagator/outdated_definition_walker.py +0 -159
  193. angr/analyses/propagator/tmpvar_finder.py +0 -18
  194. angr/engines/concrete.py +0 -180
  195. angr/exploration_techniques/symbion.py +0 -80
  196. angr/state_plugins/concrete.py +0 -295
  197. {angr-9.2.135.dist-info → angr-9.2.137.dist-info}/LICENSE +0 -0
  198. {angr-9.2.135.dist-info → angr-9.2.137.dist-info}/entry_points.txt +0 -0
  199. {angr-9.2.135.dist-info → angr-9.2.137.dist-info}/top_level.txt +0 -0
angr/knowledge_plugins/functions/function_manager.py CHANGED
@@ -6,6 +6,7 @@ from collections.abc import Generator
6
6
  import logging
7
7
  import collections.abc
8
8
  import re
9
+ import weakref
9
10
  from sortedcontainers import SortedDict
10
11
 
11
12
  import networkx
@@ -31,7 +32,7 @@ class FunctionDict(SortedDict):
31
32
  """
32
33
 
33
34
  def __init__(self, backref, *args, **kwargs):
34
- self._backref = backref
35
+ self._backref = weakref.proxy(backref) if backref is not None else None
35
36
  self._key_types = kwargs.pop("key_types", int)
36
37
  super().__init__(*args, **kwargs)
37
38
 
@@ -39,7 +40,7 @@ class FunctionDict(SortedDict):
39
40
  try:
40
41
  return super().__getitem__(addr)
41
42
  except KeyError as ex:
42
- if not isinstance(addr, self._key_types):
43
+ if isinstance(addr, bool) or not isinstance(addr, self._key_types):
43
44
  raise TypeError(f"FunctionDict only supports {self._key_types} as key type") from ex
44
45
 
45
46
  if isinstance(addr, SootMethodDescriptor):
@@ -148,7 +149,7 @@ class FunctionManager(KnowledgeBasePlugin, collections.abc.Mapping):
148
149
  dst_func = self._function_map[function_addr]
149
150
  if syscall in (True, False):
150
151
  dst_func.is_syscall = syscall
151
- dst_func._register_nodes(True, node)
152
+ dst_func._register_node(True, node)
152
153
  self.block_map[node.addr] = node
153
154
 
154
155
  def _add_call_to(
@@ -160,7 +161,7 @@ class FunctionManager(KnowledgeBasePlugin, collections.abc.Mapping):
160
161
  syscall=None,
161
162
  stmt_idx=None,
162
163
  ins_addr=None,
163
- return_to_outside=False,
164
+ return_to_outside: bool = False,
164
165
  ):
165
166
  """
166
167
  Add a call to a function.
@@ -172,7 +173,7 @@ class FunctionManager(KnowledgeBasePlugin, collections.abc.Mapping):
172
173
  :param bool syscall: If this is a call to a syscall or not.
173
174
  :param int stmt_idx: ID of the statement where this call happens.
174
175
  :param int ins_addr: Address of the instruction where this call happens.
175
- :param bool return_to_outside: True if the return of the call is considered going to outside of the current
176
+ :param return_to_outside: True if the return of the call is considered going to outside of the current
176
177
  function.
177
178
  :return: None
178
179
  """
@@ -306,7 +307,7 @@ class FunctionManager(KnowledgeBasePlugin, collections.abc.Mapping):
306
307
  try:
307
308
  _ = self[item]
308
309
  return True
309
- except KeyError:
310
+ except (KeyError, TypeError):
310
311
  return False
311
312
 
312
313
  def __getitem__(self, k) -> Function:
@@ -406,7 +407,7 @@ class FunctionManager(KnowledgeBasePlugin, collections.abc.Mapping):
406
407
 
407
408
  try:
408
409
  prev_addr = self._function_map.floor_addr(addr)
409
- return self._function_map[prev_addr]
410
+ return self._function_map.get(prev_addr)
410
411
 
411
412
  except KeyError:
412
413
  return None
angr/knowledge_plugins/functions/function_parser.py CHANGED
@@ -246,7 +246,7 @@ class FunctionParser:
246
246
  # add leftover blocks
247
247
  for block in blocks.values():
248
248
  if block not in added_nodes:
249
- obj._register_nodes(True, block)
249
+ obj._register_node(True, block)
250
250
 
251
251
  return obj
252
252
 
angr/knowledge_plugins/functions/soot_function.py CHANGED
@@ -1,7 +1,11 @@
1
+ # pylint:disable=super-init-not-called
1
2
  from __future__ import annotations
2
3
  import os
3
- import networkx
4
4
  from collections import defaultdict
5
+
6
+ import networkx
7
+
8
+ from angr.codenode import BlockNode
5
9
  from .function import Function
6
10
 
7
11
 
@@ -88,10 +92,6 @@ class SootFunction(Function):
88
92
  if hooker and hasattr(hooker, "NO_RET"):
89
93
  self.returning = not hooker.NO_RET
90
94
 
91
- self.prepared_registers = set()
92
- self.prepared_stack_variables = set()
93
- self.registers_read_afterwards = set()
94
-
95
95
  # startpoint can always be None if this CFGNode is a syscall node
96
96
  self.startpoint = None
97
97
 
@@ -108,24 +108,21 @@ class SootFunction(Function):
108
108
  # The Shimple CFG is already normalized.
109
109
  pass
110
110
 
111
- def _register_nodes(self, is_local, *nodes):
112
- if not isinstance(is_local, bool):
113
- raise AngrValueError('_register_nodes(): the "is_local" parameter must be a bool')
111
+ def _register_node(self, is_local: bool, node):
112
+ if is_local and self._local_blocks.get(node.addr) == node:
113
+ return self._local_blocks[node.addr]
114
114
 
115
- for node in nodes:
115
+ if node not in self.transition_graph:
116
116
  self.transition_graph.add_node(node)
117
- node._graph = self.transition_graph
118
- if node.addr not in self or self._block_sizes[node.addr] == 0:
119
- self._block_sizes[node.addr] = node.size
120
- if node.addr == self.addr.addr and (self.startpoint is None or not self.startpoint.is_hook):
121
- self.startpoint = node
122
- if is_local:
123
- self._local_blocks[node.addr] = node
124
- self._local_block_addrs.add(node.addr)
125
- # add BlockNodes to the addr_to_block_node cache if not already there
126
- if isinstance(node, BlockNode) and node.addr not in self._addr_to_block_node:
127
- self._addr_to_block_node[node.addr] = node
128
-
129
-
130
- from angr.codenode import BlockNode
131
- from angr.errors import AngrValueError
117
+ node._graph = self.transition_graph
118
+ if node.addr not in self or self._block_sizes[node.addr] == 0:
119
+ self._block_sizes[node.addr] = node.size
120
+ if node.addr == self.addr.addr and (self.startpoint is None or not self.startpoint.is_hook):
121
+ self.startpoint = node
122
+ if is_local:
123
+ self._local_blocks[node.addr] = node
124
+ self._local_block_addrs.add(node.addr)
125
+ # add BlockNodes to the addr_to_block_node cache if not already there
126
+ if isinstance(node, BlockNode) and node.addr not in self._addr_to_block_node:
127
+ self._addr_to_block_node[node.addr] = node
128
+ return node
angr/knowledge_plugins/propagations/propagation_model.py CHANGED
@@ -6,7 +6,7 @@ import claripy
6
6
  import ailment
7
7
  from angr.serializable import Serializable
8
8
  from angr.knowledge_plugins.functions.function import Function
9
- from .states import PropagatorVEXState, PropagatorAILState, PropagatorState
9
+ from .states import PropagatorVEXState, PropagatorState
10
10
 
11
11
 
12
12
  class PropagationModel(Serializable):
@@ -65,10 +65,9 @@ class PropagationModel(Serializable):
65
65
  preds = [self.states[pnode.addr] for pnode in self._function.graph.predecessors(node)]
66
66
  if not preds:
67
67
  if isinstance(node, ailment.Block):
68
- state = PropagatorAILState.initial_state(self._function.project, func_addr=self._function.addr)
69
- else:
70
- state = PropagatorVEXState.initial_state(self._function.project, func_addr=self._function.addr)
71
- state.store_register(state.arch.ip_offset, state.arch.bytes, claripy.BVV(block_addr, state.arch.bits))
68
+ raise NotImplementedError
69
+ state = PropagatorVEXState.initial_state(self._function.project, func_addr=self._function.addr)
70
+ state.store_register(state.arch.ip_offset, state.arch.bytes, claripy.BVV(block_addr, state.arch.bits))
72
71
  else:
73
72
  state, _ = preds[0].merge(*preds[1:])
74
73
  return state