angr 9.2.136__py3-none-macosx_11_0_arm64.whl → 9.2.138__py3-none-macosx_11_0_arm64.whl

angr/block.py

@@ -1,10 +1,11 @@
 # pylint:disable=wrong-import-position,arguments-differ
 from __future__ import annotations
 import logging
+from typing import TYPE_CHECKING
 
 import pyvex
 from pyvex import IRSB
-from archinfo import ArchARM
+from archinfo import Arch, ArchARM
 
 from .protos import primitives_pb2 as pb2
 from .serializable import Serializable
@@ -14,6 +15,12 @@ try:
 except ImportError:
     pcode = None
 
+if TYPE_CHECKING:
+    from angr import Project
+    from angr.engines.vex import VEXLifter
+    from angr.engines.pcode.lifter import PcodeLifterEngineMixin, IRSB as PcodeIRSB
+    from angr.engines.soot.engine import SootMixin
+
 
 l = logging.getLogger(name=__name__)
 
@@ -148,7 +155,7 @@ class Block(Serializable):
         self,
         addr,
         project=None,
-        arch=None,
+        arch: Arch = None,
         size=None,
         max_size=None,
         byte_string=None,
@@ -168,6 +175,7 @@ class Block(Serializable):
         skip_stmts=False,
     ):
         # set up arch
+        self.arch: Arch
         if project is not None:
             self.arch = project.arch
         else:
@@ -187,7 +195,7 @@ class Block(Serializable):
         else:
             thumb = False
 
-        self._project = project
+        self._project: Project | None = project
         self.thumb = thumb
         self.addr = addr
         self._opt_level = opt_level
@@ -206,8 +214,15 @@ class Block(Serializable):
             else:
                 if self._initial_regs:
                     self.set_initial_regs()
+                clemory = None
+                if project is not None:
+                    clemory = (
+                        project.loader.memory_ro_view
+                        if project.loader.memory_ro_view is not None
+                        else project.loader.memory
+                    )
                 vex = self._vex_engine.lift_vex(
-                    clemory=project.loader.memory,
+                    clemory=clemory,
                     state=backup_state,
                     insn_bytes=byte_string,
                     addr=addr,
@@ -243,7 +258,7 @@ class Block(Serializable):
         self._load_from_ro_regions = load_from_ro_regions
         self._const_prop = const_prop
 
-        self._instructions = num_inst
+        self._instructions: int | None = num_inst
         self._instruction_addrs: list[int] = []
 
         if skip_stmts:
@@ -258,7 +273,7 @@ class Block(Serializable):
                 if type(self._bytes) is memoryview:
                     self._bytes = bytes(self._bytes)
                 elif type(self._bytes) is not bytes:
-                    self._bytes = bytes(pyvex.ffi.buffer(self._bytes, size))
+                    self._bytes = bytes(pyvex.ffi.buffer(self._bytes, size))  # type:ignore
             else:
                 self._bytes = None
         elif type(byte_string) is bytes:
@@ -269,7 +284,7 @@ class Block(Serializable):
         else:
             # Convert bytestring to a str
             # size will ALWAYS be known at this point
-            self._bytes = str(pyvex.ffi.buffer(byte_string, self.size))
+            self._bytes = bytes(pyvex.ffi.buffer(byte_string, self.size))  # type:ignore
 
     def _parse_vex_info(self, vex_block):
         if vex_block is not None:
@@ -323,16 +338,25 @@ class Block(Serializable):
         pyvex.pvc.reset_initial_register_values()
 
     @property
-    def _vex_engine(self):
-        return self._project.factory.default_engine
+    def _vex_engine(self) -> VEXLifter | PcodeLifterEngineMixin:
+        if self._project is None:
+            raise ValueError("Project is not set")
+        return self._project.factory.default_engine  # type:ignore
 
     @property
-    def vex(self) -> IRSB:
+    def vex(self) -> IRSB | PcodeIRSB:
         if not self._vex:
             if self._initial_regs:
                 self.set_initial_regs()
+            clemory = None
+            if self._project is not None:
+                clemory = (
+                    self._project.loader.memory_ro_view
+                    if self._project.loader.memory_ro_view is not None
+                    else self._project.loader.memory
+                )
             self._vex = self._vex_engine.lift_vex(
-                clemory=self._project.loader.memory if self._project is not None else None,
+                clemory=clemory,
                 insn_bytes=self._bytes,
                 addr=self.addr,
                 thumb=self.thumb,
@@ -350,6 +374,7 @@ class Block(Serializable):
                 self.reset_initial_regs()
             self._parse_vex_info(self._vex)
 
+        assert self._vex is not None
         return self._vex
 
     @property
@@ -362,8 +387,15 @@ class Block(Serializable):
 
         if self._initial_regs:
             self.set_initial_regs()
+        clemory = None
+        if self._project is not None:
+            clemory = (
+                self._project.loader.memory_ro_view
+                if self._project.loader.memory_ro_view is not None
+                else self._project.loader.memory
+            )
         self._vex_nostmt = self._vex_engine.lift_vex(
-            clemory=self._project.loader.memory if self._project is not None else None,
+            clemory=clemory,
             insn_bytes=self._bytes,
             addr=self.addr,
             thumb=self.thumb,
@@ -394,17 +426,17 @@ class Block(Serializable):
         """
         if self._disassembly is None:
             if self._using_pcode_engine:
-                self._disassembly = self.vex.disassembly
+                self._disassembly = self.vex.disassembly  # type:ignore
             else:
                 self._disassembly = self.capstone
         return self._disassembly
 
     @property
-    def capstone(self):
+    def capstone(self) -> CapstoneBlock:
         if self._capstone:
             return self._capstone
 
-        cs = self.arch.capstone if not self.thumb else self.arch.capstone_thumb
+        cs = self.arch.capstone if not self.thumb else self.arch.capstone_thumb  # type:ignore
 
         insns = []
 
@@ -423,12 +455,18 @@ class Block(Serializable):
         return BlockNode(self.addr, self.size, bytestr=self.bytes, thumb=self.thumb)
 
     @property
-    def bytes(self) -> bytes:
+    def bytes(self) -> bytes | None:
         if self._bytes is None:
             addr = self.addr
             if self.thumb:
                 addr = (addr >> 1) << 1
-            self._bytes = self._project.loader.memory.load(addr, self.size)
+            if self._project is not None:
+                mem = (
+                    self._project.loader.memory_ro_view
+                    if self._project.loader.memory_ro_view is not None
+                    else self._project.loader.memory
+                )
+                self._bytes = mem.load(addr, self.size)
         return self._bytes
 
     @property
@@ -437,6 +475,7 @@ class Block(Serializable):
             # initialize from VEX
             _ = self.vex
 
+        assert self._instructions is not None
         return self._instructions
 
     @property
@@ -477,17 +516,17 @@ class SootBlock:
     Represents a Soot IR basic block.
     """
 
-    def __init__(self, addr, project=None, arch=None):
+    def __init__(self, addr, *, project: Project, arch: Arch):
         self.addr = addr
         self.arch = arch
         self._project = project
         self._the_binary = project.loader.main_object
 
     @property
-    def _soot_engine(self):
+    def _soot_engine(self) -> SootMixin:
         if self._project is None:
             assert False, "This should be unreachable"
-        return self._project.factory.default_engine
+        return self._project.factory.default_engine  # type:ignore
 
     @property
     def soot(self):

angr/engines/pcode/emulate.py

@@ -92,7 +92,7 @@ class PcodeEmulatorMixin(SimEngineBase):
                 self.state,
                 fallthru_addr,
                 self.state.scratch.guard,
-                "Ijk_Boring",
+                irsb.jumpkind,
                 exit_stmt_idx=DEFAULT_STATEMENT,
                 exit_ins_addr=self.state.scratch.ins_addr,
             )

angr/engines/pcode/lifter.py

@@ -7,7 +7,7 @@
 from __future__ import annotations
 
 import logging
-from typing import Optional
+from typing import Any, TYPE_CHECKING
 from collections.abc import Iterable, Sequence
 
 import archinfo
@@ -35,6 +35,12 @@ except ImportError:
     pypcode = None
 
 
+if TYPE_CHECKING:
+    # this is to make pyright happy; otherwise it believes pypcode is None
+    import pypcode
+    from pypcode import PcodeOp, Context
+
+
 l = logging.getLogger(__name__)
 
 IRSB_MAX_SIZE = 400
@@ -130,8 +136,8 @@ class IRSB:
 
     _direct_next: bool | None
     _exit_statements: Sequence[tuple[int, int, ExitStatement]]
-    _instruction_addresses: Sequence[int] | None
-    _ops: Sequence[pypcode.PcodeOp]  # FIXME: Merge into _statements
+    _instruction_addresses: list[int] | None
+    _ops: list[PcodeOp]  # FIXME: Merge into _statements
     _size: int | None
     _statements: Iterable  # Note: currently unused
     _disassembly: PcodeDisassemblerBlock | None
@@ -140,7 +146,7 @@ class IRSB:
     behaviors: BehaviorFactory | None
     data_refs: Sequence  # Note: currently unused
     const_vals: Sequence  # Note: currently unused
-    default_exit_target: Optional  # Note: currently used
+    default_exit_target: Any  # Note: currently used
     jumpkind: str | None
     next: int | None
 
@@ -199,7 +205,7 @@ class IRSB:
         self._direct_next = None
         self._exit_statements = []
         self._instruction_addresses = None
-        self._ops = []
+        self._ops: list[PcodeOp] = []
         self._size = None
         self._statements = []
         self.addr = mem_addr
@@ -248,7 +254,7 @@ class IRSB:
 
     @property
     def has_statements(self) -> bool:
-        return self.statements is not None and self.statements
+        return bool(self.statements is not None and self.statements)
 
     @property
     def exit_statements(self) -> Sequence[tuple[int, int, ExitStatement]]:
@@ -320,7 +326,7 @@ class IRSB:
         return len(self.statements)
 
     @property
-    def offsIP(self) -> int:
+    def offsIP(self) -> int | None:
         return self.arch.ip_offset
 
     @property
@@ -459,10 +465,10 @@ class IRSB:
         jumpkind: str | None = None,
         direct_next: bool | None = None,
         size: int | None = None,
-        ops: Sequence[pypcode.PcodeOp] | None = None,
-        instruction_addresses: Iterable[int] | None = None,
+        ops: list[PcodeOp] | None = None,
+        instruction_addresses: list[int] | None = None,
         exit_statements: Sequence[tuple[int, int, ExitStatement]] | None = None,
-        default_exit_target: Optional | None = None,
+        default_exit_target: Any = None,
     ) -> None:
         # pylint: disable=unused-argument
         self._statements = statements if statements is not None else []
@@ -490,7 +496,7 @@ class IRSB:
         )
 
     @property
-    def statements(self) -> Iterable:
+    def statements(self) -> list:
         # FIXME: For compatibility, may want to implement Ist_IMark and
         # pyvex.IRStmt.Exit to ease analyses.
         l.debug("Returning empty statements list!")
@@ -807,7 +813,7 @@ class PcodeBasicBlockLifter:
     Lifts basic blocks to P-code
     """
 
-    context: pypcode.Context
+    context: Context
     behaviors: BehaviorFactory
 
     def __init__(self, arch: archinfo.Arch):
@@ -1032,7 +1038,7 @@ class PcodeLifterEngineMixin(SimEngineBase):
         self,
         addr: int | None = None,
         state: SimState | None = None,
-        clemory: cle.Clemory | None = None,
+        clemory: cle.Clemory | cle.ClemoryReadOnlyView | None = None,
         insn_bytes: bytes | None = None,
         arch: archinfo.Arch | None = None,
         size: int | None = None,
@@ -1047,7 +1053,7 @@ class PcodeLifterEngineMixin(SimEngineBase):
         load_from_ro_regions: bool = False,
         cross_insn_opt: bool | None = None,
         const_prop: bool | None = None,
-    ):
+    ) -> IRSB:
         """
         Temporary compatibility interface for integration with block code.
         """
@@ -1075,7 +1081,7 @@ class PcodeLifterEngineMixin(SimEngineBase):
         self,
         addr: int | None = None,
         state: SimState | None = None,
-        clemory: cle.Clemory | None = None,
+        clemory: cle.Clemory | cle.ClemoryReadOnlyView | None = None,
         insn_bytes: bytes | None = None,
         arch: archinfo.Arch | None = None,
         size: int | None = None,
@@ -1090,7 +1096,7 @@ class PcodeLifterEngineMixin(SimEngineBase):
         load_from_ro_regions: bool = False,
         cross_insn_opt: bool | None = None,
         const_prop: bool | None = None,
-    ):
+    ) -> IRSB:
         """
         Lift an IRSB.
 
@@ -1137,6 +1143,7 @@ class PcodeLifterEngineMixin(SimEngineBase):
 
         # phase 1: parameter defaults
         if addr is None:
+            assert state is not None
             addr = state.solver.eval(state._ip)
         if size is not None:
             size = min(size, IRSB_MAX_SIZE)
@@ -1158,6 +1165,7 @@ class PcodeLifterEngineMixin(SimEngineBase):
                     " disabled."
                 )
             opt_level = 0
+            assert state is not None
             if state and o.OPTIMIZE_IR in state.options:
                 state.options.remove(o.OPTIMIZE_IR)
         if skip_stmts is not True:
@@ -1278,13 +1286,18 @@ class PcodeLifterEngineMixin(SimEngineBase):
                     )
                 return irsb
 
+            raise SimEngineError("Unreachable code reached")
         # phase x: error handling
         except PyVEXError as e:
             l.debug("Translation error at %#x", addr)
             raise SimTranslationError("Unable to translate bytecode") from e
 
     def _load_bytes(
-        self, addr: int, max_size: int, state: SimState | None = None, clemory: cle.Clemory | None = None
+        self,
+        addr: int,
+        max_size: int,
+        state: SimState | None = None,
+        clemory: cle.Clemory | cle.ClemoryReadOnlyView | None = None,
     ) -> tuple[bytes, int, int]:
         if clemory is None and state is None:
             raise SimEngineError("state and clemory cannot both be None in _load_bytes().")
@@ -1306,7 +1319,7 @@ class PcodeLifterEngineMixin(SimEngineBase):
 
         # Load from the clemory if we can
         if not load_from_state or not state:
-            if isinstance(clemory, cle.Clemory):
+            if isinstance(clemory, (cle.Clemory, cle.ClemoryReadOnlyView)):
                 try:
                     start, backer = next(clemory.backers(addr))
                 except StopIteration:

angr/engines/soot/expressions/__init__.py

@@ -39,10 +39,8 @@ l = logging.getLogger("angr.engines.soot.expressions")
 
 def translate_expr(expr, state):
     expr_name = expr.__class__.__name__.split(".")[-1]
-    if expr_name.startswith("Soot"):
-        expr_name = expr_name[4:]
-    if expr_name.endswith("Expr"):
-        expr_name = expr_name[:-4]
+    expr_name = expr_name.removeprefix("Soot")
+    expr_name = expr_name.removesuffix("Expr")
     expr_cls_name = "SimSootExpr_" + expr_name
 
     g = globals()

angr/engines/soot/statements/__init__.py

@@ -16,8 +16,7 @@ l = logging.getLogger("angr.engines.soot.statements")
 
 def translate_stmt(stmt, state):
     stmt_name = stmt.__class__.__name__.split(".")[-1]
-    if stmt_name.endswith("Stmt"):
-        stmt_name = stmt_name[:-4]
+    stmt_name = stmt_name.removesuffix("Stmt")
 
     stmt_cls_name = f"SimSootStmt_{stmt_name}"
     if stmt_cls_name in globals():

angr/engines/soot/values/__init__.py

@@ -12,8 +12,7 @@ from .strref import SimSootValue_StringRef
 
 def translate_value(value, state):
     value_name = value.__class__.__name__
-    if value_name.startswith("Soot"):
-        value_name = value_name[4:]
+    value_name = value_name.removeprefix("Soot")
     value_cls_name = "SimSootValue_" + value_name
 
     g = globals()

angr/engines/successors.py

@@ -269,11 +269,11 @@ class SimSuccessors:
         # categorize the state
         if o.APPROXIMATE_GUARDS in state.options and state.solver.is_false(state.scratch.guard, exact=False):
             if o.VALIDATE_APPROXIMATIONS in state.options and state.satisfiable():
-                raise Exception("WTF")
+                raise AssertionError("WTF")
             self.unsat_successors.append(state)
         elif o.APPROXIMATE_SATISFIABILITY in state.options and not state.solver.satisfiable(exact=False):
             if o.VALIDATE_APPROXIMATIONS in state.options and state.solver.satisfiable():
-                raise Exception("WTF")
+                raise AssertionError("WTF")
             self.unsat_successors.append(state)
         elif (not state.scratch.guard.symbolic and state.solver.is_false(state.scratch.guard)) or (
             o.LAZY_SOLVES not in state.options and not state.satisfiable()
@@ -295,10 +295,15 @@ class SimSuccessors:
             # syscall
             self.successors.append(state)
 
-            # Misuse the ip_at_syscall register to save the return address for this syscall
-            # state.ip *might be* changed to be the real address of syscall SimProcedures by syscall handling code in
-            # angr
-            state.regs.ip_at_syscall = state.ip
+            if "ip_at_syscall" in state.arch.registers:
+                # Misuse the ip_at_syscall register to save the return address for this syscall
+                # state.ip *might be* changed to be the real address
+                # of syscall SimProcedures by syscall handling code in angr
+                state.regs.ip_at_syscall = state.ip
+            else:
+                # The architecture doesn't have an ip_at_syscall register.
+                # Nothing to do but hope vigorously.
+                l.warning(f"Handling syscall on arch {state.arch.name:s} without ip_at_syscall register")
 
             try:
                 symbolic_syscall_num, concrete_syscall_nums = self._resolve_syscall(state)

angr/engines/vex/lifter.py

@@ -57,7 +57,7 @@ class VEXLifter(SimEngineBase):
                 self.selfmodifying_code = False
 
         # block cache
-        self._block_cache = None
+        self._block_cache: LRUCache = None
         self._block_cache_hits = 0
         self._block_cache_misses = 0
 
@@ -78,8 +78,8 @@ class VEXLifter(SimEngineBase):
         self,
         addr=None,
         state=None,
-        clemory=None,
-        insn_bytes=None,
+        clemory: cle.Clemory | cle.ClemoryReadOnlyView | None = None,
+        insn_bytes: bytes | None = None,
         offset=None,
         arch=None,
         size=None,
@@ -94,7 +94,7 @@ class VEXLifter(SimEngineBase):
         cross_insn_opt=None,
         load_from_ro_regions=False,
         const_prop=False,
-    ):
+    ) -> pyvex.IRSB:
         """
         Lift an IRSB.
 
@@ -245,6 +245,7 @@ class VEXLifter(SimEngineBase):
             raise SimEngineError(f"No bytes in memory for block starting at {addr:#x}.")
 
         # phase 5: call into pyvex
+        buff: bytes | claripy.ast.BV
         l.debug("Creating IRSB of %s at %#x", arch, addr)
         try:
             for subphase in range(2):
@@ -287,7 +288,9 @@ class VEXLifter(SimEngineBase):
                 l.debug("Using bytes: %r", pyvex.ffi.buffer(buff, size))
             raise SimTranslationError("Unable to translate bytecode") from e
 
-    def _load_bytes(self, addr, max_size, state=None, clemory=None):
+    def _load_bytes(
+        self, addr, max_size, state=None, clemory: cle.Clemory | cle.ClemoryReadOnlyView | None = None
+    ) -> tuple[bytes, int, int]:
         if clemory is None and state is None:
             raise SimEngineError("state and clemory cannot both be None in _load_bytes().")
 
@@ -308,7 +311,7 @@ class VEXLifter(SimEngineBase):
 
         # Load from the clemory if we can
         if not load_from_state or not state:
-            if isinstance(clemory, cle.Clemory):
+            if isinstance(clemory, (cle.Clemory, cle.ClemoryReadOnlyView)):
                 try:
                     start, backer = next(clemory.backers(addr))
                 except StopIteration:

angr/flirt/build_sig.py

@@ -22,9 +22,7 @@ def get_basic_info(ar_path: str) -> dict[str, str]:
     """
 
     with tempfile.TemporaryDirectory() as tempdirname:
-        cwd = os.getcwd()
-        os.chdir(tempdirname)
-        subprocess.call(["ar", "x", ar_path])
+        subprocess.call(["ar", "x", ar_path], cwd=tempdirname)
 
         # Load arch and OS information from the first .o file
         o_files = [f for f in os.listdir(".") if f.endswith(".o")]
@@ -32,8 +30,8 @@ def get_basic_info(ar_path: str) -> dict[str, str]:
             proj = angr.Project(o_files[0], auto_load_libs=False)
             arch_name = proj.arch.name.lower()
             os_name = proj.simos.name.lower()
-
-        os.chdir(cwd)
+        else:
+            raise ValueError("No .o files found in the archive.")
 
     return {
         "arch": arch_name,
@@ -64,9 +62,7 @@ def get_unique_strings(ar_path: str) -> list[str]:
     # extract the archive file into a temporary directory
     all_strings = set()
     with tempfile.TemporaryDirectory() as tempdirname:
-        cwd = os.getcwd()
-        os.chdir(tempdirname)
-        subprocess.call(["ar", "x", ar_path])
+        subprocess.call(["ar", "x", ar_path], cwd=tempdirname)
 
         for filename in os.listdir("."):
             if filename.endswith(".o"):
@@ -93,8 +89,6 @@ def get_unique_strings(ar_path: str) -> list[str]:
                     non_symbol_strings.add(s)
                 all_strings |= non_symbol_strings
 
-        os.chdir(cwd)
-
     grouped_strings = defaultdict(set)
     for s in all_strings:
         grouped_strings[s[:5]].add(s)
@@ -138,7 +132,7 @@ def process_exc_file(exc_path: str):
 
     TODO: Add caller-callee-based de-duplication.
     """
-    with open(exc_path) as f:
+    with open(exc_path, encoding="utf-8") as f:
         data = f.read()
         lines = data.split("\n")
 
@@ -184,7 +178,7 @@ def process_exc_file(exc_path: str):
         g[the_chosen_one] = "+" + line
 
     # output
-    with open(exc_path, "w") as f:
+    with open(exc_path, "w", encoding="utf-8") as f:
         for g in groups.values():
             for line in g.values():
                 f.write(line + "\n")
@@ -273,8 +267,7 @@ def main():
         basename = os.path.basename(ar_path)
 
         # sanitize basename since otherwise sigmake is not happy with it
-        if basename.endswith(".a"):
-            basename = basename[:-2]
+        basename = basename.removesuffix(".a")
         basename = basename.replace("+", "plus")
 
         # sanitize signame as well
@@ -292,7 +285,7 @@ def main():
 
             assert not has_collision
 
-    with open(meta_path, "w") as f:
+    with open(meta_path, "w", encoding="utf-8") as f:
         metadata = {
             "unique_strings": unique_strings,
         }

angr/knowledge_plugins/functions/function.py

@@ -70,13 +70,10 @@ class Function(Serializable):
         "is_simprocedure",
         "is_syscall",
         "normalized",
-        "prepared_registers",
-        "prepared_stack_variables",
         "previous_names",
         "prototype",
         "prototype_libname",
         "ran_cca",
-        "registers_read_afterwards",
         "retaddr_on_stack",
         "sp_delta",
         "startpoint",
@@ -149,9 +146,6 @@ class Function(Serializable):
         self.is_prototype_guessed: bool = True
         # Whether this function returns or not. `None` means it's not determined yet
         self._returning = None
-        self.prepared_registers = set()
-        self.prepared_stack_variables = set()
-        self.registers_read_afterwards = set()
 
         self._addr_to_block_node = {}  # map addresses to nodes. it's a cache of blocks. if a block is removed from the
         # function, it may not be removed from _addr_to_block_node. if you want to list

angr/knowledge_plugins/functions/soot_function.py

@@ -1,7 +1,11 @@
+# pylint:disable=super-init-not-called
 from __future__ import annotations
 import os
-import networkx
 from collections import defaultdict
+
+import networkx
+
+from angr.codenode import BlockNode
 from .function import Function
 
 
@@ -88,10 +92,6 @@ class SootFunction(Function):
         if hooker and hasattr(hooker, "NO_RET"):
             self.returning = not hooker.NO_RET
 
-        self.prepared_registers = set()
-        self.prepared_stack_variables = set()
-        self.registers_read_afterwards = set()
-
         # startpoint can always be None if this CFGNode is a syscall node
         self.startpoint = None
 
@@ -126,6 +126,3 @@ class SootFunction(Function):
         if isinstance(node, BlockNode) and node.addr not in self._addr_to_block_node:
             self._addr_to_block_node[node.addr] = node
         return node
-
-
-from angr.codenode import BlockNode