angr 9.2.140__py3-none-manylinux2014_x86_64.whl → 9.2.142__py3-none-manylinux2014_x86_64.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of angr might be problematic. Click here for more details.

Files changed (75) hide show
  1. angr/__init__.py +1 -1
  2. angr/analyses/calling_convention/calling_convention.py +105 -35
  3. angr/analyses/calling_convention/fact_collector.py +44 -18
  4. angr/analyses/calling_convention/utils.py +3 -1
  5. angr/analyses/cfg/cfg_base.py +38 -4
  6. angr/analyses/cfg/cfg_fast.py +23 -7
  7. angr/analyses/cfg/indirect_jump_resolvers/jumptable.py +13 -8
  8. angr/analyses/class_identifier.py +8 -7
  9. angr/analyses/complete_calling_conventions.py +1 -1
  10. angr/analyses/decompiler/ail_simplifier.py +105 -62
  11. angr/analyses/decompiler/callsite_maker.py +24 -11
  12. angr/analyses/decompiler/clinic.py +83 -5
  13. angr/analyses/decompiler/condition_processor.py +7 -7
  14. angr/analyses/decompiler/decompilation_cache.py +2 -1
  15. angr/analyses/decompiler/decompiler.py +11 -2
  16. angr/analyses/decompiler/dephication/graph_vvar_mapping.py +4 -6
  17. angr/analyses/decompiler/optimization_passes/base_ptr_save_simplifier.py +8 -2
  18. angr/analyses/decompiler/optimization_passes/condition_constprop.py +63 -34
  19. angr/analyses/decompiler/optimization_passes/duplication_reverter/duplication_reverter.py +3 -1
  20. angr/analyses/decompiler/optimization_passes/flip_boolean_cmp.py +21 -2
  21. angr/analyses/decompiler/optimization_passes/lowered_switch_simplifier.py +85 -16
  22. angr/analyses/decompiler/optimization_passes/optimization_pass.py +78 -1
  23. angr/analyses/decompiler/optimization_passes/register_save_area_simplifier.py +29 -7
  24. angr/analyses/decompiler/optimization_passes/return_duplicator_base.py +51 -7
  25. angr/analyses/decompiler/optimization_passes/stack_canary_simplifier.py +6 -0
  26. angr/analyses/decompiler/optimization_passes/win_stack_canary_simplifier.py +9 -1
  27. angr/analyses/decompiler/peephole_optimizations/eager_eval.py +44 -7
  28. angr/analyses/decompiler/region_identifier.py +76 -51
  29. angr/analyses/decompiler/region_simplifiers/expr_folding.py +32 -18
  30. angr/analyses/decompiler/region_simplifiers/region_simplifier.py +4 -1
  31. angr/analyses/decompiler/ssailification/rewriting.py +70 -32
  32. angr/analyses/decompiler/ssailification/rewriting_engine.py +118 -24
  33. angr/analyses/decompiler/ssailification/ssailification.py +22 -14
  34. angr/analyses/decompiler/stack_item.py +36 -0
  35. angr/analyses/decompiler/structured_codegen/c.py +86 -145
  36. angr/analyses/decompiler/structuring/dream.py +1 -1
  37. angr/analyses/decompiler/structuring/phoenix.py +9 -4
  38. angr/analyses/decompiler/structuring/structurer_base.py +2 -1
  39. angr/analyses/decompiler/utils.py +46 -20
  40. angr/analyses/find_objects_static.py +2 -1
  41. angr/analyses/reaching_definitions/engine_vex.py +13 -0
  42. angr/analyses/reaching_definitions/function_handler.py +24 -10
  43. angr/analyses/reaching_definitions/function_handler_library/stdio.py +1 -0
  44. angr/analyses/reaching_definitions/function_handler_library/stdlib.py +45 -12
  45. angr/analyses/reaching_definitions/function_handler_library/string.py +77 -21
  46. angr/analyses/reaching_definitions/function_handler_library/unistd.py +21 -1
  47. angr/analyses/reaching_definitions/rd_state.py +11 -7
  48. angr/analyses/s_liveness.py +44 -6
  49. angr/analyses/s_reaching_definitions/s_rda_model.py +4 -2
  50. angr/analyses/s_reaching_definitions/s_rda_view.py +43 -25
  51. angr/analyses/typehoon/simple_solver.py +35 -8
  52. angr/analyses/typehoon/typehoon.py +3 -1
  53. angr/analyses/variable_recovery/engine_ail.py +1 -1
  54. angr/analyses/variable_recovery/engine_vex.py +20 -4
  55. angr/calling_conventions.py +17 -12
  56. angr/factory.py +8 -3
  57. angr/knowledge_plugins/functions/function.py +5 -10
  58. angr/knowledge_plugins/variables/variable_manager.py +34 -5
  59. angr/procedures/definitions/__init__.py +3 -10
  60. angr/procedures/definitions/wdk_ntoskrnl.py +2 -0
  61. angr/procedures/win32_kernel/__fastfail.py +15 -0
  62. angr/sim_procedure.py +2 -2
  63. angr/simos/simos.py +17 -11
  64. angr/simos/windows.py +42 -1
  65. angr/utils/ail.py +41 -1
  66. angr/utils/cpp.py +17 -0
  67. angr/utils/doms.py +142 -0
  68. angr/utils/library.py +1 -1
  69. angr/utils/types.py +59 -0
  70. {angr-9.2.140.dist-info → angr-9.2.142.dist-info}/METADATA +7 -7
  71. {angr-9.2.140.dist-info → angr-9.2.142.dist-info}/RECORD +75 -70
  72. {angr-9.2.140.dist-info → angr-9.2.142.dist-info}/LICENSE +0 -0
  73. {angr-9.2.140.dist-info → angr-9.2.142.dist-info}/WHEEL +0 -0
  74. {angr-9.2.140.dist-info → angr-9.2.142.dist-info}/entry_points.txt +0 -0
  75. {angr-9.2.140.dist-info → angr-9.2.142.dist-info}/top_level.txt +0 -0
angr/analyses/decompiler/ssailification/ssailification.py CHANGED
@@ -79,7 +79,7 @@ class Ssailification(Analysis): # pylint:disable=abstract-method
79
79
  # calculate virtual variables and phi nodes
80
80
  self._udef_to_phiid: dict[tuple, set[int]] = None
81
81
  self._phiid_to_loc: dict[int, tuple[int, int | None]] = None
82
- self._stackvar_locs: dict[int, int] = None
82
+ self._stackvar_locs: dict[int, set[int]] = None
83
83
  self._calculate_virtual_variables(ail_graph, traversal.def_to_loc, traversal.loc_to_defs)
84
84
 
85
85
  # insert phi variables and rewrite uses
@@ -97,6 +97,7 @@ class Ssailification(Analysis): # pylint:disable=abstract-method
97
97
  self._func_args,
98
98
  vvar_id_start=vvar_id_start,
99
99
  )
100
+ self.secondary_stackvars = rewriter.secondary_stackvars
100
101
  self.out_graph = rewriter.out_graph
101
102
  self.max_vvar_id = rewriter.max_vvar_id
102
103
 
@@ -130,7 +131,7 @@ class Ssailification(Analysis): # pylint:disable=abstract-method
130
131
  if self._func_args:
131
132
  for func_arg in self._func_args:
132
133
  if func_arg.oident[0] == VirtualVariableCategory.STACK:
133
- stackvar_locs[func_arg.oident[1]] = func_arg.size
134
+ stackvar_locs[func_arg.oident[1]] = {func_arg.size}
134
135
  sorted_stackvar_offs = sorted(stackvar_locs)
135
136
  else:
136
137
  stackvar_locs = {}
@@ -157,8 +158,13 @@ class Ssailification(Analysis): # pylint:disable=abstract-method
157
158
  off = sorted_stackvar_offs[i]
158
159
  if off >= def_.addr.offset + def_.size:
159
160
  break
160
- udef_to_defs[("stack", off, stackvar_locs[off])].add(def_)
161
- udef_to_blockkeys[("stack", off, stackvar_locs[off])].add((loc.block_addr, loc.block_idx))
161
+ full_sz = max(stackvar_locs[off])
162
+ udef_to_defs[("stack", off, full_sz)].add(def_)
163
+ udef_to_blockkeys[("stack", off, full_sz)].add((loc.block_addr, loc.block_idx))
164
+ # add a definition for the partial stack variable
165
+ if def_.size in stackvar_locs[off] and def_.size < full_sz:
166
+ udef_to_defs[("stack", off, def_.size)].add(def_)
167
+ udef_to_blockkeys[("stack", off, def_.size)].add((loc.block_addr, loc.block_idx))
162
168
  elif isinstance(def_, Tmp):
163
169
  # Tmps are local to each block and do not need phi nodes
164
170
  pass
@@ -197,7 +203,15 @@ class Ssailification(Analysis): # pylint:disable=abstract-method
197
203
  return last_frontier
198
204
 
199
205
  @staticmethod
200
- def _synthesize_stackvar_locs(defs: list[Store]) -> dict[int, int]:
206
+ def _synthesize_stackvar_locs(defs: list[Store]) -> dict[int, set[int]]:
207
+ """
208
+ Derive potential locations (in terms of offsets and sizes) for stack variables based on all stack variable
209
+ definitions provided.
210
+
211
+ :param defs: Store definitions.
212
+ :return: A dictionary of stack variable offsets and their sizes.
213
+ """
214
+
201
215
  accesses: defaultdict[int, set[int]] = defaultdict(set)
202
216
  offs: set[int] = set()
203
217
 
@@ -208,7 +222,7 @@ class Ssailification(Analysis): # pylint:disable=abstract-method
208
222
  offs.add(stack_off)
209
223
 
210
224
  sorted_offs = sorted(offs)
211
- locs: dict[int, int] = {}
225
+ locs: dict[int, set[int]] = {}
212
226
  for idx, off in enumerate(sorted_offs):
213
227
  sorted_sizes = sorted(accesses[off])
214
228
  if idx < len(sorted_offs) - 1:
@@ -217,14 +231,8 @@ class Ssailification(Analysis): # pylint:disable=abstract-method
217
231
  else:
218
232
  allowed_sizes = sorted_sizes
219
233
 
220
- if len(allowed_sizes) == 1:
221
- locs[off] = allowed_sizes[0]
222
- # else:
223
- # last_off = off
224
- # for a in allowed_sizes:
225
- # locs[off + a] = off + a - last_off
226
- # last_off = off + a
227
- # TODO: Update locs for sizes beyond allowed_sizes
234
+ if allowed_sizes:
235
+ locs[off] = set(allowed_sizes)
228
236
 
229
237
  return locs
230
238
 
angr/analyses/decompiler/stack_item.py ADDED
@@ -0,0 +1,36 @@
1
+ from __future__ import annotations
2
+
3
+ from enum import Enum
4
+
5
+
6
+ class StackItemType(Enum):
7
+ """
8
+ Enum for the type of stack items.
9
+ """
10
+
11
+ UNKNOWN = 0
12
+ SAVED_BP = 1
13
+ SAVED_REGS = 2
14
+ ARGUMENT = 3
15
+ RET_ADDR = 4
16
+ STACK_CANARY = 5
17
+
18
+
19
+ class StackItem:
20
+ """
21
+ A stack item describes a piece of data that is stored on the stack at a certain offset (usually negative).
22
+ """
23
+
24
+ offset: int
25
+ size: int
26
+ name: str
27
+ item_type: StackItemType
28
+
29
+ def __init__(self, offset: int, size: int, name: str, item_type: StackItemType = StackItemType.UNKNOWN):
30
+ self.offset = offset
31
+ self.size = size
32
+ self.name = name
33
+ self.item_type = item_type
34
+
35
+ def __repr__(self):
36
+ return f"<StackItem {self.name} {self.item_type!s} at {self.offset:#x} ({self.size}b)>"