angr 9.2.78__py3-none-win_amd64.whl → 9.2.79__py3-none-win_amd64.whl

angr/__init__.py

@@ -1,7 +1,7 @@
 # pylint: disable=wildcard-import
 # pylint: disable=wrong-import-position
 
-__version__ = "9.2.78"
+__version__ = "9.2.79"
 
 if bytes is str:
     raise Exception(

angr/__main__.py

@@ -0,0 +1,34 @@
+import argparse
+
+from angr.analyses.decompiler.structuring import STRUCTURER_CLASSES
+from angr.analyses.decompiler.utils import decompile_functions
+
+
+class COMMANDS:
+    """
+    The commands that the angr CLI supports.
+    """
+
+    DECOMPILE = "decompile"
+    ALL_COMMANDS = [DECOMPILE]
+
+
+def main():
+    parser = argparse.ArgumentParser(description="The angr CLI allows you to decompile and analyze binaries.")
+    parser.add_argument("command", help="The command to run", choices=COMMANDS.ALL_COMMANDS)
+    parser.add_argument("binary", help="The path to the binary to analyze")
+    parser.add_argument("--functions", help="The functions to analyze", nargs="+")
+    parser.add_argument(
+        "--structurer", help="The structurer to use", choices=STRUCTURER_CLASSES.keys(), default="phoenix"
+    )
+
+    args = parser.parse_args()
+    if args.command == COMMANDS.DECOMPILE:
+        decompilation = decompile_functions(args.binary, functions=args.functions, structurer=args.structurer)
+        print(decompilation)
+    else:
+        parser.print_help()
+
+
+if __name__ == "__main__":
+    main()

angr/analyses/cfg/cfg_fast.py

@@ -4586,6 +4586,18 @@ class CFGFast(ForwardAnalysis[CFGNode, CFGNode, CFGJob, int], CFGBase):  # pylin
                         ):
                             rbp_as_gpr = False
                             break
+                    elif (
+                        insn.mnemonic == "lea"
+                        and len(insn.operands) == 2
+                        and insn.operands[0].type == capstone.x86.X86_OP_REG
+                        and insn.operands[1].type == capstone.x86.X86_OP_MEM
+                    ):
+                        if (
+                            insn.operands[0].reg == capstone.x86.X86_REG_RBP
+                            and insn.operands[1].mem.base == capstone.x86.X86_REG_RSP
+                        ):
+                            rbp_as_gpr = False
+                            break
                 func = self.kb.functions.get_by_addr(func_addr)
                 func.info["bp_as_gpr"] = rbp_as_gpr
 

angr/analyses/decompiler/block_simplifier.py

@@ -15,8 +15,15 @@ from ...analyses.propagator import PropagatorAnalysis
 from ...analyses.reaching_definitions import ReachingDefinitionsAnalysis
 from ...errors import SimMemoryMissingError
 from .. import Analysis, register_analysis
-from .peephole_optimizations import STMT_OPTS, EXPR_OPTS, PeepholeOptimizationStmtBase, PeepholeOptimizationExprBase
-from .utils import peephole_optimize_exprs, peephole_optimize_stmts
+from .peephole_optimizations import (
+    MULTI_STMT_OPTS,
+    STMT_OPTS,
+    EXPR_OPTS,
+    PeepholeOptimizationStmtBase,
+    PeepholeOptimizationExprBase,
+    PeepholeOptimizationMultiStmtBase,
+)
+from .utils import peephole_optimize_exprs, peephole_optimize_stmts, peephole_optimize_multistmts
 
 if TYPE_CHECKING:
     from angr.storage.memory_mixins.paged_memory.pages.multi_values import MultiValues
@@ -78,6 +85,7 @@ class BlockSimplifier(Analysis):
         if peephole_optimizations is None:
             self._expr_peephole_opts = [cls(self.project, self.kb, self.func_addr) for cls in EXPR_OPTS]
             self._stmt_peephole_opts = [cls(self.project, self.kb, self.func_addr) for cls in STMT_OPTS]
+            self._multistmt_peephole_opts = [cls(self.project, self.kb, self.func_addr) for cls in MULTI_STMT_OPTS]
         else:
             self._expr_peephole_opts = [
                 cls(self.project, self.kb, self.func_addr)
@@ -89,6 +97,11 @@ class BlockSimplifier(Analysis):
                 for cls in peephole_optimizations
                 if issubclass(cls, PeepholeOptimizationStmtBase)
             ]
+            self._multistmt_peephole_opts = [
+                cls(self.project, self.kb, self.func_addr)
+                for cls in peephole_optimizations
+                if issubclass(cls, PeepholeOptimizationMultiStmtBase)
+            ]
 
         self.result_block = None
 
@@ -404,9 +417,16 @@ class BlockSimplifier(Analysis):
         # run statement-level optimizations
         statements, stmts_updated = peephole_optimize_stmts(block, self._stmt_peephole_opts)
 
-        if not stmts_updated:
-            return block
-        new_block = block.copy(statements=statements)
+        if stmts_updated:
+            new_block = block.copy(statements=statements)
+        else:
+            new_block = block
+
+        statements, multi_stmts_updated = peephole_optimize_multistmts(new_block, self._multistmt_peephole_opts)
+
+        if not multi_stmts_updated:
+            return new_block
+        new_block = new_block.copy(statements=statements)
         return new_block
 
 

angr/analyses/decompiler/clinic.py

@@ -20,6 +20,7 @@ from ...sim_type import (
     SimTypeFunction,
     SimTypeBottom,
     SimTypeFloat,
+    SimTypePointer,
 )
 from ...sim_variable import SimVariable, SimStackVariable, SimRegisterVariable, SimMemoryVariable
 from ...knowledge_plugins.key_definitions.constants import OP_BEFORE
@@ -1247,23 +1248,32 @@ class Clinic(Analysis):
                 expr.variable_offset = offset
 
         elif isinstance(expr, ailment.Expr.Const):
-            # global variable?
-            global_vars = global_variables.get_global_variables(expr.value)
-            if not global_vars:
-                # detect if there is a related symbol
-                if self.project.loader.find_object_containing(expr.value):
-                    symbol = self.project.loader.find_symbol(expr.value)
-                    if symbol is not None:
-                        # Create a new global variable if there isn't one already
-                        global_vars = global_variables.get_global_variables(symbol.rebased_addr)
-                        if not global_vars:
-                            global_var = SimMemoryVariable(symbol.rebased_addr, symbol.size, name=symbol.name)
-                            global_variables.add_variable("global", global_var.addr, global_var)
-                            global_vars = {global_var}
-            if global_vars:
-                global_var = next(iter(global_vars))
-                expr.tags["reference_variable"] = global_var
-                expr.tags["reference_variable_offset"] = 0
+            # custom string?
+            if hasattr(expr, "custom_string") and expr.custom_string is True:
+                s = self.kb.custom_strings[expr.value]
+                expr.tags["reference_values"] = {
+                    SimTypePointer(SimTypeChar().with_arch(self.project.arch)).with_arch(self.project.arch): s.decode(
+                        "ascii"
+                    ),
+                }
+            else:
+                # global variable?
+                global_vars = global_variables.get_global_variables(expr.value)
+                if not global_vars:
+                    # detect if there is a related symbol
+                    if self.project.loader.find_object_containing(expr.value):
+                        symbol = self.project.loader.find_symbol(expr.value)
+                        if symbol is not None:
+                            # Create a new global variable if there isn't one already
+                            global_vars = global_variables.get_global_variables(symbol.rebased_addr)
+                            if not global_vars:
+                                global_var = SimMemoryVariable(symbol.rebased_addr, symbol.size, name=symbol.name)
+                                global_variables.add_variable("global", global_var.addr, global_var)
+                                global_vars = {global_var}
+                if global_vars:
+                    global_var = next(iter(global_vars))
+                    expr.tags["reference_variable"] = global_var
+                    expr.tags["reference_variable_offset"] = 0
 
         elif isinstance(expr, ailment.Stmt.Call):
             self._link_variables_on_call(variable_manager, global_variables, block, stmt_idx, expr, is_expr=True)

angr/analyses/decompiler/optimization_passes/__init__.py

@@ -50,6 +50,8 @@ def get_optimization_passes(arch, platform):
 
     if platform is not None:
         platform = platform.lower()
+    if platform == "win32":
+        platform = "windows"  # sigh
 
     passes = []
     for pass_, _ in _all_optimization_passes:

angr/analyses/decompiler/optimization_passes/engine_base.py

@@ -89,7 +89,7 @@ class SimplifierAILEngine(
         if hasattr(self, handler):
             return getattr(self, handler)(stmt)
         else:
-            _l.warning("Unsupported statement type %s.", type(stmt).__name__)
+            _l.debug("Unsupported statement type %s.", type(stmt).__name__)
             return stmt
 
     def _ail_handle_Assignment(self, stmt):
@@ -176,7 +176,7 @@ class SimplifierAILEngine(
             if v is None:
                 return expr
             return v
-        _l.warning("Unsupported expression type %s.", type(expr).__name__)
+        _l.debug("Unsupported expression type %s.", type(expr).__name__)
         return expr
 
     def _ail_handle_StackBaseOffset(self, expr):  # pylint:disable=no-self-use

angr/analyses/decompiler/optimization_passes/ite_region_converter.py

@@ -84,9 +84,9 @@ class ITERegionConverter(OptimizationPass):
 
             true_child, false_child = None, None
             for child in children:
-                if child.addr == if_stmt.true_target.value:
+                if if_stmt.true_target is not None and child.addr == if_stmt.true_target.value:
                     true_child = child
-                elif child.addr == if_stmt.false_target.value:
+                elif if_stmt.false_target is not None and child.addr == if_stmt.false_target.value:
                     false_child = child
 
             if (

angr/analyses/decompiler/optimization_passes/win_stack_canary_simplifier.py

@@ -3,6 +3,7 @@ from typing import Set, Dict
 from collections import defaultdict
 import logging
 
+import capstone
 import ailment
 import cle
 
@@ -48,24 +49,24 @@ class WinStackCanarySimplifier(OptimizationPass):
             return False, None
 
         # Check the first block and see if there is any statement reading data from _security_cookie
-        init_stmt = self._find_canary_init_stmt()
+        init_stmts = self._find_canary_init_stmt()
 
-        return init_stmt is not None, {"init_stmt": init_stmt}
+        return init_stmts is not None, {"init_stmts": init_stmts}
 
     def _analyze(self, cache=None):
-        init_stmt = None
+        init_stmts = None
         if cache is not None:
-            init_stmt = cache.get("init_stmt", None)
+            init_stmts = cache.get("init_stmts", None)
 
-        if init_stmt is None:
-            init_stmt = self._find_canary_init_stmt()
+        if init_stmts is None:
+            init_stmts = self._find_canary_init_stmt()
 
-        if init_stmt is None:
+        if init_stmts is None:
             return
 
         # Look for the statement that loads back canary value from the stack
-        first_block, canary_init_stmt_idx = init_stmt
-        canary_init_stmt = first_block.statements[canary_init_stmt_idx]
+        first_block, canary_init_stmt_ids = init_stmts
+        canary_init_stmt = first_block.statements[canary_init_stmt_ids[-1]]
         # where is the stack canary stored?
         if not isinstance(canary_init_stmt.addr, ailment.Expr.StackBaseOffset):
             _l.debug(
@@ -142,7 +143,8 @@ class WinStackCanarySimplifier(OptimizationPass):
         if found_endpoints:
             # Remove the statement that loads the stack canary from fs
             first_block_copy = first_block.copy()
-            first_block_copy.statements.pop(canary_init_stmt_idx)
+            for stmt_idx in sorted(canary_init_stmt_ids, reverse=True):
+                first_block_copy.statements.pop(stmt_idx)
             self._update_block(first_block, first_block_copy)
 
     def _find_canary_init_stmt(self):
@@ -150,7 +152,13 @@ class WinStackCanarySimplifier(OptimizationPass):
         if first_block is None:
             return None
 
+        load_stmt_idx = None
+        load_reg = None
+        xor_stmt_idx = None
+        xored_reg = None
+
         for idx, stmt in enumerate(first_block.statements):
+            # if we are lucky and things get folded into one statement:
             if (
                 isinstance(stmt, ailment.Stmt.Store)
                 and isinstance(stmt.addr, ailment.Expr.StackBaseOffset)
@@ -163,13 +171,51 @@ class WinStackCanarySimplifier(OptimizationPass):
                 # Check addr: must be __security_cookie
                 load_addr = stmt.data.operands[0].addr.value
                 if load_addr == self._security_cookie_addr:
-                    return first_block, idx
+                    return first_block, [idx]
+            # or if we are unlucky and the load and the xor are two different statements
+            if (
+                isinstance(stmt, ailment.Stmt.Assignment)
+                and isinstance(stmt.dst, ailment.Expr.Register)
+                and isinstance(stmt.src, ailment.Expr.Load)
+                and isinstance(stmt.src.addr, ailment.Expr.Const)
+            ):
+                load_addr = stmt.src.addr.value
+                if load_addr == self._security_cookie_addr:
+                    load_stmt_idx = idx
+                    load_reg = stmt.dst.reg_offset
+            if load_stmt_idx is not None and idx == load_stmt_idx + 1:
+                if (
+                    isinstance(stmt, ailment.Stmt.Assignment)
+                    and isinstance(stmt.dst, ailment.Expr.Register)
+                    and isinstance(stmt.src, ailment.Expr.BinaryOp)
+                    and stmt.src.op == "Xor"
+                    and isinstance(stmt.src.operands[0], ailment.Expr.Register)
+                    and stmt.src.operands[0].reg_offset == load_reg
+                    and isinstance(stmt.src.operands[1], ailment.Expr.StackBaseOffset)
+                ):
+                    xor_stmt_idx = idx
+                    xored_reg = stmt.dst.reg_offset
+                else:
+                    break
+            if xor_stmt_idx is not None and idx == xor_stmt_idx + 1:
+                if (
+                    isinstance(stmt, ailment.Stmt.Store)
+                    and isinstance(stmt.addr, ailment.Expr.StackBaseOffset)
+                    and isinstance(stmt.data, ailment.Expr.Register)
+                    and stmt.data.reg_offset == xored_reg
+                ):
+                    return first_block, [load_stmt_idx, xor_stmt_idx, idx]
+                else:
+                    break
 
         return None
 
     @staticmethod
     def _find_amd64_canary_storing_stmt(block, canary_value_stack_offset):
+        load_stmt_idx = None
+
         for idx, stmt in enumerate(block.statements):
+            # when we are lucky, we have one instruction
             if (
                 isinstance(stmt, ailment.Stmt.Assignment)
                 and isinstance(stmt.dst, ailment.Expr.Register)
@@ -185,7 +231,29 @@ class WinStackCanarySimplifier(OptimizationPass):
                         if isinstance(op1, ailment.Expr.StackBaseOffset):
                             # found it
                             return idx
-
+            # or when we are unlucky, we have two instructions...
+            if (
+                isinstance(stmt, ailment.Stmt.Assignment)
+                and isinstance(stmt.dst, ailment.Expr.Register)
+                and stmt.dst.reg_name == "rcx"
+                and isinstance(stmt.src, ailment.Expr.Load)
+                and isinstance(stmt.src.addr, ailment.Expr.StackBaseOffset)
+                and stmt.src.addr.offset == canary_value_stack_offset
+            ):
+                load_stmt_idx = idx
+            if load_stmt_idx is not None and idx == load_stmt_idx + 1:
+                if (
+                    isinstance(stmt, ailment.Stmt.Assignment)
+                    and isinstance(stmt.dst, ailment.Expr.Register)
+                    and isinstance(stmt.src, ailment.Expr.BinaryOp)
+                    and stmt.src.op == "Xor"
+                ):
+                    if (
+                        isinstance(stmt.src.operands[0], ailment.Expr.Register)
+                        and stmt.src.operands[0].reg_name == "rcx"
+                        and isinstance(stmt.src.operands[1], ailment.Expr.StackBaseOffset)
+                    ):
+                        return idx
         return None
 
     @staticmethod
@@ -200,6 +268,29 @@ class WinStackCanarySimplifier(OptimizationPass):
                 return idx
         return None
 
+    def _is_function_likely_security_check_cookie(self, func) -> bool:
+        # disassemble the first instruction
+        if func.is_plt or func.is_syscall or func.is_simprocedure:
+            return False
+        block = self.project.factory.block(func.addr)
+        if block.instructions != 2:
+            return False
+        ins0 = block.capstone.insns[0]
+        if (
+            ins0.mnemonic == "cmp"
+            and len(ins0.operands) == 2
+            and ins0.operands[0].type == capstone.x86.X86_OP_REG
+            and ins0.operands[0].reg == capstone.x86.X86_REG_RCX
+            and ins0.operands[1].type == capstone.x86.X86_OP_MEM
+            and ins0.operands[1].mem.base == capstone.x86.X86_REG_RIP
+            and ins0.operands[1].mem.index == 0
+            and ins0.operands[1].mem.disp + ins0.address + ins0.size == self._security_cookie_addr
+        ):
+            ins1 = block.capstone.insns[1]
+            if ins1.mnemonic == "jne":
+                return True
+        return False
+
     def _find_stmt_calling_security_check_cookie(self, node):
         for idx, stmt in enumerate(node.statements):
             if isinstance(stmt, ailment.Stmt.Call) and isinstance(stmt.target, ailment.Expr.Const):
@@ -208,5 +299,7 @@ class WinStackCanarySimplifier(OptimizationPass):
                     func = self.kb.functions.function(addr=const_target)
                     if func.name == "_security_check_cookie":
                         return idx
+                    elif self._is_function_likely_security_check_cookie(func):
+                        return idx
 
         return None

angr/analyses/decompiler/peephole_optimizations/__init__.py

@@ -40,10 +40,12 @@ from .sar_to_signed_div import SarToSignedDiv
 from .tidy_stack_addr import TidyStackAddr
 from .invert_negated_logical_conjuction_disjunction import InvertNegatedLogicalConjunctionsAndDisjunctions
 from .rol_ror import RolRorRewriter
+from .inlined_strcpy import InlinedStrcpy
+from .inlined_strcpy_consolidation import InlinedStrcpyConsolidation
 
-from .base import PeepholeOptimizationExprBase, PeepholeOptimizationStmtBase
-
+from .base import PeepholeOptimizationExprBase, PeepholeOptimizationStmtBase, PeepholeOptimizationMultiStmtBase
 
+MULTI_STMT_OPTS: List[Type[PeepholeOptimizationMultiStmtBase]] = []
 STMT_OPTS: List[Type[PeepholeOptimizationStmtBase]] = []
 EXPR_OPTS: List[Type[PeepholeOptimizationExprBase]] = []
 
@@ -55,4 +57,11 @@ for v in _g.values():
     if isinstance(v, type) and issubclass(v, PeepholeOptimizationStmtBase) and v is not PeepholeOptimizationStmtBase:
         STMT_OPTS.append(v)
 
+    if (
+        isinstance(v, type)
+        and issubclass(v, PeepholeOptimizationMultiStmtBase)
+        and v is not PeepholeOptimizationMultiStmtBase
+    ):
+        MULTI_STMT_OPTS.append(v)
+
 _g = None

angr/analyses/decompiler/peephole_optimizations/base.py

@@ -1,7 +1,7 @@
-from typing import Optional
+from typing import List, Optional
 
 from ailment.expression import BinaryOp, UnaryOp, Expression
-from ailment.statement import Assignment
+from ailment.statement import Statement, Assignment
 from ailment import Block
 from angr.project import Project
 from angr.knowledge_base import KnowledgeBase
@@ -34,6 +34,33 @@ class PeepholeOptimizationStmtBase:
         raise NotImplementedError("_optimize() is not implemented.")
 
 
+class PeepholeOptimizationMultiStmtBase:
+    """
+    The base class for all peephole optimizations that are applied on multiple AIL statements at once.
+    """
+
+    __slots__ = (
+        "project",
+        "kb",
+        "func_addr",
+    )
+    project: Optional[Project]
+    kb: Optional[KnowledgeBase]
+    func_addr: Optional[int]
+
+    NAME = "Peephole Optimization - Multi-statement"
+    DESCRIPTION = "Peephole Optimization - Multi-statement"
+    stmt_classes = None
+
+    def __init__(self, project: Optional[Project], kb: Optional[KnowledgeBase], func_addr: Optional[int] = None):
+        self.project = project
+        self.kb = kb
+        self.func_addr = func_addr
+
+    def optimize(self, stmts: List[Statement], stmt_idx: Optional[int] = None, block=None, **kwargs):
+        raise NotImplementedError("_optimize() is not implemented.")
+
+
 class PeepholeOptimizationExprBase:
     """
     The base class for all peephole optimizations that are applied on AIL expressions.

angr/analyses/decompiler/peephole_optimizations/constant_derefs.py

@@ -20,7 +20,7 @@ class ConstantDereferences(PeepholeOptimizationExprBase):
             if sec is not None and sec.is_readable and (not sec.is_writable or "got" in sec.name):
                 # do we know the value that it's reading?
                 try:
-                    val = self.project.loader.memory.unpack_word(expr.addr.value, size=self.project.arch.bytes)
+                    val = self.project.loader.memory.unpack_word(expr.addr.value, size=expr.size)
                 except KeyError:
                     return expr
 

angr/analyses/decompiler/peephole_optimizations/inlined_strcpy.py

@@ -0,0 +1,83 @@
+# pylint:disable=arguments-differ
+from typing import Tuple, Optional
+import string
+
+from archinfo import Endness
+
+from ailment.expression import Const
+from ailment.statement import Call, Store
+
+from .base import PeepholeOptimizationStmtBase
+
+
+ASCII_PRINTABLES = set(string.printable)
+ASCII_DIGITS = set(string.digits)
+
+
+class InlinedStrcpy(PeepholeOptimizationStmtBase):
+    """
+    Simplifies inlined string copying logic into calls to strcpy.
+    """
+
+    __slots__ = ()
+
+    NAME = "Simplifying inlined strcpy"
+    stmt_classes = (Store,)
+
+    def optimize(self, stmt: Store, **kwargs):
+        if isinstance(stmt.data, Const):
+            r, s = self.is_integer_likely_a_string(stmt.data.value, stmt.data.size, stmt.endness)
+            if r:
+                # replace it with a call to strncpy
+                str_id = self.kb.custom_strings.allocate(s.encode("ascii"))
+                return Call(
+                    stmt.idx,
+                    "strncpy",
+                    args=[
+                        stmt.addr,
+                        Const(None, None, str_id, stmt.addr.bits, custom_string=True),
+                        Const(None, None, len(s), self.project.arch.bits),
+                    ],
+                    **stmt.tags,
+                )
+
+        return None
+
+    @staticmethod
+    def is_integer_likely_a_string(
+        v: int, size: int, endness: Endness, min_length: int = 4
+    ) -> Tuple[bool, Optional[str]]:
+        # we need at least four bytes of printable characters
+
+        chars = []
+        if endness == Endness.LE:
+            while v != 0:
+                byt = v & 0xFF
+                if chr(byt) not in ASCII_PRINTABLES:
+                    return False, None
+                chars.append(chr(byt))
+                v >>= 8
+
+        elif endness == Endness.BE:
+            first_non_zero = False
+            for _ in range(size):
+                byt = v & 0xFF
+                v >>= 8
+                if byt == 0:
+                    if first_non_zero:
+                        return False, None
+                    continue
+                first_non_zero = True  # this is the first non-zero byte
+                if chr(byt) not in ASCII_PRINTABLES:
+                    return False, None
+                chars.append(chr(byt))
+            chars = chars[::-1]
+        else:
+            # unsupported endness
+            return False, None
+
+        if len(chars) >= min_length:
+            if len(chars) <= 4 and all(ch in ASCII_DIGITS for ch in chars):
+                return False, None
+            return True, "".join(chars)
+        return False, None

angr/analyses/decompiler/peephole_optimizations/inlined_strcpy_consolidation.py

@@ -0,0 +1,103 @@
+# pylint:disable=arguments-differ
+from typing import List, Tuple, Optional
+
+from ailment.expression import Expression, BinaryOp, Const, Register, StackBaseOffset
+from ailment.statement import Call, Store
+
+from .base import PeepholeOptimizationMultiStmtBase
+from .inlined_strcpy import InlinedStrcpy
+
+
+class InlinedStrcpyConsolidation(PeepholeOptimizationMultiStmtBase):
+    """
+    Consolidate multiple inlined strcpy calls.
+    """
+
+    __slots__ = ()
+
+    NAME = "Consolidate multiple inlined strcpy calls"
+    stmt_classes = ((Call, Call), (Call, Store))
+
+    def optimize(self, stmts: List[Call], **kwargs):
+        last_stmt, stmt = stmts
+        if InlinedStrcpyConsolidation._is_inlined_strcpy(last_stmt):
+            s_last: bytes = self.kb.custom_strings[last_stmt.args[1].value]
+            addr_last = last_stmt.args[0]
+            new_str = None  # will be set if consolidation should happen
+
+            if isinstance(stmt, Call) and InlinedStrcpyConsolidation._is_inlined_strcpy(stmt):
+                # consolidating two calls
+                s_curr: bytes = self.kb.custom_strings[stmt.args[1].value]
+                addr_curr = stmt.args[0]
+                # determine if the two addresses are consecutive
+                delta = self._get_delta(addr_last, addr_curr)
+                if delta is not None and delta == len(s_last):
+                    # consolidate both calls!
+                    new_str = s_last + s_curr
+            elif isinstance(stmt, Store) and isinstance(stmt.data, Const):
+                # consolidating a call and a store, in case the store statement is storing the suffix of a string (but
+                # the suffix is too short to qualify an inlined strcpy optimization)
+                addr_curr = stmt.addr
+                delta = self._get_delta(addr_last, addr_curr)
+                if delta is not None and delta == len(s_last):
+                    if stmt.size == 1 and stmt.data.value == 0:
+                        # it's probably the terminating null byte
+                        r, s = True, "\x00"
+                    else:
+                        r, s = InlinedStrcpy.is_integer_likely_a_string(
+                            stmt.data.value, stmt.size, stmt.endness, min_length=1
+                        )
+                    if r:
+                        new_str = s_last + s.encode("ascii")
+
+            if new_str is not None:
+                if new_str.endswith(b"\x00"):
+                    call_name = "strcpy"
+                    new_str_idx = self.kb.custom_strings.allocate(new_str[:-1])
+                    args = [
+                        last_stmt.args[0],
+                        Const(None, None, new_str_idx, last_stmt.args[0].bits, custom_string=True),
+                    ]
+                else:
+                    call_name = "strncpy"
+                    new_str_idx = self.kb.custom_strings.allocate(new_str)
+                    args = [
+                        last_stmt.args[0],
+                        Const(None, None, new_str_idx, last_stmt.args[0].bits, custom_string=True),
+                        Const(None, None, len(new_str), self.project.arch.bits),
+                    ]
+
+                return [Call(stmt.idx, call_name, args=args, **stmt.tags)]
+
+        return None
+
+    @staticmethod
+    def _is_inlined_strcpy(stmt: Call):
+        if isinstance(stmt.target, str) and stmt.target == "strncpy":
+            if len(stmt.args) == 3 and isinstance(stmt.args[1], Const) and hasattr(stmt.args[1], "custom_string"):
+                return True
+        return False
+
+    @staticmethod
+    def _parse_addr(addr: Expression) -> Tuple[Expression, int]:
+        if isinstance(addr, Register):
+            return addr, 0
+        if isinstance(addr, StackBaseOffset):
+            return StackBaseOffset(None, addr.bits, 0), addr.offset
+        if isinstance(addr, BinaryOp):
+            if addr.op == "Add" and isinstance(addr.operands[1], Const):
+                base_0, offset_0 = InlinedStrcpyConsolidation._parse_addr(addr.operands[0])
+                return base_0, offset_0 + addr.operands[1].value
+            if addr.op == "Sub" and isinstance(addr.operands[1], Const):
+                base_0, offset_0 = InlinedStrcpyConsolidation._parse_addr(addr.operands[0])
+                return base_0, offset_0 - addr.operands[1].value
+
+        return addr, 0
+
+    @staticmethod
+    def _get_delta(addr_0: Expression, addr_1: Expression) -> Optional[int]:
+        base_0, offset_0 = InlinedStrcpyConsolidation._parse_addr(addr_0)
+        base_1, offset_1 = InlinedStrcpyConsolidation._parse_addr(addr_1)
+        if base_0.likes(base_1):
+            return offset_1 - offset_0
+        return None

angr/analyses/decompiler/structured_codegen/c.py

@@ -2037,11 +2037,22 @@ class CConstant(CExpression):
                     return
                 yield hex(self.reference_values[self._type]), self
             elif isinstance(self._type, SimTypePointer) and isinstance(self._type.pts_to, SimTypeChar):
-                refval = self.reference_values[self._type]  # angr.knowledge_plugin.cfg.MemoryData
-                yield CConstant.str_to_c_str(refval.content.decode("utf-8")), self
+                refval = self.reference_values[self._type]
+                if isinstance(refval, MemoryData):
+                    v = refval.content.decode("utf-8")
+                else:
+                    # it's a string
+                    assert isinstance(v, str)
+                    v = refval
+                yield CConstant.str_to_c_str(v), self
             elif isinstance(self._type, SimTypePointer) and isinstance(self._type.pts_to, SimTypeWideChar):
-                refval = self.reference_values[self._type]  # angr.knowledge_plugin.cfg.MemoryData
-                yield CConstant.str_to_c_str(refval.content.decode("utf_16_le"), prefix="L"), self
+                refval = self.reference_values[self._type]
+                if isinstance(refval, MemoryData):
+                    v = refval.content.decode("utf_16_le")
+                else:
+                    # it's a string
+                    v = refval
+                yield CConstant.str_to_c_str(v, prefix="L"), self
             else:
                 if isinstance(self.reference_values[self._type], int):
                     yield self.fmt_int(self.reference_values[self._type]), self
@@ -3199,6 +3210,11 @@ class CStructuredCodeGenerator(BaseStructuredCodeGenerator, Analysis):
         inline_string = False
         function_pointer = False
 
+        if reference_values is None and hasattr(expr, "reference_values"):
+            reference_values = expr.reference_values.copy()
+            if reference_values:
+                type_ = next(iter(reference_values))
+
         if reference_values is None:
             reference_values = {}
             type_ = unpack_typeref(type_)

angr/analyses/decompiler/utils.py

@@ -1,9 +1,14 @@
-# pylint:disable=wrong-import-position
-from typing import Optional, Tuple, Any, Union, List
+import pathlib
+from typing import Optional, Tuple, Any, Union, List, Iterable
+import logging
 
 import networkx
+from rich.progress import track
 
 import ailment
+import angr
+
+_l = logging.getLogger(__name__)
 
 
 def remove_last_statement(node):
@@ -533,6 +538,127 @@ def peephole_optimize_stmts(block, stmt_opts):
     return statements, any_update
 
 
+def match_stmt_classes(all_stmts: List, idx: int, stmt_class_seq: Iterable[type]) -> bool:
+    for i, cls in enumerate(stmt_class_seq):
+        if idx + i >= len(all_stmts):
+            return False
+        if not isinstance(all_stmts[idx + i], cls):
+            return False
+    return True
+
+
+def peephole_optimize_multistmts(block, stmt_opts):
+    any_update = False
+    statements = block.statements[::]
+
+    # run multi-statement optimizers
+    stmt_idx = 0
+    while stmt_idx < len(statements):
+        redo = True
+        while redo and stmt_idx < len(statements):
+            redo = False
+            for opt in stmt_opts:
+                matched = False
+                stmt_seq_len = None
+                for stmt_class_seq in opt.stmt_classes:
+                    if match_stmt_classes(statements, stmt_idx, stmt_class_seq):
+                        stmt_seq_len = len(stmt_class_seq)
+                        matched = True
+                        break
+
+                if matched:
+                    matched_stmts = statements[stmt_idx : stmt_idx + stmt_seq_len]
+                    r = opt.optimize(matched_stmts, stmt_idx=stmt_idx, block=block)
+                    if r is not None:
+                        # update statements
+                        statements = statements[:stmt_idx] + r + statements[stmt_idx + stmt_seq_len :]
+                        any_update = True
+                        redo = True
+                        break
+
+        # move on to the next statement
+        stmt_idx += 1
+
+    return statements, any_update
+
+
+def decompile_functions(path, functions=None, structurer=None, catch_errors=True) -> Optional[str]:
+    """
+    Decompile a binary into a set of functions.
+
+    :param path:            The path to the binary to decompile.
+    :param functions:       The functions to decompile. If None, all functions will be decompiled.
+    :param structurer:      The structuring algorithms to use.
+    :param catch_errors:    The structuring algorithms to use.
+    :return:                The decompilation of all functions appended in order.
+    """
+    # delayed imports to avoid circular imports
+    from angr.analyses.decompiler.decompilation_options import PARAM_TO_OPTION
+
+    structurer = structurer or "phoenix"
+    path = pathlib.Path(path).resolve().absolute()
+    proj = angr.Project(path, auto_load_libs=False)
+    cfg = proj.analyses.CFG(normalize=True, data_references=True)
+    proj.analyses.CompleteCallingConventions(recover_variables=True, analyze_callsites=True)
+
+    # collect all functions when None are provided
+    if functions is None:
+        functions = cfg.functions.values()
+
+    # normalize the functions that could be ints as names
+    normalized_functions = []
+    for func in functions:
+        try:
+            normalized_name = int(func, 0)
+        except ValueError:
+            normalized_name = func
+        normalized_functions.append(normalized_name)
+    functions = normalized_functions
+
+    # verify that all functions exist
+    for func in functions:
+        if func not in cfg.functions:
+            raise ValueError(f"Function {func} does not exist in the CFG.")
+
+    # decompile all functions
+    decompilation = ""
+    dec_options = [
+        (PARAM_TO_OPTION["structurer_cls"], structurer),
+    ]
+    for func in track(functions, description="Decompiling functions", transient=True):
+        f = cfg.functions[func]
+        if f is None or f.is_plt:
+            continue
+
+        exception_string = ""
+        if not catch_errors:
+            dec = proj.analyses.Decompiler(f, cfg=cfg, options=dec_options)
+        else:
+            try:
+                # TODO: add a timeout
+                dec = proj.analyses.Decompiler(f, cfg=cfg, options=dec_options)
+            except Exception as e:
+                exception_string = str(e).replace("\n", " ")
+                dec = None
+
+        # do sanity checks on decompilation, skip checks if we already errored
+        if not exception_string:
+            if dec is None or not dec.codegen or not dec.codegen.text:
+                exception_string = "Decompilation had no code output (failed in Dec)"
+            elif "{\n}" in dec.codegen.text:
+                exception_string = "Decompilation outputted an empty function (failed in structuring)"
+            elif structurer in ["dream", "combing"] and "goto" in dec.codegen.text:
+                exception_string = "Decompilation outputted a goto for a Gotoless algorithm (failed in structuring)"
+
+        if exception_string:
+            _l.critical("Failed to decompile %s because %s", str(func), exception_string)
+            decompilation += f"// [error: {func} | {exception_string}]\n"
+        else:
+            decompilation += dec.codegen.text + "\n"
+
+    return decompilation
+
+
 # delayed import
 from .structuring.structurer_nodes import (
     MultiNode,

angr/analyses/proximity_graph.py

@@ -180,6 +180,33 @@ class ProximityGraphAnalysis(Analysis):
 
         self._work()
 
+    def _condense_blank_nodes(self, graph: networkx.DiGraph) -> None:
+        nodes = list(graph.nodes)
+        blank_nodes: List[BaseProxiNode] = []
+
+        for node in nodes:
+            if isinstance(node, BaseProxiNode) and node.type_ == ProxiNodeTypes.Empty:
+                blank_nodes.append(node)
+            else:
+                if blank_nodes:
+                    self._merge_nodes(graph, blank_nodes)
+                    blank_nodes = []
+
+        if blank_nodes:
+            self._merge_nodes(graph, blank_nodes)
+
+    def _merge_nodes(self, graph: networkx.DiGraph, nodes: List[BaseProxiNode]) -> None:
+        for node in nodes:
+            predecessors = set(graph.predecessors(node))
+            successors = set(graph.successors(node))
+
+            for pred in predecessors:
+                for succ in successors:
+                    edge_data = graph.get_edge_data(pred, node) or {}
+                    graph.add_edge(pred, succ, **edge_data)
+
+            graph.remove_node(node)
+
     def _work(self):
         self.graph = networkx.DiGraph()
 
@@ -210,6 +237,9 @@ class ProximityGraphAnalysis(Analysis):
             self.graph.add_nodes_from(subgraph.nodes())
             self.graph.add_edges_from(subgraph.edges())
 
+        # condense blank nodes after the graph has been constructed
+        self._condense_blank_nodes(self.graph)
+
     def _endnode_connector(self, func: "Function", subgraph: networkx.DiGraph):
         """
         Properly connect expanded function call's to proximity graph.

angr/knowledge_plugins/__init__.py

@@ -15,3 +15,4 @@ from .propagations import PropagationManager
 from .structured_code import StructuredCodeManager
 from .types import TypesStore
 from .callsite_prototypes import CallsitePrototypes
+from .custom_strings import CustomStrings

angr/knowledge_plugins/custom_strings.py

@@ -0,0 +1,40 @@
+from typing import Dict
+
+from .plugin import KnowledgeBasePlugin
+
+
+class CustomStrings(KnowledgeBasePlugin):
+    """
+    Store new strings that are recovered during various analysis. Each string has a unique ID associated.
+    """
+
+    def __init__(self, kb):
+        super().__init__()
+        self._kb = kb
+
+        self.string_id = 0
+        self.strings: Dict[int, bytes] = {}
+
+    def allocate(self, s: bytes) -> int:
+        # de-duplication
+        # TODO: Use a reverse map if this becomes a bottle-neck in the future
+        for idx, string in self.strings.items():
+            if string == s:
+                return idx
+
+        string_id = self.string_id
+        self.strings[string_id] = s
+        self.string_id += 1
+        return string_id
+
+    def __getitem__(self, idx):
+        return self.strings[idx]
+
+    def copy(self):
+        o = CustomStrings(self._kb)
+        o.strings = self.strings.copy()
+        o.string_id = self.string_id
+        return o
+
+
+KnowledgeBasePlugin.register_default("custom_strings", CustomStrings)

angr/knowledge_plugins/functions/function.py

@@ -80,6 +80,7 @@ class Function(Serializable):
         "is_alignment",
         "is_prototype_guessed",
         "ran_cca",
+        "_cyclomatic_complexity",
     )
 
     def __init__(
@@ -161,6 +162,9 @@ class Function(Serializable):
         self.info = {}  # storing special information, like $gp values for MIPS32
         self.tags = ()  # store function tags. can be set manually by performing CodeTagging analysis.
 
+        # Initialize _cyclomatic_complexity to None
+        self._cyclomatic_complexity = None
+
         # TODO: Can we remove the following two members?
         # Register offsets of those arguments passed in registers
         self._argument_registers = []
@@ -302,6 +306,30 @@ class Function(Serializable):
             except (SimEngineError, SimMemoryError):
                 pass
 
+    @property
+    def cyclomatic_complexity(self):
+        """
+        The cyclomatic complexity of the function.
+
+        Cyclomatic complexity is a software metric used to indicate the complexity of a program.
+        It is a quantitative measure of the number of linearly independent paths through a program's source code.
+        It is computed using the formula: M = E - N + 2P, where
+        E = the number of edges in the graph,
+        N = the number of nodes in the graph,
+        P = the number of connected components.
+
+        The cyclomatic complexity value is lazily computed and cached for future use.
+        Initially this value is None until it is computed for the first time
+
+        :return: The cyclomatic complexity of the function.
+        :rtype: int
+        """
+        if self._cyclomatic_complexity is None:
+            self._cyclomatic_complexity = (
+                self.transition_graph.number_of_edges() - self.transition_graph.number_of_nodes() + 2
+            )
+        return self._cyclomatic_complexity
+
     @property
     def xrefs(self):
         """
@@ -565,6 +593,7 @@ class Function(Serializable):
         s += "  Alignment: %s\n" % (self.alignment)
         s += f"  Arguments: reg: {self._argument_registers}, stack: {self._argument_stack_variables}\n"
         s += "  Blocks: [%s]\n" % ", ".join(["%#x" % i for i in self.block_addrs])
+        s += "  Cyclomatic Complexity: %s\n" % self.cyclomatic_complexity
         s += "  Calling convention: %s" % self.calling_convention
         return s
 

angr/procedures/definitions/msvcr.py

@@ -13,6 +13,3 @@ libc.set_non_returning('_exit', 'abort', 'exit', '_invoke_watson')
 libc.add_alias('_initterm', '_initterm_e')
 
 libc.set_default_cc('AMD64', SimCCMicrosoftAMD64)
-
-for name, procedure in libc.procedures.items():
-    libc.set_prototype(name, procedure.prototype)

angr/sim_type.py

@@ -908,6 +908,9 @@ class SimTypeFunction(SimType):
         self.arg_names = arg_names if arg_names else ()
         self.variadic = variadic
 
+    def __hash__(self):
+        return hash(type(self)) ^ hash(tuple(self.args)) ^ hash(self.returnty)
+
     def __repr__(self):
         argstrs = [str(a) for a in self.args]
         if self.variadic:

{angr-9.2.78.dist-info → angr-9.2.79.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: angr
-Version: 9.2.78
+Version: 9.2.79
 Summary: A multi-architecture binary analysis toolkit, with the ability to perform dynamic symbolic execution and various static analyses on binaries
 Home-page: https://github.com/angr/angr
 License: BSD-2-Clause
@@ -17,13 +17,13 @@ Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: CppHeaderParser
 Requires-Dist: GitPython
-Requires-Dist: ailment ==9.2.78
-Requires-Dist: archinfo ==9.2.78
+Requires-Dist: ailment ==9.2.79
+Requires-Dist: archinfo ==9.2.79
 Requires-Dist: cachetools
 Requires-Dist: capstone ==5.0.0.post1
 Requires-Dist: cffi >=1.14.0
-Requires-Dist: claripy ==9.2.78
-Requires-Dist: cle ==9.2.78
+Requires-Dist: claripy ==9.2.79
+Requires-Dist: cle ==9.2.79
 Requires-Dist: dpkt
 Requires-Dist: itanium-demangler
 Requires-Dist: mulpyplexer
@@ -32,7 +32,7 @@ Requires-Dist: networkx !=2.8.1,>=2.0
 Requires-Dist: protobuf >=3.19.0
 Requires-Dist: psutil
 Requires-Dist: pycparser >=2.18
-Requires-Dist: pyvex ==9.2.78
+Requires-Dist: pyvex ==9.2.79
 Requires-Dist: rich >=13.1.0
 Requires-Dist: rpyc
 Requires-Dist: sortedcontainers

{angr-9.2.78.dist-info → angr-9.2.79.dist-info}/RECORD

@@ -1,4 +1,5 @@
-angr/__init__.py,sha256=lOMPCK4EHkY1X2WOKEcuVn-SA30QQJCJR14H3iJUmjM,3851
+angr/__init__.py,sha256=1hDKCHV5WU-92kCqJB-WuVkZO28N6APe3LTVIuMzl7g,3851
+angr/__main__.py,sha256=kdqGysHrVO1vaW6VC6v_OTmlCO7R1-eZpiEhArmi978,1095
 angr/annocfg.py,sha256=dK5JAdN4Ig_jgxTBZeZXwk3kAS4-IQUvE6T02GBZTDQ,10818
 angr/blade.py,sha256=YySrLqj2Y3-td9FJnkjDqYyFvAeGhc5a5lrGoHKOT2A,15562
 angr/block.py,sha256=FnsFukbXhLzYPW5zJRXMxNmvCRU4LFlFIaJwo5sAqkY,14468
@@ -19,7 +20,7 @@ angr/sim_options.py,sha256=OuT01xS_F3ifBD9MAfZmNCnfjtTg0HulZlrKcs1LNSY,18057
 angr/sim_procedure.py,sha256=TpYn5z6YMKjugyH_Lw9XcEaQc8cpTxtyorBKrRYMewA,26073
 angr/sim_state.py,sha256=BhAKyfvoGfqpgAPYYT4j7drrkOdPy03ucBO7LKMz0s0,37826
 angr/sim_state_options.py,sha256=lfP7ygngjGe0AGV5rkE24tvBazJBZG-RTdrKj4rL9XE,12530
-angr/sim_type.py,sha256=illcZU3EM_fQLlphIcNSCP-6rWtXYsIq47cxs3dLHZc,116952
+angr/sim_type.py,sha256=ZU4uHgFcJyjvVMGza8_JluHKmAWbpT9S1Xb41qdydHU,117056
 angr/sim_variable.py,sha256=VIpKm4lguu_bKokjq4UB6Q_30Ogz9J7XRBJuH62lW60,17228
 angr/slicer.py,sha256=kbLKMAjf2kC6ov-OiGb95BqLmgV0QRl5mmEANcvzuAk,10640
 angr/state_hierarchy.py,sha256=w_5Tl-7h9xUXBsIKZRAWw8Xh0we8GIAaN6nbKgYH_Qo,8467
@@ -48,7 +49,7 @@ angr/analyses/flirt.py,sha256=-n6GShXV6PLKDHr4nML49ZwAAlmMIP5SDeF2KmJVKOM,7847
 angr/analyses/init_finder.py,sha256=hFHPsHipF4QkWzVqcDeTgL6YIaYi8bAyaURZBksS4KI,8531
 angr/analyses/loop_analysis.py,sha256=nIbDIzvys-FRtJYnoZYNbMWH5V88qrhoMtrMRCTbkLY,9412
 angr/analyses/loopfinder.py,sha256=X8F4Dcu2UHDXt6JifK6EfROAeeczyca6V7zxx9z7GpQ,7122
-angr/analyses/proximity_graph.py,sha256=Sm9oo8h9wtnP1hojsrjaAbkysqEHFjQQCSfZiET9244,15207
+angr/analyses/proximity_graph.py,sha256=y30caPk5N4zOzkf8TF7AEOo0AR_yDhEFJrQB89_CTnM,16323
 angr/analyses/reassembler.py,sha256=b4EnHx36yS2DNq8nes7zr2_9SozqXbeTTx2538TCm84,100415
 angr/analyses/soot_class_hierarchy.py,sha256=Cs_LRV1RLXH6sF_E49tJWg9Inxvv_o5mB-VaIBcbQJg,8941
 angr/analyses/stack_pointer_tracker.py,sha256=rL8wF12Fe3P-RXAzk4caMYapB63tYX_qs-EO6E5l1n8,26228
@@ -64,7 +65,7 @@ angr/analyses/cfg/cfg.py,sha256=1JpPGlqXXRFwE0tk26xjabT_-dq-kqAxMv7o6-DUhp4,3146
 angr/analyses/cfg/cfg_arch_options.py,sha256=YONHg6y-h6BCsBkJK9tuxb94DDfeOoy9CUS-LVyyDyg,3112
 angr/analyses/cfg/cfg_base.py,sha256=o3mAO3ha5DPWFiE_TeUll38ldal-p0IUOyXY4lNnncc,121889
 angr/analyses/cfg/cfg_emulated.py,sha256=Fi3rDN5ByxhO-H4Y7qn-3WZgBG12JGyvxcWmrD_FnFQ,152842
-angr/analyses/cfg/cfg_fast.py,sha256=IwIsPNxbIAGfHOHKf0s_X-MnBZT1mbmlgFKIXHTk51A,209786
+angr/analyses/cfg/cfg_fast.py,sha256=jaF4UXjld_GX9JdN87noJhaD5c0vvo8lcURv3xHa2RI,210389
 angr/analyses/cfg/cfg_fast_soot.py,sha256=eA_P-OY3gRRNj2BBgSPMsB_llGyFFCNW3VyGZ2uiMoM,26047
 angr/analyses/cfg/cfg_job_base.py,sha256=3IQE_Iy17xtGfsIkrKc2ERIakAYiNdLtRb_jwOGQtHU,5989
 angr/analyses/cfg/segment_list.py,sha256=XM-rcLHkl008U5xu9pkVCenhcHWAFBKwVdDLa-kGFgY,20467
@@ -91,10 +92,10 @@ angr/analyses/data_dep/sim_act_location.py,sha256=4f8jp-ahitxoHCCOSSFGJ1olvNWuHy
 angr/analyses/decompiler/__init__.py,sha256=RkTvvTwAGpaLdGSTgXxVrKmGEDRxqLCNSB-b8fM6fBM,540
 angr/analyses/decompiler/ail_simplifier.py,sha256=ZHXNxaR9yLRFbYaczolSbc1vQ1s__EhTi9fumkv8AcM,59030
 angr/analyses/decompiler/ailgraph_walker.py,sha256=sBz9Cn0GtdpuFt7R9y3oX6NFvETQTZRh6N80eM9ZdJQ,1595
-angr/analyses/decompiler/block_simplifier.py,sha256=zHHJU2ssQScZNd7_Ccxla6xe3hT_5K7iuYeA3aNyxCA,16476
+angr/analyses/decompiler/block_simplifier.py,sha256=X5kO97A1bEwSUfbwgj1cSO56qkhwPQZnIFi1DKMZQoo,17199
 angr/analyses/decompiler/call_counter.py,sha256=V3TIaSvLUy9vLEWErnvlCS--_ubGWQAeU0tqq6XYeOU,1205
 angr/analyses/decompiler/callsite_maker.py,sha256=B2lajS20_cTDWvUc-Py-2rP6UybNLd-qAjkuDJMIlX8,14938
-angr/analyses/decompiler/clinic.py,sha256=5l8QbXdI3UPah0uhiyZrwQCR4hNraMqvXm3YPhJjJQA,72021
+angr/analyses/decompiler/clinic.py,sha256=F2mcZKD0xuEFFXxQAlVQ8dnOTAP-YVCPW8pFeq8YwEo,72531
 angr/analyses/decompiler/condition_processor.py,sha256=ts7-dM1ckqDRh28Vv3YhKhNYUHdsavJah4Ta3_tb-uo,48658
 angr/analyses/decompiler/decompilation_cache.py,sha256=NveTVs6IY3TTdgsLvTb3ktftM4n0NrAJIkqjXqQ3550,1119
 angr/analyses/decompiler/decompilation_options.py,sha256=EtLBv9XG3chXmceT3irru3K7jJhguv8JilWYCHdTWyQ,7668
@@ -110,20 +111,20 @@ angr/analyses/decompiler/redundant_label_remover.py,sha256=kDGGFWWV61I5fbASiTQTH
 angr/analyses/decompiler/region_identifier.py,sha256=SQEhgXy5nHkQl6WRDTLZTtbRhxkXzT1IiBCzvP1K-p8,44389
 angr/analyses/decompiler/region_walker.py,sha256=lTfweYbY4_a2f2yGztTKG6JtU1jXf-kaz-NHbX9nkXE,717
 angr/analyses/decompiler/sequence_walker.py,sha256=mw4RG-Act5_no_RyQcsxWZwva-n7FdH2a7w_uItGUpI,8428
-angr/analyses/decompiler/utils.py,sha256=UH-9xmrI7MCBVmzQUm3U7qztqP-7AH8xuDZOeGF8hXI,19535
+angr/analyses/decompiler/utils.py,sha256=jzODnWygARpEdPLBRfgcWzEjsYS6X5W-aa_-tSODj7k,24386
 angr/analyses/decompiler/ccall_rewriters/__init__.py,sha256=wbWqZ8xG6ZvzEApkAwMsNQFC-iwF3swG1YJsaf1cIrQ,102
 angr/analyses/decompiler/ccall_rewriters/amd64_ccalls.py,sha256=PjfduEkFVcSBKUfGouVM5dekA4kO4OBUses58ewJnCk,20488
 angr/analyses/decompiler/ccall_rewriters/rewriter_base.py,sha256=gWezEKB7A_YnlfUDs8V8D5syoYAyIXSIme1BKQRoouM,498
-angr/analyses/decompiler/optimization_passes/__init__.py,sha256=x2T9gR0OHaAupuAwhKIVf8zYdQxF1BOdkF2WeZx1CQY,2729
+angr/analyses/decompiler/optimization_passes/__init__.py,sha256=inyWh1QXeFfA9JBnFsK6E-3PrCBTKuNJT8O_70Pz2KE,2794
 angr/analyses/decompiler/optimization_passes/base_ptr_save_simplifier.py,sha256=bjpEMW-Lqj5XW9NWUikGPcRn5scKNc8VvEjVMXxAuq8,5289
 angr/analyses/decompiler/optimization_passes/const_derefs.py,sha256=FEoiprXxns-3S0nFaIWm2DBW_aDMq3GZ-VOG3CIqcMw,10593
 angr/analyses/decompiler/optimization_passes/div_simplifier.py,sha256=1yTI1mmFHBMxADbrKxk9IAf3TpuNCaTLVQqWveyIx1I,17364
 angr/analyses/decompiler/optimization_passes/eager_returns.py,sha256=rSIjiTf1IzeplmACjAH99ZqebXUeJvvP_jHHmKLoMXk,11250
-angr/analyses/decompiler/optimization_passes/engine_base.py,sha256=Q920CTvgxX4ueuRJVNvN30SYC-oH5_TreKVgQ2yJcq4,10392
+angr/analyses/decompiler/optimization_passes/engine_base.py,sha256=7nnNZkVMqvikHCy9X11M8KLWbL8lF0DoLYPemETWP4c,10388
 angr/analyses/decompiler/optimization_passes/expr_op_swapper.py,sha256=vlPhWDyvuEmbGcd1ka8rS68F72Ty6Hw3J00KM3tWCus,4701
 angr/analyses/decompiler/optimization_passes/flip_boolean_cmp.py,sha256=DjkPSAI9Z_X6YXW3Emzc1s3CzIvh45HDhBihh63UuIw,3448
 angr/analyses/decompiler/optimization_passes/ite_expr_converter.py,sha256=-6znFCAXS7Z3cn5CTqr3mg4r1G_jJgDFJHk2PzMVwtE,7756
-angr/analyses/decompiler/optimization_passes/ite_region_converter.py,sha256=rZauCx835hRDr8OQBb45oSLqnikiEIcrkEA0bY4qpzE,6689
+angr/analyses/decompiler/optimization_passes/ite_region_converter.py,sha256=l571GUDoCt4hZ2RHBNVUraLl-ODmP_kb11bLKwbCIB0,6762
 angr/analyses/decompiler/optimization_passes/lowered_switch_simplifier.py,sha256=MQNtGU8paXdhTcfvYvBeTplX-htqs0WI6o-72me8fmg,34328
 angr/analyses/decompiler/optimization_passes/mod_simplifier.py,sha256=A9pPly7otXJlLkSbItU0wvjGGu6rUsNpcFw3bzy4DjY,3046
 angr/analyses/decompiler/optimization_passes/multi_simplifier.py,sha256=Ez7ye4j2VUfELxRPkNQQIY-gF9Q9SkTZxH5jt301Rx8,10968
@@ -132,9 +133,9 @@ angr/analyses/decompiler/optimization_passes/register_save_area_simplifier.py,sh
 angr/analyses/decompiler/optimization_passes/ret_addr_save_simplifier.py,sha256=_sTaGMQMFa5ATQIvNyL05UK8gCi_SaOckrZKyHZ2vfs,6470
 angr/analyses/decompiler/optimization_passes/ret_deduplicator.py,sha256=CAOGRra4PB-FCjTxQs2e-lEQ6z_CMvHsrubpbyahv0M,7797
 angr/analyses/decompiler/optimization_passes/stack_canary_simplifier.py,sha256=diqUO-k1hq9OzuC7OLMyJJODhy3i1c5Tb7d9f7lx6mU,12147
-angr/analyses/decompiler/optimization_passes/win_stack_canary_simplifier.py,sha256=F-X7Ww40BXDlnj7Ja2SjY6-u7hLubxMkjMOIwX45j50,8779
+angr/analyses/decompiler/optimization_passes/win_stack_canary_simplifier.py,sha256=BRl9s9DzEMSKugR7-N5OBukyNcoN2Y_vWbziXqF4nmE,13231
 angr/analyses/decompiler/optimization_passes/x86_gcc_getpc_simplifier.py,sha256=lwLc9QpOCTdSIb-0SK0hdxi2gzpABTk2kzdwBY20UOo,2980
-angr/analyses/decompiler/peephole_optimizations/__init__.py,sha256=0nu8k34LJeFCUeh08QiUIcey8icL_LXIwrSl-bdS1CU,2800
+angr/analyses/decompiler/peephole_optimizations/__init__.py,sha256=pe_zErF540hOybDNC0ij9B3ASQOck9PYNa64hzSEp3U,3208
 angr/analyses/decompiler/peephole_optimizations/a_div_const_add_a_mul_n_div_const.py,sha256=Whptbt1qujPPRsNX8kJaobHTwgvym7SPu-tC2wBynBs,1727
 angr/analyses/decompiler/peephole_optimizations/a_mul_const_div_shr_const.py,sha256=xuLPEVN1QdQT_5U9K4-WIdVdHTogCBOmJPWlnDW8Cz8,1365
 angr/analyses/decompiler/peephole_optimizations/a_shl_const_sub_a.py,sha256=tEr_XcYoOXcFm5paY_CEzgSOjrksz20utMZa6smF9TU,988
@@ -142,7 +143,7 @@ angr/analyses/decompiler/peephole_optimizations/a_sub_a_div.py,sha256=ocLn_4eLty
 angr/analyses/decompiler/peephole_optimizations/a_sub_a_div_const_mul_const.py,sha256=gvPg4KkQcammW4sviu272RLf7S0ASmcYfa5GAXGQX30,2050
 angr/analyses/decompiler/peephole_optimizations/a_sub_a_sub_n.py,sha256=KajKgL00mHXpEZewbwKgnZKLbZTnSB00-CGbed12uNU,619
 angr/analyses/decompiler/peephole_optimizations/arm_cmpf.py,sha256=ShdDtwrhqxUzPW2MwM98xufHo7OSL8GfNYQQCGYXrVQ,9333
-angr/analyses/decompiler/peephole_optimizations/base.py,sha256=lpcTqDJSHz4lWlolrATHG3PBWrWj9oy9XeneHSgc48A,2676
+angr/analyses/decompiler/peephole_optimizations/base.py,sha256=os9bEPHDm2p5EA4h5eoA7Uso2nAjBYySwJ9gjp5p44Q,3538
 angr/analyses/decompiler/peephole_optimizations/basepointeroffset_add_n.py,sha256=OzchLk1a0CV2ggHm6-TLpa6f_b7fj7K3Z3l6gFCUEJc,1056
 angr/analyses/decompiler/peephole_optimizations/basepointeroffset_and_mask.py,sha256=eiUgxcBVAL6PiI3ZuR6xZMNrWGDHKXO6SZSjUbM_BVw,1065
 angr/analyses/decompiler/peephole_optimizations/bitwise_or_to_logical_or.py,sha256=oocs8xmntUNzI7UUG8UFPCDheda3xAb99REPAkD7ins,1298
@@ -150,11 +151,13 @@ angr/analyses/decompiler/peephole_optimizations/bool_expr_xor_1.py,sha256=QANf71
 angr/analyses/decompiler/peephole_optimizations/bswap.py,sha256=Nrdf5f47NduOc59CjmQbmsVmys1e79HxniPExdd3NRg,3663
 angr/analyses/decompiler/peephole_optimizations/coalesce_same_cascading_ifs.py,sha256=9ogHTcP4vhFfwDzxccnjfhkizKGvM_7tK3y6PqyG5Hg,1020
 angr/analyses/decompiler/peephole_optimizations/const_mull_a_shift.py,sha256=KLdhgU_e1OglEeC7IHipql9UzYpatJc0LydXJJIakL4,3691
-angr/analyses/decompiler/peephole_optimizations/constant_derefs.py,sha256=JksMps_XeJGGtM2qlqIDRzUsEOOhUCn3D8aPx4bPClg,998
+angr/analyses/decompiler/peephole_optimizations/constant_derefs.py,sha256=SjSE3kTrPYPjsoY_pW3nZPk9IXrJwNR4lfQ9nV-QVKg,984
 angr/analyses/decompiler/peephole_optimizations/conv_a_sub0_shr_and.py,sha256=vzROAUvKUrQQmwUXJ-0WyFr1v5f8EPBgjeXIpWhtDak,2578
 angr/analyses/decompiler/peephole_optimizations/conv_shl_shr.py,sha256=0IHIk7uxIC70140k3VcXlnx4QcunAeoETXF1ZgJi2Pk,2070
 angr/analyses/decompiler/peephole_optimizations/eager_eval.py,sha256=9FXjKuBWC2oDo3tPkNOhiSOD0C_P7vA83DAp7qJfnIU,8684
 angr/analyses/decompiler/peephole_optimizations/extended_byte_and_mask.py,sha256=ymP9tDU4NipGOdFWsmLHrR6dKVcEFiaTgM1-L_dfmOM,2015
+angr/analyses/decompiler/peephole_optimizations/inlined_strcpy.py,sha256=x8ZS-ThnUiJPBacRFpOZ3gBqixamrHSCCZSR-L5jyC8,2601
+angr/analyses/decompiler/peephole_optimizations/inlined_strcpy_consolidation.py,sha256=vrXAaYKT99LJK5BLKlyQ7xtzQx6hIujqTAv0-Ur1CWo,4676
 angr/analyses/decompiler/peephole_optimizations/invert_negated_logical_conjuction_disjunction.py,sha256=a0IDp0kKBrPwhDVejPFhcNseZdprF_5EZRZs7KTR4gA,2084
 angr/analyses/decompiler/peephole_optimizations/one_sub_bool.py,sha256=kW8AbWfMqFzI1CVFp79TFX60IZxaQhRG8XUckuc-vGI,1136
 angr/analyses/decompiler/peephole_optimizations/remove_cascading_conversions.py,sha256=3a1ZoTq66HTU68y5DCC2sLvItPmqF_Kv05uvOacxsRM,591
@@ -190,7 +193,7 @@ angr/analyses/decompiler/region_simplifiers/switch_cluster_simplifier.py,sha256=
 angr/analyses/decompiler/region_simplifiers/switch_expr_simplifier.py,sha256=HGIiC6c3C91VfcqxUHe9aTsRohwmMXOHZH_G_dbwwx4,3327
 angr/analyses/decompiler/structured_codegen/__init__.py,sha256=Glc4jBCr7lZckltN9XZdSvMrGHf0swXFyKTr_QQKdWE,290
 angr/analyses/decompiler/structured_codegen/base.py,sha256=nJPOoeJCbewchYdXjSE4S2b1-WN6pT3TxmCQMDO0azw,3845
-angr/analyses/decompiler/structured_codegen/c.py,sha256=q0HM-IesR-S9SJ6eAXeMzT0Kaa8ejZ7kvbjQ-cDsMLg,128216
+angr/analyses/decompiler/structured_codegen/c.py,sha256=rJyXVUmXuzFA10jfiewfINB5WfisUIadhqje-kXTz40,128736
 angr/analyses/decompiler/structured_codegen/dummy.py,sha256=IVfmtcWpTgNCRVsuW3GdQgDnuPmvodX85V0bBYtF_BI,535
 angr/analyses/decompiler/structured_codegen/dwarf_import.py,sha256=TMz65TkF_ID_Ipocj0aFDb84H6slolN90wq0tzhY2Rk,6773
 angr/analyses/decompiler/structuring/__init__.py,sha256=eSiT6xUpv9K5-enK3OZj2lNzxwowS9_5OTrjHiPgfFs,371
@@ -418,9 +421,10 @@ angr/flirt/__init__.py,sha256=UTjDOlVPnvb5u1zYOvSrI_8F-RllvA_rWCEF1XGEswk,4428
 angr/flirt/build_sig.py,sha256=QnBVAjmBms6GiDK1v13dNE-YQ2i95qazDh0lYX5nKEs,10109
 angr/knowledge_base/__init__.py,sha256=G2QiJKD3Q1dgpSjaHwZi0FMDRI8aeu2x2Lyn9FSgS54,42
 angr/knowledge_base/knowledge_base.py,sha256=V_RDvf-VOizrB9a-FYrsuYd_bAfyPoEhxAKmZb1Z2Gc,4623
-angr/knowledge_plugins/__init__.py,sha256=4I2Xws0q8PNLPWYm5tMpg4TMbAIf4uEBEowQMApistA,655
+angr/knowledge_plugins/__init__.py,sha256=UIjrxZHnr-EaYe5tSNQ1DVE6yRJtMlJzNXGLK6ARPhw,697
 angr/knowledge_plugins/callsite_prototypes.py,sha256=nEJhJxuH_xivJRcRsFbeQ0KJuncHShfwk9WhChcMScA,1614
 angr/knowledge_plugins/comments.py,sha256=Zc8_5Y7ThGsVetdfLeI7OQSrKjmu9tSkzq_qQMcDDjE,315
+angr/knowledge_plugins/custom_strings.py,sha256=5uy6QZb40BNkLlttpgTflTQj_mPUt6v2iFSiHBns69c,1044
 angr/knowledge_plugins/data.py,sha256=iKviVL-_lqqdw_7YECDpoSmrtUSj6oKfbCYVu40T6kE,260
 angr/knowledge_plugins/debug_variables.py,sha256=N3vltNKykTsuQ3zVvxHz00Y_0_UvjZuIL47FhBrP0Kk,8223
 angr/knowledge_plugins/indirect_jumps.py,sha256=puJnKhp11eRDNZ-swEXKtZk04DJ48uM1F8gBiz5xbAs,971
@@ -435,7 +439,7 @@ angr/knowledge_plugins/cfg/cfg_node.py,sha256=Q_qqQ1LisCzTWROOQAfvyaBjS86zxcMw6I
 angr/knowledge_plugins/cfg/indirect_jump.py,sha256=yzPf1jjUNPgGP7D7IamqX6KF-EJX-heZjDEr4SRUWDA,2145
 angr/knowledge_plugins/cfg/memory_data.py,sha256=FzRUFltXrN0G3OeMZEbb3xc7I-W8AaomtCTSXUQlJ0g,5040
 angr/knowledge_plugins/functions/__init__.py,sha256=6IerJjMKKvM70mcJQhmXJYiipePOQ9ZSTmavTIUgg5Q,77
-angr/knowledge_plugins/functions/function.py,sha256=o7X2JiWUw4RmX5_3Bk8L2AxisOudC02gPMztBsJLyuI,64156
+angr/knowledge_plugins/functions/function.py,sha256=NyAznn7LnJ9QIIANsEdpjJS8hwG955ve4YHtiznpK6A,65399
 angr/knowledge_plugins/functions/function_manager.py,sha256=Nbk97zc3GCW6BzpMdZha7e8zhCOH9lD3Avw1XYZV778,17558
 angr/knowledge_plugins/functions/function_parser.py,sha256=cb_AD5oFqoyXapDBawnJV1D9XVRMBGa9GwwDudNSc3M,11916
 angr/knowledge_plugins/functions/soot_function.py,sha256=2zwz_tdKbEnF8eUkOEmpNr7AUeooun2-SiIoY_xIdMw,4971
@@ -469,7 +473,7 @@ angr/knowledge_plugins/xrefs/__init__.py,sha256=-5A2h048WTRu6Et7q7bqlc-AyBXNuJ9A
 angr/knowledge_plugins/xrefs/xref.py,sha256=w4wjDFl4xtJYOtJplp9s1AIX3wI1RE71po3ufh1M4aY,4963
 angr/knowledge_plugins/xrefs/xref_manager.py,sha256=GYF9N1t4JxkDNGAwrVLo4_NF51P4gqiuQ21F0IbloF0,4026
 angr/knowledge_plugins/xrefs/xref_types.py,sha256=VR3xLQQ-gUg25oX0OL3BJHyQRlZh2A8syBac9ZMS9n4,271
-angr/lib/angr_native.dll,sha256=iR_xY3eXAHzI6rFPt8WI36s6YBoXrYS_IB3uGXz6sJU,19209728
+angr/lib/angr_native.dll,sha256=wNtDTQv01n7sYKMAYCufrdKLyTZyoryGhAPUwdKyW8Y,19209728
 angr/misc/__init__.py,sha256=Ct-Q6-c-Frdz5Ihkqmou3j_1jyJi8WJXlQxs-gPQg0Y,237
 angr/misc/ansi.py,sha256=TKrx7d_MViChHh5RBR2VLufNrujTUioJWsZS5ugk8k4,807
 angr/misc/autoimport.py,sha256=6WT-Z6wf5NiacQhKZmR4d2bPOvNrokA7Wg0g2MUXSuw,2371
@@ -501,7 +505,7 @@ angr/procedures/definitions/gnulib.py,sha256=fH8KbaUj6bVOG_cv-JiaffWkVN-YHFbWwvR
 angr/procedures/definitions/libstdcpp.py,sha256=lhV3EGR45spEo_vNFNw2vIdPJWdByqar_sP9dFZMvKs,700
 angr/procedures/definitions/linux_kernel.py,sha256=uaTTlulqv2eeUmIkQ70-pvLT2-ay7rqMBjPazhh5RbQ,238887
 angr/procedures/definitions/linux_loader.py,sha256=sW7eQ7Dk2co_9x0ql-YsWYB8JYs0YQjGz-IM_ukp5c4,219
-angr/procedures/definitions/msvcr.py,sha256=NGJe7BRcj5XBLQmLGIAKSNTCfVuXPk2Nn1HxfKDCJ5U,700
+angr/procedures/definitions/msvcr.py,sha256=9Wvo9U8ARM93oYmID5pBSCAr9Yg0TxjXAj7Gi_Lks2s,601
 angr/procedures/definitions/ntdll.py,sha256=2X_f1WvpBncRS6nN6PwatRKtgdn6cMYb4AnvLEhCYN0,404
 angr/procedures/definitions/parse_syscalls_from_local_system.py,sha256=9OcLLDNrNb6CifvveD_yTzfhMYEN2iK46nNNjMyz3I0,1795
 angr/procedures/definitions/parse_win32json.py,sha256=zFfq0SpBjgzIDUisbzA4zTvISGslOEPHe4V2zDbqepE,84681
@@ -1406,8 +1410,9 @@ tests/storage/test_multivalues.py,sha256=x82duiIMsU9nE-6vhm-eEsofshKfbVy5d9CNgdC
 tests/storage/test_permissions.py,sha256=-Gsd1CUO7xZv7NTieiuikm33xfl33MyzIkembL3CuIw,883
 tests/storage/test_ptmalloc.py,sha256=WwORhRoN0SYC8R9aJ_RITbVKlB6JQnLyINTWbT4PidU,10592
 tests/storage/test_relro_perm.py,sha256=gqNbkYfAYr0wM-oSijS3HYi0-cbtplMDCSWQqRCqEb4,1406
-angr-9.2.78.dist-info/LICENSE,sha256=cgL_ho5B1NH8UxwtBuqThRWdjear8b7hktycaS1sz6g,1327
-angr-9.2.78.dist-info/METADATA,sha256=Iu2vpxa2607f2PY13YsRu46ImINPEmS9i15LH9wuTBo,4856
-angr-9.2.78.dist-info/WHEEL,sha256=daufdGbLJ8QgaD3d1tPsLa1xxR8oqf4qd0_Ms_reCKM,98
-angr-9.2.78.dist-info/top_level.txt,sha256=EGgw8HjaUI9JWd6w70Tzkn1AcyKTMJTVJ9OpWyaOewk,11
-angr-9.2.78.dist-info/RECORD,,
+angr-9.2.79.dist-info/LICENSE,sha256=cgL_ho5B1NH8UxwtBuqThRWdjear8b7hktycaS1sz6g,1327
+angr-9.2.79.dist-info/METADATA,sha256=LxvGZly4vzhzSGI_nGL-0XEZlf03uAge8ivhIgT3w4A,4856
+angr-9.2.79.dist-info/WHEEL,sha256=6iYPr8vTHsyDK75jr9X0V3I9wPSVmtwr_8fdATBciGk,98
+angr-9.2.79.dist-info/entry_points.txt,sha256=Vjh1C8PMyr5dZFMnik5WkEP01Uwr2T73I3a6N32sgQU,44
+angr-9.2.79.dist-info/top_level.txt,sha256=EGgw8HjaUI9JWd6w70Tzkn1AcyKTMJTVJ9OpWyaOewk,11
+angr-9.2.79.dist-info/RECORD,,

{angr-9.2.78.dist-info → angr-9.2.79.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: bdist_wheel (0.41.3)
+Generator: bdist_wheel (0.42.0)
 Root-Is-Purelib: true
 Tag: py3-none-win_amd64
 

angr-9.2.79.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+angr = angr.__main__:main