Examples with Address com.google.security.zynamics.binnavi.API.disassembly.Address used on opensource projects

Example 41 with Address

use of com.google.security.zynamics.binnavi.API.disassembly.Address in project binnavi by google.

the class IndirectCallFinder method find.

/**
 * Returns information about all indirect call instructions of a module.
 *
 * @param module The module whose indirect call instructions are found.
 *
 * @return A list of indirect call information.
 */
public static List<IndirectCall> find(final Module module) {
    final Set<Address> importedFunctionCalls = getDirectFunctionCalls(module);
    final Map<Address, Function> functionMap = new HashMap<Address, Function>();
    for (final Function function : module.getFunctions()) {
        functionMap.put(function.getAddress(), function);
    }
    // TODO (timkornau): make sure to only include the call sides which we are willing to
    // take a look at depending on the architecture of the module.
    final String callMnemonics = // x86
    "'call', " + // MIPS
    "'bal', 'bgezal', 'bgezall', 'bltzal', 'bltzall', 'jal', 'jalr', " + // ARM
    "'bl', 'blx', " + // PowerPC
    "'bcctrl', 'bcctr'";
    final String registerOrdinal = String.valueOf(ExpressionType.Register.ordinal() + 1);
    final String dereferenceOrdinal = String.valueOf(ExpressionType.MemDeref.ordinal() + 1);
    final String query = "SELECT ft.address AS faddress, it.address AS iaddress " + " FROM " + TableNames.FUNCTIONS_TABLE + " AS ft " + " JOIN " + TableNames.FUNCTION_VIEWS_TABLE + " AS fvt ON ft.address = fvt.function " + " AND ft.module_id = fvt.module_id" + " JOIN " + TableNames.NODES_TABLE + " AS nt ON fvt.view_id = nt.view_id " + " JOIN " + TableNames.CODENODE_INSTRUCTIONS_TABLE + " AS cit ON nt.id = cit.node_id " + " AND cit.module_id = ft.module_id " + " JOIN " + TableNames.INSTRUCTIONS_TABLE + " AS it ON it.address = cit.address " + " AND it.module_id = cit.module_id" + " JOIN " + TableNames.OPERANDS_TABLE + " AS ot ON it.address = ot.address " + " AND it.module_id = ot.module_id" + " JOIN " + TableNames.EXPRESSION_TREE_MAPPING_TABLE + " AS etm ON ot.expression_tree_id = etm.tree_id " + " AND etm.module_id = ft.module_id" + " JOIN " + TableNames.EXPRESSION_TREE_TABLE + " AS et ON et.id = etm.tree_node_id " + " AND et.module_id = ft.module_id" + " WHERE ft.module_id = " + module.getId() + " and mnemonic in (" + callMnemonics + ") " + " AND (et.type in (" + registerOrdinal + ", " + dereferenceOrdinal + "))" + " GROUP BY faddress, iaddress";
    final List<IndirectCall> addresses = new ArrayList<IndirectCall>();
    try {
        final ResultSet resultSet = module.getDatabase().executeQuery(query);
        try {
            while (resultSet.next()) {
                final Address address = new Address(resultSet.getLong("iaddress"));
                if (importedFunctionCalls.contains(address)) {
                    continue;
                }
                final Address faddress = new Address(resultSet.getLong("faddress"));
                final Function function = functionMap.get(faddress);
                addresses.add(new IndirectCall(module, function, address));
            }
        } finally {
            resultSet.close();
        }
        return addresses;
    } catch (final SQLException exception) {
        exception.printStackTrace();
        return new ArrayList<IndirectCall>();
    }
}

Example 42 with Address

use of com.google.security.zynamics.binnavi.API.disassembly.Address in project binnavi by google.

the class OutputListGenerator method generate.

/**
 * Generates a string that shows the resolved functions.
 *
 * @param resolvedAddresses The function resolver result.
 *
 * @return The string that shows the resolved functions.
 */
public static String generate(final Map<BigInteger, Set<ResolvedFunction>> resolvedAddresses) {
    assert resolvedAddresses != null;
    final StringBuffer buffer = new StringBuffer();
    buffer.append("Resolved the following indirect calls:\n");
    for (final Entry<BigInteger, Set<ResolvedFunction>> element : sort(resolvedAddresses.entrySet())) {
        final BigInteger start = element.getKey();
        final Set<ResolvedFunction> targets = element.getValue();
        buffer.append(String.format("%08X ->\n", start.longValue()));
        for (final ResolvedFunction target : targets) {
            if (target.getFunction() != null) {
                final Function function = target.getFunction();
                final Address functionAddress = function.getAddress();
                final String functionName = function.getModule().getName() + "!" + function.getName();
                buffer.append(String.format("  %08X (%s)\n", functionAddress.toLong(), functionName));
            } else if (target.getMemoryModule() != null) {
                final MemoryModule module = target.getMemoryModule();
                final Address functionAddress = target.getAddress();
                final String functionName = module.getName() + "!???";
                buffer.append(String.format("  %08X (%s)\n", functionAddress.toLong(), functionName));
            } else {
                final Address address = target.getAddress();
                buffer.append(String.format("  %s (%s)\n", address.toHexString().toUpperCase(), "???!???"));
            }
        }
    }
    return buffer.toString();
}

Example 43 with Address

use of com.google.security.zynamics.binnavi.API.disassembly.Address in project binnavi by google.

the class CallResolver method resolveFunctions.

private void resolveFunctions(final Module module) {
    if (!module.isLoaded()) {
        return;
    }
    final Map<Address, Function> functionMap = new HashMap<Address, Function>();
    for (final Function function : module.getFunctions()) {
        final Address rebasedAddress = target.getDebugger().toImagebase(module, function.getAddress());
        functionMap.put(rebasedAddress, function);
    }
    resolvedFunctions.put(module, functionMap);
}

Example 44 with Address

use of com.google.security.zynamics.binnavi.API.disassembly.Address in project binnavi by google.

the class BreakpointHelpers method getBreakpoints.

/**
 * Returns the addresses of a view where breakpoints are set.
 *
 * @param debugger The debugger that set the breakpoint.
 * @param view The view to search through.
 * @param type Type of the breakpoints to search for.
 *
 * @return The addresses of the view where breakpoints of a given type are set.
 */
private static List<Address> getBreakpoints(final Debugger debugger, final View view, final BreakpointType type) {
    Preconditions.checkNotNull(debugger, "Error: Debugger argument can not be null");
    Preconditions.checkNotNull(view, "Error: View argument can not be null");
    final BreakpointManager manager = debugger.getBreakpointManager();
    final List<Address> breakpoints = new ArrayList<Address>();
    for (final ViewNode node : view.getGraph().getNodes()) {
        if (node instanceof CodeNode) {
            breakpoints.addAll(getBreakpoints(debugger, (CodeNode) node, type));
        } else if (node instanceof FunctionNode) {
            final FunctionNode fnode = (FunctionNode) node;
            final BreakpointAddress address = new BreakpointAddress(fnode.getFunction().getNative().getModule(), new UnrelocatedAddress(fnode.getFunction().getNative().getAddress()));
            if (manager.getNative().hasBreakpoint(type, address)) {
                breakpoints.add(new Address(address.getAddress().getAddress().toBigInteger()));
            }
        }
    }
    return breakpoints;
}