Example 6 with ReilGraph
use of com.google.security.zynamics.reil.ReilGraph in project binnavi by google.
the class OperandGraphTest method testEmpty.
@Test
public void testEmpty() {
final ReilGraph rg = new ReilGraph(new ArrayList<ReilBlock>(), new ArrayList<ReilEdge>());
final OperandGraph g = OperandGraph.create(rg);
assertEquals(0, g.nodeCount());
assertEquals(0, g.edgeCount());
}
Also used :
OperandGraph(com.google.security.zynamics.reil.algorithms.mono.OperandGraph)
ReilGraph(com.google.security.zynamics.reil.ReilGraph)
ReilEdge(com.google.security.zynamics.reil.ReilEdge)
ReilBlock(com.google.security.zynamics.reil.ReilBlock)
Test(org.junit.Test)
Example 7 with ReilGraph
use of com.google.security.zynamics.reil.ReilGraph in project binnavi by google.
the class CombineTest method testSimple.
@Test
public void testSimple() {
final ReilInstruction instruction1 = ReilHelpers.createStr(100, OperandSize.DWORD, "0", OperandSize.DWORD, "eax");
final ReilInstruction instruction2 = ReilHelpers.createJcc(101, OperandSize.DWORD, "eax", OperandSize.DWORD, "104");
final ReilInstruction instruction3 = ReilHelpers.createAdd(102, OperandSize.DWORD, "eax", OperandSize.DWORD, "4", OperandSize.DWORD, "ebx");
final ReilInstruction instruction4 = ReilHelpers.createJcc(103, OperandSize.DWORD, "1", OperandSize.DWORD, "104");
final ReilInstruction instruction5 = ReilHelpers.createAdd(104, OperandSize.DWORD, "eax", OperandSize.DWORD, "8", OperandSize.DWORD, "ebx");
final ReilInstruction instruction6 = ReilHelpers.createStr(105, OperandSize.DWORD, "ebx", OperandSize.DWORD, "ecx");
final ReilBlock block1 = new ReilBlock(Lists.newArrayList(instruction1, instruction2));
final ReilBlock block2 = new ReilBlock(Lists.newArrayList(instruction3, instruction4));
final ReilBlock block3 = new ReilBlock(Lists.newArrayList(instruction5));
final ReilBlock block4 = new ReilBlock(Lists.newArrayList(instruction6));
final ReilEdge edge1 = new ReilEdge(block1, block2, EdgeType.JUMP_UNCONDITIONAL);
final ReilEdge edge2 = new ReilEdge(block1, block3, EdgeType.JUMP_UNCONDITIONAL);
final ReilEdge edge3 = new ReilEdge(block2, block4, EdgeType.JUMP_UNCONDITIONAL);
final ReilEdge edge4 = new ReilEdge(block3, block4, EdgeType.JUMP_UNCONDITIONAL);
ReilBlock.link(block1, block2, edge1);
ReilBlock.link(block1, block3, edge2);
ReilBlock.link(block2, block4, edge3);
ReilBlock.link(block3, block4, edge4);
final ReilFunction function = new ReilFunction("Fark", new ReilGraph(Lists.newArrayList(block1, block2, block3, block4), Lists.newArrayList(edge1, edge2, edge3, edge4)));
System.out.println(function.getGraph());
final IStateVector<InstructionGraphNode, ValueTrackerElement> result = ValueTracker.track(function);
System.out.println(result);
}
Also used :
ReilGraph(com.google.security.zynamics.reil.ReilGraph)
ReilInstruction(com.google.security.zynamics.reil.ReilInstruction)
ReilEdge(com.google.security.zynamics.reil.ReilEdge)
ReilBlock(com.google.security.zynamics.reil.ReilBlock)
ReilFunction(com.google.security.zynamics.reil.ReilFunction)
ValueTrackerElement(com.google.security.zynamics.reil.algorithms.mono.valuetracking.ValueTrackerElement)
InstructionGraphNode(com.google.security.zynamics.reil.algorithms.mono.InstructionGraphNode)
Test(org.junit.Test)
Example 8 with ReilGraph
use of com.google.security.zynamics.reil.ReilGraph in project binnavi by google.
the class CReilInstructionDialog method show.
/**
* Shows the REIL instruction dialog.
*
* @param parent Parent window used for dialogs.
* @param node The node whose REIL code is shown.
*
* @throws InternalTranslationException Thrown if the instruction could not be converted to REIL
* code.
*/
public static void show(final Window parent, final INaviCodeNode node) throws InternalTranslationException {
final ReilGraph graph = CNodeFunctions.copyReilCode(parent, node);
final String title = String.format("REIL code of %s", node.getAddress().toHexString());
final String text = reilGraphToText(graph);
final CReilInstructionDialog dialog = new CReilInstructionDialog(parent, title, text);
GuiHelper.centerChildToParent(parent, dialog, true);
dialog.setVisible(true);
}
Also used :
ReilGraph(com.google.security.zynamics.reil.ReilGraph)
Example 9 with ReilGraph
use of com.google.security.zynamics.reil.ReilGraph in project binnavi by google.
the class TestFollowZFIncomingBackwards method generateReilGraph.
private void generateReilGraph(final List<List<String>> instructions, final List<String> edges) {
final Map<Long, ReilBlock> blocks = new HashMap<Long, ReilBlock>();
for (final List<String> currentBlockInstructions : instructions) {
final List<ReilInstruction> reilInstructions = new ArrayList<ReilInstruction>();
for (final String addressAndInstruction : currentBlockInstructions) {
final StringTokenizer tokenizer = new StringTokenizer(addressAndInstruction, ": [,]", false);
final long offset = Long.parseLong(tokenizer.nextToken(), 16);
final String mnemonic = tokenizer.nextToken();
if (mnemonic.equalsIgnoreCase("bisz") || mnemonic.equalsIgnoreCase("str") || mnemonic.equalsIgnoreCase("ldm") || mnemonic.equalsIgnoreCase("stm") || mnemonic.equalsIgnoreCase("jcc")) {
final OperandSize firstSize = OperandSize.valueOf(tokenizer.nextToken());
final String firstValue = tokenizer.nextToken();
tokenizer.nextToken();
final OperandSize thirdSize = OperandSize.valueOf(tokenizer.nextToken());
final String thirdValue = tokenizer.nextToken();
if (mnemonic.equalsIgnoreCase("bisz")) {
reilInstructions.add(ReilHelpers.createBisz(offset, firstSize, firstValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("str")) {
reilInstructions.add(ReilHelpers.createStr(offset, firstSize, firstValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("jcc")) {
reilInstructions.add(ReilHelpers.createJcc(offset, firstSize, firstValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("ldm")) {
reilInstructions.add(ReilHelpers.createLdm(offset, firstSize, firstValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("stm")) {
reilInstructions.add(ReilHelpers.createStm(offset, firstSize, firstValue, thirdSize, thirdValue));
}
} else if (mnemonic.equalsIgnoreCase("nop")) {
reilInstructions.add(ReilHelpers.createNop(offset));
} else {
final OperandSize firstSize = OperandSize.valueOf(tokenizer.nextToken());
final String firstValue = tokenizer.nextToken();
final OperandSize secondSize = OperandSize.valueOf(tokenizer.nextToken());
final String secondValue = tokenizer.nextToken();
final OperandSize thirdSize = OperandSize.valueOf(tokenizer.nextToken());
final String thirdValue = tokenizer.nextToken();
if (mnemonic.equalsIgnoreCase("add")) {
reilInstructions.add(ReilHelpers.createAdd(offset, firstSize, firstValue, secondSize, secondValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("and")) {
reilInstructions.add(ReilHelpers.createAnd(offset, firstSize, firstValue, secondSize, secondValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("bsh")) {
reilInstructions.add(ReilHelpers.createBsh(offset, firstSize, firstValue, secondSize, secondValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("div")) {
reilInstructions.add(ReilHelpers.createDiv(offset, firstSize, firstValue, secondSize, secondValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("mod")) {
reilInstructions.add(ReilHelpers.createMod(offset, firstSize, firstValue, secondSize, secondValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("mul")) {
reilInstructions.add(ReilHelpers.createMul(offset, firstSize, firstValue, secondSize, secondValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("or")) {
reilInstructions.add(ReilHelpers.createOr(offset, firstSize, firstValue, secondSize, secondValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("sub")) {
reilInstructions.add(ReilHelpers.createSub(offset, firstSize, firstValue, secondSize, secondValue, thirdSize, thirdValue));
}
if (mnemonic.equalsIgnoreCase("xor")) {
reilInstructions.add(ReilHelpers.createXor(offset, firstSize, firstValue, secondSize, secondValue, thirdSize, thirdValue));
}
}
}
blocks.put(reilInstructions.get(0).getAddress().toLong(), new ReilBlock(reilInstructions));
}
final List<ReilEdge> reilEdges = new ArrayList<ReilEdge>();
for (final String edge : edges) {
final StringTokenizer edgeTokenizer = new StringTokenizer(edge, " []->");
final Long sourceAddress = Long.parseLong(edgeTokenizer.nextToken(), 16);
final EdgeType type = Enum.valueOf(EdgeType.class, edgeTokenizer.nextToken().toUpperCase());
final Long targetAddress = Long.parseLong(edgeTokenizer.nextToken(), 16);
final ReilEdge reilEdge = new ReilEdge(blocks.get(sourceAddress), blocks.get(targetAddress), type);
ReilBlock.link(blocks.get(sourceAddress), blocks.get(targetAddress), reilEdge);
}
m_graph1 = new ReilGraph(Lists.newArrayList(blocks.values()), reilEdges);
}
Also used :
ReilGraph(com.google.security.zynamics.reil.ReilGraph)
ReilInstruction(com.google.security.zynamics.reil.ReilInstruction)
HashMap(java.util.HashMap)
ReilEdge(com.google.security.zynamics.reil.ReilEdge)
ReilBlock(com.google.security.zynamics.reil.ReilBlock)
ArrayList(java.util.ArrayList)
EdgeType(com.google.security.zynamics.zylib.gui.zygraph.edges.EdgeType)
StringTokenizer(java.util.StringTokenizer)
OperandSize(com.google.security.zynamics.reil.OperandSize)
Example 10 with ReilGraph
use of com.google.security.zynamics.reil.ReilGraph in project binnavi by google.
the class ReilTranslatorTest method testRepStosStos.
@Test
public void testRepStosStos() throws InternalTranslationException {
final MockCodeContainer container = new MockCodeContainer();
container.m_instructions.add(new MockInstruction(0x100, "rep stosb", Lists.newArrayList(new MockOperandTree(), new MockOperandTree())));
container.m_instructions.add(new MockInstruction(0x200, "stosb", new ArrayList<MockOperandTree>()));
final ReilGraph g = m_translator.translate(new StandardEnvironment(), container);
System.out.println(g);
assertEquals(9, g.nodeCount());
assertEquals(11, g.edgeCount());
}
Also used :
ReilGraph(com.google.security.zynamics.reil.ReilGraph)
MockCodeContainer(com.google.security.zynamics.zylib.disassembly.MockCodeContainer)
MockInstruction(com.google.security.zynamics.zylib.disassembly.MockInstruction)
MockOperandTree(com.google.security.zynamics.zylib.disassembly.MockOperandTree)
ArrayList(java.util.ArrayList)
StandardEnvironment(com.google.security.zynamics.reil.translators.StandardEnvironment)
Test(org.junit.Test)
Aggregations
ReilGraph (com.google.security.zynamics.reil.ReilGraph)15
Test (org.junit.Test)11
ReilBlock (com.google.security.zynamics.reil.ReilBlock)10
ReilEdge (com.google.security.zynamics.reil.ReilEdge)10
ArrayList (java.util.ArrayList)7
ReilInstruction (com.google.security.zynamics.reil.ReilInstruction)6
StandardEnvironment (com.google.security.zynamics.reil.translators.StandardEnvironment)4
ReilFunction (com.google.security.zynamics.reil.ReilFunction)3
InstructionGraph (com.google.security.zynamics.reil.algorithms.mono.InstructionGraph)3
OperandGraph (com.google.security.zynamics.reil.algorithms.mono.OperandGraph)3
MockInstruction (com.google.security.zynamics.zylib.disassembly.MockInstruction)3
InstructionGraphNode (com.google.security.zynamics.reil.algorithms.mono.InstructionGraphNode)2
ValueTrackerElement (com.google.security.zynamics.reil.algorithms.mono.valuetracking.ValueTrackerElement)2
HashMap (java.util.HashMap)2
INaviInstruction (com.google.security.zynamics.binnavi.disassembly.INaviInstruction)1
OperandSize (com.google.security.zynamics.reil.OperandSize)1
ReilTranslator (com.google.security.zynamics.reil.translators.ReilTranslator)1
IAddress (com.google.security.zynamics.zylib.disassembly.IAddress)1
ICodeContainer (com.google.security.zynamics.zylib.disassembly.ICodeContainer)1
IInstruction (com.google.security.zynamics.zylib.disassembly.IInstruction)1
