Examples with ReilInstruction com.google.security.zynamics.reil.ReilInstruction used on opensource projects

Search in sources :

Example 16 with ReilInstruction

use of com.google.security.zynamics.reil.ReilInstruction in project binnavi by google.

the class OperandGraph method createInitialMap.

private static Map<ReilBlock, Pair<List<OperandGraphNode>, List<OperandGraphEdge>>> createInitialMap(final ReilGraph graph) {
    final Map<ReilBlock, Pair<List<OperandGraphNode>, List<OperandGraphEdge>>> graphMap = new HashMap<ReilBlock, Pair<List<OperandGraphNode>, List<OperandGraphEdge>>>();
    for (final ReilBlock block : graph) {
        final List<OperandGraphNode> nodes = new ArrayList<OperandGraphNode>();
        final List<OperandGraphEdge> edges = new ArrayList<OperandGraphEdge>();
        graphMap.put(block, new Pair<List<OperandGraphNode>, List<OperandGraphEdge>>(nodes, edges));
        final Map<String, OperandGraphNode> defines = new HashMap<String, OperandGraphNode>();
        for (final ReilInstruction instruction : block) {
            final Integer mnemonic = instruction.getMnemonicCode();
            OperandGraphNode firstNode = null;
            OperandGraphNode secondNode = null;
            if (ReilHelpers.usesFirstOperand(mnemonic)) {
                firstNode = create(instruction, 0, nodes, edges, defines);
            }
            if (ReilHelpers.usesSecondOperand(mnemonic)) {
                secondNode = create(instruction, 1, nodes, edges, defines);
            }
            if (ReilHelpers.writesThirdOperand(mnemonic)) {
                final OperandGraphNode node = new OperandGraphNode(instruction, 2);
                nodes.add(node);
                defines.put(instruction.getThirdOperand().getValue(), node);
                if (firstNode != null) {
                    final OperandGraphEdge edge = new OperandGraphEdge(firstNode, node);
                    edges.add(edge);
                    OperandGraphNode.link(firstNode, node);
                }
                if (secondNode != null) {
                    final OperandGraphEdge edge = new OperandGraphEdge(secondNode, node);
                    edges.add(edge);
                    OperandGraphNode.link(secondNode, node);
                }
            }
        }
    }
    return graphMap;
}
Also used : ReilInstruction(com.google.security.zynamics.reil.ReilInstruction) HashMap(java.util.HashMap) ReilBlock(com.google.security.zynamics.reil.ReilBlock) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) Pair(com.google.security.zynamics.zylib.general.Pair)

Example 17 with ReilInstruction

use of com.google.security.zynamics.reil.ReilInstruction in project binnavi by google.

the class OperandGraph method findDefinition.

private static OperandGraphNode findDefinition(final OperandGraphNode search, final ReilBlock block, final Map<ReilBlock, Pair<List<OperandGraphNode>, List<OperandGraphEdge>>> graphMap, boolean found) {
    final String value = search.getValue();
    final List<ReilInstruction> instructions = Lists.newArrayList(block.getInstructions());
    for (int i = instructions.size() - 1; i >= 0; i--) {
        final ReilInstruction instruction = instructions.get(i);
        if (search.getInstruction() == instruction) {
            found = true;
        }
        if (!found) {
            continue;
        }
        //don't link self-dependency
        if (search.getInstruction() == instruction)
            continue;
        if (ReilHelpers.writesThirdOperand(instruction.getMnemonicCode()) && instruction.getThirdOperand().getValue().equals(value)) {
            final List<OperandGraphNode> nodes = graphMap.get(block).first();
            for (final OperandGraphNode node : nodes) {
                if ((node.getInstruction() == instruction) && (node.getIndex() == 2)) {
                    return node;
                }
            }
        }
    }
    return null;
}
Also used : ReilInstruction(com.google.security.zynamics.reil.ReilInstruction)

Example 18 with ReilInstruction

use of com.google.security.zynamics.reil.ReilInstruction in project binnavi by google.

the class PerInstructionTransformationProvider method transform.

@Override
public Pair<LatticeElementType, LatticeElementType> transform(final IInstructionGraphNode n, final LatticeElementType state) {
    final ReilInstruction ins = n.getReilInstruction();
    final Integer mnemonic = ins.getMnemonicCode();
    switch(mnemonic) {
        case ReilHelpers._OPCODE_ADD:
            return transformAdd(ins, state);
        case ReilHelpers._OPCODE_AND:
            return transformAnd(ins, state);
        case ReilHelpers._OPCODE_BISZ:
            return transformBisz(ins, state);
        case ReilHelpers._OPCODE_BSH:
            return transformBsh(ins, state);
        case ReilHelpers._OPCODE_DIV:
            return transformDiv(ins, state);
        case ReilHelpers._OPCODE_JCC:
            return transformJcc(ins, state);
        case ReilHelpers._OPCODE_LDM:
            return transformLdm(ins, state);
        case ReilHelpers._OPCODE_MOD:
            return transformMod(ins, state);
        case ReilHelpers._OPCODE_MUL:
            return transformMod(ins, state);
        case ReilHelpers._OPCODE_NOP:
            return transformNop(ins, state);
        case ReilHelpers._OPCODE_OR:
            return transformOr(ins, state);
        case ReilHelpers._OPCODE_STM:
            return transformStm(ins, state);
        case ReilHelpers._OPCODE_STR:
            return transformStr(ins, state);
        case ReilHelpers._OPCODE_SUB:
            return transformSub(ins, state);
        case ReilHelpers._OPCODE_UNDEF:
            return transformUndef(ins, state);
        case ReilHelpers._OPCODE_UNKNOWN:
            return transformUnknown(ins, state);
        case ReilHelpers._OPCODE_XOR:
            return transformXor(ins, state);
        default:
            return transformUnknownOpcode(ins, state);
    }
}
Also used : ReilInstruction(com.google.security.zynamics.reil.ReilInstruction)

Example 19 with ReilInstruction

use of com.google.security.zynamics.reil.ReilInstruction in project binnavi by google.

the class Helpers method writeMulResult.

public static ArrayList<ReilInstruction> writeMulResult(final ITranslationEnvironment environment, final long offset, final String result, final OperandSize size) {
    final ArrayList<ReilInstruction> instructions = new ArrayList<ReilInstruction>();
    final OperandSize archSize = environment.getArchitectureSize();
    if (size == OperandSize.BYTE) {
        // Store the result in AX
        final String maskedEax = environment.getNextVariableString();
        instructions.add(ReilHelpers.createAnd(offset, archSize, "eax", archSize, "4294901760", archSize, maskedEax));
        instructions.add(ReilHelpers.createOr(offset + 1, OperandSize.WORD, result, archSize, maskedEax, archSize, "eax"));
        return instructions;
    } else if (size == OperandSize.WORD) {
        // Store the result in DX:AX
        final String maskResNeg = "4294901760";
        final String maskedEax = environment.getNextVariableString();
        final String maskedResult = environment.getNextVariableString();
        final String maskedEdx = environment.getNextVariableString();
        final String shiftedResult = environment.getNextVariableString();
        // Store the lower half in AX
        instructions.add(ReilHelpers.createAnd(offset, OperandSize.DWORD, "eax", OperandSize.DWORD, maskResNeg, OperandSize.DWORD, maskedEax));
        instructions.add(ReilHelpers.createAnd(offset + 1, OperandSize.DWORD, result, OperandSize.DWORD, "65535", OperandSize.DWORD, maskedResult));
        instructions.add(ReilHelpers.createOr(offset + 2, OperandSize.DWORD, maskedEax, OperandSize.DWORD, maskedResult, OperandSize.DWORD, "eax"));
        // Store the upper half in DX
        instructions.add(ReilHelpers.createAnd(offset + 3, OperandSize.DWORD, "edx", OperandSize.DWORD, maskResNeg, OperandSize.DWORD, maskedEdx));
        instructions.add(ReilHelpers.createBsh(offset + 4, OperandSize.DWORD, result, OperandSize.DWORD, "-16", OperandSize.DWORD, shiftedResult));
        instructions.add(ReilHelpers.createOr(offset + 5, OperandSize.DWORD, maskedEdx, OperandSize.DWORD, shiftedResult, OperandSize.DWORD, "edx"));
        return instructions;
    } else if (size == OperandSize.DWORD) {
        // Store the result in EDX:EAX
        instructions.add(ReilHelpers.createAnd(offset, OperandSize.QWORD, result, OperandSize.DWORD, "4294967295", OperandSize.DWORD, "eax"));
        instructions.add(ReilHelpers.createBsh(offset + 1, OperandSize.QWORD, result, OperandSize.QWORD, "-32", OperandSize.DWORD, "edx"));
        return instructions;
    } else {
        assert false;
        return instructions;
    }
}
Also used : ReilInstruction(com.google.security.zynamics.reil.ReilInstruction) ArrayList(java.util.ArrayList) OperandSize(com.google.security.zynamics.reil.OperandSize)

Example 20 with ReilInstruction

use of com.google.security.zynamics.reil.ReilInstruction in project binnavi by google.

the class Helpers method loadFirstDivOperand.

public static TranslationResult loadFirstDivOperand(final ITranslationEnvironment environment, final long offset, final OperandSize size) {
    final ArrayList<ReilInstruction> instructions = new ArrayList<ReilInstruction>();
    final OperandSize archSize = environment.getArchitectureSize();
    if (size == OperandSize.BYTE) {
        final String dividend = environment.getNextVariableString();
        instructions.add(ReilHelpers.createAnd(offset, archSize, "eax", OperandSize.BYTE, "255", OperandSize.BYTE, dividend));
        return new TranslationResult(dividend, OperandSize.BYTE, TranslationResultType.REGISTER, null, instructions, offset);
    } else if (size == OperandSize.WORD) {
        final String extractedAx = environment.getNextVariableString();
        final String extractedDx = environment.getNextVariableString();
        final String shiftedDx = environment.getNextVariableString();
        final String dividend = environment.getNextVariableString();
        instructions.add(ReilHelpers.createAnd(offset, archSize, "eax", OperandSize.WORD, "65535", size, extractedAx));
        instructions.add(ReilHelpers.createAnd(offset + 1, archSize, "edx", OperandSize.WORD, "65535", size, extractedDx));
        instructions.add(ReilHelpers.createBsh(offset + 2, OperandSize.WORD, extractedDx, OperandSize.WORD, "16", OperandSize.DWORD, shiftedDx));
        instructions.add(ReilHelpers.createOr(offset + 3, OperandSize.WORD, extractedAx, OperandSize.DWORD, shiftedDx, OperandSize.DWORD, dividend));
        return new TranslationResult(dividend, OperandSize.DWORD, TranslationResultType.REGISTER, null, instructions, offset);
    } else if (size == OperandSize.DWORD) {
        final String shiftedEdx = environment.getNextVariableString();
        final String dividend = environment.getNextVariableString();
        instructions.add(ReilHelpers.createBsh(offset, OperandSize.DWORD, "edx", OperandSize.DWORD, "32", OperandSize.QWORD, shiftedEdx));
        instructions.add(ReilHelpers.createOr(offset + 1, OperandSize.DWORD, "eax", OperandSize.QWORD, shiftedEdx, OperandSize.QWORD, dividend));
        return new TranslationResult(dividend, OperandSize.QWORD, TranslationResultType.REGISTER, null, instructions, offset);
    } else {
        assert false;
        return null;
    }
}
Also used : ReilInstruction(com.google.security.zynamics.reil.ReilInstruction) ArrayList(java.util.ArrayList) TranslationResult(com.google.security.zynamics.reil.translators.TranslationResult) OperandSize(com.google.security.zynamics.reil.OperandSize)

Aggregations

ReilInstruction (com.google.security.zynamics.reil.ReilInstruction)144 Test (org.junit.Test)102 TreeSet (java.util.TreeSet)73 ArrayList (java.util.ArrayList)35 IInstruction (com.google.security.zynamics.zylib.disassembly.IInstruction)18 OperandSize (com.google.security.zynamics.reil.OperandSize)16 ReilBlock (com.google.security.zynamics.reil.ReilBlock)16 MockInstruction (com.google.security.zynamics.zylib.disassembly.MockInstruction)16 MockOperandTree (com.google.security.zynamics.zylib.disassembly.MockOperandTree)16 MockOperandTreeNode (com.google.security.zynamics.zylib.disassembly.MockOperandTreeNode)16 ReilEdge (com.google.security.zynamics.reil.ReilEdge)12 HashMap (java.util.HashMap)12 TranslationResult (com.google.security.zynamics.reil.translators.TranslationResult)9 IAddress (com.google.security.zynamics.zylib.disassembly.IAddress)7 List (java.util.List)7 ReilGraph (com.google.security.zynamics.reil.ReilGraph)6 InternalTranslationException (com.google.security.zynamics.reil.translators.InternalTranslationException)6 BigInteger (java.math.BigInteger)6 INaviInstruction (com.google.security.zynamics.binnavi.disassembly.INaviInstruction)5 ValueTrackerElement (com.google.security.zynamics.reil.algorithms.mono.valuetracking.ValueTrackerElement)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial