Examples with ValueTrackerElement com.google.security.zynamics.reil.algorithms.mono.valuetracking.ValueTrackerElement used on opensource projects

Example 1 with ValueTrackerElement

use of com.google.security.zynamics.reil.algorithms.mono.valuetracking.ValueTrackerElement in project binnavi by google.

the class StateCombiner method combine.

public static ValueTrackerElement combine(final List<IInfluencingState<ValueTrackerElement, WalkInformation>> states) {
    if (states.size() == 2) {
        final ValueTrackerElement state1 = states.get(0).getElement();
        final ValueTrackerElement state2 = states.get(1).getElement();
        if (state1.equals(state2)) {
            return state1.clone();
        } else {
            final ValueTrackerElement result = combine(state1, state2);
            if (result.getStates().size() < state1.getStates().size()) {
                System.out.println(state1);
                System.out.println(state2);
                System.out.println(result);
                throw new IllegalStateException();
            }
            if (result.getStates().size() < state2.getStates().size()) {
                System.out.println(state1);
                System.out.println(state2);
                System.out.println(result);
                throw new IllegalStateException();
            }
            return result;
        }
    } else {
        // TODO Auto-generated method stub
        throw new IllegalStateException("Not yet implemented");
    }
}

Example 2 with ValueTrackerElement

use of com.google.security.zynamics.reil.algorithms.mono.valuetracking.ValueTrackerElement in project binnavi by google.

the class StateCombiner method combine.

private static ValueTrackerElement combine(final ValueTrackerElement state1, final ValueTrackerElement state2) {
    final Map<IAloc, IValueElement> values1 = state1.getStates();
    final Map<IAloc, IValueElement> values2 = state2.getStates();
    final Map<IAloc, IValueElement> combinedState = new HashMap<IAloc, IValueElement>();
    final Set<ReilInstruction> combinedInfluences = state1.getInfluences();
    combinedInfluences.addAll(state2.getInfluences());
    final Map<String, Set<IAddress>> combinedWritten = new HashMap<String, Set<IAddress>>();
    combinedWritten.putAll(state1.getLastWritten());
    for (final Map.Entry<String, Set<IAddress>> lastWritten : state2.getLastWritten().entrySet()) {
        if (combinedWritten.containsKey(lastWritten.getKey())) {
            combinedWritten.get(lastWritten.getKey()).addAll(lastWritten.getValue());
        } else {
            combinedWritten.put(lastWritten.getKey(), new HashSet<IAddress>(lastWritten.getValue()));
        }
    }
    for (final Map.Entry<IAloc, IValueElement> entry : values1.entrySet()) {
        final IAloc aloc = entry.getKey();
        if (values2.containsKey(aloc)) {
            final IValueElement lhs = entry.getValue();
            final IValueElement rhs = values2.get(aloc);
            combinedState.put(aloc, combine(lhs, rhs));
        } else {
            combinedState.put(aloc, new Undefined());
        }
    }
    for (final Map.Entry<IAloc, IValueElement> entry : values2.entrySet()) {
        final IAloc aloc = entry.getKey();
        if (!values1.containsKey(aloc)) {
            combinedState.put(aloc, new Undefined());
        }
    }
    if ((combinedState.size() < state1.getStates().size()) || (combinedState.size() < state2.getStates().size())) {
        throw new IllegalStateException();
    }
    return new ValueTrackerElement(combinedInfluences, combinedState, combinedWritten);
}

Example 3 with ValueTrackerElement

use of com.google.security.zynamics.reil.algorithms.mono.valuetracking.ValueTrackerElement in project binnavi by google.

the class AddTransformerTest method testAddConstants.

@Test
public void testAddConstants() {
    final ReilInstruction instruction = ReilHelpers.createAdd(0x100, OperandSize.DWORD, "2", OperandSize.DWORD, "4", OperandSize.QWORD, "t0");
    final ValueTrackerElement state = new ValueTrackerElement();
    final ValueTrackerElement result = AddTransformer.transform(instruction, state);
    assertTrue(result.getState("t0") instanceof Literal);
    assertEquals(6, ((Literal) result.getState("t0")).getValue().longValue());
}

Example 4 with ValueTrackerElement

use of com.google.security.zynamics.reil.algorithms.mono.valuetracking.ValueTrackerElement in project binnavi by google.

the class CombineTest method testSimple.

@Test
public void testSimple() {
    final ReilInstruction instruction1 = ReilHelpers.createStr(100, OperandSize.DWORD, "0", OperandSize.DWORD, "eax");
    final ReilInstruction instruction2 = ReilHelpers.createJcc(101, OperandSize.DWORD, "eax", OperandSize.DWORD, "104");
    final ReilInstruction instruction3 = ReilHelpers.createAdd(102, OperandSize.DWORD, "eax", OperandSize.DWORD, "4", OperandSize.DWORD, "ebx");
    final ReilInstruction instruction4 = ReilHelpers.createJcc(103, OperandSize.DWORD, "1", OperandSize.DWORD, "104");
    final ReilInstruction instruction5 = ReilHelpers.createAdd(104, OperandSize.DWORD, "eax", OperandSize.DWORD, "8", OperandSize.DWORD, "ebx");
    final ReilInstruction instruction6 = ReilHelpers.createStr(105, OperandSize.DWORD, "ebx", OperandSize.DWORD, "ecx");
    final ReilBlock block1 = new ReilBlock(Lists.newArrayList(instruction1, instruction2));
    final ReilBlock block2 = new ReilBlock(Lists.newArrayList(instruction3, instruction4));
    final ReilBlock block3 = new ReilBlock(Lists.newArrayList(instruction5));
    final ReilBlock block4 = new ReilBlock(Lists.newArrayList(instruction6));
    final ReilEdge edge1 = new ReilEdge(block1, block2, EdgeType.JUMP_UNCONDITIONAL);
    final ReilEdge edge2 = new ReilEdge(block1, block3, EdgeType.JUMP_UNCONDITIONAL);
    final ReilEdge edge3 = new ReilEdge(block2, block4, EdgeType.JUMP_UNCONDITIONAL);
    final ReilEdge edge4 = new ReilEdge(block3, block4, EdgeType.JUMP_UNCONDITIONAL);
    ReilBlock.link(block1, block2, edge1);
    ReilBlock.link(block1, block3, edge2);
    ReilBlock.link(block2, block4, edge3);
    ReilBlock.link(block3, block4, edge4);
    final ReilFunction function = new ReilFunction("Fark", new ReilGraph(Lists.newArrayList(block1, block2, block3, block4), Lists.newArrayList(edge1, edge2, edge3, edge4)));
    System.out.println(function.getGraph());
    final IStateVector<InstructionGraphNode, ValueTrackerElement> result = ValueTracker.track(function);
    System.out.println(result);
}

Example 5 with ValueTrackerElement

use of com.google.security.zynamics.reil.algorithms.mono.valuetracking.ValueTrackerElement in project binnavi by google.

the class SimpleTest method simpleTracking.

@Test
public void simpleTracking() throws CouldntLoadDataException, InternalTranslationException, CPartialLoadException, LoadCancelledException {
    final INaviModule module = m_database.getContent().getModules().get(0);
    module.load();
    final INaviView view = module.getViewsWithAddresses(Lists.newArrayList(new UnrelocatedAddress(new CAddress(0x10044BB))), true).get(0);
    assertEquals(0x10044BB, module.getContent().getViewContainer().getFunction(view).getAddress().toLong());
    view.load();
    final ReilTranslator<INaviInstruction> translator = new ReilTranslator<INaviInstruction>();
    final ReilFunction reilFunction = translator.translate(new StandardEnvironment(), view);
    assertEquals(0, reilFunction.getGraph().getEdges().size());
    final IStateVector<InstructionGraphNode, ValueTrackerElement> result = ValueTracker.track(reilFunction);
    System.out.println(result);
}