Examples with InternalTranslationException com.google.security.zynamics.reil.translators.InternalTranslationException used on opensource projects

Example 56 with InternalTranslationException

use of com.google.security.zynamics.reil.translators.InternalTranslationException in project binnavi by google.

the class BtcTranslator method translate.

/**
 * Translates a BTC instruction to REIL code.
 *
 * @param environment A valid translation environment
 * @param instruction The BTC instruction to translate
 * @param instructions The generated REIL code will be added to this list
 *
 * @throws InternalTranslationException if any of the arguments are null the passed instruction is
 *         not a BTC instruction
 */
@Override
public void translate(final ITranslationEnvironment environment, final IInstruction instruction, final List<ReilInstruction> instructions) throws InternalTranslationException {
    TranslationHelpers.checkTranslationArguments(environment, instruction, instructions, "btc");
    if (instruction.getOperands().size() != 2) {
        throw new InternalTranslationException("Error: Argument instruction is not a btc instruction (invalid number of operands)");
    }
    final long baseOffset = instruction.getAddress().toLong() * 0x100;
    long offset = baseOffset;
    final IOperandTree targetOperand = instruction.getOperands().get(0);
    final IOperandTree sourceOperand = instruction.getOperands().get(1);
    // Load the target operand.
    final TranslationResult targetResult = Helpers.translateOperand(environment, offset, targetOperand, true);
    instructions.addAll(targetResult.getInstructions());
    offset = baseOffset + instructions.size();
    // Load the source operand.
    final TranslationResult sourceResult = Helpers.translateOperand(environment, offset, sourceOperand, true);
    instructions.addAll(sourceResult.getInstructions());
    offset = baseOffset + instructions.size();
    final String negatedIndex = environment.getNextVariableString();
    // final String truncatedNegatedIndex = environment.getNextVariableString();
    final String shiftedTarget = environment.getNextVariableString();
    // TODO: Due to a bug in the REIL BSH specification we can not truncate the result
    // of the subtraction here. See the tests for an example of what goes wrong.
    instructions.add(ReilHelpers.createSub(offset++, OperandSize.BYTE, "0", sourceResult.getSize(), sourceResult.getRegister(), OperandSize.WORD, negatedIndex));
    // instructions.add(ReilHelpers.createAnd(offset++, OperandSize.WORD, negatedIndex,
    // OperandSize.BYTE, "255", OperandSize.BYTE, truncatedNegatedIndex));
    instructions.add(ReilHelpers.createBsh(offset++, targetResult.getSize(), targetResult.getRegister(), OperandSize.BYTE, negatedIndex, targetResult.getSize(), shiftedTarget));
    instructions.add(ReilHelpers.createAnd(offset++, targetResult.getSize(), shiftedTarget, OperandSize.BYTE, "1", OperandSize.BYTE, Helpers.CARRY_FLAG));
    // Set the bit in the destination
    final String shiftedIndex = environment.getNextVariableString();
    final String andedResult = environment.getNextVariableString();
    instructions.add(ReilHelpers.createBsh(offset++, OperandSize.BYTE, "1", sourceResult.getSize(), sourceResult.getRegister(), targetResult.getSize(), shiftedIndex));
    instructions.add(ReilHelpers.createXor(offset++, targetResult.getSize(), targetResult.getRegister(), targetResult.getSize(), shiftedIndex, targetResult.getSize(), andedResult));
    Helpers.writeBack(environment, offset++, targetOperand, andedResult, targetResult.getSize(), targetResult.getAddress(), targetResult.getType(), instructions);
}

Example 57 with InternalTranslationException

use of com.google.security.zynamics.reil.translators.InternalTranslationException in project binnavi by google.

the class CmpxchgTranslator method translate.

/**
 * Translates a CMPXCHG instruction to REIL code.
 *
 * @param environment A valid translation environment.
 * @param instruction The CMPXCHG instruction to translate.
 * @param instructions The generated REIL code will be added to this list
 *
 * @throws InternalTranslationException if any of the arguments are null the passed instruction is
 *         not a CMPXCHG instruction
 */
@Override
public void translate(final ITranslationEnvironment environment, final IInstruction instruction, final List<ReilInstruction> instructions) throws InternalTranslationException {
    TranslationHelpers.checkTranslationArguments(environment, instruction, instructions, "cmpxchg");
    Preconditions.checkArgument(instruction.getOperands().size() == 2, "Error: Argument instruction is not a cmp instruction (invalid number of operands)");
    final long baseOffset = instruction.getAddress().toLong() * 0x100;
    long offset = baseOffset;
    final List<? extends IOperandTree> operands = instruction.getOperands();
    final IOperandTree targetOperand = operands.get(0);
    final IOperandTree sourceOperand = operands.get(1);
    // Load first operand.
    final TranslationResult targetResult = Helpers.translateOperand(environment, offset, targetOperand, true);
    instructions.addAll(targetResult.getInstructions());
    // Adjust the offset of the next REIL instruction.
    offset = baseOffset + instructions.size();
    // Load second operand.
    final TranslationResult sourceResult = Helpers.translateOperand(environment, offset, sourceOperand, true);
    instructions.addAll(sourceResult.getInstructions());
    // Adjust the offset of the next REIL instruction.
    offset = baseOffset + instructions.size();
    // Compare the first operand to AL/AX/EAX
    String xaxRegister;
    switch(targetResult.getSize()) {
        case BYTE:
            xaxRegister = "al";
            break;
        case WORD:
            xaxRegister = "ax";
            break;
        case DWORD:
            xaxRegister = "eax";
            break;
        default:
            throw new InternalTranslationException("Error: The first operand has to be BYTE/WORD/DWORD !");
    }
    String comparisonResult = environment.getNextVariableString();
    OperandSize currentSize = targetResult.getSize();
    // Subtract the first operand from AL/AX/EAX
    instructions.add(ReilHelpers.createSub(baseOffset + instructions.size(), currentSize, xaxRegister, currentSize, targetResult.getRegister(), currentSize, comparisonResult));
    // Set the ZF if the two values were equal
    instructions.add(ReilHelpers.createBisz(baseOffset + instructions.size(), currentSize, comparisonResult, OperandSize.BYTE, Helpers.ZERO_FLAG));
    // The control flow is as follows:
    // Jump to secondWriteBack if not equal
    // firstWriteBack
    // Jump to terminatingNop (avoid falling through from the first case)
    // secondWriteBack
    // terminatingNop
    // firstWriteBack: if the content of AL/AX/EAX is equal to the source operand,
    // move sourceOperand to targetOperand.
    final List<ReilInstruction> firstWriteBack = new ArrayList<ReilInstruction>();
    Helpers.writeBack(environment, // reserve space for the first JCC
    baseOffset + instructions.size() + 1, targetOperand, sourceResult.getRegister(), sourceResult.getSize(), targetResult.getAddress(), targetResult.getType(), firstWriteBack);
    // Jump to secondWriteBack if not equal.
    // Reserve space for the two JCC and firstWriteBack when calculating target address.
    final long secondWriteBackOffset = instructions.size() + firstWriteBack.size() + 3;
    final String secondWriteBackGoal = String.format("%d.%d", instruction.getAddress().toLong(), secondWriteBackOffset);
    instructions.add(ReilHelpers.createJcc(baseOffset + instructions.size(), currentSize, comparisonResult, OperandSize.ADDRESS, secondWriteBackGoal));
    // Add the mov code that's executed if the condition is true.
    instructions.addAll(firstWriteBack);
    // Create an operand representing the AL/AX/EAX register so that we can write back to it.
    ReilOperandNode xAXOperandRoot = new ReilOperandNode(currentSize.toSizeString(), ExpressionType.SIZE_PREFIX);
    ReilOperandNode xAXOperandLeaf = new ReilOperandNode(xaxRegister, ExpressionType.REGISTER);
    ReilOperandNode.link(xAXOperandRoot, xAXOperandLeaf);
    ReilOperand xAXOperand = new ReilOperand(xAXOperandRoot);
    // secondWriteBack: if the content of AL/AX/EAX is not equal to the source operand,
    // move targetOperand to AL/AX/EAX.
    final List<ReilInstruction> secondWriteBack = new ArrayList<ReilInstruction>();
    Helpers.writeBack(environment, // reserve space for the second JCC
    baseOffset + instructions.size() + 1, xAXOperand, targetResult.getRegister(), currentSize, null, /* Memory address of the writeBack target. Empty since target is a register. */
    TranslationResultType.REGISTER, secondWriteBack);
    // Jump to terminatingNop (avoid falling through from firstWriteBack).
    // Reserve addresses for JCC and for secondWriteBack when calculating target address.
    final long terminatingNopOffset = instructions.size() + secondWriteBack.size() + 2;
    final String terminatingNopGoal = String.format("%d.%d", instruction.getAddress().toLong(), terminatingNopOffset);
    instructions.add(ReilHelpers.createJcc(baseOffset + instructions.size(), OperandSize.BYTE, "1", OperandSize.ADDRESS, terminatingNopGoal));
    // Add the mov code that's executed if the condition is true.
    instructions.addAll(secondWriteBack);
    // Add a terminating NOP, this makes it easier to get a target for the conditional jump.
    instructions.add(ReilHelpers.createNop(baseOffset + instructions.size()));
}

Example 58 with InternalTranslationException

use of com.google.security.zynamics.reil.translators.InternalTranslationException in project binnavi by google.

the class CCodeNodeParserTest method testAddZero.

@Test
public void testAddZero() throws ParserException, CPartialLoadException, IllegalArgumentException, SecurityException, IllegalAccessException, NoSuchFieldException {
    // 00000000: mov eax, [esp+0]
    final MockCodeNodeProvider cnProvider = new MockCodeNodeProvider();
    final MockCodeNodeData instruction2 = new MockCodeNodeData();
    instruction2.nodeId = 5193;
    instruction2.address = new CAddress(0x4180dd);
    instruction2.mnemonic = "mov";
    instruction2.operandPosition = 0;
    instruction2.expressionId = 1;
    instruction2.expressionType = 6;
    instruction2.symbol = "b4";
    instruction2.immediate = null;
    instruction2.parentId = 0;
    instruction2.replacement = null;
    final MockCodeNodeData instruction3 = new MockCodeNodeData();
    instruction3.nodeId = 5193;
    instruction3.address = new CAddress(0x4180dd);
    instruction3.mnemonic = "mov";
    instruction3.operandPosition = 0;
    instruction3.expressionId = 29;
    instruction3.expressionType = 4;
    instruction3.symbol = "ss:";
    instruction3.immediate = null;
    instruction3.parentId = 1;
    instruction3.replacement = null;
    final MockCodeNodeData instruction4 = new MockCodeNodeData();
    instruction4.nodeId = 5193;
    instruction4.address = new CAddress(0x4180dd);
    instruction4.mnemonic = "mov";
    instruction4.operandPosition = 0;
    instruction4.expressionId = 30;
    instruction4.expressionType = 7;
    instruction4.symbol = "[";
    instruction4.immediate = null;
    instruction4.parentId = 29;
    instruction4.replacement = null;
    final MockCodeNodeData instruction5 = new MockCodeNodeData();
    instruction5.nodeId = 5193;
    instruction5.address = new CAddress(0x4180dd);
    instruction5.mnemonic = "mov";
    instruction5.operandPosition = 0;
    instruction5.expressionId = 31;
    instruction5.expressionType = 4;
    instruction5.symbol = "+";
    instruction5.immediate = null;
    instruction5.parentId = 30;
    instruction5.replacement = null;
    final MockCodeNodeData instruction6 = new MockCodeNodeData();
    instruction6.nodeId = 5193;
    instruction6.address = new CAddress(0x4180dd);
    instruction6.mnemonic = "mov";
    instruction6.operandPosition = 0;
    instruction6.expressionId = 32;
    instruction6.expressionType = 5;
    instruction6.symbol = "esp";
    instruction6.immediate = null;
    instruction6.parentId = 31;
    instruction6.replacement = null;
    final MockCodeNodeData instruction7 = new MockCodeNodeData();
    instruction7.nodeId = 5193;
    instruction7.address = new CAddress(0x4180dd);
    instruction7.mnemonic = "mov";
    instruction7.operandPosition = 0;
    instruction7.expressionId = 498;
    instruction7.expressionType = 2;
    instruction7.symbol = null;
    instruction7.immediate = "0";
    instruction7.parentId = 31;
    instruction7.replacement = "134h+var_134";
    final MockCodeNodeData instruction1 = new MockCodeNodeData();
    instruction1.nodeId = 5193;
    instruction1.address = new CAddress(0x4180dd);
    instruction1.mnemonic = "mov";
    instruction1.operandPosition = 1;
    instruction1.expressionId = 1594;
    instruction1.expressionType = 2;
    instruction1.symbol = null;
    instruction1.immediate = "4561216";
    instruction1.parentId = 0;
    instruction1.replacement = null;
    cnProvider.data.add(instruction2);
    cnProvider.data.add(instruction3);
    cnProvider.data.add(instruction4);
    cnProvider.data.add(instruction5);
    cnProvider.data.add(instruction6);
    cnProvider.data.add(instruction7);
    cnProvider.data.add(instruction1);
    final MockSqlProvider provider = new MockSqlProvider();
    final MockModule module = new MockModule();
    CFunctionContainerHelper.addFunction(module.getContent().getFunctionContainer(), new MockFunction(0));
    final CCodeNodeParser p = new CCodeNodeParser(cnProvider, Lists.newArrayList(module), provider);
    final List<CCodeNode> result = p.parse();
    assertEquals(1, result.size());
    assertEquals(1, Iterables.size(result.get(0).getInstructions()));
    final ReilTranslator<INaviInstruction> translator = new ReilTranslator<INaviInstruction>();
    try {
        translator.translate(new StandardEnvironment(), Iterables.get(result.get(0).getInstructions(), 0));
    } catch (final InternalTranslationException exception) {
        CUtilityFunctions.logException(exception);
    }
}

Example 59 with InternalTranslationException

use of com.google.security.zynamics.reil.translators.InternalTranslationException in project binnavi by google.

the class CGraphFunctions method showDataflowGraph.

/**
 * Creates a new view that shows the data flow graph of a view.
 *
 * @param parent Window where the new view is shown.
 * @param container Container where the new view is created.
 * @param view The view whose data flow graph is created.
 */
public static void showDataflowGraph(final CGraphWindow parent, final IViewContainer container, final INaviView view) {
    try {
        final INaviView dataflowView = CDataflowViewCreator.create(container, view);
        CViewOpener.showView(parent, container, dataflowView, parent);
    } catch (final InternalTranslationException e) {
        CUtilityFunctions.logException(e);
        final String innerMessage = "E00110: " + "Could not create dataflow graph";
        final String innerDescription = CUtilityFunctions.createDescription(String.format("BinNavi could not create the data flow graph of view '%s'.", view.getName()), new String[] { "An error occurred in the REIL translator code." }, new String[] { "This is an internal error which you can not fix yourself. " + "Please report the bug to the zynamics support team." });
        NaviErrorDialog.show(parent, innerMessage, innerDescription);
    }
}

Example 60 with InternalTranslationException

use of com.google.security.zynamics.reil.translators.InternalTranslationException in project binnavi by google.

the class CCodeNodeMenu method addRegisterOperandMenu.

private void addRegisterOperandMenu(final CGraphModel model, final COperandTreeNode treeNode, final INaviInstruction instruction, final List<ICodeNodeExtension> extensions, final INaviCodeNode codeNode) {
    try {
        add(new COperandsMenu(codeNode, instruction, extensions));
    } catch (final InternalTranslationException | MaybeNullException exception) {
        CUtilityFunctions.logException(exception);
    }
    final TypeManager typeManager = model.getViewContainer().getModules().get(0).getTypeManager();
    if (treeNode.getTypeSubstitution() == null) {
        add(TypeSubstitutionAction.instantiateCreateTypeSubstitution(model.getParent(), typeManager, getStackFrame(model), treeNode));
    } else {
        add(new DeleteTypeSubstitutionMenuAction(typeManager, treeNode));
        add(TypeSubstitutionAction.instantiateEditTypeSubstitution(model.getParent(), typeManager, getStackFrame(model), treeNode));
    }
    addSeparator();
}