use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.
the class LoopeTranslatorTest method testSimple.
@Test
public void testSimple() throws InternalTranslationException, InterpreterException {
interpreter.setRegister("eax", BigInteger.valueOf(3), OperandSize.DWORD, ReilRegisterStatus.DEFINED);
interpreter.setRegister("ecx", BigInteger.valueOf(5), OperandSize.DWORD, ReilRegisterStatus.DEFINED);
final MockOperandTree operandTree1 = new MockOperandTree();
operandTree1.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "dword");
operandTree1.root.m_children.add(new MockOperandTreeNode(ExpressionType.REGISTER, "eax"));
final List<MockOperandTree> operands = Lists.newArrayList(operandTree1);
final IInstruction instruction = new MockInstruction("dec", operands);
final ArrayList<ReilInstruction> instructionsDec = new ArrayList<ReilInstruction>();
decTranslator.translate(environment, instruction, instructionsDec);
final MockOperandTree operandTree2 = new MockOperandTree();
operandTree2.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "dword");
operandTree2.root.m_children.add(new MockOperandTreeNode(ExpressionType.IMMEDIATE_INTEGER, "256"));
final MockInstruction instruction2 = new MockInstruction("loope", Lists.newArrayList(operandTree2));
instruction2.address = new CAddress(0x101);
translator.translate(environment, instruction2, instructions);
final HashMap<BigInteger, List<ReilInstruction>> mapping = new HashMap<BigInteger, List<ReilInstruction>>();
mapping.put(BigInteger.valueOf(instructions.get(0).getAddress().toLong()), instructions);
mapping.put(BigInteger.valueOf(instructionsDec.get(0).getAddress().toLong()), instructionsDec);
interpreter.interpret(mapping, BigInteger.valueOf(0x100));
assertEquals(6, TestHelpers.filterNativeRegisters(interpreter.getDefinedRegisters()).size());
assertEquals(BigInteger.valueOf(2), interpreter.getVariableValue("eax"));
assertEquals(BigInteger.valueOf(4), interpreter.getVariableValue("ecx"));
assertEquals(BigInteger.ZERO, interpreter.getVariableValue("ZF"));
assertEquals(BigInteger.ZERO, interpreter.getVariableValue("SF"));
assertEquals(BigInteger.ZERO, interpreter.getVariableValue("OF"));
assertEquals(BigInteger.ZERO, BigInteger.valueOf(interpreter.getMemorySize()));
}
use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.
the class CMemoryMenu method createMenu.
/**
* Creates the context menu of a memory viewer component.
*
* @param offset The memory offset where the context menu will be shown.
*
* @return The context menu for the specified address.
*/
@Override
public JPopupMenu createMenu(final long offset) {
final JPopupMenu menu = new JPopupMenu();
final IDebugger debugger = m_debugger.getCurrentSelectedDebugger();
if (debugger == null) {
return null;
}
menu.add(CActionProxy.proxy(new CSearchAction(m_parent, m_debugger, m_memoryView)));
menu.add(CActionProxy.proxy(new CGotoAction(m_parent, m_memoryView, m_debugger)));
if (canReadDword(debugger.getProcessManager().getMemoryMap(), offset)) {
final byte[] data = debugger.getProcessManager().getMemory().getData(offset, 4);
final IAddress dword = new CAddress(ByteHelpers.readDwordLittleEndian(data, 0));
if (canReadDword(debugger.getProcessManager().getMemoryMap(), dword.toLong())) {
menu.add(CActionProxy.proxy(new CFollowDumpAction(m_debugger, dword)));
}
}
menu.addSeparator();
final long firstOffset = m_memoryView.getHexView().getBaseAddress();
final int size = m_memoryView.getHexView().getData().getDataLength();
menu.add(new CLoadAllAction(m_parent, debugger, new CAddress(firstOffset), size));
// Offer the option to dump memory
final JMenu dumpMenu = new JMenu("Dump to file");
dumpMenu.add(CActionProxy.proxy(new CDumpMemoryRangeAction(m_parent, debugger, m_memoryView.getHexView().getData(), new CAddress(firstOffset), size)));
menu.add(dumpMenu);
menu.addSeparator();
final BookmarkManager manager = debugger.getBookmarkManager();
// At first offer the option to add or remove a bookmark
// at the specified position.
final CBookmark bookmark = manager.getBookmark(new CAddress(offset));
if (bookmark == null) {
menu.add(new JMenuItem(CActionProxy.proxy(new CCreateBookmarkAction(manager, new CAddress(offset)))));
} else {
menu.add(new JMenuItem(CActionProxy.proxy(new CDeleteBookmarkAction(manager, bookmark))));
}
if (manager.getNumberOfBookmarks() != 0) {
// Afterwards list all currently active bookmarks.
menu.addSeparator();
final JMenu bookmarksItem = new JMenu("Bookmarks");
for (int i = 0; i < manager.getNumberOfBookmarks(); i++) {
bookmarksItem.add(CActionProxy.proxy(new CGotoBookmarkAction(m_debugger, manager.getBookmark(i))));
}
menu.add(bookmarksItem);
}
menu.addSeparator();
menu.add(HexViewOptionsMenu.createHexViewOptionsMenu(m_memoryView.getHexView()));
return menu;
}
use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.
the class CMemoryFunctions method searchMemory.
/**
* Shows a Search dialog and searches through the memory of target process afterwards.
*
* @param parent Parent window used for dialogs.
* @param debugger Debugger that requests the target memory.
* @param memoryView Memory view where the search result is shown.
*/
public static void searchMemory(final Window parent, final IDebugger debugger, final CMemoryViewer memoryView) {
checkArguments(parent, debugger);
Preconditions.checkNotNull(memoryView, "IE01431: Memory view argument can not be null");
// Show the search dialog
final CSearchDialog dlg = new CSearchDialog(parent);
final byte[] data = dlg.getSearchData();
// Make sure that the user entered data and clicked the OK button
if (data != null && data.length != 0) {
final JHexView hexView = memoryView.getHexView();
final long start = hexView.getCurrentOffset();
final int size = (int) (hexView.getLastOffset() - hexView.getCurrentOffset());
final CSearchWaiter waiter = new CSearchWaiter(debugger, new CAddress(start), size, data);
CProgressDialog.showEndless(parent, "Loading memory" + " ...", waiter);
hexView.uncolorizeAll();
if (waiter.getException() == null) {
final SearchReply reply = waiter.getReply();
if (reply != null) {
final IAddress offset = reply.getAddress();
if (reply.success()) {
// Make sure that the memory data is actually available
if (hexView.isEnabled() && hexView.getDefinitionStatus() == DefinitionStatus.DEFINED) {
// It is not necessary to make sure that the offset is
// actually part of the currently visible memory range.
// If it is not, the new memory range is loaded automatically.
hexView.colorize(5, offset.toLong(), data.length, Color.BLACK, Color.YELLOW);
hexView.gotoOffset(offset.toLong());
hexView.requestFocusInWindow();
}
} else {
// Tell the user that the search string was not found
CMessageBox.showInformation(parent, "The specified search string was not found.");
}
}
} else {
CUtilityFunctions.logException(waiter.getException());
final String innerMessage = "E00079: " + "Could not search through memory";
final String innerDescription = CUtilityFunctions.createDescription("It was not possible to send the search request to the debug client.", new String[] { "There was a problem with the connection to the debug client." }, new String[] { "The search operation could not be started." });
NaviErrorDialog.show(parent, innerMessage, innerDescription, waiter.getException());
}
}
}
use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.
the class CDebuggerChooserPanel method isFileBaseModified.
/**
* Determines whether the entered file base is different from the image base stored in the model.
*
* @return True, if the file base changed.
*/
private boolean isFileBaseModified() {
final String fileBaseText = getFileBase();
final boolean fileBaseChanged = "".equals(fileBaseText) || !new CAddress(Convert.hexStringToLong(fileBaseText)).equals(m_module.getConfiguration().getFileBase());
return fileBaseChanged;
}
use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.
the class ExceptionOccurredParser method parseSuccess.
@Override
public ExceptionOccurredReply parseSuccess(final int packetId, final int argumentCount) throws IOException {
Preconditions.checkArgument(argumentCount == 1, "IE00068: Unexpected number of argument while parsing exception occured packet");
final byte[] data = parseData();
Preconditions.checkNotNull(data, "IE00095: Data argument can not be null");
final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
try {
final DocumentBuilder builder = factory.newDocumentBuilder();
final Document document = builder.parse(new ByteArrayInputStream(data, 0, data.length));
final Node node = document.getFirstChild();
final long threadId = Long.valueOf(node.getAttributes().getNamedItem("threadId").getNodeValue());
final RelocatedAddress address = new RelocatedAddress(new CAddress(new BigInteger(node.getAttributes().getNamedItem("address").getNodeValue())));
final long exceptionCode = Long.valueOf(node.getAttributes().getNamedItem("exceptionCode").getNodeValue());
String exceptionName = node.getAttributes().getNamedItem("exceptionName").getNodeValue();
if (exceptionName.isEmpty()) {
exceptionName = "Unknown exception";
}
return new ExceptionOccurredReply(packetId, 0, threadId, exceptionCode, address, exceptionName);
} catch (final Exception exception) {
CUtilityFunctions.logException(exception);
throw new IllegalStateException("IE00097: Unexpected error while parsing exception occured packet");
}
}
Aggregations