Search in sources :

Example 1 with CAddress

use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.

the class LoopeTranslatorTest method testSimple.

@Test
public void testSimple() throws InternalTranslationException, InterpreterException {
    interpreter.setRegister("eax", BigInteger.valueOf(3), OperandSize.DWORD, ReilRegisterStatus.DEFINED);
    interpreter.setRegister("ecx", BigInteger.valueOf(5), OperandSize.DWORD, ReilRegisterStatus.DEFINED);
    final MockOperandTree operandTree1 = new MockOperandTree();
    operandTree1.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "dword");
    operandTree1.root.m_children.add(new MockOperandTreeNode(ExpressionType.REGISTER, "eax"));
    final List<MockOperandTree> operands = Lists.newArrayList(operandTree1);
    final IInstruction instruction = new MockInstruction("dec", operands);
    final ArrayList<ReilInstruction> instructionsDec = new ArrayList<ReilInstruction>();
    decTranslator.translate(environment, instruction, instructionsDec);
    final MockOperandTree operandTree2 = new MockOperandTree();
    operandTree2.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "dword");
    operandTree2.root.m_children.add(new MockOperandTreeNode(ExpressionType.IMMEDIATE_INTEGER, "256"));
    final MockInstruction instruction2 = new MockInstruction("loope", Lists.newArrayList(operandTree2));
    instruction2.address = new CAddress(0x101);
    translator.translate(environment, instruction2, instructions);
    final HashMap<BigInteger, List<ReilInstruction>> mapping = new HashMap<BigInteger, List<ReilInstruction>>();
    mapping.put(BigInteger.valueOf(instructions.get(0).getAddress().toLong()), instructions);
    mapping.put(BigInteger.valueOf(instructionsDec.get(0).getAddress().toLong()), instructionsDec);
    interpreter.interpret(mapping, BigInteger.valueOf(0x100));
    assertEquals(6, TestHelpers.filterNativeRegisters(interpreter.getDefinedRegisters()).size());
    assertEquals(BigInteger.valueOf(2), interpreter.getVariableValue("eax"));
    assertEquals(BigInteger.valueOf(4), interpreter.getVariableValue("ecx"));
    assertEquals(BigInteger.ZERO, interpreter.getVariableValue("ZF"));
    assertEquals(BigInteger.ZERO, interpreter.getVariableValue("SF"));
    assertEquals(BigInteger.ZERO, interpreter.getVariableValue("OF"));
    assertEquals(BigInteger.ZERO, BigInteger.valueOf(interpreter.getMemorySize()));
}
Also used : ReilInstruction(com.google.security.zynamics.reil.ReilInstruction) MockOperandTreeNode(com.google.security.zynamics.zylib.disassembly.MockOperandTreeNode) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) IInstruction(com.google.security.zynamics.zylib.disassembly.IInstruction) CAddress(com.google.security.zynamics.zylib.disassembly.CAddress) MockInstruction(com.google.security.zynamics.zylib.disassembly.MockInstruction) MockOperandTree(com.google.security.zynamics.zylib.disassembly.MockOperandTree) BigInteger(java.math.BigInteger) ArrayList(java.util.ArrayList) List(java.util.List) Test(org.junit.Test)

Example 2 with CAddress

use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.

the class CMemoryMenu method createMenu.

/**
 * Creates the context menu of a memory viewer component.
 *
 * @param offset The memory offset where the context menu will be shown.
 *
 * @return The context menu for the specified address.
 */
@Override
public JPopupMenu createMenu(final long offset) {
    final JPopupMenu menu = new JPopupMenu();
    final IDebugger debugger = m_debugger.getCurrentSelectedDebugger();
    if (debugger == null) {
        return null;
    }
    menu.add(CActionProxy.proxy(new CSearchAction(m_parent, m_debugger, m_memoryView)));
    menu.add(CActionProxy.proxy(new CGotoAction(m_parent, m_memoryView, m_debugger)));
    if (canReadDword(debugger.getProcessManager().getMemoryMap(), offset)) {
        final byte[] data = debugger.getProcessManager().getMemory().getData(offset, 4);
        final IAddress dword = new CAddress(ByteHelpers.readDwordLittleEndian(data, 0));
        if (canReadDword(debugger.getProcessManager().getMemoryMap(), dword.toLong())) {
            menu.add(CActionProxy.proxy(new CFollowDumpAction(m_debugger, dword)));
        }
    }
    menu.addSeparator();
    final long firstOffset = m_memoryView.getHexView().getBaseAddress();
    final int size = m_memoryView.getHexView().getData().getDataLength();
    menu.add(new CLoadAllAction(m_parent, debugger, new CAddress(firstOffset), size));
    // Offer the option to dump memory
    final JMenu dumpMenu = new JMenu("Dump to file");
    dumpMenu.add(CActionProxy.proxy(new CDumpMemoryRangeAction(m_parent, debugger, m_memoryView.getHexView().getData(), new CAddress(firstOffset), size)));
    menu.add(dumpMenu);
    menu.addSeparator();
    final BookmarkManager manager = debugger.getBookmarkManager();
    // At first offer the option to add or remove a bookmark
    // at the specified position.
    final CBookmark bookmark = manager.getBookmark(new CAddress(offset));
    if (bookmark == null) {
        menu.add(new JMenuItem(CActionProxy.proxy(new CCreateBookmarkAction(manager, new CAddress(offset)))));
    } else {
        menu.add(new JMenuItem(CActionProxy.proxy(new CDeleteBookmarkAction(manager, bookmark))));
    }
    if (manager.getNumberOfBookmarks() != 0) {
        // Afterwards list all currently active bookmarks.
        menu.addSeparator();
        final JMenu bookmarksItem = new JMenu("Bookmarks");
        for (int i = 0; i < manager.getNumberOfBookmarks(); i++) {
            bookmarksItem.add(CActionProxy.proxy(new CGotoBookmarkAction(m_debugger, manager.getBookmark(i))));
        }
        menu.add(bookmarksItem);
    }
    menu.addSeparator();
    menu.add(HexViewOptionsMenu.createHexViewOptionsMenu(m_memoryView.getHexView()));
    return menu;
}
Also used : CDeleteBookmarkAction(com.google.security.zynamics.binnavi.Gui.Debug.MemoryPanel.Actions.CDeleteBookmarkAction) CFollowDumpAction(com.google.security.zynamics.binnavi.Gui.Debug.MemoryPanel.Actions.CFollowDumpAction) CGotoBookmarkAction(com.google.security.zynamics.binnavi.Gui.Debug.MemoryPanel.Actions.CGotoBookmarkAction) CGotoAction(com.google.security.zynamics.binnavi.Gui.Debug.MemoryPanel.Actions.CGotoAction) CLoadAllAction(com.google.security.zynamics.binnavi.Gui.Debug.MemoryPanel.Actions.CLoadAllAction) JPopupMenu(javax.swing.JPopupMenu) IDebugger(com.google.security.zynamics.binnavi.debug.debugger.interfaces.IDebugger) IAddress(com.google.security.zynamics.zylib.disassembly.IAddress) CAddress(com.google.security.zynamics.zylib.disassembly.CAddress) BookmarkManager(com.google.security.zynamics.binnavi.models.Bookmarks.memory.BookmarkManager) CCreateBookmarkAction(com.google.security.zynamics.binnavi.Gui.Debug.MemoryPanel.Actions.CCreateBookmarkAction) CBookmark(com.google.security.zynamics.binnavi.models.Bookmarks.memory.CBookmark) CSearchAction(com.google.security.zynamics.binnavi.Gui.Debug.MemoryPanel.Actions.CSearchAction) CDumpMemoryRangeAction(com.google.security.zynamics.binnavi.Gui.Debug.MemoryPanel.Actions.CDumpMemoryRangeAction) JMenuItem(javax.swing.JMenuItem) JMenu(javax.swing.JMenu)

Example 3 with CAddress

use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.

the class CMemoryFunctions method searchMemory.

/**
 * Shows a Search dialog and searches through the memory of target process afterwards.
 *
 * @param parent Parent window used for dialogs.
 * @param debugger Debugger that requests the target memory.
 * @param memoryView Memory view where the search result is shown.
 */
public static void searchMemory(final Window parent, final IDebugger debugger, final CMemoryViewer memoryView) {
    checkArguments(parent, debugger);
    Preconditions.checkNotNull(memoryView, "IE01431: Memory view argument can not be null");
    // Show the search dialog
    final CSearchDialog dlg = new CSearchDialog(parent);
    final byte[] data = dlg.getSearchData();
    // Make sure that the user entered data and clicked the OK button
    if (data != null && data.length != 0) {
        final JHexView hexView = memoryView.getHexView();
        final long start = hexView.getCurrentOffset();
        final int size = (int) (hexView.getLastOffset() - hexView.getCurrentOffset());
        final CSearchWaiter waiter = new CSearchWaiter(debugger, new CAddress(start), size, data);
        CProgressDialog.showEndless(parent, "Loading memory" + " ...", waiter);
        hexView.uncolorizeAll();
        if (waiter.getException() == null) {
            final SearchReply reply = waiter.getReply();
            if (reply != null) {
                final IAddress offset = reply.getAddress();
                if (reply.success()) {
                    // Make sure that the memory data is actually available
                    if (hexView.isEnabled() && hexView.getDefinitionStatus() == DefinitionStatus.DEFINED) {
                        // It is not necessary to make sure that the offset is
                        // actually part of the currently visible memory range.
                        // If it is not, the new memory range is loaded automatically.
                        hexView.colorize(5, offset.toLong(), data.length, Color.BLACK, Color.YELLOW);
                        hexView.gotoOffset(offset.toLong());
                        hexView.requestFocusInWindow();
                    }
                } else {
                    // Tell the user that the search string was not found
                    CMessageBox.showInformation(parent, "The specified search string was not found.");
                }
            }
        } else {
            CUtilityFunctions.logException(waiter.getException());
            final String innerMessage = "E00079: " + "Could not search through memory";
            final String innerDescription = CUtilityFunctions.createDescription("It was not possible to send the search request to the debug client.", new String[] { "There was a problem with the connection to the debug client." }, new String[] { "The search operation could not be started." });
            NaviErrorDialog.show(parent, innerMessage, innerDescription, waiter.getException());
        }
    }
}
Also used : JHexView(com.google.security.zynamics.zylib.gui.JHexPanel.JHexView) CSearchDialog(com.google.security.zynamics.binnavi.Gui.Debug.SearchMemory.CSearchDialog) SearchReply(com.google.security.zynamics.binnavi.debug.connection.packets.replies.SearchReply) IAddress(com.google.security.zynamics.zylib.disassembly.IAddress) CAddress(com.google.security.zynamics.zylib.disassembly.CAddress)

Example 4 with CAddress

use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.

the class CDebuggerChooserPanel method isFileBaseModified.

/**
 * Determines whether the entered file base is different from the image base stored in the model.
 *
 * @return True, if the file base changed.
 */
private boolean isFileBaseModified() {
    final String fileBaseText = getFileBase();
    final boolean fileBaseChanged = "".equals(fileBaseText) || !new CAddress(Convert.hexStringToLong(fileBaseText)).equals(m_module.getConfiguration().getFileBase());
    return fileBaseChanged;
}
Also used : CAddress(com.google.security.zynamics.zylib.disassembly.CAddress)

Example 5 with CAddress

use of com.google.security.zynamics.zylib.disassembly.CAddress in project binnavi by google.

the class ExceptionOccurredParser method parseSuccess.

@Override
public ExceptionOccurredReply parseSuccess(final int packetId, final int argumentCount) throws IOException {
    Preconditions.checkArgument(argumentCount == 1, "IE00068: Unexpected number of argument while parsing exception occured packet");
    final byte[] data = parseData();
    Preconditions.checkNotNull(data, "IE00095: Data argument can not be null");
    final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
    try {
        final DocumentBuilder builder = factory.newDocumentBuilder();
        final Document document = builder.parse(new ByteArrayInputStream(data, 0, data.length));
        final Node node = document.getFirstChild();
        final long threadId = Long.valueOf(node.getAttributes().getNamedItem("threadId").getNodeValue());
        final RelocatedAddress address = new RelocatedAddress(new CAddress(new BigInteger(node.getAttributes().getNamedItem("address").getNodeValue())));
        final long exceptionCode = Long.valueOf(node.getAttributes().getNamedItem("exceptionCode").getNodeValue());
        String exceptionName = node.getAttributes().getNamedItem("exceptionName").getNodeValue();
        if (exceptionName.isEmpty()) {
            exceptionName = "Unknown exception";
        }
        return new ExceptionOccurredReply(packetId, 0, threadId, exceptionCode, address, exceptionName);
    } catch (final Exception exception) {
        CUtilityFunctions.logException(exception);
        throw new IllegalStateException("IE00097: Unexpected error while parsing exception occured packet");
    }
}
Also used : DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) Node(org.w3c.dom.Node) RelocatedAddress(com.google.security.zynamics.binnavi.disassembly.RelocatedAddress) Document(org.w3c.dom.Document) IOException(java.io.IOException) CAddress(com.google.security.zynamics.zylib.disassembly.CAddress) DocumentBuilder(javax.xml.parsers.DocumentBuilder) ByteArrayInputStream(java.io.ByteArrayInputStream) BigInteger(java.math.BigInteger) ExceptionOccurredReply(com.google.security.zynamics.binnavi.debug.connection.packets.replies.ExceptionOccurredReply)

Aggregations

CAddress (com.google.security.zynamics.zylib.disassembly.CAddress)315 Test (org.junit.Test)221 UnrelocatedAddress (com.google.security.zynamics.binnavi.disassembly.UnrelocatedAddress)60 MockSqlProvider (com.google.security.zynamics.binnavi.Database.MockClasses.MockSqlProvider)55 ModuleTargetSettings (com.google.security.zynamics.binnavi.debug.debugger.ModuleTargetSettings)51 BreakpointAddress (com.google.security.zynamics.binnavi.debug.models.breakpoints.BreakpointAddress)48 MockDebugger (com.google.security.zynamics.binnavi.Debug.Debugger.MockDebugger)47 CModule (com.google.security.zynamics.binnavi.disassembly.Modules.CModule)47 ArrayList (java.util.ArrayList)46 Date (java.util.Date)46 MockModule (com.google.security.zynamics.binnavi.disassembly.Modules.MockModule)45 INaviModule (com.google.security.zynamics.binnavi.disassembly.INaviModule)40 MemorySection (com.google.security.zynamics.binnavi.debug.models.processmanager.MemorySection)32 MemoryMap (com.google.security.zynamics.binnavi.debug.models.processmanager.MemoryMap)29 MockView (com.google.security.zynamics.binnavi.disassembly.MockView)28 TargetProcessThread (com.google.security.zynamics.binnavi.debug.models.processmanager.TargetProcessThread)27 RelocatedAddress (com.google.security.zynamics.binnavi.disassembly.RelocatedAddress)27 CFunction (com.google.security.zynamics.binnavi.disassembly.CFunction)26 MockDatabase (com.google.security.zynamics.binnavi.Database.MockClasses.MockDatabase)24 CTag (com.google.security.zynamics.binnavi.Tagging.CTag)24