Search in sources :

Example 36 with IAddress

use of com.google.security.zynamics.zylib.disassembly.IAddress in project binnavi by google.

the class PostgreSQLProviderTest method testInstructionFunctionsAddReference6.

@Test(expected = CouldntSaveDataException.class)
public void testInstructionFunctionsAddReference6() throws CouldntSaveDataException, CouldntLoadDataException, LoadCancelledException {
    final INaviModule module = getProvider().loadModules().get(1);
    module.load();
    final INaviFunction function = module.getContent().getFunctionContainer().getFunctions().get(1800);
    function.load();
    final IBlockNode basicBlock = function.getBasicBlocks().get(0);
    final INaviInstruction instruction = Iterables.get(basicBlock.getInstructions(), 1);
    final COperandTree tree = instruction.getOperands().get(0);
    final INaviOperandTreeNode node = tree.getRootNode();
    final IAddress address = instruction.getAddress();
    final ReferenceType type = ReferenceType.DATA;
    PostgreSQLInstructionFunctions.addReference(getProvider(), node, address, type);
}
Also used : INaviOperandTreeNode(com.google.security.zynamics.binnavi.disassembly.INaviOperandTreeNode) INaviModule(com.google.security.zynamics.binnavi.disassembly.INaviModule) IBlockNode(com.google.security.zynamics.binnavi.disassembly.IBlockNode) COperandTree(com.google.security.zynamics.binnavi.disassembly.COperandTree) INaviFunction(com.google.security.zynamics.binnavi.disassembly.INaviFunction) IAddress(com.google.security.zynamics.zylib.disassembly.IAddress) ReferenceType(com.google.security.zynamics.zylib.disassembly.ReferenceType) INaviInstruction(com.google.security.zynamics.binnavi.disassembly.INaviInstruction) ExpensiveBaseTest(com.google.security.zynamics.binnavi.disassembly.types.ExpensiveBaseTest) Test(org.junit.Test)

Example 37 with IAddress

use of com.google.security.zynamics.zylib.disassembly.IAddress in project binnavi by google.

the class TestFollowZFIncomingBackwards method testTransformFollowZFinStream2.

@Test
public void testTransformFollowZFinStream2() {
    final MockOperandTree operandTreeFirst1 = new MockOperandTree();
    operandTreeFirst1.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "dword");
    operandTreeFirst1.root.m_children.add(new MockOperandTreeNode(ExpressionType.IMMEDIATE_INTEGER, "16827245"));
    final List<MockOperandTree> operandsFirst = Lists.newArrayList(operandTreeFirst1);
    m_options = new RegisterTrackingOptions(true, new HashSet<String>(), true, AnalysisDirection.UP);
    final List<String> instructionStrings0 = new ArrayList<String>();
    instructionStrings0.add("000000010025C500: str [DWORD edi, EMPTY , DWORD edi]");
    instructionStrings0.add("000000010025C700: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings0.add("000000010025C701: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings0.add("000000010025C702: stm [DWORD ebp, EMPTY , DWORD esp]");
    instructionStrings0.add("000000010025C800: str [DWORD esp, EMPTY , DWORD ebp]");
    instructionStrings0.add("000000010025CA00: add [DWORD 12, DWORD ebp, QWORD t0]");
    instructionStrings0.add("000000010025CA01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
    instructionStrings0.add("000000010025CA02: ldm [DWORD t1, EMPTY , DWORD t2]");
    instructionStrings0.add("000000010025CA03: str [DWORD t2, EMPTY , DWORD eax]");
    instructionStrings0.add("000000010025CD00: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings0.add("000000010025CD01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings0.add("000000010025CD02: stm [DWORD esi, EMPTY , DWORD esp]");
    instructionStrings0.add("000000010025CE00: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings0.add("000000010025CE01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings0.add("000000010025CE02: stm [DWORD edi, EMPTY , DWORD esp]");
    instructionStrings0.add("000000010025CF00: str [DWORD ecx, EMPTY , DWORD esi]");
    instructionStrings0.add("000000010025D100: and [DWORD eax, DWORD 2147483648, DWORD t0]");
    instructionStrings0.add("000000010025D101: and [DWORD 4294967295, DWORD 2147483648, DWORD t1]");
    instructionStrings0.add("000000010025D102: sub [DWORD eax, DWORD 4294967295, QWORD t2]");
    instructionStrings0.add("000000010025D103: and [QWORD t2, QWORD 2147483648, DWORD t3]");
    instructionStrings0.add("000000010025D104: bsh [DWORD t3, DWORD -31, BYTE SF]");
    instructionStrings0.add("000000010025D105: xor [DWORD t0, DWORD t1, DWORD t4]");
    instructionStrings0.add("000000010025D106: xor [DWORD t0, DWORD t3, DWORD t5]");
    instructionStrings0.add("000000010025D107: and [DWORD t4, DWORD t5, DWORD t6]");
    instructionStrings0.add("000000010025D108: bsh [DWORD t6, DWORD -31, BYTE OF]");
    instructionStrings0.add("000000010025D109: and [QWORD t2, QWORD 4294967296, QWORD t7]");
    instructionStrings0.add("000000010025D10A: bsh [QWORD t7, QWORD -32, BYTE CF]");
    instructionStrings0.add("000000010025D10B: and [QWORD t2, QWORD 4294967295, DWORD t8]");
    instructionStrings0.add("000000010025D10C: bisz [DWORD t8, EMPTY , BYTE ZF]");
    instructionStrings0.add("000000010025D400: bisz [BYTE ZF, EMPTY , BYTE t0]");
    instructionStrings0.add("000000010025D401: jcc [BYTE t0, EMPTY , DWORD 16945901]");
    final List<String> instructionStrings1 = new ArrayList<String>();
    // mov
    instructionStrings1.add("000000010025DA00: add [DWORD 8, DWORD ebp, QWORD t0]");
    instructionStrings1.add("000000010025DA01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
    instructionStrings1.add("000000010025DA02: ldm [DWORD t1, EMPTY , DWORD t2]");
    instructionStrings1.add("000000010025DA03: str [DWORD t2, EMPTY , DWORD edi]");
    // test
    instructionStrings1.add("000000010025DD00: and [DWORD edi, DWORD edi, DWORD t0]");
    instructionStrings1.add("000000010025DD01: and [DWORD t0, DWORD 2147483648, DWORD t1]");
    instructionStrings1.add("000000010025DD02: bsh [DWORD t1, DWORD -31, BYTE SF]");
    instructionStrings1.add("000000010025DD03: bisz [DWORD t0, EMPTY , BYTE ZF]");
    instructionStrings1.add("000000010025DD04: str [BYTE 0, EMPTY , BYTE CF]");
    instructionStrings1.add("000000010025DD05: str [BYTE 0, EMPTY , BYTE OF]");
    // jz
    instructionStrings1.add("000000010025DF00: jcc [BYTE ZF, EMPTY , DWORD 16880362]");
    final List<String> instructionStrings2 = new ArrayList<String>();
    instructionStrings2.add("000000010025E500: add [DWORD 8, DWORD esi, QWORD t0]");
    instructionStrings2.add("000000010025E501: and [QWORD t0, DWORD 4294967295, DWORD t1]");
    instructionStrings2.add("000000010025E502: ldm [DWORD t1, EMPTY , DWORD t2]");
    instructionStrings2.add("000000010025E503: and [DWORD edi, DWORD 2147483648, DWORD t3]");
    instructionStrings2.add("000000010025E504: and [DWORD t2, DWORD 2147483648, DWORD t4]");
    instructionStrings2.add("000000010025E505: sub [DWORD edi, DWORD t2, QWORD t5]");
    instructionStrings2.add("000000010025E506: and [QWORD t5, QWORD 2147483648, DWORD t6]");
    instructionStrings2.add("000000010025E507: bsh [DWORD t6, DWORD -31, BYTE SF]");
    instructionStrings2.add("000000010025E508: xor [DWORD t3, DWORD t4, DWORD t7]");
    instructionStrings2.add("000000010025E509: xor [DWORD t3, DWORD t6, DWORD t8]");
    instructionStrings2.add("000000010025E50A: and [DWORD t7, DWORD t8, DWORD t9]");
    instructionStrings2.add("000000010025E50B: bsh [DWORD t9, DWORD -31, BYTE OF]");
    instructionStrings2.add("000000010025E50C: and [QWORD t5, QWORD 4294967296, QWORD t10]");
    instructionStrings2.add("000000010025E50D: bsh [QWORD t10, QWORD -32, BYTE CF]");
    instructionStrings2.add("000000010025E50E: and [QWORD t5, QWORD 4294967295, DWORD t11]");
    instructionStrings2.add("000000010025E50F: bisz [DWORD t11, EMPTY , BYTE ZF]");
    instructionStrings2.add("000000010025E800: or [BYTE CF, BYTE ZF, BYTE t0]");
    instructionStrings2.add("000000010025E801: jcc [BYTE t0, EMPTY , DWORD 16880391]");
    final List<String> instructionStrings3 = new ArrayList<String>();
    instructionStrings3.add("000000010025EE00: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings3.add("000000010025EE01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings3.add("000000010025EE02: stm [DWORD edi, EMPTY , DWORD esp]");
    instructionStrings3.add("000000010025EF00: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings3.add("000000010025EF01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings3.add("000000010025EF02: stm [DWORD 16786932, EMPTY , DWORD esp]");
    instructionStrings3.add("000000010025EF03: jcc [DWORD 1, EMPTY , DWORD 16792317]");
    final List<String> instructionStrings4 = new ArrayList<String>();
    instructionStrings4.add("000000010025F400: and [DWORD eax, BYTE 255, BYTE t1]");
    instructionStrings4.add("000000010025F401: and [DWORD eax, BYTE 255, BYTE t3]");
    instructionStrings4.add("000000010025F402: and [BYTE t1, BYTE t3, BYTE t4]");
    instructionStrings4.add("000000010025F403: and [BYTE t4, BYTE 128, BYTE t5]");
    instructionStrings4.add("000000010025F404: bsh [BYTE t5, BYTE -7, BYTE SF]");
    instructionStrings4.add("000000010025F405: bisz [BYTE t4, EMPTY , BYTE ZF]");
    instructionStrings4.add("000000010025F406: str [BYTE 0, EMPTY , BYTE CF]");
    instructionStrings4.add("000000010025F407: str [BYTE 0, EMPTY , BYTE OF]");
    instructionStrings4.add("000000010025F600: jcc [BYTE ZF, EMPTY , DWORD 16786960]");
    final List<String> instructionStrings5 = new ArrayList<String>();
    instructionStrings5.add("000000010025F800: add [DWORD 4, DWORD esi, QWORD t0]");
    instructionStrings5.add("000000010025F801: and [QWORD t0, DWORD 4294967295, DWORD t1]");
    instructionStrings5.add("000000010025F802: ldm [DWORD t1, EMPTY , DWORD t2]");
    instructionStrings5.add("000000010025F803: str [DWORD t2, EMPTY , DWORD eax]");
    final List<String> instructionStrings6 = new ArrayList<String>();
    instructionStrings6.add("000000010025FB00: str [DWORD edi, EMPTY , DWORD ecx]");
    instructionStrings6.add("000000010025FD00: and [DWORD ecx, DWORD 2147483648, DWORD t0]");
    instructionStrings6.add("000000010025FD01: and [DWORD eax, DWORD 2147483648, DWORD t1]");
    instructionStrings6.add("000000010025FD02: sub [DWORD ecx, DWORD eax, QWORD t2]");
    instructionStrings6.add("000000010025FD03: and [QWORD t2, QWORD 2147483648, DWORD t3]");
    instructionStrings6.add("000000010025FD04: bsh [DWORD t3, DWORD -31, BYTE SF]");
    instructionStrings6.add("000000010025FD05: xor [DWORD t0, DWORD t1, DWORD t4]");
    instructionStrings6.add("000000010025FD06: xor [DWORD t0, DWORD t3, DWORD t5]");
    instructionStrings6.add("000000010025FD07: and [DWORD t4, DWORD t5, DWORD t6]");
    instructionStrings6.add("000000010025FD08: bsh [DWORD t6, DWORD -31, BYTE OF]");
    instructionStrings6.add("000000010025FD09: and [QWORD t2, QWORD 4294967296, QWORD t7]");
    instructionStrings6.add("000000010025FD0A: bsh [QWORD t7, QWORD -32, BYTE CF]");
    instructionStrings6.add("000000010025FD0B: and [QWORD t2, QWORD 4294967295, DWORD t8]");
    instructionStrings6.add("000000010025FD0C: bisz [DWORD t8, EMPTY , BYTE ZF]");
    instructionStrings6.add("000000010025FD0D: str [DWORD t8, EMPTY , DWORD ecx]");
    instructionStrings6.add("000000010025FF00: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings6.add("000000010025FF01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings6.add("000000010025FF02: stm [DWORD ecx, EMPTY , DWORD esp]");
    instructionStrings6.add("0000000100260000: ldm [DWORD esi, EMPTY , DWORD t0]");
    instructionStrings6.add("0000000100260001: str [DWORD t0, EMPTY , DWORD ecx]");
    instructionStrings6.add("0000000100260200: mul [DWORD 4, DWORD eax, QWORD t0]");
    instructionStrings6.add("0000000100260201: add [QWORD t0, DWORD ecx, QWORD t2]");
    instructionStrings6.add("0000000100260202: and [QWORD t2, DWORD 4294967295, DWORD t3]");
    instructionStrings6.add("0000000100260203: str [DWORD t3, EMPTY , DWORD eax]");
    instructionStrings6.add("0000000100260500: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings6.add("0000000100260501: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings6.add("0000000100260502: stm [DWORD eax, EMPTY , DWORD esp]");
    instructionStrings6.add("0000000100260600: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings6.add("0000000100260601: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings6.add("0000000100260602: stm [DWORD 16786955, EMPTY , DWORD esp]");
    instructionStrings6.add("0000000100260603: jcc [DWORD 1, EMPTY , DWORD 16792263]");
    final List<String> instructionStrings7 = new ArrayList<String>();
    instructionStrings7.add("0000000100260B00: add [DWORD 4, DWORD esi, QWORD t0]");
    instructionStrings7.add("0000000100260B01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
    instructionStrings7.add("0000000100260B02: stm [DWORD edi, EMPTY , DWORD t1]");
    final List<String> instructionStrings8 = new ArrayList<String>();
    instructionStrings8.add("0000000100260E00: and [DWORD eax, DWORD 4294967040, DWORD t1]");
    instructionStrings8.add("0000000100260E01: or [BYTE 1, DWORD t1, DWORD eax]");
    final List<String> instructionStrings9 = new ArrayList<String>();
    instructionStrings9.add("0000000100261000: ldm [DWORD esp, EMPTY , DWORD t0]");
    instructionStrings9.add("0000000100261001: add [DWORD esp, DWORD 4, QWORD t1]");
    instructionStrings9.add("0000000100261002: and [QWORD t1, DWORD 4294967295, DWORD esp]");
    instructionStrings9.add("0000000100261003: str [DWORD t0, EMPTY , DWORD edi]");
    instructionStrings9.add("0000000100261100: ldm [DWORD esp, EMPTY , DWORD t0]");
    instructionStrings9.add("0000000100261101: add [DWORD esp, DWORD 4, QWORD t1]");
    instructionStrings9.add("0000000100261102: and [QWORD t1, DWORD 4294967295, DWORD esp]");
    instructionStrings9.add("0000000100261103: str [DWORD t0, EMPTY , DWORD esi]");
    instructionStrings9.add("0000000100261200: ldm [DWORD esp, EMPTY , DWORD t0]");
    instructionStrings9.add("0000000100261201: add [DWORD esp, DWORD 4, QWORD t1]");
    instructionStrings9.add("0000000100261202: and [QWORD t1, DWORD 4294967295, DWORD esp]");
    instructionStrings9.add("0000000100261203: str [DWORD t0, EMPTY , DWORD ebp]");
    instructionStrings9.add("0000000100261300: ldm [DWORD esp, EMPTY , DWORD t0]");
    instructionStrings9.add("0000000100261301: add [DWORD esp, DWORD 12, QWORD t1]");
    instructionStrings9.add("0000000100261302: and [QWORD t1, QWORD 4294967295, DWORD esp]");
    instructionStrings9.add("0000000100261303: jcc [DWORD 1, EMPTY , DWORD t0]");
    final List<String> instructionStrings10 = new ArrayList<String>();
    instructionStrings10.add("000000010192EA00: ldm [DWORD esi, EMPTY , DWORD t0]");
    instructionStrings10.add("000000010192EA01: str [DWORD t0, EMPTY , DWORD eax]");
    instructionStrings10.add("000000010192EC00: and [DWORD eax, DWORD eax, DWORD t0]");
    instructionStrings10.add("000000010192EC01: and [DWORD t0, DWORD 2147483648, DWORD t1]");
    instructionStrings10.add("000000010192EC02: bsh [DWORD t1, DWORD -31, BYTE SF]");
    instructionStrings10.add("000000010192EC03: bisz [DWORD t0, EMPTY , BYTE ZF]");
    instructionStrings10.add("000000010192EC04: str [BYTE 0, EMPTY , BYTE CF]");
    instructionStrings10.add("000000010192EC05: str [BYTE 0, EMPTY , BYTE OF]");
    instructionStrings10.add("000000010192EE00: jcc [BYTE ZF, EMPTY , DWORD 16880378]");
    final List<String> instructionStrings11 = new ArrayList<String>();
    instructionStrings11.add("000000010192F000: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings11.add("000000010192F001: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings11.add("000000010192F002: stm [DWORD eax, EMPTY , DWORD esp]");
    instructionStrings11.add("000000010192F100: sub [DWORD esp, DWORD 4, QWORD t0]");
    instructionStrings11.add("000000010192F101: and [QWORD t0, DWORD 4294967295, DWORD esp]");
    instructionStrings11.add("000000010192F102: stm [DWORD 16880375, EMPTY , DWORD esp]");
    instructionStrings11.add("000000010192F103: ldm [DWORD 16782844, EMPTY , DWORD t1]");
    instructionStrings11.add("000000010192F104: jcc [DWORD 1, EMPTY , DWORD t1]");
    final List<String> instructionStrings12 = new ArrayList<String>();
    instructionStrings12.add("000000010192F700: ldm [DWORD esi, EMPTY , DWORD t0]");
    instructionStrings12.add("000000010192F701: and [DWORD edi, DWORD t0, DWORD t1]");
    instructionStrings12.add("000000010192F702: and [DWORD t1, DWORD 2147483648, DWORD t2]");
    instructionStrings12.add("000000010192F703: bsh [DWORD t2, DWORD -31, BYTE SF]");
    instructionStrings12.add("000000010192F704: bisz [DWORD t1, EMPTY , BYTE ZF]");
    instructionStrings12.add("000000010192F705: str [BYTE 0, EMPTY , BYTE CF]");
    instructionStrings12.add("000000010192F706: str [BYTE 0, EMPTY , BYTE OF]");
    instructionStrings12.add("000000010192F707: stm [DWORD t1, EMPTY , DWORD esi]");
    instructionStrings12.add("000000010192F900: ldm [DWORD esp, EMPTY , DWORD t0]");
    instructionStrings12.add("000000010192F901: add [DWORD esp, DWORD 4, QWORD t1]");
    instructionStrings12.add("000000010192F902: and [QWORD t1, DWORD 4294967295, DWORD esp]");
    instructionStrings12.add("000000010192F903: str [DWORD t0, EMPTY , DWORD ecx]");
    final List<String> instructionStrings13 = new ArrayList<String>();
    instructionStrings13.add("000000010192FA00: add [DWORD 4, DWORD esi, QWORD t0]");
    instructionStrings13.add("000000010192FA01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
    instructionStrings13.add("000000010192FA02: ldm [DWORD t1, EMPTY , DWORD t2]");
    instructionStrings13.add("000000010192FA03: and [DWORD 0, DWORD t2, DWORD t3]");
    instructionStrings13.add("000000010192FA04: and [DWORD t3, DWORD 2147483648, DWORD t4]");
    instructionStrings13.add("000000010192FA05: bsh [DWORD t4, DWORD -31, BYTE SF]");
    instructionStrings13.add("000000010192FA06: bisz [DWORD t3, EMPTY , BYTE ZF]");
    instructionStrings13.add("000000010192FA07: str [BYTE 0, EMPTY , BYTE CF]");
    instructionStrings13.add("000000010192FA08: str [BYTE 0, EMPTY , BYTE OF]");
    instructionStrings13.add("000000010192FA09: stm [DWORD t3, EMPTY , DWORD t1]");
    instructionStrings13.add("000000010192FE00: add [DWORD 8, DWORD esi, QWORD t0]");
    instructionStrings13.add("000000010192FE01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
    instructionStrings13.add("000000010192FE02: ldm [DWORD t1, EMPTY , DWORD t2]");
    instructionStrings13.add("000000010192FE03: and [DWORD 0, DWORD t2, DWORD t3]");
    instructionStrings13.add("000000010192FE04: and [DWORD t3, DWORD 2147483648, DWORD t4]");
    instructionStrings13.add("000000010192FE05: bsh [DWORD t4, DWORD -31, BYTE SF]");
    instructionStrings13.add("000000010192FE06: bisz [DWORD t3, EMPTY , BYTE ZF]");
    instructionStrings13.add("000000010192FE07: str [BYTE 0, EMPTY , BYTE CF]");
    instructionStrings13.add("000000010192FE08: str [BYTE 0, EMPTY , BYTE OF]");
    instructionStrings13.add("000000010192FE09: stm [DWORD t3, EMPTY , DWORD t1]");
    instructionStrings13.add("0000000101930200: jcc [BYTE 1, EMPTY , DWORD 16786958]");
    final List<String> instructionStrings14 = new ArrayList<String>();
    instructionStrings14.add("0000000101930700: add [DWORD 4, DWORD esi, QWORD t0]");
    instructionStrings14.add("0000000101930701: and [QWORD t0, DWORD 4294967295, DWORD t1]");
    instructionStrings14.add("0000000101930702: ldm [DWORD t1, EMPTY , DWORD t2]");
    instructionStrings14.add("0000000101930703: str [DWORD t2, EMPTY , DWORD eax]");
    instructionStrings14.add("0000000101930A00: and [DWORD edi, DWORD 2147483648, DWORD t0]");
    instructionStrings14.add("0000000101930A01: and [DWORD eax, DWORD 2147483648, DWORD t1]");
    instructionStrings14.add("0000000101930A02: sub [DWORD edi, DWORD eax, QWORD t2]");
    instructionStrings14.add("0000000101930A03: and [QWORD t2, QWORD 2147483648, DWORD t3]");
    instructionStrings14.add("0000000101930A04: bsh [DWORD t3, DWORD -31, BYTE SF]");
    instructionStrings14.add("0000000101930A05: xor [DWORD t0, DWORD t1, DWORD t4]");
    instructionStrings14.add("0000000101930A06: xor [DWORD t0, DWORD t3, DWORD t5]");
    instructionStrings14.add("0000000101930A07: and [DWORD t4, DWORD t5, DWORD t6]");
    instructionStrings14.add("0000000101930A08: bsh [DWORD t6, DWORD -31, BYTE OF]");
    instructionStrings14.add("0000000101930A09: and [QWORD t2, QWORD 4294967296, QWORD t7]");
    instructionStrings14.add("0000000101930A0A: bsh [QWORD t7, QWORD -32, BYTE CF]");
    instructionStrings14.add("0000000101930A0B: and [QWORD t2, QWORD 4294967295, DWORD t8]");
    instructionStrings14.add("0000000101930A0C: bisz [DWORD t8, EMPTY , BYTE ZF]");
    instructionStrings14.add("0000000101930C00: bisz [BYTE ZF, EMPTY , BYTE t0]");
    instructionStrings14.add("0000000101930C01: bisz [BYTE CF, EMPTY , BYTE t1]");
    instructionStrings14.add("0000000101930C02: and [BYTE t0, BYTE t1, BYTE t2]");
    instructionStrings14.add("0000000101930C03: jcc [BYTE t2, EMPTY , DWORD 16786939]");
    final List<String> instructionStrings15 = new ArrayList<String>();
    instructionStrings15.add("0000000101931200: jcc [BYTE 1, EMPTY , DWORD 16786955]");
    final List<String> instructionStrings16 = new ArrayList<String>();
    instructionStrings16.add("000000010292ED00: add [DWORD 12, DWORD esi, QWORD t0]");
    instructionStrings16.add("000000010292ED01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
    instructionStrings16.add("000000010292ED02: stm [DWORD eax, EMPTY , DWORD t1]");
    instructionStrings16.add("000000010292F000: jcc [BYTE 1, EMPTY , DWORD 16786906]");
    final List<String> edgeStrings = new ArrayList<String>();
    edgeStrings.add("000000010025C500 [JUMP_CONDITIONAL_TRUE]-> 000000010292ED00");
    edgeStrings.add("000000010025C500 [JUMP_CONDITIONAL_FALSE]-> 000000010025DA00");
    edgeStrings.add("000000010025DA00 [JUMP_CONDITIONAL_FALSE]-> 000000010025E500");
    edgeStrings.add("000000010025DA00 [JUMP_CONDITIONAL_TRUE]-> 000000010192EA00");
    edgeStrings.add("000000010025E500 [JUMP_CONDITIONAL_FALSE]-> 000000010025EE00");
    edgeStrings.add("000000010025E500 [JUMP_CONDITIONAL_TRUE]-> 0000000101930700");
    edgeStrings.add("000000010025EE00 [JUMP_UNCONDITIONAL]-> 000000010025F400");
    edgeStrings.add("000000010025F400 [JUMP_CONDITIONAL_TRUE]-> 0000000100261000");
    edgeStrings.add("000000010025F400 [JUMP_CONDITIONAL_FALSE]-> 000000010025F800");
    edgeStrings.add("000000010025F800 [JUMP_UNCONDITIONAL]-> 000000010025FB00");
    edgeStrings.add("000000010025FB00 [JUMP_UNCONDITIONAL]-> 0000000100260B00");
    edgeStrings.add("0000000100260B00 [JUMP_UNCONDITIONAL]-> 0000000100260E00");
    edgeStrings.add("0000000100260E00 [JUMP_UNCONDITIONAL]-> 0000000100261000");
    edgeStrings.add("000000010192EA00 [JUMP_CONDITIONAL_TRUE]-> 000000010192FA00");
    edgeStrings.add("000000010192EA00 [JUMP_CONDITIONAL_FALSE]-> 000000010192F000");
    edgeStrings.add("000000010192F000 [JUMP_UNCONDITIONAL]-> 000000010192F700");
    edgeStrings.add("000000010192F700 [JUMP_UNCONDITIONAL]-> 000000010192FA00");
    edgeStrings.add("000000010192FA00 [JUMP_UNCONDITIONAL]-> 0000000100260E00");
    edgeStrings.add("0000000101930700 [JUMP_CONDITIONAL_FALSE]-> 0000000101931200");
    edgeStrings.add("0000000101930700 [JUMP_CONDITIONAL_TRUE]-> 000000010025FB00");
    edgeStrings.add("0000000101931200 [JUMP_UNCONDITIONAL]-> 0000000100260B00");
    edgeStrings.add("000000010292ED00 [JUMP_UNCONDITIONAL]-> 000000010025DA00");
    final List<List<String>> reilBlocks = new ArrayList<List<String>>();
    reilBlocks.add(instructionStrings0);
    reilBlocks.add(instructionStrings1);
    reilBlocks.add(instructionStrings2);
    reilBlocks.add(instructionStrings3);
    reilBlocks.add(instructionStrings4);
    reilBlocks.add(instructionStrings5);
    reilBlocks.add(instructionStrings6);
    reilBlocks.add(instructionStrings7);
    reilBlocks.add(instructionStrings8);
    reilBlocks.add(instructionStrings9);
    reilBlocks.add(instructionStrings10);
    reilBlocks.add(instructionStrings11);
    reilBlocks.add(instructionStrings12);
    reilBlocks.add(instructionStrings13);
    reilBlocks.add(instructionStrings14);
    reilBlocks.add(instructionStrings15);
    reilBlocks.add(instructionStrings16);
    generateReilGraph(reilBlocks, edgeStrings);
    m_function = new ReilFunction("FOLLOWZF", m_graph1);
    final String trackedRegister = "ZF";
    conditionalJumpInstruction1 = new MockInstruction(Long.parseLong("10025DF", 16), "jz", operandsFirst);
    final MonoReilSolverResult<RegisterSetLatticeElement> result = RegisterTracker.track(m_function, conditionalJumpInstruction1, trackedRegister, m_options);
    final Map<IAddress, RegisterSetLatticeElement> resultMap = result.generateAddressToStateMapping(conditionalJumpInstruction1, m_options.trackIncoming());
    for (final Entry<IAddress, RegisterSetLatticeElement> resultEntry : resultMap.entrySet()) {
        if (resultEntry.getKey().toLong() == Long.parseLong("000000010025DF00", 16)) {
            final RegisterSetLatticeElement jzElement = resultEntry.getValue();
            assertTrue(jzElement.getNewlyTaintedRegisters().contains("ZF"));
            assertTrue(jzElement.getReadRegisters().isEmpty());
            assertTrue(jzElement.getTaintedRegisters().contains("ZF"));
            assertTrue(jzElement.getUntaintedRegisters().isEmpty());
            assertTrue(jzElement.getUpdatedRegisters().isEmpty());
        }
        if (resultEntry.getKey().toLong() == Long.parseLong("000000010025DD00", 16)) {
            final RegisterSetLatticeElement cmpElement = resultEntry.getValue();
            assertTrue(cmpElement.getNewlyTaintedRegisters().contains("edi"));
            assertTrue(cmpElement.getReadRegisters().contains("ZF"));
            assertTrue(cmpElement.getTaintedRegisters().contains("edi"));
            assertTrue(cmpElement.getUntaintedRegisters().contains("ZF"));
            assertTrue(cmpElement.getUpdatedRegisters().isEmpty());
        }
        if (resultEntry.getKey().toLong() == Long.parseLong("000000010025DA00", 16)) {
            final RegisterSetLatticeElement cmpElement = resultEntry.getValue();
            assertTrue(cmpElement.getNewlyTaintedRegisters().isEmpty());
            assertTrue(cmpElement.getReadRegisters().contains("edi"));
            assertTrue(cmpElement.getTaintedRegisters().isEmpty());
            assertTrue(cmpElement.getUntaintedRegisters().contains("edi"));
            assertTrue(cmpElement.getUpdatedRegisters().isEmpty());
        }
    }
    final Map<IAddress, RegisterSetLatticeElement> perInstructionElement = result.generateAddressToStateMapping(conditionalJumpInstruction1, m_options.trackIncoming());
    for (final Entry<IAddress, RegisterSetLatticeElement> element : perInstructionElement.entrySet()) {
        System.out.println(element.getKey() + ":::" + element.getValue());
    }
}
Also used : MockOperandTreeNode(com.google.security.zynamics.zylib.disassembly.MockOperandTreeNode) ReilFunction(com.google.security.zynamics.reil.ReilFunction) ArrayList(java.util.ArrayList) IAddress(com.google.security.zynamics.zylib.disassembly.IAddress) MockInstruction(com.google.security.zynamics.zylib.disassembly.MockInstruction) MockOperandTree(com.google.security.zynamics.zylib.disassembly.MockOperandTree) ArrayList(java.util.ArrayList) List(java.util.List) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 38 with IAddress

use of com.google.security.zynamics.zylib.disassembly.IAddress in project binnavi by google.

the class CBreakpointFunctions method zoomToBreakpoint.

/**
 * Zooms to a given breakpoint.
 *
 * @param parent Parent window for dialogs.
 * @param graph Graph shown in the window of the breakpoint table.
 * @param container View container of the graph.
 * @param address Address to zoom to.
 */
public static void zoomToBreakpoint(final Window parent, final ZyGraph graph, final IViewContainer container, final BreakpointAddress address) {
    final IAddress addr = address.getAddress().getAddress();
    if (!ZyZoomHelpers.zoomToAddress(graph, addr, address.getModule(), true)) {
        for (final CGraphWindow window : CWindowManager.instance()) {
            for (final IGraphPanel graphPanel : window) {
                if (ZyZoomHelpers.zoomToAddress(graphPanel.getModel().getGraph(), addr, address.getModule(), true)) {
                    window.activate(graphPanel);
                    window.toFront();
                    return;
                }
            }
        }
        CViewSearcher.searchView(parent, container, addr);
    }
}
Also used : CGraphWindow(com.google.security.zynamics.binnavi.Gui.GraphWindows.CGraphWindow) IGraphPanel(com.google.security.zynamics.binnavi.Gui.GraphWindows.IGraphPanel) IAddress(com.google.security.zynamics.zylib.disassembly.IAddress)

Example 39 with IAddress

use of com.google.security.zynamics.zylib.disassembly.IAddress in project binnavi by google.

the class CGraphSynchronizer method updateInstructionMap.

/**
 * Updates the cached Address => Instruction map.
 */
private void updateInstructionMap() {
    m_instructionMap.clear();
    for (final INaviViewNode node : m_graph.getRawView().getGraph()) {
        if (node instanceof INaviCodeNode) {
            final INaviCodeNode cnode = (INaviCodeNode) node;
            for (final INaviInstruction instruction : cnode.getInstructions()) {
                final IAddress address = instruction.getAddress();
                m_instructionMap.put(address, instruction);
            }
        }
    }
}
Also used : INaviCodeNode(com.google.security.zynamics.binnavi.disassembly.INaviCodeNode) INaviViewNode(com.google.security.zynamics.binnavi.disassembly.INaviViewNode) IAddress(com.google.security.zynamics.zylib.disassembly.IAddress) INaviInstruction(com.google.security.zynamics.binnavi.disassembly.INaviInstruction)

Example 40 with IAddress

use of com.google.security.zynamics.zylib.disassembly.IAddress in project binnavi by google.

the class CGlobalEdgeCommentSynchronizer method updateOpenViews.

/**
 * Pushes a new global edge comment to all open views.
 *
 * @param edge The edge that has the new comment.
 * @param comments The new comment of the code node.
 *
 * @throws CouldntSaveDataException Thrown if updating the edge comments failed.
 */
public static void updateOpenViews(final INaviEdge edge, final ArrayList<IComment> comments) throws CouldntSaveDataException {
    try {
        final Pair<INaviModule, INaviModule> modules = getModules(edge);
        if (modules.first() != modules.second()) {
            // TODO: Handle this
            return;
        }
        if ((modules.first() != null) && (modules.second() != null) && modules.first().isLoaded()) {
            final List<INaviEdge> edgelist = new ArrayList<INaviEdge>();
            final Quad<Integer, IAddress, Integer, IAddress> refEdgeData = getEdgeData(edge);
            for (final INaviView view : modules.first().getContent().getViewContainer().getViews()) {
                edgelist.addAll(collectEdges(view, refEdgeData));
            }
            for (final INaviEdge updateEdge : edgelist) {
                updateEdge.initializeGlobalComment(comments);
            }
        }
    } catch (final MaybeNullException exception) {
    // Trying to update global comments of code nodes without global comments.
    }
}
Also used : INaviView(com.google.security.zynamics.binnavi.disassembly.views.INaviView) INaviModule(com.google.security.zynamics.binnavi.disassembly.INaviModule) MaybeNullException(com.google.security.zynamics.binnavi.Exceptions.MaybeNullException) ArrayList(java.util.ArrayList) INaviEdge(com.google.security.zynamics.binnavi.disassembly.INaviEdge) IAddress(com.google.security.zynamics.zylib.disassembly.IAddress)

Aggregations

IAddress (com.google.security.zynamics.zylib.disassembly.IAddress)82 INaviModule (com.google.security.zynamics.binnavi.disassembly.INaviModule)28 ArrayList (java.util.ArrayList)23 CAddress (com.google.security.zynamics.zylib.disassembly.CAddress)19 INaviFunction (com.google.security.zynamics.binnavi.disassembly.INaviFunction)16 INaviInstruction (com.google.security.zynamics.binnavi.disassembly.INaviInstruction)15 Test (org.junit.Test)14 SQLException (java.sql.SQLException)12 CouldntLoadDataException (com.google.security.zynamics.binnavi.Database.Exceptions.CouldntLoadDataException)11 ResultSet (java.sql.ResultSet)11 BigInteger (java.math.BigInteger)10 HashMap (java.util.HashMap)10 INaviCodeNode (com.google.security.zynamics.binnavi.disassembly.INaviCodeNode)9 COperandTree (com.google.security.zynamics.binnavi.disassembly.COperandTree)7 INaviOperandTreeNode (com.google.security.zynamics.binnavi.disassembly.INaviOperandTreeNode)7 INaviView (com.google.security.zynamics.binnavi.disassembly.views.INaviView)7 CConnection (com.google.security.zynamics.binnavi.Database.CConnection)6 CouldntSaveDataException (com.google.security.zynamics.binnavi.Database.Exceptions.CouldntSaveDataException)6 ReilFunction (com.google.security.zynamics.reil.ReilFunction)6 List (java.util.List)6