use of com.google.security.zynamics.zylib.disassembly.MockInstruction in project binnavi by google.
the class ARMClzTranslatorTest method testSimpleRegister.
@Test
public void testSimpleRegister() throws InternalTranslationException, InterpreterException {
interpreter.setRegister("R0", BigInteger.valueOf(0x0L), dw, ReilRegisterStatus.DEFINED);
interpreter.setRegister("R1", BigInteger.valueOf(0x2L), dw, ReilRegisterStatus.DEFINED);
final MockOperandTree operandTree1 = new MockOperandTree();
operandTree1.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "b4");
operandTree1.root.m_children.add(new MockOperandTreeNode(ExpressionType.REGISTER, "R0"));
final MockOperandTree operandTree2 = new MockOperandTree();
operandTree2.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "b4");
operandTree2.root.m_children.add(new MockOperandTreeNode(ExpressionType.REGISTER, "R1"));
final List<MockOperandTree> operands = Lists.newArrayList(operandTree1, operandTree2);
final IInstruction instruction = new MockInstruction("CLZ", operands);
translator.translate(environment, instruction, instructions);
interpreter.interpret(TestHelpers.createMapping(instructions), BigInteger.valueOf(0x100L));
assertEquals(BigInteger.valueOf(0x1EL), interpreter.getVariableValue("R0"));
assertEquals(BigInteger.valueOf(0x2L), interpreter.getVariableValue("R1"));
assertEquals(BigInteger.ZERO, BigInteger.valueOf(interpreter.getMemorySize()));
assertEquals(3, TestHelpers.filterNativeRegisters(interpreter.getDefinedRegisters()).size());
}
use of com.google.security.zynamics.zylib.disassembly.MockInstruction in project binnavi by google.
the class TestFollowZFIncomingBackwards method testTransformFollowZFinStream2.
@Test
public void testTransformFollowZFinStream2() {
final MockOperandTree operandTreeFirst1 = new MockOperandTree();
operandTreeFirst1.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "dword");
operandTreeFirst1.root.m_children.add(new MockOperandTreeNode(ExpressionType.IMMEDIATE_INTEGER, "16827245"));
final List<MockOperandTree> operandsFirst = Lists.newArrayList(operandTreeFirst1);
m_options = new RegisterTrackingOptions(true, new HashSet<String>(), true, AnalysisDirection.UP);
final List<String> instructionStrings0 = new ArrayList<String>();
instructionStrings0.add("000000010025C500: str [DWORD edi, EMPTY , DWORD edi]");
instructionStrings0.add("000000010025C700: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings0.add("000000010025C701: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings0.add("000000010025C702: stm [DWORD ebp, EMPTY , DWORD esp]");
instructionStrings0.add("000000010025C800: str [DWORD esp, EMPTY , DWORD ebp]");
instructionStrings0.add("000000010025CA00: add [DWORD 12, DWORD ebp, QWORD t0]");
instructionStrings0.add("000000010025CA01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
instructionStrings0.add("000000010025CA02: ldm [DWORD t1, EMPTY , DWORD t2]");
instructionStrings0.add("000000010025CA03: str [DWORD t2, EMPTY , DWORD eax]");
instructionStrings0.add("000000010025CD00: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings0.add("000000010025CD01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings0.add("000000010025CD02: stm [DWORD esi, EMPTY , DWORD esp]");
instructionStrings0.add("000000010025CE00: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings0.add("000000010025CE01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings0.add("000000010025CE02: stm [DWORD edi, EMPTY , DWORD esp]");
instructionStrings0.add("000000010025CF00: str [DWORD ecx, EMPTY , DWORD esi]");
instructionStrings0.add("000000010025D100: and [DWORD eax, DWORD 2147483648, DWORD t0]");
instructionStrings0.add("000000010025D101: and [DWORD 4294967295, DWORD 2147483648, DWORD t1]");
instructionStrings0.add("000000010025D102: sub [DWORD eax, DWORD 4294967295, QWORD t2]");
instructionStrings0.add("000000010025D103: and [QWORD t2, QWORD 2147483648, DWORD t3]");
instructionStrings0.add("000000010025D104: bsh [DWORD t3, DWORD -31, BYTE SF]");
instructionStrings0.add("000000010025D105: xor [DWORD t0, DWORD t1, DWORD t4]");
instructionStrings0.add("000000010025D106: xor [DWORD t0, DWORD t3, DWORD t5]");
instructionStrings0.add("000000010025D107: and [DWORD t4, DWORD t5, DWORD t6]");
instructionStrings0.add("000000010025D108: bsh [DWORD t6, DWORD -31, BYTE OF]");
instructionStrings0.add("000000010025D109: and [QWORD t2, QWORD 4294967296, QWORD t7]");
instructionStrings0.add("000000010025D10A: bsh [QWORD t7, QWORD -32, BYTE CF]");
instructionStrings0.add("000000010025D10B: and [QWORD t2, QWORD 4294967295, DWORD t8]");
instructionStrings0.add("000000010025D10C: bisz [DWORD t8, EMPTY , BYTE ZF]");
instructionStrings0.add("000000010025D400: bisz [BYTE ZF, EMPTY , BYTE t0]");
instructionStrings0.add("000000010025D401: jcc [BYTE t0, EMPTY , DWORD 16945901]");
final List<String> instructionStrings1 = new ArrayList<String>();
// mov
instructionStrings1.add("000000010025DA00: add [DWORD 8, DWORD ebp, QWORD t0]");
instructionStrings1.add("000000010025DA01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
instructionStrings1.add("000000010025DA02: ldm [DWORD t1, EMPTY , DWORD t2]");
instructionStrings1.add("000000010025DA03: str [DWORD t2, EMPTY , DWORD edi]");
// test
instructionStrings1.add("000000010025DD00: and [DWORD edi, DWORD edi, DWORD t0]");
instructionStrings1.add("000000010025DD01: and [DWORD t0, DWORD 2147483648, DWORD t1]");
instructionStrings1.add("000000010025DD02: bsh [DWORD t1, DWORD -31, BYTE SF]");
instructionStrings1.add("000000010025DD03: bisz [DWORD t0, EMPTY , BYTE ZF]");
instructionStrings1.add("000000010025DD04: str [BYTE 0, EMPTY , BYTE CF]");
instructionStrings1.add("000000010025DD05: str [BYTE 0, EMPTY , BYTE OF]");
// jz
instructionStrings1.add("000000010025DF00: jcc [BYTE ZF, EMPTY , DWORD 16880362]");
final List<String> instructionStrings2 = new ArrayList<String>();
instructionStrings2.add("000000010025E500: add [DWORD 8, DWORD esi, QWORD t0]");
instructionStrings2.add("000000010025E501: and [QWORD t0, DWORD 4294967295, DWORD t1]");
instructionStrings2.add("000000010025E502: ldm [DWORD t1, EMPTY , DWORD t2]");
instructionStrings2.add("000000010025E503: and [DWORD edi, DWORD 2147483648, DWORD t3]");
instructionStrings2.add("000000010025E504: and [DWORD t2, DWORD 2147483648, DWORD t4]");
instructionStrings2.add("000000010025E505: sub [DWORD edi, DWORD t2, QWORD t5]");
instructionStrings2.add("000000010025E506: and [QWORD t5, QWORD 2147483648, DWORD t6]");
instructionStrings2.add("000000010025E507: bsh [DWORD t6, DWORD -31, BYTE SF]");
instructionStrings2.add("000000010025E508: xor [DWORD t3, DWORD t4, DWORD t7]");
instructionStrings2.add("000000010025E509: xor [DWORD t3, DWORD t6, DWORD t8]");
instructionStrings2.add("000000010025E50A: and [DWORD t7, DWORD t8, DWORD t9]");
instructionStrings2.add("000000010025E50B: bsh [DWORD t9, DWORD -31, BYTE OF]");
instructionStrings2.add("000000010025E50C: and [QWORD t5, QWORD 4294967296, QWORD t10]");
instructionStrings2.add("000000010025E50D: bsh [QWORD t10, QWORD -32, BYTE CF]");
instructionStrings2.add("000000010025E50E: and [QWORD t5, QWORD 4294967295, DWORD t11]");
instructionStrings2.add("000000010025E50F: bisz [DWORD t11, EMPTY , BYTE ZF]");
instructionStrings2.add("000000010025E800: or [BYTE CF, BYTE ZF, BYTE t0]");
instructionStrings2.add("000000010025E801: jcc [BYTE t0, EMPTY , DWORD 16880391]");
final List<String> instructionStrings3 = new ArrayList<String>();
instructionStrings3.add("000000010025EE00: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings3.add("000000010025EE01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings3.add("000000010025EE02: stm [DWORD edi, EMPTY , DWORD esp]");
instructionStrings3.add("000000010025EF00: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings3.add("000000010025EF01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings3.add("000000010025EF02: stm [DWORD 16786932, EMPTY , DWORD esp]");
instructionStrings3.add("000000010025EF03: jcc [DWORD 1, EMPTY , DWORD 16792317]");
final List<String> instructionStrings4 = new ArrayList<String>();
instructionStrings4.add("000000010025F400: and [DWORD eax, BYTE 255, BYTE t1]");
instructionStrings4.add("000000010025F401: and [DWORD eax, BYTE 255, BYTE t3]");
instructionStrings4.add("000000010025F402: and [BYTE t1, BYTE t3, BYTE t4]");
instructionStrings4.add("000000010025F403: and [BYTE t4, BYTE 128, BYTE t5]");
instructionStrings4.add("000000010025F404: bsh [BYTE t5, BYTE -7, BYTE SF]");
instructionStrings4.add("000000010025F405: bisz [BYTE t4, EMPTY , BYTE ZF]");
instructionStrings4.add("000000010025F406: str [BYTE 0, EMPTY , BYTE CF]");
instructionStrings4.add("000000010025F407: str [BYTE 0, EMPTY , BYTE OF]");
instructionStrings4.add("000000010025F600: jcc [BYTE ZF, EMPTY , DWORD 16786960]");
final List<String> instructionStrings5 = new ArrayList<String>();
instructionStrings5.add("000000010025F800: add [DWORD 4, DWORD esi, QWORD t0]");
instructionStrings5.add("000000010025F801: and [QWORD t0, DWORD 4294967295, DWORD t1]");
instructionStrings5.add("000000010025F802: ldm [DWORD t1, EMPTY , DWORD t2]");
instructionStrings5.add("000000010025F803: str [DWORD t2, EMPTY , DWORD eax]");
final List<String> instructionStrings6 = new ArrayList<String>();
instructionStrings6.add("000000010025FB00: str [DWORD edi, EMPTY , DWORD ecx]");
instructionStrings6.add("000000010025FD00: and [DWORD ecx, DWORD 2147483648, DWORD t0]");
instructionStrings6.add("000000010025FD01: and [DWORD eax, DWORD 2147483648, DWORD t1]");
instructionStrings6.add("000000010025FD02: sub [DWORD ecx, DWORD eax, QWORD t2]");
instructionStrings6.add("000000010025FD03: and [QWORD t2, QWORD 2147483648, DWORD t3]");
instructionStrings6.add("000000010025FD04: bsh [DWORD t3, DWORD -31, BYTE SF]");
instructionStrings6.add("000000010025FD05: xor [DWORD t0, DWORD t1, DWORD t4]");
instructionStrings6.add("000000010025FD06: xor [DWORD t0, DWORD t3, DWORD t5]");
instructionStrings6.add("000000010025FD07: and [DWORD t4, DWORD t5, DWORD t6]");
instructionStrings6.add("000000010025FD08: bsh [DWORD t6, DWORD -31, BYTE OF]");
instructionStrings6.add("000000010025FD09: and [QWORD t2, QWORD 4294967296, QWORD t7]");
instructionStrings6.add("000000010025FD0A: bsh [QWORD t7, QWORD -32, BYTE CF]");
instructionStrings6.add("000000010025FD0B: and [QWORD t2, QWORD 4294967295, DWORD t8]");
instructionStrings6.add("000000010025FD0C: bisz [DWORD t8, EMPTY , BYTE ZF]");
instructionStrings6.add("000000010025FD0D: str [DWORD t8, EMPTY , DWORD ecx]");
instructionStrings6.add("000000010025FF00: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings6.add("000000010025FF01: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings6.add("000000010025FF02: stm [DWORD ecx, EMPTY , DWORD esp]");
instructionStrings6.add("0000000100260000: ldm [DWORD esi, EMPTY , DWORD t0]");
instructionStrings6.add("0000000100260001: str [DWORD t0, EMPTY , DWORD ecx]");
instructionStrings6.add("0000000100260200: mul [DWORD 4, DWORD eax, QWORD t0]");
instructionStrings6.add("0000000100260201: add [QWORD t0, DWORD ecx, QWORD t2]");
instructionStrings6.add("0000000100260202: and [QWORD t2, DWORD 4294967295, DWORD t3]");
instructionStrings6.add("0000000100260203: str [DWORD t3, EMPTY , DWORD eax]");
instructionStrings6.add("0000000100260500: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings6.add("0000000100260501: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings6.add("0000000100260502: stm [DWORD eax, EMPTY , DWORD esp]");
instructionStrings6.add("0000000100260600: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings6.add("0000000100260601: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings6.add("0000000100260602: stm [DWORD 16786955, EMPTY , DWORD esp]");
instructionStrings6.add("0000000100260603: jcc [DWORD 1, EMPTY , DWORD 16792263]");
final List<String> instructionStrings7 = new ArrayList<String>();
instructionStrings7.add("0000000100260B00: add [DWORD 4, DWORD esi, QWORD t0]");
instructionStrings7.add("0000000100260B01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
instructionStrings7.add("0000000100260B02: stm [DWORD edi, EMPTY , DWORD t1]");
final List<String> instructionStrings8 = new ArrayList<String>();
instructionStrings8.add("0000000100260E00: and [DWORD eax, DWORD 4294967040, DWORD t1]");
instructionStrings8.add("0000000100260E01: or [BYTE 1, DWORD t1, DWORD eax]");
final List<String> instructionStrings9 = new ArrayList<String>();
instructionStrings9.add("0000000100261000: ldm [DWORD esp, EMPTY , DWORD t0]");
instructionStrings9.add("0000000100261001: add [DWORD esp, DWORD 4, QWORD t1]");
instructionStrings9.add("0000000100261002: and [QWORD t1, DWORD 4294967295, DWORD esp]");
instructionStrings9.add("0000000100261003: str [DWORD t0, EMPTY , DWORD edi]");
instructionStrings9.add("0000000100261100: ldm [DWORD esp, EMPTY , DWORD t0]");
instructionStrings9.add("0000000100261101: add [DWORD esp, DWORD 4, QWORD t1]");
instructionStrings9.add("0000000100261102: and [QWORD t1, DWORD 4294967295, DWORD esp]");
instructionStrings9.add("0000000100261103: str [DWORD t0, EMPTY , DWORD esi]");
instructionStrings9.add("0000000100261200: ldm [DWORD esp, EMPTY , DWORD t0]");
instructionStrings9.add("0000000100261201: add [DWORD esp, DWORD 4, QWORD t1]");
instructionStrings9.add("0000000100261202: and [QWORD t1, DWORD 4294967295, DWORD esp]");
instructionStrings9.add("0000000100261203: str [DWORD t0, EMPTY , DWORD ebp]");
instructionStrings9.add("0000000100261300: ldm [DWORD esp, EMPTY , DWORD t0]");
instructionStrings9.add("0000000100261301: add [DWORD esp, DWORD 12, QWORD t1]");
instructionStrings9.add("0000000100261302: and [QWORD t1, QWORD 4294967295, DWORD esp]");
instructionStrings9.add("0000000100261303: jcc [DWORD 1, EMPTY , DWORD t0]");
final List<String> instructionStrings10 = new ArrayList<String>();
instructionStrings10.add("000000010192EA00: ldm [DWORD esi, EMPTY , DWORD t0]");
instructionStrings10.add("000000010192EA01: str [DWORD t0, EMPTY , DWORD eax]");
instructionStrings10.add("000000010192EC00: and [DWORD eax, DWORD eax, DWORD t0]");
instructionStrings10.add("000000010192EC01: and [DWORD t0, DWORD 2147483648, DWORD t1]");
instructionStrings10.add("000000010192EC02: bsh [DWORD t1, DWORD -31, BYTE SF]");
instructionStrings10.add("000000010192EC03: bisz [DWORD t0, EMPTY , BYTE ZF]");
instructionStrings10.add("000000010192EC04: str [BYTE 0, EMPTY , BYTE CF]");
instructionStrings10.add("000000010192EC05: str [BYTE 0, EMPTY , BYTE OF]");
instructionStrings10.add("000000010192EE00: jcc [BYTE ZF, EMPTY , DWORD 16880378]");
final List<String> instructionStrings11 = new ArrayList<String>();
instructionStrings11.add("000000010192F000: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings11.add("000000010192F001: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings11.add("000000010192F002: stm [DWORD eax, EMPTY , DWORD esp]");
instructionStrings11.add("000000010192F100: sub [DWORD esp, DWORD 4, QWORD t0]");
instructionStrings11.add("000000010192F101: and [QWORD t0, DWORD 4294967295, DWORD esp]");
instructionStrings11.add("000000010192F102: stm [DWORD 16880375, EMPTY , DWORD esp]");
instructionStrings11.add("000000010192F103: ldm [DWORD 16782844, EMPTY , DWORD t1]");
instructionStrings11.add("000000010192F104: jcc [DWORD 1, EMPTY , DWORD t1]");
final List<String> instructionStrings12 = new ArrayList<String>();
instructionStrings12.add("000000010192F700: ldm [DWORD esi, EMPTY , DWORD t0]");
instructionStrings12.add("000000010192F701: and [DWORD edi, DWORD t0, DWORD t1]");
instructionStrings12.add("000000010192F702: and [DWORD t1, DWORD 2147483648, DWORD t2]");
instructionStrings12.add("000000010192F703: bsh [DWORD t2, DWORD -31, BYTE SF]");
instructionStrings12.add("000000010192F704: bisz [DWORD t1, EMPTY , BYTE ZF]");
instructionStrings12.add("000000010192F705: str [BYTE 0, EMPTY , BYTE CF]");
instructionStrings12.add("000000010192F706: str [BYTE 0, EMPTY , BYTE OF]");
instructionStrings12.add("000000010192F707: stm [DWORD t1, EMPTY , DWORD esi]");
instructionStrings12.add("000000010192F900: ldm [DWORD esp, EMPTY , DWORD t0]");
instructionStrings12.add("000000010192F901: add [DWORD esp, DWORD 4, QWORD t1]");
instructionStrings12.add("000000010192F902: and [QWORD t1, DWORD 4294967295, DWORD esp]");
instructionStrings12.add("000000010192F903: str [DWORD t0, EMPTY , DWORD ecx]");
final List<String> instructionStrings13 = new ArrayList<String>();
instructionStrings13.add("000000010192FA00: add [DWORD 4, DWORD esi, QWORD t0]");
instructionStrings13.add("000000010192FA01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
instructionStrings13.add("000000010192FA02: ldm [DWORD t1, EMPTY , DWORD t2]");
instructionStrings13.add("000000010192FA03: and [DWORD 0, DWORD t2, DWORD t3]");
instructionStrings13.add("000000010192FA04: and [DWORD t3, DWORD 2147483648, DWORD t4]");
instructionStrings13.add("000000010192FA05: bsh [DWORD t4, DWORD -31, BYTE SF]");
instructionStrings13.add("000000010192FA06: bisz [DWORD t3, EMPTY , BYTE ZF]");
instructionStrings13.add("000000010192FA07: str [BYTE 0, EMPTY , BYTE CF]");
instructionStrings13.add("000000010192FA08: str [BYTE 0, EMPTY , BYTE OF]");
instructionStrings13.add("000000010192FA09: stm [DWORD t3, EMPTY , DWORD t1]");
instructionStrings13.add("000000010192FE00: add [DWORD 8, DWORD esi, QWORD t0]");
instructionStrings13.add("000000010192FE01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
instructionStrings13.add("000000010192FE02: ldm [DWORD t1, EMPTY , DWORD t2]");
instructionStrings13.add("000000010192FE03: and [DWORD 0, DWORD t2, DWORD t3]");
instructionStrings13.add("000000010192FE04: and [DWORD t3, DWORD 2147483648, DWORD t4]");
instructionStrings13.add("000000010192FE05: bsh [DWORD t4, DWORD -31, BYTE SF]");
instructionStrings13.add("000000010192FE06: bisz [DWORD t3, EMPTY , BYTE ZF]");
instructionStrings13.add("000000010192FE07: str [BYTE 0, EMPTY , BYTE CF]");
instructionStrings13.add("000000010192FE08: str [BYTE 0, EMPTY , BYTE OF]");
instructionStrings13.add("000000010192FE09: stm [DWORD t3, EMPTY , DWORD t1]");
instructionStrings13.add("0000000101930200: jcc [BYTE 1, EMPTY , DWORD 16786958]");
final List<String> instructionStrings14 = new ArrayList<String>();
instructionStrings14.add("0000000101930700: add [DWORD 4, DWORD esi, QWORD t0]");
instructionStrings14.add("0000000101930701: and [QWORD t0, DWORD 4294967295, DWORD t1]");
instructionStrings14.add("0000000101930702: ldm [DWORD t1, EMPTY , DWORD t2]");
instructionStrings14.add("0000000101930703: str [DWORD t2, EMPTY , DWORD eax]");
instructionStrings14.add("0000000101930A00: and [DWORD edi, DWORD 2147483648, DWORD t0]");
instructionStrings14.add("0000000101930A01: and [DWORD eax, DWORD 2147483648, DWORD t1]");
instructionStrings14.add("0000000101930A02: sub [DWORD edi, DWORD eax, QWORD t2]");
instructionStrings14.add("0000000101930A03: and [QWORD t2, QWORD 2147483648, DWORD t3]");
instructionStrings14.add("0000000101930A04: bsh [DWORD t3, DWORD -31, BYTE SF]");
instructionStrings14.add("0000000101930A05: xor [DWORD t0, DWORD t1, DWORD t4]");
instructionStrings14.add("0000000101930A06: xor [DWORD t0, DWORD t3, DWORD t5]");
instructionStrings14.add("0000000101930A07: and [DWORD t4, DWORD t5, DWORD t6]");
instructionStrings14.add("0000000101930A08: bsh [DWORD t6, DWORD -31, BYTE OF]");
instructionStrings14.add("0000000101930A09: and [QWORD t2, QWORD 4294967296, QWORD t7]");
instructionStrings14.add("0000000101930A0A: bsh [QWORD t7, QWORD -32, BYTE CF]");
instructionStrings14.add("0000000101930A0B: and [QWORD t2, QWORD 4294967295, DWORD t8]");
instructionStrings14.add("0000000101930A0C: bisz [DWORD t8, EMPTY , BYTE ZF]");
instructionStrings14.add("0000000101930C00: bisz [BYTE ZF, EMPTY , BYTE t0]");
instructionStrings14.add("0000000101930C01: bisz [BYTE CF, EMPTY , BYTE t1]");
instructionStrings14.add("0000000101930C02: and [BYTE t0, BYTE t1, BYTE t2]");
instructionStrings14.add("0000000101930C03: jcc [BYTE t2, EMPTY , DWORD 16786939]");
final List<String> instructionStrings15 = new ArrayList<String>();
instructionStrings15.add("0000000101931200: jcc [BYTE 1, EMPTY , DWORD 16786955]");
final List<String> instructionStrings16 = new ArrayList<String>();
instructionStrings16.add("000000010292ED00: add [DWORD 12, DWORD esi, QWORD t0]");
instructionStrings16.add("000000010292ED01: and [QWORD t0, DWORD 4294967295, DWORD t1]");
instructionStrings16.add("000000010292ED02: stm [DWORD eax, EMPTY , DWORD t1]");
instructionStrings16.add("000000010292F000: jcc [BYTE 1, EMPTY , DWORD 16786906]");
final List<String> edgeStrings = new ArrayList<String>();
edgeStrings.add("000000010025C500 [JUMP_CONDITIONAL_TRUE]-> 000000010292ED00");
edgeStrings.add("000000010025C500 [JUMP_CONDITIONAL_FALSE]-> 000000010025DA00");
edgeStrings.add("000000010025DA00 [JUMP_CONDITIONAL_FALSE]-> 000000010025E500");
edgeStrings.add("000000010025DA00 [JUMP_CONDITIONAL_TRUE]-> 000000010192EA00");
edgeStrings.add("000000010025E500 [JUMP_CONDITIONAL_FALSE]-> 000000010025EE00");
edgeStrings.add("000000010025E500 [JUMP_CONDITIONAL_TRUE]-> 0000000101930700");
edgeStrings.add("000000010025EE00 [JUMP_UNCONDITIONAL]-> 000000010025F400");
edgeStrings.add("000000010025F400 [JUMP_CONDITIONAL_TRUE]-> 0000000100261000");
edgeStrings.add("000000010025F400 [JUMP_CONDITIONAL_FALSE]-> 000000010025F800");
edgeStrings.add("000000010025F800 [JUMP_UNCONDITIONAL]-> 000000010025FB00");
edgeStrings.add("000000010025FB00 [JUMP_UNCONDITIONAL]-> 0000000100260B00");
edgeStrings.add("0000000100260B00 [JUMP_UNCONDITIONAL]-> 0000000100260E00");
edgeStrings.add("0000000100260E00 [JUMP_UNCONDITIONAL]-> 0000000100261000");
edgeStrings.add("000000010192EA00 [JUMP_CONDITIONAL_TRUE]-> 000000010192FA00");
edgeStrings.add("000000010192EA00 [JUMP_CONDITIONAL_FALSE]-> 000000010192F000");
edgeStrings.add("000000010192F000 [JUMP_UNCONDITIONAL]-> 000000010192F700");
edgeStrings.add("000000010192F700 [JUMP_UNCONDITIONAL]-> 000000010192FA00");
edgeStrings.add("000000010192FA00 [JUMP_UNCONDITIONAL]-> 0000000100260E00");
edgeStrings.add("0000000101930700 [JUMP_CONDITIONAL_FALSE]-> 0000000101931200");
edgeStrings.add("0000000101930700 [JUMP_CONDITIONAL_TRUE]-> 000000010025FB00");
edgeStrings.add("0000000101931200 [JUMP_UNCONDITIONAL]-> 0000000100260B00");
edgeStrings.add("000000010292ED00 [JUMP_UNCONDITIONAL]-> 000000010025DA00");
final List<List<String>> reilBlocks = new ArrayList<List<String>>();
reilBlocks.add(instructionStrings0);
reilBlocks.add(instructionStrings1);
reilBlocks.add(instructionStrings2);
reilBlocks.add(instructionStrings3);
reilBlocks.add(instructionStrings4);
reilBlocks.add(instructionStrings5);
reilBlocks.add(instructionStrings6);
reilBlocks.add(instructionStrings7);
reilBlocks.add(instructionStrings8);
reilBlocks.add(instructionStrings9);
reilBlocks.add(instructionStrings10);
reilBlocks.add(instructionStrings11);
reilBlocks.add(instructionStrings12);
reilBlocks.add(instructionStrings13);
reilBlocks.add(instructionStrings14);
reilBlocks.add(instructionStrings15);
reilBlocks.add(instructionStrings16);
generateReilGraph(reilBlocks, edgeStrings);
m_function = new ReilFunction("FOLLOWZF", m_graph1);
final String trackedRegister = "ZF";
conditionalJumpInstruction1 = new MockInstruction(Long.parseLong("10025DF", 16), "jz", operandsFirst);
final MonoReilSolverResult<RegisterSetLatticeElement> result = RegisterTracker.track(m_function, conditionalJumpInstruction1, trackedRegister, m_options);
final Map<IAddress, RegisterSetLatticeElement> resultMap = result.generateAddressToStateMapping(conditionalJumpInstruction1, m_options.trackIncoming());
for (final Entry<IAddress, RegisterSetLatticeElement> resultEntry : resultMap.entrySet()) {
if (resultEntry.getKey().toLong() == Long.parseLong("000000010025DF00", 16)) {
final RegisterSetLatticeElement jzElement = resultEntry.getValue();
assertTrue(jzElement.getNewlyTaintedRegisters().contains("ZF"));
assertTrue(jzElement.getReadRegisters().isEmpty());
assertTrue(jzElement.getTaintedRegisters().contains("ZF"));
assertTrue(jzElement.getUntaintedRegisters().isEmpty());
assertTrue(jzElement.getUpdatedRegisters().isEmpty());
}
if (resultEntry.getKey().toLong() == Long.parseLong("000000010025DD00", 16)) {
final RegisterSetLatticeElement cmpElement = resultEntry.getValue();
assertTrue(cmpElement.getNewlyTaintedRegisters().contains("edi"));
assertTrue(cmpElement.getReadRegisters().contains("ZF"));
assertTrue(cmpElement.getTaintedRegisters().contains("edi"));
assertTrue(cmpElement.getUntaintedRegisters().contains("ZF"));
assertTrue(cmpElement.getUpdatedRegisters().isEmpty());
}
if (resultEntry.getKey().toLong() == Long.parseLong("000000010025DA00", 16)) {
final RegisterSetLatticeElement cmpElement = resultEntry.getValue();
assertTrue(cmpElement.getNewlyTaintedRegisters().isEmpty());
assertTrue(cmpElement.getReadRegisters().contains("edi"));
assertTrue(cmpElement.getTaintedRegisters().isEmpty());
assertTrue(cmpElement.getUntaintedRegisters().contains("edi"));
assertTrue(cmpElement.getUpdatedRegisters().isEmpty());
}
}
final Map<IAddress, RegisterSetLatticeElement> perInstructionElement = result.generateAddressToStateMapping(conditionalJumpInstruction1, m_options.trackIncoming());
for (final Entry<IAddress, RegisterSetLatticeElement> element : perInstructionElement.entrySet()) {
System.out.println(element.getKey() + ":::" + element.getValue());
}
}
use of com.google.security.zynamics.zylib.disassembly.MockInstruction in project binnavi by google.
the class ReilTranslatorTest method createMov.
private MockInstruction createMov(final long address, final String lhs, final String rhs) {
final MockOperandTree operandTree3 = new MockOperandTree();
operandTree3.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "dword");
operandTree3.root.m_children.add(new MockOperandTreeNode(ExpressionType.REGISTER, lhs));
final MockOperandTree operandTree4 = new MockOperandTree();
operandTree4.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "dword");
operandTree4.root.m_children.add(new MockOperandTreeNode(ExpressionType.IMMEDIATE_INTEGER, rhs));
return new MockInstruction(address, "mov", Lists.newArrayList(operandTree3, operandTree4));
}
use of com.google.security.zynamics.zylib.disassembly.MockInstruction in project binnavi by google.
the class ReilTranslatorTest method createCall.
private MockInstruction createCall(final long address) {
final MockOperandTree operandTree3 = new MockOperandTree();
operandTree3.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "dword");
operandTree3.root.m_children.add(new MockOperandTreeNode(ExpressionType.REGISTER, "12345"));
return new MockInstruction(address, "call", Lists.newArrayList(operandTree3));
}
use of com.google.security.zynamics.zylib.disassembly.MockInstruction in project binnavi by google.
the class ARMAdcTranslatorTest method testSimpleRegisterLE.
@Test
public void testSimpleRegisterLE() throws InternalTranslationException, InterpreterException {
interpreter.setRegister("R0", BigInteger.valueOf(0x8057L), dw, ReilRegisterStatus.DEFINED);
interpreter.setRegister("R1", BigInteger.valueOf(0x8041L), dw, ReilRegisterStatus.DEFINED);
interpreter.setRegister("R2", BigInteger.valueOf(0x0L), dw, ReilRegisterStatus.DEFINED);
interpreter.setRegister("C", BigInteger.ONE, bt, ReilRegisterStatus.DEFINED);
interpreter.setRegister("N", BigInteger.ZERO, bt, ReilRegisterStatus.DEFINED);
interpreter.setRegister("Z", BigInteger.ZERO, bt, ReilRegisterStatus.DEFINED);
interpreter.setRegister("V", BigInteger.ZERO, bt, ReilRegisterStatus.DEFINED);
final MockOperandTree operandTree1 = new MockOperandTree();
operandTree1.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "b4");
operandTree1.root.m_children.add(new MockOperandTreeNode(ExpressionType.REGISTER, "R2"));
final MockOperandTree operandTree2 = new MockOperandTree();
operandTree2.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "b4");
operandTree2.root.m_children.add(new MockOperandTreeNode(ExpressionType.REGISTER, "R1"));
final MockOperandTree operandTree3 = new MockOperandTree();
operandTree3.root = new MockOperandTreeNode(ExpressionType.SIZE_PREFIX, "b4");
operandTree3.root.m_children.add(new MockOperandTreeNode(ExpressionType.REGISTER, "R0"));
final List<MockOperandTree> operands = Lists.newArrayList(operandTree1, operandTree2, operandTree3);
final IInstruction instruction = new MockInstruction("ADCLE", operands);
translator.translate(environment, instruction, instructions);
interpreter.interpret(TestHelpers.createMapping(instructions), BigInteger.valueOf(0x100L));
assertEquals(BigInteger.valueOf(0x8057L), interpreter.getVariableValue("R0"));
assertEquals(BigInteger.valueOf(0x8041L), interpreter.getVariableValue("R1"));
assertEquals(BigInteger.valueOf(0x0L), interpreter.getVariableValue("R2"));
assertEquals(BigInteger.ONE, interpreter.getVariableValue("C"));
assertEquals(BigInteger.ZERO, interpreter.getVariableValue("N"));
assertEquals(BigInteger.ZERO, interpreter.getVariableValue("V"));
assertEquals(BigInteger.ZERO, interpreter.getVariableValue("Z"));
assertEquals(BigInteger.ZERO, BigInteger.valueOf(interpreter.getMemorySize()));
assertEquals(8, TestHelpers.filterNativeRegisters(interpreter.getDefinedRegisters()).size());
}
Aggregations