Implement custom anal_mask for ARM

This commit is contained in:
Roi Martin 2017-03-29 00:18:29 +00:00
parent dd447d0717
commit 5d46f0224c
6 changed files with 56 additions and 10 deletions

View File

@ -288,7 +288,7 @@ R_API int r_anal_set_big_endian(RAnal *anal, int bigend) {
return true;
}
R_API ut8 *r_anal_mask (RAnal *anal, int size, const ut8 *data) {
R_API ut8 *r_anal_mask(RAnal *anal, int size, const ut8 *data, ut64 at) {
RAnalOp *op = NULL;
ut8 *ret = NULL;
int oplen, idx = 0;
@ -298,7 +298,7 @@ R_API ut8 *r_anal_mask (RAnal *anal, int size, const ut8 *data) {
}
if (anal->cur && anal->cur->anal_mask) {
return anal->cur->anal_mask (anal, size, data);
return anal->cur->anal_mask (anal, size, data, at);
}
op = r_anal_op_new ();
@ -306,7 +306,7 @@ R_API ut8 *r_anal_mask (RAnal *anal, int size, const ut8 *data) {
memset (ret, 0xff, size);
while (idx < size) {
if ((oplen = r_anal_op (anal, op, 0, data + idx, size - idx)) < 1) {
if ((oplen = r_anal_op (anal, op, at, data + idx, size - idx)) < 1) {
break;
}
if ((op->ptr != UT64_MAX || op->jump != UT64_MAX) && op->nopcode != 0) {

View File

@ -2690,6 +2690,51 @@ static int archinfo(RAnal *anal, int q) {
return 4; // XXX
}
static ut8 *anal_mask(RAnal *anal, int size, const ut8 *data, ut64 at) {
RAnalOp *op = NULL;
ut8 *ret = NULL;
int oplen, idx = 0, obits = anal->bits;
RAnalHint *hint = NULL;
if (!data) {
return NULL;
}
op = r_anal_op_new ();
ret = malloc (size);
memset (ret, 0xff, size);
while (idx < size) {
hint = r_anal_hint_get (anal, at + idx);
if (hint) {
if (hint->bits != 0) {
anal->bits = hint->bits;
}
free (hint);
}
if ((oplen = analop (anal, op, at + idx, data + idx, size - idx)) < 1) {
break;
}
if (op->ptr != UT64_MAX || op->jump != UT64_MAX) {
switch (oplen) {
case 2:
memcpy (ret + idx, "\xf0\x00", 2);
break;
case 4:
memcpy (ret + idx, "\xff\xf0\x00\x00", 4);
break;
}
}
idx += oplen;
}
anal->bits = obits;
free (op);
return ret;
}
RAnalPlugin r_anal_plugin_arm_cs = {
.name = "arm",
.desc = "Capstone ARM analyzer",
@ -2698,6 +2743,7 @@ RAnalPlugin r_anal_plugin_arm_cs = {
.arch = "arm",
.archinfo = archinfo,
.get_reg_profile = get_reg_profile,
.anal_mask = anal_mask,
.bits = 16 | 32 | 64,
.op = &analop,
};

View File

@ -168,11 +168,11 @@ R_API bool r_sign_add_exact(RAnal *a, const char *name, ut64 size, const ut8 *by
return addBytes (a, R_SIGN_EXACT, name, size, bytes, mask);
}
R_API bool r_sign_add_anal(RAnal *a, const char *name, ut64 size, const ut8 *bytes) {
R_API bool r_sign_add_anal(RAnal *a, const char *name, ut64 size, const ut8 *bytes, ut64 at) {
ut8 *mask = NULL;
bool retval = true;
mask = r_anal_mask (a, size, bytes);
mask = r_anal_mask (a, size, bytes, at);
retval = addBytes (a, R_SIGN_ANAL, name, size, bytes, mask);
free (mask);

View File

@ -49,7 +49,7 @@ static bool addFcnBytes(RCore *core, RAnalFunction *fcn, const char *name, int t
retval = r_sign_add_exact (core->anal, zigname, len, buf, mask);
break;
case R_SIGN_ANAL:
retval = r_sign_add_anal (core->anal, zigname, len, buf);
retval = r_sign_add_anal (core->anal, zigname, len, buf, fcn->addr);
break;
}
@ -81,7 +81,7 @@ static bool addHex(RCore *core, const char *name, int type, const char *hexbytes
retval = r_sign_add_exact (core->anal, name, size, bytes, mask);
break;
case R_SIGN_ANAL:
retval = r_sign_add_anal (core->anal, name, size, bytes);
retval = r_sign_add_anal (core->anal, name, size, bytes, 0);
break;
}

View File

@ -1065,7 +1065,7 @@ typedef struct r_anal_plugin_t {
int (*fini)(void *user);
int (*reset_counter) (RAnal *anal, ut64 start_addr);
int (*archinfo)(RAnal *anal, int query);
ut8* (*anal_mask)(RAnal *anal, int size, const ut8 *data);
ut8* (*anal_mask)(RAnal *anal, int size, const ut8 *data, ut64 at);
// legacy r_anal_functions
RAnalOpCallback op;
@ -1195,7 +1195,7 @@ R_API bool r_anal_set_bits(RAnal *anal, int bits);
R_API bool r_anal_set_os(RAnal *anal, const char *os);
R_API void r_anal_set_cpu(RAnal *anal, const char *cpu);
R_API int r_anal_set_big_endian(RAnal *anal, int boolean);
R_API ut8 *r_anal_mask (RAnal *anal, int size, const ut8 *data);
R_API ut8 *r_anal_mask(RAnal *anal, int size, const ut8 *data, ut64 at);
R_API void r_anal_trace_bb(RAnal *anal, ut64 addr);
R_API const char *r_anal_fcn_type_tostring(int type);
R_API void r_anal_bind(RAnal *b, RAnalBind *bnd);

View File

@ -54,7 +54,7 @@ typedef struct r_sign_search_t {
#ifdef R_API
R_API bool r_sign_add_exact(RAnal *a, const char *name, ut64 size, const ut8 *bytes, const ut8 *mask);
R_API bool r_sign_add_anal(RAnal *a, const char *name, ut64 size, const ut8 *bytes);
R_API bool r_sign_add_anal(RAnal *a, const char *name, ut64 size, const ut8 *bytes, ut64 at);
R_API bool r_sign_add_metric(RAnal *a, const char *name, RSignMetrics metrics);
R_API bool r_sign_delete(RAnal *a, const char *name);
R_API void r_sign_list(RAnal *a, int format);