bool SymEval::expand(Result_t &res,
std::set<InstructionPtr> &failedInsns,
bool applyVisitors) {
// Symbolic evaluation works off an Instruction
// so we have something to hand to ROSE.
failedInsns.clear();
for (Result_t::iterator i = res.begin(); i != res.end(); ++i) {
if (i->second != AST::Ptr()) {
// Must've already filled it in from a previous instruction crack
continue;
}
Assignment::Ptr ptr = i->first;
bool success = expandInsn(ptr->insn(),
ptr->addr(),
res);
if (!success) failedInsns.insert(ptr->insn());
}
if (applyVisitors) {
// Must apply the visitor to each filled in element
for (Result_t::iterator i = res.begin(); i != res.end(); ++i) {
if (!i->second) continue;
AST::Ptr tmp = simplifyStack(i->second, i->first->addr(), i->first->func(), i->first->block());
BooleanVisitor b;
AST::Ptr tmp2 = tmp->accept(&b);
i->second = tmp2;
}
}
return (failedInsns.empty());
}
bool IndirectControlFlowAnalyzer::IsZeroExtend(Assignment::Ptr memLoc) {
if (!memLoc) {
parsing_printf("\tmemLoc is null\n");
return false;
}
Instruction i = memLoc->insn();
parsing_printf("check zero extend %s\n", i.format().c_str());
if (i.format().find("movz") != string::npos) return true;
return false;
}
pair<AST::Ptr, bool> BoundFactsCalculator::ExpandAssignment(Assignment::Ptr assign) {
parsing_printf("Expand assignment : %s Instruction: %s\n", assign->format().c_str(), assign->insn()->format().c_str());
if (expandCache.find(assign) != expandCache.end()) {
AST::Ptr ast = expandCache[assign];
if (ast) return make_pair(ast, true); else return make_pair(ast, false);
} else {
pair<AST::Ptr, bool> expandRet = SymEval::expand(assign, false);
if (expandRet.second && expandRet.first) {
parsing_printf("Original expand: %s\n", expandRet.first->format().c_str());
AST::Ptr calculation = SimplifyAnAST(expandRet.first, assign->insn()->size());
expandCache[assign] = calculation;
} else {
expandCache[assign] = AST::Ptr();
}
return make_pair( expandCache[assign], expandRet.second );
}
}
int IndirectControlFlowAnalyzer::GetMemoryReadSize(Assignment::Ptr memLoc) {
if (!memLoc) {
parsing_printf("\tmemLoc is null\n");
return 0;
}
Instruction i = memLoc->insn();
std::vector<Operand> ops;
i.getOperands(ops);
parsing_printf("\t there are %d operands\n", ops.size());
for (auto oit = ops.begin(); oit != ops.end(); ++oit) {
Operand o = *oit;
if (o.readsMemory()) {
Expression::Ptr exp = o.getValue();
return exp->size();
}
}
return 0;
}
