UInt t_get_reg_taint(xed_reg_enum_t reg) { #ifdef DEBUG printf("txt get reg taint %s %x\n", xed_reg_enum_t2str(reg), regTaint[reg]); #endif return regTaint[reg]; }
unsigned int get_reg_taint2(xed_reg_enum_t reg) { #ifdef DEBUG_TAINT fprintf(stdout, "get_reg_taint2\t%s\tval:%lx\n", xed_reg_enum_t2str(reg), regTaint[reg]); #endif return regTaint[reg]; }
void t_set_reg_taint(xed_reg_enum_t reg, UInt bytes) { if(reg==XED_REG_ESP) return; regTaint[reg]=bytes; //yang #ifdef DEBUG printf("set reg taint %s %x \n",xed_reg_enum_t2str(reg), bytes); #endif }
void dump_operand(const xed_operand_t* op) { printf("%s ", xed_operand_enum_t2str(xed_operand_name(op))); printf("%s ", xed_operand_visibility_enum_t2str(xed_operand_operand_visibility(op))); printf("%s ", xed_operand_action_enum_t2str(xed_operand_rw(op))); printf("%s ", xed_operand_type_enum_t2str(xed_operand_type(op))); printf("%s ", xed_operand_element_xtype_enum_t2str(xed_operand_xtype(op))); if (xed_operand_type(op) == XED_OPERAND_TYPE_NT_LOOKUP_FN) printf("%s ", xed_nonterminal_enum_t2str(xed_operand_nonterminal_name(op))); if (xed_operand_type(op) == XED_OPERAND_TYPE_REG) printf("%s ", xed_reg_enum_t2str(xed_operand_reg(op))); }
void print_operands(xed_decoded_inst_t* xedd) { unsigned int i = 0; xed_inst_t const* const xi = xed_decoded_inst_inst(xedd); const unsigned int noperands = xed_inst_noperands(xi); for( i=0; i < noperands ; i++) { xed_operand_t const* op = xed_inst_operand(xi,i); xed_operand_enum_t op_name = xed_operand_name(op); if (xed_operand_is_register(op_name)) { xed_reg_enum_t reg = xed_decoded_inst_get_reg(xedd,op_name); xed_operand_action_enum_t rw = xed_operand_rw(op); printf("%2d: %5s %5s\n", i, xed_reg_enum_t2str(reg), xed_operand_action_enum_t2str(rw)); } } }
void set_reg_taint2(xed_reg_enum_t reg, unsigned int bytes) { regTaint[reg] = bytes; #ifdef DEBUG_TAINT fprintf(stdout, "taint2 to reg %s:%x\n", xed_reg_enum_t2str(reg), bytes); #endif #if 0 //eax if(XED_REG_EAX == reg) { regTaint[(UInt)XED_REG_AX]=bytes; regTaint[(UInt)XED_REG_AH]=bytes; regTaint[(UInt)XED_REG_AL]=bytes; } //ebx else if(XED_REG_EBX == reg) { regTaint[(UInt)XED_REG_BX]=bytes; regTaint[(UInt)XED_REG_BH]=bytes; regTaint[(UInt)XED_REG_BL]=bytes; } //ecx else if(XED_REG_ECX == reg) { regTaint[(UInt)XED_REG_CX]=bytes; regTaint[(UInt)XED_REG_CH]=bytes; regTaint[(UInt)XED_REG_CL]=bytes; } //edx else if(XED_REG_EDX == reg) { regTaint[(UInt)XED_REG_DX]=bytes; regTaint[(UInt)XED_REG_DH]=bytes; regTaint[(UInt)XED_REG_DL]=bytes; } //esi else if(XED_REG_ESI == reg) { regTaint[(UInt)XED_REG_SI]=bytes; } //edi else if(XED_REG_EDI == reg) { regTaint[(UInt)XED_REG_DI]=bytes; } #endif switch(reg) { case XED_REG_EAX: regTaint[(UInt)XED_REG_AX]=bytes; regTaint[(UInt)XED_REG_AH]=bytes; regTaint[(UInt)XED_REG_AL]=bytes; break; case XED_REG_EBX: regTaint[(UInt)XED_REG_BX]=bytes; regTaint[(UInt)XED_REG_BH]=bytes; regTaint[(UInt)XED_REG_BL]=bytes; break; case XED_REG_ECX: regTaint[(UInt)XED_REG_CX]=bytes; regTaint[(UInt)XED_REG_CH]=bytes; regTaint[(UInt)XED_REG_CL]=bytes; break; case XED_REG_EDX: regTaint[(UInt)XED_REG_DX]=bytes; regTaint[(UInt)XED_REG_DH]=bytes; regTaint[(UInt)XED_REG_DL]=bytes; break; case XED_REG_ESI: regTaint[(UInt)XED_REG_SI]=bytes; break; case XED_REG_EDI: regTaint[(UInt)XED_REG_DI]=bytes; break; default: break; } #ifdef DEBUG_TAINT fprintf(stdout, "set_reg_taint2:\t%s\tval:%x\n", xed_reg_enum_t2str(reg), bytes); #endif }
void print_operands(xed_decoded_inst_t* xedd) { unsigned int i, noperands; cout << "Operands" << endl; const xed_inst_t* xi = xed_decoded_inst_inst(xedd); noperands = xed_inst_noperands(xi); for( i=0; i < noperands ; i++) { const xed_operand_t* op = xed_inst_operand(xi,i); xed_operand_enum_t op_name = xed_operand_name(op); cout << i << " " << xed_operand_enum_t2str(op_name) << " "; switch(op_name) { case XED_OPERAND_AGEN: case XED_OPERAND_MEM0: case XED_OPERAND_MEM1: // we print memops in a different function break; case XED_OPERAND_PTR: // pointer (always in conjunction with a IMM0) case XED_OPERAND_RELBR: { // branch displacements xed_uint_t disp_bits = xed_decoded_inst_get_branch_displacement_width(xedd); if (disp_bits) { //cout << "BRANCH_DISPLACEMENT_BYTES= " << disp_bits << " "; xed_int32_t disp = xed_decoded_inst_get_branch_displacement(xedd); //cout << hex << setfill('0') << setw(8) << disp << setfill(' ') << dec; } } break; case XED_OPERAND_IMM0: { // immediates xed_uint_t width = xed_decoded_inst_get_immediate_width(xedd); if (xed_decoded_inst_get_immediate_is_signed(xedd)) { xed_int32_t x =xed_decoded_inst_get_signed_immediate(xedd); //cout << hex << setfill('0') << setw(8) << x << setfill(' ') << dec // << '(' << width << ')'; } else { xed_uint64_t x = xed_decoded_inst_get_unsigned_immediate(xedd); //cout << hex << setfill('0') << setw(16) << x << setfill(' ') << dec // << '(' << width << ')'; } break; } case XED_OPERAND_IMM1: { // immediates xed_uint8_t x = xed_decoded_inst_get_second_immediate(xedd); //cout << hex << setfill('0') << setw(2) << (int)x << setfill(' ') << dec; break; } case XED_OPERAND_REG0: case XED_OPERAND_REG1: case XED_OPERAND_REG2: case XED_OPERAND_REG3: case XED_OPERAND_REG4: case XED_OPERAND_REG5: case XED_OPERAND_REG6: case XED_OPERAND_REG7: case XED_OPERAND_REG8: case XED_OPERAND_REG9: case XED_OPERAND_REG10: case XED_OPERAND_REG11: case XED_OPERAND_REG12: case XED_OPERAND_REG13: case XED_OPERAND_REG14: case XED_OPERAND_REG15: { xed_reg_enum_t r = xed_decoded_inst_get_reg(xedd, op_name); cout << xed_operand_enum_t2str(op_name) << "=" << xed_reg_enum_t2str(r); break; } default: //cout << "[Not currently printing value of field " << xed_operand_enum_t2str(op_name) << ']'; break; } //cout << " " << xed_operand_visibility_enum_t2str(xed_operand_operand_visibility(op)) // << " / " << xed_operand_action_enum_t2str(xed_operand_rw(op)) // << " / " << xed_operand_width_enum_t2str(xed_operand_width(op)); //cout << " bytes=" << xed_decoded_inst_operand_length(xedd,i); //cout << endl; } }