bool IA_IAPI::isFrameSetupInsn(Instruction::Ptr i) const
{
if(i->getOperation().getID() == e_mov)
{
if(i->readsMemory() || i->writesMemory())
{
parsing_printf("%s[%d]: discarding insn %s as stack frame preamble, not a reg-reg move\n",
FILE__, __LINE__, i->format().c_str());
//return false;
}
if(i->isRead(stackPtr[_isrc->getArch()]) &&
i->isWritten(framePtr[_isrc->getArch()]))
{
if((unsigned) i->getOperand(0).getValue()->size() == _isrc->getAddressWidth())
{
return true;
}
else
{
parsing_printf("%s[%d]: discarding insn %s as stack frame preamble, size mismatch for %d-byte addr width\n",
FILE__, __LINE__, i->format().c_str(), _isrc->getAddressWidth());
}
}
}
return false;
}
bool
PatchBlock::containsDynamicCall() {
const ParseAPI::Block::edgelist & out_edges = block_->targets();
ParseAPI::Block::edgelist::const_iterator eit = out_edges.begin();
for( ; eit != out_edges.end(); ++eit) {
if ( ParseAPI::CALL == (*eit)->type() ) {
// see if it's a static call to a bad address
if ((*eit)->sinkEdge()) {
using namespace InstructionAPI;
Instruction::Ptr insn = getInsn(last());
if (insn->readsMemory()) { // memory indirect
return true;
} else { // check for register indirect
set<InstructionAST::Ptr> regs;
Expression::Ptr tExpr = insn->getControlFlowTarget();
if (tExpr)
tExpr->getUses(regs);
for (set<InstructionAST::Ptr>::iterator rit = regs.begin();
rit != regs.end(); rit++)
{
if (RegisterAST::makePC(obj()->co()->cs()->getArch()).getID() !=
boost::dynamic_pointer_cast<RegisterAST>(*rit)->getID())
{
return true;
}
}
}
}
}
}
return false;
}
bool IA_x86Details::isTableInsn(Instruction::Ptr i)
{
Expression::Ptr jumpExpr = currentBlock->curInsn()->getControlFlowTarget();
parsing_printf("jumpExpr for table insn is %s\n", jumpExpr->format().c_str());
if(i->getOperation().getID() == e_mov && i->readsMemory() && i->isWritten(jumpExpr))
{
return true;
}
if(i->getOperation().getID() == e_lea && i->isWritten(jumpExpr))
{
return true;
}
return false;
}
void TextRewriter::organizeNewText() {
/**
*
*/
unsigned int textSize = 0;
textSize = textRegion->getRegionSize();
oldText = (unsigned char*) textRegion->getPtrToRawData();
newText = (unsigned char*) calloc (1, sizeof(unsigned char) * textSize);
memcpy(newText, oldText, textSize);
//InstructionDecoder decoder(oldText, textSize, Arch_x86_64);
InstructionDecoder decoder(oldText, textSize, Arch_x86);
Instruction::Ptr i = decoder.decode();
long unsigned int currentTextOffset = 0;
while (i != NULL) {
//vector<Operand> operands;
//i->getOperands(operands);
//if (operands.size() > 0) {
// Expression::Ptr exp = operands[0].getValue();
// Result res = exp->eval();
// Immediate::makeImmediate(Result(u64, 2^32));
// fprintf(stderr, "results: %s\n", res.format().c_str());
//}
unsigned char* dotTextRaw = (unsigned char*) i->ptr();
//fprintf(stderr, "%i bytes > %s -- ", i->size(), i->format().c_str());
//for (int x = 0; x < i->size(); x++) {
// fprintf(stderr, " %x ", dotTextRaw[x]);
//}
//fprintf(stderr, "\n");
if (i->readsMemory()) {
if (/*dotTextRaw[0] == 0xa1 && */i->size() == 5 || i->size() == 6) {
unsigned int* dataOperand = i->size() == 5 ? (unsigned int*)(dotTextRaw + 1)
: (unsigned int*)(dotTextRaw + 2);
// Interpret as int to reverse bytes in memory automatically
fprintf(stderr, "Data operand: %p\n", (void*) ((unsigned int)*dataOperand));
unsigned int data = *dataOperand;
unsigned char* tmp = (unsigned char*) dataOperand;
if (dataRegion->isOffsetInRegion((*relocs)[data])
|| bssRegion->isOffsetInRegion((*relocs)[data])) {
// Hacky, depends on teh 32-bit instructions
int tmp = i->size() == 5 ? 1 : 2;
*((unsigned int*)(newText + currentTextOffset + tmp)) = (*relocs)[data];
}
}
}
//if (dotTextRaw[0] == 0xa1 && i->size() == 9) {
// fprintf(stdout, "%i bytes > %s\n", i->size(), i->format().c_str());
// unsigned int* dataOperand = (unsigned int*)(dotTextRaw + 1);
// if (dataOperand[0] > 134518284) {
// ((unsigned int*)(((unsigned char*) dotTextRawMuta) + currentTextOffset + 1))[0] = 134518520;
// }
//}
currentTextOffset += i->size();
i = decoder.decode();
}
// Assign the data region to point at the new buffer
if (!textRegion->setPtrToRawData((void*) newText, textRegion->getRegionSize())) {
fprintf(stderr, "Failed to set pointer to raw text!\n");
exit(EXIT_FAILURE);
}
}