Пример #1
0
Panda__TaintQuery *__taint2_query_pandalog (Addr a, uint32_t offset) {
    LabelSetP ls = tp_query(shadow, a);
    if (ls) {
        Panda__TaintQuery *tq = (Panda__TaintQuery *) malloc(sizeof(Panda__TaintQuery));
        *tq = PANDA__TAINT_QUERY__INIT;        
        if (ls_returned.count(ls) == 0) {
            // we only want to actually write a particular set contents to pandalog once
            // this ls hasn't yet been written to pandalog
            // write out mapping from ls pointer to labelset contents
            // as its own separate log entry
            ls_returned.insert(ls);
            Panda__TaintQueryUniqueLabelSet *tquls =
                (Panda__TaintQueryUniqueLabelSet *) 
                malloc (sizeof (Panda__TaintQueryUniqueLabelSet));                
            *tquls = PANDA__TAINT_QUERY_UNIQUE_LABEL_SET__INIT;
            tquls->ptr = (uint64_t) ls;
            tquls->n_label = ls_card(ls);
            tquls->label = (uint32_t *) malloc (sizeof(uint32_t) * tquls->n_label);
            el_arr_ind = 0;
            tp_ls_iter(ls, collect_query_labels_pandalog, (void *) tquls->label);
            tq->unique_label_set = tquls;
        }
        tq->ptr = (uint64_t) ls;
        tq->tcn = taint2_query_tcn(a);
        // offset within larger thing being queried
        tq->offset = offset;
        return tq;
    }    
    return NULL;
}
Пример #2
0
// queries taint on this addr and
// if anything is tainted returns 1, else returns 0
// if there is taint, we write an entry to the pandalog. 
uint8_t __taint2_query_pandalog (Addr a) {
    uint8_t saw_taint = 0;
    LabelSetP ls = tp_query(shadow, a);
    if (ls) {
        saw_taint = 1;
        if (ls_returned.count(ls) == 0) {
            // we only want to actually write a particular set contents to pandalog once
            // this ls hasn't yet been written to pandalog
            // write out mapping from ls pointer to labelset contents
            // as its own separate log entry
            ls_returned.insert(ls);
            Panda__TaintQueryUniqueLabelSet *tquls = (Panda__TaintQueryUniqueLabelSet *) malloc (sizeof (Panda__TaintQueryUniqueLabelSet));
            *tquls = PANDA__TAINT_QUERY_UNIQUE_LABEL_SET__INIT;
            tquls->ptr = (uint64_t) ls;
            tquls->n_label = ls_card(ls);
            tquls->label = (uint32_t *) malloc (sizeof(uint32_t) * tquls->n_label);
            el_arr_ind = 0;
            tp_ls_iter(ls, collect_query_labels_pandalog, (void *) tquls->label);
            Panda__LogEntry ple = PANDA__LOG_ENTRY__INIT;
            ple.taint_query_unique_label_set = tquls;
            pandalog_write_entry(&ple);
            free (tquls->label);
            free (tquls);
        }
        // safe to refer to the set by the pointer in this next message
        Panda__TaintQuery *tq = (Panda__TaintQuery *) malloc(sizeof(Panda__TaintQuery));
        *tq = PANDA__TAINT_QUERY__INIT;
        tq->ptr = (uint64_t) ls;
        tq->tcn = taint2_query_tcn(a);
        //        tq->offset = offset;
        Panda__LogEntry ple = PANDA__LOG_ENTRY__INIT;
        ple.taint_query = tq;
        pandalog_write_entry(&ple);
        free(tq);
    }    
    return saw_taint;
}
Пример #3
0
uint32_t __taint2_query_llvm(int reg_num, int offset) {
    LabelSetP ls = tp_query_llvm(shadow, reg_num, offset);
    return ls_card(ls);
}
Пример #4
0
// if phys addr pa is untainted, return 0.
// else returns label set cardinality
uint32_t __taint2_query_ram(uint64_t pa) {
    LabelSetP ls = tp_query_ram(shadow, pa);
    return ls_card(ls);
}
Пример #5
0
uint32_t __taint2_query(Addr a) {
    LabelSetP ls = tp_query(shadow, a);
    return ls_card(ls);
}