diff options
| author | Fabrice Desclaux <fabrice.desclaux@cea.fr> | 2018-10-11 19:35:18 +0200 |
|---|---|---|
| committer | Fabrice Desclaux <fabrice.desclaux@cea.fr> | 2018-10-12 16:27:58 +0200 |
| commit | 329f058141844a2e499140d61887324c824a2d5e (patch) | |
| tree | 66261d99f914eec532d26c20aadf6817fd196b10 | |
| parent | 58bb989db435fff2ee63d121ece8c66eedbce8dc (diff) | |
| download | miasm-329f058141844a2e499140d61887324c824a2d5e.tar.gz miasm-329f058141844a2e499140d61887324c824a2d5e.zip | |
All: updt api
| -rw-r--r-- | miasm2/arch/aarch64/jit.py | 4 | ||||
| -rw-r--r-- | miasm2/arch/arm/jit.py | 4 | ||||
| -rw-r--r-- | miasm2/arch/mep/jit.py | 4 | ||||
| -rw-r--r-- | miasm2/arch/mips32/jit.py | 4 | ||||
| -rw-r--r-- | miasm2/arch/msp430/jit.py | 4 | ||||
| -rw-r--r-- | miasm2/arch/x86/jit.py | 23 | ||||
| -rw-r--r-- | miasm2/os_dep/win_api_x86_32.py | 106 | ||||
| -rw-r--r-- | miasm2/os_dep/win_api_x86_32_seh.py | 6 | ||||
| -rw-r--r-- | test/arch/x86/qemu/testqemu.py | 7 |
9 files changed, 79 insertions, 83 deletions
diff --git a/miasm2/arch/aarch64/jit.py b/miasm2/arch/aarch64/jit.py index 91c32c68..9873464a 100644 --- a/miasm2/arch/aarch64/jit.py +++ b/miasm2/arch/aarch64/jit.py @@ -23,12 +23,12 @@ class jitter_aarch64l(Jitter): self.vm.set_mem(self.cpu.SP, pck64(value)) def pop_uint64_t(self): - value = upck64(self.vm.get_mem(self.cpu.SP, 8)) + value = self.vm.get_u64(self.cpu.SP) self.cpu.SP += 8 return value def get_stack_arg(self, index): - return upck64(self.vm.get_mem(self.cpu.SP + 8 * index, 8)) + return self.vm.get_u64(self.cpu.SP + 8 * index) # calling conventions diff --git a/miasm2/arch/arm/jit.py b/miasm2/arch/arm/jit.py index 551d761a..06fba210 100644 --- a/miasm2/arch/arm/jit.py +++ b/miasm2/arch/arm/jit.py @@ -74,12 +74,12 @@ class jitter_arml(Jitter): self.vm.set_mem(self.cpu.SP, pck32(value)) def pop_uint32_t(self): - value = upck32(self.vm.get_mem(self.cpu.SP, 4)) + value = self.vm.get_u32(self.cpu.SP) self.cpu.SP += 4 return value def get_stack_arg(self, index): - return upck32(self.vm.get_mem(self.cpu.SP + 4 * index, 4)) + return self.vm.get_u32(self.cpu.SP + 4 * index) # calling conventions diff --git a/miasm2/arch/mep/jit.py b/miasm2/arch/mep/jit.py index 33eb5c3c..913d508f 100644 --- a/miasm2/arch/mep/jit.py +++ b/miasm2/arch/mep/jit.py @@ -91,14 +91,14 @@ class jitter_mepl(Jitter): def pop_uint16_t(self): regs = self.cpu.get_gpreg() - x = upck16(self.vm.get_mem(regs["SP"], 2)) + x = self.vm.get_u16(regs["SP"]) regs["SP"] += 2 self.cpu.set_gpreg(regs) return x def get_stack_arg(self, n): regs = self.cpu.get_gpreg() - x = upck16(self.vm.get_mem(regs["SP"] + 2 * n, 2)) + x = self.vm.get_u16(regs["SP"] + 2 * n) return x def init_run(self, *args, **kwargs): diff --git a/miasm2/arch/mips32/jit.py b/miasm2/arch/mips32/jit.py index a0df64d6..4abe0cd4 100644 --- a/miasm2/arch/mips32/jit.py +++ b/miasm2/arch/mips32/jit.py @@ -94,12 +94,12 @@ class jitter_mips32l(Jitter): self.vm.set_mem(self.cpu.SP, pck32(value)) def pop_uint32_t(self): - value = upck32(self.vm.get_mem(self.cpu.SP, 4)) + value = self.vm.get_u32(self.cpu.SP) self.cpu.SP += 4 return value def get_stack_arg(self, index): - return upck32(self.vm.get_mem(self.cpu.SP + 4 * index, 4)) + return self.vm.get_u32(self.cpu.SP + 4 * index) def init_run(self, *args, **kwargs): Jitter.init_run(self, *args, **kwargs) diff --git a/miasm2/arch/msp430/jit.py b/miasm2/arch/msp430/jit.py index 9fbbc639..e4d04f9f 100644 --- a/miasm2/arch/msp430/jit.py +++ b/miasm2/arch/msp430/jit.py @@ -26,14 +26,14 @@ class jitter_msp430(Jitter): def pop_uint16_t(self): regs = self.cpu.get_gpreg() - value = upck16(self.vm.get_mem(regs['SP'], 2)) + value = self.vm.get_u16(regs['SP']) regs['SP'] += 2 self.cpu.set_gpreg(regs) return value def get_stack_arg(self, index): regs = self.cpu.get_gpreg() - value = upck16(self.vm.get_mem(regs['SP'] + 2 * index, 2)) + value = self.vm.get_u16(regs['SP'] + 2 * index) return value def init_run(self, *args, **kwargs): diff --git a/miasm2/arch/x86/jit.py b/miasm2/arch/x86/jit.py index 3322e722..d775cff5 100644 --- a/miasm2/arch/x86/jit.py +++ b/miasm2/arch/x86/jit.py @@ -1,7 +1,6 @@ import logging from miasm2.jitter.jitload import Jitter, named_arguments -from miasm2.core.utils import pck16, pck32, pck64, upck16, upck32, upck64 from miasm2.arch.x86.sem import ir_x86_16, ir_x86_32, ir_x86_64 from miasm2.jitter.codegen import CGen from miasm2.core.locationdb import LocationDB @@ -51,15 +50,15 @@ class jitter_x86_16(Jitter): def push_uint16_t(self, value): self.cpu.SP -= self.ir_arch.sp.size / 8 - self.vm.set_mem(self.cpu.SP, pck16(value)) + self.vm.set_u16(self.cpu.SP, value) def pop_uint16_t(self): - value = upck16(self.vm.get_mem(self.cpu.SP, self.ir_arch.sp.size / 8)) + value = self.vm.get_u16(self.cpu.SP) self.cpu.SP += self.ir_arch.sp.size / 8 return value def get_stack_arg(self, index): - return upck16(self.vm.get_mem(self.cpu.SP + 4 * index, 4)) + return self.vm.get_u16(self.cpu.SP + 4 * index) def init_run(self, *args, **kwargs): Jitter.init_run(self, *args, **kwargs) @@ -84,24 +83,24 @@ class jitter_x86_32(Jitter): def push_uint16_t(self, value): self.cpu.ESP -= self.ir_arch.sp.size / 8 - self.vm.set_mem(self.cpu.ESP, pck16(value)) + self.vm.set_u16(self.cpu.ESP, value) def pop_uint16_t(self): - value = upck16(self.vm.get_mem(self.cpu.ESP, self.ir_arch.sp.size / 8)) + value = self.vm.get_u16(self.cpu.ESP) self.cpu.ESP += self.ir_arch.sp.size / 8 return value def push_uint32_t(self, value): self.cpu.ESP -= self.ir_arch.sp.size / 8 - self.vm.set_mem(self.cpu.ESP, pck32(value)) + self.vm.set_u32(self.cpu.ESP, value) def pop_uint32_t(self): - value = upck32(self.vm.get_mem(self.cpu.ESP, self.ir_arch.sp.size / 8)) + value = self.vm.get_u32(self.cpu.ESP) self.cpu.ESP += self.ir_arch.sp.size / 8 return value def get_stack_arg(self, index): - return upck32(self.vm.get_mem(self.cpu.ESP + 4 * index, 4)) + return self.vm.get_u32(self.cpu.ESP + 4 * index) def init_run(self, *args, **kwargs): Jitter.init_run(self, *args, **kwargs) @@ -200,15 +199,15 @@ class jitter_x86_64(Jitter): def push_uint64_t(self, value): self.cpu.RSP -= self.ir_arch.sp.size / 8 - self.vm.set_mem(self.cpu.RSP, pck64(value)) + self.vm.set_u64(self.cpu.RSP, value) def pop_uint64_t(self): - value = upck64(self.vm.get_mem(self.cpu.RSP, self.ir_arch.sp.size / 8)) + value = self.vm.get_u64(self.cpu.RSP) self.cpu.RSP += self.ir_arch.sp.size / 8 return value def get_stack_arg(self, index): - return upck64(self.vm.get_mem(self.cpu.RSP + 8 * index, 8)) + return self.vm.get_u64(self.cpu.RSP + 8 * index) def init_run(self, *args, **kwargs): Jitter.init_run(self, *args, **kwargs) diff --git a/miasm2/os_dep/win_api_x86_32.py b/miasm2/os_dep/win_api_x86_32.py index db6cfa19..25e98d4b 100644 --- a/miasm2/os_dep/win_api_x86_32.py +++ b/miasm2/os_dep/win_api_x86_32.py @@ -32,7 +32,7 @@ except ImportError: print "cannot find crypto, skipping" from miasm2.jitter.csts import PAGE_READ, PAGE_WRITE, PAGE_EXEC -from miasm2.core.utils import pck16, pck32, upck16, upck32, hexdump, whoami +from miasm2.core.utils import pck16, pck32, hexdump, whoami from miasm2.os_dep.common import heap, windows_to_sbpath from miasm2.os_dep.common import set_str_unic, set_str_ansi from miasm2.os_dep.common import get_fmt_args as _get_fmt_args @@ -358,7 +358,7 @@ def kernel32_GetVersion(jitter): def kernel32_GetVersionEx(jitter, str_size, set_str): ret_ad, args = jitter.func_args_stdcall(["ptr_struct"]) - size = upck32(jitter.vm.get_mem(args.ptr_struct, 4)) + size = jitter.vm.get_u32(args.ptr_struct) if size in [0x14+str_size, 0x1c+str_size]: tmp = struct.pack("IIIII%dsHHHBB" % str_size, 0x114, # struct size @@ -434,7 +434,7 @@ def advapi32_CryptAcquireContext(jitter, funcname, get_str): "dwflags"]) prov = get_str(args.pszprovider) if args.pszprovider else "NONE" log.debug('prov: %r', prov) - jitter.vm.set_mem(args.phprov, pck32(winobjs.cryptcontext_hwnd)) + jitter.vm.set_u32(args.phprov, winobjs.cryptcontext_hwnd) jitter.func_ret_stdcall(ret_ad, 1) @@ -454,9 +454,9 @@ def advapi32_CryptCreateHash(jitter): if args.algid == 0x00008003: log.debug('algo is MD5') - jitter.vm.set_mem( + jitter.vm.set_u32( args.phhash, - pck32(winobjs.cryptcontext_bnum + winobjs.cryptcontext_num) + winobjs.cryptcontext_bnum + winobjs.cryptcontext_num ) winobjs.cryptcontext[ winobjs.cryptcontext_bnum + winobjs.cryptcontext_num] = hobj() @@ -464,9 +464,9 @@ def advapi32_CryptCreateHash(jitter): winobjs.cryptcontext_bnum + winobjs.cryptcontext_num].h = MD5.new() elif args.algid == 0x00008004: log.debug('algo is SHA1') - jitter.vm.set_mem( + jitter.vm.set_u32( args.phhash, - pck32(winobjs.cryptcontext_bnum + winobjs.cryptcontext_num) + winobjs.cryptcontext_bnum + winobjs.cryptcontext_num ) winobjs.cryptcontext[ winobjs.cryptcontext_bnum + winobjs.cryptcontext_num] = hobj() @@ -504,7 +504,7 @@ def advapi32_CryptGetHashParam(jitter): else: raise ValueError('not impl', args.param) jitter.vm.set_mem(args.pbdata, h) - jitter.vm.set_mem(args.dwdatalen, pck32(len(h))) + jitter.vm.set_u32(args.dwdatalen, len(h)) jitter.func_ret_stdcall(ret_ad, 1) @@ -525,7 +525,7 @@ def advapi32_CryptDeriveKey(jitter): h = winobjs.cryptcontext[args.hbasedata].h.digest() log.debug('hash %r', h) winobjs.cryptcontext[args.hbasedata].h_result = h - jitter.vm.set_mem(args.phkey, pck32(args.hbasedata)) + jitter.vm.set_u32(args.phkey, args.hbasedata) jitter.func_ret_stdcall(ret_ad, 1) @@ -681,7 +681,7 @@ def kernel32_ReadFile(jitter): if data is not None: if (args.lpnumberofbytesread): - jitter.vm.set_mem(args.lpnumberofbytesread, pck32(len(data))) + jitter.vm.set_u32(args.lpnumberofbytesread, len(data)) jitter.vm.set_mem(args.lpbuffer, data) jitter.func_ret_stdcall(ret_ad, 1) @@ -699,7 +699,7 @@ def kernel32_GetFileSize(jitter): raise ValueError('unknown hwnd!') if args.lpfilesizehight != 0: - jitter.vm.set_mem(args.lpfilesizehight, pck32(ret)) + jitter.vm.set_u32(args.lpfilesizehight, ret) jitter.func_ret_stdcall(ret_ad, ret) @@ -737,7 +737,7 @@ def kernel32_VirtualProtect(jitter): if args.lpfloldprotect: old = jitter.vm.get_mem_access(args.lpvoid) - jitter.vm.set_mem(args.lpfloldprotect, pck32(ACCESS_DICT_INV[old])) + jitter.vm.set_u32(args.lpfloldprotect, ACCESS_DICT_INV[old]) for addr in jitter.vm.get_all_memory(): # Multi-page @@ -864,7 +864,7 @@ def kernel32_CreateMutexW(jitter): def shell32_SHGetSpecialFolderLocation(jitter): ret_ad, args = jitter.func_args_stdcall(["hwndowner", "nfolder", "ppidl"]) - jitter.vm.set_mem(args.ppidl, pck32(args.nfolder)) + jitter.vm.set_u32(args.ppidl, args.nfolder) jitter.func_ret_stdcall(ret_ad, 0) @@ -1022,7 +1022,7 @@ def kernel32_GetSystemInfo(jitter): def kernel32_IsWow64Process(jitter): ret_ad, args = jitter.func_args_stdcall(["process", "bool_ptr"]) - jitter.vm.set_mem(args.bool_ptr, pck32(0)) + jitter.vm.set_u32(args.bool_ptr, 0) jitter.func_ret_stdcall(ret_ad, 1) @@ -1052,11 +1052,11 @@ def shell32_CommandLineToArgvW(jitter): o = 0 for i, t in enumerate(tks): jitter.set_str_unic(addr + o, t) - jitter.vm.set_mem(addr_ret + 4 * i, pck32(addr + o)) + jitter.vm.set_u32(addr_ret + 4 * i, addr + o) o += len(t)*2 + 2 - jitter.vm.set_mem(addr_ret + 4 * i, pck32(0)) - jitter.vm.set_mem(args.pnumargs, pck32(len(tks))) + jitter.vm.set_u32(addr_ret + 4 * i, 0) + jitter.vm.set_u32(args.pnumargs, len(tks)) jitter.func_ret_stdcall(ret_ad, addr_ret) @@ -1066,15 +1066,14 @@ def cryptdll_MD5Init(jitter): h = MD5.new() winobjs.cryptdll_md5_h[index] = h - jitter.vm.set_mem(args.ad_ctx, pck32(index)) + jitter.vm.set_u32(args.ad_ctx, index) jitter.func_ret_stdcall(ret_ad, 0) def cryptdll_MD5Update(jitter): ret_ad, args = jitter.func_args_stdcall(["ad_ctx", "ad_input", "inlen"]) - index = jitter.vm.get_mem(args.ad_ctx, 4) - index = upck32(index) + index = jitter.vm.get_u32(args.ad_ctx) if not index in winobjs.cryptdll_md5_h: raise ValueError('unknown h context', index) @@ -1088,8 +1087,7 @@ def cryptdll_MD5Update(jitter): def cryptdll_MD5Final(jitter): ret_ad, args = jitter.func_args_stdcall(["ad_ctx"]) - index = jitter.vm.get_mem(args.ad_ctx, 4) - index = upck32(index) + index = jitter.vm.get_u32(args.ad_ctx) if not index in winobjs.cryptdll_md5_h: raise ValueError('unknown h context', index) h = winobjs.cryptdll_md5_h[index].digest() @@ -1123,7 +1121,7 @@ def ntdll_RtlHashUnicodeString(jitter): s = s.lower() for c in s: hv = ((65599 * hv) + ord(c)) & 0xffffffff - jitter.vm.set_mem(args.phout, pck32(hv)) + jitter.vm.set_u32(args.phout, hv) jitter.func_ret_stdcall(ret_ad, 0) @@ -1136,9 +1134,9 @@ def kernel32_RtlMoveMemory(jitter): def ntdll_RtlAnsiCharToUnicodeChar(jitter): ret_ad, args = jitter.func_args_stdcall(['ad_ad_ch']) - ad_ch = upck32(jitter.vm.get_mem(args.ad_ad_ch, 4)) + ad_ch = jitter.vm.get_u32(args.ad_ad_ch) ch = ord(jitter.vm.get_mem(ad_ch, 1)) - jitter.vm.set_mem(args.ad_ad_ch, pck32(ad_ch + 1)) + jitter.vm.set_u32(args.ad_ad_ch, ad_ch + 1) jitter.func_ret_stdcall(ret_ad, ch) @@ -1166,10 +1164,10 @@ def ntdll_RtlFindCharInUnicodeString(jitter): break if pos is None: ret = 0xC0000225 - jitter.vm.set_mem(args.pos_ad, pck32(0)) + jitter.vm.set_u32(args.pos_ad, 0) else: ret = 0 - jitter.vm.set_mem(args.pos_ad, pck32(pos)) + jitter.vm.set_u32(args.pos_ad, pos) jitter.func_ret_stdcall(ret_ad, ret) @@ -1253,7 +1251,7 @@ def kernel32_IsBadReadPtr(jitter): def ntoskrnl_KeInitializeEvent(jitter): ret_ad, args = jitter.func_args_stdcall(['my_event', 'my_type', 'my_state']) - jitter.vm.set_mem(args.my_event, pck32(winobjs.win_event_num)) + jitter.vm.set_u32(args.my_event, winobjs.win_event_num) winobjs.win_event_num += 1 jitter.func_ret_stdcall(ret_ad, 0) @@ -1539,11 +1537,11 @@ def my_GetVolumeInformation(jitter, funcname, get_str, set_str): set_str(args.lpvolumenamebuffer, s) if args.lpvolumeserialnumber: - jitter.vm.set_mem(args.lpvolumeserialnumber, pck32(11111111)) + jitter.vm.set_u32(args.lpvolumeserialnumber, 11111111) if args.lpmaximumcomponentlength: - jitter.vm.set_mem(args.lpmaximumcomponentlength, pck32(0xff)) + jitter.vm.set_u32(args.lpmaximumcomponentlength, 0xff) if args.lpfilesystemflags: - jitter.vm.set_mem(args.lpfilesystemflags, pck32(22222222)) + jitter.vm.set_u32(args.lpfilesystemflags, 22222222) if args.lpfilesystemnamebuffer: s = "filesystemname" @@ -1690,7 +1688,7 @@ def kernel32_SetFileAttributesA(jitter): ret = 1 else: ret = 0 - jitter.vm.set_mem(tib_address + 0x34, pck32(3)) + jitter.vm.set_u32(tib_address + 0x34, 3) jitter.func_ret_stdcall(ret_ad, ret) @@ -1725,7 +1723,7 @@ def ntdll_ZwProtectVirtualMemory(jitter): "flnewprotect", "lpfloldprotect"]) - ad = upck32(jitter.vm.get_mem(args.lppvoid, 4)) + ad = jitter.vm.get_u32(args.lppvoid) # dwsize = upck32(jitter.vm.get_mem(args.pdwsize, 4)) # XXX mask hpart flnewprotect = args.flnewprotect & 0xFFF @@ -1735,7 +1733,7 @@ def ntdll_ZwProtectVirtualMemory(jitter): jitter.vm.set_mem_access(ad, ACCESS_DICT[flnewprotect]) # XXX todo real old protect - jitter.vm.set_mem(args.lpfloldprotect, pck32(0x40)) + jitter.vm.set_u32(args.lpfloldprotect, 0x40) jitter.func_ret_stdcall(ret_ad, 1) @@ -1747,7 +1745,7 @@ def ntdll_ZwAllocateVirtualMemory(jitter): "flprotect"]) # ad = upck32(jitter.vm.get_mem(args.lppvoid, 4)) - dwsize = upck32(jitter.vm.get_mem(args.pdwsize, 4)) + dwsize = jitter.vm.get_u32(args.pdwsize) if not args.flprotect in ACCESS_DICT: raise ValueError('unknown access dw!') @@ -1756,7 +1754,7 @@ def ntdll_ZwAllocateVirtualMemory(jitter): jitter.vm.add_memory_page( alloc_addr, ACCESS_DICT[args.flprotect], "\x00" * dwsize, "Alloc in %s ret 0x%X" % (whoami(), ret_ad)) - jitter.vm.set_mem(args.lppvoid, pck32(alloc_addr)) + jitter.vm.set_u32(args.lppvoid, alloc_addr) jitter.func_ret_stdcall(ret_ad, 0) @@ -1808,7 +1806,7 @@ def ntdll_LdrLoadDll(jitter): libname = s.lower() ad = winobjs.runtime_dll.lib_get_add_base(libname) - jitter.vm.set_mem(args.modhandle, pck32(ad)) + jitter.vm.set_u32(args.modhandle, ad) jitter.func_ret_stdcall(ret_ad, 0) @@ -1830,7 +1828,7 @@ def ntdll_LdrGetProcedureAddress(jitter): ad = winobjs.runtime_dll.lib_get_add_func(args.libbase, fname) jitter.add_breakpoint(ad, jitter.handle_lib) - jitter.vm.set_mem(args.p_ad, pck32(ad)) + jitter.vm.set_u32(args.p_ad, ad) jitter.func_ret_stdcall(ret_ad, 0) @@ -2072,7 +2070,7 @@ def msvcrt_fprintf(jitter): ret = len(output) log.info("fprintf(%x, '%s') = '%s'" % (args.file, jitter.get_str_ansi(args.fmt), output)) - fd = upck32(jitter.vm.get_mem(args.file + 0x10, 4)) + fd = jitter.vm.get_u32(args.file + 0x10) if not fd in winobjs.handle_pool: raise NotImplementedError("Untested case") winobjs.handle_pool[fd].info.write(output) @@ -2105,7 +2103,7 @@ def advapi32_RegCreateKeyW(jitter): ret_hkey = args.hkey log.info("RegCreateKeyW(%x, '%s') = (%x,%d)" % (args.hkey, s_subkey, ret_hkey, ret)) - jitter.vm.set_mem(args.phandle, pck32(ret_hkey)) + jitter.vm.set_u32(args.phandle, ret_hkey) jitter.func_ret_stdcall(ret_ad, ret) @@ -2136,7 +2134,7 @@ def advapi32_RegOpenKeyEx(jitter, funcname, get_str): else: log.error('unknown skey') - jitter.vm.set_mem(args.phandle, pck32(ret_hkey)) + jitter.vm.set_u32(args.phandle, ret_hkey) jitter.func_ret_stdcall(ret_ad, ret) @@ -2497,10 +2495,10 @@ def kernel32_GetDiskFreeSpace(jitter, funcname, get_str): "lpbytespersector", "lpnumberoffreeclusters", "lptotalnumberofclusters"]) - jitter.vm.set_mem(args.lpsectorpercluster, pck32(8)) - jitter.vm.set_mem(args.lpbytespersector, pck32(0x200)) - jitter.vm.set_mem(args.lpnumberoffreeclusters, pck32(0x222222)) - jitter.vm.set_mem(args.lptotalnumberofclusters, pck32(0x333333)) + jitter.vm.set_u32(args.lpsectorpercluster, 8) + jitter.vm.set_u32(args.lpbytespersector, 0x200) + jitter.vm.set_u32(args.lpnumberoffreeclusters, 0x222222) + jitter.vm.set_u32(args.lptotalnumberofclusters, 0x333333) jitter.func_ret_stdcall(ret_ad, 1) @@ -2542,8 +2540,8 @@ def kernel32_GetProcessAffinityMask(jitter): ret_ad, args = jitter.func_args_stdcall(["hprocess", "procaffmask", "systemaffmask"]) - jitter.vm.set_mem(args.procaffmask, pck32(1)) - jitter.vm.set_mem(args.systemaffmask, pck32(1)) + jitter.vm.set_u32(args.procaffmask, 1) + jitter.vm.set_u32(args.systemaffmask, 1) jitter.func_ret_stdcall(ret_ad, 1) @@ -2653,7 +2651,7 @@ def kernel32_WriteFile(jitter): raise ValueError('unknown filename') if (args.lpnumberofbyteswrite): - jitter.vm.set_mem(args.lpnumberofbyteswrite, pck32(len(data))) + jitter.vm.set_u32(args.lpnumberofbyteswrite, len(data)) jitter.func_ret_stdcall(ret_ad, 1) @@ -2688,7 +2686,7 @@ def msvcrt_free(jitter): def msvcrt_fseek(jitter): ret_ad, args = jitter.func_args_cdecl(['stream', 'offset', 'orig']) - fd = upck32(jitter.vm.get_mem(args.stream + 0x10, 4)) + fd = jitter.vm.get_u32(args.stream + 0x10) if not fd in winobjs.handle_pool: raise NotImplementedError("Untested case") @@ -2699,7 +2697,7 @@ def msvcrt_fseek(jitter): def msvcrt_ftell(jitter): ret_ad, args = jitter.func_args_cdecl(["stream"]) - fd = upck32(jitter.vm.get_mem(args.stream + 0x10, 4)) + fd = jitter.vm.get_u32(args.stream + 0x10) if not fd in winobjs.handle_pool: raise NotImplementedError("Untested case") @@ -2710,7 +2708,7 @@ def msvcrt_ftell(jitter): def msvcrt_rewind(jitter): ret_ad, args = jitter.func_args_cdecl(["stream"]) - fd = upck32(jitter.vm.get_mem(args.stream + 0x10, 4)) + fd = jitter.vm.get_u32(args.stream + 0x10) if not fd in winobjs.handle_pool: raise NotImplementedError("Untested case") o = winobjs.handle_pool[fd] @@ -2720,7 +2718,7 @@ def msvcrt_rewind(jitter): def msvcrt_fread(jitter): ret_ad, args = jitter.func_args_cdecl(["buf", "size", "nmemb", "stream"]) - fd = upck32(jitter.vm.get_mem(args.stream + 0x10, 4)) + fd = jitter.vm.get_u32(args.stream + 0x10) if not fd in winobjs.handle_pool: raise NotImplementedError("Untested case") @@ -2731,7 +2729,7 @@ def msvcrt_fread(jitter): def msvcrt_fwrite(jitter): ret_ad, args = jitter.func_args_cdecl(["buf", "size", "nmemb", "stream"]) - fd = upck32(jitter.vm.get_mem(args.stream + 0x10, 4)) + fd = jitter.vm.get_u32(args.stream + 0x10) if not fd in winobjs.handle_pool: raise NotImplementedError("Unknown file handle!") @@ -2742,7 +2740,7 @@ def msvcrt_fwrite(jitter): def msvcrt_fclose(jitter): ret_ad, args = jitter.func_args_cdecl(['stream']) - fd = upck32(jitter.vm.get_mem(args.stream + 0x10, 4)) + fd = jitter.vm.get_u32(args.stream + 0x10) if not fd in winobjs.handle_pool: raise NotImplementedError("Untested case") diff --git a/miasm2/os_dep/win_api_x86_32_seh.py b/miasm2/os_dep/win_api_x86_32_seh.py index 9d37c9b1..110f2b34 100644 --- a/miasm2/os_dep/win_api_x86_32_seh.py +++ b/miasm2/os_dep/win_api_x86_32_seh.py @@ -24,7 +24,7 @@ import struct from elfesteem import pe_init from miasm2.jitter.csts import PAGE_READ, PAGE_WRITE -from miasm2.core.utils import pck32, upck32 +from miasm2.core.utils import pck32 import miasm2.arch.x86.regs as x86_regs from miasm2.os_dep.win_32_structs import LdrDataEntry, ListEntry, \ @@ -614,8 +614,8 @@ def return_from_seh(jitter): @jitter: jitter instance""" # Get object addresses - seh_address = upck32(jitter.vm.get_mem(jitter.cpu.ESP + 0x4, 4)) - context_address = upck32(jitter.vm.get_mem(jitter.cpu.ESP + 0x8, 4)) + seh_address = jitter.vm.get_u32(jitter.cpu.ESP + 0x4) + context_address = jitter.vm.get_u32(jitter.cpu.ESP + 0x8) # Get registers changes log.info('Context address: %x', context_address) diff --git a/test/arch/x86/qemu/testqemu.py b/test/arch/x86/qemu/testqemu.py index e6c487f2..dccd9c83 100644 --- a/test/arch/x86/qemu/testqemu.py +++ b/test/arch/x86/qemu/testqemu.py @@ -7,7 +7,6 @@ from pdb import pm from miasm2.analysis.sandbox import Sandbox_Linux_x86_32 from miasm2.jitter.jitload import log_func from miasm2.jitter.csts import PAGE_READ, PAGE_WRITE -from miasm2.core.utils import upck32 # Utils def parse_fmt(s): @@ -54,17 +53,17 @@ def xxx___printf_chk(jitter): i = 0 for x in fmt_a: - a = upck32(jitter.vm.get_mem(esp + 8 + 4*i, 4)) + a = jitter.vm.get_u32(esp + 8 + 4*i) if x == "s": a = jitter.get_str_ansi(a) elif x.lower() in ("x", 'd'): pass elif x.lower() in ("f", "l"): - a2 = upck32(jitter.vm.get_mem(esp + 8 + 4*(i+1), 4)) + a2 = jitter.vm.get_u32(esp + 8 + 4*(i+1)) a = struct.unpack("d", struct.pack("Q", a2 << 32 | a))[0] i += 1 elif x.lower() == 'z': - a2 = upck32(jitter.vm.get_mem(esp + 8 + 4*(i+1), 4)) + a2 = jitter.vm.get_u32(esp + 8 + 4*(i+1)) a = a2 << 32 | a i += 1 else: |