diff options
| author | serpilliere <devnull@localhost> | 2011-08-26 13:34:12 +0200 |
|---|---|---|
| committer | serpilliere <devnull@localhost> | 2011-08-26 13:34:12 +0200 |
| commit | bbd7e71ada55e23fe857a7c9954687ff987dec7c (patch) | |
| tree | 5b8b21abab228129b8b2db1fab465185d27e4416 | |
| parent | 78bacd4d0dd014412a81ce8dc72ad3954bcd12e5 (diff) | |
| download | miasm-bbd7e71ada55e23fe857a7c9954687ff987dec7c.tar.gz miasm-bbd7e71ada55e23fe857a7c9954687ff987dec7c.zip | |
explicit error whil vm_get_mem fails
| -rwxr-xr-x | example/emulx86_bin.py | 75 | ||||
| -rw-r--r-- | example/x86_sc.bin | bin | 0 -> 16 bytes | |||
| -rw-r--r-- | miasm/expression/expression.py | 6 | ||||
| -rw-r--r-- | miasm/tools/emul_lib/libcodenat.c | 4 | ||||
| -rw-r--r-- | miasm/tools/emul_lib/libcodenat_interface.c | 2 | ||||
| -rw-r--r-- | miasm/tools/to_c_helper.py | 9 |
6 files changed, 88 insertions, 8 deletions
diff --git a/example/emulx86_bin.py b/example/emulx86_bin.py new file mode 100755 index 00000000..151370b4 --- /dev/null +++ b/example/emulx86_bin.py @@ -0,0 +1,75 @@ +#! /usr/bin/env python +import os +from elfesteem import * +from miasm.core import asmbloc +from miasm.core import parse_asm +from miasm.tools.to_c_helper import * +from miasm.tools import emul_helper +from miasm.arch.ia32_arch import * +import sys + + + +if len(sys.argv) <3: + print 'usage:' + print "%s rawfile address_to_exec"%sys.argv[0] + sys.exit(0) +data = open(sys.argv[1], 'rb').read() +ad = sys.argv[2].lower() +if ad.startswith('0x'): + ad = int(ad, 16) +else: + ad = int(ad) + + +vm_init_regs() +init_memory_page_pool_py() +init_code_bloc_pool_py() +in_str = bin_stream_vm() + +codenat_tcc_init() + +code_ad = 0x40000000 +vm_add_memory_page(code_ad, PAGE_READ|PAGE_WRITE|PAGE_EXEC, data) +stack_base_ad = 0x1230000 +stack_size = 0x10000 +vm_add_memory_page(stack_base_ad, PAGE_READ|PAGE_WRITE, "\x00"*stack_size) +dump_memory_page_pool_py() + +regs = vm_get_gpreg() +regs['esp'] = stack_base_ad+stack_size +vm_set_gpreg(regs) +dump_gpregs_py() + + +vm_push_uint32_t(0x1337beef) +symbol_pool = asmbloc.asm_symbol_pool() +known_blocs = {} +code_blocs_mem_range = [] + + + + +log_regs = True +log_mn = log_regs +def run_bin(my_eip, known_blocs, code_blocs_mem_range): + global log_regs, log_mn + while my_eip != 0x1337beef: + + if not my_eip in known_blocs: + updt_bloc_emul(known_blocs, in_str, my_eip, symbol_pool, code_blocs_mem_range, log_regs = log_regs, log_mn = log_mn) + try: + my_eip = vm_exec_blocs(my_eip, known_blocs) + except KeyboardInterrupt: + break + py_exception = vm_get_exception() + if py_exception: + if py_exception & EXCEPT_CODE_AUTOMOD: + print 'automod code' + dump_gpregs_py() + known_blocs, code_blocs_mem_range = updt_automod_code(known_blocs) + else: + raise ValueError("except at", hex(my_eip)) + +print "start emulation" +run_bin(ad+code_ad, known_blocs, code_blocs_mem_range) diff --git a/example/x86_sc.bin b/example/x86_sc.bin new file mode 100644 index 00000000..af96aeb2 --- /dev/null +++ b/example/x86_sc.bin Binary files differdiff --git a/miasm/expression/expression.py b/miasm/expression/expression.py index e472fb48..015dd651 100644 --- a/miasm/expression/expression.py +++ b/miasm/expression/expression.py @@ -612,9 +612,10 @@ class ExprSlice(Expr): return hash(self.arg)^hash(self.start)^hash(self.stop) def toC(self): + # XXX gen mask in python for 64 bit & 32 bit compat return "((%s>>%d) & ((0xFFFFFFFF>>(32-%d))))"%(self.arg.toC(), self.start, self.stop-self.start) - + class ExprSliceTo(Expr): def __init__(self, arg, start, stop): self.arg, self.start, self.stop = arg, start, stop @@ -650,6 +651,7 @@ class ExprSliceTo(Expr): return hash(self.arg)^hash(self.start)^hash(self.stop) def toC(self): + # XXX gen mask in python for 64 bit & 32 bit compat return "((%s & (0xFFFFFFFF>>(32-%d))) << %d)"%(self.arg.toC(), self.stop-self.start, self.start) class ExprCompose(Expr): @@ -669,7 +671,7 @@ class ExprCompose(Expr): if isinstance(a, Expr): args.append(a.reload_expr(g)) else: - args.append(a) + args.append(a) return ExprCompose(args ) def __contains__(self, e): diff --git a/miasm/tools/emul_lib/libcodenat.c b/miasm/tools/emul_lib/libcodenat.c index 1ceb8712..97dedd7a 100644 --- a/miasm/tools/emul_lib/libcodenat.c +++ b/miasm/tools/emul_lib/libcodenat.c @@ -84,7 +84,7 @@ struct memory_page_node * get_memory_page_from_address(uint64_t ad) if ( mpn && (mpn->ad <= ad) && (ad < mpn->ad + mpn->size)) return mpn; - printf("cannot find address!! %"PRIX64"\n", ad); + printf("ERROR: address 0x%"PRIX64" is not mapped in virtual memory:\n", ad); dump_memory_page_pool(); dump_gpregs(); //exit(-1); @@ -98,7 +98,7 @@ struct memory_page_node * get_memory_page_from_address(uint64_t ad) if ((mpn->ad <= ad) && (ad < mpn->ad + mpn->size)) return mpn; } - printf("cannot find address!! %X\n", ad); + printf("address %"PRIX64" is not mapped in virtual memory \n", ad); dump_memory_page_pool(); dump_gpregs(); //exit(-1); diff --git a/miasm/tools/emul_lib/libcodenat_interface.c b/miasm/tools/emul_lib/libcodenat_interface.c index 5482d931..56284aa2 100644 --- a/miasm/tools/emul_lib/libcodenat_interface.c +++ b/miasm/tools/emul_lib/libcodenat_interface.c @@ -467,7 +467,7 @@ PyObject* _vm_get_str(PyObject *addr, PyObject *item_len) while (my_size){ mpn = get_memory_page_from_address(buf_addr); if (!mpn){ - printf("cannot find page off %X\n", buf_addr); + PyErr_SetString(PyExc_RuntimeError, "cannot find address"); return 0; } diff --git a/miasm/tools/to_c_helper.py b/miasm/tools/to_c_helper.py index be19ee8c..9bbda006 100644 --- a/miasm/tools/to_c_helper.py +++ b/miasm/tools/to_c_helper.py @@ -598,9 +598,12 @@ def gen_C_from_asmbloc(in_str, offset, symbol_pool, dont_dis = [], job_done = No f_name = "bloc_%.16X"%(offset&mask_int) l = symbol_pool.getby_offset_create(offset) cur_bloc = asmbloc.asm_bloc(l) - - asmbloc.dis_bloc(x86_mn, in_str, cur_bloc, offset, job_done, symbol_pool,[], - follow_call = False, patch_instr_symb = True, dontdis_retcall = False,lines_wd = None, amode=x86_afs.u32, sex=0) + + try: + asmbloc.dis_bloc(x86_mn, in_str, cur_bloc, offset, job_done, symbol_pool,[], + follow_call = False, patch_instr_symb = True, dontdis_retcall = False,lines_wd = None, amode=x86_afs.u32, sex=0) + except: + raise ValueError('cannot disasm at', hex(offset)) f_dec, out = bloc_gen_C_func([cur_bloc], f_name, None, True, log_mn, log_reg, log_lbl, filtered_ad, tick_dbg) #print "\n".join(out) |