diff options
Diffstat (limited to 'miasm/jitter/loader/pe.py')
| -rw-r--r-- | miasm/jitter/loader/pe.py | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/miasm/jitter/loader/pe.py b/miasm/jitter/loader/pe.py index c988fc59..9af068e4 100644 --- a/miasm/jitter/loader/pe.py +++ b/miasm/jitter/loader/pe.py @@ -23,12 +23,12 @@ log.setLevel(logging.INFO) def get_pe_dependencies(pe_obj): """Collect the shared libraries upon which this PE depends. - + @pe_obj: pe object Returns a set of strings of DLL names. - + Example: - + pe = miasm.analysis.binary.Container.from_string(buf) deps = miasm.jitter.loader.pe.get_pe_dependencies(pe.executable) assert sorted(deps)[0] == 'api-ms-win-core-appcompat-l1-1-0.dll' @@ -63,12 +63,12 @@ def get_import_address_pe(e): """Compute the addresses of imported symbols. @e: pe object Returns a dict mapping from tuple (dll name string, symbol name string) to set of virtual addresses. - + Example: - + pe = miasm.analysis.binary.Container.from_string(buf) imports = miasm.jitter.loader.pe.get_import_address_pe(pe.executable) - assert imports[('api-ms-win-core-rtlsupport-l1-1-0.dll', 'RtlCaptureStackBackTrace')] == {0x6b88a6d0} + assert imports[('api-ms-win-core-rtlsupport-l1-1-0.dll', 'RtlCaptureStackBackTrace')] == {0x6b88a6d0} """ import2addr = defaultdict(set) if e.DirImport.impdesc is None: @@ -732,7 +732,7 @@ class ImpRecStateMachine(object): "entry_module_addr": func_addr, "entry_memory_addr": self.cur_address, } - + def transition(self, data): if self.state == self.STATE_SEARCH: if data in self.func_addrs: @@ -760,7 +760,7 @@ class ImpRecStateMachine(object): self.transition(data) else: raise ValueError() - + def run(self): while True: data, address = yield @@ -804,7 +804,7 @@ class ImpRecStrategy(object): @update_libs: if set (default), update `libs` object with founded addresses @align_hypothesis: if not set (default), do not consider import addresses are written on aligned addresses - + Return the list of candidates """ candidates = [] |