about summary refs log tree commit diff stats
path: root/miasm_util.py
diff options
context:
space:
mode:
authorTheofilos Augoustis <theofilos.augoustis@gmail.com>2023-11-28 15:47:47 +0100
committerTheofilos Augoustis <theofilos.augoustis@gmail.com>2023-11-28 15:47:47 +0100
commitffcae80c2167f271a7d733d424fbd72db8c98a93 (patch)
treeb4d72a5b7522ffe7e10f5cf625be93347cab419f /miasm_util.py
parent836e42215fda0cbd330caef2dc5fc93336d4722c (diff)
downloadfocaccia-ffcae80c2167f271a7d733d424fbd72db8c98a93.tar.gz
focaccia-ffcae80c2167f271a7d733d424fbd72db8c98a93.zip
Record symbolic transform for single instructions
Step manually through single instructions instead of full basic blocks.
Record the transformation performed by each instruction as symbolic
equations.

Co-authored-by: Theofilos Augoustis <theofilos.augoustis@gmail.com>
Co-authored-by: Nicola Crivellin <nicola.crivellin98@gmail.com>
Diffstat (limited to '')
-rw-r--r--miasm_util.py23
1 files changed, 22 insertions, 1 deletions
diff --git a/miasm_util.py b/miasm_util.py
index 31083d9..55dfad0 100644
--- a/miasm_util.py
+++ b/miasm_util.py
@@ -6,6 +6,27 @@ from miasm.expression.simplifications import expr_simp_explicit
 
 from snapshot import ProgramState
 
+def simp_segm(expr_simp, expr: ExprOp):
+    """Simplify a segmentation expression to an addition of the segment
+    register's base value and the address argument.
+    """
+    import miasm.arch.x86.regs as regs
+
+    base_regs = {
+        regs.FS: ExprId('fs_base', 64),
+        regs.GS: ExprId('gs_base', 64),
+    }
+
+    if expr.op == 'segm':
+        segm, addr = expr.args
+        assert(segm == regs.FS or segm == regs.GS)
+        return expr_simp(base_regs[segm] + addr)
+    return expr
+
+# The expression simplifier used in this module
+expr_simp = expr_simp_explicit
+expr_simp.enable_passes({ExprOp: [simp_segm]})
+
 class MiasmConcreteState:
     miasm_flag_aliases = {
         'NF':     'SF',
@@ -49,7 +70,7 @@ def eval_expr(expr: Expr, conc_state: MiasmConcreteState) -> int:
         raise TypeError("Unknown expr type")
 
     ret = visitor(expr, conc_state)
-    ret = expr_simp_explicit(ret)
+    ret = expr_simp(ret)
     assert(ret is not None)
 
     return ret