diff options
| author | Fabrice Desclaux <fabrice.desclaux@cea.fr> | 2018-05-17 09:50:28 +0200 |
|---|---|---|
| committer | Fabrice Desclaux <fabrice.desclaux@cea.fr> | 2018-05-17 12:30:04 +0200 |
| commit | 53273fa3b21e618cd9cc745624787450bc441476 (patch) | |
| tree | 244766e52d6fd83917de117ee3c14b830de8cb84 | |
| parent | 6f7fbfb8b57c6a7dc382361520ab34c6d428b881 (diff) | |
| download | miasm-53273fa3b21e618cd9cc745624787450bc441476.tar.gz miasm-53273fa3b21e618cd9cc745624787450bc441476.zip | |
Jitter: fix bad block management
Diffstat (limited to '')
| -rw-r--r-- | miasm2/jitter/jitcore.py | 42 | ||||
| -rw-r--r-- | test/jitter/bad_block.py | 44 | ||||
| -rw-r--r-- | test/jitter/jmp_out_mem.py | 47 | ||||
| -rw-r--r-- | test/jitter/test_post_instr.py | 5 | ||||
| -rwxr-xr-x | test/test_all.py | 2 |
5 files changed, 119 insertions, 21 deletions
diff --git a/miasm2/jitter/jitcore.py b/miasm2/jitter/jitcore.py index f2b1375d..4402ef49 100644 --- a/miasm2/jitter/jitcore.py +++ b/miasm2/jitter/jitcore.py @@ -17,7 +17,7 @@ # from hashlib import md5 -from miasm2.core import asmblock +from miasm2.core.asmblock import disasmEngine, AsmLabel, AsmBlockBad from miasm2.core.interval import interval from miasm2.core.utils import BoundedDict from miasm2.jitter.csts import * @@ -57,13 +57,15 @@ class JitCore(object): "max_exec_per_call": 0 # 0 means no limit } - self.mdis = asmblock.disasmEngine(ir_arch.arch, ir_arch.attrib, bs, - lines_wd=self.options["jit_maxline"], - symbol_pool=ir_arch.symbol_pool, - follow_call=False, - dontdis_retcall=False, - split_dis=self.split_dis, - dis_block_callback=self.disasm_cb) + self.mdis = disasmEngine( + ir_arch.arch, ir_arch.attrib, bs, + lines_wd=self.options["jit_maxline"], + symbol_pool=ir_arch.symbol_pool, + follow_call=False, + dontdis_retcall=False, + split_dis=self.split_dis, + dis_block_callback=self.disasm_cb + ) def set_options(self, **kwargs): @@ -135,7 +137,7 @@ class JitCore(object): """ # Get the block - if isinstance(addr, asmblock.AsmLabel): + if isinstance(addr, AsmLabel): addr = addr.offset # Prepare disassembler @@ -143,13 +145,9 @@ class JitCore(object): self.mdis.dis_block_callback = self.disasm_cb # Disassemble it - try: - cur_block = self.mdis.dis_block(addr) - except IOError: - # vm_exception_flag is set - label = self.ir_arch.symbol_pool.getby_offset_create(addr) - cur_block = asmblock.AsmBlockBad(label) - + cur_block = self.mdis.dis_block(addr) + if isinstance(cur_block, AsmBlockBad): + return cur_block # Logging if self.log_newbloc: print cur_block @@ -165,6 +163,7 @@ class JitCore(object): # Update jitcode mem range self.add_bloc_to_mem_interval(vm, cur_block) + return cur_block def runbloc(self, cpu, lbl, breakpoints): """Run the block starting at lbl. @@ -177,7 +176,16 @@ class JitCore(object): if not lbl in self.lbl2jitbloc: # Need to JiT the block - self.disbloc(lbl, cpu.vmmngr) + cur_block = self.disbloc(lbl, cpu.vmmngr) + if isinstance(cur_block, AsmBlockBad): + errno = cur_block.errno + if errno == AsmBlockBad.ERROR_IO: + cpu.vmmngr.set_exception(EXCEPT_ACCESS_VIOL) + elif errno == AsmBlockBad.ERROR_CANNOT_DISASM: + cpu.set_exception(EXCEPT_UNK_MNEMO) + else: + raise RuntimeError("Unhandled disasm result %r" % errno) + return lbl # Run the block and update cpu/vmmngr state return self.exec_wrapper(lbl, cpu, self.lbl2jitbloc.data, breakpoints, diff --git a/test/jitter/bad_block.py b/test/jitter/bad_block.py new file mode 100644 index 00000000..04c1f475 --- /dev/null +++ b/test/jitter/bad_block.py @@ -0,0 +1,44 @@ +import sys +from miasm2.jitter.csts import PAGE_READ, PAGE_WRITE, EXCEPT_UNK_MNEMO +from miasm2.analysis.machine import Machine + +def code_sentinelle(jitter): + jitter.run = False + jitter.pc = 0 + return True + +machine = Machine("x86_32") +jitter = machine.jitter(sys.argv[1]) + +jitter.init_stack() + +# nop +# mov eax, 0x42 +# XX +data = "90b842000000ffff90909090".decode('hex') + +# Will raise memory error at 0x40000006 + +error_raised = False +def raise_me(jitter): + global error_raised + error_raised = True + assert jitter.pc == 0x40000006 + return False + +jitter.add_exception_handler(EXCEPT_UNK_MNEMO, raise_me) + +run_addr = 0x40000000 + +jitter.vm.add_memory_page(run_addr, PAGE_READ | PAGE_WRITE, data) + +jitter.jit.log_regs = True +jitter.jit.log_mn = True +jitter.push_uint32_t(0x1337beef) + +jitter.add_breakpoint(0x1337beef, code_sentinelle) + +jitter.init_run(run_addr) +jitter.continue_run() + +assert error_raised is True diff --git a/test/jitter/jmp_out_mem.py b/test/jitter/jmp_out_mem.py new file mode 100644 index 00000000..49da16ad --- /dev/null +++ b/test/jitter/jmp_out_mem.py @@ -0,0 +1,47 @@ +import sys +from miasm2.jitter.csts import PAGE_READ, PAGE_WRITE, EXCEPT_ACCESS_VIOL +from miasm2.analysis.machine import Machine + +def code_sentinelle(jitter): + jitter.run = False + jitter.pc = 0 + return True + + +machine = Machine("x86_32") +jitter = machine.jitter(sys.argv[1]) + +jitter.init_stack() + +# nop +# mov eax, 0x42 +# jmp 0x20 + +data = "90b842000000eb20".decode('hex') + +# Will raise memory error at 0x40000028 + +error_raised = False +def raise_me(jitter): + global error_raised + error_raised = True + assert jitter.pc == 0x40000028 + return False + +jitter.add_exception_handler(EXCEPT_ACCESS_VIOL, raise_me) + + +run_addr = 0x40000000 + +jitter.vm.add_memory_page(run_addr, PAGE_READ | PAGE_WRITE, data) + +jitter.jit.log_regs = True +jitter.jit.log_mn = True +jitter.push_uint32_t(0x1337beef) + +jitter.add_breakpoint(0x1337beef, code_sentinelle) + +jitter.init_run(run_addr) +jitter.continue_run() + +assert error_raised is True diff --git a/test/jitter/test_post_instr.py b/test/jitter/test_post_instr.py index 3e68d58e..edf86645 100644 --- a/test/jitter/test_post_instr.py +++ b/test/jitter/test_post_instr.py @@ -1,6 +1,6 @@ +import sys from miasm2.analysis.machine import Machine from miasm2.jitter.csts import PAGE_READ, PAGE_WRITE, EXCEPT_BREAKPOINT_MEMORY, EXCEPT_ACCESS_VIOL -import sys machine = Machine("x86_32") jitter = machine.jitter(sys.argv[1]) @@ -41,6 +41,3 @@ try: jitter.continue_run() except AssertionError: assert jitter.vm.get_exception() == EXCEPT_ACCESS_VIOL -except RuntimeError: - assert sys.argv[1] == 'python' - assert jitter.vm.get_exception() == EXCEPT_ACCESS_VIOL diff --git a/test/test_all.py b/test/test_all.py index f9c90759..b1e36573 100755 --- a/test/test_all.py +++ b/test/test_all.py @@ -380,6 +380,8 @@ for script in ["jitload.py", "vm_mngr.py", "jit_options.py", "test_post_instr.py", + "bad_block.py", + "jmp_out_mem.py", ]: for engine in ArchUnitTest.jitter_engines: testset += RegressionTest([script, engine], base_dir="jitter", |