about summary refs log tree commit diff stats
path: root/example/jitter/test_x86_32_seh.py
diff options
context:
space:
mode:
authorFabrice Desclaux <fabrice.desclaux@cea.fr>2016-08-11 12:54:07 +0200
committerFabrice Desclaux <fabrice.desclaux@cea.fr>2016-08-31 18:34:24 +0200
commit2858e916f35f0469baeea23632ddd8befdd7ca5d (patch)
treed8ad86407e24ae9435ca4ca344ae7ec61e8568d2 /example/jitter/test_x86_32_seh.py
parent39b1c59354395006deebcc5a93455e23b9596577 (diff)
downloadmiasm-2858e916f35f0469baeea23632ddd8befdd7ca5d.tar.gz
miasm-2858e916f35f0469baeea23632ddd8befdd7ca5d.zip
Tests: add win seh test
Diffstat (limited to 'example/jitter/test_x86_32_seh.py')
-rw-r--r--example/jitter/test_x86_32_seh.py56


1 files changed, 56 insertions, 0 deletions
diff --git a/example/jitter/test_x86_32_seh.py b/example/jitter/test_x86_32_seh.py
new file mode 100644
index 00000000..5277807d
--- /dev/null
+++ b/example/jitter/test_x86_32_seh.py
@@ -0,0 +1,56 @@
+import os
+from pdb import pm
+from miasm2.analysis.sandbox import Sandbox_Win_x86_32
+from miasm2.os_dep import win_api_x86_32_seh
+from miasm2.jitter.csts import *
+
+def deal_exception_access_violation(jitter):
+    jitter.pc = win_api_x86_32_seh.fake_seh_handler(jitter, win_api_x86_32_seh.EXCEPTION_ACCESS_VIOLATION)
+    return True
+
+def deal_exception_breakpoint(jitter):
+    jitter.pc = win_api_x86_32_seh.fake_seh_handler(jitter, win_api_x86_32_seh.EXCEPTION_BREAKPOINT)
+    return True
+
+def deal_exception_div(jitter):
+    jitter.pc = win_api_x86_32_seh.fake_seh_handler(jitter, win_api_x86_32_seh.EXCEPTION_INT_DIVIDE_BY_ZERO)
+    return True
+
+def deal_exception_privileged_instruction(jitter):
+    jitter.pc = win_api_x86_32_seh.fake_seh_handler(jitter, win_api_x86_32_seh.EXCEPTION_PRIV_INSTRUCTION)
+    return True
+
+def deal_exception_illegal_instruction(jitter):
+    jitter.pc = win_api_x86_32_seh.fake_seh_handler(jitter, win_api_x86_32_seh.EXCEPTION_ILLEGAL_INSTRUCTION)
+    return True
+
+
+def return_from_seh(jitter):
+    win_api_x86_32_seh.return_from_seh(jitter)
+    return True
+
+# Insert here user defined methods
+
+# Parse arguments
+parser = Sandbox_Win_x86_32.parser(description="PE sandboxer")
+parser.add_argument("filename", help="PE Filename")
+options = parser.parse_args()
+options.usesegm = True
+options.use_seh = True
+
+# Create sandbox
+sb = Sandbox_Win_x86_32(options.filename, options, globals())
+
+# Install Windows SEH callbacks
+sb.jitter.add_exception_handler(EXCEPT_ACCESS_VIOL, deal_exception_access_violation)
+sb.jitter.add_exception_handler(EXCEPT_SOFT_BP, deal_exception_breakpoint)
+sb.jitter.add_exception_handler(EXCEPT_DIV_BY_ZERO, deal_exception_div)
+sb.jitter.add_exception_handler(1<<17, deal_exception_privileged_instruction)
+sb.jitter.add_exception_handler(EXCEPT_UNK_MNEMO, deal_exception_illegal_instruction)
+
+sb.jitter.add_breakpoint(win_api_x86_32_seh.return_from_exception, return_from_seh)
+
+# Run
+sb.run()
+
+assert(sb.jitter.run is False)