diff options
| author | Fabrice Desclaux <fabrice.desclaux@cea.fr> | 2019-11-02 22:24:23 +0100 |
|---|---|---|
| committer | Fabrice Desclaux <fabrice.desclaux@cea.fr> | 2019-11-12 15:10:44 +0100 |
| commit | 4dc802e3544e669cfea1d6be8a01ca2a2600dfef (patch) | |
| tree | 96a79b40469c1db9201ca46b210503d4dcf378c5 /example | |
| parent | 83e54bd2de945a36ab5ccd4cc5b94817d7cb0112 (diff) | |
| download | miasm-4dc802e3544e669cfea1d6be8a01ca2a2600dfef.tar.gz miasm-4dc802e3544e669cfea1d6be8a01ca2a2600dfef.zip | |
Clear get_str_* API
get_str_ansi decoded strings using utf8 and was blindly used for pure windows function (LoadLibraryA) and for stdlib functions (printf, strlen, ...) even if strlen does not use utf8... New API is: get_win_str_a/get_win_str_w and set_win_str_a/set_win_str_w for windows (respectively codepage1252/windows utf16) .Those functions should only be used in windows strings manipulations, so there are taken out of the jitter. get_c_str/set_c_str: as those functions are "classic" in OSes, they are keeped in the jitter.
Diffstat (limited to 'example')
| -rw-r--r-- | example/jitter/unpack_upx.py | 4 | ||||
| -rw-r--r-- | example/symbol_exec/dse_crackme.py | 7 |
2 files changed, 7 insertions, 4 deletions
diff --git a/example/jitter/unpack_upx.py b/example/jitter/unpack_upx.py index 3b8125f4..baa6f0bb 100644 --- a/example/jitter/unpack_upx.py +++ b/example/jitter/unpack_upx.py @@ -5,6 +5,8 @@ from pdb import pm from miasm.loader import pe from miasm.analysis.sandbox import Sandbox_Win_x86_32 +from miasm.os_dep.common import get_win_str_a + # User defined methods def kernel32_GetProcAddress(jitter): @@ -17,7 +19,7 @@ def kernel32_GetProcAddress(jitter): # Handle ordinal imports fname = (args.fname if args.fname < 0x10000 - else jitter.get_str_ansi(args.fname)) + else get_win_str_a(jitter, args.fname)) logging.error(fname) # Get the generated address of the library, and store it in memory to diff --git a/example/symbol_exec/dse_crackme.py b/example/symbol_exec/dse_crackme.py index be9f4490..82a7af08 100644 --- a/example/symbol_exec/dse_crackme.py +++ b/example/symbol_exec/dse_crackme.py @@ -20,6 +20,7 @@ from miasm.core.utils import int_to_byte from miasm.jitter.csts import PAGE_READ, PAGE_WRITE from miasm.analysis.sandbox import Sandbox_Linux_x86_64 from miasm.expression.expression import * +from miasm.os_dep.win_api_x86_32 import get_win_str_a is_win = platform.system() == "Windows" @@ -37,7 +38,7 @@ def xxx_fopen(jitter): ''' global my_FILE_ptr ret_addr, args = jitter.func_args_systemv(['path', 'mode']) - fname = jitter.get_str_ansi(args.path) + fname = get_win_str_a(jitter, args.path) FILE_to_info[my_FILE_ptr] = FInfo(fname, open(fname, "rb")) my_FILE_ptr += 1 return jitter.func_ret_stdcall(ret_addr, my_FILE_ptr - 1) @@ -139,7 +140,7 @@ def xxx_fopen_symb(dse): mode = dse.eval_expr(regs.RSI) assert fname_addr.is_int() assert mode.is_int() - fname = dse.jitter.get_str_ansi(int(fname_addr)) + fname = get_win_str_a(dse.jitter, int(fname_addr)) ret_addr = ExprInt(dse.jitter.get_stack_arg(0), regs.RIP.size) assert len(FILE_to_info_symb) == 0 @@ -223,7 +224,7 @@ class FinishOn(Exception): super(FinishOn, self).__init__() def xxx_puts_symb(dse): - string = dse.jitter.get_str_ansi(dse.jitter.cpu.RDI) + string = get_win_str_a(dse.jitter, dse.jitter.cpu.RDI) raise FinishOn(string) |