diff options
| author | Fabrice Desclaux <fabrice.desclaux@cea.fr> | 2017-12-15 11:20:09 +0100 |
|---|---|---|
| committer | Fabrice Desclaux <fabrice.desclaux@cea.fr> | 2018-05-02 11:07:42 +0200 |
| commit | 919178aa0d80aafa701315ad028e85b61c952c1e (patch) | |
| tree | 2ca1a9d32afaf0eb571dda4c3b791e429a709abc /miasm2/analysis/sandbox.py | |
| parent | 6eace70b4ef781d77d4ad61c2b454ed21fffc7ca (diff) | |
| download | miasm-919178aa0d80aafa701315ad028e85b61c952c1e.tar.gz miasm-919178aa0d80aafa701315ad028e85b61c952c1e.zip | |
Update Mips runtime
Diffstat (limited to 'miasm2/analysis/sandbox.py')
| -rw-r--r-- | miasm2/analysis/sandbox.py | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/miasm2/analysis/sandbox.py b/miasm2/analysis/sandbox.py index 00865311..f29d1776 100644 --- a/miasm2/analysis/sandbox.py +++ b/miasm2/analysis/sandbox.py @@ -429,6 +429,20 @@ class Arch_armtl(Arch): self.jitter.init_stack() +class Arch_mips32b(Arch): + _ARCH_ = "mips32b" + STACK_SIZE = 0x100000 + STACK_BASE = 0x100000 + + def __init__(self, **kwargs): + super(Arch_mips32b, self).__init__(**kwargs) + + # Init stack + self.jitter.stack_size = self.STACK_SIZE + self.jitter.stack_base = self.STACK_BASE + self.jitter.init_stack() + + class Arch_aarch64l(Arch): _ARCH_ = "aarch64l" STACK_SIZE = 0x100000 @@ -745,6 +759,57 @@ class Sandbox_Linux_armtl(Sandbox, Arch_armtl, OS_Linux): super(self.__class__, self).call(prepare_cb, addr, *args) + +class Sandbox_Linux_mips32b(Sandbox, Arch_mips32b, OS_Linux): + + def __init__(self, *args, **kwargs): + Sandbox.__init__(self, *args, **kwargs) + + # Pre-stack some arguments + if self.options.mimic_env: + env_ptrs = [] + for env in self.envp: + env += "\x00" + self.jitter.cpu.SP -= len(env) + ptr = self.jitter.cpu.SP + self.jitter.vm.set_mem(ptr, env) + env_ptrs.append(ptr) + argv_ptrs = [] + for arg in self.argv: + arg += "\x00" + self.jitter.cpu.SP -= len(arg) + ptr = self.jitter.cpu.SP + self.jitter.vm.set_mem(ptr, arg) + argv_ptrs.append(ptr) + + self.jitter.push_uint32_t(0) + for ptr in reversed(env_ptrs): + self.jitter.push_uint32_t(ptr) + self.jitter.push_uint32_t(0) + for ptr in reversed(argv_ptrs): + self.jitter.push_uint32_t(ptr) + self.jitter.push_uint32_t(len(self.argv)) + + self.jitter.cpu.RA = 0x1337beef + + # Set the runtime guard + self.jitter.add_breakpoint(0x1337beef, self.__class__.code_sentinelle) + + def run(self, addr=None): + if addr is None and self.options.address is None: + addr = self.entry_point + super(Sandbox_Linux_mips32b, self).run(addr) + + def call(self, addr, *args, **kwargs): + """ + Direct call of the function at @addr, with arguments @args + @addr: address of the target function + @args: arguments + """ + prepare_cb = kwargs.pop('prepare_cb', self.jitter.func_prepare_systemv) + super(self.__class__, self).call(prepare_cb, addr, *args) + + class Sandbox_Linux_armb_str(Sandbox, Arch_armb, OS_Linux_str): def __init__(self, *args, **kwargs): |