about summary refs log tree commit diff stats
path: root/miasm2/ir/symbexec.py
diff options
context:
space:
mode:
Diffstat (limited to 'miasm2/ir/symbexec.py')
-rw-r--r--miasm2/ir/symbexec.py56
1 files changed, 34 insertions, 22 deletions
diff --git a/miasm2/ir/symbexec.py b/miasm2/ir/symbexec.py
index 4070f261..9ab455da 100644
--- a/miasm2/ir/symbexec.py
+++ b/miasm2/ir/symbexec.py
@@ -2,10 +2,9 @@ import warnings
 import logging
 from collections import MutableMapping
 
-from miasm2.expression.expression import ExprOp, ExprId, ExprInt, ExprMem, \
-    ExprCompose, ExprSlice, ExprCond, ExprAff
+from miasm2.expression.expression import ExprOp, ExprId, ExprLoc, ExprInt, \
+    ExprMem, ExprCompose, ExprSlice, ExprCond
 from miasm2.expression.simplifications import expr_simp
-from miasm2.core import asmblock
 from miasm2.ir.ir import AssignBlock
 
 log = logging.getLogger("symbexec")
@@ -15,15 +14,16 @@ log.addHandler(console_handler)
 log.setLevel(logging.INFO)
 
 
-def get_block(ir_arch, mdis, addr):
+def get_block(ir_arch, ircfg, mdis, addr):
     """Get IRBlock at address @addr"""
-    lbl = ir_arch.get_label(addr)
-    if not lbl in ir_arch.blocks:
-        block = mdis.dis_block(lbl.offset)
-        ir_arch.add_block(block)
-    irblock = ir_arch.get_block(lbl)
+    loc_key = ircfg.get_or_create_loc_key(addr)
+    if not loc_key in ircfg.blocks:
+        offset = mdis.loc_db.get_location_offset(loc_key)
+        block = mdis.dis_block(offset)
+        ir_arch.add_asmblock_to_ircfg(block, ircfg)
+    irblock = ircfg.get_block(loc_key)
     if irblock is None:
-        raise LookupError('No block found at that address: %s' % lbl)
+        raise LookupError('No block found at that address: %s' % ir_arch.loc_db.pretty_str(loc_key))
     return irblock
 
 
@@ -804,7 +804,7 @@ class SymbolicExecutionEngine(object):
 
     StateEngine = SymbolicState
 
-    def __init__(self, ir_arch, state,
+    def __init__(self, ir_arch, state=None,
                  func_read=None,
                  func_write=None,
                  sb_expr_simp=expr_simp):
@@ -812,6 +812,7 @@ class SymbolicExecutionEngine(object):
         self.expr_to_visitor = {
             ExprInt: self.eval_exprint,
             ExprId: self.eval_exprid,
+            ExprLoc: self.eval_exprloc,
             ExprMem: self.eval_exprmem,
             ExprSlice: self.eval_exprslice,
             ExprCond: self.eval_exprcond,
@@ -819,6 +820,9 @@ class SymbolicExecutionEngine(object):
             ExprCompose: self.eval_exprcompose,
         }
 
+        if state is None:
+            state = {}
+
         self.symbols = SymbolMngr(addrsize=ir_arch.addrsize, expr_simp=expr_simp)
 
         for dst, src in state.iteritems():
@@ -885,10 +889,16 @@ class SymbolicExecutionEngine(object):
 
     def eval_exprid(self, expr, **kwargs):
         """[DEV]: Evaluate an ExprId using the current state"""
-        if isinstance(expr.name, asmblock.AsmLabel) and expr.name.offset is not None:
-            ret = ExprInt(expr.name.offset, expr.size)
+        ret = self.symbols.read(expr)
+        return ret
+
+    def eval_exprloc(self, expr, **kwargs):
+        """[DEV]: Evaluate an ExprLoc using the current state"""
+        offset = self.ir_arch.loc_db.get_location_offset(expr.loc_key)
+        if offset is not None:
+            ret = ExprInt(offset, expr.size)
         else:
-            ret = self.symbols.read(expr)
+            ret = expr
         return ret
 
     def eval_exprmem(self, expr, **kwargs):
@@ -953,7 +963,7 @@ class SymbolicExecutionEngine(object):
         @mems: track mems only
         """
         if init_state is None:
-            init_state = self.ir_arch.arch.regs.regs_init
+            init_state = {}
         if ids:
             for variable, value in self.symbols.symbols_id.iteritems():
                 if variable in init_state and init_state[variable] == value:
@@ -1040,31 +1050,33 @@ class SymbolicExecutionEngine(object):
                 self.dump(mems=False)
                 self.dump(ids=False)
                 print '_' * 80
-        return self.eval_expr(self.ir_arch.IRDst)
+        dst = self.eval_expr(self.ir_arch.IRDst)
+
+        return dst
 
-    def run_block_at(self, addr, step=False):
+    def run_block_at(self, ircfg, addr, step=False):
         """
         Symbolic execution of the block at @addr
         @addr: address to execute (int or ExprInt or label)
         @step: display intermediate steps
         """
-        irblock = self.ir_arch.get_block(addr)
+        irblock = ircfg.get_block(addr)
         if irblock is not None:
             addr = self.eval_updt_irblock(irblock, step=step)
         return addr
 
-    def run_at(self, addr, lbl_stop=None, step=False):
+    def run_at(self, ircfg, addr, lbl_stop=None, step=False):
         """
         Symbolic execution starting at @addr
         @addr: address to execute (int or ExprInt or label)
-        @lbl_stop: AsmLabel to stop execution on
+        @lbl_stop: LocKey to stop execution on
         @step: display intermediate steps
         """
         while True:
-            irblock = self.ir_arch.get_block(addr)
+            irblock = ircfg.get_block(addr)
             if irblock is None:
                 break
-            if irblock.label == lbl_stop:
+            if irblock.loc_key == lbl_stop:
                 break
             addr = self.eval_updt_irblock(irblock, step=step)
         return addr