George Hotz
510e1257c0
weirdest error, emit doesnt like tuples anymore
2016-01-27 18:19:45 +00:00
Ned Williamson
2385f8fc9a
don't assume registers are in reginfo if we ignore them. relabel r12 as ip: is this safe across the codebase? x86 well tested, arm is still pretty questionable quality ATM
2016-01-24 00:53:32 -05:00
Ned Williamson
cb1527687e
I'm going to be cleaning up that crappy thumb patch forever.
2015-12-16 20:36:20 -05:00
Ned Williamson
ded47fb203
dynamic instruction resolution in progress
2015-12-16 17:12:00 -05:00
Petercommand
743298aa44
limit port range of socat_port to 1-65534 since qira_config.FORK_PORT is assigned args.socat_port + 1
2015-12-07 01:36:08 +08:00
Ned Williamson
7c53e5339a
slightly cleaner keyboardinterrupt
2015-11-09 15:43:04 -05:00
Ned Williamson
b41354c2c8
inform user about pintool
2015-11-01 23:56:15 -05:00
George Hotz
1336a6e1f8
start static2 caching, shouldn't be deleted on exit
2015-09-04 00:02:24 -07:00
George Hotz
7c0621ac4b
add broken angr tracer
2015-09-03 14:18:07 +00:00
George Hotz
7b48cfd875
clean up the args for static
2015-08-27 22:58:16 +00:00
George Hotz
6e23c432ea
final solution to static, turned off by default but -S works to enable it
2015-08-27 08:19:35 +00:00
George Hotz
6bdf1809ca
refactor size, and add string naming
2015-08-26 02:35:00 +00:00
George Hotz
0173e8059f
going to demo static tomorrow, fix in trunk
2015-08-25 02:04:58 +00:00
Ryan Goulden
2fe015a71f
new image saving strategy
2015-08-22 01:07:44 -07:00
Tim Becker
1eeedd2eed
Account for branch delay slot in depth map
2015-08-16 18:09:54 -04:00
Ned Williamson
fa52eaeb5c
load new libraries from fetchlibs
2015-08-12 01:31:20 -04:00
Tim Becker
02e49b0f62
Add missing register
2015-08-11 23:00:43 -04:00
Tim Becker
d99025af5c
Add support for little endian mips
2015-08-11 22:24:36 -04:00
George Hotz
3f36b392bf
disable static by default, pushing to v3
2015-08-11 04:08:43 -07:00
George Hotz
9e63a7d834
bap days are over
2015-08-11 01:25:31 -07:00
Ned Williamson
3313476186
Merge pull request #107 from nedwill/fix_analyzer_crash
...
Fix Analyzer Crash
2015-03-29 15:26:01 -04:00
Ned Williamson
5f3e49bdb2
fix analyzer crash
2015-03-29 01:33:36 -04:00
Ned Williamson
4ba02adda0
Better handle recursion in depth map.
2015-03-28 20:58:11 -04:00
Tim Becker
ff0fe66c9e
Fixed reference to lib directory
2015-03-25 21:34:23 -04:00
George Hotz
58480ddc64
modified dir for pin as well
2015-03-24 00:48:35 -07:00
George Hotz
1aec90c6a4
move tracers into the tracers directory
2015-03-24 00:36:08 -07:00
Ned Williamson
c8b9a56c89
fix thumb bug on UI
2015-03-21 15:59:35 -04:00
Tim Becker
11f36176ef
Fixed bug where memory mapped regions would be incorrect when mapped with mmap2()
2015-03-19 17:21:24 -04:00
George Hotz
0564060a2c
fix the analysis using is_call instead of hacks
2015-03-16 22:13:53 -07:00
George Hotz
d722816883
it's time for static to be on by default
2015-03-16 21:44:09 -07:00
George Hotz
940f9fe971
switch bind address to 0.0.0.0
2015-03-16 21:32:03 -07:00
Ned Williamson
e0d14859d3
respect with_static
2015-03-11 01:25:32 -04:00
Ned Williamson
e0da2f9201
Don't rely on trace.maxclnum.
...
Using trace.maxclnum here makes sense, but if the analysis
thread takes a long time to process large binaries,
trace.maxclnum will be None and the loop body never gets
executed. We will go out of bounds using clend at the end
of the trace, but get_instruction will return None and so
we still see the desired behavior in the UI.
2015-03-09 19:29:34 -04:00
Ned Williamson
232dd8560b
run static analysis in a thread so interface starts
2015-03-09 19:27:28 -04:00
Ivan Gotovchits
222d6da4f0
Add BAP as backend.
...
This PR introduces bap as a backend for QIRA.
The backend is made optional, but is enabled by default.
This backend allows one to disassemble instructions for all platforms,
supported by LLVM (at the time of writing it is about 25 targets).
Also, to some platforms BAP will provide BIL and/or target specific
instructions, lifted to first class python values, as opposed to
strings.
A new instruction class is introduces, that will use BIL if available to
infer destinations, as well as to infer registers touched or modified by
the instruction. Using, BIL allows us to determine instructions like
`pop {r0, pc}` as calls, that, as a consequence, allows us to build a
more correct CFG. As a drawback on ARM platform the built CFG is so big,
that it takes a considerable amount of time just to draw it.
Since BAP can provide a reasonable analysis for all platforms, including
those that at the time of writing still doesn't have a BIL support, the
static analysis in QIRA will be always turned on.
BAP is installed using opam, and BAP Python bindings a downloaded
directly from the git repository using pip.
As a free bonus, this PR will also fix Travis CI issue.
2015-01-29 09:21:05 -05:00
tyler
994dee0616
removing extra debug print statement
2014-11-28 18:47:59 -05:00
tyler
6afb591a1c
Fixed an off by one bug in printing
2014-11-28 18:46:47 -05:00
George Hotz
beb20467de
fix fetch_memory
2014-11-28 19:42:37 +00:00
Tyler Nighswander
9d49fd3e72
Function argument detection is fancier now
2014-11-26 00:28:15 -08:00
Tyler Nighswander
2928a04ee9
Fixed some stupid bugs in displaying function call arguments
2014-11-23 01:46:34 -08:00
George Hotz
326e90dae1
quality
2014-11-23 09:31:16 +00:00
George Hotz
5724d241d5
merged
2014-11-23 09:26:43 +00:00
George Hotz
6c0e84bdf7
call hacks
2014-11-23 09:25:33 +00:00
Tyler Nighswander
8b288cc36e
Fixed up manual arg fixup to be a bit more user friendly.. we don't want to keep hacking to be TOO elite
2014-11-23 01:23:58 -08:00
George Hotz
bb7c23a16f
cda dead code
2014-11-23 08:58:20 +00:00
Tyler Nighswander
89860cdde6
Less crappy now, won't break on other archs (probably)
2014-11-23 00:24:17 -08:00
Tyler Nighswander
fe15741cfc
Merge branch 'master' of github.com:tylerni7/qira
...
Conflicts:
web/client/controls.js
2014-11-22 17:52:58 -08:00
Tyler Nighswander
1b5fd724e4
very hacky x86 specific stuff to dynamically detect arguments to functions
2014-11-22 17:51:41 -08:00
George Hotz
4671570b02
phantomjs tests yay
2014-11-23 01:43:08 +00:00
George Hotz
5b189b64e2
undefined works
2014-11-23 00:43:40 +00:00