mirrors
/
unicorn
mirror of https://github.com/unicorn-engine/unicorn
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge QDucasse:x86_hook_address for tests

This commit is contained in:
lazymio 2022-05-20 13:07:49 +02:00
parent c1a391cb6b 38dfd69309
commit 0d41d4bbb2
No known key found for this signature in database
GPG Key ID: DFF27E34A47CB873
3 changed files with 262 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
tests/unit/test_arm64.c
View File

@ -195,10 +195,98 @@ static void test_arm64_mrs_hook(void)
OK(uc_close(uc));
}
static void test_arm64_correct_address_in_small_jump_hook_callback(uc_engine *uc, int type, uint64_t address, int size, int64_t value, void *user_data)
{
// Check registers
uint64_t r_x0 = 0x0;
uint64_t r_pc = 0x0;
OK(uc_reg_read(uc, UC_ARM64_REG_X0, &r_x0));
OK(uc_reg_read(uc, UC_ARM64_REG_PC, &r_pc));
TEST_CHECK(r_x0 == 0x7F00);
TEST_CHECK(r_pc == 0x7F00);
// Check address
// printf("%lx\n", address);
TEST_CHECK(address == 0x7F00);
}
static void test_arm64_correct_address_in_small_jump_hook(void)
{
uc_engine *uc;
// mov x0, 0x7F00;
// br x0
char code[] = "\x00\xe0\x8f\xd2\x00\x00\x1f\xd6";
uint64_t r_x0 = 0x0;
uint64_t r_pc = 0x0;
uc_hook hook;
uc_common_setup(&uc, UC_ARCH_ARM64, UC_MODE_ARM, code, sizeof(code) - 1, UC_CPU_ARM64_A72);
OK(uc_hook_add(uc, &hook, UC_HOOK_MEM_UNMAPPED, test_arm64_correct_address_in_small_jump_hook_callback, NULL, 1, 0));
uc_assert_err(
UC_ERR_FETCH_UNMAPPED,
uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
OK(uc_reg_read(uc, UC_ARM64_REG_X0, &r_x0));
OK(uc_reg_read(uc, UC_ARM64_REG_PC, &r_pc));
TEST_CHECK(r_x0 == 0x7F00);
TEST_CHECK(r_pc == 0x7F00);
OK(uc_close(uc));
}
static void test_arm64_correct_address_in_long_jump_hook_callback(uc_engine *uc, int type, uint64_t address, int size, int64_t value, void *user_data)
{
// Check registers
uint64_t r_x0 = 0x0;
uint64_t r_pc = 0x0;
OK(uc_reg_read(uc, UC_ARM64_REG_X0, &r_x0));
OK(uc_reg_read(uc, UC_ARM64_REG_PC, &r_pc));
TEST_CHECK(r_x0 == 0x7FFFFFFFFFFFFF00);
TEST_CHECK(r_pc == 0x7FFFFFFFFFFFFF00);
// Check address
// printf("%lx\n", address);
TEST_CHECK(address == 0x7FFFFFFFFFFFFF00);
}
static void test_arm64_correct_address_in_long_jump_hook(void)
{
uc_engine *uc;
// mov x0, 0x7FFFFFFFFFFFFF00;
// br x0
char code[] = "\xe0\xdb\x78\xb2\x00\x00\x1f\xd6";
uint64_t r_x0 = 0x0;
uint64_t r_pc = 0x0;
uc_hook hook;
uc_common_setup(&uc, UC_ARCH_ARM64, UC_MODE_ARM, code, sizeof(code) - 1, UC_CPU_ARM64_A72);
OK(uc_hook_add(uc, &hook, UC_HOOK_MEM_UNMAPPED, test_arm64_correct_address_in_long_jump_hook_callback, NULL, 1, 0));
uc_assert_err(
UC_ERR_FETCH_UNMAPPED,
uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
OK(uc_reg_read(uc, UC_ARM64_REG_X0, &r_x0));
OK(uc_reg_read(uc, UC_ARM64_REG_PC, &r_pc));
TEST_CHECK(r_x0 == 0x7FFFFFFFFFFFFF00);
TEST_CHECK(r_pc == 0x7FFFFFFFFFFFFF00);
OK(uc_close(uc));
}
TEST_LIST = {{"test_arm64_until", test_arm64_until},
{"test_arm64_code_patching", test_arm64_code_patching},
{"test_arm64_code_patching_count", test_arm64_code_patching_count},
{"test_arm64_v8_pac", test_arm64_v8_pac},
{"test_arm64_read_sctlr", test_arm64_read_sctlr},
{"test_arm64_mrs_hook", test_arm64_mrs_hook},
{"test_arm64_correct_address_in_small_jump_hook", test_arm64_correct_address_in_small_jump_hook},
{"test_arm64_correct_address_in_long_jump_hook", test_arm64_correct_address_in_long_jump_hook},
{NULL, NULL}};

87
tests/unit/test_riscv.c
View File

@ -537,6 +537,91 @@ static void test_riscv64_mmio_map(void)
OK(uc_close(uc));
}
static void test_riscv_correct_address_in_small_jump_hook_callback(uc_engine *uc, int type, uint64_t address, int size, int64_t value, void *user_data)
{
// Check registers
uint64_t r_x5 = 0x0;
uint64_t r_pc = 0x0;
OK(uc_reg_read(uc, UC_RISCV_REG_X5, &r_x5));
OK(uc_reg_read(uc, UC_RISCV_REG_PC, &r_pc));
TEST_CHECK(r_x5 == 0x7F00);
TEST_CHECK(r_pc == 0x7F00);
// Check address
// printf("%lx\n", address);
TEST_CHECK(address == 0x7F00);
}
static void test_riscv_correct_address_in_small_jump_hook(void)
{
uc_engine *uc;
// li 0x7F00, x5 > lui t0, 8; addiw t0, t0, -256;
// jr x5
char code[] = "\xb7\x82\x00\x00\x9b\x82\x02\xf0\x67\x80\x02\x00";
uint64_t r_x5 = 0x0;
uint64_t r_pc = 0x0;
uc_hook hook;
uc_common_setup(&uc, UC_ARCH_RISCV, UC_MODE_RISCV64, code, sizeof(code) - 1);
OK(uc_hook_add(uc, &hook, UC_HOOK_MEM_UNMAPPED, test_riscv_correct_address_in_small_jump_hook_callback, NULL, 1, 0));
uc_assert_err(
UC_ERR_FETCH_UNMAPPED,
uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
OK(uc_reg_read(uc, UC_RISCV_REG_X5, &r_x5));
OK(uc_reg_read(uc, UC_RISCV_REG_PC, &r_pc));
TEST_CHECK(r_x5 == 0x7F00);
TEST_CHECK(r_pc == 0x7F00);
OK(uc_close(uc));
}
static void test_riscv_correct_address_in_long_jump_hook_callback(uc_engine *uc, int type, uint64_t address, int size, int64_t value, void *user_data)
{
// Check registers
uint64_t r_x5 = 0x0;
uint64_t r_pc = 0x0;
OK(uc_reg_read(uc, UC_RISCV_REG_X5, &r_x5));
OK(uc_reg_read(uc, UC_RISCV_REG_PC, &r_pc));
TEST_CHECK(r_x5 == 0x7FFFFFFFFFFFFF00);
TEST_CHECK(r_pc == 0x7FFFFFFFFFFFFF00);
// Check address
// printf("%lx\n", address);
TEST_CHECK(address == 0x7FFFFFFFFFFFFF00);
}
static void test_riscv_correct_address_in_long_jump_hook(void)
{
uc_engine *uc;
// li 0x7FFFFFFFFFFFFF00, x5 > addi t0, zero, -1; slli t0, t0, 63; addi t0, t0, -256;
// jr x5
char code[] = "\x93\x02\xf0\xff\x93\x92\xf2\x03\x93\x82\x02\xf0\x67\x80\x02\x00";
uint64_t r_x5 = 0x0;
uint64_t r_pc = 0x0;
uc_hook hook;
uc_common_setup(&uc, UC_ARCH_RISCV, UC_MODE_RISCV64, code, sizeof(code) - 1);
OK(uc_hook_add(uc, &hook, UC_HOOK_MEM_UNMAPPED, test_riscv_correct_address_in_long_jump_hook_callback, NULL, 1, 0));
uc_assert_err(
UC_ERR_FETCH_UNMAPPED,
uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
OK(uc_reg_read(uc, UC_RISCV_REG_X5, &r_x5));
OK(uc_reg_read(uc, UC_RISCV_REG_PC, &r_pc));
TEST_CHECK(r_x5 == 0x7FFFFFFFFFFFFF00);
TEST_CHECK(r_pc == 0x7FFFFFFFFFFFFF00);
OK(uc_close(uc));
}
TEST_LIST = {
{"test_riscv32_nop", test_riscv32_nop},
{"test_riscv64_nop", test_riscv64_nop},
@ -556,4 +641,6 @@ TEST_LIST = {
{"test_riscv32_map", test_riscv32_map},
{"test_riscv64_code_patching", test_riscv64_code_patching},
{"test_riscv64_code_patching_count", test_riscv64_code_patching_count},
{"test_riscv_correct_address_in_small_jump_hook", test_riscv_correct_address_in_small_jump_hook},
{"test_riscv_correct_address_in_long_jump_hook", test_riscv_correct_address_in_long_jump_hook},
{NULL, NULL}};

87
tests/unit/test_x86.c
View File

@ -1010,6 +1010,91 @@ static void test_x86_nested_uc_emu_start_exits(void)
OK(uc_close(uc));
}
static void test_x86_correct_address_in_small_jump_hook_callback(uc_engine *uc, int type, uint64_t address, int size, int64_t value, void *user_data)
{
// Check registers
uint64_t r_rax = 0x0;
uint64_t r_rip = 0x0;
OK(uc_reg_read(uc, UC_X86_REG_RAX, &r_rax));
OK(uc_reg_read(uc, UC_X86_REG_RIP, &r_rip));
TEST_CHECK(r_rax == 0x7F00);
TEST_CHECK(r_rip == 0x7F00);
// Check address
// printf("%lx\n", address);
TEST_CHECK(address == 0x7F00);
}
static void test_x86_correct_address_in_small_jump_hook(void)
{
uc_engine *uc;
// movabs $0x7F00, %rax
// jmp *%rax
char code[] = "\x48\xb8\x00\x7F\x00\x00\x00\x00\x00\x00\xff\xe0";
uint64_t r_rax = 0x0;
uint64_t r_rip = 0x0;
uc_hook hook;
uc_common_setup(&uc, UC_ARCH_X86, UC_MODE_64, code, sizeof(code) - 1);
OK(uc_hook_add(uc, &hook, UC_HOOK_MEM_UNMAPPED, test_x86_correct_address_in_small_jump_hook_callback, NULL, 1, 0));
uc_assert_err(
UC_ERR_FETCH_UNMAPPED,
uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
OK(uc_reg_read(uc, UC_X86_REG_RAX, &r_rax));
OK(uc_reg_read(uc, UC_X86_REG_RIP, &r_rip));
TEST_CHECK(r_rax == 0x7F00);
TEST_CHECK(r_rip == 0x7F00);
OK(uc_close(uc));
}
static void test_x86_correct_address_in_long_jump_hook_callback(uc_engine *uc, int type, uint64_t address, int size, int64_t value, void *user_data)
{
// Check registers
uint64_t r_rax = 0x0;
uint64_t r_rip = 0x0;
OK(uc_reg_read(uc, UC_X86_REG_RAX, &r_rax));
OK(uc_reg_read(uc, UC_X86_REG_RIP, &r_rip));
TEST_CHECK(r_rax == 0x7FFFFFFFFFFFFF00);
TEST_CHECK(r_rip == 0x7FFFFFFFFFFFFF00);
// Check address
// printf("%lx\n", address);
TEST_CHECK(address == 0x7FFFFFFFFFFFFF00);
}
static void test_x86_correct_address_in_long_jump_hook(void)
{
uc_engine *uc;
// movabs $0x7FFFFFFFFFFFFF00, %rax
// jmp *%rax
char code[] = "\x48\xb8\x00\xff\xff\xff\xff\xff\xff\x7f\xff\xe0";
uint64_t r_rax = 0x0;
uint64_t r_rip = 0x0;
uc_hook hook;
uc_common_setup(&uc, UC_ARCH_X86, UC_MODE_64, code, sizeof(code) - 1);
OK(uc_hook_add(uc, &hook, UC_HOOK_MEM_UNMAPPED, test_x86_correct_address_in_long_jump_hook_callback, NULL, 1, 0));
uc_assert_err(
UC_ERR_FETCH_UNMAPPED,
uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
OK(uc_reg_read(uc, UC_X86_REG_RAX, &r_rax));
OK(uc_reg_read(uc, UC_X86_REG_RIP, &r_rip));
TEST_CHECK(r_rax == 0x7FFFFFFFFFFFFF00);
TEST_CHECK(r_rip == 0x7FFFFFFFFFFFFF00);
OK(uc_close(uc));
}
TEST_LIST = {
{"test_x86_in", test_x86_in},
{"test_x86_out", test_x86_out},
@ -1043,4 +1128,6 @@ TEST_LIST = {
{"test_x86_eflags_reserved_bit", test_x86_eflags_reserved_bit},
{"test_x86_nested_uc_emu_start_exits", test_x86_nested_uc_emu_start_exits},
{"test_x86_clear_count_cache", test_x86_clear_count_cache},
{"test_x86_correct_address_in_small_jump_hook", test_x86_correct_address_in_small_jump_hook},
{"test_x86_correct_address_in_long_jump_hook", test_x86_correct_address_in_long_jump_hook},
{NULL, NULL}};