From 21ffaf7d10801c7a89d8bfd0d9d26332ec22295a Mon Sep 17 00:00:00 2001 From: Chris Eagle Date: Fri, 6 Jan 2017 07:56:53 -0800 Subject: [PATCH] Java bindings (#709) * Remove glib from samples makefile * support new APIs * reimplement register batch mode interface * stop using deprecated java API --- .../java/samples/SampleNetworkAuditing.java | 24 +-- bindings/java/samples/Sample_arm.java | 22 +- bindings/java/samples/Sample_arm64.java | 10 +- bindings/java/samples/Sample_m68k.java | 92 ++++----- bindings/java/samples/Sample_mips.java | 12 +- bindings/java/samples/Sample_sparc.java | 10 +- bindings/java/samples/Sample_x86.java | 192 +++++++++--------- bindings/java/samples/Shellcode.java | 28 +-- bindings/java/unicorn/Unicorn.java | 160 ++++++++++----- bindings/java/unicorn_Unicorn.c | 79 ++++++- 10 files changed, 377 insertions(+), 252 deletions(-) diff --git a/bindings/java/samples/SampleNetworkAuditing.java b/bindings/java/samples/SampleNetworkAuditing.java index d28a210a..929ceb9c 100644 --- a/bindings/java/samples/SampleNetworkAuditing.java +++ b/bindings/java/samples/SampleNetworkAuditing.java @@ -67,11 +67,11 @@ public class SampleNetworkAuditing { if (intno != 0x80) { return; } - long eax = toInt(uc.reg_read(Unicorn.UC_X86_REG_EAX, 4)); - long ebx = toInt(uc.reg_read(Unicorn.UC_X86_REG_EBX, 4)); - long ecx = toInt(uc.reg_read(Unicorn.UC_X86_REG_ECX, 4)); - long edx = toInt(uc.reg_read(Unicorn.UC_X86_REG_EDX, 4)); - long eip = toInt(uc.reg_read(Unicorn.UC_X86_REG_EIP, 4)); + Long eax = (Long)uc.reg_read(Unicorn.UC_X86_REG_EAX); + Long ebx = (Long)uc.reg_read(Unicorn.UC_X86_REG_EBX); + Long ecx = (Long)uc.reg_read(Unicorn.UC_X86_REG_ECX); + Long edx = (Long)uc.reg_read(Unicorn.UC_X86_REG_EDX); + Long eip = (Long)uc.reg_read(Unicorn.UC_X86_REG_EIP); // System.out.printf(">>> INTERRUPT %d\n", toInt(eax)); @@ -112,8 +112,8 @@ public class SampleNetworkAuditing { long mode = edx; String filename = read_string(uc, filename_addr); - int dummy_fd = get_id(); - uc.reg_write(Unicorn.UC_X86_REG_EAX, toBytes(dummy_fd)); + Long dummy_fd = new Long(get_id()); + uc.reg_write(Unicorn.UC_X86_REG_EAX, dummy_fd); String msg = String.format("open file (filename=%s flags=%d mode=%d) with fd(%d)", filename, flags, mode, dummy_fd); @@ -133,8 +133,8 @@ public class SampleNetworkAuditing { } else if (eax == 102) { // sys_socketcall // ref: http://www.skyfree.org/linux/kernel_network/socket.html - long call = toInt(uc.reg_read(Unicorn.UC_X86_REG_EBX, 4)); - long args = toInt(uc.reg_read(Unicorn.UC_X86_REG_ECX, 4)); + Long call = (Long)uc.reg_read(Unicorn.UC_X86_REG_EBX); + Long args = (Long)uc.reg_read(Unicorn.UC_X86_REG_ECX); // int sys_socketcall(int call, unsigned long *args) if (call == 1) { // sys_socket @@ -144,8 +144,8 @@ public class SampleNetworkAuditing { long sock_type = toInt(uc.mem_read(args + SIZE_REG, SIZE_REG)); long protocol = toInt(uc.mem_read(args + SIZE_REG * 2, SIZE_REG)); - int dummy_fd = get_id(); - uc.reg_write(Unicorn.UC_X86_REG_EAX, toBytes(dummy_fd)); + Long dummy_fd = new Long(get_id()); + uc.reg_write(Unicorn.UC_X86_REG_EAX, dummy_fd.intValue()); if (family == 2) { // AF_INET String msg = String.format("create socket (%s, %s) with fd(%d)", ADDR_FAMILY.get(family), SOCKET_TYPES.get(sock_type), dummy_fd); @@ -401,7 +401,7 @@ public class SampleNetworkAuditing { mu.mem_write(ADDRESS, code); // initialize stack - mu.reg_write(Unicorn.UC_X86_REG_ESP, toBytes(ADDRESS + 0x200000)); + mu.reg_write(Unicorn.UC_X86_REG_ESP, new Long(ADDRESS + 0x200000)); // handle interrupt ourself mu.hook_add(new MyInterruptHook(), null); diff --git a/bindings/java/samples/Sample_arm.java b/bindings/java/samples/Sample_arm.java index b0e3cbb3..a4bd1952 100644 --- a/bindings/java/samples/Sample_arm.java +++ b/bindings/java/samples/Sample_arm.java @@ -40,10 +40,10 @@ public class Sample_arm { static void test_arm() { - byte[] r0 = {0x34, 0x12, 0, 0}; // R0 register - byte[] r2 = {(byte)0x89, 0x67, 0, 0}; // R1 register - byte[] r3 = {0x33, 0x33, 0, 0}; // R2 register - byte[] r1; // R1 register + Long r0 = new Long(0x1234); // R0 register + Long r2 = new Long(0x6789); // R1 register + Long r3 = new Long(0x3333); // R2 register + Long r1; // R1 register System.out.print("Emulate ARM code\n"); @@ -74,10 +74,10 @@ public class Sample_arm { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - r0 = u.reg_read(Unicorn.UC_ARM_REG_R0, 4); - r1 = u.reg_read(Unicorn.UC_ARM_REG_R1, 4); - System.out.print(String.format(">>> R0 = 0x%x\n", toInt(r0))); - System.out.print(String.format(">>> R1 = 0x%x\n", toInt(r1))); + r0 = (Long)u.reg_read(Unicorn.UC_ARM_REG_R0); + r1 = (Long)u.reg_read(Unicorn.UC_ARM_REG_R1); + System.out.print(String.format(">>> R0 = 0x%x\n", r0.intValue())); + System.out.print(String.format(">>> R1 = 0x%x\n", r1.intValue())); u.close(); } @@ -85,7 +85,7 @@ public class Sample_arm { static void test_thumb() { - byte[] sp = {0x34, 0x12, 0, 0}; // R0 register + Long sp = new Long(0x1234); // R0 register System.out.print("Emulate THUMB code\n"); @@ -114,8 +114,8 @@ public class Sample_arm { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - sp = u.reg_read(Unicorn.UC_ARM_REG_SP, 4); - System.out.print(String.format(">>> SP = 0x%x\n", toInt(sp))); + sp = (Long)u.reg_read(Unicorn.UC_ARM_REG_SP); + System.out.print(String.format(">>> SP = 0x%x\n", sp.intValue())); u.close(); } diff --git a/bindings/java/samples/Sample_arm64.java b/bindings/java/samples/Sample_arm64.java index a528152c..56a7212f 100644 --- a/bindings/java/samples/Sample_arm64.java +++ b/bindings/java/samples/Sample_arm64.java @@ -69,9 +69,9 @@ public class Sample_arm64 { static void test_arm64() { - byte[] x11 = toBytes(0x1234); // X11 register - byte[] x13 = toBytes(0x6789); // X13 register - byte[] x15 = toBytes(0x3333); // X15 register + Long x11 = new Long(0x1234); // X11 register + Long x13 = new Long(0x6789); // X13 register + Long x15 = new Long(0x3333); // X15 register System.out.print("Emulate ARM64 code\n"); @@ -102,8 +102,8 @@ public class Sample_arm64 { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - x11 = u.reg_read(Unicorn.UC_ARM64_REG_X11, 8); - System.out.print(String.format(">>> X11 = 0x%x\n", toInt(x11))); + x11 = (Long)u.reg_read(Unicorn.UC_ARM64_REG_X11); + System.out.print(String.format(">>> X11 = 0x%x\n", x11.longValue())); u.close(); } diff --git a/bindings/java/samples/Sample_m68k.java b/bindings/java/samples/Sample_m68k.java index 371d60ac..cae025a6 100644 --- a/bindings/java/samples/Sample_m68k.java +++ b/bindings/java/samples/Sample_m68k.java @@ -68,26 +68,26 @@ public class Sample_m68k { static void test_m68k() { - byte[] d0 = toBytes(0x0000); // d0 data register - byte[] d1 = toBytes(0x0000); // d1 data register - byte[] d2 = toBytes(0x0000); // d2 data register - byte[] d3 = toBytes(0x0000); // d3 data register - byte[] d4 = toBytes(0x0000); // d4 data register - byte[] d5 = toBytes(0x0000); // d5 data register - byte[] d6 = toBytes(0x0000); // d6 data register - byte[] d7 = toBytes(0x0000); // d7 data register + Long d0 = new Long(0x0000); // d0 data register + Long d1 = new Long(0x0000); // d1 data register + Long d2 = new Long(0x0000); // d2 data register + Long d3 = new Long(0x0000); // d3 data register + Long d4 = new Long(0x0000); // d4 data register + Long d5 = new Long(0x0000); // d5 data register + Long d6 = new Long(0x0000); // d6 data register + Long d7 = new Long(0x0000); // d7 data register - byte[] a0 = toBytes(0x0000); // a0 address register - byte[] a1 = toBytes(0x0000); // a1 address register - byte[] a2 = toBytes(0x0000); // a2 address register - byte[] a3 = toBytes(0x0000); // a3 address register - byte[] a4 = toBytes(0x0000); // a4 address register - byte[] a5 = toBytes(0x0000); // a5 address register - byte[] a6 = toBytes(0x0000); // a6 address register - byte[] a7 = toBytes(0x0000); // a6 address register + Long a0 = new Long(0x0000); // a0 address register + Long a1 = new Long(0x0000); // a1 address register + Long a2 = new Long(0x0000); // a2 address register + Long a3 = new Long(0x0000); // a3 address register + Long a4 = new Long(0x0000); // a4 address register + Long a5 = new Long(0x0000); // a5 address register + Long a6 = new Long(0x0000); // a6 address register + Long a7 = new Long(0x0000); // a6 address register - byte[] pc = toBytes(0x0000); // program counter - byte[] sr = toBytes(0x0000); // status register + Long pc = new Long(0x0000); // program counter + Long sr = new Long(0x0000); // status register System.out.print("Emulate M68K code\n"); @@ -135,37 +135,37 @@ public class Sample_m68k { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - d0 = u.reg_read(Unicorn.UC_M68K_REG_D0, 4); - d1 = u.reg_read(Unicorn.UC_M68K_REG_D1, 4); - d2 = u.reg_read(Unicorn.UC_M68K_REG_D2, 4); - d3 = u.reg_read(Unicorn.UC_M68K_REG_D3, 4); - d4 = u.reg_read(Unicorn.UC_M68K_REG_D4, 4); - d5 = u.reg_read(Unicorn.UC_M68K_REG_D5, 4); - d6 = u.reg_read(Unicorn.UC_M68K_REG_D6, 4); - d7 = u.reg_read(Unicorn.UC_M68K_REG_D7, 4); + d0 = (Long)u.reg_read(Unicorn.UC_M68K_REG_D0); + d1 = (Long)u.reg_read(Unicorn.UC_M68K_REG_D1); + d2 = (Long)u.reg_read(Unicorn.UC_M68K_REG_D2); + d3 = (Long)u.reg_read(Unicorn.UC_M68K_REG_D3); + d4 = (Long)u.reg_read(Unicorn.UC_M68K_REG_D4); + d5 = (Long)u.reg_read(Unicorn.UC_M68K_REG_D5); + d6 = (Long)u.reg_read(Unicorn.UC_M68K_REG_D6); + d7 = (Long)u.reg_read(Unicorn.UC_M68K_REG_D7); - a0 = u.reg_read(Unicorn.UC_M68K_REG_A0, 4); - a1 = u.reg_read(Unicorn.UC_M68K_REG_A1, 4); - a2 = u.reg_read(Unicorn.UC_M68K_REG_A2, 4); - a3 = u.reg_read(Unicorn.UC_M68K_REG_A3, 4); - a4 = u.reg_read(Unicorn.UC_M68K_REG_A4, 4); - a5 = u.reg_read(Unicorn.UC_M68K_REG_A5, 4); - a6 = u.reg_read(Unicorn.UC_M68K_REG_A6, 4); - a7 = u.reg_read(Unicorn.UC_M68K_REG_A7, 4); + a0 = (Long)u.reg_read(Unicorn.UC_M68K_REG_A0); + a1 = (Long)u.reg_read(Unicorn.UC_M68K_REG_A1); + a2 = (Long)u.reg_read(Unicorn.UC_M68K_REG_A2); + a3 = (Long)u.reg_read(Unicorn.UC_M68K_REG_A3); + a4 = (Long)u.reg_read(Unicorn.UC_M68K_REG_A4); + a5 = (Long)u.reg_read(Unicorn.UC_M68K_REG_A5); + a6 = (Long)u.reg_read(Unicorn.UC_M68K_REG_A6); + a7 = (Long)u.reg_read(Unicorn.UC_M68K_REG_A7); - pc = u.reg_read(Unicorn.UC_M68K_REG_PC, 4); - sr = u.reg_read(Unicorn.UC_M68K_REG_SR, 4); + pc = (Long)u.reg_read(Unicorn.UC_M68K_REG_PC); + sr = (Long)u.reg_read(Unicorn.UC_M68K_REG_SR); - System.out.print(String.format(">>> A0 = 0x%x\t\t>>> D0 = 0x%x\n", toInt(a0), toInt(d0))); - System.out.print(String.format(">>> A1 = 0x%x\t\t>>> D1 = 0x%x\n", toInt(a1), toInt(d1))); - System.out.print(String.format(">>> A2 = 0x%x\t\t>>> D2 = 0x%x\n", toInt(a2), toInt(d2))); - System.out.print(String.format(">>> A3 = 0x%x\t\t>>> D3 = 0x%x\n", toInt(a3), toInt(d3))); - System.out.print(String.format(">>> A4 = 0x%x\t\t>>> D4 = 0x%x\n", toInt(a4), toInt(d4))); - System.out.print(String.format(">>> A5 = 0x%x\t\t>>> D5 = 0x%x\n", toInt(a5), toInt(d5))); - System.out.print(String.format(">>> A6 = 0x%x\t\t>>> D6 = 0x%x\n", toInt(a6), toInt(d6))); - System.out.print(String.format(">>> A7 = 0x%x\t\t>>> D7 = 0x%x\n", toInt(a7), toInt(d7))); - System.out.print(String.format(">>> PC = 0x%x\n", toInt(pc))); - System.out.print(String.format(">>> SR = 0x%x\n", toInt(sr))); + System.out.print(String.format(">>> A0 = 0x%x\t\t>>> D0 = 0x%x\n", a0.intValue(), d0.intValue())); + System.out.print(String.format(">>> A1 = 0x%x\t\t>>> D1 = 0x%x\n", a1.intValue(), d1.intValue())); + System.out.print(String.format(">>> A2 = 0x%x\t\t>>> D2 = 0x%x\n", a2.intValue(), d2.intValue())); + System.out.print(String.format(">>> A3 = 0x%x\t\t>>> D3 = 0x%x\n", a3.intValue(), d3.intValue())); + System.out.print(String.format(">>> A4 = 0x%x\t\t>>> D4 = 0x%x\n", a4.intValue(), d4.intValue())); + System.out.print(String.format(">>> A5 = 0x%x\t\t>>> D5 = 0x%x\n", a5.intValue(), d5.intValue())); + System.out.print(String.format(">>> A6 = 0x%x\t\t>>> D6 = 0x%x\n", a6.intValue(), d6.intValue())); + System.out.print(String.format(">>> A7 = 0x%x\t\t>>> D7 = 0x%x\n", a7.intValue(), d7.intValue())); + System.out.print(String.format(">>> PC = 0x%x\n", pc.intValue())); + System.out.print(String.format(">>> SR = 0x%x\n", sr.intValue())); u.close(); } diff --git a/bindings/java/samples/Sample_mips.java b/bindings/java/samples/Sample_mips.java index 8220c42c..d977c231 100644 --- a/bindings/java/samples/Sample_mips.java +++ b/bindings/java/samples/Sample_mips.java @@ -70,7 +70,7 @@ public class Sample_mips { static void test_mips_eb() { - byte[] r1 = toBytes(0x6789); // R1 register + Long r1 = new Long(0x6789); // R1 register System.out.print("Emulate MIPS code (big-endian)\n"); @@ -99,15 +99,15 @@ public class Sample_mips { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - r1 = u.reg_read(Unicorn.UC_MIPS_REG_1, 4); - System.out.print(String.format(">>> R1 = 0x%x\n", toInt(r1))); + r1 = (Long)u.reg_read(Unicorn.UC_MIPS_REG_1); + System.out.print(String.format(">>> R1 = 0x%x\n", r1.intValue())); u.close(); } static void test_mips_el() { - byte[] r1 = toBytes(0x6789); // R1 register + Long r1 = new Long(0x6789); // R1 register System.out.print("===========================\n"); System.out.print("Emulate MIPS code (little-endian)\n"); @@ -137,8 +137,8 @@ public class Sample_mips { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - r1 = u.reg_read(Unicorn.UC_MIPS_REG_1, 4); - System.out.print(String.format(">>> R1 = 0x%x\n", toInt(r1))); + r1 = (Long)u.reg_read(Unicorn.UC_MIPS_REG_1); + System.out.print(String.format(">>> R1 = 0x%x\n", r1.intValue())); u.close(); } diff --git a/bindings/java/samples/Sample_sparc.java b/bindings/java/samples/Sample_sparc.java index 71ebdb3f..85d26367 100644 --- a/bindings/java/samples/Sample_sparc.java +++ b/bindings/java/samples/Sample_sparc.java @@ -69,9 +69,9 @@ public class Sample_sparc { static void test_sparc() { - byte[] g1 = toBytes(0x1230); // G1 register - byte[] g2 = toBytes(0x6789); // G2 register - byte[] g3 = toBytes(0x5555); // G3 register + Long g1 = new Long(0x1230); // G1 register + Long g2 = new Long(0x6789); // G2 register + Long g3 = new Long(0x5555); // G3 register System.out.print("Emulate SPARC code\n"); @@ -102,8 +102,8 @@ public class Sample_sparc { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - g3 = u.reg_read(Unicorn.UC_SPARC_REG_G3, 4); - System.out.print(String.format(">>> G3 = 0x%x\n", toInt(g3))); + g3 = (Long)u.reg_read(Unicorn.UC_SPARC_REG_G3); + System.out.print(String.format(">>> G3 = 0x%x\n", g3.intValue())); u.close(); } diff --git a/bindings/java/samples/Sample_x86.java b/bindings/java/samples/Sample_x86.java index 91ca2698..e25df640 100644 --- a/bindings/java/samples/Sample_x86.java +++ b/bindings/java/samples/Sample_x86.java @@ -74,8 +74,8 @@ public class Sample_x86 { public void hook(Unicorn u, long address, int size, Object user_data) { System.out.printf(">>> Tracing instruction at 0x%x, instruction size = 0x%x\n", address, size); - byte eflags[] = u.reg_read(Unicorn.UC_X86_REG_EFLAGS, 4); - System.out.printf(">>> --- EFLAGS is 0x%x\n", toInt(eflags)); + Long eflags = (Long)u.reg_read(Unicorn.UC_X86_REG_EFLAGS); + System.out.printf(">>> --- EFLAGS is 0x%x\n", eflags.intValue()); // Uncomment below code to stop the emulation using uc_emu_stop() // if (address == 0x1000009) @@ -97,9 +97,9 @@ public class Sample_x86 { // callback for tracing instruction private static class MyCode64Hook implements CodeHook { public void hook(Unicorn u, long address, int size, Object user_data) { - byte[] r_rip = u.reg_read(Unicorn.UC_X86_REG_RIP, 8); + Long r_rip = (Long)u.reg_read(Unicorn.UC_X86_REG_RIP); System.out.printf(">>> Tracing instruction at 0x%x, instruction size = 0x%x\n", address, size); - System.out.printf(">>> RIP is 0x%x\n", toInt(r_rip)); + System.out.printf(">>> RIP is 0x%x\n", r_rip.longValue()); // Uncomment below code to stop the emulation using uc_emu_stop() // if (address == 0x1000009) @@ -125,9 +125,9 @@ public class Sample_x86 { // this returns the data read from the port private static class MyInHook implements InHook { public int hook(Unicorn u, int port, int size, Object user_data) { - byte[] r_eip = u.reg_read(Unicorn.UC_X86_REG_EIP, 4); + Long r_eip = (Long)u.reg_read(Unicorn.UC_X86_REG_EIP); - System.out.printf("--- reading from port 0x%x, size: %d, address: 0x%x\n", port, size, toInt(r_eip)); + System.out.printf("--- reading from port 0x%x, size: %d, address: 0x%x\n", port, size, r_eip.intValue()); switch(size) { case 1: @@ -147,32 +147,32 @@ public class Sample_x86 { // callback for OUT instruction (X86). private static class MyOutHook implements OutHook { public void hook(Unicorn u, int port, int size, int value, Object user) { - byte[] eip = u.reg_read(Unicorn.UC_X86_REG_EIP, 4); - byte[] tmp = null; - System.out.printf("--- writing to port 0x%x, size: %d, value: 0x%x, address: 0x%x\n", port, size, value, toInt(eip)); + Long eip = (Long)u.reg_read(Unicorn.UC_X86_REG_EIP); + Long tmp = null; + System.out.printf("--- writing to port 0x%x, size: %d, value: 0x%x, address: 0x%x\n", port, size, value, eip.intValue()); // confirm that value is indeed the value of AL/AX/EAX switch(size) { default: return; // should never reach this case 1: - tmp = u.reg_read(Unicorn.UC_X86_REG_AL, 1); + tmp = (Long)u.reg_read(Unicorn.UC_X86_REG_AL); break; case 2: - tmp = u.reg_read(Unicorn.UC_X86_REG_AX, 2); + tmp = (Long)u.reg_read(Unicorn.UC_X86_REG_AX); break; case 4: - tmp = u.reg_read(Unicorn.UC_X86_REG_EAX, 4); + tmp = (Long)u.reg_read(Unicorn.UC_X86_REG_EAX); break; } - System.out.printf("--- register value = 0x%x\n", toInt(tmp)); + System.out.printf("--- register value = 0x%x\n", tmp.intValue()); } } static void test_i386() { - byte r_ecx[] = {(byte)0x34, (byte)0x12, 0, 0}; //0x1234; // ECX register - byte r_edx[] = {(byte)0x90, (byte)0x78, 0, 0}; //0x7890; // EDX register + Long r_ecx = new Long(0x1234); // ECX register + Long r_edx = new Long(0x7890); // EDX register System.out.print("Emulate i386 code\n"); @@ -217,14 +217,14 @@ public class Sample_x86 { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - r_ecx = uc.reg_read(Unicorn.UC_X86_REG_ECX, 4); - r_edx = uc.reg_read(Unicorn.UC_X86_REG_EDX, 4); - System.out.printf(">>> ECX = 0x%x\n", toInt(r_ecx)); - System.out.printf(">>> EDX = 0x%x\n", toInt(r_edx)); + r_ecx = (Long)uc.reg_read(Unicorn.UC_X86_REG_ECX); + r_edx = (Long)uc.reg_read(Unicorn.UC_X86_REG_EDX); + System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); + System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); // read from memory try { - byte tmp[] = uc.mem_read(ADDRESS, 4); + byte[] tmp = uc.mem_read(ADDRESS, 4); System.out.printf(">>> Read 4 bytes from [0x%x] = 0x%x\n", ADDRESS, toInt(tmp)); } catch (UnicornException ex) { System.out.printf(">>> Failed to read 4 bytes from [0x%x]\n", ADDRESS); @@ -234,8 +234,8 @@ public class Sample_x86 { static void test_i386_inout() { - byte[] r_eax = {0x34, 0x12, 0, 0}; //0x1234; // EAX register - byte[] r_ecx = {(byte)0x89, 0x67, 0, 0}; //0x6789; // ECX register + Long r_eax = new Long(0x1234); // ECX register + Long r_ecx = new Long(0x6789); // EDX register System.out.print("===================================\n"); System.out.print("Emulate i386 code with IN/OUT instructions\n"); @@ -270,10 +270,10 @@ public class Sample_x86 { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - r_eax = u.reg_read(Unicorn.UC_X86_REG_EAX, 4); - r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX, 4); - System.out.printf(">>> EAX = 0x%x\n", toInt(r_eax)); - System.out.printf(">>> ECX = 0x%x\n", toInt(r_ecx)); + r_eax = (Long)u.reg_read(Unicorn.UC_X86_REG_EAX); + r_ecx = (Long)u.reg_read(Unicorn.UC_X86_REG_ECX); + System.out.printf(">>> EAX = 0x%x\n", r_eax.intValue()); + System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); u.close(); } @@ -309,8 +309,8 @@ public class Sample_x86 { // emulate code that loop forever static void test_i386_loop() { - byte r_ecx[] = {(byte)0x34, (byte)0x12, 0, 0}; //0x1234; // ECX register - byte r_edx[] = {(byte)0x90, (byte)0x78, 0, 0}; //0x7890; // EDX register + Long r_ecx = new Long(0x1234); // ECX register + Long r_edx = new Long(0x7890); // EDX register System.out.print("===================================\n"); System.out.print("Emulate i386 code that loop forever\n"); @@ -335,10 +335,10 @@ public class Sample_x86 { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX, 4); - r_edx = u.reg_read(Unicorn.UC_X86_REG_EDX, 4); - System.out.printf(">>> ECX = 0x%x\n", toInt(r_ecx)); - System.out.printf(">>> EDX = 0x%x\n", toInt(r_edx)); + r_ecx = (Long)u.reg_read(Unicorn.UC_X86_REG_ECX); + r_edx = (Long)u.reg_read(Unicorn.UC_X86_REG_EDX); + System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); + System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); u.close(); } @@ -346,8 +346,8 @@ public class Sample_x86 { // emulate code that read invalid memory static void test_i386_invalid_mem_read() { - byte r_ecx[] = {(byte)0x34, (byte)0x12, 0, 0}; //0x1234; // ECX register - byte r_edx[] = {(byte)0x90, (byte)0x78, 0, 0}; //0x7890; // EDX register + Long r_ecx = new Long(0x1234); // ECX register + Long r_edx = new Long(0x7890); // EDX register System.out.print("===================================\n"); System.out.print("Emulate i386 code that read from invalid memory\n"); @@ -382,10 +382,10 @@ public class Sample_x86 { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX, 4); - r_edx = u.reg_read(Unicorn.UC_X86_REG_EDX, 4); - System.out.printf(">>> ECX = 0x%x\n", toInt(r_ecx)); - System.out.printf(">>> EDX = 0x%x\n", toInt(r_edx)); + r_ecx = (Long)u.reg_read(Unicorn.UC_X86_REG_ECX); + r_edx = (Long)u.reg_read(Unicorn.UC_X86_REG_EDX); + System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); + System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); u.close(); } @@ -393,8 +393,8 @@ public class Sample_x86 { // emulate code that read invalid memory static void test_i386_invalid_mem_write() { - byte r_ecx[] = {(byte)0x34, (byte)0x12, 0, 0}; //0x1234; // ECX register - byte r_edx[] = {(byte)0x90, (byte)0x78, 0, 0}; //0x7890; // EDX register + Long r_ecx = new Long(0x1234); // ECX register + Long r_edx = new Long(0x7890); // EDX register System.out.print("===================================\n"); System.out.print("Emulate i386 code that write to invalid memory\n"); @@ -431,10 +431,10 @@ public class Sample_x86 { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX, 4); - r_edx = u.reg_read(Unicorn.UC_X86_REG_EDX, 4); - System.out.printf(">>> ECX = 0x%x\n", toInt(r_ecx)); - System.out.printf(">>> EDX = 0x%x\n", toInt(r_edx)); + r_ecx = (Long)u.reg_read(Unicorn.UC_X86_REG_ECX); + r_edx = (Long)u.reg_read(Unicorn.UC_X86_REG_EDX); + System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); + System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); // read from memory byte tmp[] = u.mem_read(0xaaaaaaaa, 4); @@ -453,8 +453,8 @@ public class Sample_x86 { // emulate code that jump to invalid memory static void test_i386_jump_invalid() { - byte r_ecx[] = {(byte)0x34, (byte)0x12, 0, 0}; //0x1234; // ECX register - byte r_edx[] = {(byte)0x90, (byte)0x78, 0, 0}; //0x7890; // EDX register + Long r_ecx = new Long(0x1234); // ECX register + Long r_edx = new Long(0x7890); // EDX register System.out.print("===================================\n"); System.out.print("Emulate i386 code that jumps to invalid memory\n"); @@ -488,10 +488,10 @@ public class Sample_x86 { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - r_ecx = u.reg_read(Unicorn.UC_X86_REG_ECX, 4); - r_edx = u.reg_read(Unicorn.UC_X86_REG_EDX, 4); - System.out.printf(">>> ECX = 0x%x\n", toInt(r_ecx)); - System.out.printf(">>> EDX = 0x%x\n", toInt(r_edx)); + r_ecx = (Long)u.reg_read(Unicorn.UC_X86_REG_ECX); + r_edx = (Long)u.reg_read(Unicorn.UC_X86_REG_EDX); + System.out.printf(">>> ECX = 0x%x\n", r_ecx.intValue()); + System.out.printf(">>> EDX = 0x%x\n", r_edx.intValue()); u.close(); } @@ -527,22 +527,22 @@ public class Sample_x86 { u.mem_write(ADDRESS, X86_CODE64); // initialize machine registers - u.reg_write(Unicorn.UC_X86_REG_RSP, toBytes(rsp)); + u.reg_write(Unicorn.UC_X86_REG_RSP, new Long(rsp)); - u.reg_write(Unicorn.UC_X86_REG_RAX, toBytes(rax)); - u.reg_write(Unicorn.UC_X86_REG_RBX, toBytes(rbx)); - u.reg_write(Unicorn.UC_X86_REG_RCX, toBytes(rcx)); - u.reg_write(Unicorn.UC_X86_REG_RDX, toBytes(rdx)); - u.reg_write(Unicorn.UC_X86_REG_RSI, toBytes(rsi)); - u.reg_write(Unicorn.UC_X86_REG_RDI, toBytes(rdi)); - u.reg_write(Unicorn.UC_X86_REG_R8, toBytes(r8)); - u.reg_write(Unicorn.UC_X86_REG_R9, toBytes(r9)); - u.reg_write(Unicorn.UC_X86_REG_R10, toBytes(r10)); - u.reg_write(Unicorn.UC_X86_REG_R11, toBytes(r11)); - u.reg_write(Unicorn.UC_X86_REG_R12, toBytes(r12)); - u.reg_write(Unicorn.UC_X86_REG_R13, toBytes(r13)); - u.reg_write(Unicorn.UC_X86_REG_R14, toBytes(r14)); - u.reg_write(Unicorn.UC_X86_REG_R15, toBytes(r15)); + u.reg_write(Unicorn.UC_X86_REG_RAX, new Long(rax)); + u.reg_write(Unicorn.UC_X86_REG_RBX, new Long(rbx)); + u.reg_write(Unicorn.UC_X86_REG_RCX, new Long(rcx)); + u.reg_write(Unicorn.UC_X86_REG_RDX, new Long(rdx)); + u.reg_write(Unicorn.UC_X86_REG_RSI, new Long(rsi)); + u.reg_write(Unicorn.UC_X86_REG_RDI, new Long(rdi)); + u.reg_write(Unicorn.UC_X86_REG_R8, new Long(r8)); + u.reg_write(Unicorn.UC_X86_REG_R9, new Long(r9)); + u.reg_write(Unicorn.UC_X86_REG_R10, new Long(r10)); + u.reg_write(Unicorn.UC_X86_REG_R11, new Long(r11)); + u.reg_write(Unicorn.UC_X86_REG_R12, new Long(r12)); + u.reg_write(Unicorn.UC_X86_REG_R13, new Long(r13)); + u.reg_write(Unicorn.UC_X86_REG_R14, new Long(r14)); + u.reg_write(Unicorn.UC_X86_REG_R15, new Long(r15)); // tracing all basic blocks with customized callback u.hook_add(new MyBlockHook(), 1, 0, null); @@ -563,44 +563,44 @@ public class Sample_x86 { // now print out some registers System.out.print(">>> Emulation done. Below is the CPU context\n"); - byte[] r_rax = u.reg_read(Unicorn.UC_X86_REG_RAX, 8); - byte[] r_rbx = u.reg_read(Unicorn.UC_X86_REG_RBX, 8); - byte[] r_rcx = u.reg_read(Unicorn.UC_X86_REG_RCX, 8); - byte[] r_rdx = u.reg_read(Unicorn.UC_X86_REG_RDX, 8); - byte[] r_rsi = u.reg_read(Unicorn.UC_X86_REG_RSI, 8); - byte[] r_rdi = u.reg_read(Unicorn.UC_X86_REG_RDI, 8); - byte[] r_r8 = u.reg_read(Unicorn.UC_X86_REG_R8, 8); - byte[] r_r9 = u.reg_read(Unicorn.UC_X86_REG_R9, 8); - byte[] r_r10 = u.reg_read(Unicorn.UC_X86_REG_R10, 8); - byte[] r_r11 = u.reg_read(Unicorn.UC_X86_REG_R11, 8); - byte[] r_r12 = u.reg_read(Unicorn.UC_X86_REG_R12, 8); - byte[] r_r13 = u.reg_read(Unicorn.UC_X86_REG_R13, 8); - byte[] r_r14 = u.reg_read(Unicorn.UC_X86_REG_R14, 8); - byte[] r_r15 = u.reg_read(Unicorn.UC_X86_REG_R15, 8); + Long r_rax = (Long)u.reg_read(Unicorn.UC_X86_REG_RAX); + Long r_rbx = (Long)u.reg_read(Unicorn.UC_X86_REG_RBX); + Long r_rcx = (Long)u.reg_read(Unicorn.UC_X86_REG_RCX); + Long r_rdx = (Long)u.reg_read(Unicorn.UC_X86_REG_RDX); + Long r_rsi = (Long)u.reg_read(Unicorn.UC_X86_REG_RSI); + Long r_rdi = (Long)u.reg_read(Unicorn.UC_X86_REG_RDI); + Long r_r8 = (Long)u.reg_read(Unicorn.UC_X86_REG_R8); + Long r_r9 = (Long)u.reg_read(Unicorn.UC_X86_REG_R9); + Long r_r10 = (Long)u.reg_read(Unicorn.UC_X86_REG_R10); + Long r_r11 = (Long)u.reg_read(Unicorn.UC_X86_REG_R11); + Long r_r12 = (Long)u.reg_read(Unicorn.UC_X86_REG_R12); + Long r_r13 = (Long)u.reg_read(Unicorn.UC_X86_REG_R13); + Long r_r14 = (Long)u.reg_read(Unicorn.UC_X86_REG_R14); + Long r_r15 = (Long)u.reg_read(Unicorn.UC_X86_REG_R15); - System.out.printf(">>> RAX = 0x%x\n", toInt(r_rax)); - System.out.printf(">>> RBX = 0x%x\n", toInt(r_rbx)); - System.out.printf(">>> RCX = 0x%x\n", toInt(r_rcx)); - System.out.printf(">>> RDX = 0x%x\n", toInt(r_rdx)); - System.out.printf(">>> RSI = 0x%x\n", toInt(r_rsi)); - System.out.printf(">>> RDI = 0x%x\n", toInt(r_rdi)); - System.out.printf(">>> R8 = 0x%x\n", toInt(r_r8)); - System.out.printf(">>> R9 = 0x%x\n", toInt(r_r9)); - System.out.printf(">>> R10 = 0x%x\n", toInt(r_r10)); - System.out.printf(">>> R11 = 0x%x\n", toInt(r_r11)); - System.out.printf(">>> R12 = 0x%x\n", toInt(r_r12)); - System.out.printf(">>> R13 = 0x%x\n", toInt(r_r13)); - System.out.printf(">>> R14 = 0x%x\n", toInt(r_r14)); - System.out.printf(">>> R15 = 0x%x\n", toInt(r_r15)); + System.out.printf(">>> RAX = 0x%x\n", r_rax.longValue()); + System.out.printf(">>> RBX = 0x%x\n", r_rbx.longValue()); + System.out.printf(">>> RCX = 0x%x\n", r_rcx.longValue()); + System.out.printf(">>> RDX = 0x%x\n", r_rdx.longValue()); + System.out.printf(">>> RSI = 0x%x\n", r_rsi.longValue()); + System.out.printf(">>> RDI = 0x%x\n", r_rdi.longValue()); + System.out.printf(">>> R8 = 0x%x\n", r_r8.longValue()); + System.out.printf(">>> R9 = 0x%x\n", r_r9.longValue()); + System.out.printf(">>> R10 = 0x%x\n", r_r10.longValue()); + System.out.printf(">>> R11 = 0x%x\n", r_r11.longValue()); + System.out.printf(">>> R12 = 0x%x\n", r_r12.longValue()); + System.out.printf(">>> R13 = 0x%x\n", r_r13.longValue()); + System.out.printf(">>> R14 = 0x%x\n", r_r14.longValue()); + System.out.printf(">>> R15 = 0x%x\n", r_r15.longValue()); u.close(); } static void test_x86_16() { - byte[] eax = toBytes(7); - byte[] ebx = toBytes(5); - byte[] esi = toBytes(6); + Long eax = new Long(7); + Long ebx = new Long(5); + Long esi = new Long(6); System.out.print("Emulate x86 16-bit code\n"); diff --git a/bindings/java/samples/Shellcode.java b/bindings/java/samples/Shellcode.java index 7e64b083..48674a46 100644 --- a/bindings/java/samples/Shellcode.java +++ b/bindings/java/samples/Shellcode.java @@ -58,8 +58,8 @@ public class Shellcode { System.out.print(String.format("Tracing instruction at 0x%x, instruction size = 0x%x\n", address, size)); - byte[] r_eip = u.reg_read(Unicorn.UC_X86_REG_EIP, 4); - System.out.print(String.format("*** EIP = %x ***: ", toInt(r_eip))); + Long r_eip = (Long)u.reg_read(Unicorn.UC_X86_REG_EIP); + System.out.print(String.format("*** EIP = %x ***: ", r_eip.intValue())); size = Math.min(16, size); @@ -73,8 +73,8 @@ public class Shellcode { public static class MyInterruptHook implements InterruptHook { public void hook(Unicorn u, int intno, Object user) { - long r_ecx; - long r_edx; + Long r_ecx; + Long r_edx; int size; // only handle Linux syscall @@ -82,30 +82,30 @@ public class Shellcode { return; } - long r_eax = toInt(u.reg_read(Unicorn.UC_X86_REG_EAX, 4)); - long r_eip = toInt(u.reg_read(Unicorn.UC_X86_REG_EIP, 4)); + Long r_eax = (Long)u.reg_read(Unicorn.UC_X86_REG_EAX); + Long r_eip = (Long)u.reg_read(Unicorn.UC_X86_REG_EIP); - switch ((int)r_eax) { + switch (r_eax.intValue()) { default: - System.out.print(String.format(">>> 0x%x: interrupt 0x%x, EAX = 0x%x\n", r_eip, intno, r_eax)); + System.out.print(String.format(">>> 0x%x: interrupt 0x%x, EAX = 0x%x\n", r_eip.intValue(), intno, r_eax.intValue())); break; case 1: // sys_exit - System.out.print(String.format(">>> 0x%x: interrupt 0x%x, SYS_EXIT. quit!\n\n", r_eip, intno)); + System.out.print(String.format(">>> 0x%x: interrupt 0x%x, SYS_EXIT. quit!\n\n", r_eip.intValue(), intno)); u.emu_stop(); break; case 4: // sys_write // ECX = buffer address - r_ecx = toInt(u.reg_read(Unicorn.UC_X86_REG_ECX, 4)); + r_ecx = (Long)u.reg_read(Unicorn.UC_X86_REG_ECX); // EDX = buffer size - r_edx = toInt(u.reg_read(Unicorn.UC_X86_REG_EDX, 4)); + r_edx = (Long)u.reg_read(Unicorn.UC_X86_REG_EDX); // read the buffer in size = (int)Math.min(256, r_edx); byte[] buffer = u.mem_read(r_ecx, size); System.out.print(String.format(">>> 0x%x: interrupt 0x%x, SYS_WRITE. buffer = 0x%x, size = %u, content = '%s'\n", - r_eip, intno, r_ecx, r_edx, new String(buffer))); + r_eip.intValue(), intno, r_ecx.intValue(), r_edx.intValue(), new String(buffer))); break; } } @@ -113,7 +113,7 @@ public class Shellcode { static void test_i386() { - long r_esp = ADDRESS + 0x200000; // ESP register + Long r_esp = new Long(ADDRESS + 0x200000); // ESP register System.out.print("Emulate i386 code\n"); @@ -127,7 +127,7 @@ public class Shellcode { u.mem_write(ADDRESS, X86_CODE32_SELF); // initialize machine registers - u.reg_write(Unicorn.UC_X86_REG_ESP, toBytes(r_esp)); + u.reg_write(Unicorn.UC_X86_REG_ESP, r_esp); // tracing all instructions by having @begin > @end u.hook_add(new MyCodeHook(), 1, 0, null); diff --git a/bindings/java/unicorn/Unicorn.java b/bindings/java/unicorn/Unicorn.java index edf43a29..c649cdd5 100644 --- a/bindings/java/unicorn/Unicorn.java +++ b/bindings/java/unicorn/Unicorn.java @@ -19,11 +19,11 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ -package unicorn; +package unicorn; import java.util.*; -public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, SparcConst, MipsConst, X86Const { +public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, SparcConst, MipsConst, X86Const { private long eng; private int arch; @@ -55,24 +55,24 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S } } - private ArrayList blockList = new ArrayList(); - private ArrayList intrList = new ArrayList(); - private ArrayList codeList = new ArrayList(); - private ArrayList readList = new ArrayList(); - private ArrayList writeList = new ArrayList(); - private ArrayList inList = new ArrayList(); - private ArrayList outList = new ArrayList(); - private ArrayList syscallList = new ArrayList(); - + private ArrayList blockList = new ArrayList(); + private ArrayList intrList = new ArrayList(); + private ArrayList codeList = new ArrayList(); + private ArrayList readList = new ArrayList(); + private ArrayList writeList = new ArrayList(); + private ArrayList inList = new ArrayList(); + private ArrayList outList = new ArrayList(); + private ArrayList syscallList = new ArrayList(); + private Hashtable > eventMemLists = new Hashtable >(); - + private ArrayList> allLists = new ArrayList>(); private static Hashtable eventMemMap = new Hashtable(); private static Hashtable unicorns = new Hashtable(); - //required to load native method implementations - static { + //required to load native method implementations + static { System.loadLibrary("unicorn_java"); //loads unicorn.dll or libunicorn.so eventMemMap.put(UC_HOOK_MEM_READ_UNMAPPED, UC_MEM_READ_UNMAPPED); eventMemMap.put(UC_HOOK_MEM_WRITE_UNMAPPED, UC_MEM_WRITE_UNMAPPED); @@ -80,12 +80,16 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S eventMemMap.put(UC_HOOK_MEM_READ_PROT, UC_MEM_READ_PROT); eventMemMap.put(UC_HOOK_MEM_WRITE_PROT, UC_MEM_WRITE_PROT); eventMemMap.put(UC_HOOK_MEM_FETCH_PROT, UC_MEM_FETCH_PROT); - } + eventMemMap.put(UC_HOOK_MEM_READ, UC_MEM_READ); + eventMemMap.put(UC_HOOK_MEM_WRITE, UC_MEM_WRITE); + eventMemMap.put(UC_HOOK_MEM_FETCH, UC_MEM_FETCH); + eventMemMap.put(UC_HOOK_MEM_READ_AFTER, UC_MEM_READ_AFTER); + } /** * Invoke all UC_HOOK_BLOCK callbacks registered for a specific Unicorn. * This function gets invoked from the native C callback registered for - * for UC_HOOK_BLOCK + * for UC_HOOK_BLOCK * * @param eng A Unicorn uc_engine* eng returned by uc_open * @param address The address of the instruction being executed @@ -105,7 +109,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S /** * Invoke all UC_HOOK_INTR callbacks registered for a specific Unicorn. * This function gets invoked from the native C callback registered for - * for UC_HOOK_INTR + * for UC_HOOK_INTR * * @param eng A Unicorn uc_engine* eng returned by uc_open * @param intno The interrupt number @@ -124,7 +128,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S /** * Invoke all UC_HOOK_CODE callbacks registered for a specific Unicorn. * This function gets invoked from the native C callback registered for - * for UC_HOOK_CODE + * for UC_HOOK_CODE * * @param eng A Unicorn uc_engine* eng returned by uc_open * @param address The address of the instruction being executed @@ -142,7 +146,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S } /** - * Invoke all UC_HOOK_MEM_XXX_UNMAPPED andor UC_HOOK_MEM_XXX_PROT callbacks registered + * Invoke all UC_HOOK_MEM_XXX_UNMAPPED and/or UC_HOOK_MEM_XXX_PROT callbacks registered * for a specific Unicorn. * This function gets invoked from the native C callback registered for * for UC_HOOK_MEM_XXX_UNMAPPED or UC_HOOK_MEM_XXX_PROT @@ -173,7 +177,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S /** * Invoke all UC_HOOK_MEM_READ callbacks registered for a specific Unicorn. * This function gets invoked from the native C callback registered for - * for UC_HOOK_MEM_READ + * for UC_HOOK_MEM_READ * * @param eng A Unicorn uc_engine* eng returned by uc_open * @param address Address of instruction being executed @@ -193,7 +197,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S /** * Invoke all UC_HOOK_MEM_WRITE callbacks registered for a specific Unicorn. * This function gets invoked from the native C callback registered for - * for UC_HOOK_MEM_WRITE + * for UC_HOOK_MEM_WRITE * * @param eng A Unicorn uc_engine* eng returned by uc_open * @param address Address of instruction being executed @@ -215,7 +219,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S * Invoke all UC_HOOK_INSN callbacks registered for a specific Unicorn. * This is specifically for the x86 IN instruction. * This function gets invoked from the native C callback registered for - * for UC_HOOK_INSN + * for UC_HOOK_INSN * * @param eng A Unicorn uc_engine* eng returned by uc_open * @param port I/O Port number @@ -239,7 +243,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S * Invoke all UC_HOOK_INSN callbacks registered for a specific Unicorn. * This is specifically for the x86 OUT instruction. * This function gets invoked from the native C callback registered for - * for UC_HOOK_INSN + * for UC_HOOK_INSN * * @param eng A Unicorn uc_engine* eng returned by uc_open * @param port I/O Port number @@ -261,7 +265,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S * Invoke all UC_HOOK_INSN callbacks registered for a specific Unicorn. * This is specifically for the x86 SYSCALL and SYSENTER instruction. * This function gets invoked from the native C callback registered for - * for UC_HOOK_INSN + * for UC_HOOK_INSN * * @param eng A Unicorn uc_engine* eng returned by uc_open * @see hook_add, unicorn.SyscallHook @@ -277,7 +281,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S } } -/** +/** * Write to register. * * @param regid Register ID that is to be modified. @@ -285,7 +289,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S */ private native void reg_write_num(int regid, Number value) throws UnicornException; -/** +/** * Write to register. * * @param regid Register ID that is to be modified. @@ -310,15 +314,15 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S private native Number reg_read_mmr(int regid) throws UnicornException; /** - * Native access to uc_open + * Native access to uc_open * * @param arch Architecture type (UC_ARCH_*) * @param mode Hardware mode. This is combined of UC_MODE_* */ private native long open(int arch, int mode) throws UnicornException; - + /** - * Create a new Unicorn object + * Create a new Unicorn object * * @param arch Architecture type (UC_ARCH_*) * @param mode Hardware mode. This is combined of UC_MODE_* @@ -340,9 +344,9 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S allLists.add(outList); allLists.add(syscallList); } - + /** - * Perform native cleanup tasks associated with a Unicorn object + * Perform native cleanup tasks associated with a Unicorn object * */ protected void finalize() { @@ -369,17 +373,17 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S public native static boolean arch_supported(int arch); /** - * Close the underlying uc_engine* eng associated with this Unicorn object + * Close the underlying uc_engine* eng associated with this Unicorn object * */ public native void close() throws UnicornException; - + /** * Query internal status of engine. * * @param type query type. See UC_QUERY_* * @param result save the internal status queried - * + * * @return: error code. see UC_ERR_* * @see unicorn.UnicornConst */ @@ -403,7 +407,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S */ public native static String strerror(int code); -/** +/** * Write to register. * * @deprecated use reg_write(int regid, Object value) instead @@ -413,7 +417,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S @Deprecated public native void reg_write(int regid, byte[] value) throws UnicornException; -/** +/** * Write to register. * * @param regid Register ID that is to be modified. @@ -437,7 +441,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S /** * Read register value. * - * @deprecated use Object reg_write(int regid) instead + * @deprecated use Object reg_read(int regid) instead * @param regid Register ID that is to be retrieved. * @param regsz Size of the register being retrieved. * @return Byte array containing the requested register value. @@ -461,7 +465,36 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S } } -/** +/** + * Batch write register values. regids.length == vals.length or UC_ERR_ARG + * + * @param regids Array of register IDs to be written. + * @param vals Array of register values to be written. + */ + public void reg_write_batch(int regids[], Object vals[]) throws UnicornException { + if (regids.length != vals.length) { + throw new UnicornException(strerror(UC_ERR_ARG)); + } + for (int i = 0; i < regids.length; i++) { + reg_write(regids[i], vals[i]); + } + } + +/** + * Batch read register values. + * + * @param regids Array of register IDs to be read. + * @return Array containing the requested register values. + */ + public Object[] reg_read_batch(int regids[]) throws UnicornException { + Object[] vals = new Object[regids.length]; + for (int i = 0; i < regids.length; i++) { + vals[i] = reg_read(regids[i]); + } + return vals; + } + +/** * Write to memory. * * @param address Start addres of the memory region to be written. @@ -590,7 +623,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S } readList.add(new Tuple(callback, user_data)); } - + /** * Hook registration for UC_HOOK_MEM_WRITE hooks. The registered callback function will be * invoked whenever a memory write is performed within the address range begin <= write_addr <= end. For @@ -607,7 +640,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S } writeList.add(new Tuple(callback, user_data)); } - + /** * Hook registration for UC_HOOK_MEM_WRITE | UC_HOOK_MEM_WRITE hooks. The registered callback function will be * invoked whenever a memory write or read is performed within the address range begin <= addr <= end. For @@ -622,7 +655,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S hook_add((ReadHook)callback, begin, end, user_data); hook_add((WriteHook)callback, begin, end, user_data); } - + /** * Hook registration for UC_HOOK_MEM_XXX_UNMAPPED and UC_HOOK_MEM_XXX_PROT hooks. * The registered callback function will be invoked whenever a read or write is @@ -653,7 +686,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S } /** - * Hook registration for UC_HOOK_INSN hooks (x86 IN instruction only). The registered callback + * Hook registration for UC_HOOK_INSN hooks (x86 IN instruction only). The registered callback * function will be invoked whenever an x86 IN instruction is executed. * * @param callback Implementation of a InHook interface @@ -665,9 +698,9 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S } inList.add(new Tuple(callback, user_data)); } - + /** - * Hook registration for UC_HOOK_INSN hooks (x86 OUT instruction only). The registered callback + * Hook registration for UC_HOOK_INSN hooks (x86 OUT instruction only). The registered callback * function will be invoked whenever an x86 OUT instruction is executed. * * @param callback Implementation of a OutHook interface @@ -681,7 +714,7 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S } /** - * Hook registration for UC_HOOK_INSN hooks (x86 SYSCALL/SYSENTER instruction only). The registered callback + * Hook registration for UC_HOOK_INSN hooks (x86 SYSCALL/SYSENTER instruction only). The registered callback * function will be invoked whenever an x86 SYSCALL or SYSENTER instruction is executed. * * @param callback Implementation of a SyscallHook interface @@ -747,10 +780,45 @@ public class Unicorn implements UnicornConst, ArmConst, Arm64Const, M68kConst, S /** * Retrieve all memory regions mapped by mem_map() and mem_map_ptr() * NOTE: memory regions may be split by mem_unmap() - * + * * @return list of mapped regions. */ public native MemRegion[] mem_regions() throws UnicornException; +/** + * Allocate a region that can be used with uc_context_{save,restore} to perform + * quick save/rollback of the CPU context, which includes registers and some + * internal metadata. Contexts may not be shared across engine instances with + * differing arches or modes. + * + * @return context handle for use with save/restore. +*/ + public native long context_alloc(); + +/** + * Free the resource allocated by context_alloc. + * + * @param context handle previously returned by context_alloc. +*/ + public native void context_free(long context); + +/** + * Save a copy of the internal CPU context. + * This API should be used to efficiently make or update a saved copy of the + * internal CPU state. + * + * @param context handle previously returned by context_alloc. +*/ + public native void context_save(long context); + +/** + * Restore the current CPU context from a saved copy. + * This API should be used to roll the CPU context back to a previous + * state saved by uc_context_save(). + * + * @param context handle previously returned by context_alloc. +*/ + public native void context_restore(long context); + } diff --git a/bindings/java/unicorn_Unicorn.c b/bindings/java/unicorn_Unicorn.c index a1e6fbc7..bc9ca21a 100644 --- a/bindings/java/unicorn_Unicorn.c +++ b/bindings/java/unicorn_Unicorn.c @@ -83,7 +83,7 @@ static void cb_hookblock(uc_engine *eng, uint64_t address, uint32_t size, void * static void cb_hookintr(uc_engine *eng, uint32_t intno, void *user_data) { JNIEnv *env; (*cachedJVM)->AttachCurrentThread(cachedJVM, (void **)&env, NULL); - jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); + jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); if ((*env)->ExceptionCheck(env)) { return; } @@ -99,7 +99,7 @@ static uint32_t cb_insn_in(uc_engine *eng, uint32_t port, int size, void *user_d JNIEnv *env; uint32_t res = 0; (*cachedJVM)->AttachCurrentThread(cachedJVM, (void **)&env, NULL); - jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); + jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); if ((*env)->ExceptionCheck(env)) { return 0; } @@ -115,7 +115,7 @@ static uint32_t cb_insn_in(uc_engine *eng, uint32_t port, int size, void *user_d static void cb_insn_out(uc_engine *eng, uint32_t port, int size, uint32_t value, void *user_data) { JNIEnv *env; (*cachedJVM)->AttachCurrentThread(cachedJVM, (void **)&env, NULL); - jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); + jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); if ((*env)->ExceptionCheck(env)) { return; } @@ -127,7 +127,7 @@ static void cb_insn_out(uc_engine *eng, uint32_t port, int size, uint32_t value, static void cb_insn_syscall(uc_engine *eng, void *user_data) { JNIEnv *env; (*cachedJVM)->AttachCurrentThread(cachedJVM, (void **)&env, NULL); - jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); + jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); if ((*env)->ExceptionCheck(env)) { return; } @@ -145,7 +145,7 @@ static void cb_hookmem(uc_engine *eng, uc_mem_type type, uint64_t address, int size, int64_t value, void *user_data) { JNIEnv *env; (*cachedJVM)->AttachCurrentThread(cachedJVM, (void **)&env, NULL); - jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); + jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); if ((*env)->ExceptionCheck(env)) { return; } @@ -171,7 +171,7 @@ static bool cb_eventmem(uc_engine *eng, uc_mem_type type, uint64_t address, int size, int64_t value, void *user_data) { JNIEnv *env; (*cachedJVM)->AttachCurrentThread(cachedJVM, (void **)&env, NULL); - jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); + jclass clz = (*env)->FindClass(env, "unicorn/Unicorn"); if ((*env)->ExceptionCheck(env)) { return false; } @@ -359,7 +359,7 @@ JNIEXPORT void JNICALL Java_unicorn_Unicorn_close if (err != UC_ERR_OK) { throwException(env, err); } - //We also need to ReleaseByteArrayElements for any regions that + //We also need to ReleaseByteArrayElements for any regions that //were mapped with uc_mem_map_ptr } @@ -398,7 +398,7 @@ JNIEXPORT jint JNICALL Java_unicorn_Unicorn_errno JNIEXPORT jstring JNICALL Java_unicorn_Unicorn_strerror (JNIEnv *env, jclass clz, jint code) { const char *err = uc_strerror((int)code); - jstring s = (*env)->NewStringUTF(env, err); + jstring s = (*env)->NewStringUTF(env, err); return s; } @@ -616,9 +616,9 @@ JNIEXPORT jlong JNICALL Java_unicorn_Unicorn_registerHook__JIJJ JNIEXPORT void JNICALL Java_unicorn_Unicorn_hook_1del (JNIEnv *env, jobject self, jlong hh) { uc_engine *eng = getEngine(env, self); - + //**** TODO remove hook from any internal hook tables as well - + uc_err err = uc_hook_del(eng, (uc_hook)hh); if (err != UC_ERR_OK) { throwException(env, err); @@ -719,6 +719,63 @@ JNIEXPORT jobjectArray JNICALL Java_unicorn_Unicorn_mem_1regions (*env)->SetObjectArrayElement(env, result, (jsize)i, mr); } free(regions); - + return result; } + +/* + * Class: unicorn_Unicorn + * Method: context_alloc + * Signature: ()J + */ +JNIEXPORT jlong JNICALL Java_unicorn_Unicorn_context_1alloc + (JNIEnv *env, jobject self) { + uc_engine *eng = getEngine(env, self); + uc_context *ctx; + uc_err err = uc_context_alloc(eng, &ctx); + if (err != UC_ERR_OK) { + throwException(env, err); + } + return (jlong)(uint64_t)ctx; +} + +/* + * Class: unicorn_Unicorn + * Method: context_free + * Signature: (J)V + */ +JNIEXPORT void JNICALL Java_unicorn_Unicorn_context_1free + (JNIEnv *env, jobject self, jlong ctx) { + uc_err err = uc_context_free((uc_context*)ctx); + if (err != UC_ERR_OK) { + throwException(env, err); + } +} + +/* + * Class: unicorn_Unicorn + * Method: context_save + * Signature: (J)V + */ +JNIEXPORT void JNICALL Java_unicorn_Unicorn_context_1save + (JNIEnv *env, jobject self, jlong ctx) { + uc_engine *eng = getEngine(env, self); + uc_err err = uc_context_save(eng, (uc_context*)ctx); + if (err != UC_ERR_OK) { + throwException(env, err); + } +} + +/* + * Class: unicorn_Unicorn + * Method: context_restore + * Signature: (J)V + */ +JNIEXPORT void JNICALL Java_unicorn_Unicorn_context_1restore + (JNIEnv *env, jobject self, jlong ctx) { + uc_engine *eng = getEngine(env, self); + uc_err err = uc_context_restore(eng, (uc_context*)ctx); + if (err != UC_ERR_OK) { + throwException(env, err); + } +}