merge from upstream
This commit is contained in:
Chris Eagle
commit
6991d69dad
@ -62,9 +62,14 @@ type UcOptions struct {
|
||||
Timeout, Count uint64
|
||||
}
|
||||
|
||||
func NewUnicorn(arch, mode int) (Unicorn, error) {
|
||||
func Version() (int, int) {
|
||||
var major, minor C.uint
|
||||
C.uc_version(&major, &minor)
|
||||
return int(major), int(minor)
|
||||
}
|
||||
|
||||
func NewUnicorn(arch, mode int) (Unicorn, error) {
|
||||
major, minor := Version()
|
||||
if major != C.UC_API_MAJOR || minor != C.UC_API_MINOR {
|
||||
return nil, UcError(ERR_VERSION)
|
||||
}
|
||||
|
||||
@ -36,7 +36,7 @@ public class Sample_x86_mmr {
|
||||
}
|
||||
|
||||
// map 4k
|
||||
uc.mem_map(ADDRESS, 0x1000, Unicorn.UC_PROT_ALL);
|
||||
uc.mem_map(0x400000, 0x1000, Unicorn.UC_PROT_ALL);
|
||||
|
||||
X86_MMR ldtr1 = new X86_MMR(0x1111111122222222L, 0x33333333, 0x44444444, (short)0x5555);
|
||||
X86_MMR ldtr2;
|
||||
|
||||
@ -519,7 +519,7 @@ JNIEXPORT jlong JNICALL Java_unicorn_Unicorn_registerHook__JI
|
||||
if (invokeInterruptCallbacks == 0) {
|
||||
invokeInterruptCallbacks = (*env)->GetStaticMethodID(env, clz, "invokeInterruptCallbacks", "(JI)V");
|
||||
}
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookintr, env);
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookintr, env, 1, 0);
|
||||
break;
|
||||
case UC_HOOK_MEM_FETCH_UNMAPPED: // Hook for all invalid memory access events
|
||||
case UC_HOOK_MEM_READ_UNMAPPED: // Hook for all invalid memory access events
|
||||
@ -530,7 +530,7 @@ JNIEXPORT jlong JNICALL Java_unicorn_Unicorn_registerHook__JI
|
||||
if (invokeEventMemCallbacks == 0) {
|
||||
invokeEventMemCallbacks = (*env)->GetStaticMethodID(env, clz, "invokeEventMemCallbacks", "(JIJIJ)Z");
|
||||
}
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_eventmem, env);
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_eventmem, env, 1, 0);
|
||||
break;
|
||||
}
|
||||
return (jlong)hh;
|
||||
@ -552,18 +552,18 @@ JNIEXPORT jlong JNICALL Java_unicorn_Unicorn_registerHook__JII
|
||||
if (invokeOutCallbacks == 0) {
|
||||
invokeOutCallbacks = (*env)->GetStaticMethodID(env, clz, "invokeOutCallbacks", "(JIII)V");
|
||||
}
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_insn_out, env, arg1);
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_insn_out, env, 1, 0, arg1);
|
||||
case UC_X86_INS_IN:
|
||||
if (invokeInCallbacks == 0) {
|
||||
invokeInCallbacks = (*env)->GetStaticMethodID(env, clz, "invokeInCallbacks", "(JII)I");
|
||||
}
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_insn_in, env, arg1);
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_insn_in, env, 1, 0, arg1);
|
||||
case UC_X86_INS_SYSENTER:
|
||||
case UC_X86_INS_SYSCALL:
|
||||
if (invokeSyscallCallbacks == 0) {
|
||||
invokeSyscallCallbacks = (*env)->GetStaticMethodID(env, clz, "invokeSyscallCallbacks", "(J)V");
|
||||
}
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_insn_syscall, env, arg1);
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_insn_syscall, env, 1, 0, arg1);
|
||||
}
|
||||
break;
|
||||
}
|
||||
@ -584,25 +584,25 @@ JNIEXPORT jlong JNICALL Java_unicorn_Unicorn_registerHook__JIJJ
|
||||
if (invokeCodeCallbacks == 0) {
|
||||
invokeCodeCallbacks = (*env)->GetStaticMethodID(env, clz, "invokeCodeCallbacks", "(JJI)V");
|
||||
}
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookcode, env, arg1, arg2);
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookcode, env, 1, 0, arg1, arg2);
|
||||
break;
|
||||
case UC_HOOK_BLOCK: // Hook basic blocks
|
||||
if (invokeBlockCallbacks == 0) {
|
||||
invokeBlockCallbacks = (*env)->GetStaticMethodID(env, clz, "invokeBlockCallbacks", "(JJI)V");
|
||||
}
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookblock, env, arg1, arg2);
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookblock, env, 1, 0, arg1, arg2);
|
||||
break;
|
||||
case UC_HOOK_MEM_READ: // Hook all memory read events.
|
||||
if (invokeReadCallbacks == 0) {
|
||||
invokeReadCallbacks = (*env)->GetStaticMethodID(env, clz, "invokeReadCallbacks", "(JJI)V");
|
||||
}
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookmem, env, arg1, arg2);
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookmem, env, 1, 0, arg1, arg2);
|
||||
break;
|
||||
case UC_HOOK_MEM_WRITE: // Hook all memory write events.
|
||||
if (invokeWriteCallbacks == 0) {
|
||||
invokeWriteCallbacks = (*env)->GetStaticMethodID(env, clz, "invokeWriteCallbacks", "(JJIJ)V");
|
||||
}
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookmem, env, arg1, arg2);
|
||||
err = uc_hook_add((uc_engine*)eng, &hh, (uc_hook_type)type, cb_hookmem, env, 1, 0, arg1, arg2);
|
||||
break;
|
||||
}
|
||||
return (jlong)hh;
|
||||
|
||||
@ -26,7 +26,6 @@ VALUE m_uc_reg_write(VALUE self, VALUE reg_id, VALUE reg_value);
|
||||
VALUE m_uc_mem_read(VALUE self, VALUE address, VALUE size);
|
||||
VALUE m_uc_mem_write(VALUE self, VALUE address, VALUE bytes);
|
||||
VALUE m_uc_mem_map(int argc, VALUE* argv, VALUE self);
|
||||
//VALUE m_uc_mem_map_ptr(VALUE self, VALUE address, VALUE size, VALUE perms, VALUE ptr);
|
||||
VALUE m_uc_mem_unmap(VALUE self, VALUE address, VALUE size);
|
||||
VALUE m_uc_mem_protect(VALUE self, VALUE address, VALUE size, VALUE perms);
|
||||
VALUE m_uc_hook_add(int argc, VALUE* argv, VALUE self);
|
||||
|
||||
@ -63,8 +63,6 @@
|
||||
|
||||
#include "uc_priv.h"
|
||||
|
||||
#define USE_STATIC_CODE_GEN_BUFFER
|
||||
|
||||
//#define DEBUG_TB_INVALIDATE
|
||||
//#define DEBUG_FLUSH
|
||||
/* make various TB consistency checks */
|
||||
@ -501,7 +499,7 @@ static inline PageDesc *page_find(struct uc_struct *uc, tb_page_addr_t index)
|
||||
# define MAX_CODE_GEN_BUFFER_SIZE ((size_t)-1)
|
||||
#endif
|
||||
|
||||
#define DEFAULT_CODE_GEN_BUFFER_SIZE_1 (32u * 1024 * 1024)
|
||||
#define DEFAULT_CODE_GEN_BUFFER_SIZE_1 (8 * 1024 * 1024)
|
||||
|
||||
#define DEFAULT_CODE_GEN_BUFFER_SIZE \
|
||||
(DEFAULT_CODE_GEN_BUFFER_SIZE_1 < MAX_CODE_GEN_BUFFER_SIZE \
|
||||
@ -520,7 +518,7 @@ static inline size_t size_code_gen_buffer(struct uc_struct *uc, size_t tb_size)
|
||||
/* ??? If we relax the requirement that CONFIG_USER_ONLY use the
|
||||
static buffer, we could size this on RESERVED_VA, on the text
|
||||
segment size of the executable, or continue to use the default. */
|
||||
tb_size = (unsigned long)(uc->ram_size / 4);
|
||||
tb_size = (unsigned long)DEFAULT_CODE_GEN_BUFFER_SIZE;
|
||||
#endif
|
||||
}
|
||||
if (tb_size < MIN_CODE_GEN_BUFFER_SIZE) {
|
||||
|
||||
@ -75,7 +75,7 @@ ARCHIVE = $(LIBDIR)/lib$(LIBNAME).$(AR_EXT)
|
||||
endif
|
||||
endif
|
||||
|
||||
.PHONY: all clean
|
||||
.PHONY: all clean clean_bins clean_libs
|
||||
|
||||
UNICORN_ARCHS := $(shell if [ -e ../config.log ]; then cat ../config.log;\
|
||||
else printf "$(UNICORN_ARCHS)"; fi)
|
||||
@ -110,13 +110,17 @@ OBJS = $(addprefix $(OBJDIR)/,$(SOURCES:.c=.o))
|
||||
OBJS_ELF = $(addprefix $(OBJDIR)/,$(SOURCES:.c=))
|
||||
BINARY = $(addprefix $(SAMPLEDIR)/,$(SOURCES:.c=$(BIN_EXT)))
|
||||
|
||||
all: $(BINARY)
|
||||
all: clean_bins $(BINARY)
|
||||
|
||||
clean:
|
||||
clean_bins:
|
||||
rm -rf *.o $(OBJS_ELF) $(BINARY) $(SAMPLEDIR)/*.exe $(SAMPLEDIR)/*.static $(OBJDIR)/lib$(LIBNAME)* $(OBJDIR)/$(LIBNAME)*
|
||||
rm -rf libunicorn*.so libunicorn*.lib libunicorn*.dylib unicorn*.dll unicorn*.lib
|
||||
rm -rf sample_x86 sample_arm sample_arm64 sample_mips sample_sparc sample_ppc sample_m68k shellcode mem_apis sample_x86_32_gdt_and_seg_regs
|
||||
|
||||
clean_libs:
|
||||
rm -rf libunicorn*.so libunicorn*.lib libunicorn*.dylib unicorn*.dll unicorn*.lib
|
||||
|
||||
clean: clean_bins clean_libs
|
||||
|
||||
$(BINARY): $(OBJS)
|
||||
|
||||
$(SAMPLEDIR)/%$(BIN_EXT): $(OBJDIR)/%.o
|
||||
|
||||
@ -154,10 +154,7 @@ static void gdt_demo() {
|
||||
uc_hook hook1, hook2;
|
||||
uc_err err;
|
||||
uint8_t buf[128];
|
||||
uc_x86_mmr idtr;
|
||||
uc_x86_mmr gdtr;
|
||||
uc_x86_mmr ldtr;
|
||||
uc_x86_mmr tr;
|
||||
|
||||
/*
|
||||
bits 32
|
||||
|
||||
@ -65,7 +65,7 @@ int main() {
|
||||
|
||||
uc_hook h1, h2;
|
||||
|
||||
err = uc_hook_add(uc, &h1, UC_HOOK_BLOCK, cb_hookblock, NULL, (uint64_t)1, (uint64_t)0);
|
||||
err = uc_hook_add(uc, &h1, UC_HOOK_BLOCK, cb_hookblock, NULL, 1, 0);
|
||||
if (err != UC_ERR_OK) {
|
||||
fprintf(stderr, "not ok %d - %s\n", count++, uc_strerror(err));
|
||||
exit(0);
|
||||
|
||||
@ -120,10 +120,10 @@ static void VM_exec()
|
||||
uc_reg_write(uc, UC_X86_REG_EDI, &r_edi);
|
||||
uc_reg_write(uc, UC_X86_REG_EFLAGS, &eflags);
|
||||
|
||||
uc_hook_add(uc, &trace1, UC_HOOK_MEM_READ_UNMAPPED | UC_HOOK_MEM_WRITE_UNMAPPED, (void *)hook_invalid_mem, NULL);
|
||||
uc_hook_add(uc, &trace1, UC_HOOK_MEM_READ_UNMAPPED | UC_HOOK_MEM_WRITE_UNMAPPED, (void *)hook_invalid_mem, NULL, 1, 0);
|
||||
|
||||
// tracing all instruction by having @begin > @end
|
||||
uc_hook_add(uc, &trace2, UC_HOOK_CODE, (void *)hook_ins, NULL, (uint64_t)1, (uint64_t)0);
|
||||
uc_hook_add(uc, &trace2, UC_HOOK_CODE, (void *)hook_ins, NULL, 1, 0);
|
||||
|
||||
// emulate machine code in infinite time
|
||||
err = uc_emu_start(uc, ADDRESS, ADDRESS + (sizeof(X86_CODE32) - 1), 0, 0);
|
||||
|
||||
@ -112,7 +112,7 @@ int main() {
|
||||
|
||||
uc_hook h1;
|
||||
|
||||
err = uc_hook_add(uc, &h1, UC_HOOK_MEM_UNMAPPED, cb_hookunmapped, NULL);
|
||||
err = uc_hook_add(uc, &h1, UC_HOOK_MEM_UNMAPPED, cb_hookunmapped, NULL, 1, 0);
|
||||
if (err != UC_ERR_OK) {
|
||||
fprintf(stderr, "not ok %d - %s\n", count++, uc_strerror(err));
|
||||
exit(0);
|
||||
|
||||
@ -98,7 +98,7 @@ int main(int argc, char **argv, char **envp)
|
||||
|
||||
// hook all instructions by having @begin > @end
|
||||
printf("uc_hook_add()\n");
|
||||
uc_hook_add(uc, &hhc, UC_HOOK_CODE, mips_codehook, NULL, (uint64_t)1, (uint64_t)0);
|
||||
uc_hook_add(uc, &hhc, UC_HOOK_CODE, mips_codehook, NULL, 1, 0);
|
||||
if( err )
|
||||
{
|
||||
printf("Failed on uc_hook_add(code) with error returned: %u\n", err);
|
||||
|
||||
@ -58,7 +58,7 @@ static void VM_exec()
|
||||
uc_reg_write(uc, UC_X86_REG_ESP, &r_esp); //make stack pointer point to already mapped memory so we don't need to hook.
|
||||
uc_reg_write(uc, UC_X86_REG_EFLAGS, &eflags);
|
||||
|
||||
uc_hook_add(uc, &trace, UC_HOOK_CODE, (void *)hook_ins, NULL, (uint64_t)1, (uint64_t)0);
|
||||
uc_hook_add(uc, &trace, UC_HOOK_CODE, (void *)hook_ins, NULL, 1, 0);
|
||||
|
||||
// emulate machine code in infinite time
|
||||
err = uc_emu_start(uc, ADDRESS, ADDRESS + (sizeof(X86_CODE32) - 1), 0, 0);
|
||||
|
||||
@ -25,7 +25,7 @@ int main(int argc, char **argv, char **envp) {
|
||||
return 1;
|
||||
}
|
||||
uc_hook hook;
|
||||
uc_hook_add(uc, &hook, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
|
||||
uc_hook_add(uc, &hook, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
|
||||
printf("uc_emu_start(…)\n");
|
||||
uc_emu_start(uc, STARTING_ADDRESS, STARTING_ADDRESS + sizeof(BINARY) - 1, 0, 20);
|
||||
printf("done\n");
|
||||
|
||||
@ -205,7 +205,7 @@ int main(int argc, char **argv, char **envp)
|
||||
printf("ok %d - Program written to memory\n", log_num++);
|
||||
}
|
||||
|
||||
if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install UC_HOOK_CODE ucr\n", log_num++);
|
||||
return 6;
|
||||
} else {
|
||||
@ -213,7 +213,7 @@ int main(int argc, char **argv, char **envp)
|
||||
}
|
||||
|
||||
// intercept memory write events
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE, hook_mem_write, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE, hook_mem_write, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install UC_HOOK_MEM_WRITE ucr\n", log_num++);
|
||||
return 7;
|
||||
} else {
|
||||
@ -221,7 +221,7 @@ int main(int argc, char **argv, char **envp)
|
||||
}
|
||||
|
||||
// intercept invalid memory events
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE_PROT | UC_HOOK_MEM_FETCH_PROT, hook_mem_invalid, NULL) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE_PROT | UC_HOOK_MEM_FETCH_PROT, hook_mem_invalid, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install memory invalid handler\n", log_num++);
|
||||
return 8;
|
||||
} else {
|
||||
|
||||
@ -213,7 +213,7 @@ int main(int argc, char **argv, char **envp)
|
||||
printf("ok %d - Program written to memory\n", log_num++);
|
||||
}
|
||||
|
||||
if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install UC_HOOK_CODE ucr\n", log_num++);
|
||||
return 5;
|
||||
} else {
|
||||
@ -221,7 +221,7 @@ int main(int argc, char **argv, char **envp)
|
||||
}
|
||||
|
||||
// intercept memory write events
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE, hook_mem_write, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE, hook_mem_write, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install UC_HOOK_MEM_WRITE ucr\n", log_num++);
|
||||
return 6;
|
||||
} else {
|
||||
@ -229,7 +229,7 @@ int main(int argc, char **argv, char **envp)
|
||||
}
|
||||
|
||||
// intercept invalid memory events
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE_PROT, hook_mem_invalid, NULL) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE_PROT, hook_mem_invalid, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install memory invalid handler\n", log_num++);
|
||||
return 7;
|
||||
} else {
|
||||
|
||||
@ -208,7 +208,7 @@ int main(int argc, char **argv, char **envp)
|
||||
printf("ok %d - Program written to memory\n", log_num++);
|
||||
}
|
||||
|
||||
if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install UC_HOOK_CODE ucr\n", log_num++);
|
||||
return 5;
|
||||
} else {
|
||||
@ -216,7 +216,7 @@ int main(int argc, char **argv, char **envp)
|
||||
}
|
||||
|
||||
// intercept memory write events
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE, hook_mem_write, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE, hook_mem_write, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install UC_HOOK_MEM_WRITE ucr\n", log_num++);
|
||||
return 6;
|
||||
} else {
|
||||
@ -224,7 +224,7 @@ int main(int argc, char **argv, char **envp)
|
||||
}
|
||||
|
||||
// intercept invalid memory events
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE_UNMAPPED, hook_mem_invalid, NULL) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE_UNMAPPED, hook_mem_invalid, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install memory invalid handler\n", log_num++);
|
||||
return 7;
|
||||
} else {
|
||||
|
||||
@ -107,7 +107,7 @@ int main(int argc, char **argv, char **envp)
|
||||
|
||||
// hook all instructions by having @begin > @end
|
||||
printf("uc_hook_add()\n");
|
||||
uc_hook_add(uc, &hhc, UC_HOOK_CODE, mips_codehook, NULL, (uint64_t)1, (uint64_t)0);
|
||||
uc_hook_add(uc, &hhc, UC_HOOK_CODE, mips_codehook, NULL, 1, 0);
|
||||
if( err )
|
||||
{
|
||||
printf("Failed on uc_hook_add(code) with error returned: %u\n", err);
|
||||
|
||||
@ -100,7 +100,7 @@ int main(int argc, char **argv, char **envp)
|
||||
}
|
||||
|
||||
// hook all instructions by having @begin > @end
|
||||
uc_hook_add(uc, &hhc, UC_HOOK_CODE, mips_codehook, NULL, (uint64_t)1, (uint64_t)0);
|
||||
uc_hook_add(uc, &hhc, UC_HOOK_CODE, mips_codehook, NULL, 1, 0);
|
||||
if( err )
|
||||
{
|
||||
printf("Failed on uc_hook_add(code) with error returned: %u\n", err);
|
||||
|
||||
@ -25,7 +25,7 @@ int main(int argc, char **argv, char **envp) {
|
||||
return 1;
|
||||
}
|
||||
uc_hook trace;
|
||||
uc_hook_add(uc, &trace, UC_HOOK_CODE, hook_code, NULL, (uint64_t)MEMORY_STARTING_ADDRESS, (uint64_t)(MEMORY_STARTING_ADDRESS + 1));
|
||||
uc_hook_add(uc, &trace, UC_HOOK_CODE, hook_code, NULL, MEMORY_STARTING_ADDRESS, MEMORY_STARTING_ADDRESS + 1);
|
||||
printf("uc_emu_start(…)\n");
|
||||
uc_emu_start(uc, MEMORY_STARTING_ADDRESS, MEMORY_STARTING_ADDRESS + sizeof(BINARY_CODE) - 1, 0, 0);
|
||||
printf("done\n");
|
||||
|
||||
@ -83,10 +83,10 @@ int main(int argc, char **argv, char **envp)
|
||||
uc_mem_write(uc, 0x300000, (const uint8_t*)"\x41\x41\x41\x41", 4);
|
||||
uc_mem_write(uc, 0x400000, (const uint8_t*)"\x42\x42\x42\x42", 4);
|
||||
|
||||
//uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)0x400000, (uint64_t)0x400fff);
|
||||
//uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 0x400000, 0x400fff);
|
||||
|
||||
// intercept invalid memory events
|
||||
uc_hook_add(uc, &trace1, UC_MEM_READ_PROT, hook_mem_invalid, NULL);
|
||||
uc_hook_add(uc, &trace1, UC_MEM_READ_PROT, hook_mem_invalid, NULL, 1, 0);
|
||||
|
||||
// emulate machine code in infinite time
|
||||
printf("BEGIN execution\n");
|
||||
|
||||
@ -129,7 +129,7 @@ int main(int argc, char **argv, char **envp)
|
||||
printf("ok %d - Program written to memory\n", log_num++);
|
||||
}
|
||||
|
||||
if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install UC_HOOK_CODE handler\n", log_num++);
|
||||
return 5;
|
||||
}
|
||||
@ -138,7 +138,7 @@ int main(int argc, char **argv, char **envp)
|
||||
}
|
||||
|
||||
// intercept memory write events only, NOT read events
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE, hook_mem_write, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
|
||||
if (uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE, hook_mem_write, NULL, 1, 0) != UC_ERR_OK) {
|
||||
printf("not ok %d - Failed to install UC_HOOK_MEM_WRITE handler\n", log_num++);
|
||||
return 6;
|
||||
}
|
||||
|
||||
@ -139,10 +139,10 @@ int main(int argc, char **argv, char **envp)
|
||||
printf("Allowed to write to read only memory via uc_mem_write\n");
|
||||
}
|
||||
|
||||
//uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)0x400000, (uint64_t)0x400fff);
|
||||
//uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 0x400000, 0x400fff);
|
||||
|
||||
// intercept invalid memory events
|
||||
uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE_UNMAPPED | UC_HOOK_MEM_WRITE_PROT, hook_mem_invalid, NULL);
|
||||
uc_hook_add(uc, &trace1, UC_HOOK_MEM_WRITE_UNMAPPED | UC_HOOK_MEM_WRITE_PROT, hook_mem_invalid, NULL, 1, 0);
|
||||
|
||||
// emulate machine code in infinite time
|
||||
printf("BEGIN execution - 1\n");
|
||||
|
||||
0
tests/regress/tcg_liveness_analysis_bug_issue-287.py
Normal file → Executable file
0
tests/regress/tcg_liveness_analysis_bug_issue-287.py
Normal file → Executable file
@ -164,7 +164,7 @@ int main(int argc, char **argv, char **envp)
|
||||
|
||||
// hook all instructions by having @begin > @end
|
||||
printf("uc_hook_add()\n");
|
||||
uc_hook_add(uc, &hhc, UC_HOOK_CODE, mips_codehook, NULL, (uint64_t)1, (uint64_t)0);
|
||||
uc_hook_add(uc, &hhc, UC_HOOK_CODE, mips_codehook, NULL, 1, 0);
|
||||
if( err )
|
||||
{
|
||||
printf("Failed on uc_hook_add(code) with error returned: %u\n", err);
|
||||
|
||||
@ -67,10 +67,10 @@ static void test_arm(void)
|
||||
uc_reg_write(uc, UC_ARM_REG_R3, &r3);
|
||||
|
||||
// tracing all basic blocks with customized callback
|
||||
uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
|
||||
uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
|
||||
|
||||
// tracing one instruction at ADDRESS with customized callback
|
||||
uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)ADDRESS, (uint64_t)ADDRESS);
|
||||
uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, ADDRESS, ADDRESS);
|
||||
|
||||
// emulate machine code in infinite time (last param = 0), or when
|
||||
// finishing all the code.
|
||||
@ -118,10 +118,10 @@ static void test_thumb(void)
|
||||
uc_reg_write(uc, UC_ARM_REG_SP, &sp);
|
||||
|
||||
// tracing all basic blocks with customized callback
|
||||
uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
|
||||
uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
|
||||
|
||||
// tracing one instruction at ADDRESS with customized callback
|
||||
uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)ADDRESS, (uint64_t)ADDRESS);
|
||||
uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, ADDRESS, ADDRESS);
|
||||
|
||||
// emulate machine code in infinite time (last param = 0), or when
|
||||
// finishing all the code.
|
||||
|
||||
94
tests/regress/x86_gdt.py
Executable file
94
tests/regress/x86_gdt.py
Executable file
@ -0,0 +1,94 @@
|
||||
#!/usr/bin/env python
|
||||
from unicorn import *
|
||||
from unicorn.x86_const import *
|
||||
from struct import pack
|
||||
|
||||
import regress
|
||||
|
||||
F_GRANULARITY = 0x8
|
||||
F_PROT_32 = 0x4
|
||||
F_LONG = 0x2
|
||||
F_AVAILABLE = 0x1
|
||||
|
||||
A_PRESENT = 0x80
|
||||
|
||||
A_PRIV_3 = 0x60
|
||||
A_PRIV_2 = 0x40
|
||||
A_PRIV_1 = 0x20
|
||||
A_PRIV_0 = 0x0
|
||||
|
||||
A_CODE = 0x10
|
||||
A_DATA = 0x10
|
||||
A_TSS = 0x0
|
||||
A_GATE = 0x0
|
||||
|
||||
A_DATA_WRITABLE = 0x2
|
||||
A_CODE_READABLE = 0x2
|
||||
|
||||
A_DIR_CON_BIT = 0x4
|
||||
|
||||
S_GDT = 0x0
|
||||
S_LDT = 0x4
|
||||
S_PRIV_3 = 0x3
|
||||
S_PRIV_2 = 0x2
|
||||
S_PRIV_1 = 0x1
|
||||
S_PRIV_0 = 0x0
|
||||
|
||||
CODE = '65330d18000000'.decode('hex') # xor ecx, dword ptr gs:[0x18]
|
||||
|
||||
def create_selector(idx, flags):
|
||||
to_ret = flags
|
||||
to_ret |= idx << 3
|
||||
return to_ret
|
||||
|
||||
def create_gdt_entry(base, limit, access, flags):
|
||||
|
||||
to_ret = limit & 0xffff;
|
||||
to_ret |= (base & 0xffffff) << 16;
|
||||
to_ret |= (access & 0xff) << 40;
|
||||
to_ret |= ((limit >> 16) & 0xf) << 48;
|
||||
to_ret |= (flags & 0xff) << 52;
|
||||
to_ret |= ((base >> 24) & 0xff) << 56;
|
||||
return pack('<Q',to_ret)
|
||||
|
||||
def hook_mem_read(uc, type, addr,*args):
|
||||
print(hex(addr))
|
||||
return False
|
||||
|
||||
CODE_ADDR = 0x40000
|
||||
CODE_SIZE = 0x1000
|
||||
|
||||
GDT_ADDR = 0x3000
|
||||
GDT_LIMIT = 0x1000
|
||||
GDT_ENTRY_SIZE = 0x8
|
||||
|
||||
SEGMENT_ADDR = 0x5000
|
||||
SEGMENT_SIZE = 0x1000
|
||||
|
||||
class GdtRead(regress.RegressTest):
|
||||
|
||||
def test_gdt(self):
|
||||
uc = Uc(UC_ARCH_X86, UC_MODE_32)
|
||||
uc.hook_add(UC_HOOK_MEM_READ_UNMAPPED, hook_mem_read)
|
||||
|
||||
uc.mem_map(GDT_ADDR, GDT_LIMIT)
|
||||
uc.mem_map(SEGMENT_ADDR, SEGMENT_SIZE)
|
||||
uc.mem_map(CODE_ADDR, CODE_SIZE)
|
||||
|
||||
uc.mem_write(CODE_ADDR, CODE)
|
||||
uc.mem_write(SEGMENT_ADDR+0x18, 'AAAA')
|
||||
|
||||
gdt_entry = create_gdt_entry(SEGMENT_ADDR, SEGMENT_SIZE, A_PRESENT | A_DATA | A_DATA_WRITABLE | A_PRIV_3 | A_DIR_CON_BIT, F_PROT_32)
|
||||
uc.mem_write(GDT_ADDR + 8, gdt_entry)
|
||||
|
||||
uc.reg_write(UC_X86_REG_GDTR, (0, GDT_ADDR, GDT_LIMIT, 0x0))
|
||||
|
||||
selector = create_selector(1, S_GDT | S_PRIV_3)
|
||||
uc.reg_write(UC_X86_REG_GS, selector)
|
||||
|
||||
uc.emu_start(CODE_ADDR, CODE_ADDR+len(CODE))
|
||||
|
||||
self.assertEqual(uc.read_reg(UC_X86_REG_ECX), 0x41414141)
|
||||
|
||||
if __name__ == '__main__':
|
||||
regress.main()
|
||||
Loading…
Reference in New Issue
Block a user