127 lines
3.9 KiB
C
127 lines
3.9 KiB
C
#include "unicorn_test.h"
|
|
|
|
static void test_map_correct()
|
|
{
|
|
uc_engine *uc;
|
|
|
|
OK(uc_open(UC_ARCH_X86, UC_MODE_64, &uc));
|
|
OK(uc_mem_map(uc, 0x40000, 0x1000 * 16, UC_PROT_ALL)); // [0x40000, 0x50000]
|
|
OK(uc_mem_map(uc, 0x60000, 0x1000 * 16, UC_PROT_ALL)); // [0x60000, 0x70000]
|
|
OK(uc_mem_map(uc, 0x20000, 0x1000 * 16, UC_PROT_ALL)); // [0x20000, 0x30000]
|
|
uc_assert_err(UC_ERR_MAP,
|
|
uc_mem_map(uc, 0x10000, 0x2000 * 16, UC_PROT_ALL));
|
|
uc_assert_err(UC_ERR_MAP,
|
|
uc_mem_map(uc, 0x25000, 0x1000 * 16, UC_PROT_ALL));
|
|
uc_assert_err(UC_ERR_MAP,
|
|
uc_mem_map(uc, 0x35000, 0x1000 * 16, UC_PROT_ALL));
|
|
uc_assert_err(UC_ERR_MAP,
|
|
uc_mem_map(uc, 0x45000, 0x1000 * 16, UC_PROT_ALL));
|
|
uc_assert_err(UC_ERR_MAP,
|
|
uc_mem_map(uc, 0x55000, 0x2000 * 16, UC_PROT_ALL));
|
|
OK(uc_mem_map(uc, 0x35000, 0x5000, UC_PROT_ALL));
|
|
OK(uc_mem_map(uc, 0x50000, 0x5000, UC_PROT_ALL));
|
|
|
|
OK(uc_close(uc));
|
|
}
|
|
|
|
static void test_map_wrapping()
|
|
{
|
|
uc_engine *uc;
|
|
|
|
OK(uc_open(UC_ARCH_X86, UC_MODE_64, &uc));
|
|
uc_assert_err(UC_ERR_ARG, uc_mem_map(uc, (~0ll - 0x4000) & ~0xfff, 0x8000,
|
|
UC_PROT_ALL));
|
|
|
|
OK(uc_close(uc));
|
|
}
|
|
|
|
static void test_mem_protect()
|
|
{
|
|
uc_engine *qc;
|
|
int r_eax = 0x2000;
|
|
int r_esi = 0xdeadbeef;
|
|
uint32_t mem;
|
|
// add [eax + 4], esi
|
|
char code[] = {0x01, 0x70, 0x04};
|
|
|
|
OK(uc_open(UC_ARCH_X86, UC_MODE_32, &qc));
|
|
OK(uc_reg_write(qc, UC_X86_REG_EAX, &r_eax));
|
|
OK(uc_reg_write(qc, UC_X86_REG_ESI, &r_esi));
|
|
OK(uc_mem_map(qc, 0x1000, 0x1000, UC_PROT_READ | UC_PROT_EXEC));
|
|
OK(uc_mem_map(qc, 0x2000, 0x1000, UC_PROT_READ));
|
|
OK(uc_mem_protect(qc, 0x2000, 0x1000, UC_PROT_READ | UC_PROT_WRITE));
|
|
OK(uc_mem_write(qc, 0x1000, code, sizeof(code)));
|
|
|
|
OK(uc_emu_start(qc, 0x1000, 0x1000 + sizeof(code) - 1, 0, 1));
|
|
OK(uc_mem_read(qc, 0x2000 + 4, &mem, 4));
|
|
|
|
TEST_CHECK(mem == 0xdeadbeef);
|
|
|
|
OK(uc_close(qc));
|
|
}
|
|
|
|
static void test_splitting_mem_unmap()
|
|
{
|
|
uc_engine *uc;
|
|
|
|
OK(uc_open(UC_ARCH_X86, UC_MODE_32, &uc));
|
|
|
|
OK(uc_mem_map(uc, 0x20000, 0x1000, UC_PROT_NONE));
|
|
OK(uc_mem_map(uc, 0x21000, 0x2000, UC_PROT_NONE));
|
|
|
|
OK(uc_mem_unmap(uc, 0x21000, 0x1000));
|
|
|
|
OK(uc_close(uc));
|
|
}
|
|
|
|
static uint64_t test_splitting_mmio_unmap_read_callback(uc_engine *uc,
|
|
uint64_t offset,
|
|
unsigned size,
|
|
void *user_data)
|
|
{
|
|
TEST_CHECK(offset == 4);
|
|
TEST_CHECK(size == 4);
|
|
|
|
return 0x19260817;
|
|
}
|
|
|
|
static void test_splitting_mmio_unmap()
|
|
{
|
|
uc_engine *uc;
|
|
// mov ecx, [0x3004] <-- normal read
|
|
// mov ebx, [0x4004] <-- mmio read
|
|
char code[] = "\x8b\x0d\x04\x30\x00\x00\x8b\x1d\x04\x40\x00\x00";
|
|
int r_ecx, r_ebx;
|
|
int bytes = 0xdeadbeef;
|
|
|
|
OK(uc_open(UC_ARCH_X86, UC_MODE_32, &uc));
|
|
|
|
OK(uc_mem_map(uc, 0x1000, 0x1000, UC_PROT_ALL));
|
|
OK(uc_mem_write(uc, 0x1000, code, sizeof(code) - 1));
|
|
|
|
OK(uc_mmio_map(uc, 0x3000, 0x2000, test_splitting_mmio_unmap_read_callback,
|
|
NULL, NULL, NULL));
|
|
|
|
// Map a ram area instead
|
|
OK(uc_mem_unmap(uc, 0x3000, 0x1000));
|
|
OK(uc_mem_map(uc, 0x3000, 0x1000, UC_PROT_ALL));
|
|
OK(uc_mem_write(uc, 0x3004, &bytes, 4));
|
|
|
|
OK(uc_emu_start(uc, 0x1000, 0x1000 + sizeof(code) - 1, 0, 0));
|
|
|
|
OK(uc_reg_read(uc, UC_X86_REG_ECX, &r_ecx));
|
|
OK(uc_reg_read(uc, UC_X86_REG_EBX, &r_ebx));
|
|
|
|
TEST_CHECK(r_ecx == 0xdeadbeef);
|
|
TEST_CHECK(r_ebx == 0x19260817);
|
|
|
|
OK(uc_close(uc));
|
|
}
|
|
|
|
TEST_LIST = {{"test_map_correct", test_map_correct},
|
|
{"test_map_wrapping", test_map_wrapping},
|
|
{"test_mem_protect", test_mem_protect},
|
|
{"test_splitting_mem_unmap", test_splitting_mem_unmap},
|
|
{"test_splitting_mmio_unmap", test_splitting_mmio_unmap},
|
|
{NULL, NULL}};
|