public void CompatibleFunctions() { FunctionType f1 = FunctionType.Action(new Identifier("", PrimitiveType.Int16, null)); FunctionType f2 = FunctionType.Action(new Identifier("", PrimitiveType.Int32, null)); Assert.IsTrue(un.AreCompatible(f1, f2)); }
public void Bwi_IndirectCallMatchedByPlatform() { var platform = new Mock <IPlatform>(); var reg0 = proc.Frame.EnsureRegister(new RegisterStorage("r0", 0, 0, PrimitiveType.Ptr32)); var reg1 = proc.Frame.EnsureRegister(new RegisterStorage("r1", 1, 0, PrimitiveType.Ptr32)); var sysSvc = new SystemService { Name = "SysSvc", Signature = FunctionType.Action(new[] { reg1 }), Characteristics = new ProcedureCharacteristics() }; platform.Setup(p => p.FindService( It.IsAny <RtlInstruction>(), It.IsAny <ProcessorState>())) .Returns(sysSvc) .Verifiable(); platform.Setup(p => p.PointerType).Returns(PrimitiveType.Ptr32); platform.Setup(p => p.ResolveIndirectCall(It.IsAny <RtlCall>())) .Returns((Address)null); platform.Setup(p => p.CreateTrashedRegisters()) .Returns(new HashSet <RegisterStorage>()); program.Platform = platform.Object; scanner.Setup(f => f.FindContainingBlock(Address.Ptr32(0x100000))).Returns(block); scanner.Setup(f => f.FindContainingBlock(Address.Ptr32(0x100004))).Returns(block); Given_SimpleTrace(trace); trace.Add(m => m.Call(m.Mem32(m.IAdd(reg0, -32)), 4)); var wi = CreateWorkItem(Address.Ptr32(0x100000)); wi.Process(); Assert.AreEqual("SysSvc(r1)", block.Statements[0].ToString()); platform.Verify(); }
public void Bwi_IndirectCallMatchedByPlatform() { var platform = mr.StrictMock <IPlatform>(); var reg0 = proc.Frame.EnsureRegister(new RegisterStorage("r0", 0, 0, PrimitiveType.Ptr32)); var reg1 = proc.Frame.EnsureRegister(new RegisterStorage("r1", 1, 0, PrimitiveType.Ptr32)); var sysSvc = new SystemService { Name = "SysSvc", Signature = FunctionType.Action(new[] { reg1 }), Characteristics = new ProcedureCharacteristics() }; platform.Expect(p => p.FindService(null, null)).IgnoreArguments().Return(sysSvc); platform.Stub(p => p.PointerType).Return(PrimitiveType.Ptr32); platform.Stub(p => p.ResolveIndirectCall(null)).IgnoreArguments().Return(null); platform.Stub(p => p.CreateTrashedRegisters()) .Return(new HashSet <RegisterStorage>()); program.Platform = platform; scanner.Stub(f => f.FindContainingBlock(Address.Ptr32(0x100000))).Return(block); scanner.Stub(f => f.FindContainingBlock(Address.Ptr32(0x100004))).Return(block); scanner.Stub(s => s.GetTrace(null, null, null)).IgnoreArguments().Return(trace); mr.ReplayAll(); trace.Add(m => m.Call(m.Mem32(m.IAdd(reg0, -32)), 4)); var wi = CreateWorkItem(Address.Ptr32(0x100000)); wi.Process(); Assert.AreEqual("SysSvc(r1)", block.Statements[0].ToString()); mr.VerifyAll(); }
public void Scanner_ScanData_ImageSymbols() { Given_Program(Address.Ptr32(0x00100000), new byte[] { 0x42, 0x42, 0x42, 0x42, 0x10, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC3, 0x00, 0x00, 0x00, }); Given_Project(); var dt = new StructureType { Fields = { { 0, PrimitiveType.Int32, "data" }, { 4, new Pointer(FunctionType.Action( new Identifier("arg", PrimitiveType.Int32, null)), 32) } } }; var sym = ImageSymbol.DataObject(arch, Address.Ptr32(0x00100000), "data_blob", dt); program.ImageSymbols.Add(sym.Address, sym); var scanner = new Scanner(program, project.LoadedMetadata, dynamicLinker.Object, sc); var sr = scanner.ScanDataItems(); Assert.AreEqual(1, sr.KnownProcedures.Count); Assert.AreEqual("00100010", sr.KnownProcedures.First().ToString()); }
public void Cab_Sequence_MkSequence() { var m = new SsaProcedureBuilder(nameof(Cab_Sequence)); var r2_1 = m.Reg("r2_1", reg2); var r3_2 = m.Reg("r3_2", reg3); m.Assign(r2_1, 0x0001234); m.Assign(r3_2, 0x5678ABCD); var sigCallee = FunctionType.Action( new Identifier("r2_r3", PrimitiveType.Word64, new SequenceStorage(PrimitiveType.Word64, reg2, reg3))); var callee = new ProcedureConstant( PrimitiveType.Ptr32, new ExternalProcedure("callee", sigCallee)); var stmCall = m.Call(callee, 0, new Identifier[] { r3_2, r2_1 }, new Identifier[] { }); m.Return(); var cab = new CallApplicationBuilder( m.Ssa, stmCall, (CallInstruction)stmCall.Instruction, callee); var instr = cab.CreateInstruction(sigCallee, null); Assert.AreEqual("callee(SEQ(r2_1, r3_2))", instr.ToString()); m.Ssa.Validate(s => Assert.Fail(s)); }
public void Tlldr_procedure_with_address() { Given_ArchitectureStub(); var addr = Address.SegPtr(0x1234, 0x4567); platform.Setup(p => p.TryParseAddress("0123:4567", out addr)).Returns(true); Given_ProcedureSignature(FunctionType.Action()); var tlLdr = new TypeLibraryDeserializer(platform.Object, true, new TypeLibrary()); var slib = new SerializedLibrary { Procedures = { new Procedure_v1 { Name = "foo", Signature = new SerializedSignature { Convention = "__cdecl", ReturnValue = new Argument_v1{ Type = new VoidType_v1() }, }, Address = "0123:4567" } } }; var lib = tlLdr.Load(slib); var(name, sig) = lib.Procedures[addr]; Assert.AreEqual("foo", name); Assert.AreEqual("(fn void ())", sig.ToString()); }
public void EqbProcedureSignature() { var sig = FunctionType.Action( new Identifier("dwArg00", PrimitiveType.Word32, new StackArgumentStorage(0, PrimitiveType.Word32))); eqb.EnsureSignatureTypeVariables(sig); Assert.IsNotNull(sig.Parameters[0].TypeVariable); }
public void Scanner_ScanData_NoDecompiledProcedureFromUserGlobal() { Given_Program(Address.Ptr32(0x12314), new byte[20]); program.User.Procedures.Add( Address.Ptr32(0x12314), new Procedure_v1() { Decompile = false, } ); var sc = CreateDataScanner(program); sc.EnqueueUserProcedure( Address.Ptr32(0x12314), FunctionType.Action(), null); sc.EnqueueUserProcedure( Address.Ptr32(0x12324), FunctionType.Action(), null); sc.ProcessQueue(); Assert.AreEqual(1, program.Procedures.Count); Assert.AreEqual(0x12324, program.Procedures.Keys[0].Offset); }
public void CrwExcessRegisterDefinition() { var ret = new RegisterStorage("ret", 1, 0, PrimitiveType.Word32); var ssa = Given_Procedure("main", m => { var a = m.Reg32("a"); m.Label("body"); m.Call("fn", 4, new Identifier[] { }, new Identifier[] { a }); m.Return(); }); Given_Procedure("fn", m => { }); Given_Signature("fn", FunctionType.Action()); When_RewriteCalls(ssa); var sExp = #region Expected @"main_entry: body: fn() a = <invalid> return main_exit: "; #endregion AssertProcedureCode(sExp, ssa); }
public void Tlldr_void_fn() { Given_ArchitectureStub(); Given_ProcedureSignature(FunctionType.Action()); var tlLdr = new TypeLibraryDeserializer(platform.Object, true, new TypeLibrary()); var slib = new SerializedLibrary { Procedures = { new Procedure_v1 { Name = "foo", Signature = new SerializedSignature { Convention = "__cdecl", ReturnValue = new Argument_v1{ Type = new VoidType_v1() }, } } } }; var lib = tlLdr.Load(slib); Assert.AreEqual( "void foo()", lib.Lookup("foo").ToString("foo")); }
public Win_x86_64_Platform(IServiceProvider sp, IProcessorArchitecture arch) : base(sp, arch, "win64") { int3svc = new SystemService { SyscallInfo = new SyscallInfo { Vector = 3, RegisterValues = new RegValue[0], }, Name = "int3", Signature = FunctionType.Action(new Identifier[0]), Characteristics = new ProcedureCharacteristics(), }; int29svc = new SystemService { SyscallInfo = new SyscallInfo { Vector = 0x29, RegisterValues = new RegValue[0] }, Name = "__fastfail", Signature = FunctionType.Action( new Identifier("ecx", PrimitiveType.Word32, Registers.ecx)), Characteristics = new ProcedureCharacteristics { Terminates = true } }; }
public void FrBindStackParameters() { var f = new Frame(PrimitiveType.Word16); f.ReturnAddressSize = 4; // far call. int stack = 2; Identifier loc02 = f.EnsureStackLocal(-stack, PrimitiveType.Word16, "wLoc02"); stack += loc02.DataType.Size; f.EnsureStackLocal(-stack, PrimitiveType.Word16, "wLoc04"); FunctionType sig = FunctionType.Action( new Identifier("arg0", PrimitiveType.Word16, new StackArgumentStorage(4, PrimitiveType.Word16)), new Identifier("arg1", PrimitiveType.Word16, new StackArgumentStorage(6, PrimitiveType.Word16))); var cs = new CallSite(f.ReturnAddressSize + 2 * 4, 0); var fn = new ProcedureConstant(PrimitiveType.Ptr32, new IntrinsicProcedure("foo", false, sig)); var ab = arch.CreateFrameApplicationBuilder(f, cs, fn); Instruction instr = ab.CreateInstruction(sig, null); using (FileUnitTester fut = new FileUnitTester("Core/FrBindStackParameters.txt")) { f.Write(fut.TextWriter); fut.TextWriter.WriteLine(instr.ToString()); fut.AssertFilesEqual(); } }
public void TrfTerminates() { Expect("main", "Preserved: r63", "Trashed: ", ""); builder.Add("main", m => { var sp = m.Frame.EnsureRegister(m.Architecture.StackRegister); var r1 = m.Reg32("r1", 1); var r2 = m.Reg32("r2", 2); var fn = new ExternalProcedure( "exit", FunctionType.Action(r1), new ProcedureCharacteristics { Terminates = true }); m.Assign(sp, m.Frame.FramePointer); m.BranchIf(m.Ne0(r2), "m2notzero"); m.Label("m1fail"); m.Assign(r1, 1); m.SideEffect(m.Fn(fn, r1)); m.Label("m2notzero"); m.Return(); }); RunTest(); }
public void Scanner_NoDecompiledProcedureFromUserGlobal() { Given_Program(Address.Ptr32(0x12314), new byte[20]); fakeArch.Test_IgnoreAllUnkownTraces(); program.User.Procedures.Add( Address.Ptr32(0x12314), new Procedure_v1() { Decompile = false, } ); var sc = CreateScanner(program); sc.EnqueueUserProcedure( arch, Address.Ptr32(0x12314), FunctionType.Action(), null); sc.EnqueueUserProcedure( arch, Address.Ptr32(0x12324), FunctionType.Action(), null); sc.ScanImage(); Assert.AreEqual(1, program.Procedures.Count); Assert.AreEqual(0x12324, program.Procedures.Keys[0].Offset); }
public void GdwTypeReference() { Given_Memory(0x1000) .WriteLeInt32(1) .WriteLeInt32(2) .WriteLeUInt32(0x2000); Given_Globals( Given_Field(0x1000, new TypeReference("refTest", new StructureType("_test", 0) { Fields = { { 0, PrimitiveType.Int32 }, { 4, PrimitiveType.Int32 }, { 8, new Pointer(FunctionType.Action(new Identifier[0]), 32)} } }))); Given_ProcedureAtAddress(0x2000, "funcTest"); RunTest( @"refTest g_t1000 = { 1, 2, funcTest, }; "); }
public void Scanner_ScanData_NoDecompiledProcedureFromUserGlobal() { Given_Program(Address.Ptr32(0x12314), new byte[20]); var address = Address.Ptr32(0x12314); program.User.Procedures.Add( address, new UserProcedure(address, NamingPolicy.Instance.ProcedureName(address)) { Decompile = false, } ); var sc = CreateDataScanner(program); sc.EnqueueUserProcedure( program.Architecture, Address.Ptr32(0x12314), FunctionType.Action(), null); sc.EnqueueUserProcedure( program.Architecture, Address.Ptr32(0x12324), FunctionType.Action(), null); sc.ProcessQueue(); Assert.AreEqual(1, program.Procedures.Count); Assert.AreEqual(0x12324, program.Procedures.Keys[0].Offset); }
public void Scanner_ScanData_ImageSymbols() { Given_Program(Address.Ptr32(0x00100000), new byte[] { 0x42, 0x42, 0x42, 0x42, 0x10, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC3, 0x00, 0x00, 0x00, }); Given_Project(); var dt = new StructureType { Fields = { { 0, PrimitiveType.Int32, "data" }, { 4, new Pointer(FunctionType.Action( new Identifier("arg", PrimitiveType.Int32, null)), 4) } } }; var sym = new ImageSymbol(Address.Ptr32(0x00100000), "data_blob", dt) { Type = SymbolType.Data }; program.ImageSymbols.Add(sym.Address, sym); var scanner = new Scanner(program, importResolver, sc); var sr = scanner.ScanDataItems(); Assert.AreEqual(1, sr.KnownProcedures.Count); Assert.AreEqual("00100010", sr.KnownProcedures.First().ToString()); }
public void ExdApplication() { var sig = FunctionType.Action(new[] { Id("r", PrimitiveType.Real32) }); var ep = new ExternalProcedure("test", sig); RunTest( Test(m.Fn(ep, m.Load(PrimitiveType.Word32, m.Word32(0x0300400))), VoidType.Instance)); }
public void ExdApplication() { var sig = FunctionType.Action(Id("r", PrimitiveType.Real32)); var ep = new ExternalProcedure("test", sig); RunTest( "Typing/ExdApplication.txt", Test(m.Fn(ep, m.Mem(PrimitiveType.Word32, m.Word32(0x0300400))), VoidType.Instance)); }
public void TyfoManyArgs() { FunctionType fn = FunctionType.Action( new Identifier("", PrimitiveType.Ptr32, null), new Identifier("", PrimitiveType.Int64, null)); tyreffo.WriteDeclaration(fn, "fn"); Assert.AreEqual("void fn(ptr32, int64)", sw.ToString()); }
public void TyfoPfn() { FunctionType fn = FunctionType.Action( new Identifier[] { new Identifier("", PrimitiveType.Word32, null) }); Pointer pfn = new Pointer(fn, 32); tyreffo.WriteDeclaration(pfn, "pfn"); Assert.AreEqual("void (* pfn)(word32)", sw.ToString()); }
private ExternalProcedure Given_Procedure(string name, params DataType [] argTypes) { var sig = FunctionType.Action( argTypes.Select((argType, i) => new Identifier( "arg" + i, argType, new StackArgumentStorage(i * 4, argType))) .ToArray()); return(new ExternalProcedure(name, sig)); }
public void Tyreffmt_ptr_function() { var sw = new StringWriter(); var trf = new TypeReferenceFormatter(new TextFormatter(sw)); trf.WriteDeclaration( new Pointer( FunctionType.Action(new [] { Arg("arg0", 0) }), 32), "pfn"); Assert.AreEqual("void (* pfn)(word32 arg0)", sw.ToString()); }
public void PsigValidArguments() { Identifier arg = new Identifier(Registers.eax.Name, Registers.eax.DataType, Registers.eax); FunctionType sig = FunctionType.Action(new Identifier[] { arg }); Assert.IsTrue(sig.ParametersValid); sig = new FunctionType(arg, new Identifier[0]); Assert.IsTrue(sig.ParametersValid); sig = new FunctionType(); Assert.IsFalse(sig.ParametersValid); }
public void AppBld_NoVariadic_Characteristics() { var caller = new Procedure(arch, "caller", Address.Ptr32(0x00123400), new Frame(PrimitiveType.Ptr32)); var callee = new Procedure(arch, "callee", Address.Ptr32(0x00123500), new Frame(PrimitiveType.Ptr32)); var ab = arch.CreateFrameApplicationBuilder( caller.Frame, new CallSite(4, 0), new ProcedureConstant(PrimitiveType.Ptr32, callee)); var unk = new UnknownType(); var sig = FunctionType.Action(new Identifier("...", unk, new StackArgumentStorage(0, unk))); var instr = ab.CreateInstruction(sig, null); Assert.AreEqual("callee(0x00000000)", instr.ToString());//$BUG: obviously wrong }
public void X86fab_FpuArg() { var site = new CallSite(0, 1); CreateApplicationBuilder(site); var sigCallee = FunctionType.Action( new Identifier( "arg", PrimitiveType.Real64, new FpuStackStorage(0, PrimitiveType.Real64))); var instr = fab.CreateInstruction(sigCallee, new ProcedureCharacteristics()); Assert.AreEqual("eax(ST[Top:real64])", instr.ToString()); }
public void Tyreffmt_ptr_function_with_eq_class() { var sw = new StringWriter(); var trf = new TypeReferenceFormatter(new TextFormatter(sw)); trf.WriteDeclaration( new Pointer( new EquivalenceClass( new TypeVariable(3), FunctionType.Action(new[] { Arg("arg0", 0) })), 4), "pfn"); Assert.AreEqual("void (* pfn)(word32 arg0)", sw.ToString()); }
public void Setup() { this.platform = new Mock <IPlatform>(); this.arch = new FakeArchitecture(new ServiceContainer()); this.builder = new ProgramBuilder(arch); this.dynamicLinker = new Mock <IDynamicLinker>(); this.sbExpected = new StringBuilder(); this.fnExit = new ExternalProcedure( "exit", FunctionType.Action(new Identifier("code", PrimitiveType.Int32, new StackArgumentStorage(4, PrimitiveType.Int32))), new ProcedureCharacteristics { Terminates = true, }); }
public void ExdIndirectCall() { var p = Id("p", PrimitiveType.Word32); var sig = FunctionType.Action(new[] { Id("r", PrimitiveType.Real32) }); store.EnsureExpressionTypeVariable(factory, p); p.TypeVariable.OriginalDataType = PointerTo(sig); p.TypeVariable.DataType = PointerTo(sig); RunTest( Test( m.Fn( p, VoidType.Instance, m.Mem(PrimitiveType.Word32, m.Word32(0x0300400))), VoidType.Instance)); }
public void Scanner_Metadata_procedure() { Given_Program(Address.Ptr32(0x00100000), new byte[100]); Given_Project(); var address = Address.Ptr32(0x00100010); project.LoadedMetadata.Procedures.Add(address, ("foo", FunctionType.Action())); var scanner = new Scanner( this.program, project.LoadedMetadata, new DynamicLinker(project, program, eventListener), this.sc); scanner.ScanImage(); Assert.AreEqual(1, program.Procedures.Count); Assert.AreEqual("(fn void ())", program.Procedures.Values.First().Signature.ToString()); }