protected Program RewriteFile(string relativePath, Address addrBase) { var sc = new ServiceContainer(); var config = new FakeDecompilerConfiguration(); sc.AddService<IConfigurationService>(config); sc.AddService<DecompilerHost>(new FakeDecompilerHost()); sc.AddService<DecompilerEventListener>(new FakeDecompilerEventListener()); sc.AddService<IFileSystemService>(new FileSystemServiceImpl()); ILoader ldr = new Loader(sc); var program = ldr.AssembleExecutable( FileUnitTester.MapTestPath(relativePath), new X86TextAssembler(sc, new IntelArchitecture(ProcessorMode.Real)), addrBase); program.Platform = new DefaultPlatform(sc, program.Architecture); var ep = new EntryPoint(program.Image.BaseAddress, program.Architecture.CreateProcessorState()); var project = new Project { Programs = { program } }; var scan = new Scanner( program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), sc); scan.EnqueueEntryPoint(ep); scan.ScanImage(); var dfa = new DataFlowAnalysis(program, new FakeDecompilerEventListener()); dfa.AnalyzeProgram(); return program; }
protected Program RewriteFile(string relativePath, Address addrBase) { sc = new ServiceContainer(); var config = new FakeDecompilerConfiguration(); var eventListener = new FakeDecompilerEventListener(); sc.AddService<IConfigurationService>(config); sc.AddService<DecompilerHost>(new FakeDecompilerHost()); sc.AddService<DecompilerEventListener>(eventListener); sc.AddService<IFileSystemService>(new FileSystemServiceImpl()); ILoader ldr = new Loader(sc); var program = ldr.AssembleExecutable( FileUnitTester.MapTestPath(relativePath), new X86TextAssembler(sc, new X86ArchitectureReal()), addrBase); program.Platform = new DefaultPlatform(sc, program.Architecture); var ep = new ImageSymbol(program.SegmentMap.BaseAddress); var project = new Project { Programs = { program } }; var scan = new Scanner( program, new ImportResolver(project, program, eventListener), sc); scan.EnqueueImageSymbol(ep, true); scan.ScanImage(); var importResolver = new ImportResolver(project, program, eventListener); var dfa = new DataFlowAnalysis(program, importResolver, eventListener); dfa.AnalyzeProgram(); return program; }
private void BuildTest(Address addrBase, IPlatform platform , Action<X86Assembler> asmProg) { var sc = new ServiceContainer(); sc.AddService<DecompilerEventListener>(new FakeDecompilerEventListener()); sc.AddService<DecompilerHost>(new FakeDecompilerHost()); sc.AddService<IFileSystemService>(new FileSystemServiceImpl()); var entryPoints = new List<EntryPoint>(); var asm = new X86Assembler(sc, platform, addrBase, entryPoints); asmProg(asm); var lr = asm.GetImage(); program = new Program( lr.Image, lr.ImageMap, arch, platform); var project = new Project { Programs = { program } }; scanner = new Scanner( program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), sc); scanner.EnqueueEntryPoint(new EntryPoint(addrBase, arch.CreateProcessorState())); scanner.ScanImage(); }
private void DoRewriteCore() { Project project = LoadProject(); project.Programs.Add(prog); scanner = new Scanner(prog, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), new FakeDecompilerEventListener()); EntryPoint ep = new EntryPoint(baseAddress, prog.Architecture.CreateProcessorState()); scanner.EnqueueEntryPoint(ep); var program = project.Programs[0]; foreach (Procedure_v1 sp in program.UserProcedures.Values) { scanner.EnqueueUserProcedure(sp); } scanner.ScanImage(); }
private Program AssembleFile(string sourceFile, Address addr) { var ldr = new Loader(new ServiceContainer()); var arch = new X86ArchitectureReal(); Program program = ldr.AssembleExecutable( FileUnitTester.MapTestPath(sourceFile), new X86TextAssembler(arch), addr); var project = new Project { Programs = { program } }; var scan = new Scanner(program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), null); foreach (EntryPoint ep in program.EntryPoints) { scan.EnqueueEntryPoint(ep); } scan.ScanImage(); return program; }
private void BuildTest(Address addrBase, IPlatform platform , Action<X86Assembler> asmProg) { var sc = new ServiceContainer(); var eventListener = new FakeDecompilerEventListener(); sc.AddService<DecompilerEventListener>(eventListener); sc.AddService<DecompilerHost>(new FakeDecompilerHost()); sc.AddService<IFileSystemService>(new FileSystemServiceImpl()); var entryPoints = new List<ImageSymbol>(); var asm = new X86Assembler(sc, platform, addrBase, entryPoints); asmProg(asm); program = asm.GetImage(); var project = new Project { Programs = { program } }; scanner = new Scanner( program, new ImportResolver(project, program, eventListener), sc); scanner.EnqueueImageSymbol(new ImageSymbol(addrBase), true); scanner.ScanImage(); }
protected void RunHexTest(string hexFile, string outputFile) { var svc = new ServiceContainer(); var cfg = new FakeDecompilerConfiguration(); var eventListener = new FakeDecompilerEventListener(); svc.AddService<IConfigurationService>(cfg); svc.AddService<DecompilerEventListener>(eventListener); svc.AddService<DecompilerHost>(new FakeDecompilerHost()); ILoader ldr = new Loader(svc); var imgLoader = new DchexLoader(FileUnitTester.MapTestPath( hexFile), svc, null); var program = imgLoader.Load(null); var project = new Project { Programs = { program } }; var ep = new ImageSymbol(program.ImageMap.BaseAddress); var importResolver = new ImportResolver(project, program, eventListener); var scan = new Scanner(program, importResolver, svc); scan.EnqueueImageSymbol(ep, true); scan.ScanImage(); var dfa = new DataFlowAnalysis(program, null, eventListener); dfa.AnalyzeProgram(); RunTest(program, outputFile); }
private Program RewriteProgram() { var eventListener = new FakeDecompilerEventListener(); var importResolver = MockRepository.GenerateStub<IImportResolver>(); importResolver.Replay(); var scan = new Scanner( program, importResolver, sc); foreach (ImageSymbol ep in program.EntryPoints.Values) { scan.EnqueueImageSymbol(ep, true); } scan.ScanImage(); var dfa = new DataFlowAnalysis(program, importResolver, eventListener); dfa.AnalyzeProgram(); return program; }
private static void Rewrite(Program program, Assembler asm, string configFile) { var fakeDiagnosticsService = new FakeDiagnosticsService(); var fakeConfigService = new FakeDecompilerConfiguration(); var sc = new ServiceContainer(); sc.AddService(typeof(IDiagnosticsService), fakeDiagnosticsService); sc.AddService(typeof(IConfigurationService), fakeConfigService); sc.AddService<DecompilerEventListener>(new FakeDecompilerEventListener()); sc.AddService<DecompilerHost>(new FakeDecompilerHost()); var loader = new Loader(sc); var project = string.IsNullOrEmpty(configFile) ? new Project() : new ProjectLoader(sc, loader).LoadProject(FileUnitTester.MapTestPath(configFile)); var scan = new Scanner( program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), sc); scan.EnqueueEntryPoint(new EntryPoint(asm.StartAddress, program.Architecture.CreateProcessorState())); foreach (var f in project.Programs) { foreach (var sp in f.User.Procedures.Values) { scan.EnqueueUserProcedure(sp); } } scan.ScanImage(); }
protected void RunHexTest(string hexFile, string outputFile) { var svc = new ServiceContainer(); var cfg = new FakeDecompilerConfiguration(); svc.AddService<IConfigurationService>(cfg); svc.AddService<DecompilerEventListener>(new FakeDecompilerEventListener()); svc.AddService<DecompilerHost>(new FakeDecompilerHost()); ILoader ldr = new Loader(svc); var imgLoader = new DchexLoader(FileUnitTester.MapTestPath( hexFile), svc, null); var img = imgLoader.Load(null); var program = new Program(img.Image, img.Image.CreateImageMap(), img.Architecture, img.Platform); var project = new Project { Programs = { program } }; var ep = new EntryPoint(program.Image.BaseAddress, program.Architecture.CreateProcessorState()); var scan = new Scanner(program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), svc); scan.EnqueueEntryPoint(ep); scan.ScanImage(); var dfa = new DataFlowAnalysis(program, new FakeDecompilerEventListener()); dfa.AnalyzeProgram(); RunTest(program, outputFile); }
public void Scanner_GlobalData() { var bytes = new byte[] { 0x48, 0x00, 0x21, 0x43, 0x00, 0x00, 0x00, 0x01, 0x53, 0x00, 0x21, 0x43, 0x28, 0x00, 0x21, 0x43, 0x00, 0x00, 0x00, 0x02, 0x63, 0x00, 0x21, 0x43, 0x38, 0x00, 0x21, 0x43, 0x00, 0x00, 0x00, 0x03, 0x73, 0x00, 0x21, 0x43, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; Given_Program(Address.Ptr32(0x43210000), bytes); var project = new Project { Programs = { program } }; var sc = new Scanner( this.program, new ImportResolver(project, program, eventListener), this.sc ); var ft1 = Given_Serialized_Signature(new SerializedSignature { ReturnValue = new Argument_v1 { Type = Int32() }, }); var ft2 = Given_Serialized_Signature(new SerializedSignature { ReturnValue = new Argument_v1 { Type = Char() } }); var str = new StructureType(); var fields = new StructureField[] { new StructureField(0, new Pointer(ft1, 4), "A"), new StructureField(4, PrimitiveType.Int32, "B"), new StructureField(8, new Pointer(ft2, 4), "C"), }; str.Fields.AddRange(fields); var elementType = new TypeReference("test", str); var arrayType = new ArrayType(elementType, 3); sc.EnqueueUserGlobalData(Address.Ptr32(0x43210000), arrayType); sc.ScanImage(); var sExpSig1 = @"Register ui32 sig1() // stackDelta: 4; fpuStackDelta: 0; fpuMaxParam: -1 "; var sExpSig2 = @"Register char sig2() // stackDelta: 4; fpuStackDelta: 0; fpuMaxParam: -1 "; Assert.AreEqual(6, program.Procedures.Count); Assert.AreEqual(sExpSig1, program.Procedures[Address.Ptr32(0x43210028)].Signature.ToString("sig1", FunctionType.EmitFlags.AllDetails)); Assert.AreEqual(sExpSig1, program.Procedures[Address.Ptr32(0x43210038)].Signature.ToString("sig1", FunctionType.EmitFlags.AllDetails)); Assert.AreEqual(sExpSig1, program.Procedures[Address.Ptr32(0x43210048)].Signature.ToString("sig1", FunctionType.EmitFlags.AllDetails)); Assert.AreEqual(sExpSig2, program.Procedures[Address.Ptr32(0x43210053)].Signature.ToString("sig2", FunctionType.EmitFlags.AllDetails)); Assert.AreEqual(sExpSig2, program.Procedures[Address.Ptr32(0x43210063)].Signature.ToString("sig2", FunctionType.EmitFlags.AllDetails)); Assert.AreEqual(sExpSig2, program.Procedures[Address.Ptr32(0x43210073)].Signature.ToString("sig2", FunctionType.EmitFlags.AllDetails)); }
public void Scanner_CallGraphTree() { Program prog = new Program(); var addr = Address.SegPtr(0xC00, 0); var m = new X86Assembler(sc, new DefaultPlatform(sc, new X86ArchitectureReal()), addr, new List<EntryPoint>()); m.i86(); m.Proc("main"); m.Call("baz"); m.Ret(); m.Endp("main"); m.Proc("foo"); m.Ret(); m.Endp("foo"); m.Proc("bar"); m.Ret(); m.Endp("bar"); m.Proc("baz"); m.Call("foo"); m.Call("bar"); m.Jmp("foo"); m.Endp("baz"); var lr = m.GetImage(); prog.Image = lr.Image; prog.ImageMap = lr.ImageMap; prog.Architecture = lr.Architecture; prog.Platform = new FakePlatform(null, arch); var proj = new Project { Programs = { prog } }; var scan = new Scanner(prog, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(proj), sc); EntryPoint ep = new EntryPoint(addr, prog.Architecture.CreateProcessorState()); scan.EnqueueEntryPoint(ep); scan.ScanImage(); Assert.AreEqual(4, prog.Procedures.Count); }
private Program RewriteProgram() { var project = new Project { Programs = { program } }; var scan = new Scanner( program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), sc); foreach (EntryPoint ep in program.EntryPoints) { scan.EnqueueEntryPoint(ep); } scan.ScanImage(); DecompilerEventListener eventListener = new FakeDecompilerEventListener(); DataFlowAnalysis da = new DataFlowAnalysis(program, eventListener); da.AnalyzeProgram(); return program; }
private Program AssembleFile(string sourceFile, Address addr) { var ldr = new Loader(new ServiceContainer()); var arch = new X86ArchitectureReal(); Program program = ldr.AssembleExecutable( FileUnitTester.MapTestPath(sourceFile), new X86TextAssembler(sc, arch), addr); var project = new Project { Programs = { program } }; var scan = new Scanner( program, new ImportResolver(project, program, null), null); foreach (ImageSymbol ep in program.EntryPoints.Values) { scan.EnqueueImageSymbol(ep, true); } scan.ScanImage(); return program; }
private void DoRewriteCore() { var cfgSvc = MockRepository.GenerateStub<IConfigurationService>(); var env = MockRepository.GenerateStub<OperatingEnvironment>(); var tlSvc = MockRepository.GenerateStub<ITypeLibraryLoaderService>(); cfgSvc.Stub(c => c.GetEnvironment("ms-dos")).Return(env); cfgSvc.Replay(); env.Stub(e => e.TypeLibraries).Return(new TypeLibraryElementCollection()); env.CharacteristicsLibraries = new TypeLibraryElementCollection(); env.Replay(); tlSvc.Replay(); sc.AddService<DecompilerHost>(new FakeDecompilerHost()); sc.AddService<DecompilerEventListener>(new FakeDecompilerEventListener()); sc.AddService<IConfigurationService>(cfgSvc); sc.AddService<ITypeLibraryLoaderService>(tlSvc); Project project = LoadProject(); project.Programs.Add(this.program); scanner = new Scanner(this.program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), sc); EntryPoint ep = new EntryPoint(baseAddress, this.program.Architecture.CreateProcessorState()); scanner.EnqueueEntryPoint(ep); var program = project.Programs[0]; foreach (Procedure_v1 sp in program.User.Procedures.Values) { scanner.EnqueueUserProcedure(sp); } scanner.ScanImage(); }
private void RunTest(Address addrBase) { var project = new Project { Programs = { program } }; scanner = new Scanner( program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), sc); scanner.EnqueueEntryPoint(new EntryPoint(addrBase, arch.CreateProcessorState())); scanner.ScanImage(); }
public void Scanner_GlobalData_StructWithPadding() { var bytes = new byte[] { 0x03, 0x00, // Type field (halfword) 0x00, 0x00, // ...alignment padding 0x08, 0x0, 0x21, 0x43, // pointer to function 0xC3, // function code. }; Given_Program(Address.Ptr32(0x43210000), bytes); Given_Project(); var ft = new FunctionType( new Identifier("", PrimitiveType.Real32, null), new Identifier[0]); var str = new StructureType(); str.Fields.AddRange(new StructureField[] { new StructureField(0, PrimitiveType.Word16, "typeField"), // two-byte gap here. new StructureField(4, new Pointer(ft, 4), "pfn") }); var scanner = new Scanner( this.program, new ImportResolver(project, program, eventListener), this.sc); scanner.EnqueueUserGlobalData(Address.Ptr32(0x43210000), str); scanner.ScanImage(); Assert.AreEqual(1, program.Procedures.Count, "Scanner should have detected the pointer to function correctly."); Assert.AreEqual(Address.Ptr32(0x43210008), program.Procedures.Keys.First()); }
public void Scanner_GlobalDataRecursiveStructs() { var bytes = new byte[] { 0x17, 0x00, 0x21, 0x43, 0x00, 0x00, 0x21, 0x43, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; Given_Program(Address.Ptr32(0x43210000), bytes); Given_Project(); var sc = new Scanner( this.program, new ImportResolver(project, program, eventListener), this.sc ); var ft = Given_Serialized_Signature(new SerializedSignature { ReturnValue = new Argument_v1 { Type = Real32() }, }); var str = new StructureType(); var fields = new StructureField[] { new StructureField(0, new Pointer(ft, 4), "func"), new StructureField(4, new Pointer(str, 4), "next"), }; str.Fields.AddRange(fields); sc.EnqueueUserGlobalData(Address.Ptr32(0x43210000), str); sc.ScanImage(); var sExpSig = @"Register real32 fn43210017() // stackDelta: 4; fpuStackDelta: 0; fpuMaxParam: -1 "; Assert.AreEqual(1, program.Procedures.Count); Assert.AreEqual(sExpSig, program.Procedures[Address.Ptr32(0x43210017)].Signature.ToString("fn43210017", FunctionType.EmitFlags.AllDetails)); }
private void RunTest(string sourceFile, string outputFile) { Program program; var asm = new X86TextAssembler(new X86ArchitectureFlat32()); using (StreamReader rdr = new StreamReader(FileUnitTester.MapTestPath(sourceFile))) { program = asm.Assemble(Address.Ptr32(0x10000000), rdr); program.Platform = win32; } foreach (var item in asm.ImportReferences) { program.ImportReferences.Add(item.Key, item.Value); } var project = new Project { Programs = { program } }; Scanner scan = new Scanner( program, new Dictionary<Address, ProcedureSignature>(), new ImportResolver(project), services); foreach (var ep in asm.EntryPoints) { scan.EnqueueEntryPoint(ep); } scan.ScanImage(); using (FileUnitTester fut = new FileUnitTester(outputFile)) { foreach (Procedure proc in program.Procedures.Values) { proc.Write(true, fut.TextWriter); fut.TextWriter.WriteLine(); } fut.AssertFilesEqual(); } }
private void DoRewriteCore() { var cfgSvc = MockRepository.GenerateStub<IConfigurationService>(); var env = MockRepository.GenerateStub<OperatingEnvironment>(); var tlSvc = MockRepository.GenerateStub<ITypeLibraryLoaderService>(); var eventListener = new FakeDecompilerEventListener(); cfgSvc.Stub(c => c.GetEnvironment("ms-dos")).Return(env); cfgSvc.Replay(); env.Stub(e => e.TypeLibraries).Return(new List<ITypeLibraryElement>()); env.Stub(e => e.CharacteristicsLibraries).Return(new List<ITypeLibraryElement>()); env.Replay(); tlSvc.Replay(); sc.AddService<DecompilerHost>(new FakeDecompilerHost()); sc.AddService<DecompilerEventListener>(eventListener); sc.AddService<IConfigurationService>(cfgSvc); sc.AddService<ITypeLibraryLoaderService>(tlSvc); Project project = LoadProject(); project.Programs.Add(this.program); scanner = new Scanner( this.program, new ImportResolver(project, this.program, eventListener), sc); ImageSymbol ep = new ImageSymbol(baseAddress); scanner.EnqueueImageSymbol(ep, true); var program = project.Programs[0]; foreach (Procedure_v1 sp in program.User.Procedures.Values) { scanner.EnqueueUserProcedure(sp); } scanner.ScanImage(); }
public void Scanner_AddEntryPoint() { Given_Trace(new RtlTrace(0x12314) { m => { m.Return(4, 0); } }); Given_Program(Address.Ptr32(0x12314)); var project = new Project { Programs = { program } }; var sc = new Scanner( this.program, null, new ImportResolver(project), this.sc); sc.EnqueueEntryPoint( new EntryPoint( Address.Ptr32(0x12314), arch.CreateProcessorState())); sc.ScanImage(); Assert.AreEqual(1, program.Procedures.Count); Assert.AreEqual(0x12314, program.Procedures.Keys[0].Offset); Assert.IsTrue(program.CallGraph.EntryPoints.Contains(program.Procedures.Values[0])); }
public void Scanner_AddEntryPoint() { Given_Trace(new RtlTrace(0x12314) { m => { m.Return(4, 0); } }); Given_Program(Address.Ptr32(0x12314), new byte[1]); var project = new Project { Programs = { program } }; var sc = new Scanner( this.program, new ImportResolver(project, program, eventListener), this.sc); sc.EnqueueImageSymbol(new ImageSymbol(Address.Ptr32(0x12314)), true); sc.ScanImage(); Assert.AreEqual(1, program.Procedures.Count); Assert.AreEqual(0x12314, program.Procedures.Keys[0].Offset); Assert.IsTrue(program.CallGraph.EntryPoints.Contains(program.Procedures.Values[0])); }
private void RunFileTestx86_32(string relativePath, string outputFile) { Program program; var sc = new ServiceContainer(); var fsSvc = new FileSystemServiceImpl(); var el = new FakeDecompilerEventListener(); sc.AddService<IFileSystemService>(fsSvc); sc.AddService<DecompilerEventListener>(el); var arch = new X86ArchitectureFlat32(); var asm = new X86TextAssembler(sc, arch); using (var rdr = new StreamReader(FileUnitTester.MapTestPath(relativePath))) { var platform = new DefaultPlatform(sc, arch); asm.Platform = platform; program = asm.Assemble(Address.Ptr32(0x10000000), rdr); } var scanner = new Scanner(program, new Dictionary<Address, ProcedureSignature>(), null, sc); scanner.EnqueueEntryPoint(new EntryPoint(program.Image.BaseAddress, arch.CreateProcessorState())); scanner.ScanImage(); using (var fut = new FileUnitTester(outputFile)) { foreach (var proc in program.Procedures.Values) { proc.Write(false, fut.TextWriter); } fut.AssertFilesEqual(); } }
public void Scanner_CallGraphTree() { program = new Program(); var addr = Address.SegPtr(0xC00, 0); var m = new X86Assembler(sc, new DefaultPlatform(sc, new X86ArchitectureReal()), addr, new List<ImageSymbol>()); m.i86(); m.Proc("main"); m.Call("baz"); m.Ret(); m.Endp("main"); m.Proc("foo"); m.Ret(); m.Endp("foo"); m.Proc("bar"); m.Ret(); m.Endp("bar"); m.Proc("baz"); m.Call("foo"); m.Call("bar"); m.Jmp("foo"); m.Endp("baz"); program = m.GetImage(); program.Platform = new FakePlatform(null, arch); Given_Project(); var scan = new Scanner( program, new ImportResolver(project, program, eventListener), sc); var sym = new ImageSymbol(addr); scan.EnqueueImageSymbol(sym, true); scan.ScanImage(); Assert.AreEqual(4, program.Procedures.Count); }