public void StrFind_FindUtf16Le()
{
Given_Image(Encoding.GetEncoding("utf-16le").GetBytes("\0\0Hello\0"));
var sf = new StringFinder(program);
var hits = sf.FindStrings(new StringFinderCriteria
{
StringType = StringType.NullTerminated(PrimitiveType.UInt16),
MinimumLength = 3,
CreateReader = (m, a, b) => new LeImageReader(m, a, b)
}).ToArray();
Assert.AreEqual(1, hits.Length);
Assert.AreEqual(Address.Ptr32(0x00400004), hits[0].Address);
Assert.AreEqual(10, hits[0].Length);
}
public void StrFind_TwoMatch()
{
Given_Image(0x42, 0, 0x12, 0x43, 0x00);
var sf = new StringFinder(program);
var hits = sf.FindStrings(new StringFinderCriteria
{
StringType = StringType.NullTerminated(PrimitiveType.Char),
MinimumLength = 1,
CreateReader = (m, a, b) => new LeImageReader(m, a, b)
}).ToArray();
Assert.AreEqual(2, hits.Length);
Assert.AreEqual(Address.Ptr32(0x00400000), hits[0].Address);
Assert.AreEqual(Address.Ptr32(0x00400003), hits[1].Address);
}
public StringFinderCriteria GetCriteria()
{
Encoding encoding;
PrimitiveType charType;
Func <MemoryArea, Address, Address, EndianImageReader> rdrCreator;
switch (dlg.CharacterSizeList.SelectedIndex)
{
default:
encoding = Encoding.ASCII;
charType = PrimitiveType.Char;
rdrCreator = (m, a, b) => new LeImageReader(m, a, b);
break;
case 1:
encoding = Encoding.GetEncoding("utf-16LE");
charType = PrimitiveType.WChar;
rdrCreator = (m, a, b) => new LeImageReader(m, a, b);
break;
case 2:
encoding = Encoding.GetEncoding("utf-16BE");
charType = PrimitiveType.WChar;
rdrCreator = (m, a, b) => new BeImageReader(m, a, b);
break;
}
StringType strType;
switch (dlg.StringKindList.SelectedIndex)
{
default: strType = StringType.NullTerminated(charType); break;
case 1: strType = StringType.LengthPrefixedStringType(charType, PrimitiveType.Byte); break;
case 2:
case 3: strType = StringType.LengthPrefixedStringType(charType, PrimitiveType.UInt16); break;
}
return(new StringFinderCriteria
{
StringType = strType,
Encoding = encoding,
MinimumLength = dlg.MinLength,
CreateReader = rdrCreator,
});
}
public StringType GetStringType()
{
var charType = ddlCharSize.SelectedIndex > 0
? PrimitiveType.WChar
: PrimitiveType.Char;
switch (ddlStringKind.SelectedIndex)
{
default: return(StringType.NullTerminated(charType));
case 1: return(StringType.LengthPrefixedStringType(charType, PrimitiveType.Byte));
case 2: return(StringType.LengthPrefixedStringType(charType, PrimitiveType.UInt16));
case 3: return(StringType.LengthPrefixedStringType(charType, PrimitiveType.UInt32));
}
}
public void ProcRnd_IR_QuoteString()
{
var sExp =
#region Expected
@"ProcRnd_IR_QuoteString_entry:<br />
l1:<br />
Mem0[0x00123400:(str char)] = "<Up & down>"<br />
ProcRnd_IR_QuoteString_exit:<br />
";
#endregion
RunIrTest(nameof(ProcRnd_IR_QuoteString), sExp, m =>
{
m.MStore(m.Word32(0x00123400), Constant.String("<Up & down>", StringType.NullTerminated(PrimitiveType.Char)));
});
}
public override DataType BuildDataType(TypeFactory factory)
{
var ch = CharType.BuildDataType(factory);
if (Termination == null)
{
throw new NotImplementedException();
}
switch (Termination[0])
{
case 'z':
return(StringType.NullTerminated(ch));
default:
throw new NotImplementedException();
}
}
public CodeFormatter VisitPointer(Pointer ptr)
{
var c = rdr.Read(PrimitiveType.Create(Domain.Pointer, ptr.Size));
var addr = Address.FromConstant(c);
// Check if it is pointer to function
Procedure proc;
if (program.Procedures.TryGetValue(addr, out proc))
{
codeFormatter.InnerFormatter.WriteHyperlink(proc.Name, proc);
return(codeFormatter);
}
int offset = c.ToInt32();
if (offset == 0)
{
codeFormatter.WriteNull();
}
else
{
var field = globals.Fields.AtOffset(offset);
if (field == null)
{
// We've discovered a global variable! Create it!
//$REVIEW: what about collisions and the usual merge crap?
var dt = ptr.Pointee;
//$REVIEW: that this is a pointer to a C-style null
// terminated string is a wild-assed guess of course.
// It could be a pascal string, or a raw area of bytes.
// Depend on user for this, or possibly platform.
var pt = dt as PrimitiveType;
if (pt != null && pt.Domain == Domain.Character)
{
dt = StringType.NullTerminated(pt);
}
globals.Fields.Add(offset, dt);
// add field to queue.
field = globals.Fields.AtOffset(offset);
queue.Enqueue(field);
}
codeFormatter.InnerFormatter.Write("&g_{0}", field.Name);
}
return(codeFormatter);
}
public DataType VisitPointer(PointerType_v1 pointer)
{
DataType dt;
if (pointer.DataType == null)
{
dt = new UnknownType();
}
else
{
try
{
//$TODO: remove the try-catch when done.
dt = pointer.DataType.Accept(this);
#if FUTURE
//$HACK: this is a dangerous assumption, not all
// pointers to char are pointing to strings --
// but most (90% or more) do. With const char
// this rises to 99%
if (dt is PrimitiveType pt && pt.Domain == Domain.Character)
{
dt = StringType.NullTerminated(dt);
}
#endif
}
catch
{
Debug.Print("** Dropping exception on floor ***********");
dt = new UnknownType(platform.PointerType.Size);
}
}
int bitSize = platform.PointerType.BitSize;
if (pointer.PointerSize != 0)
{
bitSize = pointer.PointerSize * platform.Architecture.MemoryGranularity;
}
return(new Pointer(dt, bitSize)
{
Qualifier = pointer.Qualifier
});
}
public void StrAnls_Issue_529()
{
var m = new ProcedureBuilder();
var fp = m.Frame.FramePointer;
var sp = m.Frame.EnsureRegister(m.Architecture.StackRegister);
var puts = new ExternalProcedure("puts", new FunctionType());
m.Label("m4E2");
m.Goto("m4F7");
m.Label("m4E4");
m.SideEffect(m.Fn(puts, Constant.String("Hello", StringType.NullTerminated(PrimitiveType.Byte))));
m.Return();
m.Label("m4F7");
m.BranchIf(m.Eq0(m.Mem32(m.Word32(0x0808A0A4))), "m502");
m.Label("m500");
m.Goto("m50D");
m.Label("m502");
m.BranchIf(m.Eq0(m.Mem32(m.Word32(0x0808A0A8))), "m4E4");
m.Goto("m50D");
m.Label("m50D");
m.SideEffect(m.Fn(puts, Constant.String("Goodbye", StringType.NullTerminated(PrimitiveType.Byte))));
m.Goto("m4E4");
var sExp =
#region Expected
@" if (Mem0[0x0808A0A4:word32] != 0x00 || Mem0[0x0808A0A8:word32] != 0x00)
puts(""Goodbye"");
puts(""Hello"");
return;
";
#endregion
Given_CompoundConditionCoalescer(m.Procedure);
RunTest(sExp, m.Procedure);
}
public void ProcRnd_HLL_Signature()
{
var sExp =
#region Expected
@"<span class='type' data-typename='int32'>int32</span> fn00123400(BYTE * arg1, BYTE * arg2)<br />
{<br />
<span class='kw'>if</span> (arg1 != 0x00)<br />
{<br />
*arg1 = 0x00;<br />
arg2 = "<Up & down>";<br />
}<br />
}<br />
";
#endregion
RunHllTest(nameof(ProcRnd_HLL_Signature), sExp, (proc, m) =>
{
var arg1 = new Identifier(
"arg1",
new Pointer(new TypeReference("BYTE", PrimitiveType.Byte), 32),
new TemporaryStorage("t1", 3, PrimitiveType.Word32));
var arg2 = new Identifier(
"arg2",
new Pointer(new TypeReference("BYTE", PrimitiveType.Byte), 32),
new TemporaryStorage("t2", 4, PrimitiveType.Word32));
proc.Signature = FunctionType.Func(
new Identifier("", PrimitiveType.Int32, new TemporaryStorage("", 0, PrimitiveType.Word32)),
arg1,
arg2);
m.If(m.Ne(arg1, Constant.Zero(PrimitiveType.Word32)), t =>
{
t.Assign(t.Deref(arg1), m.Byte(0));
t.Assign(arg2, Constant.String("<Up & down>", StringType.NullTerminated(PrimitiveType.Char)));
});
});
}
public Instruction VisitBranch(Branch branch)
{
//$TODO: this may not be necessary once scanner-development is done.
return(new SideEffect(Constant.String(string.Format("cloned {0}", branch), StringType.NullTerminated(PrimitiveType.Char))));
}
private DataType Parse(PrimitiveType charPrefix)
{
if (i >= str.Length)
{
return(new UnknownType());
}
int bitSize;
switch (str[i++])
{
case 'a':
return(ParseArray());
case 'b':
return(PrimitiveType.Byte);
case 'p':
if (i + 2 <= str.Length && str[i] == 'f' && str[i + 1] == 'n')
{
i += 2;
return(new Pointer(new CodeType(), 32));
}
var pointee = Parse(PrimitiveType.Char);
if (pointee is UnknownType)
{
return(PrimitiveType.Ptr32); //$ARch-dependent?
}
else
{
return(new Pointer(pointee, 32)); //$ARCH-dependent!
}
case 'i':
bitSize = ParseBitSize();
if (bitSize == 0)
{
return(PrimitiveType.Int32); // Convenient for 2015... most ints are 32 in C code.
}
return(PrimitiveType.Create(Domain.SignedInt, bitSize));
case 'u':
bitSize = ParseBitSize();
if (bitSize == 0)
{
return(PrimitiveType.UInt32); //$REVIEW: arch word size?
}
return(PrimitiveType.Create(Domain.UnsignedInt, bitSize));
case 'r':
bitSize = ParseBitSize();
if (bitSize == 0)
{
return(new UnknownType());
}
return(PrimitiveType.Create(Domain.Real, bitSize));
case 'f':
return(PrimitiveType.Bool);
case 'c':
if (i < str.Length && str[i] == 'h')
{
++i;
return(charPrefix);
}
return(new UnknownType());
case 's':
if (i < str.Length)
{
switch (str[i++])
{
case 'z': return(StringType.NullTerminated(charPrefix));
case 'i': return(ParseLengthPrefixString(charPrefix));
}
--i;
}
return(new ArrayType(charPrefix, 0));
case 'w':
if (i < str.Length)
{
var dt = Parse(PrimitiveType.WChar);
if (dt is UnknownType)
{
dt = PrimitiveType.Word32;
}
return(dt);
}
return(PrimitiveType.Word32);
case 'x':
return(new CodeType());
}
return(new UnknownType());
}
private static Constant MkString(Token token)
{
return(Constant.String((string)token.Value, StringType.NullTerminated(PrimitiveType.Char)));
}
void PromoteToCString(Constant c, DataType charType)
{
var field = GlobalVars.Fields.AtOffset(c.ToInt32());
field.DataType = StringType.NullTerminated(charType);
}
private static Constant Sz(string str)
{
return(Constant.String(str, StringType.NullTerminated(PrimitiveType.Char)));
}