decompiler  1.0.0
Public Member Functions | Static Private Member Functions | Private Attributes | List of all members
ActionStackPtrFlow Class Reference

Analyze change to the stack pointer across sub-function calls. More...

#include <coreaction.hh>

Inheritance diagram for ActionStackPtrFlow:
Action

Public Member Functions

 ActionStackPtrFlow (const string &g, AddrSpace *ss)
 Constructor.
 
virtual void reset (Funcdata &data)
 Reset the Action for a new function. More...
 
virtual Actionclone (const ActionGroupList &grouplist) const
 Clone the Action. More...
 
virtual int4 apply (Funcdata &data)
 Make a single attempt to apply this Action. More...
 
- Public Member Functions inherited from Action
 Action (uint4 f, const string &nm, const string &g)
 Base constructor for an Action. More...
 
virtual ~Action (void)
 Destructor.
 
virtual void printStatistics (ostream &s) const
 Dump statistics to stream. More...
 
int4 perform (Funcdata &data)
 Perform this action (if necessary) More...
 
bool setBreakPoint (uint4 tp, const string &specify)
 Set a breakpoint on this action. More...
 
bool setWarning (bool val, const string &specify)
 Set a warning on this action. More...
 
bool disableRule (const string &specify)
 Disable a specific Rule within this. More...
 
bool enableRule (const string &specify)
 Enable a specific Rule within this. More...
 
const string & getName (void) const
 Get the Action's name.
 
const string & getGroup (void) const
 Get the Action's group.
 
uint4 getStatus (void) const
 Get the current status of this Action.
 
uint4 getNumTests (void)
 Get the number of times apply() was invoked.
 
uint4 getNumApply (void)
 
virtual void resetStats (void)
 Reset all the counts to zero. More...
 
virtual int4 print (ostream &s, int4 num, int4 depth) const
 Print a description of this Action to stream. More...
 
virtual void printState (ostream &s) const
 Print status to stream. More...
 
virtual void saveXml (ostream &s) const
 Save specifics of this action to stream.
 
virtual void restoreXml (const Element *el, Funcdata *fd)
 Load specifics of action from XML.
 
virtual ActiongetSubAction (const string &specify)
 Retrieve a specific sub-action by name. More...
 
virtual RulegetSubRule (const string &specify)
 Retrieve a specific sub-rule by name. More...
 

Static Private Member Functions

static void analyzeExtraPop (Funcdata &data, AddrSpace *stackspace, int4 spcbase)
 Calculate stack-pointer change across undetermined sub-functions. More...
 
static bool isStackRelative (Varnode *spcbasein, Varnode *vn, uintb &constval)
 Is the given Varnode defined as a pointer relative to the stack-pointer? More...
 
static bool adjustLoad (Funcdata &data, PcodeOp *loadop, PcodeOp *storeop)
 Adjust the LOAD where the stack-pointer alias has been recovered. More...
 
static int4 repair (Funcdata &data, AddrSpace *id, Varnode *spcbasein, PcodeOp *loadop, uintb constz)
 Link LOAD to matching STORE of a constant. More...
 
static int4 checkClog (Funcdata &data, AddrSpace *id, int4 spcbase)
 Find any stack pointer clogs and pass it on to the repair routines. More...
 

Private Attributes

AddrSpacestackspace
 Stack space associated with stack-pointer register.
 
bool analysis_finished
 True if analysis already performed.
 

Additional Inherited Members

- Public Types inherited from Action
enum  ruleflags {
  rule_repeatapply = 4, rule_onceperfunc = 8, rule_oneactperfunc = 16, rule_debug = 32,
  rule_warnings_on = 64, rule_warnings_given = 128
}
 Boolean behavior properties governing this particular Action. More...
 
enum  statusflags {
  status_start =1, status_breakstarthit =2, status_repeat =4, status_mid =8,
  status_end =16, status_actionbreak =32
}
 Boolean properties describing the status of an action. More...
 
enum  breakflags { break_start = 1, tmpbreak_start = 2, break_action = 4, tmpbreak_action = 8 }
 Break points associated with an Action. More...
 
- Protected Member Functions inherited from Action
void issueWarning (Architecture *glb)
 Warn that this Action has applied. More...
 
bool checkStartBreak (void)
 Check start breakpoint. More...
 
bool checkActionBreak (void)
 Check action breakpoint. More...
 
void turnOnWarnings (void)
 Enable warnings for this Action.
 
void turnOffWarnings (void)
 Disable warnings for this Action.
 
- Protected Attributes inherited from Action
int4 lcount
 Changes not including last call to apply()
 
int4 count
 Number of changes made by this action so far.
 
uint4 status
 Current status.
 
uint4 breakpoint
 Breakpoint properties.
 
uint4 flags
 Behavior properties.
 
uint4 count_tests
 Number of times apply() has been called.
 
uint4 count_apply
 Number of times apply() made changes.
 
string name
 Name of the action.
 
string basegroup
 Base group this action belongs to.
 

Detailed Description

Analyze change to the stack pointer across sub-function calls.

Member Function Documentation

◆ adjustLoad()

bool ActionStackPtrFlow::adjustLoad ( Funcdata data,
PcodeOp loadop,
PcodeOp storeop 
)
staticprivate

Adjust the LOAD where the stack-pointer alias has been recovered.

We've matched a LOAD with its matching store, now convert the LOAD op to a COPY of what was stored.

Parameters
datais the function being analyzed
loadopis the LOAD op to adjust
storeopis the matching STORE op
Returns
true if the adjustment is successful

References CPUI_COPY, PcodeOp::getIn(), Varnode::getOffset(), Varnode::getSize(), Varnode::isConstant(), Varnode::isFree(), Funcdata::newConstant(), Funcdata::opRemoveInput(), Funcdata::opSetInput(), and Funcdata::opSetOpcode().

Referenced by repair().

◆ analyzeExtraPop()

void ActionStackPtrFlow::analyzeExtraPop ( Funcdata data,
AddrSpace stackspace,
int4  spcbase 
)
staticprivate

Calculate stack-pointer change across undetermined sub-functions.

If there are sub-functions for which extra pop is not explicit, do full linear analysis to (attempt to) recover the values.

Parameters
datais the function to analyze
stackspaceis the space associated with the stack-pointer
spcbaseis the index (relative to the stackspace) of the stack-pointer

References StackSolver::build(), calc_mask(), PcodeOp::code(), CPUI_INDIRECT, CPUI_INT_ADD, Architecture::defaultfp, Architecture::evalfp_called, LowlevelError::explain, ProtoModel::extrapop_unknown, Varnode::getAddr(), Funcdata::getArch(), Funcdata::getCallSpecs(), StackSolver::getCompanion(), Varnode::getDef(), ProtoModel::getExtraPop(), PcodeOp::getIn(), AddrSpace::getName(), StackSolver::getNumVariables(), PcodeOp::getOpFromConst(), Varnode::getSize(), StackSolver::getSolution(), Varnode::getSpace(), AddrSpace::getType(), StackSolver::getVariable(), IPTR_IOP, Funcdata::newConstant(), Funcdata::opSetAllInput(), Funcdata::opSetOpcode(), StackSolver::solve(), stackspace, and Funcdata::warningHeader().

Referenced by apply().

◆ apply()

int4 ActionStackPtrFlow::apply ( Funcdata data)
virtual

Make a single attempt to apply this Action.

This is the main entry point for applying changes to a function that are specific to this Action. The method can inspect whatever it wants to decide if the Action does or does not apply. Changes are indicated by incrementing the count field.

Parameters
datais the function to inspect/modify
Returns
0 for a complete application, -1 for a partial completion (due to breakpoint)

Implements Action.

References analysis_finished, analyzeExtraPop(), checkClog(), Action::count, and stackspace.

◆ checkClog()

int4 ActionStackPtrFlow::checkClog ( Funcdata data,
AddrSpace id,
int4  spcbase 
)
staticprivate

Find any stack pointer clogs and pass it on to the repair routines.

A stack pointer clog is a constant addition to the stack-pointer, but where the constant comes from the stack.

Parameters
datais the function to analyze
idis the stack space
spcbaseis the index of the stack-pointer relative to the stack space
Returns
the number of clogs that were repaired

References Funcdata::beginLoc(), calc_mask(), PcodeOp::code(), CPUI_INT_ADD, CPUI_INT_MULT, CPUI_LOAD, Funcdata::endLoc(), Varnode::getDef(), PcodeOp::getIn(), Varnode::getOffset(), Varnode::getSize(), AddrSpace::getSpacebase(), Varnode::isConstant(), Varnode::isInput(), isStackRelative(), Varnode::isWritten(), and repair().

Referenced by apply().

◆ clone()

virtual Action* ActionStackPtrFlow::clone ( const ActionGroupList grouplist) const
inlinevirtual

Clone the Action.

If this Action is a member of one of the groups in the grouplist, this returns a clone of the Action, otherwise NULL is returned.

Parameters
grouplistis the list of groups being cloned
Returns
the cloned Action or NULL

Implements Action.

References ActionStackPtrFlow(), ActionGroupList::contains(), Action::getGroup(), and stackspace.

◆ isStackRelative()

bool ActionStackPtrFlow::isStackRelative ( Varnode spcbasein,
Varnode vn,
uintb &  constval 
)
staticprivate

Is the given Varnode defined as a pointer relative to the stack-pointer?

Return true if -vn- is defined as the stackpointer input plus a constant (or zero) This works through the general case and the special case when the constant is zero. The constant value is passed-back to the caller.

Parameters
spcbaseinis the Varnode holding the input value of the stack-pointer
vnis the Varnode to check for relativeness
constvalis a reference for passing back the constant offset
Returns
true if vn is stack relative

References PcodeOp::code(), CPUI_INT_ADD, Varnode::getDef(), PcodeOp::getIn(), Varnode::getOffset(), Varnode::isConstant(), and Varnode::isWritten().

Referenced by checkClog(), and repair().

◆ repair()

int4 ActionStackPtrFlow::repair ( Funcdata data,
AddrSpace id,
Varnode spcbasein,
PcodeOp loadop,
uintb  constz 
)
staticprivate

Link LOAD to matching STORE of a constant.

Try to find STORE op using same stack relative pointer as a given LOAD op. If we find it and the STORE stores a constant, change the LOAD to a COPY.

Parameters
datais the function owning the LOAD
idis the stackspace
spcbaseinis the stack-pointer
loadopis the given LOAD op
constzis the stack relative offset of the LOAD pointer
Returns
1 if we successfully change LOAD to COPY, 0 otherwise

References adjustLoad(), BlockBasic::beginOp(), PcodeOp::code(), CPUI_STORE, BlockBasic::endOp(), PcodeOp::getBasicIter(), PcodeOp::getIn(), FlowBlock::getIn(), PcodeOp::getOut(), PcodeOp::getParent(), Varnode::getSize(), Varnode::getSpace(), PcodeOp::isCall(), isStackRelative(), and FlowBlock::sizeIn().

Referenced by checkClog().

◆ reset()

virtual void ActionStackPtrFlow::reset ( Funcdata data)
inlinevirtual

Reset the Action for a new function.

Parameters
datais the new function this Action may affect

Reimplemented from Action.

References analysis_finished.


The documentation for this class was generated from the following files: