decompiler
1.0.0
|
Analyze change to the stack pointer across sub-function calls. More...
#include <coreaction.hh>
Public Member Functions | |
ActionStackPtrFlow (const string &g, AddrSpace *ss) | |
Constructor. | |
virtual void | reset (Funcdata &data) |
Reset the Action for a new function. More... | |
virtual Action * | clone (const ActionGroupList &grouplist) const |
Clone the Action. More... | |
virtual int4 | apply (Funcdata &data) |
Make a single attempt to apply this Action. More... | |
Public Member Functions inherited from Action | |
Action (uint4 f, const string &nm, const string &g) | |
Base constructor for an Action. More... | |
virtual | ~Action (void) |
Destructor. | |
virtual void | printStatistics (ostream &s) const |
Dump statistics to stream. More... | |
int4 | perform (Funcdata &data) |
Perform this action (if necessary) More... | |
bool | setBreakPoint (uint4 tp, const string &specify) |
Set a breakpoint on this action. More... | |
bool | setWarning (bool val, const string &specify) |
Set a warning on this action. More... | |
bool | disableRule (const string &specify) |
Disable a specific Rule within this. More... | |
bool | enableRule (const string &specify) |
Enable a specific Rule within this. More... | |
const string & | getName (void) const |
Get the Action's name. | |
const string & | getGroup (void) const |
Get the Action's group. | |
uint4 | getStatus (void) const |
Get the current status of this Action. | |
uint4 | getNumTests (void) |
Get the number of times apply() was invoked. | |
uint4 | getNumApply (void) |
virtual void | resetStats (void) |
Reset all the counts to zero. More... | |
virtual int4 | print (ostream &s, int4 num, int4 depth) const |
Print a description of this Action to stream. More... | |
virtual void | printState (ostream &s) const |
Print status to stream. More... | |
virtual void | saveXml (ostream &s) const |
Save specifics of this action to stream. | |
virtual void | restoreXml (const Element *el, Funcdata *fd) |
Load specifics of action from XML. | |
virtual Action * | getSubAction (const string &specify) |
Retrieve a specific sub-action by name. More... | |
virtual Rule * | getSubRule (const string &specify) |
Retrieve a specific sub-rule by name. More... | |
Static Private Member Functions | |
static void | analyzeExtraPop (Funcdata &data, AddrSpace *stackspace, int4 spcbase) |
Calculate stack-pointer change across undetermined sub-functions. More... | |
static bool | isStackRelative (Varnode *spcbasein, Varnode *vn, uintb &constval) |
Is the given Varnode defined as a pointer relative to the stack-pointer? More... | |
static bool | adjustLoad (Funcdata &data, PcodeOp *loadop, PcodeOp *storeop) |
Adjust the LOAD where the stack-pointer alias has been recovered. More... | |
static int4 | repair (Funcdata &data, AddrSpace *id, Varnode *spcbasein, PcodeOp *loadop, uintb constz) |
Link LOAD to matching STORE of a constant. More... | |
static int4 | checkClog (Funcdata &data, AddrSpace *id, int4 spcbase) |
Find any stack pointer clogs and pass it on to the repair routines. More... | |
Private Attributes | |
AddrSpace * | stackspace |
Stack space associated with stack-pointer register. | |
bool | analysis_finished |
True if analysis already performed. | |
Additional Inherited Members | |
Public Types inherited from Action | |
enum | ruleflags { rule_repeatapply = 4, rule_onceperfunc = 8, rule_oneactperfunc = 16, rule_debug = 32, rule_warnings_on = 64, rule_warnings_given = 128 } |
Boolean behavior properties governing this particular Action. More... | |
enum | statusflags { status_start =1, status_breakstarthit =2, status_repeat =4, status_mid =8, status_end =16, status_actionbreak =32 } |
Boolean properties describing the status of an action. More... | |
enum | breakflags { break_start = 1, tmpbreak_start = 2, break_action = 4, tmpbreak_action = 8 } |
Break points associated with an Action. More... | |
Protected Member Functions inherited from Action | |
void | issueWarning (Architecture *glb) |
Warn that this Action has applied. More... | |
bool | checkStartBreak (void) |
Check start breakpoint. More... | |
bool | checkActionBreak (void) |
Check action breakpoint. More... | |
void | turnOnWarnings (void) |
Enable warnings for this Action. | |
void | turnOffWarnings (void) |
Disable warnings for this Action. | |
Protected Attributes inherited from Action | |
int4 | lcount |
Changes not including last call to apply() | |
int4 | count |
Number of changes made by this action so far. | |
uint4 | status |
Current status. | |
uint4 | breakpoint |
Breakpoint properties. | |
uint4 | flags |
Behavior properties. | |
uint4 | count_tests |
Number of times apply() has been called. | |
uint4 | count_apply |
Number of times apply() made changes. | |
string | name |
Name of the action. | |
string | basegroup |
Base group this action belongs to. | |
Analyze change to the stack pointer across sub-function calls.
|
staticprivate |
Adjust the LOAD where the stack-pointer alias has been recovered.
We've matched a LOAD with its matching store, now convert the LOAD op to a COPY of what was stored.
data | is the function being analyzed |
loadop | is the LOAD op to adjust |
storeop | is the matching STORE op |
References CPUI_COPY, PcodeOp::getIn(), Varnode::getOffset(), Varnode::getSize(), Varnode::isConstant(), Varnode::isFree(), Funcdata::newConstant(), Funcdata::opRemoveInput(), Funcdata::opSetInput(), and Funcdata::opSetOpcode().
Referenced by repair().
|
staticprivate |
Calculate stack-pointer change across undetermined sub-functions.
If there are sub-functions for which extra pop is not explicit, do full linear analysis to (attempt to) recover the values.
data | is the function to analyze |
stackspace | is the space associated with the stack-pointer |
spcbase | is the index (relative to the stackspace) of the stack-pointer |
References StackSolver::build(), calc_mask(), PcodeOp::code(), CPUI_INDIRECT, CPUI_INT_ADD, Architecture::defaultfp, Architecture::evalfp_called, LowlevelError::explain, ProtoModel::extrapop_unknown, Varnode::getAddr(), Funcdata::getArch(), Funcdata::getCallSpecs(), StackSolver::getCompanion(), Varnode::getDef(), ProtoModel::getExtraPop(), PcodeOp::getIn(), AddrSpace::getName(), StackSolver::getNumVariables(), PcodeOp::getOpFromConst(), Varnode::getSize(), StackSolver::getSolution(), Varnode::getSpace(), AddrSpace::getType(), StackSolver::getVariable(), IPTR_IOP, Funcdata::newConstant(), Funcdata::opSetAllInput(), Funcdata::opSetOpcode(), StackSolver::solve(), stackspace, and Funcdata::warningHeader().
Referenced by apply().
|
virtual |
Make a single attempt to apply this Action.
This is the main entry point for applying changes to a function that are specific to this Action. The method can inspect whatever it wants to decide if the Action does or does not apply. Changes are indicated by incrementing the count field.
data | is the function to inspect/modify |
Implements Action.
References analysis_finished, analyzeExtraPop(), checkClog(), Action::count, and stackspace.
Find any stack pointer clogs and pass it on to the repair routines.
A stack pointer clog is a constant addition to the stack-pointer, but where the constant comes from the stack.
data | is the function to analyze |
id | is the stack space |
spcbase | is the index of the stack-pointer relative to the stack space |
References Funcdata::beginLoc(), calc_mask(), PcodeOp::code(), CPUI_INT_ADD, CPUI_INT_MULT, CPUI_LOAD, Funcdata::endLoc(), Varnode::getDef(), PcodeOp::getIn(), Varnode::getOffset(), Varnode::getSize(), AddrSpace::getSpacebase(), Varnode::isConstant(), Varnode::isInput(), isStackRelative(), Varnode::isWritten(), and repair().
Referenced by apply().
|
inlinevirtual |
Clone the Action.
If this Action is a member of one of the groups in the grouplist, this returns a clone of the Action, otherwise NULL is returned.
grouplist | is the list of groups being cloned |
Implements Action.
References ActionStackPtrFlow(), ActionGroupList::contains(), Action::getGroup(), and stackspace.
|
staticprivate |
Is the given Varnode defined as a pointer relative to the stack-pointer?
Return true if -vn- is defined as the stackpointer input plus a constant (or zero) This works through the general case and the special case when the constant is zero. The constant value is passed-back to the caller.
spcbasein | is the Varnode holding the input value of the stack-pointer |
vn | is the Varnode to check for relativeness |
constval | is a reference for passing back the constant offset |
References PcodeOp::code(), CPUI_INT_ADD, Varnode::getDef(), PcodeOp::getIn(), Varnode::getOffset(), Varnode::isConstant(), and Varnode::isWritten().
Referenced by checkClog(), and repair().
|
staticprivate |
Link LOAD to matching STORE of a constant.
Try to find STORE op using same stack relative pointer as a given LOAD op. If we find it and the STORE stores a constant, change the LOAD to a COPY.
data | is the function owning the LOAD |
id | is the stackspace |
spcbasein | is the stack-pointer |
loadop | is the given LOAD op |
constz | is the stack relative offset of the LOAD pointer |
References adjustLoad(), BlockBasic::beginOp(), PcodeOp::code(), CPUI_STORE, BlockBasic::endOp(), PcodeOp::getBasicIter(), PcodeOp::getIn(), FlowBlock::getIn(), PcodeOp::getOut(), PcodeOp::getParent(), Varnode::getSize(), Varnode::getSpace(), PcodeOp::isCall(), isStackRelative(), and FlowBlock::sizeIn().
Referenced by checkClog().
|
inlinevirtual |
Reset the Action for a new function.
data | is the new function this Action may affect |
Reimplemented from Action.
References analysis_finished.