How to use ailment - 10 common examples
To help you get started, we’ve selected a few ailment examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
angr / angr / angr / analyses / variable_recovery / variable_recovery_fast.py View on Github 
def _ail_handle_Assignment(self, stmt):
dst_type = type(stmt.dst)
if dst_type is ailment.Expr.Register:
offset = stmt.dst.reg_offset
data = self._expr(stmt.src)
size = stmt.src.bits // 8
self._assign_to_register(offset, data, size, src=stmt.src, dst=stmt.dst)
elif dst_type is ailment.Expr.Tmp:
# simply write to self.tmps
data = self._expr(stmt.src)
if data is None:
return
self.tmps[stmt.dst.tmp_idx] = data
else:
l.warning('Unsupported dst type %s.', dst_type)def _ail_handle_Assignment(self, stmt):
dst_type = type(stmt.dst)
if dst_type is ailment.Expr.Register:
offset = stmt.dst.reg_offset
data = self._expr(stmt.src)
size = stmt.src.bits // 8
self._assign_to_register(offset, data, size, src=stmt.src, dst=stmt.dst)
elif dst_type is ailment.Expr.Tmp:
# simply write to self.tmps
data = self._expr(stmt.src)
if data is None:
return
self.tmps[stmt.dst.tmp_idx] = data
else:
l.warning('Unsupported dst type %s.', dst_type)def _ail_handle_Store(self, stmt):
addr = self._expr(stmt.addr)
data = self._expr(stmt.data)
if isinstance(addr, Expr.StackBaseOffset):
# Storing data to a stack variable
self.state.store_variable(Expr.Load(None, addr, data.bits // 8, stmt.endness), data)def _ail_handle_Store(self, stmt):
addr = self._expr(stmt.addr)
data = self._expr(stmt.data)
if isinstance(addr, Expr.StackBaseOffset):
# Storing data to a stack variable
self.state.store_variable(Expr.Load(None, addr, data.bits // 8, stmt.endness), data)def _ail_handle_Assignment(self, stmt):
dst_type = type(stmt.dst)
if dst_type is ailment.Expr.Register:
offset = stmt.dst.reg_offset
data = self._expr(stmt.src)
size = stmt.src.bits // 8
self._assign_to_register(offset, data, size, src=stmt.src, dst=stmt.dst)
elif dst_type is ailment.Expr.Tmp:
# simply write to self.tmps
data = self._expr(stmt.src)
if data is None:
return
self.tmps[stmt.dst.tmp_idx] = data
else:
l.warning('Unsupported dst type %s.', dst_type)def _ail_handle_Assignment(self, stmt):
dst_type = type(stmt.dst)
if dst_type is ailment.Expr.Register:
offset = stmt.dst.reg_offset
data = self._expr(stmt.src)
size = stmt.src.bits // 8
self._assign_to_register(offset, data, size, src=stmt.src, dst=stmt.dst)
elif dst_type is ailment.Expr.Tmp:
# simply write to self.tmps
data = self._expr(stmt.src)
if data is None:
return
self.tmps[stmt.dst.tmp_idx] = data
else:
l.warning('Unsupported dst type %s.', dst_type)def check_bp_save_fauxware(arch):
p = angr.Project(os.path.join(test_location, arch, 'fauxware'), auto_load_libs=False)
p.analyses.CFGFast()
main = p.kb.functions['main']
dra = p.analyses.Decompiler(main)
first_block_stmts = dra.codegen._sequence.nodes[0].nodes[0].statements
for stmt in first_block_stmts:
if isinstance(stmt, ailment.Stmt.Store):
nose.tools.assert_false(
(isinstance(stmt.data, ailment.Expr.Register)
and stmt.data.reg_offset == p.arch.bp_offset)
or (isinstance(stmt.data, ailment.Expr.StackBaseOffset)
and stmt.data.offset == 0))def check_bp_save_fauxware(arch):
p = angr.Project(os.path.join(test_location, arch, 'fauxware'), auto_load_libs=False)
p.analyses.CFGFast()
main = p.kb.functions['main']
dra = p.analyses.Decompiler(main)
first_block_stmts = dra.codegen._sequence.nodes[0].nodes[0].statements
for stmt in first_block_stmts:
if isinstance(stmt, ailment.Stmt.Store):
nose.tools.assert_false(
(isinstance(stmt.data, ailment.Expr.Register)
and stmt.data.reg_offset == p.arch.bp_offset)
or (isinstance(stmt.data, ailment.Expr.StackBaseOffset)
and stmt.data.offset == 0))def check_bp_save_fauxware(arch):
p = angr.Project(os.path.join(test_location, arch, 'fauxware'), auto_load_libs=False)
p.analyses.CFGFast()
main = p.kb.functions['main']
dra = p.analyses.Decompiler(main)
first_block_stmts = dra.codegen._sequence.nodes[0].nodes[0].statements
for stmt in first_block_stmts:
if isinstance(stmt, ailment.Stmt.Store):
nose.tools.assert_false(
(isinstance(stmt.data, ailment.Expr.Register)
and stmt.data.reg_offset == p.arch.bp_offset)
or (isinstance(stmt.data, ailment.Expr.StackBaseOffset)
and stmt.data.offset == 0)) 'ULE': lambda cond_: ailment.Expr.BinaryOp(None, 'CmpULE',
tuple(map(self._convert_claripy_bool_ast, cond_.args)),
),
Popular ailment functions
- ailment.Block
- ailment.Expr
- ailment.Expr.BasePointerOffset
- ailment.Expr.BinaryOp
- ailment.Expr.Const
- ailment.Expr.Convert
- ailment.Expr.DirtyExpression
- ailment.Expr.Expression
- ailment.Expr.Load
- ailment.Expr.Register
- ailment.Expr.StackBaseOffset
- ailment.Expr.Tmp
- ailment.Expr.UnaryOp
- ailment.IRSBConverter.convert
- ailment.Stmt
- ailment.Stmt.Assignment
- ailment.Stmt.Call
- ailment.Stmt.ConditionalJump
- ailment.Stmt.Jump
- ailment.Stmt.Store