1. Advisor
  2. ailment
  3. functions
  4. ailment.Expr.Load
View all ailment analysis

How to use the ailment.Expr.Load function in ailment

To help you get started, we’ve selected a few ailment examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github angr / angr / angr / analyses / propagator / engine_ail.py View on Github external
def _ail_handle_Store(self, stmt):
        addr = self._expr(stmt.addr)
        data = self._expr(stmt.data)

        if isinstance(addr, Expr.StackBaseOffset):
            # Storing data to a stack variable
            self.state.store_variable(Expr.Load(None, addr, data.bits // 8, stmt.endness), data)
github angr / angr / angr / analyses / decompiler / optimization_passes / engine_base.py View on Github external
def _ail_handle_Load(self, expr):

        addr = self._expr(expr.addr)

        if addr != expr.addr:
            return Expr.Load(expr.idx, addr, expr.size, expr.endness, **expr.tags)
        return expr
github angr / angr / angr / analyses / decompiler / clinic.py View on Github external
:param int stmt_idx:        ID of the statement.
        :param stmt:                The AIL statement that `expr` belongs to.
        :param expr:                The AIl expression to work on.
        :return:                    None
        """

        if type(expr) is ailment.Expr.Register:
            # find a register variable
            reg_vars = variable_manager.find_variables_by_atom(block.addr, stmt_idx, expr)
            # TODO: make sure it is the correct register we are looking for
            if len(reg_vars) == 1:
                reg_var, offset = next(iter(reg_vars))
                expr.variable = reg_var
                expr.offset = offset

        elif type(expr) is ailment.Expr.Load:
            # import ipdb; ipdb.set_trace()
            variables = variable_manager.find_variables_by_atom(block.addr, stmt_idx, expr)
            if len(variables) == 0:
                self._link_variables_on_expr(variable_manager, block, stmt_idx, stmt, expr.addr)
            else:
                if len(variables) > 1:
                    l.error("More than one variable are available for atom %s. Consider fixing it using phi nodes.",
                            expr
                            )
                var, offset = next(iter(variables))
                expr.variable = var
                expr.offset = offset

        elif type(expr) is ailment.Expr.BinaryOp:
            variables = variable_manager.find_variables_by_atom(block.addr, stmt_idx, expr)
            if len(variables) == 1:
github angr / angr / angr / analyses / propagator / engine_ail.py View on Github external
def _ail_handle_Load(self, expr):
        addr = self._expr(expr.addr)

        if addr != expr.addr:
            return Expr.Load(expr.idx, addr, expr.size, expr.endness, **expr.tags)
        return expr
github angr / angr / angr / analyses / decompiler / optimization_passes / stack_canary_simplifier.py View on Github external
def _find_canary_init_stmt(self):

        first_block = self._get_block(self._func.addr)

        for idx, stmt in enumerate(first_block.statements):
            if isinstance(stmt, ailment.Stmt.Store) \
                    and isinstance(stmt.addr, ailment.Expr.StackBaseOffset) \
                    and isinstance(stmt.data, ailment.Expr.Load) \
                    and self._is_add(stmt.data.addr):
                # Check addr: must be fs+0x28
                op0, op1 = stmt.data.addr.operands
                if isinstance(op1, ailment.Expr.Register):
                    op0, op1 = op1, op0
                if isinstance(op0, ailment.Expr.Register) and isinstance(op1, ailment.Expr.Const):
                    if op0.reg_offset == self.project.arch.get_register_offset('fs') and op1.value == 0x28:
                        return first_block, idx

        return None
github angr / angr / angr / analyses / decompiler / structured_codegen.py View on Github external
self._handlers = {
            SequenceNode: self._handle_Sequence,
            CodeNode: self._handle_Code,
            LoopNode: self._handle_Loop,
            ConditionNode: self._handle_Condition,
            ConditionalBreakNode: self._handle_ConditionalBreak,
            MultiNode: self._handle_MultiNode,
            Block: self._handle_AILBlock,
            # AIL statements
            Stmt.Store: self._handle_Stmt_Store,
            Stmt.Assignment: self._handle_Stmt_Assignment,
            Stmt.Call: self._handle_Stmt_Call,
            # AIL expressions
            Expr.Register: self._handle_Expr_Register,
            Expr.Load: self._handle_Expr_Load,
            Expr.Tmp: self._handle_Expr_Tmp,
            Expr.Const: self._handle_Expr_Const,
            Expr.UnaryOp: self._handle_Expr_UnaryOp,
            Expr.BinaryOp: self._handle_Expr_BinaryOp,
            Expr.Convert: self._handle_Expr_Convert,
            Expr.StackBaseOffset: self._handle_Expr_StackBaseOffset,
            Expr.DirtyExpression: self._handle_Expr_Dirty,
            # SimVariables
            SimStackVariable: self._handle_Variable_SimStackVariable,
            SimRegisterVariable: self._handle_Variable_SimRegisterVariable,
        }

        self._analyze()

ailment

The angr intermediate language.

GitHub
BSD-2-Clause
Latest version published 14 days ago

Package Health Score

76 / 100
Full package analysis

Popular ailment functions

Similar packages