How to use the ailment.Expr.UnaryOp function in ailment
To help you get started, we’ve selected a few ailment examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
angr / angr / angr / analyses / decompiler / optimization_passes / stack_canary_simplifier.py View on Github 
def _find_canary_xor_stmt(self, block, canary_value_stack_offset):
for idx, stmt in enumerate(block.statements):
if isinstance(stmt, ailment.Stmt.ConditionalJump):
if isinstance(stmt.condition, ailment.Expr.UnaryOp) and stmt.condition.op == "Not":
# !(s_10 ^ fs:0x28 == 0)
negated = True
condition = stmt.condition.operand
else:
negated = False
condition = stmt.condition
if isinstance(condition, ailment.Expr.BinaryOp) and (
not negated and condition.op == "CmpEQ" or
negated and condition.op == "CmpNE"
):
pass
else:
continue
expr = condition.operands[0]
if not isinstance(expr, ailment.Expr.UnaryOp): 'Not': lambda cond_: ailment.Expr.UnaryOp(None, 'Not', self._convert_claripy_bool_ast(cond_.args[0])),
'And': lambda cond_: ailment.Expr.BinaryOp(None, 'LogicalAnd', (# add a break or a conditional break node
new_node = None
if type(last_stmt) is ailment.Stmt.Jump:
# shrink the block to remove the last statement
self._remove_last_statement(node)
# add a break
new_node = BreakNode(last_stmt.ins_addr, last_stmt.target.value)
elif type(last_stmt) is ailment.Stmt.ConditionalJump:
# add a conditional break
if last_stmt.true_target.value in loop_successors and \
last_stmt.false_target.value in loop_nodes:
cond = last_stmt.condition
target = last_stmt.true_target.value
elif last_stmt.false_target.value in loop_successors and \
last_stmt.true_target.value in loop_nodes:
cond = ailment.Expr.UnaryOp(last_stmt.condition.idx, 'Not', (last_stmt.condition))
target = last_stmt.false_target.value
else:
l.warning("I'm not sure which branch is jumping out of the loop...")
raise Exception()
# remove the last statement from the node
self._remove_last_statement(node)
new_node = ConditionalBreakNode(last_stmt.ins_addr, cond, target)
if new_node is not None:
# special checks if node goes empty
if isinstance(node, ailment.Block) and not node.statements:
replaced_nodes[node] = new_node
preds = list(loop_region_graph.predecessors(node))
loop_region_graph.remove_node(node)
for pred in preds:
loop_region_graph.add_edge(pred, new_node)def _negate_cond(cond):
if isinstance(cond, ailment.Expr.UnaryOp) and cond.op == 'Not':
# Unpacck it
return cond.operand
return ailment.Expr.UnaryOp(0, 'Not', cond)CodeNode: self._handle_Code,
LoopNode: self._handle_Loop,
ConditionNode: self._handle_Condition,
ConditionalBreakNode: self._handle_ConditionalBreak,
MultiNode: self._handle_MultiNode,
Block: self._handle_AILBlock,
# AIL statements
Stmt.Store: self._handle_Stmt_Store,
Stmt.Assignment: self._handle_Stmt_Assignment,
Stmt.Call: self._handle_Stmt_Call,
# AIL expressions
Expr.Register: self._handle_Expr_Register,
Expr.Load: self._handle_Expr_Load,
Expr.Tmp: self._handle_Expr_Tmp,
Expr.Const: self._handle_Expr_Const,
Expr.UnaryOp: self._handle_Expr_UnaryOp,
Expr.BinaryOp: self._handle_Expr_BinaryOp,
Expr.Convert: self._handle_Expr_Convert,
Expr.StackBaseOffset: self._handle_Expr_StackBaseOffset,
Expr.DirtyExpression: self._handle_Expr_Dirty,
# SimVariables
SimStackVariable: self._handle_Variable_SimStackVariable,
SimRegisterVariable: self._handle_Variable_SimRegisterVariable,
}
self._analyze()
Popular ailment functions
- ailment.Block
- ailment.Expr
- ailment.Expr.BasePointerOffset
- ailment.Expr.BinaryOp
- ailment.Expr.Const
- ailment.Expr.Convert
- ailment.Expr.DirtyExpression
- ailment.Expr.Expression
- ailment.Expr.Load
- ailment.Expr.Register
- ailment.Expr.StackBaseOffset
- ailment.Expr.Tmp
- ailment.Expr.UnaryOp
- ailment.IRSBConverter.convert
- ailment.Stmt
- ailment.Stmt.Assignment
- ailment.Stmt.Call
- ailment.Stmt.ConditionalJump
- ailment.Stmt.Jump
- ailment.Stmt.Store