How to use the angr.sim_state.SimState function in angr
To help you get started, we’ve selected a few angr examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
angr / angr / angr / state_plugins / globals.py View on Github 
def items(self):
return self._backer.items()
def get(self, k, alt=None):
return self._backer.get(k, alt)
def pop(self, k, alt=None):
return self._backer.pop(k, alt)
@SimStatePlugin.memo
def copy(self, memo): # pylint: disable=unused-argument
return SimStateGlobals(dict(self._backer))
from angr.sim_state import SimState
SimState.register_default('globals', SimStateGlobals)# bit values based off of protection bit values from sys/mman.h
if seg.is_readable:
perms |= 1 # PROT_READ
if seg.is_writable:
perms |= 2 # PROT_WRITE
if seg.is_executable:
perms |= 4 # PROT_EXEC
permission_map[(seg.min_addr, seg.max_addr)] = perms
permissions_backer = (self.project.loader.main_object.execstack, permission_map)
kwargs['permissions_backer'] = permissions_backer
if kwargs.get('memory_backer', None) is None:
kwargs['memory_backer'] = self.project.loader.memory
if kwargs.get('os_name', None) is None:
kwargs['os_name'] = self.name
state = SimState(self.project, **kwargs)
if stdin is not None and not isinstance(stdin, SimFileBase):
if type(stdin) is type:
stdin = stdin(name='stdin', has_end=False)
else:
stdin = SimFileStream(name='stdin', content=stdin, has_end=True)
last_addr = self.project.loader.main_object.max_addr
actual_brk = (last_addr - last_addr % 0x1000 + 0x1000) if brk is None else brk
state.register_plugin('posix', SimSystemPosix(stdin=stdin, brk=actual_brk))
actual_stack_end = state.arch.initial_sp if stack_end is None else stack_end
if o.ABSTRACT_MEMORY not in state.options:
state.memory.mem._preapproved_stack = IRange(actual_stack_end - stack_size, actual_stack_end)assert k != '_view'
return self._view._deeper(ty=SimMemView.types['struct ' + k].with_arch(self._view.state.arch))
def __setattr__(self, k, v):
if k == '_view':
object.__setattr__(self, k, v)
else:
self.__getattr__(k).store(v)
from ..sim_type import ALL_TYPES, SimTypeFixedSizeArray, SimTypePointer
SimMemView.types = ALL_TYPES # identity purposefully here
from angr.sim_state import SimState
SimState.register_default('mem', SimMemView)
SimState.register_default('regs', SimRegNameView)return max_addr
def add_sinkhole(self, address, length):
"""
Add a sinkhole.
Allow the possibility for the program to reuse the memory represented by the
address length pair.
"""
self.sinkholes.add((address, length))
from angr.sim_state import SimState
SimState.register_default('cgc', SimStateCGC)if processed_flags is None or processed_flags.symbolic:
#l.info("detected symbolic rflags/eflags")
if report:
self._report_symbolic_blocker(flags, 'reg')
return False
#l.debug('passed quick check')
return True
from ..engines.vex import ccall
from .. import sim_options as options
from angr.sim_state import SimState
SimState.register_default('unicorn', Unicorn)return SimJavaVmClassloader(
initialized_classes=self.initialized_classes.copy()
)
def merge(self, others, merge_conditions, common_ancestor=None): # pylint: disable=unused-argument
l.warning("Merging is not implemented for JavaVM classloader!")
return False
def widen(self, others): # pylint: disable=unused-argument
l.warning("Widening is not implemented for JavaVM classloader!")
return False
# TODO use a default JavaVM preset
# see for reference: angr/engines/__init__.py
SimState.register_default('javavm_classloader', SimJavaVmClassloader) @SimStatePlugin.memo
def copy(self, memo): # pylint: disable=unused-argument
return SimStateJNIReferences(local_refs=self.local_refs,
global_refs=self.global_refs)
def merge(self, others, merge_conditions, common_ancestor=None): # pylint: disable=unused-argument
l.warning("Merging is not implemented for JNI references!")
return False
def widen(self, others): # pylint: disable=unused-argument
l.warning("Widening is not implemented for JNI references!")
return False
# TODO use a default JavaVM preset
# see for reference: angr/engines/__init__.py
SimState.register_default('jni_references', SimStateJNIReferences)angr
A multi-architecture binary analysis toolkit, with the ability to perform dynamic symbolic execution and various static analyses on binaries
Package Health Score
88 / 100Popular angr functions
- angr.analyses.AnalysesHub.register_default
- angr.analyses.identifier.func.TestData
- angr.errors
- angr.errors.AngrError
- angr.errors.SimMemoryError
- angr.errors.SimMergeError
- angr.errors.SimValueError
- angr.exploration_techniques
- angr.options
- angr.Project
- angr.sim_options
- angr.SIM_PROCEDURES
- angr.sim_state.SimState
- angr.sim_state.SimState.register_default
- angr.sim_type.SimTypeInt
- angr.SimProcedure
- angr.SimState
- angr.state_plugins.plugin.SimStatePlugin
- angr.state_plugins.sim_action.SimActionData
- angr.storage.memory_object.SimMemoryObject