How to use archinfo - 10 common examples
To help you get started, we’ve selected a few archinfo examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
angr / archinfo / archinfo / arch.py View on Github 
self.bytes = self.bits // self.byte_width
if endness not in (Endness.LE, Endness.BE, Endness.ME):
raise ArchError('Must pass a valid endness: Endness.LE, Endness.BE, or Endness.ME')
if instruction_endness is not None:
self.instruction_endness = instruction_endness
if self.vex_support and _pyvex:
self.vex_archinfo = _pyvex.default_vex_archinfo()
if endness == Endness.BE:
if self.vex_archinfo:
self.vex_archinfo['endness'] = _pyvex.vex_endness_from_string('VexEndnessBE')
self.memory_endness = Endness.BE
self.register_endness = Endness.BE
if _capstone and self.cs_mode is not None:
self.cs_mode -= _capstone.CS_MODE_LITTLE_ENDIAN
self.cs_mode += _capstone.CS_MODE_BIG_ENDIAN
if _keystone and self.ks_mode is not None:
self.ks_mode -= _keystone.KS_MODE_LITTLE_ENDIAN
self.ks_mode += _keystone.KS_MODE_BIG_ENDIAN
self.ret_instruction = reverse_ends(self.ret_instruction)
self.nop_instruction = reverse_ends(self.nop_instruction)
if self.register_list and _pyvex is not None:
(_, _), max_offset = max(_pyvex.vex_ffi.guest_offsets.items(), key=lambda x: x[1])
max_offset += self.bits
# Register collections
if type(self.vex_arch) is str:
va = self.vex_arch[7:].lower() # pylint: disable=unsubscriptable-object
for r in self.register_list:self.bytes = self.bits // self.byte_width
if endness not in (Endness.LE, Endness.BE, Endness.ME):
raise ArchError('Must pass a valid endness: Endness.LE, Endness.BE, or Endness.ME')
if instruction_endness is not None:
self.instruction_endness = instruction_endness
if self.vex_support and _pyvex:
self.vex_archinfo = _pyvex.default_vex_archinfo()
if endness == Endness.BE:
if self.vex_archinfo:
self.vex_archinfo['endness'] = _pyvex.vex_endness_from_string('VexEndnessBE')
self.memory_endness = Endness.BE
self.register_endness = Endness.BE
if _capstone and self.cs_mode is not None:
self.cs_mode -= _capstone.CS_MODE_LITTLE_ENDIAN
self.cs_mode += _capstone.CS_MODE_BIG_ENDIAN
if _keystone and self.ks_mode is not None:
self.ks_mode -= _keystone.KS_MODE_LITTLE_ENDIAN
self.ks_mode += _keystone.KS_MODE_BIG_ENDIAN
self.ret_instruction = reverse_ends(self.ret_instruction)
self.nop_instruction = reverse_ends(self.nop_instruction)
if self.register_list and _pyvex is not None:
(_, _), max_offset = max(_pyvex.vex_ffi.guest_offsets.items(), key=lambda x: x[1])
max_offset += self.bits
# Register collections
if type(self.vex_arch) is str:
va = self.vex_arch[7:].lower() # pylint: disable=unsubscriptable-objectdef get_last_state_of_method(method_name):
# get SootAddressDescriptor of method entry
soot_method = next(project.loader.main_object.get_method(method_name))
method = SootMethodDescriptor.from_soot_method(soot_method)
addr = SootAddressDescriptor(method, 0, 0)
# create call state
state = project.factory.blank_state(addr=addr)
# run until no successors exists
# Note: this does not work if conditional branches are present
states = [state]
succ = states[-1].step()
while len(succ.successors) == 1:
states += succ
succ = states[-1].step()
# last state is the 'Terminator' state
# => return the state before
return states[-2]def get_entry_state_of_method(project, method_fullname):
# get SootAddressDescriptor of method entry
soot_method = project.loader.main_object.get_soot_method(method_fullname)
method = SootMethodDescriptor.from_soot_method(soot_method)
addr = SootAddressDescriptor(method, 0, 0)
# create call state
return project.factory.blank_state(addr=addr, add_options={angr.options.ZERO_FILL_UNCONSTRAINED_MEMORY})def get_entry_state_of_method(project, method_fullname):
# get SootAddressDescriptor of method entry
soot_method = project.loader.main_object.get_soot_method(method_fullname)
method = SootMethodDescriptor.from_soot_method(soot_method)
addr = SootAddressDescriptor(method, 0, 0)
# create call state
return project.factory.blank_state(addr=addr)def test_fauxware():
amd64 = archinfo.arch_from_id('amd64')
args = {
'i386': [
('authenticate', SimCCCdecl(
archinfo.arch_from_id('i386'),
args=[SimStackArg(4, 4), SimStackArg(8, 4)], sp_delta=4
)
),
],
'x86_64': [
('authenticate', SimCCSystemVAMD64(
amd64,
args=[SimRegArg('rdi', 8), SimRegArg('rsi', 8)],
sp_delta=8
)
),
],
}
for arch, lst in args.items():
yield run_fauxware, arch, lstdef test_fauxware():
amd64 = archinfo.arch_from_id('amd64')
args = {
'i386': [
('authenticate', SimCCCdecl(
archinfo.arch_from_id('i386'),
args=[SimStackArg(4, 4), SimStackArg(8, 4)], sp_delta=4
)
),
],
'x86_64': [
('authenticate', SimCCSystemVAMD64(
amd64,
args=[SimRegArg('rdi', 8), SimRegArg('rsi', 8)],
sp_delta=8
)
),ctype_tolower_loc = lambda state, arguments: simuvex.SimProcedures['libc.so.6']['__ctype_tolower_loc'](FAKE_ADDR, archinfo.arch_from_id('AMD64')).execute(state, arguments=arguments)
ctype_toupper_loc = lambda state, arguments: simuvex.SimProcedures['libc.so.6']['__ctype_toupper_loc'](FAKE_ADDR, archinfo.arch_from_id('AMD64')).execute(state, arguments=arguments)def get_last_state_of_method(method_name):
# get SootAddressDescriptor of method entry
soot_method = next(project.loader.main_object.get_method(method_name))
method = SootMethodDescriptor.from_soot_method(soot_method)
addr = SootAddressDescriptor(method, 0, 0)
# create call state
state = project.factory.blank_state(addr=addr)
# run until no successors exists
# Note: this does not work if conditional branches are present
states = [state]
succ = states[-1].step()
while len(succ.successors) == 1:
states += succ
succ = states[-1].step()
# last state is the 'Terminator' state
# => return the state before
return states[-2]def test_irop_perm():
arch = archinfo.ArchAMD64()
p = angr.load_shellcode(arch.asm('vpshufb xmm0,xmm1,xmm2'), arch)
# concrete test
s1 = p.factory.blank_state()
s1.regs.xmm1 = 0x3c899a56814ee9b84c7b5d8394c85881
s1.regs.xmm2 = 0xa55c66a2cdef1cbcd72b42078d1b7f8b
s2 = s1.step(num_inst=1).successors[0]
assert (s2.regs.xmm0 == 0x00567b00000056000081c84c00813c00).is_true()
# symbolic test
s3 = p.factory.blank_state()
s3.regs.xmm1 = claripy.BVS('xmm1', 128)
s3.regs.xmm2 = claripy.BVS('xmm2', 128)
s4 = s3.step(num_inst=1).successors[0]
s4.solver.add(s4.regs.xmm2 == 0xa55c66a2cdef1cbcd72b42078d1b7f8b)
s4.solver.add(s4.regs.xmm0 == 0x00567b00000056000081c84c00813c00)archinfo
Classes with architecture-specific information useful to other projects.
Package Health Score
81 / 100Popular archinfo functions
- archinfo.arch.Arch
- archinfo.arch.Endness
- archinfo.arch.Endness.BE
- archinfo.arch.Endness.LE
- archinfo.arch.Register
- archinfo.arch.register_arch
- archinfo.arch_arm.is_arm_arch
- archinfo.arch_from_id
- archinfo.arch_soot.ArchSoot
- archinfo.arch_soot.SootAddressDescriptor
- archinfo.arch_soot.SootAddressTerminator
- archinfo.arch_soot.SootArgument
- archinfo.arch_soot.SootMethodDescriptor
- archinfo.arch_soot.SootMethodDescriptor.from_soot_method
- archinfo.ArchAMD64
- archinfo.ArchARM
- archinfo.archerror.ArchError
- archinfo.ArchMIPS32
- archinfo.ArchX86
- archinfo.Endness