How to use the vivisect.const.LOC_IMPORT function in vivisect

To help you get started, we’ve selected a few vivisect examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

fireeye / flare-floss / floss / utils.py View on Github

The only change is that we return non-ASCII characters (0x90) instead of 'A's if probing the memory fails.
    This gets rid of many AAA... false positive decoded strings.
    :param self: emulator instance
    :param va: virtual address of requested memory
    :param size: size of requested memory
    :return: requested memory or '\x90' if memory hasn't been resolved yet
    """
    if self.logread:
        rlog = vg_path.getNodeProp(self.curpath, 'readlog')
        rlog.append((self.getProgramCounter(),va,size))

    # If they read an import entry, start a taint...
    loc = self.vw.getLocation(va)
    if loc != None:
        lva, lsize, ltype, ltinfo = loc
        if ltype == LOC_IMPORT and lsize == size:  # They just read an import.
            ret = self.setVivTaint('import', loc)
            return e_bits.buildbytes(ret, lsize)

    self._useVirtAddr(va)

    # Read from the emulator's pages if we havent resolved it yet
    probeok = self.probeMemory(va, size, e_mem.MM_READ)
    if self._safe_mem and not probeok:
        return '\0x90' * size  # 0x90 is non-ASCII and NOP instruction in x86

    return e_mem.MemoryObject.readMemory(self, va, size)

How to use the vivisect.const.LOC_IMPORT function in vivisect

To help you get started, we’ve selected a few vivisect examples, based on popular ways it is used in public projects.

vivisect

Package Health Score

Popular vivisect functions

Similar packages