Miasm2
 All Classes Namespaces Files Functions Variables Typedefs Properties Macros
Public Member Functions | Public Attributes | List of all members
miasm2.analysis.data_analysis.symb_exec_func Class Reference
+ Collaboration diagram for miasm2.analysis.data_analysis.symb_exec_func:

Public Member Functions

def __init__
 
def add_state
 
def get_next_state
 
def do_step
 

Public Attributes

 todo
 
 stateby_ad
 
 cpt
 
 states_var_done
 
 states_done
 
 total_done
 
 ir_arch
 

Detailed Description

This algorithm will do symbolic execution on a function, trying to propagate
states between basic blocs in order to extract inter-blocs dataflow. The
algorithm tries to merge states from blocs with multiple parents.

There is no real magic here, loops and complex merging will certainly fail.

Definition at line 213 of file data_analysis.py.

Constructor & Destructor Documentation

def miasm2.analysis.data_analysis.symb_exec_func.__init__ (   self,
  ir_arch 
)

Member Function Documentation

def miasm2.analysis.data_analysis.symb_exec_func.add_state (   self,
  parent,
  ad,
  state 
)

Definition at line 232 of file data_analysis.py.

233  def add_state(self, parent, ad, state):
234  variables = dict(state.symbols.items())
235 
236  # get bloc dead, and remove from state
237  b = self.ir_arch.get_bloc(ad)
238  if b is None:
239  raise ValueError("unknown bloc! %s" % ad)
240  """
241  dead = b.dead[0]
242  for d in dead:
243  if d in variables:
244  del(variables[d])
245  """
246  variables = variables.items()
247 
248  s = parent, ad, tuple(sorted(variables))
249  """
250  state_var = s[1]
251  if s in self.states_var_done:
252  print 'skip state'
253  return
254  if not ad in self.stateby_ad:
255  self.stateby_ad[ad] = set()
256  self.stateby_ad[ad].add(state_var)
257 
258  """
259  self.todo.add(s)
260 
261  """
262  if not ad in self.cpt:
263  self.cpt[ad] = 0
"""
def miasm2.analysis.data_analysis.symb_exec_func.do_step (   self)

Definition at line 283 of file data_analysis.py.

284  def do_step(self):
285  if len(self.todo) == 0:
286  return None
287  if self.total_done > 600:
288  print "symbexec watchdog!"
289  return None
290  self.total_done += 1
291  print 'CPT', self.total_done
292  while self.todo:
293  # if self.total_done>20:
294  # self.get_next_min()
295  # state = self.todo.pop()
296  state = self.get_next_state()
297  parent, ad, s = state
298  self.states_done.add(state)
299  self.states_var_done.add(state)
300  # if s in self.states_var_done:
301  # print "state done"
302  # continue
303 
304  sb = symbexec(self.ir_arch, dict(s))
305 
306  return parent, ad, sb
307  return None

+ Here is the call graph for this function:

def miasm2.analysis.data_analysis.symb_exec_func.get_next_state (   self)

Definition at line 279 of file data_analysis.py.

280  def get_next_state(self):
281  state = self.todo.pop()
282  return state

+ Here is the caller graph for this function:

Member Data Documentation

miasm2.analysis.data_analysis.symb_exec_func.cpt

Definition at line 226 of file data_analysis.py.

miasm2.analysis.data_analysis.symb_exec_func.ir_arch

Definition at line 230 of file data_analysis.py.

miasm2.analysis.data_analysis.symb_exec_func.stateby_ad

Definition at line 225 of file data_analysis.py.

miasm2.analysis.data_analysis.symb_exec_func.states_done

Definition at line 228 of file data_analysis.py.

miasm2.analysis.data_analysis.symb_exec_func.states_var_done

Definition at line 227 of file data_analysis.py.

miasm2.analysis.data_analysis.symb_exec_func.todo

Definition at line 224 of file data_analysis.py.

miasm2.analysis.data_analysis.symb_exec_func.total_done

Definition at line 229 of file data_analysis.py.


The documentation for this class was generated from the following file: