Search for concatenations with unlikely things to inform return/parameter consumption calculation. More...
Public Member Functions | |
| RulePiecePathology (const string &g) | |
| Constructor. | |
| virtual Rule * | clone (const ActionGroupList &grouplist) const |
| Clone the Rule. More... | |
| virtual void | getOpList (vector< uint4 > &oplist) const |
| List of op codes this rule operates on. More... | |
| virtual int4 | applyOp (PcodeOp *op, Funcdata &data) |
| Attempt to apply this Rule. More... | |
 Public Member Functions inherited from Rule | |
| Rule (const string &g, uint4 fl, const string &nm) | |
| Construct given group, properties name. More... | |
| virtual | ~Rule (void) |
| Destructor. | |
| const string & | getName (void) const |
| Return the name of this Rule. | |
| const string & | getGroup (void) const |
| Return the group this Rule belongs to. | |
| uint4 | getNumTests (void) |
| Get number of attempted applications. | |
| uint4 | getNumApply (void) |
| Get number of successful applications. | |
| void | setBreak (uint4 tp) |
| Set a breakpoint on this Rule. | |
| void | clearBreak (uint4 tp) |
| Clear a breakpoint on this Rule. | |
| void | clearBreakPoints (void) |
| Clear all breakpoints on this Rule. | |
| void | turnOnWarnings (void) |
| Enable warnings for this Rule. | |
| void | turnOffWarnings (void) |
| Disable warnings for this Rule. | |
| bool | isDisabled (void) const |
| Return true if this Rule is disabled. | |
| void | setDisable (void) |
| Disable this Rule (within its pool) | |
| void | clearDisable (void) |
| Enable this Rule (within its pool) | |
| bool | checkActionBreak (void) |
| Check if an action breakpoint is turned on. More... | |
| uint4 | getBreakPoint (void) const |
| Return breakpoint toggles. | |
| virtual void | reset (Funcdata &data) |
| Reset this Rule. More... | |
| virtual void | resetStats (void) |
| Reset Rule statistics. More... | |
| virtual void | printStatistics (ostream &s) const |
| Print statistics for this Rule. More... | |
Static Private Member Functions | |
| static bool | isPathology (Varnode *vn, Funcdata &data) |
| Return true if concatenating with a SUBPIECE of the given Varnode is unusual. More... | |
| static int4 | tracePathologyForward (PcodeOp *op, Funcdata &data) |
| Given a known pathological concatenation, trace it forward to CALLs and RETURNs. More... | |
Additional Inherited Members | |
| Public Types inherited from Rule | |
| enum | typeflags { type_disable = 1, rule_debug = 2, warnings_on = 4, warnings_given = 8 } |
| Properties associated with a Rule. More... | |
Detailed Description
Search for concatenations with unlikely things to inform return/parameter consumption calculation.
For that can read/write part of a general purpose register, a small return value can get concatenated with unrelated data when the function writes directly to part of the return register. This searches for a characteristic pathology:
Member Function Documentation
Attempt to apply this Rule.
This method contains the main logic for applying the Rule. It must use a given PcodeOp as the point at which the Rule applies. If it does apply, changes are made directly to the function and 1 (non-zero) is returned, otherwise 0 is returned.
Reimplemented from Rule.
References PcodeOp::code(), CPUI_INDIRECT, CPUI_SUBPIECE, Varnode::getAddr(), Funcdata::getCallSpecs(), Varnode::getDef(), PcodeOp::getIn(), Varnode::getOffset(), Varnode::getSize(), Address::getSpace(), AddrSpace::isBigEndian(), PcodeOp::isCall(), PcodeOp::isIndirectCreation(), FuncProto::isOutputLocked(), and Varnode::isWritten().
|
inlinevirtual |
|
virtual |
List of op codes this rule operates on.
Populate the given array with all possible OpCodes this Rule might apply to. By default, this method returns all possible OpCodes
- Parameters
-
oplist is the array to populate
Reimplemented from Rule.
References CPUI_PIECE.
Return true if concatenating with a SUBPIECE of the given Varnode is unusual.
- Returns
- true if the configuration is a pathology
References PcodeOp::code(), CPUI_CALL, CPUI_CALLIND, CPUI_COPY, CPUI_INDIRECT, CPUI_MULTIEQUAL, Varnode::getAddr(), Funcdata::getCallSpecs(), Varnode::getDef(), PcodeOp::getIn(), PcodeOp::getOpFromConst(), Varnode::getSpace(), AddrSpace::getType(), IPTR_IOP, PcodeOp::isCall(), Varnode::isInput(), PcodeOp::isMark(), FuncCallSpecs::isOutputActive(), Varnode::isPersist(), and PcodeOp::setMark().
Given a known pathological concatenation, trace it forward to CALLs and RETURNs.
If the pathology reaches a CALL or RETURN, it is noted, through the FuncProto or FuncCallSpecs object, that the parameter or return value is only partially consumed. The subvariable flow rules can then decide whether or not to truncate this part of the data-flow.
- Parameters
-
op is CPUI_PIECE op that is the pathological concatenation data is the function containing the data-flow
- Returns
- a non-zero value if new bytes are labeled as unconsumed
References Varnode::beginDescend(), PcodeOp::code(), CPUI_CALL, CPUI_CALLIND, CPUI_COPY, CPUI_INDIRECT, CPUI_MULTIEQUAL, CPUI_RETURN, Varnode::endDescend(), Funcdata::getCallSpecs(), Funcdata::getFuncProto(), PcodeOp::getIn(), PcodeOp::getOut(), Varnode::getSize(), FuncCallSpecs::isInputActive(), FuncProto::isInputLocked(), PcodeOp::isMark(), FuncProto::isOutputLocked(), PcodeOp::numInput(), FuncCallSpecs::setInputBytesConsumed(), PcodeOp::setMark(), and FuncProto::setReturnBytesConsumed().
The documentation for this class was generated from the following files:
- ruleaction.hh
- ruleaction.cc
