A light-weight emulator to calculate switch targets from switch variables. More...
#include <jumptable.hh>
Public Member Functions | |
| EmulateFunction (Funcdata *f) | |
| Constructor. | |
| void | setLoadCollect (vector< LoadTable > *val) |
| Set where/if we collect LOAD information. | |
| virtual void | setExecuteAddress (const Address &addr) |
| Set the address of the next instruction to emulate. | |
| virtual uintb | getVarnodeValue (Varnode *vn) const |
| Given a specific Varnode, retrieve the current value for it from the machine state. | |
| virtual void | setVarnodeValue (Varnode *vn, uintb val) |
| Given a specific Varnode, set the given value for it in the current machine state. | |
| uintb | emulatePath (uintb val, const PathMeld &pathMeld, PcodeOp *startop, Varnode *startvn) |
| Execute from a given starting point and value to the common end-point of the path set. | |
 Public Member Functions inherited from ghidra::EmulatePcodeOp | |
| EmulatePcodeOp (Architecture *g) | |
| Constructor. | |
| void | setCurrentOp (PcodeOp *op) |
| Establish the current PcodeOp being emulated. | |
| virtual Address | getExecuteAddress (void) const |
| Get the address of the current instruction being executed. | |
| Public Member Functions inherited from ghidra::Emulate | |
| Emulate (void) | |
| generic emulator constructor | |
| void | setHalt (bool val) |
| Set the halt state of the emulator. | |
| bool | getHalt (void) const |
| Get the halt state of the emulator. | |
| void | executeCurrentOp (void) |
| Do a single pcode op step. | |
Private Member Functions | |
| virtual void | executeLoad (void) |
| Standard behavior for a p-code LOAD. | |
| virtual void | executeBranch (void) |
| Standard behavior for a BRANCH. | |
| virtual void | executeBranchind (void) |
| Standard behavior for a BRANCHIND. | |
| virtual void | executeCall (void) |
| Standard behavior for a p-code CALL. | |
| virtual void | executeCallind (void) |
| Standard behavior for a CALLIND. | |
| virtual void | executeCallother (void) |
| Standard behavior for a user-defined p-code op. | |
| virtual void | fallthruOp (void) |
| Standard p-code fall-thru semantics. | |
Private Attributes | |
| Funcdata * | fd |
| The function being emulated. | |
| map< Varnode *, uintb > | varnodeMap |
| Light-weight memory state based on Varnodes. | |
| vector< LoadTable > * | loadpoints |
| The set of collected LOAD records (if non-null) | |
Additional Inherited Members | |
| Protected Member Functions inherited from ghidra::EmulatePcodeOp | |
| virtual uintb | getLoadImageValue (AddrSpace *spc, uintb offset, int4 sz) const |
| Pull a value from the load-image given a specific address. | |
| virtual void | executeUnary (void) |
| Execute a unary arithmetic/logical operation. | |
| virtual void | executeBinary (void) |
| Execute a binary arithmetic/logical operation. | |
| virtual void | executeStore (void) |
| Standard behavior for a p-code STORE. | |
| virtual bool | executeCbranch (void) |
| Check if the conditional of a CBRANCH is true. | |
| virtual void | executeMultiequal (void) |
| Standard behavior for a MULTIEQUAL (phi-node) | |
| virtual void | executeIndirect (void) |
| Standard behavior for an INDIRECT op. | |
| virtual void | executeSegmentOp (void) |
| Behavior for a SEGMENTOP. | |
| virtual void | executeCpoolRef (void) |
| Standard behavior for a CPOOLREF (constant pool reference) op. | |
| virtual void | executeNew (void) |
| Standard behavior for (low-level) NEW op. | |
| Protected Attributes inherited from ghidra::EmulatePcodeOp | |
| Architecture * | glb |
| The underlying Architecture for the program being emulated. | |
| PcodeOp * | currentOp |
| Current PcodeOp being executed. | |
| PcodeOp * | lastOp |
| Last PcodeOp that was executed. | |
| Protected Attributes inherited from ghidra::Emulate | |
| bool | emu_halted |
| Set to true if the emulator is halted. | |
| OpBehavior * | currentBehave |
| Behavior of the next op to execute. | |
Detailed Description
A light-weight emulator to calculate switch targets from switch variables.
We assume we only have to store memory state for individual Varnodes and that dynamic LOADs are resolved from the LoadImage. BRANCH and CBRANCH emulation will fail, there can only be one execution path, although there can be multiple data-flow paths.
Constructor & Destructor Documentation
◆ EmulateFunction()
| ghidra::EmulateFunction::EmulateFunction | ( | Funcdata * | f | ) |
Member Function Documentation
◆ emulatePath()
| uintb ghidra::EmulateFunction::emulatePath | ( | uintb | val, |
| const PathMeld & | pathMeld, | ||
| PcodeOp * | startop, | ||
| Varnode * | startvn | ||
| ) |
Execute from a given starting point and value to the common end-point of the path set.
Flow the given value through all paths in the path container to produce the single output value.
- Parameters
-
val is the starting value pathMeld is the set of paths to execute startop is the starting PcodeOp within the path set startvn is the Varnode holding the starting value
- Returns
- the calculated value at the common end-point
References ghidra::PcodeOp::code(), ghidra::CPUI_MULTIEQUAL, ghidra::Emulate::executeCurrentOp(), ghidra::PcodeOp::getAddr(), ghidra::PcodeOp::getIn(), ghidra::PathMeld::getOp(), ghidra::PcodeOp::getOut(), getVarnodeValue(), ghidra::Varnode::isConstant(), ghidra::PcodeOp::numInput(), ghidra::PathMeld::numOps(), ghidra::EmulatePcodeOp::setCurrentOp(), and setVarnodeValue().
Referenced by ghidra::JumpBasic::buildAddresses(), and ghidra::JumpBasicOverride::trialNorm().
◆ executeBranch()
|
privatevirtual |
Standard behavior for a BRANCH.
This routine performs a standard p-code BRANCH operation on the memory state. This same routine is used for CBRANCH operations if the condition has evaluated to true.
Implements ghidra::Emulate.
◆ executeBranchind()
|
privatevirtual |
Standard behavior for a BRANCHIND.
Implements ghidra::Emulate.
◆ executeCall()
|
privatevirtual |
◆ executeCallind()
|
privatevirtual |
◆ executeCallother()
|
privatevirtual |
Standard behavior for a user-defined p-code op.
Implements ghidra::Emulate.
References fallthruOp().
◆ executeLoad()
|
privatevirtual |
Standard behavior for a p-code LOAD.
Reimplemented from ghidra::EmulatePcodeOp.
References ghidra::AddrSpace::addressToByte(), ghidra::EmulatePcodeOp::currentOp, ghidra::EmulatePcodeOp::executeLoad(), ghidra::PcodeOp::getIn(), ghidra::PcodeOp::getOut(), ghidra::Varnode::getSize(), ghidra::Varnode::getSpaceFromConst(), getVarnodeValue(), ghidra::AddrSpace::getWordSize(), and loadpoints.
◆ fallthruOp()
|
privatevirtual |
Standard p-code fall-thru semantics.
Implements ghidra::Emulate.
References ghidra::EmulatePcodeOp::currentOp, and ghidra::EmulatePcodeOp::lastOp.
Referenced by executeCall(), executeCallind(), and executeCallother().
◆ getVarnodeValue()
|
virtual |
Given a specific Varnode, retrieve the current value for it from the machine state.
This is the placeholder internal operation for obtaining a Varnode value during emulation. The value is loaded using the Varnode as the address and storage size.
- Parameters
-
vn is the specific Varnode
- Returns
- the corresponding value from the machine state
Implements ghidra::EmulatePcodeOp.
References ghidra::EmulatePcodeOp::getLoadImageValue(), ghidra::Varnode::getOffset(), ghidra::Varnode::getSize(), ghidra::Varnode::getSpace(), ghidra::Varnode::isConstant(), and varnodeMap.
Referenced by emulatePath(), and executeLoad().
◆ setExecuteAddress()
|
virtual |
Set the address of the next instruction to emulate.
Implements ghidra::Emulate.
References ghidra::Emulate::currentBehave, ghidra::EmulatePcodeOp::currentOp, fd, ghidra::TypeOp::getBehavior(), ghidra::PcodeOp::getOpcode(), ghidra::Address::getSpace(), ghidra::AddrSpace::hasPhysical(), and ghidra::Funcdata::target().
◆ setVarnodeValue()
|
virtual |
Given a specific Varnode, set the given value for it in the current machine state.
This is the placeholder internal operation for setting a Varnode value during emulation. The value is stored using the Varnode as the address and storage size.
- Parameters
-
vn is the specific Varnode val is the constant value to store
Implements ghidra::EmulatePcodeOp.
References varnodeMap.
Referenced by emulatePath().
The documentation for this class was generated from the following files:
- /builds/appsec/reveng-binrw/ghidraplusplus/src/dec/jumptable.hh
- /builds/appsec/reveng-binrw/ghidraplusplus/src/dec/jumptable.cc
