Emulation based on (existing) PcodeOps and Varnodes. More...
#include <emulateutil.hh>
Public Member Functions | |
| EmulatePcodeOp (Architecture *g) | |
| Constructor. | |
| void | setCurrentOp (PcodeOp *op) |
| Establish the current PcodeOp being emulated. | |
| virtual Address | getExecuteAddress (void) const |
| Get the address of the current instruction being executed. | |
| virtual void | setVarnodeValue (Varnode *vn, uintb val)=0 |
| Given a specific Varnode, set the given value for it in the current machine state. | |
| virtual uintb | getVarnodeValue (Varnode *vn) const =0 |
| Given a specific Varnode, retrieve the current value for it from the machine state. | |
 Public Member Functions inherited from ghidra::Emulate | |
| Emulate (void) | |
| generic emulator constructor | |
| void | setHalt (bool val) |
| Set the halt state of the emulator. | |
| bool | getHalt (void) const |
| Get the halt state of the emulator. | |
| virtual void | setExecuteAddress (const Address &addr)=0 |
| Set the address of the next instruction to emulate. | |
| void | executeCurrentOp (void) |
| Do a single pcode op step. | |
Protected Member Functions | |
| virtual uintb | getLoadImageValue (AddrSpace *spc, uintb offset, int4 sz) const |
| Pull a value from the load-image given a specific address. | |
| virtual void | executeUnary (void) |
| Execute a unary arithmetic/logical operation. | |
| virtual void | executeBinary (void) |
| Execute a binary arithmetic/logical operation. | |
| virtual void | executeLoad (void) |
| Standard behavior for a p-code LOAD. | |
| virtual void | executeStore (void) |
| Standard behavior for a p-code STORE. | |
| virtual bool | executeCbranch (void) |
| Check if the conditional of a CBRANCH is true. | |
| virtual void | executeMultiequal (void) |
| Standard behavior for a MULTIEQUAL (phi-node) | |
| virtual void | executeIndirect (void) |
| Standard behavior for an INDIRECT op. | |
| virtual void | executeSegmentOp (void) |
| Behavior for a SEGMENTOP. | |
| virtual void | executeCpoolRef (void) |
| Standard behavior for a CPOOLREF (constant pool reference) op. | |
| virtual void | executeNew (void) |
| Standard behavior for (low-level) NEW op. | |
| Protected Member Functions inherited from ghidra::Emulate | |
| virtual void | executeBranch (void)=0 |
| Standard behavior for a BRANCH. | |
| virtual void | executeBranchind (void)=0 |
| Standard behavior for a BRANCHIND. | |
| virtual void | executeCall (void)=0 |
| Standard behavior for a p-code CALL. | |
| virtual void | executeCallind (void)=0 |
| Standard behavior for a CALLIND. | |
| virtual void | executeCallother (void)=0 |
| Standard behavior for a user-defined p-code op. | |
| virtual void | fallthruOp (void)=0 |
| Standard p-code fall-thru semantics. | |
Protected Attributes | |
| Architecture * | glb |
| The underlying Architecture for the program being emulated. | |
| PcodeOp * | currentOp |
| Current PcodeOp being executed. | |
| PcodeOp * | lastOp |
| Last PcodeOp that was executed. | |
| Protected Attributes inherited from ghidra::Emulate | |
| bool | emu_halted |
| Set to true if the emulator is halted. | |
| OpBehavior * | currentBehave |
| Behavior of the next op to execute. | |
Detailed Description
Emulation based on (existing) PcodeOps and Varnodes.
This is still an abstract class. It does most of the work of emulating p-code using PcodeOp and Varnode objects (as opposed to PcodeOpRaw and VarnodeData). This class leaves implementation of control-flow to the derived class. This class implements most operations by going through new virtual methods:
The default executeLoad() implementation pulls values from the underlying LoadImage object. The following p-code ops are provided NULL implementations, as some tasks don't need hard emulation of them:
- STORE
- CPOOLREF
- NEW
Constructor & Destructor Documentation
◆ EmulatePcodeOp()
| ghidra::EmulatePcodeOp::EmulatePcodeOp | ( | Architecture * | g | ) |
- Parameters
-
g is the Architecture providing the LoadImage
Member Function Documentation
◆ executeBinary()
|
protectedvirtual |
Execute a binary arithmetic/logical operation.
Implements ghidra::Emulate.
References ghidra::Emulate::currentBehave, currentOp, ghidra::OpBehavior::evaluateBinary(), ghidra::PcodeOp::getIn(), ghidra::PcodeOp::getOut(), ghidra::Varnode::getSize(), getVarnodeValue(), and setVarnodeValue().
◆ executeCbranch()
|
protectedvirtual |
Check if the conditional of a CBRANCH is true.
This routine only checks if the condition for a p-code CBRANCH is true. It does not perform the actual branch.
- Returns
- the boolean state indicated by the condition
Implements ghidra::Emulate.
References currentOp, ghidra::PcodeOp::getIn(), getVarnodeValue(), and ghidra::PcodeOp::isBooleanFlip().
◆ executeCpoolRef()
|
protectedvirtual |
Standard behavior for a CPOOLREF (constant pool reference) op.
Implements ghidra::Emulate.
◆ executeIndirect()
|
protectedvirtual |
Standard behavior for an INDIRECT op.
Implements ghidra::Emulate.
References currentOp, ghidra::PcodeOp::getIn(), ghidra::PcodeOp::getOut(), getVarnodeValue(), and setVarnodeValue().
◆ executeLoad()
|
protectedvirtual |
Standard behavior for a p-code LOAD.
Implements ghidra::Emulate.
Reimplemented in ghidra::EmulateFunction.
References ghidra::AddrSpace::addressToByte(), currentOp, ghidra::PcodeOp::getIn(), getLoadImageValue(), ghidra::PcodeOp::getOut(), ghidra::Varnode::getSize(), ghidra::Varnode::getSpaceFromConst(), getVarnodeValue(), ghidra::AddrSpace::getWordSize(), and setVarnodeValue().
Referenced by ghidra::EmulateFunction::executeLoad().
◆ executeMultiequal()
|
protectedvirtual |
Standard behavior for a MULTIEQUAL (phi-node)
Implements ghidra::Emulate.
References currentOp, ghidra::FlowBlock::getIn(), ghidra::PcodeOp::getIn(), ghidra::PcodeOp::getOut(), ghidra::PcodeOp::getParent(), getVarnodeValue(), lastOp, setVarnodeValue(), and ghidra::FlowBlock::sizeIn().
◆ executeNew()
|
protectedvirtual |
Standard behavior for (low-level) NEW op.
Implements ghidra::Emulate.
◆ executeSegmentOp()
|
protectedvirtual |
Behavior for a SEGMENTOP.
Implements ghidra::Emulate.
References currentOp, ghidra::SegmentOp::execute(), ghidra::PcodeOp::getIn(), ghidra::AddrSpace::getIndex(), ghidra::PcodeOp::getOut(), ghidra::UserOpManage::getSegmentOp(), ghidra::Varnode::getSpaceFromConst(), getVarnodeValue(), glb, setVarnodeValue(), and ghidra::Architecture::userops.
◆ executeStore()
|
protectedvirtual |
Standard behavior for a p-code STORE.
Implements ghidra::Emulate.
◆ executeUnary()
|
protectedvirtual |
Execute a unary arithmetic/logical operation.
Implements ghidra::Emulate.
References ghidra::Emulate::currentBehave, currentOp, ghidra::OpBehavior::evaluateUnary(), ghidra::PcodeOp::getIn(), ghidra::PcodeOp::getOut(), ghidra::Varnode::getSize(), getVarnodeValue(), and setVarnodeValue().
◆ getExecuteAddress()
|
inlinevirtual |
Get the address of the current instruction being executed.
Implements ghidra::Emulate.
References currentOp, and ghidra::PcodeOp::getAddr().
◆ getLoadImageValue()
|
protectedvirtual |
Pull a value from the load-image given a specific address.
A contiguous chunk of memory is pulled from the load-image and returned as a constant value, respecting the endianness of the address space. The default implementation of this method pulls the value directly from the LoadImage object.
- Parameters
-
spc is the address space to pull the value from offset is the starting address offset (from within the space) to pull the value from sz is the number of bytes to pull from memory
- Returns
- indicated bytes arranged as a constant value
References ghidra::calc_mask(), glb, ghidra::AddrSpace::isBigEndian(), ghidra::Architecture::loader, and ghidra::LoadImage::loadFill().
Referenced by executeLoad(), and ghidra::EmulateFunction::getVarnodeValue().
◆ getVarnodeValue()
|
pure virtual |
Given a specific Varnode, retrieve the current value for it from the machine state.
This is the placeholder internal operation for obtaining a Varnode value during emulation. The value is loaded using the Varnode as the address and storage size.
- Parameters
-
vn is the specific Varnode
- Returns
- the corresponding value from the machine state
Implemented in ghidra::EmulateFunction.
Referenced by executeBinary(), executeCbranch(), executeIndirect(), executeLoad(), executeMultiequal(), executeSegmentOp(), and executeUnary().
◆ setCurrentOp()
|
inline |
Establish the current PcodeOp being emulated.
- Parameters
-
op is the PcodeOp that will next be executed via executeCurrentOp()
References ghidra::Emulate::currentBehave, currentOp, ghidra::TypeOp::getBehavior(), and ghidra::PcodeOp::getOpcode().
Referenced by ghidra::EmulateFunction::emulatePath().
◆ setVarnodeValue()
|
pure virtual |
Given a specific Varnode, set the given value for it in the current machine state.
This is the placeholder internal operation for setting a Varnode value during emulation. The value is stored using the Varnode as the address and storage size.
- Parameters
-
vn is the specific Varnode val is the constant value to store
Implemented in ghidra::EmulateFunction.
Referenced by executeBinary(), executeIndirect(), executeLoad(), executeMultiequal(), executeSegmentOp(), and executeUnary().
The documentation for this class was generated from the following files:
- /builds/appsec/reveng-binrw/ghidraplusplus/src/dec/emulateutil.hh
- /builds/appsec/reveng-binrw/ghidraplusplus/src/dec/emulateutil.cc
