Package ghidra.program.util

Class SymbolicPropogator

java.lang.Object
ghidra.program.util.SymbolicPropogator
public class SymbolicPropogator extends Object

  • Field Details

    • memorySpaces

      protected List<AddressSpace> memorySpaces

    • evaluator

      protected ContextEvaluator evaluator

    • program

      protected Program program

    • programContext

      protected ProgramContext programContext

    • spaceContext

      protected ProgramContext spaceContext

    • savedProgramContext

      protected ProgramContext savedProgramContext

    • savedSpaceContext

      protected ProgramContext savedSpaceContext

    • canceled

      protected boolean canceled

    • readExecutableAddress

      protected boolean readExecutableAddress

    • context

      protected VarnodeContext context

    • visitedBody

      protected AddressSet visitedBody

    • hitCodeFlow

      protected boolean hitCodeFlow

    • MAX_EXACT_INSTRUCTIONS

      protected static final int MAX_EXACT_INSTRUCTIONS
      See Also:

    • lastFullHashCode

      protected int lastFullHashCode

    • lastInstrCode

      protected int lastInstrCode

    • sameInstrCount

      protected int sameInstrCount

  • Constructor Details

    • SymbolicPropogator

      public SymbolicPropogator(Program program)
      Create SymbolicPropagator for program. This will record all values at the beginning and ending of instructions. Recording all values can take more time and memory. So if the SymbolicEvaluator callback mechanism is being used, use the alternate constructor with false for recordStartEndState.

    • SymbolicPropogator

      public SymbolicPropogator(Program program, boolean recordStartEndState)
      Create SymbolicPropagator for program either recording or start/end state at each instruction. NOTE: if you are going to inspect values at instructions after SymbolicPropogator.flowConstants() has completed, then you should pass true for recordStartEndState. If you are using a custom SymbolicEvaluator with the flowConstants() method, then you should pass false.
      Parameters:
      program - program
      recordStartEndState - - true to record the value of each register at the start/end of each instruction This will use more memory and be slightly slower. If inspecting values after flowContants() has completed, you must pass true.

  • Method Details

    • setDebug

      public void setDebug(boolean debug)

    • flowConstants

      public AddressSet flowConstants(Address startAddr, AddressSetView restrictSet, ContextEvaluator eval, boolean saveContext, TaskMonitor monitor) throws CancelledException
      Process a subroutine using the processor function. The process function can control what flows are followed and when to stop.
      Parameters:
      startAddr - start address
      restrictSet - the address set to restrict the constant flow to
      eval - the context evaluator to use
      saveContext - true if the context should be saved
      monitor - the task monitor
      Returns:
      the address set of instructions that were followed
      Throws:
      CancelledException - if the task is cancelled

    • saveOffCurrentContext

      protected VarnodeContext saveOffCurrentContext(Address startAddr)
      Save off the current context and set the current context to a copy This is done so that the values in the context are not changed, but can be used for computation.
      Parameters:
      startAddr -
      Returns:

    • getRegisterValue

      public SymbolicPropogator.Value getRegisterValue(Address toAddr, Register reg)
      Get constant or register relative value assigned to the specified register at the specified address. Note: This can only be called safely if recordStartEndState flag is true. Otherwise it will just return the current value, not the value at the given address.
      Parameters:
      toAddr - address
      reg - register
      Returns:
      register value

    • getEndRegisterValue

      public SymbolicPropogator.Value getEndRegisterValue(Address toAddr, Register reg)
      Get constant or register relative value assigned to the specified register at the specified address after the instruction has executed. Note: This can only be called if recordStartEndState flag is true.
      Parameters:
      toAddr - address
      reg - register
      Returns:
      register value
      Throws:
      UnsupportedOperationException - recordStartEndState == false at construction

    • getRegisterValueRepresentation

      public String getRegisterValueRepresentation(Address addr, Register reg)
      Do not depend on this method! For display debugging purposes only. This will change.
      Parameters:
      addr -
      reg -
      Returns:

    • setRegister

      public void setRegister(Address addr, Register stackReg)

    • flowConstants

      public AddressSet flowConstants(Address startAddr, AddressSetView restrictSet, ContextEvaluator eval, VarnodeContext vContext, TaskMonitor monitor) throws CancelledException
      Throws:
      CancelledException

    • flowConstants

      public AddressSet flowConstants(Address fromAddr, Address startAddr, AddressSetView restrictSet, ContextEvaluator eval, VarnodeContext vContext, TaskMonitor monitor) throws CancelledException
      Throws:
      CancelledException

    • getInstructionPcode

      public PcodeOp[] getInstructionPcode(Instruction instruction)

    • getInstructionAt

      public Instruction getInstructionAt(Address addr)

    • getFunctionAt

      public Function getFunctionAt(Address addr)

    • getInstructionContaining

      public Instruction getInstructionContaining(Address addr)

    • makeReference

      public Address makeReference(VarnodeContext varnodeContext, Instruction instruction, int opIndex, Varnode vt, DataType dataType, RefType refType, int pcodeop, boolean knownReference, TaskMonitor monitor)
      Make from the instruction to the reference based on the varnode passed in.
      Parameters:
      varnodeContext - - context to use for any other infomation needed
      instruction - - instruction to place the reference on.
      opIndex - - operand it should be placed on, or -1 if unknown
      vt - - place to reference, could be a full address, or just a constant
      refType - - type of reference
      pcodeop - - pcode op that caused the reference
      knownReference - true if this is a know good address, speculative otherwise
      monitor - to cancel
      Returns:
      address that was marked up, null otherwise

    • makeReference

      public Address makeReference(VarnodeContext vContext, Instruction instruction, int opIndex, long knownSpaceID, long wordOffset, int size, DataType dataType, RefType refType, int pcodeop, boolean knownReference, boolean preExisting, TaskMonitor monitor)
      Make a reference from the instruction to the address based on the spaceID,offset passed in. This could make a reference into an overlay (overriding the spaceID), or into memory, if spaceID is a constant space. The target could be an external Address carried along and then finally used. External addresses are OK as long as nothing is done to the offset.
      Parameters:
      vContext - - context to use for any other information needed
      instruction - - instruction to place the reference on.
      opIndex - - operand it should be placed on, or -1 if unknown
      knownSpaceID - target space ID or -1 if only offset is known
      wordOffset - - target offset that is word addressing based
      size - - size of the access to the location
      refType - - type of reference
      pcodeop - - op that caused the reference
      knownReference - - true if reference is known to be a real reference, not speculative
      preExisting - preExisting reference
      monitor - - the task monitor
      Returns:
      address that was marked up, null otherwise

    • encounteredBranch

      public boolean encounteredBranch()
      Returns:
      true if any branching instructions have been encountered

    • readExecutable

      public boolean readExecutable()
      Returns:
      return true if the code ever read from an executable location

    • setParamRefCheck

      public void setParamRefCheck(boolean checkParamRefsOption)
      enable/disable checking parameters for constant references
      Parameters:
      checkParamRefsOption - true to enable

    • setParamPointerRefCheck

      public void setParamPointerRefCheck(boolean checkParamRefsOption)
      enable/disable creating param references for constants only if the function parameter is specified as a known pointer
      Parameters:
      checkParamRefsOption - true to enable

    • setReturnRefCheck

      public void setReturnRefCheck(boolean checkReturnRefsOption)
      enable/disable checking return for constant references
      Parameters:
      checkReturnRefsOption - true if enable check return for constant references

    • setStoredRefCheck

      public void setStoredRefCheck(boolean checkStoredRefsOption)
      enable/disable checking stored values for constant references
      Parameters:
      checkStoredRefsOption - true if enable check for stored values for constant references