本文整理汇总了C++中r_anal_op函数的典型用法代码示例。如果您正苦于以下问题:C++ r_anal_op函数的具体用法?C++ r_anal_op怎么用?C++ r_anal_op使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了r_anal_op函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: emu_step
int emu_step (emu *e, ut8 *buf)
{
int ret;
ut64 addr = r_reg_getv (e->reg, r_reg_get_name (e->reg, R_REG_NAME_PC)); //Check Breakboints here: new return stat for that
if (e->plugin->read) {
if (e->plugin->min_read_sz)
e->plugin->read (e, addr, buf, e->plugin->min_read_sz);
else e->plugin->read (e, addr, buf, sizeof(int));
} else {
if (e->plugin->min_read_sz)
emu_read (e, addr, buf, e->plugin->min_read_sz);
else emu_read (e, addr, buf, sizeof(int));
}
if (e->plugin->deps & EMU_PLUGIN_DEP_ASM) { //only disassemble if it is necessary
r_asm_set_pc (e->a, addr);
if (e->plugin->min_read_sz)
r_asm_disassemble (e->a, e->op, buf, e->plugin->min_read_sz);
else r_asm_disassemble (e->a, e->op, buf, sizeof(int));
}
if (e->plugin->deps & EMU_PLUGIN_DEP_ANAL) { //only analize if it is necessary
if (e->plugin->min_read_sz)
r_anal_op (e->anal, e->anop, addr, buf, e->plugin->min_read_sz);
else r_anal_op (e->anal, e->anop, addr, buf, sizeof(int));
}
ret = e->plugin->step (e, buf);
if (e->plugin->deps & EMU_PLUGIN_DEP_ANAL)
r_anal_op_fini (e->anop);
return ret;
}示例2: iscallret
static int iscallret(RDebug *dbg, ut64 addr) {
ut8 buf[32];
if (addr == 0LL || addr == UT64_MAX)
return 0;
/* check if region is executable */
/* check if previous instruction is a call */
/* if x86 expect CALL to be 5 byte length */
if (dbg->arch && !strcmp (dbg->arch, "x86")) {
(void)dbg->iob.read_at (dbg->iob.io, addr-5, buf, 5);
if (buf[0] == 0xe8) {
return 1;
}
if (buf[3] == 0xff /* bits 4-5 (from right) of next byte must be 01 */
&& ((buf[4] & 0xf0) == 0xd0 /* Mod is 11 */
|| ((buf[4] & 0xf0) == 0x10 /* Mod is 00 */
&& (buf[4] & 0x06) != 0x04))) { /* R/M not 10x */
return 1;
}
// IMMAMISSINGANYOP
} else {
RAnalOp op;
(void) dbg->iob.read_at (dbg->iob.io, addr-8, buf, 8);
(void) r_anal_op (dbg->anal, &op, addr-8, buf, 8, R_ANAL_OP_MASK_BASIC);
if (op.type == R_ANAL_OP_TYPE_CALL || op.type == R_ANAL_OP_TYPE_UCALL) {
return 1;
}
/* delay slot */
(void) r_anal_op (dbg->anal, &op, addr-4, buf, 4, R_ANAL_OP_MASK_BASIC);
if (op.type == R_ANAL_OP_TYPE_CALL || op.type == R_ANAL_OP_TYPE_UCALL) {
return 1;
}
}
return 0;
}示例3: r_debug_continue_until_optype
/* optimization: avoid so many reads */
R_API int r_debug_continue_until_optype(RDebug *dbg, int type, int over) {
int (*step)(RDebug *d, int n);
int ret, n = 0;
ut64 pc = 0;
RAnalOp op;
ut8 buf[64];
if (r_debug_is_dead (dbg))
return R_FALSE;
if (dbg->anal && dbg->reg) {
const char *pcreg = dbg->reg->name[R_REG_NAME_PC];
step = over? r_debug_step_over: r_debug_step;
for (;;) {
pc = r_debug_reg_get (dbg, pcreg);
dbg->iob.read_at (dbg->iob.io, pc, buf, sizeof (buf));
ret = r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf));
if (ret>0 && op.type&type)
break;
if (!step (dbg, 1)) {
eprintf ("r_debug_step: failed\n");
break;
}
n++;
}
} else eprintf ("Undefined pointer at dbg->anal\n");
return n;
}示例4: analyze
static int analyze(RAnal *anal, RAnalOp *op, ut64 offset, ut8* buf, int len) {
char *bytes, *optype = NULL, *stackop = NULL;
int ret;
ret = r_anal_op (anal, op, offset, buf, len);
if (ret) {
stackop = stackop2str (op->stackop);
optype = optype2str (op->type);
bytes = r_hex_bin2strdup (buf, ret);
printf ("bytes: %s\n", bytes);
printf ("type: %s\n", optype);
if (op->jump != -1LL)
printf ("jump: 0x%08"PFMT64x"\n", op->jump);
if (op->fail != -1LL)
printf ("fail: 0x%08"PFMT64x"\n", op->fail);
//if (op->ref != -1LL)
// printf ("ref: 0x%08"PFMT64x"\n", op->ref);
if (op->val != -1LL)
printf ("value: 0x%08"PFMT64x"\n", op->val);
printf ("stackop: %s\n", stackop);
printf ("esil: %s\n", r_strbuf_get (&op->esil));
printf ("stackptr: %"PFMT64d"\n", op->stackptr);
printf ("decode str: %s\n", r_anal_op_to_string (anal, op));
printf ("--\n");
free (optype);
free (stackop);
free (bytes);
}
return ret;
}示例5: r_core_hack
R_API int r_core_hack(RCore *core, const char *op) {
bool (*hack)(RCore *core, const char *op, const RAnalOp *analop) = NULL;
const char *asmarch = r_config_get (core->config, "asm.arch");
const int asmbits = core->assembler->bits;
if (!asmarch) {
return false;
}
if (strstr (asmarch, "x86")) {
hack = r_core_hack_x86;
} else if (strstr (asmarch, "arm")) {
if (asmbits == 64) {
hack = r_core_hack_arm64;
} else {
hack = r_core_hack_arm;
}
} else {
eprintf ("TODO: write hacks are only for x86\n");
}
if (hack) {
RAnalOp analop;
if (!r_anal_op (core->anal, &analop, core->offset, core->block, core->blocksize, R_ANAL_OP_MASK_ALL)) {
eprintf ("anal op fail\n");
return false;
}
return hack (core, op, &analop);
}
return false;
}示例6: R_NEW
R_API struct r_anal_refline_t *r_anal_reflines_get(struct r_anal_t *anal,
ut64 addr, ut8 *buf, ut64 len, int nlines, int linesout, int linescall)
{
RAnalRefline *list2, *list = R_NEW (RAnalRefline);
RAnalOp op = {0};
ut8 *ptr = buf;
ut8 *end = buf + len;
ut64 opc = addr;
int sz = 0, index = 0;
INIT_LIST_HEAD (&(list->list));
end -= 8; // XXX Fix some segfaults when r_anal backends are buggy
/* analyze code block */
while (ptr<end) {
if (nlines != -1 && --nlines == 0)
break;
#if 0
if (config.interrupted)
break;
int dt = data_type(config.seek+bsz);
if (dt != DATA_FUN && dt != DATA_CODE) {
ut64 sz = data_size (config.seek+bsz);
if (sz > 0) {
ptr += sz;
bsz += sz;
continue;
}
}
#endif
addr += sz;
// This can segflauta if opcode length and buffer check fails
r_anal_op_fini (&op);
sz = r_anal_op (anal, &op, addr, ptr, (int)(end-ptr));
if (sz > 0) {
/* store data */
switch (op.type) {
case R_ANAL_OP_TYPE_CALL:
if (!linescall)
break;
case R_ANAL_OP_TYPE_CJMP:
case R_ANAL_OP_TYPE_JMP:
if (!linesout && (op.jump > opc+len || op.jump < opc))
goto __next;
if (op.jump == 0LL)
goto __next;
list2 = R_NEW (RAnalRefline);
list2->from = addr;
list2->to = op.jump;
list2->index = index++;
list_add_tail (&(list2->list), &(list->list));
break;
}
} else sz = 1;
__next:
ptr += sz;
}
r_anal_op_fini (&op);
return list;
}示例7: r_debug_step_soft
// XXX: very experimental
R_API int r_debug_step_soft(RDebug *dbg) {
int ret;
ut8 buf[32];
RAnalOp op;
ut64 pc0, pc1, pc2;
if (r_debug_is_dead (dbg))
return R_FALSE;
pc0 = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
dbg->iob.read_at (dbg->iob.io, pc0, buf, sizeof (buf));
ret = r_anal_op (dbg->anal, &op, pc0, buf, sizeof (buf));
//eprintf ("read from pc0 = 0x%llx\n", pc0);
pc1 = pc0 + op.length;
//eprintf ("oplen = %d\n", op.length);
//eprintf ("breakpoint at pc1 = 0x%llx\n", pc1);
// XXX: Does not works for 'ret'
pc2 = op.jump? op.jump: 0;
//eprintf ("ADD SECOND BREAKPOINT FRO CALLS %llx\n", op.jump);
//eprintf ("breakpoint 2 at pc2 = 0x%llx\n", pc2);
r_bp_add_sw (dbg->bp, pc1, 4, R_BP_PROT_EXEC);
if (pc2) r_bp_add_sw (dbg->bp, pc2, 4, R_BP_PROT_EXEC);
r_debug_continue (dbg);
//eprintf ("wait\n");
//r_debug_wait (dbg);
//eprintf ("del\n");
r_bp_del (dbg->bp, pc1);
if (pc2) r_bp_del (dbg->bp, pc2);
return ret;
}示例8: r_debug_step_over
R_API int r_debug_step_over(RDebug *dbg, int steps) {
RAnalOp op;
ut8 buf[64];
int ret = -1;
if (r_debug_is_dead (dbg))
return R_FALSE;
if (dbg->h && dbg->h->step_over) {
if (steps<1) steps = 1;
while (steps--)
if (!dbg->h->step_over (dbg))
return R_FALSE;
return R_TRUE;
}
if (dbg->anal && dbg->reg) {
ut64 pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
dbg->iob.read_at (dbg->iob.io, pc, buf, sizeof (buf));
r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf));
if (op.type & R_ANAL_OP_TYPE_CALL
|| op.type & R_ANAL_OP_TYPE_UCALL) {
ut64 bpaddr = pc + op.length;
r_bp_add_sw (dbg->bp, bpaddr, 1, R_BP_PROT_EXEC);
ret = r_debug_continue (dbg);
r_bp_del (dbg->bp, bpaddr);
} else {
ret = r_debug_step (dbg, 1);
}
} else eprintf ("Undefined debugger backend\n");
return ret;
}示例9: r_debug_esil_stepi
R_API int r_debug_esil_stepi (RDebug *d) {
RAnalOp op;
ut8 obuf[64];
int ret = 1;
dbg = d;
if (!ESIL) {
ESIL = r_anal_esil_new (R_TRUE);
// TODO setup something?
}
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
opc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
dbg->iob.read_at (dbg->iob.io, opc, obuf, sizeof (obuf));
//dbg->iob.read_at (dbg->iob.io, npc, buf, sizeof (buf));
//dbg->anal->reg = dbg->reg; // hack
ESIL->cb.hook_mem_read = &esilbreak_mem_read;
ESIL->cb.hook_mem_write = &esilbreak_mem_write;
ESIL->cb.hook_reg_read = &esilbreak_reg_read;
ESIL->cb.hook_reg_write = &esilbreak_reg_write;
if (prestep) {
// required when a exxpression is like <= == ..
// otherwise it will stop at the next instruction
if (r_debug_step (dbg, 1)<1) {
eprintf ("Step failed\n");
return 0;
}
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
// npc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
}
if (r_anal_op (dbg->anal, &op, opc, obuf, sizeof (obuf))) {
if (esilbreak_check_pc (dbg, opc)) {
eprintf ("STOP AT 0x%08"PFMT64x"\n", opc);
ret = 0;
} else {
r_anal_esil_set_pc (ESIL, opc);
eprintf ("0x%08"PFMT64x" %s\n", opc, R_STRBUF_SAFEGET (&op.esil));
(void)r_anal_esil_parse (ESIL, R_STRBUF_SAFEGET (&op.esil));
//r_anal_esil_dumpstack (ESIL);
r_anal_esil_stack_free (ESIL);
ret = 1;
}
}
if (!prestep) {
if (ret && !has_match) {
if (r_debug_step (dbg, 1)<1) {
eprintf ("Step failed\n");
return 0;
}
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
// npc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
}
}
return ret;
}示例10: r_debug_continue_until_optype
R_API int r_debug_continue_until_optype(RDebug *dbg, int type, int over) {
int ret, n = 0;
ut64 pc, buf_pc = 0;
RAnalOp op;
ut8 buf[DBG_BUF_SIZE];
if (r_debug_is_dead (dbg)) {
return R_FALSE;
}
if (!dbg->anal || !dbg->reg) {
eprintf ("Undefined pointer at dbg->anal\n");
return R_FALSE;
}
r_debug_step (dbg, 1);
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
// Initial refill
buf_pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
dbg->iob.read_at (dbg->iob.io, buf_pc, buf, sizeof (buf));
// step first, we dont want to check current optype
for (;;) {
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
// Try to keep the buffer full
if (pc - buf_pc > sizeof (buf)) {
buf_pc = pc;
dbg->iob.read_at (dbg->iob.io, buf_pc, buf, sizeof (buf));
}
// Analyze the opcode
if (!r_anal_op (dbg->anal, &op, pc, buf + (pc - buf_pc), sizeof (buf) - (pc - buf_pc))) {
eprintf ("Decode error at %"PFMT64x"\n", pc);
return R_FALSE;
}
if (op.type == type)
break;
// Step over and repeat
ret = over ?
r_debug_step_over (dbg, 1) :
r_debug_step (dbg, 1);
if (!ret) {
eprintf ("r_debug_step: failed\n");
break;
}
n++;
}
return n;
}示例11: prevopsz
static int prevopsz (RCore *core, ut64 addr) {
ut64 target = addr;
ut64 base = target-OPDELTA;
int len, ret, i;
ut8 buf[OPDELTA*2];
RAnalOp op;
r_core_read_at (core, base, buf, sizeof (buf));
for (i=0; i<sizeof (buf); i++) {
ret = r_anal_op (core->anal, &op, base+i,
buf+i, sizeof (buf)-i);
if (!ret) continue;
len = op.size;
r_anal_op_fini (&op); // XXX
if (len<1) continue;
i += len-1;
if (target == base+i+1)
return len;
}
return 4;
}示例12: __esil_step
static int __esil_step(RDebug *dbg) {
int oplen;
ut8 buf[64];
ut64 pc = 0LL; // getreg("pc")
RAnalOp op;
pc = r_debug_reg_get (dbg, "pc");
/// XXX. hack to trick vaddr issue
//pc = 0x100001478;
memset (buf, 0, sizeof (buf));
dbg->iob.read_at (dbg->iob.io, pc, buf, 64);
eprintf ("READ 0x%08"PFMT64x" %02x %02x %02x\n", pc, buf[0], buf[1], buf[2]);
oplen = r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf));
if (oplen>0) {
if (*R_STRBUF_SAFEGET (&op.esil)) {
eprintf ("ESIL: %s\n", R_STRBUF_SAFEGET (&op.esil));
}
}
eprintf ("TODO: ESIL STEP\n");
return true;
}示例13: r_core_hack
R_API int r_core_hack(RCore *core, const char *op) {
int (*hack)(RCore *core, const char *op, const RAnalOp *analop) = NULL;
const char *asmarch = r_config_get (core->config, "asm.arch");
RAnalOp analop;
if (strstr (asmarch, "x86")) {
hack = r_core_hack_x86;
} else if (strstr (asmarch, "arm")) {
hack = r_core_hack_arm;
} else {
eprintf ("TODO: write hacks are only for x86\n");
}
if (hack) {
if (!r_anal_op (core->anal, &analop, core->offset, core->block, core->blocksize)) {
eprintf ("anal op fail\n");
return false;
}
return hack (core, op, &analop);
}
return false;
}示例14: prevopsz
static int prevopsz (RCore *core, ut64 addr) {
const int delta = 32;
ut64 target = addr;
ut64 base = target-delta;
int len, ret, i;
ut8 buf[delta*2];
RAnalOp op;
r_core_read_at (core, base, buf, sizeof (buf));
for (i=0; i<sizeof (buf); i++) {
ret = r_anal_op (core->anal, &op, addr+i,
buf+i, sizeof (buf)-i);
if (!ret) continue;
len = op.length;
r_anal_op_fini (&op);
if (len<1) continue;
i += len-1;
if (target == base+i+1)
return len;
}
return 4;
}示例15: num_callback
static ut64 num_callback(RNum *userptr, const char *str, int *ok) {
RCore *core = (RCore *)userptr; // XXX ?
RAnalFunction *fcn;
char *ptr, *bptr, *out;
RFlagItem *flag;
RIOSection *s;
RAnalOp op;
ut64 ret = 0;
if (ok) *ok = R_FALSE;
switch (*str) {
case '[':
{
ut64 n = 0LL;
int refsz = (core->assembler->bits & R_SYS_BITS_64)? 8: 4;
const char *p = NULL;
if (strlen (str)>5)
p = strchr (str+5, ':');
// TODO: honor LE
if (p) {
refsz = atoi (str+1);
str = p;
}
// push state
{
if (str[0] && str[1]) {
const char *q;
char *o = strdup (str+1);
if (o) {
q = r_num_calc_index (core->num, NULL);
if (q) {
if (r_str_replace_char (o, ']', 0)>0) {
n = r_num_math (core->num, o);
r_num_calc_index (core->num, q);
}
}
free (o);
}
}
}
// pop state
if (ok) *ok = 1;
ut32 num = 0;
switch (refsz) {
case 8:
case 4:
case 2:
case 1:
(void)r_io_read_at (core->io, n, (ut8*)&num, refsz);
r_mem_copyendian ((ut8*)&num, (ut8*)&num, refsz, !core->assembler->big_endian);
return num;
default:
eprintf ("Invalid reference size: %d (%s)\n", refsz, str);
return 0LL;
}
}
break;
case '$':
if (ok) *ok = 1;
// TODO: group analop-dependant vars after a char, so i can filter
r_anal_op (core->anal, &op, core->offset,
core->block, core->blocksize);
switch (str[1]) {
case '.': // can use pc, sp, a0, a1, ...
return r_debug_reg_get (core->dbg, str+2);
case 'k':
if (str[2]!='{') {
eprintf ("Expected '{' after 'k'.\n");
break;
}
bptr = strdup (str+3);
ptr = strchr (bptr, '}');
if (ptr == NULL) {
// invalid json
free (bptr);
break;
}
*ptr = '\0';
ret = 0LL;
out = sdb_querys (core->sdb, NULL, 0, bptr);
if (out && *out) {
if (strstr (out, "$k{")) {
eprintf ("Recursivity is not permitted here\n");
} else {
ret = r_num_math (core->num, out);
}
}
free (bptr);
free (out);
return ret;
break;
case '{':
bptr = strdup (str+2);
ptr = strchr (bptr, '}');
if (ptr != NULL) {
ut64 ret;
ptr[0] = '\0';
ret = r_config_get_i (core->config, bptr);
free (bptr);
return ret;
//.........这里部分代码省略.........