本文整理汇总了C++中BPatch_function::lowlevel_func方法的典型用法代码示例。如果您正苦于以下问题:C++ BPatch_function::lowlevel_func方法的具体用法?C++ BPatch_function::lowlevel_func怎么用?C++ BPatch_function::lowlevel_func使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类BPatch_function的用法示例。
在下文中一共展示了BPatch_function::lowlevel_func方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: replaceFunctionCall
/*
* BPatch_addressSpace::replaceFunctionCall
*
* Replace a function call with a call to a different function. Returns true
* upon success, false upon failure.
*
* point The call site that is to be changed.
* newFunc The function that the call site will now call.
*/
bool BPatch_addressSpace::replaceFunctionCall(BPatch_point &point,
BPatch_function &newFunc)
{
char name[1024];
newFunc.getName(name, 1024);
// Can't make changes to code when mutations are not active.
if (!getMutationsActive())
return false;
assert(point.point && newFunc.lowlevel_func());
/* PatchAPI stuffs */
AddressSpace* addr_space = point.getAS();
DynModifyCallCommand* rep_call = DynModifyCallCommand::create(addr_space,
point.point->block(), newFunc.lowlevel_func(), point.point->func());
addr_space->patcher()->add(rep_call);
/* End of PatchAPI */
if (pendingInsertions == NULL) {
// Trigger it now
bool tmp;
finalizeInsertionSet(false, &tmp);
}
return true;
}示例2: revertReplaceFunction
/*
* BPatch_addressSpace::revertReplaceFunction
*
* Undoes a replaceFunction operation
*/
bool BPatch_addressSpace::revertReplaceFunction(BPatch_function &oldFunc)
{
assert(oldFunc.lowlevel_func());
if (!getMutationsActive())
return false;
func_instance *func = oldFunc.lowlevel_func();
func->proc()->revertReplacedFunction(func);
if (pendingInsertions == NULL) {
// Trigger it now
bool tmp;
finalizeInsertionSet(false, &tmp);
}
return true;
}示例3: replaceFunction
/*
* BPatch_addressSpace::replaceFunction
*
* Replace all calls to function OLDFUNC with calls to NEWFUNC.
* Returns true upon success, false upon failure.
*
* oldFunc The function to replace
* newFunc The replacement function
*/
bool BPatch_addressSpace::replaceFunction(BPatch_function &oldFunc,
BPatch_function &newFunc)
{
assert(oldFunc.lowlevel_func() && newFunc.lowlevel_func());
if (!getMutationsActive())
return false;
// Self replacement is a nop
// We should just test direct equivalence here...
if (oldFunc.lowlevel_func() == newFunc.lowlevel_func()) {
return true;
}
/* PatchAPI stuffs */
AddressSpace* addr_space = oldFunc.lowlevel_func()->proc();
DynReplaceFuncCommand* rep_func = DynReplaceFuncCommand::create(addr_space,
oldFunc.lowlevel_func(), newFunc.lowlevel_func());
addr_space->patcher()->add(rep_func);
/* End of PatchAPI */
if (pendingInsertions == NULL) {
// Trigger it now
bool tmp;
finalizeInsertionSet(false, &tmp);
}
return true;
}示例4: badTransferCB
void HybridAnalysis::badTransferCB(BPatch_point *point, void *returnValue)
{
Address pointAddr = (Address) point->getAddress();
Address target = (Address) returnValue;
time_t tstruct;
struct tm * tmstruct;
char timeStr[64];
time( &tstruct );
tmstruct = localtime( &tstruct );
strftime(timeStr, 64, "%X", tmstruct);
mal_printf("badTransferCB %lx=>%lx %s\n\n", pointAddr, target, timeStr);
BPatch_module * targMod = proc()->findModuleByAddr(target);
if (!targMod) {
mal_printf( "ERROR, NO MODULE for target addr %lx %s[%d]\n",
target,FILE__,__LINE__);
assert(0);
}
if (targMod == point->getFunction()->getModule() && targMod->isSystemLib()) {
return;
}
// 1. the target address is in a shared library
if ( targMod != point->getFunction()->getModule())
{
// process the edge, decide if we should instrument target function
bool doMoreProcessing = processInterModuleEdge(point, target, targMod);
if (!doMoreProcessing) {
return;
}
}
// 2. the point is a call:
if (point->getPointType() == BPatch_subroutine) {
proc()->beginInsertionSet();
// if the target is in the body of an existing function we'll split
// the function and wind up with two or more functions that share
// the target address, so make sure we're not in the middle of an
// overwrite loop; if we are, check for overwrites immediately
BPatch_function *targFunc = proc()->findFunctionByEntry(target);
vector<BPatch_function*> targFuncs;
proc()->findFunctionsByAddr(target, targFuncs);
if (!targFunc && targFuncs.size()) {
mal_printf("discovery instr. got new entry point for func\n");
std::set<HybridAnalysisOW::owLoop*> loops;
for (unsigned tidx=0; tidx < targFuncs.size(); tidx++) {
BPatch_function *curFunc = targFuncs[tidx];
if ( hybridOW()->hasLoopInstrumentation(false, *curFunc, &loops) )
{
/* Code sharing will change the loops, the appropriate response
is to trigger early exit analysis and remove the loops if
the underlying code hasn't changed */
mal_printf("[%d] Removing loop instrumentation for func %lx\n",
__LINE__,curFunc->getBaseAddr());
std::set<HybridAnalysisOW::owLoop*>::iterator lIter =
loops.begin();
while (lIter != loops.end()) {
hybridOW()->deleteLoop(*lIter,false);
lIter++;
}
}
}
}
// 2.1 if the target is new, parse at the target
if ( ! targFunc ) {
mal_printf("stopThread instrumentation found call %lx=>%lx, "
"parsing at call target %s[%d]\n",
(long)point->getAddress(), target,FILE__,__LINE__);
if (!analyzeNewFunction( point,target,false,false )) {
//this happens for some single-instruction functions
mal_printf("ERROR: parse of call target %lx=>%lx failed %s[%d]\n",
(long)point->getAddress(), target, FILE__,__LINE__);
assert(0);
instrumentModules(false);
proc()->finalizeInsertionSet(false);
return;
}
targFunc = proc()->findFunctionByEntry(target);
}
// 2.2 if the target is a returning function, parse at the fallthrough
bool instrument = true;
if ( ParseAPI::RETURN ==
targFunc->lowlevel_func()->ifunc()->retstatus() )
{
//mal_printf("stopThread instrumentation found returning call %lx=>%lx, "
// "parsing after call site\n",
// (long)point->getAddress(), target);
if (parseAfterCallAndInstrument(point, targFunc, false)) {
instrument = false;
}
}
if (instrument) {
instrumentModules(false);
}
//.........这里部分代码省略.........
示例5: virtualFreeCB
void HybridAnalysis::virtualFreeCB(BPatch_point *, void *t) {
assert(virtualFreeAddr_ != 0);
unsigned type = (unsigned) t;
cerr << "virtualFree [" << hex << virtualFreeAddr_ << "," << virtualFreeAddr_ + (unsigned) virtualFreeSize_ << "], " << (unsigned) type << dec << endl;
Address pageSize = proc()->lowlevel_process()->getMemoryPageSize();
// Windows page-aligns everything.
unsigned addrShift = virtualFreeAddr_ % pageSize;
unsigned sizeShift = pageSize - (virtualFreeSize_ % pageSize);
virtualFreeAddr_ -= addrShift;
if (type != MEM_RELEASE)
{
virtualFreeSize_ += addrShift + sizeShift;
}
// We need to:
// 1) Remove any function with a block in the deleted range
// 2) Remove memory translation for that range
// 3) Skip trying to set permissions for any page in the range.
// DEBUG!
if (1 || type == MEM_RELEASE)
{
mapped_object *obj = proc()->lowlevel_process()->findObject(virtualFreeAddr_);
if (!obj) return;
virtualFreeAddr_ = obj->codeBase();
virtualFreeSize_ = obj->imageSize();
// DEBUG!
cerr << "Removing VirtualAlloc'ed shared object " << obj->fileName() << endl;
image *img = obj->parse_img();
proc()->lowlevel_process()->removeASharedObject(obj);
virtualFreeAddr_ = 0;
// Since removeASharedObject doesn't actually delete the object,
// or its image (even if its refCount==0), make sure the image
// goes away from global datastructure allImages
for (unsigned int i=0; i < allImages.size(); i++) {
if (img == allImages[i]) {
allImages[i] = allImages.back();
allImages.pop_back();
}
}
return;
}
std::set<func_instance *> deletedFuncs;
for (Address i = virtualFreeAddr_; i < (virtualFreeAddr_ + virtualFreeSize_); ++i) {
proc()->lowlevel_process()->findFuncsByAddr(i, deletedFuncs);
}
for (std::set<func_instance *>::iterator iter = deletedFuncs.begin();
iter != deletedFuncs.end(); ++iter)
{
BPatch_function * bpfunc = proc()->findOrCreateBPFunc(*iter, NULL);
if (!bpfunc) continue;
PatchAPI::PatchModifier::remove(bpfunc->lowlevel_func());
}
proc()->lowlevel_process()->getMemEm()->removeRegion(virtualFreeAddr_, virtualFreeSize_);
// And nuke the RT cache
proc()->lowlevel_process()->proc()->flushAddressCache_RT(virtualFreeAddr_, virtualFreeSize_);
virtualFreeAddr_ = 0;
return;
}