本文整理汇总了Python中unicorn.UC_ARCH_ARM属性的典型用法代码示例。如果您正苦于以下问题:Python unicorn.UC_ARCH_ARM属性的具体用法?Python unicorn.UC_ARCH_ARM怎么用?Python unicorn.UC_ARCH_ARM使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类unicorn的用法示例。
在下文中一共展示了unicorn.UC_ARCH_ARM属性的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: getSelRefFromImpPtr
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import UC_ARCH_ARM [as 别名]
def getSelRefFromImpPtr(self, eh, imp):
selref = None
retClsName = ""
if eh.arch == unicorn.UC_ARCH_ARM and eh.isThumbMode(imp):
imp |= 1
logging.debug("checking xrefs for IMP %s" % eh.hexString(imp))
for x in idautils.XrefsTo(imp):
if x.frm >= self.objcConst[0] and x.frm < self.objcConst[1]:
# even though imp ptr is stored at offset 0x10 in struct, xref just goes to base of struct, we want the
# first field
for y in idautils.XrefsTo(eh.derefPtr(x.frm)):
if y.frm >= self.objcSelRefs[0] and y.frm < self.objcSelRefs[1]:
selref = y.frm
break
# determine return value's type
# check type string to see if id is returned
typeStr = eh.getIDBString(eh.derefPtr(x.frm + eh.size_pointer))
if len(typeStr) > 0 and typeStr[0] == "@":
# scan imp for ivar reference, grab its type
if eh.arch == unicorn.UC_ARCH_ARM and eh.isThumbMode(imp):
imp = imp & ~1
retClsName = self.getIvarTypeFromFunc(eh, imp)
return selref, retClsName 示例2: processMethod
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import UC_ARCH_ARM [as 别名]
def processMethod(self, eh, clsName, methodVa, classes, type_):
objc2ClassMethImpOffs = 2 * eh.size_pointer
isAmbiguous, isMsgRef, selRefVA = self.getRefPtr(eh, methodVa)
if selRefVA is None:
return
funcVA = eh.derefPtr(methodVa + objc2ClassMethImpOffs)
if eh.arch == unicorn.UC_ARCH_ARM:
# remove last bit in case of thumb mode address
funcVA = funcVA & ~1
# adjust pointer to beginning of message_ref struct to get xrefs
if isMsgRef:
selRefVA -= eh.size_pointer
# this shouldn't happen now
if selRefVA in map(lambda x: x[0], classes[clsName][type_]):
logging.debug("class name: %s - method type: %s - duplicate selref VA: %s, ignoring.." %
(clsName, type_, eh.hexString(selRefVA)))
else:
logging.debug("class name: %s - method type: %s - selref VA: %s - function VA: %s - ambiguous: %s" %
(clsName, type_, eh.hexString(selRefVA), eh.hexString(funcVA), isAmbiguous))
classes[clsName][type_].append((selRefVA, funcVA, isAmbiguous))
# collect imp and sel/msg ref pointers 示例3: _fixup_thumb_pc
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import UC_ARCH_ARM [as 别名]
def _fixup_thumb_pc(self, pc):
"""Fix the PC for emu_start to take ARM Thumb mode into account."""
# If the arch mode is UC_MODE_THUMB, force Thumb.
# Otherwise, check Thumb bit in CPSR.
if self._protocol.arch.unicorn_arch == unicorn.UC_ARCH_ARM and \
(self._protocol.arch.unicorn_mode == unicorn.UC_MODE_THUMB or
self._protocol.read_register(self._protocol.arch.sr_name) & 0x20):
pc |= 1
return pc 示例4: __init__
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import UC_ARCH_ARM [as 别名]
def __init__(self):
Emulator.__init__(self, "ARM",
unicorn.UC_ARCH_ARM,
unicorn.UC_MODE_ARM,
"pc",
32,
["sp", "cpsr"])
self.syscall_regnames = map(lambda x: "x%d" % x, range(0, 8)) + ["x7",
"pc"]
self.stackbot = "fp"
self.stacktop = "sp"
self.syscall_reg = "x7" 示例5: __init__
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import UC_ARCH_ARM [as 别名]
def __init__(self):
super(Arm, self).__init__()
self.unicorn_arch = unicorn.UC_ARCH_ARM
self.unicorn_mode = unicorn.UC_MODE_ARM
self.capstone_arch = capstone.CS_ARCH_ARM
self.capstone_mode = capstone.CS_MODE_ARM 示例6: getIvarTypeFromFunc
# 需要导入模块: import unicorn [as 别名]
# 或者: from unicorn import UC_ARCH_ARM [as 别名]
def getIvarTypeFromFunc(self, eh, va):
if va in self.ivarSetters:
return self.ivarSetters[va]
elif va in self.notIvarSetters:
return UNKNOWN
addr = va
endVa = idc.get_func_attr(va, idc.FUNCATTR_END)
if endVa - va < 0x20:
ivarVa = None
while addr <= endVa:
srcOpnd = idc.print_operand(addr, 1)
# if ivar is the src op for an instruction, assume this function will return it
if eh.arch == unicorn.UC_ARCH_ARM and "_OBJC_IVAR_$_" in srcOpnd:
oploc = idc.get_name_ea_simple(
srcOpnd[srcOpnd.find("_OBJC_IVAR_$_"):srcOpnd.find(" ")])
if oploc != idc.BADADDR:
ivarVa = oploc
break
elif eh.arch == unicorn.UC_ARCH_ARM64:
for x in idautils.XrefsFrom(addr):
if (idc.get_segm_name(x.to) == "__objc_ivar" and
idc.get_name(x.to, idc.ida_name.GN_VISIBLE)[:13] == "_OBJC_IVAR_$_"):
ivarVa = x.to
break
elif eh.arch == unicorn.UC_ARCH_X86:
if "_OBJC_IVAR_$_" in srcOpnd:
ivarVa = idc.get_operand_value(addr, 1)
break
addr = idc.next_head(addr, idc.get_inf_attr(idc.INF_MAX_EA))
if ivarVa:
for x in idautils.XrefsTo(ivarVa):
if x.frm >= self.objcConst[0] and x.frm < self.objcConst[1]:
typeStr = eh.getIDBString(
eh.derefPtr(x.frm + eh.size_pointer * 2))
self.ivarSetters[va] = typeStr[2:-1]
logging.debug("%s is an ivar getter function, returning type %s" % (
eh.hexString(va), typeStr[2:-1]))
return typeStr[2:-1]
else:
logging.debug(
"%s determined not to be an ivar getter function", eh.hexString(va))
self.notIvarSetters.append(va)
else:
logging.debug(
"%s determined not to be an ivar getter function", eh.hexString(va))
self.notIvarSetters.append(va)
return UNKNOWN
# returns class or sel name from IDA name