DBG: analysis interface + fixed small bugs in control flow analysis
This commit is contained in:
parent
6779900c44
commit
b2fc603cf6
|
|
@ -0,0 +1,25 @@
|
|||
#include "analysis.h"
|
||||
#include "memory.h"
|
||||
|
||||
Analysis::Analysis(uint base, uint size)
|
||||
{
|
||||
_base = base;
|
||||
_size = size;
|
||||
_data = new unsigned char[_size + MAX_DISASM_BUFFER];
|
||||
MemRead((void*)_base, _data, _size, 0);
|
||||
}
|
||||
|
||||
Analysis::~Analysis()
|
||||
{
|
||||
delete[] _data;
|
||||
}
|
||||
|
||||
bool Analysis::IsValidAddress(uint addr)
|
||||
{
|
||||
return addr >= _base && addr < _base + _size;
|
||||
}
|
||||
|
||||
const unsigned char* Analysis::TranslateAddress(uint addr)
|
||||
{
|
||||
return IsValidAddress(addr) ? _data + (addr - _base) : nullptr;
|
||||
}
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
#ifndef _ANALYSIS_H
|
||||
#define _ANALYSIS_H
|
||||
|
||||
#include "_global.h"
|
||||
#include "capstone_wrapper.h"
|
||||
|
||||
class Analysis
|
||||
{
|
||||
public:
|
||||
explicit Analysis(uint base, uint size);
|
||||
Analysis(const Analysis & that) = delete;
|
||||
~Analysis();
|
||||
virtual void Analyse() = 0;
|
||||
virtual void SetMarkers() = 0;
|
||||
|
||||
protected:
|
||||
uint _base;
|
||||
uint _size;
|
||||
unsigned char* _data;
|
||||
Capstone _cp;
|
||||
|
||||
bool IsValidAddress(uint addr);
|
||||
const unsigned char* TranslateAddress(uint addr);
|
||||
};
|
||||
|
||||
#endif //_ANALYSIS_H
|
||||
|
|
@ -2,27 +2,8 @@
|
|||
#include "memory.h"
|
||||
#include "console.h"
|
||||
|
||||
ControlFlowAnalysis::ControlFlowAnalysis(uint base, uint size)
|
||||
ControlFlowAnalysis::ControlFlowAnalysis(uint base, uint size) : Analysis(base, size)
|
||||
{
|
||||
_base = base;
|
||||
_size = size;
|
||||
_data = new unsigned char[_size + MAX_DISASM_BUFFER];
|
||||
MemRead((void*)_base, _data, _size, 0);
|
||||
}
|
||||
|
||||
ControlFlowAnalysis::~ControlFlowAnalysis()
|
||||
{
|
||||
delete[] _data;
|
||||
}
|
||||
|
||||
bool ControlFlowAnalysis::IsValidAddress(uint addr)
|
||||
{
|
||||
return addr >= _base && addr < _base + _size;
|
||||
}
|
||||
|
||||
const unsigned char* ControlFlowAnalysis::TranslateAddress(uint addr)
|
||||
{
|
||||
return IsValidAddress(addr) ? _data + (addr - _base) : nullptr;
|
||||
}
|
||||
|
||||
void ControlFlowAnalysis::Analyse()
|
||||
|
|
@ -78,6 +59,7 @@ void ControlFlowAnalysis::SetMarkers()
|
|||
|
||||
void ControlFlowAnalysis::BasicBlockStarts()
|
||||
{
|
||||
_blockStarts.insert(_base);
|
||||
bool bSkipFilling = false;
|
||||
for(uint i = 0; i < _size;)
|
||||
{
|
||||
|
|
@ -92,7 +74,7 @@ void ControlFlowAnalysis::BasicBlockStarts()
|
|||
_blockStarts.insert(addr);
|
||||
}
|
||||
}
|
||||
else if(_cp.InGroup(CS_GRP_RET))
|
||||
else if(_cp.InGroup(CS_GRP_RET) || _cp.InGroup(CS_GRP_INT)) //RET/INT break control flow
|
||||
{
|
||||
bSkipFilling = true; //skip INT3/NOP/whatever filling bytes (those are not part of the control flow)
|
||||
}
|
||||
|
|
@ -103,7 +85,7 @@ void ControlFlowAnalysis::BasicBlockStarts()
|
|||
if(_cp.GetId() != X86_INS_JMP) //unconditional jump
|
||||
dest2 = addr + _cp.Size();
|
||||
|
||||
if(!dest1 && !dest2)
|
||||
if(!dest1 && !dest2) //TODO: better code for this (make sure absolutely no filling is inserted)
|
||||
bSkipFilling = true;
|
||||
if(dest1)
|
||||
_blockStarts.insert(dest1);
|
||||
|
|
|
|||
|
|
@ -3,34 +3,16 @@
|
|||
|
||||
#include "_global.h"
|
||||
#include "capstone_wrapper.h"
|
||||
#include "analysis.h"
|
||||
|
||||
class ControlFlowAnalysis
|
||||
class ControlFlowAnalysis : public Analysis
|
||||
{
|
||||
public:
|
||||
explicit ControlFlowAnalysis(uint base, uint size);
|
||||
ControlFlowAnalysis(const ControlFlowAnalysis & that) = delete;
|
||||
~ControlFlowAnalysis();
|
||||
bool IsValidAddress(uint addr);
|
||||
const unsigned char* TranslateAddress(uint addr);
|
||||
void Analyse();
|
||||
void SetMarkers();
|
||||
|
||||
struct FunctionInfo
|
||||
{
|
||||
uint start;
|
||||
uint end;
|
||||
|
||||
bool operator<(const FunctionInfo & b) const
|
||||
{
|
||||
return start < b.start;
|
||||
}
|
||||
|
||||
bool operator==(const FunctionInfo & b) const
|
||||
{
|
||||
return start == b.start;
|
||||
}
|
||||
};
|
||||
|
||||
private:
|
||||
struct BasicBlock
|
||||
{
|
||||
uint start;
|
||||
|
|
@ -55,13 +37,8 @@ public:
|
|||
}
|
||||
};
|
||||
|
||||
private:
|
||||
uint _base;
|
||||
uint _size;
|
||||
unsigned char* _data;
|
||||
std::set<uint> _blockStarts;
|
||||
std::vector<BasicBlock> _blocks;
|
||||
Capstone _cp;
|
||||
|
||||
void BasicBlockStarts();
|
||||
void BasicBlocks();
|
||||
|
|
|
|||
|
|
@ -3,22 +3,8 @@
|
|||
#include "memory.h"
|
||||
#include "function.h"
|
||||
|
||||
FunctionAnalysis::FunctionAnalysis(uint base, uint size)
|
||||
FunctionAnalysis::FunctionAnalysis(uint base, uint size) : Analysis(base, size)
|
||||
{
|
||||
_base = base;
|
||||
_size = size;
|
||||
_data = new unsigned char[_size + MAX_DISASM_BUFFER];
|
||||
MemRead((void*)_base, _data, _size, 0);
|
||||
}
|
||||
|
||||
FunctionAnalysis::~FunctionAnalysis()
|
||||
{
|
||||
delete[] _data;
|
||||
}
|
||||
|
||||
const unsigned char* FunctionAnalysis::TranslateAddress(uint addr)
|
||||
{
|
||||
return (addr >= _base && addr < _base + _size) ? _data + (addr - _base) : nullptr;
|
||||
}
|
||||
|
||||
void FunctionAnalysis::Analyse()
|
||||
|
|
|
|||
|
|
@ -3,17 +3,16 @@
|
|||
|
||||
#include "_global.h"
|
||||
#include "capstone_wrapper.h"
|
||||
#include "analysis.h"
|
||||
|
||||
class FunctionAnalysis
|
||||
class FunctionAnalysis : public Analysis
|
||||
{
|
||||
public:
|
||||
explicit FunctionAnalysis(uint base, uint size);
|
||||
FunctionAnalysis(const FunctionAnalysis & that) = delete;
|
||||
~FunctionAnalysis();
|
||||
const unsigned char* TranslateAddress(uint addr);
|
||||
void Analyse();
|
||||
void SetMarkers();
|
||||
|
||||
private:
|
||||
struct FunctionInfo
|
||||
{
|
||||
uint start;
|
||||
|
|
@ -30,12 +29,7 @@ public:
|
|||
}
|
||||
};
|
||||
|
||||
private:
|
||||
uint _base;
|
||||
uint _size;
|
||||
unsigned char* _data;
|
||||
std::vector<FunctionInfo> _functions;
|
||||
Capstone _cp;
|
||||
|
||||
void SortCleanup();
|
||||
void PopulateReferences();
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@
|
|||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="addrinfo.cpp" />
|
||||
<ClCompile Include="analysis.cpp" />
|
||||
<ClCompile Include="assemble.cpp" />
|
||||
<ClCompile Include="bookmark.cpp" />
|
||||
<ClCompile Include="breakpoint.cpp" />
|
||||
|
|
@ -75,6 +76,7 @@
|
|||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="addrinfo.h" />
|
||||
<ClInclude Include="analysis.h" />
|
||||
<ClInclude Include="assemble.h" />
|
||||
<ClInclude Include="bookmark.h" />
|
||||
<ClInclude Include="breakpoint.h" />
|
||||
|
|
|
|||
|
|
@ -246,6 +246,9 @@
|
|||
<ClCompile Include="controlflowanalysis.cpp">
|
||||
<Filter>Source Files\Analysis</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="analysis.cpp">
|
||||
<Filter>Source Files\Analysis</Filter>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="x64_dbg.h">
|
||||
|
|
@ -569,5 +572,8 @@
|
|||
<ClInclude Include="controlflowanalysis.h">
|
||||
<Filter>Header Files\Analysis</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="analysis.h">
|
||||
<Filter>Header Files\Analysis</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
</Project>
|
||||
Loading…
Reference in New Issue