Skip to content

Commit

Permalink
Check esil references on flags in 'aae' ##analysis
Browse files Browse the repository at this point in the history
  • Loading branch information
@radare
radare committed Sep 26, 2024
1 parent 7821a3c commit 14dd478
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 11 deletions.
59 changes: 48 additions & 11 deletions libr/core/canal.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5257,7 +5257,13 @@ static void cccb(void *u) {
}

// dup with isValidAddress wtf
static bool myvalid(RIO *io, ut64 addr) {
static bool myvalid(RCore *core, ut64 addr) {
RIO *io = core->io;
#if 0
if (r_flag_get_i (core->flags, addr)) {
return true;
}
#endif
if (addr < 0x100) {
return false;
}
Expand Down Expand Up @@ -5354,7 +5360,7 @@ static bool esilbreak_mem_write(REsil *esil, ut64 addr, const ut8 *buf, int len)
RCore *core = esil->anal->coreb.core;
handle_var_stack_access (esil, addr, R_PERM_W, len);
// ignore writes in stack
if (myvalid (core->io, addr) && r_io_read_at (core->io, addr, (ut8*)buf, len)) {
if (myvalid (core, addr) && r_io_read_at (core->io, addr, (ut8*)buf, len)) {
if (!is_stack (core->io, addr)) {
r_anal_xrefs_set (core->anal, esil->addr, addr, R_ANAL_REF_TYPE_DATA | R_ANAL_REF_TYPE_WRITE);
/** resolve ptr */
Expand All @@ -5379,7 +5385,7 @@ static bool esilbreak_mem_read(REsil *esil, ut64 addr, ut8 *buf, int len) {
esilbreak_last_read = addr;
}
handle_var_stack_access (esil, addr, R_PERM_R, len);
if (myvalid (core->io, addr) && r_io_read_at (core->io, addr, (ut8*)buf, len)) {
if (myvalid (core, addr) && r_io_read_at (core->io, addr, (ut8*)buf, len)) {
ut64 refptr = UT64_MAX;
bool trace = true;
switch (len) {
Expand All @@ -5401,7 +5407,7 @@ static bool esilbreak_mem_read(REsil *esil, ut64 addr, ut8 *buf, int len) {
break;
}
// TODO incorrect
if (trace && myvalid (core->io, refptr)) {
if (trace && myvalid (core, refptr)) {
if (ntarget == UT64_MAX || ntarget == refptr) {
str[0] = 0;
if (r_io_read_at (core->io, refptr, str, sizeof (str)) < 1) {
Expand All @@ -5415,7 +5421,7 @@ static bool esilbreak_mem_read(REsil *esil, ut64 addr, ut8 *buf, int len) {
}
}
}
if (myvalid (core->io, addr) && r_io_read_at (core->io, addr, (ut8*)buf, len)) {
if (myvalid (core, addr) && r_io_read_at (core->io, addr, (ut8*)buf, len)) {
if (!is_stack (core->io, addr)) {
r_anal_xrefs_set (core->anal, esil->addr, addr, R_ANAL_REF_TYPE_DATA | R_ANAL_REF_TYPE_READ);
}
Expand Down Expand Up @@ -6015,6 +6021,37 @@ R_API void r_core_anal_esil(RCore *core, const char *str /* len */, const char *
if (CHECKREF (ESIL->cur)) {
r_anal_xrefs_set (core->anal, cur, ESIL->cur, R_ANAL_REF_TYPE_STRN | R_ANAL_REF_TYPE_READ);
}
#if 0
ut64 dst = esilbreak_last_read;
if (dst != UT64_MAX && CHECKREF (dst)) {
if (myvalid (core, dst)) {
r_anal_xrefs_set (core->anal, cur, dst, R_ANAL_REF_TYPE_DATA | R_ANAL_REF_TYPE_READ);
if (cfg_anal_strings) {
add_string_ref (core, op.addr, dst);
}
}
}
#if 0
dst = r_reg_getv (core->anal->reg, "tmp");
if (dst != UT64_MAX && CHECKREF (dst)) {
if (myvalid (core, dst)) {
r_anal_xrefs_set (core->anal, cur, dst, R_ANAL_REF_TYPE_DATA | R_ANAL_REF_TYPE_READ);
if (cfg_anal_strings) {
add_string_ref (core, op.addr, dst);
}
}
}
#endif
dst = esilbreak_last_data;
if (dst != UT64_MAX && CHECKREF (dst)) {
if (myvalid (core, dst)) {
r_anal_xrefs_set (core->anal, cur, dst, R_ANAL_REF_TYPE_DATA | R_ANAL_REF_TYPE_READ);
if (cfg_anal_strings) {
add_string_ref (core, op.addr, dst);
}
}
}
#endif
} else if ((target && op.ptr == ntarget) || !target) {
if (CHECKREF (ESIL->cur)) {
if (op.ptr && r_io_is_valid_offset (core->io, op.ptr, !core->anal->opt.noncode)) {
Expand Down Expand Up @@ -6064,7 +6101,7 @@ R_API void r_core_anal_esil(RCore *core, const char *str /* len */, const char *
break;
}
if ((target && dst == ntarget) || !target) {
if (dst > 0xffff && opsrc1 && (dst & 0xffff) == (opsrc1->imm & 0xffff) && myvalid (core->io, dst)) {
if (dst > 0xffff && opsrc1 && (dst & 0xffff) == (opsrc1->imm & 0xffff) && myvalid (core, dst)) {
RFlagItem *f;
char *str;
if (CHECKREF (dst) || CHECKREF (cur)) {
Expand Down Expand Up @@ -6100,7 +6137,7 @@ R_API void r_core_anal_esil(RCore *core, const char *str /* len */, const char *
{
ut64 dst = esilbreak_last_read;
if (dst != UT64_MAX && CHECKREF (dst)) {
if (myvalid (core->io, dst)) {
if (myvalid (core, dst)) {
r_anal_xrefs_set (core->anal, cur, dst, R_ANAL_REF_TYPE_DATA | R_ANAL_REF_TYPE_READ);
if (cfg_anal_strings) {
add_string_ref (core, op.addr, dst);
Expand All @@ -6109,7 +6146,7 @@ R_API void r_core_anal_esil(RCore *core, const char *str /* len */, const char *
}
dst = esilbreak_last_data;
if (dst != UT64_MAX && CHECKREF (dst)) {
if (myvalid (core->io, dst)) {
if (myvalid (core, dst)) {
r_anal_xrefs_set (core->anal, cur, dst, R_ANAL_REF_TYPE_DATA | R_ANAL_REF_TYPE_READ);
if (cfg_anal_strings) {
add_string_ref (core, op.addr, dst);
Expand All @@ -6122,7 +6159,7 @@ R_API void r_core_anal_esil(RCore *core, const char *str /* len */, const char *
{
ut64 dst = op.jump;
if (CHECKREF (dst)) {
if (myvalid (core->io, dst)) {
if (myvalid (core, dst)) {
r_anal_xrefs_set (core->anal, cur, dst, R_ANAL_REF_TYPE_CODE | R_ANAL_REF_TYPE_EXEC);
}
}
Expand All @@ -6132,7 +6169,7 @@ R_API void r_core_anal_esil(RCore *core, const char *str /* len */, const char *
{
ut64 dst = op.jump;
if (CHECKREF (dst) || (target && dst == ntarget)) {
if (myvalid (core->io, dst)) {
if (myvalid (core, dst)) {
r_anal_xrefs_set (core->anal, cur, dst, R_ANAL_REF_TYPE_CALL | R_ANAL_REF_TYPE_EXEC);
}
ESIL->old = cur + op.size;
Expand All @@ -6152,7 +6189,7 @@ R_API void r_core_anal_esil(RCore *core, const char *str /* len */, const char *
dst = r_reg_getv (core->anal->reg, pcname);
}
if (CHECKREF (dst)) {
if (myvalid (core->io, dst)) {
if (myvalid (core, dst)) {
RAnalRefType ref =
(op.type & R_ANAL_OP_TYPE_MASK) == R_ANAL_OP_TYPE_UCALL
? R_ANAL_REF_TYPE_CALL
Expand Down
1 change: 1 addition & 0 deletions libr/flag/flag.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -509,6 +509,7 @@ R_API RFlagItem *r_flag_get(RFlag *f, const char *name) {
}

/* return the first flag item that can be found at offset "off", or NULL otherwise */
// R2_600 - rename to r_flag_get_at and r_flag_get_in ??
R_API RFlagItem *r_flag_get_i(RFlag *f, ut64 off) {
R_RETURN_VAL_IF_FAIL (f, NULL);
if (f->mask) {
Expand Down

0 comments on commit 14dd478

Please sign in to comment.