1. Advisor
  2. ailment
  3. functions
  4. ailment.Expr
View all ailment analysis

How to use the ailment.Expr function in ailment

To help you get started, we’ve selected a few ailment examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github angr / angr / angr / analyses / decompiler / structured_codegen.py View on Github external
ConditionNode: self._handle_Condition,
            ConditionalBreakNode: self._handle_ConditionalBreak,
            MultiNode: self._handle_MultiNode,
            Block: self._handle_AILBlock,
            # AIL statements
            Stmt.Store: self._handle_Stmt_Store,
            Stmt.Assignment: self._handle_Stmt_Assignment,
            Stmt.Call: self._handle_Stmt_Call,
            # AIL expressions
            Expr.Register: self._handle_Expr_Register,
            Expr.Load: self._handle_Expr_Load,
            Expr.Tmp: self._handle_Expr_Tmp,
            Expr.Const: self._handle_Expr_Const,
            Expr.UnaryOp: self._handle_Expr_UnaryOp,
            Expr.BinaryOp: self._handle_Expr_BinaryOp,
            Expr.Convert: self._handle_Expr_Convert,
            Expr.StackBaseOffset: self._handle_Expr_StackBaseOffset,
            Expr.DirtyExpression: self._handle_Expr_Dirty,
            # SimVariables
            SimStackVariable: self._handle_Variable_SimStackVariable,
            SimRegisterVariable: self._handle_Variable_SimRegisterVariable,
        }

        self._analyze()
github angr / angr / angr / analyses / decompiler / clinic.py View on Github external
elif type(expr) is ailment.Expr.Load:
            # import ipdb; ipdb.set_trace()
            variables = variable_manager.find_variables_by_atom(block.addr, stmt_idx, expr)
            if len(variables) == 0:
                self._link_variables_on_expr(variable_manager, block, stmt_idx, stmt, expr.addr)
            else:
                if len(variables) > 1:
                    l.error("More than one variable are available for atom %s. Consider fixing it using phi nodes.",
                            expr
                            )
                var, offset = next(iter(variables))
                expr.variable = var
                expr.offset = offset

        elif type(expr) is ailment.Expr.BinaryOp:
            variables = variable_manager.find_variables_by_atom(block.addr, stmt_idx, expr)
            if len(variables) == 1:
                var, offset = next(iter(variables))
                expr.referenced_variable = var
                expr.offset = offset
            else:
                self._link_variables_on_expr(variable_manager, block, stmt_idx, stmt, expr.operands[0])
                self._link_variables_on_expr(variable_manager, block, stmt_idx, stmt, expr.operands[1])

        elif type(expr) is ailment.Expr.UnaryOp:
            variables = variable_manager.find_variables_by_atom(block.addr, stmt_idx, expr)
            if len(variables) == 1:
                var, offset = next(iter(variables))
                expr.referenced_variable = var
                expr.offset = offset
            else:
github angr / angr / angr / analyses / decompiler / optimization_passes / optimization_pass.py View on Github external
def _is_sub(self, expr):
        return isinstance(expr, ailment.Expr.BinaryOp) and expr.op == "Sub"
github angr / angr / angr / engines / light / engine.py View on Github external
def _ail_handle_Mul(self, expr):

        arg0, arg1 = expr.operands

        expr_0 = self._expr(arg0)
        expr_1 = self._expr(arg1)

        if expr_0 is None:
            expr_0 = arg0
        if expr_1 is None:
            expr_1 = arg1

        try:
            return expr_0 * expr_1
        except TypeError:
            return ailment.Expr.BinaryOp(expr.idx, 'Mul', [expr_0, expr_1], **expr.tags)
github angr / angr / angr / analyses / decompiler / optimization_passes / optimization_pass.py View on Github external
def _is_add(self, expr):
        return isinstance(expr, ailment.Expr.BinaryOp) and expr.op == "Add"
github angr / angr / angr / analyses / decompiler / optimization_passes / stack_canary_simplifier.py View on Github external
condition = stmt.condition
                if isinstance(condition, ailment.Expr.BinaryOp) and (
                        not negated and condition.op == "CmpEQ" or
                        negated and condition.op == "CmpNE"
                ):
                   pass
                else:
                    continue

                expr = condition.operands[0]
                if not isinstance(expr, ailment.Expr.UnaryOp):
                    continue
                if expr.op != "Xor":
                    continue
                op0, op1 = expr.operands
                if not isinstance(op0, ailment.Expr.Load):
                    continue
                if not isinstance(op0.addr, ailment.Expr.StackBaseOffset):
                    continue
                if op0.addr.offset != s2u(canary_value_stack_offset, self.project.arch.bits):
                    continue
                if not isinstance(op1, ailment.Expr.Load):
                    continue
                if not isinstance(op1.addr, ailment.Expr.BinaryOp):
                    continue
                if not op1.addr.op == "Add":
                    continue
                if not isinstance(op1.addr.operands[0], ailment.Expr.Const):
                    continue
                if op1.addr.operands[0].value != 0x28:
                    continue
                if not isinstance(op1.addr.operands[1], ailment.Expr.Register):

ailment

The angr intermediate language.

GitHub
BSD-2-Clause
Latest version published 6 days ago

Package Health Score

76 / 100
Full package analysis

Popular ailment functions

Similar packages