How to use the angr.errors.SimMemoryError function in angr
To help you get started, we’ve selected a few angr examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
angr / angr / angr / storage / paged_memory.py View on Github 
def permissions(self, addr, permissions=None):
"""
Returns the permissions for a page at address `addr`.
If optional argument permissions is given, set page permissions to that prior to returning permissions.
"""
if self.state.solver.symbolic(addr):
raise SimMemoryError("page permissions cannot currently be looked up for symbolic addresses")
if isinstance(addr, claripy.ast.bv.BV):
addr = self.state.solver.eval(addr)
page_num = addr // self._page_size
try:
page = self._get_page(page_num)
except KeyError:
raise SimMemoryMissingError("page does not exist at given address")
# Set permissions for the page
if permissions is not None:
if isinstance(permissions, int):
permissions = claripy.BVV(permissions, 3)If optional argument permissions is given, set page permissions to that prior to returning permissions.
"""
if self.state.solver.symbolic(addr):
raise SimMemoryError(
"page permissions cannot currently be looked up for symbolic addresses")
if isinstance(addr, claripy.ast.bv.BV):
addr = self.state.solver.eval(addr)
page_num = addr // self._page_size
try:
page = self._get_page(page_num)
except KeyError:
raise SimMemoryError("page does not exist at given address")
# Set permissions for the page
if permissions is not None:
if isinstance(permissions, (int, long)):
permissions = claripy.BVV(permissions, 3)
if not isinstance(permissions, claripy.ast.bv.BV):
raise SimMemoryError(
"Unknown permissions argument type of {0}.".format(
type(permissions)))
page.permissions = permissions
return page.permissions
addr = self.state.solver.eval(addr)
page_num = addr // self._page_size
try:
page = self._get_page(page_num)
except KeyError:
raise SimMemoryError("page does not exist at given address")
# Set permissions for the page
if permissions is not None:
if isinstance(permissions, (int, long)):
permissions = claripy.BVV(permissions, 3)
if not isinstance(permissions, claripy.ast.bv.BV):
raise SimMemoryError(
"Unknown permissions argument type of {0}.".format(
type(permissions)))
page.permissions = permissions
return page.permissionsdef map_region(self, addr, length, permissions, init_zero=False):
if o.TRACK_MEMORY_MAPPING not in self.state.options:
return
if self.state.solver.symbolic(addr):
raise SimMemoryError("cannot map region with a symbolic address")
if isinstance(addr, claripy.ast.bv.BV):
addr = self.state.solver.max_int(addr)
base_page_num = self._page_id(addr)
pages = self._num_pages(addr, addr + length)
# this check should not be performed when constructing a CFG
if self.state.mode != 'fastpath':
for p_num in range(pages):
page_id = base_page_num + p_num
if self._page_addr(page_id) in self:
err = "map_page received address and length combination which contained mapped page"
l.warning(err)
raise SimMemoryError(err)def unset_stack_address_mapping(self, absolute_address):
"""
Remove a stack mapping.
:param absolute_address: An absolute memory address, which is the base address of the stack frame to destroy.
"""
if self._stack_region_map is None:
raise SimMemoryError('Stack region map is not initialized.')
self._stack_region_map.unmap_by_address(absolute_address)def replace_memory_object(self, old, new_content):
"""
Replaces the memory object `old` with a new memory object containing `new_content`.
:param old: A SimMemoryObject (i.e., one from :func:`memory_objects_for_hash()` or :func:`
memory_objects_for_name()`).
:param new_content: The content (claripy expression) for the new memory object.
:returns: the new memory object
"""
if old.object.size() != new_content.size():
raise SimMemoryError("memory objects can only be replaced by the same length content")
new = SimMemoryObject(new_content, old.base, byte_width=self.byte_width)
for p in self._containing_pages_mo(old):
self._get_page(p//self._page_size, write=True).replace_mo(self.state, old, new)
if isinstance(new.object, claripy.ast.BV):
for b in range(old.base, old.base+old.length):
self._update_mappings(b, new.object)
return newdef _is_target_valid(self, cfg, target): # pylint:disable=no-self-use
"""
Check if the resolved target is valid.
:param cfg: The CFG analysis object.
:param int target: The target to check.
:return: True if the target is valid. False otherwise.
:rtype: bool
"""
if self.base_state is not None:
try:
if self.base_state.solver.is_true((self.base_state.memory.permissions(target) & 4) == 4):
return True
except SimMemoryError:
pass
return False
if cfg._addr_in_exec_memory_regions(target):
# the jump target is executable
return True
if self.project.is_hooked(target):
# the jump target is hooked
return True
return FalseReplaces all instances of expression `old` with expression `new`.
:param old: A claripy expression. Must contain at least one named variable (to make it possible to use the
name index for speedup).
:param new: The new variable to replace it with.
"""
if options.REVERSE_MEMORY_NAME_MAP not in self.state.options:
raise SimMemoryError("replace_all is not doable without a reverse name mapping. Please add "
"sim_options.REVERSE_MEMORY_NAME_MAP to the state options")
if not isinstance(old, claripy.ast.BV) or not isinstance(new, claripy.ast.BV):
raise SimMemoryError("old and new arguments to replace_all() must be claripy.BV objects")
if len(old.variables) == 0:
raise SimMemoryError("old argument to replace_all() must have at least one named variable")
# Compute an intersection between sets of memory objects for each unique variable name. The eventual memory
# object set contains all memory objects that we should update.
memory_objects = None
for v in old.variables:
if memory_objects is None:
memory_objects = self.memory_objects_for_name(v)
elif len(memory_objects) == 0:
# It's a set and it's already empty
# there is no way for it to go back...
break
else:
memory_objects &= self.memory_objects_for_name(v)
replaced_objects_cache = { }
for mo in memory_objects:if not is_write: # this work doesn't need to be done if we're just gonna overwrite it
self.store('cc_dep1', _get_flags(self.state)[0]) # TODO: can constraints be added by this?
self.store('cc_op', 0) # OP_COPY
return self.state.arch.registers['cc_dep1'][0], self.state.arch.bytes
if is_arm_arch(self.state.arch):
if name == 'flags':
if not is_write:
self.store('cc_dep1', _get_flags(self.state)[0])
self.store('cc_op', 0)
return self.state.arch.registers['cc_dep1'][0], self.state.arch.bytes
return self.state.arch.registers[name]
elif name[0] == '*':
return self.state.registers.load(name[1:]), None
else:
raise SimMemoryError("Trying to address memory with a register name.")angr
A multi-architecture binary analysis toolkit, with the ability to perform dynamic symbolic execution and various static analyses on binaries
Package Health Score
88 / 100Popular angr functions
- angr.analyses.AnalysesHub.register_default
- angr.analyses.identifier.func.TestData
- angr.errors
- angr.errors.AngrError
- angr.errors.SimMemoryError
- angr.errors.SimMergeError
- angr.errors.SimValueError
- angr.exploration_techniques
- angr.options
- angr.Project
- angr.sim_options
- angr.SIM_PROCEDURES
- angr.sim_state.SimState
- angr.sim_state.SimState.register_default
- angr.sim_type.SimTypeInt
- angr.SimProcedure
- angr.SimState
- angr.state_plugins.plugin.SimStatePlugin
- angr.state_plugins.sim_action.SimActionData
- angr.storage.memory_object.SimMemoryObject