How to use the angr.storage.memory_object.SimMemoryObject function in angr
To help you get started, we’ve selected a few angr examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
andreafioraldi / angrdbg / angrdbg / memory_7.py View on Github 
def _insert_memory_object(self, value, address, size):
value.make_uuid()
if self.category == 'mem':
self.state.scratch.dirty_addrs.update(range(address, address+size))
mo = SimMemoryObject(value, address, length=size, byte_width=self.state.arch.byte_width)
self.mem.store_memory_object(mo)initialized = False
if self.state is not None:
self.state.scratch.push_priv(True)
if self._memory_backer is None:
pass
elif isinstance(self._memory_backer, cle.Clemory) and self._memory_backer.is_concrete_target_set():
try:
concrete_memory = self._memory_backer.load(new_page_addr, self._page_size)
if self.byte_width == 8:
backer = concrete_memory
else:
backer = claripy.BVV(concrete_memory)
mo = SimMemoryObject(backer, new_page_addr, byte_width=self.byte_width)
self._apply_object_to_page(n * self._page_size, mo, page=new_page)
initialized = True
except SimConcreteMemoryError:
l.debug("The address requested is not mapped in the concrete process memory \
this can happen when a memory allocation function/syscall is invoked in the simulated execution \
and the map_region function is called")
return initialized
elif isinstance(self._memory_backer, cle.Clemory):
# find permission backer associated with the address
# fall back to default (read-write-maybe-exec) if can't find any
for start, end in self._permission_map:
if start <= new_page_addr < end:
flags = self._permission_map[(start, end)]
new_page.permissions = claripy.BVV(flags, 3)source=i,
inspect=inspect,
events=events,
key=self.variable_key_prefix + (addr,),
eternal=False) # :(
for i in range(addr, addr+num_bytes, self.mem._page_size)
]
if self.category == 'reg' and self.state.arch.register_endness == 'Iend_LE':
all_missing = [ a.reversed for a in all_missing ]
elif self.category != 'reg' and self.state.arch.memory_endness == 'Iend_LE':
all_missing = [ a.reversed for a in all_missing ]
b = self.state.se.Concat(*all_missing) if len(all_missing) > 1 else all_missing[0]
if events:
self.state.history.add_event('uninitialized', memory_id=self.id, addr=addr, size=num_bytes)
default_mo = SimMemoryObject(b, addr, byte_width=self.state.arch.byte_width)
self.state.scratch.push_priv(True)
self.mem.store_memory_object(default_mo, overwrite=False)
self.state.scratch.pop_priv()
return default_momo = SimMemoryObject(claripy.BVV(byte, self.byte_width), write_start + i, byte_width=self.byte_width)
self._apply_object_to_page(n*self._page_size, mo, page=new_page)
new_page.permissions = claripy.BVV(flags, 3)
initialized = True
elif len(self._memory_backer) <= self._page_size:
for i in self._memory_backer:
if new_page_addr <= i and i <= new_page_addr + self._page_size:
if isinstance(self._memory_backer[i], claripy.ast.Base):
backer = self._memory_backer[i]
elif isinstance(self._memory_backer[i], bytes):
backer = claripy.BVV(self._memory_backer[i])
else:
backer = claripy.BVV(self._memory_backer[i], self.byte_width)
mo = SimMemoryObject(backer, i, byte_width=self.byte_width)
self._apply_object_to_page(n*self._page_size, mo, page=new_page)
initialized = True
elif len(self._memory_backer) > self._page_size:
for i in range(self._page_size):
try:
if isinstance(self._memory_backer[i], claripy.ast.Base):
backer = self._memory_backer[i]
elif isinstance(self._memory_backer[i], bytes):
backer = claripy.BVV(self._memory_backer[i])
else:
backer = claripy.BVV(self._memory_backer[i], self.byte_width)
mo = SimMemoryObject(backer, new_page_addr+i, byte_width=self.byte_width)
self._apply_object_to_page(n*self._page_size, mo, page=new_page)
initialized = True
except KeyError:
passself._apply_object_to_page(new_page_addr, mo, page=new_page)
initialized = True
elif len(self._memory_backer) <= self._page_size:
for i in self._memory_backer:
if new_page_addr <= i <= new_page_addr + self._page_size:
if isinstance(self._memory_backer[i], claripy.ast.Base):
backer = self._memory_backer[i]
elif isinstance(self._memory_backer[i], bytes):
backer = self._memory_backer[i]
if self.byte_width != 8: # if we have direct bytes we can store it directly
backer = claripy.BVV(backer)
else:
backer = claripy.BVV(self._memory_backer[i], self.byte_width)
mo = SimMemoryObject(backer, i, byte_width=self.byte_width)
self._apply_object_to_page(n*self._page_size, mo, page=new_page)
initialized = True
elif len(self._memory_backer) > self._page_size:
for i in range(self._page_size):
try:
backer = self._memory_backer[i]
if not isinstance(self._memory_backer[i], (claripy.ast.Base, bytes)):
backer = claripy.BVV(self._memory_backer[i], self.byte_width)
if type(backer) is bytes and self.byte_width != 8:
backer = claripy.BVV(backer)
mo = SimMemoryObject(backer, new_page_addr+i, byte_width=self.byte_width)
self._apply_object_to_page(n*self._page_size, mo, page=new_page)#both_changed = our_changes & their_changes
#ours_changed_only = our_changes - both_changed
#theirs_changed_only = their_changes - both_changed
#both_deleted = their_deletions & our_deletions
#ours_deleted_only = our_deletions - both_deleted
#theirs_deleted_only = their_deletions - both_deleted
differences = set()
for c in candidates:
if c not in self and c in other:
differences.add(c)
elif c in self and c not in other:
differences.add(c)
else:
if type(self[c]) is not SimMemoryObject:
self[c] = SimMemoryObject(self.state.se.BVV(ord(self[c]), self.byte_width), c, byte_width=self.byte_width)
if type(other[c]) is not SimMemoryObject:
other[c] = SimMemoryObject(self.state.se.BVV(ord(other[c]), self.byte_width), c, byte_width=self.byte_width)
if c in self and self[c] != other[c]:
# Try to see if the bytes are equal
self_byte = self[c].bytes_at(c, 1)
other_byte = other[c].bytes_at(c, 1)
if self_byte is not other_byte:
#l.debug("%s: offset %x, two different bytes %s %s from %s %s", self.id, c,
# self_byte, other_byte,
# self[c].object.model, other[c].object.model)
differences.add(c)
else:
# this means the byte is in neither memory
pass
return differencesnew_page.permissions = claripy.BVV(flags, 3)
break
# for each clemory backer which intersects with the page, apply its relevant data
for backer_addr, backer in self._memory_backer.backers(new_page_addr):
if backer_addr >= new_page_addr + self._page_size:
break
relevant_region_start = max(new_page_addr, backer_addr)
relevant_region_end = min(new_page_addr + self._page_size, backer_addr + len(backer))
slice_start = relevant_region_start - backer_addr
slice_end = relevant_region_end - backer_addr
if self.byte_width == 8:
relevant_data = bytes(memoryview(backer)[slice_start:slice_end])
mo = SimMemoryObject(
claripy.BVV(relevant_data),
relevant_region_start,
byte_width=self.byte_width)
self._apply_object_to_page(new_page_addr, mo, page=new_page)
else:
for i, byte in enumerate(backer[slice_start:slice_end]):
mo = SimMemoryObject(claripy.BVV(byte, self.byte_width),
relevant_region_start + i,
byte_width=self.byte_width)
self._apply_object_to_page(new_page_addr, mo, page=new_page)
initialized = True
elif len(self._memory_backer) <= self._page_size:
for i in self._memory_backer:
if new_page_addr <= i <= new_page_addr + self._page_size:backer = claripy.BVV(self._memory_backer[i])
else:
backer = claripy.BVV(self._memory_backer[i], self.byte_width)
mo = SimMemoryObject(backer, i, byte_width=self.byte_width)
self._apply_object_to_page(n*self._page_size, mo, page=new_page)
initialized = True
elif len(self._memory_backer) > self._page_size:
for i in range(self._page_size):
try:
if isinstance(self._memory_backer[i], claripy.ast.Base):
backer = self._memory_backer[i]
elif isinstance(self._memory_backer[i], bytes):
backer = claripy.BVV(self._memory_backer[i])
else:
backer = claripy.BVV(self._memory_backer[i], self.byte_width)
mo = SimMemoryObject(backer, new_page_addr+i, byte_width=self.byte_width)
self._apply_object_to_page(n*self._page_size, mo, page=new_page)
initialized = True
except KeyError:
pass
# page from debugger
try:
if seg is not None:
perms = 0
if seg.perm & idaapi.SEGPERM_EXEC:
perms += IdaPage.PROT_EXEC
if seg.perm & idaapi.SEGPERM_WRITE:
perms += IdaPage.PROT_WRITE
if seg.perm & idaapi.SEGPERM_READ:
perms += IdaPage.PROT_READ
new_page.permissions = claripy.BVV(perms, 3)#both_changed = our_changes & their_changes
#ours_changed_only = our_changes - both_changed
#theirs_changed_only = their_changes - both_changed
#both_deleted = their_deletions & our_deletions
#ours_deleted_only = our_deletions - both_deleted
#theirs_deleted_only = their_deletions - both_deleted
differences = set()
for c in candidates:
if c not in self and c in other:
differences.add(c)
elif c in self and c not in other:
differences.add(c)
else:
if type(self[c]) is not SimMemoryObject:
self[c] = SimMemoryObject(self.state.solver.BVV(ord(self[c]), self.byte_width), c, byte_width=self.byte_width)
if type(other[c]) is not SimMemoryObject:
other[c] = SimMemoryObject(self.state.solver.BVV(ord(other[c]), self.byte_width), c, byte_width=self.byte_width)
if c in self and self[c] != other[c]:
# Try to see if the bytes are equal
self_byte = self[c].bytes_at(c, 1)
other_byte = other[c].bytes_at(c, 1)
if self_byte is not other_byte:
#l.debug("%s: offset %x, two different bytes %s %s from %s %s", self.id, c,
# self_byte, other_byte,
# self[c].object.model, other[c].object.model)
differences.add(c)
else:
# this means the byte is in neither memory
pass
return differencesangr
A multi-architecture binary analysis toolkit, with the ability to perform dynamic symbolic execution and various static analyses on binaries
Package Health Score
88 / 100Popular angr functions
- angr.analyses.AnalysesHub.register_default
- angr.analyses.identifier.func.TestData
- angr.errors
- angr.errors.AngrError
- angr.errors.SimMemoryError
- angr.errors.SimMergeError
- angr.errors.SimValueError
- angr.exploration_techniques
- angr.options
- angr.Project
- angr.sim_options
- angr.SIM_PROCEDURES
- angr.sim_state.SimState
- angr.sim_state.SimState.register_default
- angr.sim_type.SimTypeInt
- angr.SimProcedure
- angr.SimState
- angr.state_plugins.plugin.SimStatePlugin
- angr.state_plugins.sim_action.SimActionData
- angr.storage.memory_object.SimMemoryObject