Search for concatenations with unlikely things to inform return/parameter consumption calculation. More...
Public Member Functions | |
| virtual Rule * | clone (const ActionGroupList &grouplist) const |
| Clone the Rule. More... | |
| virtual void | getOpList (vector< uint4 > &oplist) const |
| List of op codes this rule operates on. More... | |
| virtual int4 | applyOp (PcodeOp *op, Funcdata &data) |
| Attempt to apply this Rule. More... | |
 Public Member Functions inherited from Rule | |
| Rule (const string &g, uint4 fl, const string &nm) | |
| Construct given group, properties name. More... | |
| bool | checkActionBreak (void) |
| Check if an action breakpoint is turned on. More... | |
| virtual void | reset (Funcdata &data) |
| Reset this Rule. More... | |
| virtual void | resetStats (void) |
| Reset Rule statistics. More... | |
| virtual void | printStatistics (ostream &s) const |
| Print statistics for this Rule. More... | |
Static Private Member Functions | |
| static bool | isPathology (Varnode *vn, Funcdata &data) |
| Return true if concatenating with a SUBPIECE of the given Varnode is unusual. More... | |
| static int4 | tracePathologyForward (PcodeOp *op, Funcdata &data) |
| Given a known pathological concatenation, trace it forward to CALLs and RETURNs. More... | |
Additional Inherited Members | |
| Public Types inherited from Rule | |
| enum | typeflags { type_disable = 1, rule_debug = 2, warnings_on = 4, warnings_given = 8 } |
| Properties associated with a Rule. More... | |
Detailed Description
Search for concatenations with unlikely things to inform return/parameter consumption calculation.
For that can read/write part of a general purpose register, a small return value can get concatenated with unrelated data when the function writes directly to part of the return register. This searches for a characteristic pathology:
Member Function Documentation
◆ applyOp()
Attempt to apply this Rule.
This method contains the main logic for applying the Rule. It must use a given PcodeOp as the point at which the Rule applies. If it does apply, changes are made directly to the function and 1 (non-zero) is returned, otherwise 0 is returned.
Reimplemented from Rule.
References CPUI_INDIRECT, CPUI_SUBPIECE, Funcdata::getCallSpecs(), Address::getSpace(), and AddrSpace::isBigEndian().
◆ clone()
|
inlinevirtual |
◆ getOpList()
|
virtual |
List of op codes this rule operates on.
Populate the given array with all possible OpCodes this Rule might apply to. By default, this method returns all possible OpCodes
- Parameters
-
oplist is the array to populate
Reimplemented from Rule.
References CPUI_PIECE.
◆ isPathology()
Return true if concatenating with a SUBPIECE of the given Varnode is unusual.
- Returns
- true if the configuration is a pathology
References CPUI_CALL, CPUI_CALLIND, CPUI_COPY, CPUI_INDIRECT, CPUI_MULTIEQUAL, Funcdata::getCallSpecs(), PcodeOp::getOpFromConst(), and IPTR_IOP.
◆ tracePathologyForward()
Given a known pathological concatenation, trace it forward to CALLs and RETURNs.
If the pathology reaches a CALL or RETURN, it is noted, through the FuncProto or FuncCallSpecs object, that the parameter or return value is only partially consumed. The subvariable flow rules can then decide whether or not to truncate this part of the data-flow.
- Parameters
-
op is CPUI_PIECE op that is the pathological concatenation data is the function containing the data-flow
- Returns
- a non-zero value if new bytes are labeled as unconsumed
References CPUI_CALL, CPUI_CALLIND, CPUI_COPY, CPUI_INDIRECT, CPUI_MULTIEQUAL, CPUI_RETURN, Funcdata::getCallSpecs(), FuncProto::isInputLocked(), and FuncCallSpecs::setInputBytesConsumed().
The documentation for this class was generated from the following files:
- ruleaction.hh
- ruleaction.cc
