diff options
author | Cyrille Bagard <nocbos@gmail.com> | 2015-05-11 00:58:05 (GMT) |
---|---|---|
committer | Cyrille Bagard <nocbos@gmail.com> | 2015-05-11 00:58:05 (GMT) |
commit | 46bcc7f122245f22772fd3e38d16e6afa7bd5881 (patch) | |
tree | d3c2ba1a9999e373428954f24d0e60c1ea63b756 /src/arch/arm/v7 | |
parent | 1bda6c517d30d873ff0d92a96380946ef944c9ae (diff) |
Provided a way to look for ROP gadgets in binary code.
git-svn-id: svn://svn.gna.org/svn/chrysalide/trunk@533 abbe820e-26c8-41b2-8c08-b7b2b41f8b0a
Diffstat (limited to 'src/arch/arm/v7')
-rw-r--r-- | src/arch/arm/v7/opdefs/pop_A88131.d | 4 | ||||
-rw-r--r-- | src/arch/arm/v7/opdefs/pop_A88132.d | 4 |
2 files changed, 3 insertions, 5 deletions
diff --git a/src/arch/arm/v7/opdefs/pop_A88131.d b/src/arch/arm/v7/opdefs/pop_A88131.d index ef5ab25..5229af9 100644 --- a/src/arch/arm/v7/opdefs/pop_A88131.d +++ b/src/arch/arm/v7/opdefs/pop_A88131.d @@ -39,7 +39,6 @@ //if BitCount(registers) < 1 then UNPREDICTABLE; //if registers<15> == '1' && InITBlock() && !LastInITBlock() then UNPREDICTABLE; - chk_call DefineAsReturn(1) } @@ -61,7 +60,6 @@ //if BitCount(registers) < 2 || (P == '1' && M == '1') then UNPREDICTABLE; //if registers<15> == '1' && InITBlock() && !LastInITBlock() then UNPREDICTABLE; - chk_call DefineAsReturn(1) } @@ -83,7 +81,7 @@ @rules { //if t == 13 || (t == 15 && InITBlock() && !LastInITBlock()) then UNPREDICTABLE; - chk_call DefineAsReturn(1) + if (Rt == '1111') ; chk_call DefineAsReturn(1) } diff --git a/src/arch/arm/v7/opdefs/pop_A88132.d b/src/arch/arm/v7/opdefs/pop_A88132.d index 89c51c9..1762b45 100644 --- a/src/arch/arm/v7/opdefs/pop_A88132.d +++ b/src/arch/arm/v7/opdefs/pop_A88132.d @@ -40,7 +40,7 @@ //if BitCount(register_list) < 2 then SEE LDM / LDMIA / LDMFD; //if registers<13> == '1' && ArchVersion() >= 7 then UNPREDICTABLE; - chk_call DefineAsReturn(1) + if (register_list & 0x8000) ; chk_call DefineAsReturn(1) } @@ -63,7 +63,7 @@ @rules { //if t == 13 then UNPREDICTABLE; - chk_call DefineAsReturn(1) + if (Rt == '1111') ; chk_call DefineAsReturn(1) } |