summaryrefslogtreecommitdiff
path: root/python/wmzc.py
blob: a92872233b426b06e1338fb2ef88b2c24866c89e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
#!/usr/bin/python
# -*- coding: utf-8 -*-


import argparse
import sys

# from pychrysalide.features import *
from pychrysalide.analysis import BinRoutine
from pychrysalide.analysis import LoadedBinary
from pychrysalide.analysis import StudyProject
from pychrysalide.analysis.contents import FileContent
from pychrysalide.arch import ArchInstruction
from pychrysalide.arch import vmpa
from pychrysalide.core import wait_for_all_global_works
from pychrysalide.format import FlatFormat
from pychrysalide.glibext import BinPortion


def link_type_to_str(t):

    links = [ getattr(ArchInstruction, a) for a in dir(ArchInstruction) if a.startswith('ILT_') ]

    return str(links[links.index(t)])[4:]


def stringify_block(blk):

    first, last = blk.boundaries

    starting = '*' if len(first.sources) == 0 else ' '

    desc = '%s Block @ 0x%x: %s - %s' % (starting, first.range.addr.phys, first.keyword, last.keyword)

    for db, dt in blk.destinations:
        desc += '  |-> 0x%x (%s)' % (db.boundaries[0].range.addr.phys, link_type_to_str(dt))

    return desc


def find_by_addr(grp, addr):

    found = None

    for g in grp:

        first = g._bb.boundaries[0]

        if first.range.addr.phys == addr.phys:
            found = g
            break

    return found


class EnhancedBlock():

    def __init__(self, bb, maxlen):

        self._bb = bb
        self._maxlen = maxlen

        self._traversed = False
        self._dfsp_pos = 0
        self._iloop_header = None

        self._irreducible = False


    def __str__(self):

        if self._iloop_header is None:
            loop_header = ' ' * self._maxlen
        else:
            first, last = self._iloop_header._bb.boundaries
            loop_header = '0x%x' % first.range.addr.phys

        desc = ' %s loop=%s ||' % ('I' if self._irreducible else '-', loop_header)

        desc += stringify_block(self._bb)

        return desc


    def get_successors(self, grp):

        result = []

        for db, dt in self._bb.destinations:

            succ = find_by_addr(grp, db.boundaries[0].range.addr)

            if succ:
                result.append(succ)

        return result


    def tag_lhead(self, h):

        if self == h or h == None:
            return

        cur1 = self
        cur2 = h

        while cur1._iloop_header != None:

            ih = cur1._iloop_header

            if ih == cur2:
                return

            if ih._dfsp_pos < cur2._dfsp_pos:

                cur1._iloop_header = cur2
                cur1 = cur2
                cur2 = ih

            else:

                cur1 = ih

        cur1._iloop_header = cur2


    def trav_loops_DFS(self, grp, pos):

        self._traversed = True
        self._dfsp_pos = pos

        for b in self.get_successors(grp):

            # Case A: new
            if not(b._traversed):

                nh = b.trav_loops_DFS(grp, pos + 1)
                self.tag_lhead(nh)

            else:

                # b in DFSP(self)
                if b._dfsp_pos > 0:

                    # case(B)
                    # Mark b as a loop header;
                    self.tag_lhead(b)

                # Case C, do nothing
                elif b._iloop_header is None:

                    pass

                else:

                    h = b._iloop_header

                    # h in DFSP(self)
                    if h._dfsp_pos > 0:

                        # Case D
                        self.tag_lhead(h)

                    # h not in DFSP(self)
                    else:

                        # Case E, reentry

                        b._irreducible = True

                        # Mark b and (self,b) as re-entry;
                        # Mark the loop of h as irreducible;

                        while h._iloop_header != None:

                            h = h._iloop_header;

                            # h in DFSP(self)
                            if h._dfsp_pos > 0:
                                self.tag_lhead(h)
                                break;

                            # Mark the loop of h as irreducible;

        # Clear self's DFSP position
        self._dfsp_pos = 0

        return self._iloop_header


if __name__ == '__main__':

    title = '%s - Implement "a new algorithm for identifying loops in decompilation".' % sys.argv[0]

    parser = argparse.ArgumentParser(description=title, add_help=False)

    parser.add_argument('-h', '--help', action='store_true', help='Display the command line options understood by %s.' % sys.argv[0])

    parser.add_argument('binfile', type=str, help='The object file to be examined')
    parser.add_argument('target', type=str, help='The analyzed function to process (name or address)')

    args = parser.parse_args()

    if args.help:
        parser.print_help()
        sys.exit(1)

    target = args.target

    cnt = FileContent(args.binfile)

    if target.startswith('0x'):

        fmt = FlatFormat(cnt)
        fmt.set_machine('armv7')

        base = vmpa(0, int(target, 16) & ~0x1)

        p = BinPortion(BinPortion.BPC_CODE, base, cnt.size)
        p.rights = BinPortion.PAC_READ | BinPortion.PAC_EXEC

        print(p.range)

        fmt.register_user_portion(p)

        sym = BinRoutine()
        sym.name = 'code'
        sym.range = p.range

        fmt.add_symbol(sym)

        fmt.register_code_point(int(target, 16), True)

        binary = LoadedBinary(fmt)
        binary.analyze_and_wait()

        target = sym.name

    else:

        prj = StudyProject()

        prj.discover(cnt)

        wait_for_all_global_works()

        binary = prj.contents[0]


    sym = binary.format.find_symbol_by_label(target)

    if not(sym):
        print('Function "%s" not found!' % target)
        sys.exit(1)

    maxlen = 0

    for bb in sym.basic_blocks:

        loc = '0x%x' % bb.boundaries[0].range.addr.phys

        if len(loc) > maxlen:
            maxlen = len(loc)

    elist = []

    for bb in sym.basic_blocks:
        elist.append(EnhancedBlock(bb, maxlen))

    elist[0].trav_loops_DFS(elist, 1)

    for e in elist:
        print(e)