A collection of p-code injection payloads. More...
#include <pcodeinject.hh>
Public Member Functions | |
| PcodeInjectLibrary (Architecture *g, uintb tmpbase) | |
| Constructor. | |
| virtual | ~PcodeInjectLibrary (void) |
| Destructor. | |
| uintb | getUniqueBase (void) const |
| Get the (current) offset for building temporary registers. | |
| int4 | getPayloadId (int4 type, const string &nm) const |
| Map name and type to the payload id. More... | |
| InjectPayload * | getPayload (int4 id) const |
| Get the InjectPayload by id. | |
| string | getCallFixupName (int4 injectid) const |
| Get the call-fixup name associated with an id. More... | |
| string | getCallOtherTarget (int4 injectid) const |
| Get the callother-fixup name associated with an id. More... | |
| string | getCallMechanismName (int4 injectid) const |
| Get the call mechanism name associated with an id. More... | |
| int4 | restoreXmlInject (const string &src, const string &nm, int4 tp, const Element *el) |
| Read in and register an injection payload from an XML stream. More... | |
| virtual void | restoreDebug (const Element *el) |
| A method for reading in p-code generated externally for use in debugging. More... | |
| virtual int4 | manualCallFixup (const string &name, const string &snippetstring)=0 |
| Manually add a call-fixup payload given a compilable snippet of p-code source. More... | |
| virtual int4 | manualCallOtherFixup (const string &name, const string &outname, const vector< string > &inname, const string &snippet)=0 |
| Manually add a callother-fixup payload given a compilable snippet of p-code source. More... | |
| virtual InjectContext & | getCachedContext (void)=0 |
| Retrieve a reusable context object for this library. More... | |
| virtual const vector< OpBehavior * > & | getBehaviors (void)=0 |
| Get the array of op-code behaviors for initializing and emulator. More... | |
Protected Member Functions | |
| void | registerCallFixup (const string &fixupName, int4 injectid) |
| Map a call-fixup name to a payload id. More... | |
| void | registerCallOtherFixup (const string &fixupName, int4 injectid) |
| Map a callother-fixup name to a payload id. More... | |
| void | registerCallMechanism (const string &fixupName, int4 injectid) |
| Map a call mechanism name to a payload id. More... | |
| void | registerExeScript (const string &scriptName, int4 injectid) |
| Map a p-code script name to a payload id. More... | |
| virtual int4 | allocateInject (const string &sourceName, const string &name, int4 type)=0 |
| Allocate a new InjectPayload object. More... | |
| virtual void | registerInject (int4 injectid)=0 |
| Finalize a payload within the library, once the payload is initialized. More... | |
Protected Attributes | |
| Architecture * | glb |
| The Architecture to which the injection payloads apply. | |
| uintb | tempbase |
| Offset within unique space for allocating temporaries within a payload. | |
| vector< InjectPayload * > | injection |
| Registered injections. | |
| map< string, int4 > | callFixupMap |
| Map of registered call-fixup names to injection id. | |
| map< string, int4 > | callOtherFixupMap |
| Map of registered callother-fixup names to injection id. | |
| map< string, int4 > | callMechFixupMap |
| Map of registered mechanism names to injection id. | |
| map< string, int4 > | scriptMap |
| Map of registered script names to ExecutablePcode id. | |
| vector< string > | callFixupNames |
| Map from injectid to call-fixup name. | |
| vector< string > | callOtherTarget |
| Map from injectid to callother-fixup target-op name. | |
| vector< string > | callMechTarget |
| Map from injectid to call-mech name. | |
| vector< string > | scriptNames |
| Map from injectid to script name. | |
Detailed Description
A collection of p-code injection payloads.
This is a container of InjectPayload objects that can be applied for a specific Architecture. Payloads can be read in via XML (restoreXmlInject()) and manually via manualCallFixup() and manualCallOtherFixup(). Each payload is assigned an integer id when it is read in, and getPayload() fetches the payload during analysis. The library also associates the formal names of payloads with the id. Payloads of different types, CALLFIXUP_TYPE, CALLOTHERFIXUP_TYPE, etc., are stored in separate namespaces.
This is an abstract base class. The derived classes determine the type of storage used by the payloads. The library also provides a reusable InjectContext object to match the payloads, which can be obtained via getCachedContext().
Member Function Documentation
◆ allocateInject()
|
protectedpure virtual |
Allocate a new InjectPayload object.
This acts as an InjectPayload factory. The formal name and type of the payload are given, this library allocates a new object that fits with its storage scheme and returns the id.
- Parameters
-
sourceName is a string describing the source of the new payload name is the formal name of the payload type is the formal type (CALLFIXUP_TYPE, CALLOTHERFIXUP_TYPE, etc.) of the payload
- Returns
- the id associated with the new InjectPayload object
Implemented in PcodeInjectLibrarySleigh.
◆ getBehaviors()
|
pure virtual |
Get the array of op-code behaviors for initializing and emulator.
Behaviors are pulled from the underlying architecture in order to initialize the Emulate object which services the p-code script payloads.
- Returns
- the array of OpBehavior objects indexed by op-code
Implemented in PcodeInjectLibrarySleigh, and PcodeInjectLibraryGhidra.
◆ getCachedContext()
|
pure virtual |
Retrieve a reusable context object for this library.
The object returned by this method gets passed to the payload inject() method. The clear() method must be called between uses.
- Returns
- the cached context object
Implemented in PcodeInjectLibrarySleigh, and PcodeInjectLibraryGhidra.
◆ getCallFixupName()
| string PcodeInjectLibrary::getCallFixupName | ( | int4 | injectid | ) | const |
Get the call-fixup name associated with an id.
- Parameters
-
injectid is an integer id of a call-fixup payload
- Returns
- the name of the payload or the empty string
◆ getCallMechanismName()
| string PcodeInjectLibrary::getCallMechanismName | ( | int4 | injectid | ) | const |
Get the call mechanism name associated with an id.
- Parameters
-
injectid is an integer id of a call mechanism payload
- Returns
- the name of the payload or the empty string
◆ getCallOtherTarget()
| string PcodeInjectLibrary::getCallOtherTarget | ( | int4 | injectid | ) | const |
Get the callother-fixup name associated with an id.
- Parameters
-
injectid is an integer id of a callother-fixup payload
- Returns
- the name of the payload or the empty string
◆ getPayloadId()
| int4 PcodeInjectLibrary::getPayloadId | ( | int4 | type, |
| const string & | nm | ||
| ) | const |
Map name and type to the payload id.
The given name is looked up in a symbol table depending on the given type. The integer id of the matching InjectPayload is returned.
- Parameters
-
type is the payload type nm is the formal name of the payload
- Returns
- the payload id or -1 if there is no matching payload
◆ manualCallFixup()
|
pure virtual |
Manually add a call-fixup payload given a compilable snippet of p-code source.
The snippet is compiled immediately to produce the payload.
- Parameters
-
name is the formal name of the new payload snippetstring is the compilable snippet of p-code source
- Returns
- the id of the new payload
Implemented in PcodeInjectLibrarySleigh, and PcodeInjectLibraryGhidra.
◆ manualCallOtherFixup()
|
pure virtual |
Manually add a callother-fixup payload given a compilable snippet of p-code source.
The snippet is compiled immediately to produce the payload. Symbol names for input and output parameters must be provided to the compiler.
- Parameters
-
name is the formal name of the new payload outname is the name of the output symbol inname is the ordered list of input symbol names snippet is the compilable snippet of p-code source
- Returns
- the id of the new payload
Implemented in PcodeInjectLibrarySleigh, and PcodeInjectLibraryGhidra.
◆ registerCallFixup()
|
protected |
Map a call-fixup name to a payload id.
- Parameters
-
fixupName is the formal name of the call-fixup injectid is the integer id
◆ registerCallMechanism()
|
protected |
Map a call mechanism name to a payload id.
- Parameters
-
fixupName is the formal name of the call mechanism injectid is the integer id
◆ registerCallOtherFixup()
|
protected |
Map a callother-fixup name to a payload id.
- Parameters
-
fixupName is the formal name of the callother-fixup injectid is the integer id
◆ registerExeScript()
|
protected |
Map a p-code script name to a payload id.
- Parameters
-
scriptName is the formal name of the p-code script injectid is the integer id
◆ registerInject()
|
protectedpure virtual |
Finalize a payload within the library, once the payload is initialized.
This provides the derived class the opportunity to add the payload name to the symbol tables or do anything else it needs to once the InjectPayload object has been fully initialized.
- Parameters
-
injectid is the id of the InjectPayload to finalize
Implemented in PcodeInjectLibrarySleigh.
◆ restoreDebug()
|
inlinevirtual |
A method for reading in p-code generated externally for use in debugging.
Instantiate a special InjectPayloadDynamic object initialized with an <injectdebug> tag. Within the library, this replaces the original InjectPayload, allowing its p-code to be replayed for debugging purposes.
- Parameters
-
el is the <injectdebug> element
Reimplemented in PcodeInjectLibrarySleigh.
◆ restoreXmlInject()
| int4 PcodeInjectLibrary::restoreXmlInject | ( | const string & | src, |
| const string & | nm, | ||
| int4 | tp, | ||
| const Element * | el | ||
| ) |
Read in and register an injection payload from an XML stream.
The root XML element describing the payload is given (<pcode>, <callfixup> <callotherfixup>, etc.), the InjectPayload is allocated and then initialized using the element. Then the InjectPayload is finalized with the library.
- Parameters
-
src is a string describing the source of the payload being restored nm is the name of the payload tp is the type of the payload (CALLFIXUP_TYPE, EXECUTABLEPCODE_TYPE, etc.) el is the given XML element
- Returns
- the id of the newly registered payload
The documentation for this class was generated from the following files:
- pcodeinject.hh
- pcodeinject.cc
