lazymio/unicorn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Format code

Browse Source
This commit is contained in:
lazymio
2023-08-06 21:53:42 +08:00
parent 30bc08611b
commit 6801e156aa
6 changed files with 52 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/uc_priv.h
View File

@@ -80,7 +80,7 @@ typedef bool (*uc_write_mem_t)(AddressSpace *as, hwaddr addr,
typedef bool (*uc_read_mem_t)(AddressSpace *as, hwaddr addr, uint8_t *buf, typedef bool (*uc_read_mem_t)(AddressSpace *as, hwaddr addr, uint8_t *buf,
int len); int len);
typedef MemoryRegion* (*uc_mem_cow_t)(struct uc_struct *uc, typedef MemoryRegion *(*uc_mem_cow_t)(struct uc_struct *uc,
MemoryRegion *current, hwaddr begin, MemoryRegion *current, hwaddr begin,
size_t size); size_t size);

5
include/unicorn/unicorn.h
View File

@@ -65,7 +65,7 @@ typedef size_t uc_hook;
#define UNICORN_DEPRECATED __declspec(deprecated) #define UNICORN_DEPRECATED __declspec(deprecated)
#else #else
#pragma message( \ #pragma message( \
"WARNING: You need to implement UNICORN_DEPRECATED for this compiler") "WARNING: You need to implement UNICORN_DEPRECATED for this compiler")
#define UNICORN_DEPRECATED #define UNICORN_DEPRECATED
#endif #endif
@@ -665,7 +665,8 @@ See sample_ctl.c for a detailed example.
uc_ctl(uc, UC_CTL_READ(UC_CTL_TCG_BUFFER_SIZE, 1), (size)) uc_ctl(uc, UC_CTL_READ(UC_CTL_TCG_BUFFER_SIZE, 1), (size))
#define uc_ctl_set_tcg_buffer_size(uc, size) \ #define uc_ctl_set_tcg_buffer_size(uc, size) \
uc_ctl(uc, UC_CTL_WRITE(UC_CTL_TCG_BUFFER_SIZE, 1), (size)) uc_ctl(uc, UC_CTL_WRITE(UC_CTL_TCG_BUFFER_SIZE, 1), (size))
#define uc_ctl_context_mode(uc, mode) uc_ctl(uc, UC_CTL_WRITE(UC_CTL_CONTEXT_MODE, 1), (mode)) #define uc_ctl_context_mode(uc, mode) \
uc_ctl(uc, UC_CTL_WRITE(UC_CTL_CONTEXT_MODE, 1), (mode))
// Opaque storage for CPU context, used with uc_context_*() // Opaque storage for CPU context, used with uc_context_*()
struct uc_context; struct uc_context;

4
tests/unit/test_ctl.c
View File

@@ -395,7 +395,9 @@ static void test_noexec(void)
OK(uc_ctl_tlb_mode(uc, UC_TLB_VIRTUAL)); OK(uc_ctl_tlb_mode(uc, UC_TLB_VIRTUAL));
OK(uc_mem_protect(uc, code_start, code_start + 0x1000, UC_PROT_EXEC)); OK(uc_mem_protect(uc, code_start, code_start + 0x1000, UC_PROT_EXEC));
uc_assert_err(UC_ERR_READ_PROT, uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0)); uc_assert_err(
UC_ERR_READ_PROT,
uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
OK(uc_close(uc)); OK(uc_close(uc));
} }

14
tests/unit/test_mem.c
View File

@@ -302,13 +302,13 @@ static void test_snapshot(void)
OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem))); OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem)));
TEST_CHECK(mem == 2); TEST_CHECK(mem == 2);
OK(uc_context_restore(uc, c1)); OK(uc_context_restore(uc, c1));
//TODO check mem // TODO check mem
OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem))); OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem)));
TEST_CHECK(mem == 1); TEST_CHECK(mem == 1);
OK(uc_context_restore(uc, c0)); OK(uc_context_restore(uc, c0));
OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem))); OK(uc_mem_read(uc, 0x2020, &mem, sizeof(mem)));
TEST_CHECK(mem == 0); TEST_CHECK(mem == 0);
//TODO check mem // TODO check mem
OK(uc_context_free(c0)); OK(uc_context_free(c0));
OK(uc_context_free(c1)); OK(uc_context_free(c1));
@@ -322,7 +322,7 @@ static void test_context_snapshot(void)
uint64_t tmp = 1; uint64_t tmp = 1;
OK(uc_open(UC_ARCH_X86, UC_MODE_64, &uc)); OK(uc_open(UC_ARCH_X86, UC_MODE_64, &uc));
OK(uc_ctl_context_mode(uc, UC_CTL_CONTEXT_MEMORY|UC_CTL_CONTEXT_CPU)); OK(uc_ctl_context_mode(uc, UC_CTL_CONTEXT_MEMORY | UC_CTL_CONTEXT_CPU));
OK(uc_mem_map(uc, 0x1000, 0x1000, UC_PROT_ALL)); OK(uc_mem_map(uc, 0x1000, 0x1000, UC_PROT_ALL));
OK(uc_context_alloc(uc, &ctx)); OK(uc_context_alloc(uc, &ctx));
OK(uc_context_save(uc, ctx)); OK(uc_context_save(uc, ctx));
@@ -353,7 +353,7 @@ static void test_snapshot_unmap(void)
uint64_t tmp; uint64_t tmp;
OK(uc_open(UC_ARCH_X86, UC_MODE_64, &uc)); OK(uc_open(UC_ARCH_X86, UC_MODE_64, &uc));
OK(uc_ctl_context_mode(uc, UC_CTL_CONTEXT_MEMORY|UC_CTL_CONTEXT_CPU)); OK(uc_ctl_context_mode(uc, UC_CTL_CONTEXT_MEMORY | UC_CTL_CONTEXT_CPU));
OK(uc_mem_map(uc, 0x1000, 0x2000, UC_PROT_ALL)); OK(uc_mem_map(uc, 0x1000, 0x2000, UC_PROT_ALL));
tmp = 1; tmp = 1;
@@ -366,8 +366,10 @@ static void test_snapshot_unmap(void)
uc_assert_err(UC_ERR_ARG, uc_mem_unmap(uc, 0x1000, 0x1000)); uc_assert_err(UC_ERR_ARG, uc_mem_unmap(uc, 0x1000, 0x1000));
OK(uc_mem_unmap(uc, 0x1000, 0x2000)); OK(uc_mem_unmap(uc, 0x1000, 0x2000));
uc_assert_err(UC_ERR_READ_UNMAPPED, uc_mem_read(uc, 0x1000, &tmp, sizeof(tmp))); uc_assert_err(UC_ERR_READ_UNMAPPED,
uc_assert_err(UC_ERR_READ_UNMAPPED, uc_mem_read(uc, 0x2000, &tmp, sizeof(tmp))); uc_mem_read(uc, 0x1000, &tmp, sizeof(tmp)));
uc_assert_err(UC_ERR_READ_UNMAPPED,
uc_mem_read(uc, 0x2000, &tmp, sizeof(tmp)));
OK(uc_context_restore(uc, ctx)); OK(uc_context_restore(uc, ctx));
OK(uc_mem_read(uc, 0x1000, &tmp, sizeof(tmp))); OK(uc_mem_read(uc, 0x1000, &tmp, sizeof(tmp)));

41
tests/unit/test_x86.c
View File

@@ -1438,7 +1438,8 @@ static void test_x86_segmentation()
uc_assert_err(UC_ERR_EXCEPTION, uc_reg_write(uc, UC_X86_REG_FS, &fs)); uc_assert_err(UC_ERR_EXCEPTION, uc_reg_write(uc, UC_X86_REG_FS, &fs));
} }
static void test_x86_0xff_lcall_callback(uc_engine *uc, uint64_t address, uint32_t size, void *user_data) static void test_x86_0xff_lcall_callback(uc_engine *uc, uint64_t address,
uint32_t size, void *user_data)
{ {
// do nothing // do nothing
return; return;
@@ -1447,9 +1448,11 @@ static void test_x86_0xff_lcall_callback(uc_engine *uc, uint64_t address, uint32
// This aborts prior to a7a5d187e77f7853755eff4768658daf8095c3b7 // This aborts prior to a7a5d187e77f7853755eff4768658daf8095c3b7
static void test_x86_0xff_lcall() static void test_x86_0xff_lcall()
{ {
uc_engine* uc; uc_engine *uc;
uc_hook hk; uc_hook hk;
const char code[] = "\xB8\x01\x00\x00\x00\xBB\x01\x00\x00\x00\xB9\x01\x00\x00\x00\xFF\xDD\xBA\x01\x00\x00\x00\xB8\x02\x00\x00\x00\xBB\x02\x00\x00\x00"; const char code[] =
"\xB8\x01\x00\x00\x00\xBB\x01\x00\x00\x00\xB9\x01\x00\x00\x00\xFF\xDD"
"\xBA\x01\x00\x00\x00\xB8\x02\x00\x00\x00\xBB\x02\x00\x00\x00";
// Taken from #1842 // Taken from #1842
// 0: b8 01 00 00 00 mov eax,0x1 // 0: b8 01 00 00 00 mov eax,0x1
// 5: bb 01 00 00 00 mov ebx,0x1 // 5: bb 01 00 00 00 mov ebx,0x1
@@ -1461,18 +1464,19 @@ static void test_x86_0xff_lcall()
uc_common_setup(&uc, UC_ARCH_X86, UC_MODE_32, code, sizeof(code) - 1); uc_common_setup(&uc, UC_ARCH_X86, UC_MODE_32, code, sizeof(code) - 1);
OK(uc_hook_add(uc, &hk, UC_HOOK_CODE, test_x86_0xff_lcall_callback, NULL, 1, 0)); OK(uc_hook_add(uc, &hk, UC_HOOK_CODE, test_x86_0xff_lcall_callback, NULL, 1,
0));
uc_assert_err(UC_ERR_INSN_INVALID, uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0)); uc_assert_err(
UC_ERR_INSN_INVALID,
uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
OK(uc_close(uc)); OK(uc_close(uc));
} }
static bool test_x86_64_not_overwriting_tmp0_for_pc_update_cb(
static bool uc_engine *uc, uc_mem_type type, uint64_t address, int size, uint64_t value,
test_x86_64_not_overwriting_tmp0_for_pc_update_cb(uc_engine *uc, uc_mem_type type, void *user_data)
uint64_t address, int size,
uint64_t value, void *user_data)
{ {
return true; return true;
} }
@@ -1481,20 +1485,24 @@ test_x86_64_not_overwriting_tmp0_for_pc_update_cb(uc_engine *uc, uc_mem_type typ
// https://github.com/unicorn-engine/unicorn/issues/1862 // https://github.com/unicorn-engine/unicorn/issues/1862
static void test_x86_64_not_overwriting_tmp0_for_pc_update() static void test_x86_64_not_overwriting_tmp0_for_pc_update()
{ {
uc_engine* uc; uc_engine *uc;
uc_hook hk; uc_hook hk;
const char code[] = "\x48\xb9\xff\xff\xff\xff\xff\xff\xff\xff\x48\x89\x0c\x24\x48\xd3\x24\x24\x73\x0a"; const char code[] = "\x48\xb9\xff\xff\xff\xff\xff\xff\xff\xff\x48\x89\x0c"
"\x24\x48\xd3\x24\x24\x73\x0a";
uint64_t rsp, pc, eflags; uint64_t rsp, pc, eflags;
// 0x1000: movabs rcx, 0xffffffffffffffff // 0x1000: movabs rcx, 0xffffffffffffffff
// 0x100a: mov qword ptr [rsp], rcx // 0x100a: mov qword ptr [rsp], rcx
// 0x100e: shl qword ptr [rsp], cl ; (Shift to CF=1) // 0x100e: shl qword ptr [rsp], cl ; (Shift to CF=1)
// 0x1012: jae 0xd ; this jump should not be taken! (CF=1 but jae expects CF=0) // 0x1012: jae 0xd ; this jump should not be taken! (CF=1 but jae
// expects CF=0)
uc_common_setup(&uc, UC_ARCH_X86, UC_MODE_64, code, sizeof(code) - 1); uc_common_setup(&uc, UC_ARCH_X86, UC_MODE_64, code, sizeof(code) - 1);
OK(uc_hook_add(uc, &hk, UC_HOOK_MEM_READ | UC_HOOK_MEM_WRITE, test_x86_64_not_overwriting_tmp0_for_pc_update_cb, NULL, 1, 0)); OK(uc_hook_add(uc, &hk, UC_HOOK_MEM_READ | UC_HOOK_MEM_WRITE,
test_x86_64_not_overwriting_tmp0_for_pc_update_cb, NULL, 1,
0));
rsp = 0x2000; rsp = 0x2000;
OK(uc_reg_write(uc, UC_X86_REG_RSP, (void*)&rsp)); OK(uc_reg_write(uc, UC_X86_REG_RSP, (void *)&rsp));
OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 4)); OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 4));
OK(uc_reg_read(uc, UC_X86_REG_RIP, &pc)); OK(uc_reg_read(uc, UC_X86_REG_RIP, &pc));
OK(uc_reg_read(uc, UC_X86_REG_EFLAGS, &eflags)); OK(uc_reg_read(uc, UC_X86_REG_EFLAGS, &eflags));
@@ -1552,5 +1560,6 @@ TEST_LIST = {
{"test_x86_vtlb", test_x86_vtlb}, {"test_x86_vtlb", test_x86_vtlb},
{"test_x86_segmentation", test_x86_segmentation}, {"test_x86_segmentation", test_x86_segmentation},
{"test_x86_0xff_lcall", test_x86_0xff_lcall}, {"test_x86_0xff_lcall", test_x86_0xff_lcall},
{"test_x86_64_not_overwriting_tmp0_for_pc_update", test_x86_64_not_overwriting_tmp0_for_pc_update}, {"test_x86_64_not_overwriting_tmp0_for_pc_update",
test_x86_64_not_overwriting_tmp0_for_pc_update},
{NULL, NULL}}; {NULL, NULL}};

20
uc.c
View File

@@ -260,7 +260,7 @@ static uc_err uc_init_engine(uc_engine *uc)
uc->context_content = UC_CTL_CONTEXT_CPU; uc->context_content = UC_CTL_CONTEXT_CPU;
uc->unmapped_regions = g_array_new(false, false, sizeof(MemoryRegion*)); uc->unmapped_regions = g_array_new(false, false, sizeof(MemoryRegion *));
uc->init_done = true; uc->init_done = true;
@@ -687,7 +687,8 @@ uc_err uc_reg_write2(uc_engine *uc, int regid, const void *value, size_t *size)
return UC_ERR_OK; return UC_ERR_OK;
} }
static size_t memory_region_len(uc_engine *uc, MemoryRegion *mr, uint64_t address, size_t count) static size_t memory_region_len(uc_engine *uc, MemoryRegion *mr,
uint64_t address, size_t count)
{ {
hwaddr end = mr->end; hwaddr end = mr->end;
while (mr->container != uc->system_memory) { while (mr->container != uc->system_memory) {
@@ -703,7 +704,6 @@ static bool check_mem_area(uc_engine *uc, uint64_t address, size_t size)
{ {
size_t count = 0, len; size_t count = 0, len;
while (count < size) { while (count < size) {
MemoryRegion *mr = uc->memory_mapping(uc, address); MemoryRegion *mr = uc->memory_mapping(uc, address);
if (mr) { if (mr) {
@@ -1534,8 +1534,8 @@ uc_err uc_mem_protect(struct uc_struct *uc, uint64_t address, size_t size,
} }
// check that user's entire requested block is mapped // check that user's entire requested block is mapped
//TODO check if protected is possible // TODO check if protected is possible
//deny after cow // deny after cow
if (!check_mem_area(uc, address, size)) { if (!check_mem_area(uc, address, size)) {
return UC_ERR_NOMEM; return UC_ERR_NOMEM;
} }
@@ -1587,8 +1587,8 @@ uc_err uc_mem_protect(struct uc_struct *uc, uint64_t address, size_t size,
return UC_ERR_OK; return UC_ERR_OK;
} }
static static uc_err uc_mem_unmap_snapshot(struct uc_struct *uc, uint64_t address,
uc_err uc_mem_unmap_snapshot(struct uc_struct *uc, uint64_t address, size_t size, MemoryRegion **ret) size_t size, MemoryRegion **ret)
{ {
MemoryRegion *mr; MemoryRegion *mr;
@@ -2684,7 +2684,9 @@ static uc_err uc_restore_latest_snapshot(struct uc_struct *uc)
MemoryRegion *subregion, *subregion_next, *mr, *initial_mr; MemoryRegion *subregion, *subregion_next, *mr, *initial_mr;
int level; int level;
QTAILQ_FOREACH_SAFE(subregion, &uc->system_memory->subregions, subregions_link, subregion_next) { QTAILQ_FOREACH_SAFE(subregion, &uc->system_memory->subregions,
subregions_link, subregion_next)
{
uc->memory_filter_subregions(subregion, uc->snapshot_level); uc->memory_filter_subregions(subregion, uc->snapshot_level);
if (QTAILQ_EMPTY(&subregion->subregions)) { if (QTAILQ_EMPTY(&subregion->subregions)) {
uc->memory_unmap(uc, subregion); uc->memory_unmap(uc, subregion);
@@ -2714,7 +2716,7 @@ static uc_err uc_restore_latest_snapshot(struct uc_struct *uc)
uc->memory_unmap(uc, subregion); uc->memory_unmap(uc, subregion);
} }
mem_map(uc, initial_mr); mem_map(uc, initial_mr);
g_array_remove_range(uc->unmapped_regions, i, 1); g_array_remove_range(uc->unmapped_regions, i, 1);
} }
uc->snapshot_level--; uc->snapshot_level--;
return UC_ERR_OK; return UC_ERR_OK;