本文整理汇总了C++中r_anal_op函数的典型用法代码示例。如果您正苦于以下问题:C++ r_anal_op函数的具体用法?C++ r_anal_op怎么用?C++ r_anal_op使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了r_anal_op函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: emu_step
int emu_step (emu *e, ut8 *buf)
{
int ret;
ut64 addr = r_reg_getv (e->reg, r_reg_get_name (e->reg, R_REG_NAME_PC)); //Check Breakboints here: new return stat for that
if (e->plugin->read) {
if (e->plugin->min_read_sz)
e->plugin->read (e, addr, buf, e->plugin->min_read_sz);
else e->plugin->read (e, addr, buf, sizeof(int));
} else {
if (e->plugin->min_read_sz)
emu_read (e, addr, buf, e->plugin->min_read_sz);
else emu_read (e, addr, buf, sizeof(int));
}
if (e->plugin->deps & EMU_PLUGIN_DEP_ASM) { //only disassemble if it is necessary
r_asm_set_pc (e->a, addr);
if (e->plugin->min_read_sz)
r_asm_disassemble (e->a, e->op, buf, e->plugin->min_read_sz);
else r_asm_disassemble (e->a, e->op, buf, sizeof(int));
}
if (e->plugin->deps & EMU_PLUGIN_DEP_ANAL) { //only analize if it is necessary
if (e->plugin->min_read_sz)
r_anal_op (e->anal, e->anop, addr, buf, e->plugin->min_read_sz);
else r_anal_op (e->anal, e->anop, addr, buf, sizeof(int));
}
ret = e->plugin->step (e, buf);
if (e->plugin->deps & EMU_PLUGIN_DEP_ANAL)
r_anal_op_fini (e->anop);
return ret;
}
开发者ID:condret,项目名称:ramulate,代码行数:34,代码来源:emu.c
示例2: iscallret
static int iscallret(RDebug *dbg, ut64 addr) {
ut8 buf[32];
if (addr == 0LL || addr == UT64_MAX)
return 0;
/* check if region is executable */
/* check if previous instruction is a call */
/* if x86 expect CALL to be 5 byte length */
if (dbg->arch && !strcmp (dbg->arch, "x86")) {
(void)dbg->iob.read_at (dbg->iob.io, addr-5, buf, 5);
if (buf[0] == 0xe8) {
return 1;
}
if (buf[3] == 0xff /* bits 4-5 (from right) of next byte must be 01 */
&& ((buf[4] & 0xf0) == 0xd0 /* Mod is 11 */
|| ((buf[4] & 0xf0) == 0x10 /* Mod is 00 */
&& (buf[4] & 0x06) != 0x04))) { /* R/M not 10x */
return 1;
}
// IMMAMISSINGANYOP
} else {
RAnalOp op;
(void) dbg->iob.read_at (dbg->iob.io, addr-8, buf, 8);
(void) r_anal_op (dbg->anal, &op, addr-8, buf, 8, R_ANAL_OP_MASK_BASIC);
if (op.type == R_ANAL_OP_TYPE_CALL || op.type == R_ANAL_OP_TYPE_UCALL) {
return 1;
}
/* delay slot */
(void) r_anal_op (dbg->anal, &op, addr-4, buf, 4, R_ANAL_OP_MASK_BASIC);
if (op.type == R_ANAL_OP_TYPE_CALL || op.type == R_ANAL_OP_TYPE_UCALL) {
return 1;
}
}
return 0;
}
开发者ID:agatti,项目名称:radare2,代码行数:34,代码来源:fuzzy-all.c
示例3: r_debug_continue_until_optype
/* optimization: avoid so many reads */
R_API int r_debug_continue_until_optype(RDebug *dbg, int type, int over) {
int (*step)(RDebug *d, int n);
int ret, n = 0;
ut64 pc = 0;
RAnalOp op;
ut8 buf[64];
if (r_debug_is_dead (dbg))
return R_FALSE;
if (dbg->anal && dbg->reg) {
const char *pcreg = dbg->reg->name[R_REG_NAME_PC];
step = over? r_debug_step_over: r_debug_step;
for (;;) {
pc = r_debug_reg_get (dbg, pcreg);
dbg->iob.read_at (dbg->iob.io, pc, buf, sizeof (buf));
ret = r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf));
if (ret>0 && op.type&type)
break;
if (!step (dbg, 1)) {
eprintf ("r_debug_step: failed\n");
break;
}
n++;
}
} else eprintf ("Undefined pointer at dbg->anal\n");
return n;
}
开发者ID:josdiaz,项目名称:radare2,代码行数:28,代码来源:debug.c
示例4: analyze
static int analyze(RAnal *anal, RAnalOp *op, ut64 offset, ut8* buf, int len) {
char *bytes, *optype = NULL, *stackop = NULL;
int ret;
ret = r_anal_op (anal, op, offset, buf, len);
if (ret) {
stackop = stackop2str (op->stackop);
optype = optype2str (op->type);
bytes = r_hex_bin2strdup (buf, ret);
printf ("bytes: %s\n", bytes);
printf ("type: %s\n", optype);
if (op->jump != -1LL)
printf ("jump: 0x%08"PFMT64x"\n", op->jump);
if (op->fail != -1LL)
printf ("fail: 0x%08"PFMT64x"\n", op->fail);
//if (op->ref != -1LL)
// printf ("ref: 0x%08"PFMT64x"\n", op->ref);
if (op->val != -1LL)
printf ("value: 0x%08"PFMT64x"\n", op->val);
printf ("stackop: %s\n", stackop);
printf ("esil: %s\n", r_strbuf_get (&op->esil));
printf ("stackptr: %"PFMT64d"\n", op->stackptr);
printf ("decode str: %s\n", r_anal_op_to_string (anal, op));
printf ("--\n");
free (optype);
free (stackop);
free (bytes);
}
return ret;
}
开发者ID:AitorATuin,项目名称:radare2,代码行数:30,代码来源:ranal2.c
示例5: r_core_hack
R_API int r_core_hack(RCore *core, const char *op) {
bool (*hack)(RCore *core, const char *op, const RAnalOp *analop) = NULL;
const char *asmarch = r_config_get (core->config, "asm.arch");
const int asmbits = core->assembler->bits;
if (!asmarch) {
return false;
}
if (strstr (asmarch, "x86")) {
hack = r_core_hack_x86;
} else if (strstr (asmarch, "arm")) {
if (asmbits == 64) {
hack = r_core_hack_arm64;
} else {
hack = r_core_hack_arm;
}
} else {
eprintf ("TODO: write hacks are only for x86\n");
}
if (hack) {
RAnalOp analop;
if (!r_anal_op (core->anal, &analop, core->offset, core->block, core->blocksize, R_ANAL_OP_MASK_ALL)) {
eprintf ("anal op fail\n");
return false;
}
return hack (core, op, &analop);
}
return false;
}
开发者ID:megabug,项目名称:radare2,代码行数:29,代码来源:hack.c
示例6: R_NEW
R_API struct r_anal_refline_t *r_anal_reflines_get(struct r_anal_t *anal,
ut64 addr, ut8 *buf, ut64 len, int nlines, int linesout, int linescall)
{
RAnalRefline *list2, *list = R_NEW (RAnalRefline);
RAnalOp op = {0};
ut8 *ptr = buf;
ut8 *end = buf + len;
ut64 opc = addr;
int sz = 0, index = 0;
INIT_LIST_HEAD (&(list->list));
end -= 8; // XXX Fix some segfaults when r_anal backends are buggy
/* analyze code block */
while (ptr<end) {
if (nlines != -1 && --nlines == 0)
break;
#if 0
if (config.interrupted)
break;
int dt = data_type(config.seek+bsz);
if (dt != DATA_FUN && dt != DATA_CODE) {
ut64 sz = data_size (config.seek+bsz);
if (sz > 0) {
ptr += sz;
bsz += sz;
continue;
}
}
#endif
addr += sz;
// This can segflauta if opcode length and buffer check fails
r_anal_op_fini (&op);
sz = r_anal_op (anal, &op, addr, ptr, (int)(end-ptr));
if (sz > 0) {
/* store data */
switch (op.type) {
case R_ANAL_OP_TYPE_CALL:
if (!linescall)
break;
case R_ANAL_OP_TYPE_CJMP:
case R_ANAL_OP_TYPE_JMP:
if (!linesout && (op.jump > opc+len || op.jump < opc))
goto __next;
if (op.jump == 0LL)
goto __next;
list2 = R_NEW (RAnalRefline);
list2->from = addr;
list2->to = op.jump;
list2->index = index++;
list_add_tail (&(list2->list), &(list->list));
break;
}
} else sz = 1;
__next:
ptr += sz;
}
r_anal_op_fini (&op);
return list;
}
开发者ID:ReverseLab,项目名称:radare2,代码行数:60,代码来源:reflines.c
示例7: r_debug_step_soft
// XXX: very experimental
R_API int r_debug_step_soft(RDebug *dbg) {
int ret;
ut8 buf[32];
RAnalOp op;
ut64 pc0, pc1, pc2;
if (r_debug_is_dead (dbg))
return R_FALSE;
pc0 = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
dbg->iob.read_at (dbg->iob.io, pc0, buf, sizeof (buf));
ret = r_anal_op (dbg->anal, &op, pc0, buf, sizeof (buf));
//eprintf ("read from pc0 = 0x%llx\n", pc0);
pc1 = pc0 + op.length;
//eprintf ("oplen = %d\n", op.length);
//eprintf ("breakpoint at pc1 = 0x%llx\n", pc1);
// XXX: Does not works for 'ret'
pc2 = op.jump? op.jump: 0;
//eprintf ("ADD SECOND BREAKPOINT FRO CALLS %llx\n", op.jump);
//eprintf ("breakpoint 2 at pc2 = 0x%llx\n", pc2);
r_bp_add_sw (dbg->bp, pc1, 4, R_BP_PROT_EXEC);
if (pc2) r_bp_add_sw (dbg->bp, pc2, 4, R_BP_PROT_EXEC);
r_debug_continue (dbg);
//eprintf ("wait\n");
//r_debug_wait (dbg);
//eprintf ("del\n");
r_bp_del (dbg->bp, pc1);
if (pc2) r_bp_del (dbg->bp, pc2);
return ret;
}
开发者ID:josdiaz,项目名称:radare2,代码行数:31,代码来源:debug.c
示例8: r_debug_step_over
R_API int r_debug_step_over(RDebug *dbg, int steps) {
RAnalOp op;
ut8 buf[64];
int ret = -1;
if (r_debug_is_dead (dbg))
return R_FALSE;
if (dbg->h && dbg->h->step_over) {
if (steps<1) steps = 1;
while (steps--)
if (!dbg->h->step_over (dbg))
return R_FALSE;
return R_TRUE;
}
if (dbg->anal && dbg->reg) {
ut64 pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
dbg->iob.read_at (dbg->iob.io, pc, buf, sizeof (buf));
r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf));
if (op.type & R_ANAL_OP_TYPE_CALL
|| op.type & R_ANAL_OP_TYPE_UCALL) {
ut64 bpaddr = pc + op.length;
r_bp_add_sw (dbg->bp, bpaddr, 1, R_BP_PROT_EXEC);
ret = r_debug_continue (dbg);
r_bp_del (dbg->bp, bpaddr);
} else {
ret = r_debug_step (dbg, 1);
}
} else eprintf ("Undefined debugger backend\n");
return ret;
}
开发者ID:josdiaz,项目名称:radare2,代码行数:29,代码来源:debug.c
示例9: r_debug_esil_stepi
R_API int r_debug_esil_stepi (RDebug *d) {
RAnalOp op;
ut8 obuf[64];
int ret = 1;
dbg = d;
if (!ESIL) {
ESIL = r_anal_esil_new (R_TRUE);
// TODO setup something?
}
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
opc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
dbg->iob.read_at (dbg->iob.io, opc, obuf, sizeof (obuf));
//dbg->iob.read_at (dbg->iob.io, npc, buf, sizeof (buf));
//dbg->anal->reg = dbg->reg; // hack
ESIL->cb.hook_mem_read = &esilbreak_mem_read;
ESIL->cb.hook_mem_write = &esilbreak_mem_write;
ESIL->cb.hook_reg_read = &esilbreak_reg_read;
ESIL->cb.hook_reg_write = &esilbreak_reg_write;
if (prestep) {
// required when a exxpression is like <= == ..
// otherwise it will stop at the next instruction
if (r_debug_step (dbg, 1)<1) {
eprintf ("Step failed\n");
return 0;
}
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
// npc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
}
if (r_anal_op (dbg->anal, &op, opc, obuf, sizeof (obuf))) {
if (esilbreak_check_pc (dbg, opc)) {
eprintf ("STOP AT 0x%08"PFMT64x"\n", opc);
ret = 0;
} else {
r_anal_esil_set_pc (ESIL, opc);
eprintf ("0x%08"PFMT64x" %s\n", opc, R_STRBUF_SAFEGET (&op.esil));
(void)r_anal_esil_parse (ESIL, R_STRBUF_SAFEGET (&op.esil));
//r_anal_esil_dumpstack (ESIL);
r_anal_esil_stack_free (ESIL);
ret = 1;
}
}
if (!prestep) {
if (ret && !has_match) {
if (r_debug_step (dbg, 1)<1) {
eprintf ("Step failed\n");
return 0;
}
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
// npc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
}
}
return ret;
}
开发者ID:AitorATuin,项目名称:radare2,代码行数:58,代码来源:esil.c
示例10: r_debug_continue_until_optype
R_API int r_debug_continue_until_optype(RDebug *dbg, int type, int over) {
int ret, n = 0;
ut64 pc, buf_pc = 0;
RAnalOp op;
ut8 buf[DBG_BUF_SIZE];
if (r_debug_is_dead (dbg)) {
return R_FALSE;
}
if (!dbg->anal || !dbg->reg) {
eprintf ("Undefined pointer at dbg->anal\n");
return R_FALSE;
}
r_debug_step (dbg, 1);
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
// Initial refill
buf_pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
dbg->iob.read_at (dbg->iob.io, buf_pc, buf, sizeof (buf));
// step first, we dont want to check current optype
for (;;) {
r_debug_reg_sync (dbg, R_REG_TYPE_GPR, R_FALSE);
pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
// Try to keep the buffer full
if (pc - buf_pc > sizeof (buf)) {
buf_pc = pc;
dbg->iob.read_at (dbg->iob.io, buf_pc, buf, sizeof (buf));
}
// Analyze the opcode
if (!r_anal_op (dbg->anal, &op, pc, buf + (pc - buf_pc), sizeof (buf) - (pc - buf_pc))) {
eprintf ("Decode error at %"PFMT64x"\n", pc);
return R_FALSE;
}
if (op.type == type)
break;
// Step over and repeat
ret = over ?
r_debug_step_over (dbg, 1) :
r_debug_step (dbg, 1);
if (!ret) {
eprintf ("r_debug_step: failed\n");
break;
}
n++;
}
return n;
}
开发者ID:Kakkoroid,项目名称:radare2,代码行数:52,代码来源:debug.c
示例11: prevopsz
static int prevopsz (RCore *core, ut64 addr) {
ut64 target = addr;
ut64 base = target-OPDELTA;
int len, ret, i;
ut8 buf[OPDELTA*2];
RAnalOp op;
r_core_read_at (core, base, buf, sizeof (buf));
for (i=0; i<sizeof (buf); i++) {
ret = r_anal_op (core->anal, &op, base+i,
buf+i, sizeof (buf)-i);
if (!ret) continue;
len = op.size;
r_anal_op_fini (&op); // XXX
if (len<1) continue;
i += len-1;
if (target == base+i+1)
return len;
}
return 4;
}
开发者ID:xuwenbo,项目名称:radare2,代码行数:21,代码来源:visual.c
示例12: __esil_step
static int __esil_step(RDebug *dbg) {
int oplen;
ut8 buf[64];
ut64 pc = 0LL; // getreg("pc")
RAnalOp op;
pc = r_debug_reg_get (dbg, "pc");
/// XXX. hack to trick vaddr issue
//pc = 0x100001478;
memset (buf, 0, sizeof (buf));
dbg->iob.read_at (dbg->iob.io, pc, buf, 64);
eprintf ("READ 0x%08"PFMT64x" %02x %02x %02x\n", pc, buf[0], buf[1], buf[2]);
oplen = r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf));
if (oplen>0) {
if (*R_STRBUF_SAFEGET (&op.esil)) {
eprintf ("ESIL: %s\n", R_STRBUF_SAFEGET (&op.esil));
}
}
eprintf ("TODO: ESIL STEP\n");
return true;
}
开发者ID:gabrielPeart,项目名称:radare2,代码行数:21,代码来源:debug_esil.c
示例13: r_core_hack
R_API int r_core_hack(RCore *core, const char *op) {
int (*hack)(RCore *core, const char *op, const RAnalOp *analop) = NULL;
const char *asmarch = r_config_get (core->config, "asm.arch");
RAnalOp analop;
if (strstr (asmarch, "x86")) {
hack = r_core_hack_x86;
} else if (strstr (asmarch, "arm")) {
hack = r_core_hack_arm;
} else {
eprintf ("TODO: write hacks are only for x86\n");
}
if (hack) {
if (!r_anal_op (core->anal, &analop, core->offset, core->block, core->blocksize)) {
eprintf ("anal op fail\n");
return false;
}
return hack (core, op, &analop);
}
return false;
}
开发者ID:13572293130,项目名称:radare2,代码行数:21,代码来源:hack.c
示例14: prevopsz
static int prevopsz (RCore *core, ut64 addr) {
const int delta = 32;
ut64 target = addr;
ut64 base = target-delta;
int len, ret, i;
ut8 buf[delta*2];
RAnalOp op;
r_core_read_at (core, base, buf, sizeof (buf));
for (i=0; i<sizeof (buf); i++) {
ret = r_anal_op (core->anal, &op, addr+i,
buf+i, sizeof (buf)-i);
if (!ret) continue;
len = op.length;
r_anal_op_fini (&op);
if (len<1) continue;
i += len-1;
if (target == base+i+1)
return len;
}
return 4;
}
开发者ID:BatchDrake,项目名称:radare2,代码行数:22,代码来源:visual.c
示例15: num_callback
static ut64 num_callback(RNum *userptr, const char *str, int *ok) {
RCore *core = (RCore *)userptr; // XXX ?
RAnalFunction *fcn;
char *ptr, *bptr, *out;
RFlagItem *flag;
RIOSection *s;
RAnalOp op;
ut64 ret = 0;
if (ok) *ok = R_FALSE;
switch (*str) {
case '[':
{
ut64 n = 0LL;
int refsz = (core->assembler->bits & R_SYS_BITS_64)? 8: 4;
const char *p = NULL;
if (strlen (str)>5)
p = strchr (str+5, ':');
// TODO: honor LE
if (p) {
refsz = atoi (str+1);
str = p;
}
// push state
{
if (str[0] && str[1]) {
const char *q;
char *o = strdup (str+1);
if (o) {
q = r_num_calc_index (core->num, NULL);
if (q) {
if (r_str_replace_char (o, ']', 0)>0) {
n = r_num_math (core->num, o);
r_num_calc_index (core->num, q);
}
}
free (o);
}
}
}
// pop state
if (ok) *ok = 1;
ut32 num = 0;
switch (refsz) {
case 8:
case 4:
case 2:
case 1:
(void)r_io_read_at (core->io, n, (ut8*)&num, refsz);
r_mem_copyendian ((ut8*)&num, (ut8*)&num, refsz, !core->assembler->big_endian);
return num;
default:
eprintf ("Invalid reference size: %d (%s)\n", refsz, str);
return 0LL;
}
}
break;
case '$':
if (ok) *ok = 1;
// TODO: group analop-dependant vars after a char, so i can filter
r_anal_op (core->anal, &op, core->offset,
core->block, core->blocksize);
switch (str[1]) {
case '.': // can use pc, sp, a0, a1, ...
return r_debug_reg_get (core->dbg, str+2);
case 'k':
if (str[2]!='{') {
eprintf ("Expected '{' after 'k'.\n");
break;
}
bptr = strdup (str+3);
ptr = strchr (bptr, '}');
if (ptr == NULL) {
// invalid json
free (bptr);
break;
}
*ptr = '\0';
ret = 0LL;
out = sdb_querys (core->sdb, NULL, 0, bptr);
if (out && *out) {
if (strstr (out, "$k{")) {
eprintf ("Recursivity is not permitted here\n");
} else {
ret = r_num_math (core->num, out);
}
}
free (bptr);
free (out);
return ret;
break;
case '{':
bptr = strdup (str+2);
ptr = strchr (bptr, '}');
if (ptr != NULL) {
ut64 ret;
ptr[0] = '\0';
ret = r_config_get_i (core->config, bptr);
free (bptr);
return ret;
//.........这里部分代码省略.........
开发者ID:0x2F,项目名称:radare2,代码行数:101,代码来源:core.c
示例16: cmd_seek
//.........这里部分代码省略.........
*p = '\0';
}
cmd[0] = 's';
// perform real seek if provided
r_cmd_call (core->rcmd, cmd);
free (cmd);
}
r_io_sundo_push (core->io, core->offset);
r_core_seek_align (core, off, 0);
break;
case 'b':
if (off == 0)
off = core->offset;
r_io_sundo_push (core->io, core->offset);
r_core_anal_bb_seek (core, off);
break;
case 'f':
if (strlen(input) > 2 && input[1]==' ') {
RAnalFunction *fcn = r_anal_fcn_find_name (core->anal, input+2);
if (fcn) {
r_core_seek (core, fcn->addr, 1);
}
break;
}
RAnalFunction *fcn = r_anal_fcn_find (core->anal, core->offset, 0);
if (fcn) {
r_core_seek (core, fcn->addr+fcn->size, 1);
}
break;
case 'o':
{
RAnalOp op;
int val=0, ret, i, n = r_num_math (core->num, input+1);
if (n==0) n = 1;
if (n<0) {
int ret = prevopsz (core, n);
ret = r_anal_op (core->anal, &op,
core->offset, core->block, core->blocksize);
val += ret;
} else
for (val=i=0; i<n; i++) {
ret = r_anal_op (core->anal, &op,
core->offset, core->block, core->blocksize);
if (ret<1)
break;
r_core_seek_delta (core, ret);
val += ret;
}
core->num->value = val;
}
break;
case 'g':
{
RIOSection *s = r_io_section_vget (core->io, core->offset);
if (s) r_core_seek (core, s->vaddr, 1);
else r_core_seek (core, 0, 1);
}
break;
case 'G':
{
RIOSection *s = r_io_section_vget (core->io, core->offset);
// XXX: this +2 is a hack. must fix gap between sections
if (s) r_core_seek (core, s->vaddr+s->size+2, 1);
else r_core_seek (core, core->file->size, 1);
}
break;
case '?': {
const char * help_message[] = {
"Usage: s", "", " # Seek commands",
"s", "", "Print current address",
"s", " addr", "Seek to address",
"s-", "", "Undo seek",
"s-", " n", "Seek n bytes backward",
"s--", "", "Seek blocksize bytes backward",
"s+", "", "Redo seek",
"s+", " n", "Seek n bytes forward",
"s++", "", "Seek blocksize bytes forward",
"s*", "", "List undo seek history",
"s/", " DATA", "Search for next occurrence of 'DATA'",
"s/x", " 9091", "Search for next occurrence of \\x90\\x91",
"s.", "hexoff", "Seek honoring a base from core->offset",
"sa", " [[+-]a] [asz]", "Seek asz (or bsize) aligned to addr",
"sb", "", "Seek aligned to bb start",
"sC", " string", "Seek to comment matching given string",
"sf", "", "Seek to next function (f->addr+f->size)",
"sf", " function", "Seek to address of specified function",
"sg/sG", "", "Seek begin (sg) or end (sG) of section or file",
"sn/sp", "", "Seek next/prev scr.nkey",
"so", " [N]", "Seek to N next opcode(s)",
"sr", " pc", "Seek to register",
//"sp [page] seek page N (page = block)",
NULL
};
r_core_cmd_help(core, help_message);
}
break;
}
} else r_cons_printf ("0x%"PFMT64x"\n", core->offset);
return 0;
}
开发者ID:KarjamP,项目名称:radare2,代码行数:101,代码来源:cmd_seek.c
示例17: r_debug_continue_kill
R_API int r_debug_continue_kill(RDebug *dbg, int sig) {
ut64 pc;
int retwait, ret = R_FALSE;
if (!dbg)
return R_FALSE;
#if __WINDOWS__
r_cons_break(w32_break_process, dbg);
#endif
repeat:
if (r_debug_is_dead (dbg))
return R_FALSE;
if (dbg->h && dbg->h->cont) {
r_bp_restore (dbg->bp, R_TRUE); // set sw breakpoints
ret = dbg->h->cont (dbg, dbg->pid, dbg->tid, sig);
dbg->reason.signum = 0;
retwait = r_debug_wait (dbg);
#if __WINDOWS__
if (retwait != R_DEBUG_REASON_DEAD) {
ret = dbg->tid;
}
#endif
r_bp_restore (dbg->bp, R_FALSE); // unset sw breakpoints
//r_debug_recoil (dbg);
if (r_debug_recoil (dbg) || (dbg->reason.type == R_DEBUG_REASON_BREAKPOINT)) {
/* check if cur bp demands tracing or not */
pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
RBreakpointItem *b = r_bp_get_at (dbg->bp, pc);
if (b) {
/* check if cur bp demands tracing or not */
if (b->trace) {
eprintf("hit tracepoit at: %"PFMT64x"\n",pc);
} else {
eprintf("hit breakpoint at: %"PFMT64x"\n",pc);
}
if (dbg->trace->enabled)
r_debug_trace_pc (dbg);
// TODO: delegate this to RCore.bphit(RCore, RBreakopintItem)
if (dbg->corebind.core && dbg->corebind.bphit) {
dbg->corebind.bphit (dbg->corebind.core, b);
}
if (b->trace) {
r_debug_step (dbg, 1);
goto repeat;
}
}
}
#if 0
#if __UNIX__
/* XXX Uh? */
if (dbg->stop_all_threads && dbg->pid>0)
r_sandbox_kill (dbg->pid, SIGSTOP);
#endif
#endif
r_debug_select (dbg, dbg->pid, ret);
sig = 0; // clear continuation after signal if needed
if (retwait == R_DEBUG_REASON_SIGNAL && dbg->reason.signum != -1) {
int what = r_debug_signal_what (dbg, dbg->reason.signum);
if (what & R_DBG_SIGNAL_CONT) {
sig = dbg->reason.signum;
eprintf ("Continue into the signal %d handler\n", sig);
goto repeat;
} else if (what & R_DBG_SIGNAL_SKIP) {
// skip signal. requires skipping one instruction
ut8 buf[64];
RAnalOp op = {0};
ut64 pc = r_debug_reg_get (dbg, "pc");
dbg->iob.read_at (dbg->iob.io, pc, buf, sizeof (buf));
r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf));
if (op.size>0) {
const char *signame = r_debug_signal_resolve_i (dbg, dbg->reason.signum);
r_debug_reg_set (dbg, "pc", pc+op.size);
eprintf ("Skip signal %d handler %s\n",
dbg->reason.signum, signame);
goto repeat;
} else {
ut64 pc = r_debug_reg_get (dbg, "pc");
eprintf ("Stalled with an exception at 0x%08"PFMT64x"\n", pc);
}
}
}
}
return ret;
}
开发者ID:Kakkoroid,项目名称:radare2,代码行数:83,代码来源:debug.c
示例18: r_debug_step_over
R_API int r_debug_step_over(RDebug *dbg, int steps) {
RAnalOp op;
ut64 buf_pc, pc;
ut8 buf[DBG_BUF_SIZE];
int i;
if (r_debug_is_dead (dbg))
return R_FALSE;
if (steps < 1)
steps = 1;
if (dbg->h && dbg->h->step_over) {
for (i = 0; i < steps; i++)
if (!dbg->h->step_over (dbg))
return R_FALSE;
return i;
}
if (!dbg->anal || !dbg->reg)
return R_FALSE;
// Initial refill
buf_pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
dbg->iob.read_at (dbg->iob.io, buf_pc, buf, sizeof (buf));
for (i = 0; i < steps; i++) {
pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
// Try to keep the buffer full
if (pc - buf_pc > sizeof (buf)) {
buf_pc = pc;
dbg->iob.read_at (dbg->iob.io, buf_pc, buf, sizeof (buf));
}
// Analyze the opcode
if (!r_anal_op (dbg->anal, &op, pc, buf + (pc - buf_pc), sizeof (buf) - (pc - buf_pc))) {
eprintf ("Decode error at %"PFMT64x"\n", pc);
return R_FALSE;
}
// Skip over all the subroutine calls
if (op.type == R_ANAL_OP_TYPE_CALL ||
op.type == R_ANAL_OP_TYPE_CCALL ||
op.type == R_ANAL_OP_TYPE_UCALL ||
op.type == R_ANAL_OP_TYPE_UCCALL) {
// Use op.fail here instead of pc+op.size to enforce anal backends to fill in this field
if (!r_debug_continue_until (dbg, op.fail)) {
eprintf ("Could not step over call @ 0x%"PFMT64x"\n", pc);
return R_FALSE;
}
} else if ((op.prefix & (R_ANAL_OP_PREFIX_REP | R_ANAL_OP_PREFIX_REPNE | R_ANAL_OP_PREFIX_LOCK))) {
//eprintf ("REP: skip to next instruction...\n");
if (!r_debug_continue_until (dbg, pc+op.size)) {
eprintf ("step over failed over rep\n");
return R_FALSE;
}
} else r_debug_step (dbg, 1);
}
return i;
}
开发者ID:Kakkoroid,项目名称:radare2,代码行数:61,代码来源:debug.c
示例19: r_debug_step_soft
R_API int r_debug_step_soft(RDebug *dbg) {
ut8 buf[32];
ut64 pc, sp;
ut64 next[2];
RAnalOp op;
int br, i, ret;
union {
ut64 r64;
ut32 r32[2];
} sp_top;
if (r_debug_is_dead (dbg))
return R_FALSE;
pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
sp = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_SP]);
if (dbg->iob.read_at) {
if (dbg->iob.read_at (dbg->iob.io, pc, buf, sizeof (buf)) < 0)
return R_FALSE;
} else return R_FALSE;
if (!r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf)))
return R_FALSE;
if (op.type == R_ANAL_OP_TYPE_ILL)
return R_FALSE;
switch (op.type) {
case R_ANAL_OP_TYPE_RET:
dbg->iob.read_at (dbg->iob.io, sp, (ut8 *)&sp_top, 8);
next[0] = (dbg->bits == R_SYS_BITS_32) ? sp_top.r32[0] : sp_top.r64;
br = 1;
break;
case R_ANAL_OP_TYPE_CJMP:
case R_ANAL_OP_TYPE_CCALL:
next[0] = op.jump;
next[1] = op.fail;
br = 2;
break;
case R_ANAL_OP_TYPE_CALL:
case R_ANAL_OP_TYPE_JMP:
next[0] = op.jump;
br = 1;
break;
default:
next[0] = op.addr + op.size;
br = 1;
break;
}
for (i = 0; i < br; i++)
r_bp_add_sw (dbg->bp, next[i], dbg->bpsize, R_BP_PROT_EXEC);
ret = r_debug_continue (dbg);
for (i = 0; i < br; i++)
r_bp_del (dbg->bp, next[i]);
return ret;
}
开发者ID:Kakkoroid,项目名称:radare2,代码行数:64,代码来源:debug.c
示例20: r_anal_bb
R_API int r_anal_bb(RAnal *anal, RAnalBlock *bb, ut64 addr, ut8 *buf, ut64 len, int head) {
RAnalOp *op = NULL;
int oplen, idx = 0;
if (bb->addr == -1) {
bb->addr = addr;
}
len -= 16; // XXX: hack to avoid segfault by x86im
while (idx < len) {
// TODO: too slow object construction
if (!(op = r_anal_op_new ())) {
eprintf ("Error: new (op)\n");
return R_ANAL_RET_ERROR;
}
if ((oplen = r_anal_op (anal, op, addr + idx, buf + idx, len - idx)) == 0) {
r_anal_op_free (op);
op = NULL;
if (idx == 0) {
VERBOSE_ANAL eprintf ("Unknown opcode at 0x%08"PFMT64x"\n", addr+idx);
return R_ANAL_RET_END;
}
break;
}
if (oplen < 1) {
return R_ANAL_RET_END;
}
r_anal_bb_set_offset (bb, bb->ninstr, addr + idx - bb->addr);
idx += oplen;
bb->size += oplen;
bb->ninstr++;
#if R_ANAL_BB_HAS_OPS
r_list_append (bb->ops, op);
#endif
if (head) {
bb->type = R_ANAL_BB_TYPE_HEAD;
}
switch (op->type) {
case R_ANAL_OP_TYPE_CMP:
r_anal_cond_free (bb->cond);
bb->cond = r_anal_cond_new_from_op (op);
break;
case R_ANAL_OP_TYPE_CJMP:
if (bb->cond) {
// TODO: get values from anal backend
bb->cond->type = R_ANAL_COND_EQ;
} else VERBOSE_ANAL eprintf ("Unknown conditional for block 0x%"PFMT64x"\n", bb->addr);
bb->conditional = 1;
bb->fail = op->fail;
bb->jump = op->jump;
bb->type |= R_ANAL_BB_TYPE_BODY;
goto beach;
case R_ANAL_OP_TYPE_JMP:
bb->jump = op->jump;
bb->type |= R_ANAL_BB_TYPE_BODY;
goto beach;
case R_ANAL_OP_TYPE_UJMP:
bb->type |= R_ANAL_BB_TYPE_FOOT;
goto beach;
case R_ANAL_OP_TYPE_RET:
bb->type |= R_ANAL_BB_TYPE_LAST;
goto beach;
case R_ANAL_OP_TYPE_LEA:
{
RAnalValue *src = op->src[0];
if (src && src->reg && anal->reg) {
const char *pc = anal->reg->name[R_REG_NAME_PC];
RAnalValue *dst = op->dst;
if (dst && dst->reg && !strcmp (src->reg->name, pc)) {
int memref = anal->bits/8;
ut8 b[8];
ut64 ptr = idx+addr+src->delta;
anal->iob.read_at (anal->iob.io, ptr, b, memref);
r_anal_ref_add (anal, ptr, addr+idx-op->size, 'd');
}
}
}
}
r_anal_op_free (op);
}
return bb->size;
beach:
r_anal_op_free (op);
return R_ANAL_RET_END;
}
开发者ID:adelashraf,项目名称:radare2,代码行数:86,代码来源:bb.c
注:本文中的r_anal_op函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论