added semantics for VMOVDQU

JonathanSalwan · Jan 27, 2017 · 4daaa49 · 4daaa49
1 parent a575307
commit 4daaa49
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 0 deletions.
diff --git a/src/libtriton/arch/x86/x86Semantics.cpp b/src/libtriton/arch/x86/x86Semantics.cpp
@@ -299,6 +299,7 @@ UNPCKHPS                     | sse1       | Unpack and Interleave High Packed Si
 UNPCKLPD                     | sse2       | Unpack and Interleave Low Packed Double-Precision Floating-Point Values
 UNPCKLPS                     | sse1       | Unpack and Interleave Low Packed Single-Precision Floating-Point Values
 VMOVDQA                      | avx        | VEX Move aligned packed integer values
+VMOVDQU                      | avx        | VEX Move unaligned packed integer values
 VPAND                        | avx/avx2   | VEX Logical AND
 VPANDN                       | avx/avx2   | VEX Logical AND NOT
 VPOR                         | avx/avx2   | VEX Logical OR
@@ -613,6 +614,7 @@ namespace triton {
           case ID_INS_UNPCKLPD:       this->unpcklpd_s(inst);     break;
           case ID_INS_UNPCKLPS:       this->unpcklps_s(inst);     break;
           case ID_INS_VMOVDQA:        this->vmovdqa_s(inst);      break;
+          case ID_INS_VMOVDQU:        this->vmovdqu_s(inst);      break;
           case ID_INS_VPAND:          this->vpand_s(inst);        break;
           case ID_INS_VPANDN:         this->vpandn_s(inst);       break;
           case ID_INS_VPOR:           this->vpor_s(inst);         break;
@@ -11722,6 +11724,24 @@ namespace triton {
       }
 
 
+      void x86Semantics::vmovdqu_s(triton::arch::Instruction& inst) {
+        auto& dst = inst.operands[0];
+        auto& src = inst.operands[1];
+
+        /* Create the semantics */
+        auto node = this->symbolicEngine->buildSymbolicOperand(inst, src);
+
+        /* Create symbolic expression */
+        auto expr = this->symbolicEngine->createSymbolicExpression(inst, node, dst, "VMOVDQU operation");
+
+        /* Spread taint */
+        expr->isTainted = this->taintEngine->taintAssignment(dst, src);
+
+        /* Upate the symbolic control flow */
+        this->controlFlow_s(inst);
+      }
+
+
       void x86Semantics::vpand_s(triton::arch::Instruction& inst) {
         auto& dst  = inst.operands[0];
         auto& src1 = inst.operands[1];

diff --git a/src/libtriton/includes/x86Semantics.hpp b/src/libtriton/includes/x86Semantics.hpp
@@ -1181,6 +1181,9 @@ namespace triton {
           //! The VMOVDQA semantics.
           void vmovdqa_s(triton::arch::Instruction& inst);
 
+          //! The VMOVDQU semantics.
+          void vmovdqu_s(triton::arch::Instruction& inst);
+
           //! The VPAND semantics.
           void vpand_s(triton::arch::Instruction& inst);
 

diff --git a/src/samples/ir_test_suite/ir.c b/src/samples/ir_test_suite/ir.c
@@ -30,6 +30,16 @@ void check(void)
   int tab3[4];
   int tab4[4];
 
+  int _utab1[5];
+  int _utab2[5];
+  int _utab3[5];
+  int _utab4[5];
+
+  int* utab1 = (int*)((char*)_utab1 + 1);
+  int* utab2 = (int*)((char*)_utab2 + 1);
+  int* utab3 = (int*)((char*)_utab3 + 1);
+  int* utab4 = (int*)((char*)_utab4 + 1);
+
   init(tab1, tab2, tab3, tab4);
 
   // Check concat symbolic expression
@@ -3536,6 +3546,16 @@ void check(void)
   asm("vpshufd xmm2, xmm3, 0x40");
   asm("vpshufd xmm1, xmm4, 0xff");
   asm("vpshufd xmm3, xmm1, 0xaa");
+
+  init(utab1, utab2, utab3, utab4);
+  asm("vmovdqu xmm1, xmmword ptr [%0]" :: "r"(utab1));
+  asm("vmovdqu xmm2, xmmword ptr [%0]" :: "r"(utab2));
+  asm("vmovdqu xmm3, xmmword ptr [%0]" :: "r"(utab3));
+  asm("vmovdqu xmm4, xmmword ptr [%0]" :: "r"(utab4));
+
+  asm("vpor xmm1, xmm2, xmm3");
+  asm("vpor xmm1, xmm1, xmm2");
+  asm("vpor xmm1, xmm3, xmm4");
 }
 
 int main(){