Feature MemStruct

[fmonjalet]

This PR introduces an API to easily interact with C structures in miasm's sandbox.

The example/jitter/memstruct.py example file may be the best introduction to this feature. As a spoiler, here is how a linked list can be represented with this API (extracted from the aforementioned file):

class ListNode(MemStruct):
    fields = [
        # The "<I" is the struct-like format of the pointer in memory, in this
        # case a Little Endian 32 bits unsigned int
        # One way to handle reference to ListNode in ListNode is to use the
        # special marker MemSelf.
        # You could also set or modify ListNode.fields after the class
        # declaration and call ListNode.gen_fields()
        ("next", Ptr("<I", MemSelf)),
        # Ptr(_, MemVoid) is analogous to void*, MemVoid is just an empty
        # MemStruct type
        ("data", Ptr("<I", MemVoid)),
    ]

class LinkedList(MemStruct):
    fields = [
        ("head", Ptr("<I", ListNode)),
        ("tail", Ptr("<I", ListNode)),
        # Num can take any one-field struct-like format, including floats and
        # doubles
        ("size", Num("<I")),
    ]

# [...]

link = LinkedList(jitter.vm, some_addr)
link.deref_head.data = other_addr
link.size += 1
# etc

Lots of FIXME/TODO are left there for now and lots of choices can be discussed, please tell me what you think!

-- Florent

[commial]

It seems that memstruct are more related to miasm2.core, as DiGraph than analysis module, such as miasm2.analysis.depgraph.

[fmonjalet]

I agree, if it is ok with @serpilliere too, I will move it.

[fmonjalet]

Ready to merge for me, as soon as tests pass.

[serpilliere]

Hey, Santa Claus brought another heavy gift! 🎅
Thanks for the feature: It will be very useful to rewrite cleaner Windows structures!