Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider xmm* registers in symbolic execution #26

Closed
david942j opened this issue Apr 27, 2018 · 4 comments
Closed

Consider xmm* registers in symbolic execution #26

david942j opened this issue Apr 27, 2018 · 4 comments
Labels
enhancement

Comments

@david942j
Copy link
Owner

david942j commented Apr 27, 2018
edited

in libc-2.27.so on ubuntu 18.04:

   4f2ec:       48 89 44 24 08          mov    QWORD PTR [rsp+0x8],rax
   4f2f1:       0f 16 44 24 08          movhps xmm0,QWORD PTR [rsp+0x8]
   4f2f6:       0f 29 44 24 40          movaps XMMWORD PTR [rsp+0x40],xmm0

This should be considered as equivalent to mov [rsp+0x48], rax
@david942j
Copy link
Owner Author

And need to add a constraint: rsp & 0xf == 0

@david942j david942j removed the bug label Apr 28, 2018
@david942j david942j mentioned this issue Apr 28, 2018
Merged
gudaol pushed a commit to gudaol/one_gadget that referenced this issue Apr 2, 2019
@david942j
Add xmm* instructions and glibc-2.27 builds (david942j#27)
d7426b2 
* Add xmm* instructions: movq/movhps/movaps
* Add two builds - libc 32/64 bits on Ubuntu 18.04
* closed david942j#26
@gsingh93
Copy link

And need to add a constraint: rsp & 0xf == 0

@david942j: Is this supposed to show up in the output? I'm using one_gadget on Ubuntu 18.04 with libc-2.27.so, and it's not telling me the stack needs to be aligned to 16 bytes for XMM instructions.

@david942j
Copy link
Owner Author

No, it's not implemented yet

@gsingh93
Copy link

Ok, I'll create an issue since this one is closed.

@gsingh93 gsingh93 mentioned this issue Jun 21, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gsingh93 @david942j