From 3adb1f29e7f3c6666032a82b3dd33aab629ae5f9 Mon Sep 17 00:00:00 2001 From: GH0st3rs Date: Sat, 10 Nov 2018 14:02:39 +0300 Subject: [PATCH 1/2] Fix bugs with update elftools packages --- plasma/lib/fileformat/elf.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/plasma/lib/fileformat/elf.py b/plasma/lib/fileformat/elf.py index c1de66f..e3661ae 100644 --- a/plasma/lib/fileformat/elf.py +++ b/plasma/lib/fileformat/elf.py @@ -215,9 +215,10 @@ def load_dyn_sym(self): # pyreadelf's assumptions make our own string table fakestrtabheader = { "sh_offset": self.__get_offset(self.dtags["DT_STRTAB"]), + "sh_flags": 2048, } strtab = StringTableSection( - fakestrtabheader, "strtab_plasma", self.elf.stream) + fakestrtabheader, "strtab_plasma", self.elf) # ... # Here in CLE was checked the DT_SONAME @@ -232,7 +233,8 @@ def load_dyn_sym(self): fakesymtabheader = { "sh_offset": self.__get_offset(self.dtags["DT_SYMTAB"]), "sh_entsize": self.dtags["DT_SYMENT"], - "sh_size": 0 + "sh_size": 0, + "sh_flags": 2048, } # bogus size: no iteration allowed # ... @@ -240,8 +242,7 @@ def load_dyn_sym(self): # ... self.dynsym = SymbolTableSection( - fakesymtabheader, "symtab_plasma", self.elf.stream, - self.elf, strtab) + fakesymtabheader, "symtab_plasma", self.elf, strtab) # mips' relocations are absolutely screwed up, handle some of them here. self.__relocate_mips() @@ -276,11 +277,11 @@ def load_dyn_sym(self): "sh_offset": self.__get_offset(reloffset), "sh_type": "SHT_" + rela_type, "sh_entsize": relentsz, - "sh_size": relsz + "sh_size": relsz, + "sh_flags": 2048, } reloc_sec = RelocationSection( - fakerelheader, "reloc_plasma", - self.elf.stream, self.elf) + fakerelheader, "reloc_plasma", self.elf) self.__register_relocs(reloc_sec) # try to parse relocations out of a table of type DT_JMPREL From 808c825f56286ad843b9b7bd06e0db1de0d6f012 Mon Sep 17 00:00:00 2001 From: GH0st3rs Date: Wed, 23 Jan 2019 16:09:40 +0300 Subject: [PATCH 2/2] Add registers to condition output --- plasma/lib/arch/mips/output.py | 27 ++++++++++++++++----------- plasma/lib/arch/mips/process_ast.py | 8 ++++---- 2 files changed, 20 insertions(+), 15 deletions(-) diff --git a/plasma/lib/arch/mips/output.py b/plasma/lib/arch/mips/output.py index c564c02..4b73dcc 100644 --- a/plasma/lib/arch/mips/output.py +++ b/plasma/lib/arch/mips/output.py @@ -26,7 +26,8 @@ MIPS_INS_SUBU, MIPS_INS_BGTZ, MIPS_INS_LH, MIPS_INS_LHU, MIPS_INS_SH, MIPS_INS_SD, MIPS_INS_LD, MIPS_GRP_MIPS64, MIPS_INS_BGEZ, MIPS_INS_BNEZ, MIPS_INS_BEQZ, MIPS_INS_BLEZ, - MIPS_INS_BLTZ, MIPS_REG_ZERO, MIPS_REG_GP, MIPS_INS_NEG) + MIPS_INS_BLTZ, MIPS_REG_ZERO, MIPS_REG_GP, MIPS_INS_NEG, + MIPS_INS_BEQ, MIPS_INS_BNE) from plasma.lib.output import OutputAbs from plasma.lib.arch.mips.utils import (inst_symbol, is_call, is_jump, is_ret, @@ -34,8 +35,7 @@ from capstone.mips import (MIPS_INS_SLT, MIPS_INS_SLTI, MIPS_INS_SLTIU, MIPS_INS_SLTU, MIPS_INS_ANDI, MIPS_INS_OR, MIPS_INS_ORI) -# ASSIGNMENT_OPS = {ARM_INS_EOR, ARM_INS_AND, ARM_INS_ORR} -ASSIGNMENT_OPS = {MIPS_INS_SLT, MIPS_INS_SLTI, MIPS_INS_SLTIU, MIPS_INS_SLTU} +ASSIGNMENT_OPS = {MIPS_INS_SLT, MIPS_INS_SLTI, MIPS_INS_SLTIU, MIPS_INS_SLTU, MIPS_INS_BEQ, MIPS_INS_BNE} LD_TYPE = { MIPS_INS_LH: "halfword", @@ -148,16 +148,18 @@ def _if_cond(self, cond, fused_inst): self._add(" 0") return - assignment = fused_inst.id in ASSIGNMENT_OPS + assignment = fused_inst.id in ASSIGNMENT_OPS or fused_inst.id in COND_ADD_ZERO if assignment: self._add("(") - self._operand(fused_inst, 1) - if cond == MIPS_INS_BNEZ: - self._add(" < ") + self._operand(fused_inst, 0) + self._add(" ") + self._add(cond_symbol(cond)) + if cond in COND_ADD_ZERO: + self._add(" 0") else: - self._add(" >= ") - self._operand(fused_inst, 2) + self._add(" ") + self._operand(fused_inst, 1) self._add(")") def _sub_asm_inst(self, i, tab=0): @@ -265,8 +267,11 @@ def _sub_asm_inst(self, i, tab=0): if i.id == MIPS_INS_LUI: self._operand(i, 0) self._add(" = ") - self._operand(i, 1) - self._add(" << 16") + if str(i.operands[1].value.reg).isdigit: + self._add(" 0x%x" % (i.operands[1].value.reg << 16)) + else: + self._operand(i, 1) + self._add(" << 16") elif i.id == MIPS_INS_MOVE: self._operand(i, 0) diff --git a/plasma/lib/arch/mips/process_ast.py b/plasma/lib/arch/mips/process_ast.py index 5494b4e..2bedfe0 100644 --- a/plasma/lib/arch/mips/process_ast.py +++ b/plasma/lib/arch/mips/process_ast.py @@ -21,18 +21,16 @@ MIPS_INS_LUI, MIPS_OP_REG, MIPS_REG_ZERO, MipsOpValue) from plasma.lib.ast import (Ast_Branch, Ast_Loop, Ast_IfGoto, Ast_Ifelse, - Ast_AndIf) + Ast_AndIf, Ast_If_cond) from plasma.lib.arch.mips.output import ASSIGNMENT_OPS FUSE_OPS = set(ASSIGNMENT_OPS) -# FUSE_OPS.add(ARM_INS_CMP) -# FUSE_OPS.add(ARM_INS_TST) def fuse_inst_with_if(ctx, ast): if isinstance(ast, Ast_Branch): - types_ast = (Ast_Ifelse, Ast_IfGoto, Ast_AndIf) + types_ast = (Ast_Ifelse, Ast_IfGoto, Ast_AndIf, Ast_If_cond) for i, n in enumerate(ast.nodes): if isinstance(n, list): if n[-1].id in FUSE_OPS and i + 1 < len(ast.nodes) \ @@ -43,8 +41,10 @@ def fuse_inst_with_if(ctx, ast): fuse_inst_with_if(ctx, n) elif isinstance(ast, Ast_Ifelse): + ast.fused_inst = ast.jump_inst fuse_inst_with_if(ctx, ast.br_next) fuse_inst_with_if(ctx, ast.br_next_jump) elif isinstance(ast, Ast_Loop): fuse_inst_with_if(ctx, ast.branch) +