Skip to content

Commit

Permalink
Make claripy true and false functions (#74)
Browse files Browse the repository at this point in the history 
* Make claripy true and false functions

* Improve lint
  • Loading branch information
@twizmwazin
twizmwazin authored Sep 21, 2024
1 parent d64c7c2 commit 79a24fe
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 12 deletions.
29 changes: 18 additions & 11 deletions angr_platforms/bf/engine_bf.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,8 @@ def resolve_jump(self, state, addr):
state.scratch.jump_table = self._build_jump_table(state)
try:
return state.scratch.jump_table[addr]
except KeyError:
raise ValueError("There is no entry in the jump table at address %d" % addr)
except KeyError as err:
raise ValueError("There is no entry in the jump table at address %d" % addr) from err

#def lift(self, addr=None, clemory=None, insn_bytes=None, size=None, arch=None, **kwargs):

Expand Down Expand Up @@ -96,32 +96,40 @@ def process_successors(self, successors, **kwargs):
# ...except if it IS symbolic. That means we ran off the memory.
# Drop the mic and go home. We're done here.
the_end = state.copy()
successors.add_successor(the_end, state.ip, claripy.true, "Ijk_Exit", add_guard=False, exit_stmt_idx=-1,
exit_ins_addr=state.ip, source=my_block)
successors.add_successor(
the_end,
state.ip,
claripy.true(),
"Ijk_Exit",
add_guard=False,
exit_stmt_idx=-1,
exit_ins_addr=state.ip,
source=my_block
)
break
# Step 1: Decode. If it's a....
if inst == '>':
# Increment ptr
state.regs.ptr = (state.regs.ptr + 1)
state.regs.ptr = state.regs.ptr + 1
elif inst == "<":
state.regs.ptr = (state.regs.ptr - 1)
state.regs.ptr = state.regs.ptr - 1
elif inst == "-":
# Decrement the byte at ptr in memory
# NOTE: We're doing the "wrap-around" variation of BF
oldval = state.memory.load(state.regs.ptr, 1)
newval = (oldval - 1)
newval = oldval - 1
state.memory.store(state.regs.ptr, newval, 1)
elif inst == "+":
# Increment the byte at ptr in memory
oldval = state.memory.load(state.regs.ptr, 1)
newval = (oldval + 1)
newval = oldval + 1
state.memory.store(state.regs.ptr, newval, 1)
elif inst == ".":
# Syscall: write byte at mem to stdout
newstate = state.copy()
newstate.regs.inout = 1 # Set this to 0 to cause a write syscall
newstate.ip = state.ip + 1
successors.add_successor(newstate, newstate.ip, claripy.true, "Ijk_Syscall",
successors.add_successor(newstate, newstate.ip, claripy.true(), "Ijk_Syscall",
add_guard=False, exit_stmt_idx=-1, exit_ins_addr=state.ip, source=my_block)
# Syscalls, even fake ones like this, end a basic block.
break
Expand All @@ -130,7 +138,7 @@ def process_successors(self, successors, **kwargs):
new_state = state.copy()
new_state.regs.inout = 0 # This must be 0 when we do a syscall to get a read!
new_state.ip = state.ip + 1
successors.add_successor(new_state, new_state.ip, claripy.true, "Ijk_Syscall",
successors.add_successor(new_state, new_state.ip, claripy.true(), "Ijk_Syscall",
add_guard=False, exit_stmt_idx=-1, exit_ins_addr=state.ip, source=my_block)
# Syscalls, even fake ones like this, end the basic block
break
Expand Down Expand Up @@ -184,4 +192,3 @@ class UberEngineWithBF(angr.engines.UberEngine, BFMixin):
This is a class that "mixes" together the standard symbolic execution stack and the brainfuck interpreter.
Giving it to angr will do everything we want.
"""
pass
2 changes: 1 addition & 1 deletion angr_platforms/ct64/ct64_engine.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ def execute(self, state, successors):

state.regs._ip += self.LEN
state.memory.store(dest, value)
successors.add_successor(state, state.regs._ip, claripy.true, 'Ijk_Boring')
successors.add_successor(state, state.regs._ip, claripy.true(), 'Ijk_Boring')

def value(self, state):
raise NotImplementedError
Expand Down

0 comments on commit 79a24fe

Please sign in to comment.