add property support

add dylib support add arguments and return type of method support fix the speed of disasm and so on ...
lcyfrank · Mar 8, 2019 · 96156a9 · 96156a9
1 parent 37dba5f
commit 96156a9
Show file tree

Hide file tree

Showing 17 changed files with 1,313 additions and 346 deletions.
diff --git a/cfg_generator.py b/cfg_generator.py
@@ -1,7 +1,7 @@
 from models.inner_instruction import *
 from models.cfg import *
 
-def generate_cfg_block(block, info_provider, class_name, method_name, recursive=False):
+def generate_cfg_block(block, info_provider, class_name, method_name, recursive=False, name_prefix=''):
 
     cfg_blocks = []
     cfg_block = None
@@ -11,11 +11,11 @@ def generate_cfg_block(block, info_provider, class_name, method_name, recursive=
     for i in range((len(block.instructions))):
         instruction = block.instructions[i]
         if cfg_block is None:
-            cfg_block = CFGBlock(hex(instruction.address))
+            cfg_block = CFGBlock(name_prefix + hex(instruction.address))
             if len(wait_for_follow) > 0:
                 for fol_block in wait_for_follow:
                     # print(fol_block.name, end=' ')
-                    fol_block.goto_block(cfg_block.name)
+                    fol_block.goto_block(cfg_block.name, label='return')
                 # print('')
                 wait_for_follow = []
 
@@ -28,16 +28,21 @@ def generate_cfg_block(block, info_provider, class_name, method_name, recursive=
                 if recursive and basic_info != class_name and imp_name != method_name:  # 如果需要更进一步解析（防止递归）
                     recursive_function = info_provider(basic_info, imp_name)
                     if recursive_function is not None:
-                        recursive_cfg = generate_cfg(recursive_function, info_provider, True)
+                        recursive_cfg = generate_cfg(recursive_function, info_provider, True, hex(instruction.address))
                         # cfg_block.add_node(recursive_cfg)
-                        cfg_block.goto_block(recursive_cfg.entry.name)  # 该块进入调用的函数
+                        # recursive_cfg.entry.name = hex(instruction.address) + recursive_cfg.entry.name
+                        call_label = imp_name + '()'
+                        cfg_block.goto_block(recursive_cfg.entry.name, label=call_label)  # 该块进入调用的函数
                         cfg_blocks.append(cfg_block)
 
                         for rec_block in recursive_cfg.all_blocks:  # 将深入的函数的块都加到当前 CFG 中
+                            # rec_block.name = hex(instruction.address) + rec_block.name
                             cfg_blocks.append(rec_block)
                             if rec_block.out:
                                 rec_block.out = False  # 对于当前函数来说，这个块不是出口块
                                 wait_for_follow.append(rec_block)
+                            # for i in range(len(rec_block.follow_blocks)):
+                            #     rec_block.follow_blocks[i] = hex(instruction.address) + rec_block.follow_blocks[i]
 
                         cfg_block = None
                         # cfg_block.add_node(recursive_cfg)
@@ -53,23 +58,31 @@ def generate_cfg_block(block, info_provider, class_name, method_name, recursive=
                             oc_block_cfg = generate_cfg(oc_block_imp, info_provider, True)
                             cfg_node.oc_blocks.append(oc_block_cfg)
             else:
-                if recursive and basic_info != class_name and imp_name != method_name:
+                # print(basic_info, imp_name)
+                if recursive and (basic_info != class_name or imp_name != method_name):
+                    # print(basic_info, imp_name)
+
                     # print('find recursive method')
                     # print(basic_info, imp_name)
                     recursive_method = info_provider(basic_info, imp_name)
                     if recursive_method is not None:
                         # print('find it')
-                        recursive_cfg = generate_cfg(recursive_method, info_provider, True)
-                        cfg_block.goto_block(recursive_cfg.entry.name)
+                        recursive_cfg = generate_cfg(recursive_method, info_provider, True, hex(instruction.address))
+                        # recursive_cfg.entry.name = hex(instruction.address) + recursive_cfg.entry.name
+                        call_label = '[' + basic_info + ': ' + imp_name + ']'
+                        cfg_block.goto_block(recursive_cfg.entry.name, label=call_label)
                         cfg_blocks.append(cfg_block)
 
                         for rec_block in recursive_cfg.all_blocks:
                             # print(rec_block.name, end=' ')
-
+                            # rec_block.name = hex(instruction.address) + rec_block.name
                             cfg_blocks.append(rec_block)
                             if rec_block.out:
                                 rec_block.out = False
                                 wait_for_follow.append(rec_block)
+                            # for i in range(len(rec_block.follow_blocks)):
+                            #     rec_block.follow_blocks[i] = hex(instruction.address) + rec_block.follow_blocks[i]
+
                         # print('')
                         cfg_block = None
                         continue
@@ -91,7 +104,7 @@ def generate_cfg_block(block, info_provider, class_name, method_name, recursive=
     return cfg_blocks
 
 
-def generate_cfg(method, info_provider, recursive=False):
+def generate_cfg(method, info_provider, recursive=False, name_prefix=''):
     # print('Current generate CFG of method: %s in class: %s' % (method.method_name, method.class_name))
 
     wait_blocks_queue = []
@@ -106,7 +119,7 @@ def generate_cfg(method, info_provider, recursive=False):
         wait_blocks_queue = wait_blocks_queue[1:]
 
         cfg_blocks = generate_cfg_block(block, info_provider, method.class_name,
-                                       method.method_name, recursive)
+                                        method.method_name, recursive, name_prefix)
         if block.is_return:
             cfg_blocks[-1].out = True
 
@@ -118,14 +131,16 @@ def generate_cfg(method, info_provider, recursive=False):
 
         if not block.is_return:  # 含有 ret 的基本块应该肯定不会有 followed 的块
             if block.jump_to_block is not None and block.jump_to_block in method.all_blocks:
-                cfg_blocks[-1].goto_block(block.jump_to_block)
-                if (cfg.get_block(block.jump_to_block) is None and
+
+                cfg_blocks[-1].goto_block(name_prefix + block.jump_to_block)
+                if (cfg.get_block(name_prefix + block.jump_to_block) is None and
                     method.all_blocks[block.jump_to_block] not in wait_blocks_queue):
                     wait_blocks_queue.append(method.all_blocks[block.jump_to_block])
 
-            if block.jump_condition and block.next_block is not None:
-                cfg_blocks[-1].goto_block(block.next_block)
-                if (cfg.get_block(block.next_block) is None and
+            if ((block.jump_condition and block.next_block is not None) or
+                (block.jump_to_block is None and block.next_block is not None)):
+                cfg_blocks[-1].goto_block(name_prefix + block.next_block)
+                if (cfg.get_block(name_prefix + block.next_block) is None and
                     method.all_blocks[block.next_block] not in wait_blocks_queue):
                     wait_blocks_queue.append(method.all_blocks[block.next_block])
     return cfg

diff --git a/checker/__init__.py b/checker/__init__.py
diff --git a/checker/hotfix_checker.py b/checker/hotfix_checker.py
diff --git a/checker/paste_checker.py b/checker/paste_checker.py