Skip to content

Commit

Permalink
Rename ir -> lifter
Browse files Browse the repository at this point in the history
  • Loading branch information
@serpilliere
serpilliere committed Dec 24, 2020
1 parent 15e4927 commit 19e2aad
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 45 deletions.
14 changes: 7 additions & 7 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,15 +111,15 @@ ADD R2, R8, R0

Create an intermediate representation object:
```pycon
>>> ira = machine.ira(loc_db)
>>> lifter = machine.lifter_model_call(loc_db)
```
Create an empty ircfg
```pycon
>>> ircfg = ira.new_ircfg()
>>> ircfg = lifter.new_ircfg()
```
Add instruction to the pool:
```pycon
>>> ira.add_instr_to_ircfg(instr, ircfg)
>>> lifter.add_instr_to_ircfg(instr, ircfg)
```

Print current pool:
Expand Down Expand Up @@ -284,15 +284,15 @@ Symbolic execution
Initializing the IR pool:

```pycon
>>> ira = machine.ira(loc_db)
>>> ircfg = ira.new_ircfg_from_asmcfg(asmcfg)
>>> lifter = machine.lifter_model_call(loc_db)
>>> ircfg = lifter.new_ircfg_from_asmcfg(asmcfg)
```

Initializing the engine with default symbolic values:

```pycon
>>> from miasm.ir.symbexec import SymbolicExecutionEngine
>>> sb = SymbolicExecutionEngine(ira)
>>> sb = SymbolicExecutionEngine(lifter)
```

Launching the execution:
Expand All @@ -306,7 +306,7 @@ Launching the execution:
Same, with step logs (only changes are displayed):

```pycon
>>> sb = SymbolicExecutionEngine(ira, machine.mn.regs.regs_init)
>>> sb = SymbolicExecutionEngine(lifter, machine.mn.regs.regs_init)
>>> symbolic_pc = sb.run_at(ircfg, 0, step=True)
Instr LEA ECX, DWORD PTR [ECX + 0x4]
Assignblk:
Expand Down
74 changes: 37 additions & 37 deletions doc/ir/lift.ipynb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
"from miasm.analysis.machine import Machine\n",
"from miasm.arch.x86.arch import mn_x86\n",
"from miasm.core import parse_asm, asmblock\n",
"from miasm.arch.x86.ira import LifterModelCall_x86_32\n",
"from miasm.arch.x86.lifter_model_call import LifterModelCall_x86_32\n",
"from miasm.core.locationdb import LocationDB\n",
"from miasm.loader.strpatchwork import StrPatchwork\n",
"from miasm.analysis.binary import Container\n",
Expand Down Expand Up @@ -82,23 +82,23 @@
" asmcfg = mdis.dis_multiblock(0)\n",
" return asmcfg\n",
"\n",
"def lift_x86_asm(asm, ira=False, ira_custom=None):\n",
"def lift_x86_asm(asm, model_call=False, lifter_custom=None):\n",
" asmcfg = gen_x86_asmcfg(asm)\n",
" machine = Machine(\"x86_32\")\n",
" # Get a lifter\n",
" if ira and ira_custom is None:\n",
" ir_arch = LifterModelCall_x86_32(asmcfg.loc_db)\n",
" elif ira_custom is not None:\n",
" ir_arch = ira_custom(asmcfg.loc_db)\n",
" if model_call and lifter_custom is None:\n",
" lifter = LifterModelCall_x86_32(asmcfg.loc_db)\n",
" elif lifter_custom is not None:\n",
" lifter = lifter_custom(asmcfg.loc_db)\n",
" else:\n",
" ir_arch = machine.ir(asmcfg.loc_db)\n",
" lifter = machine.lifter(asmcfg.loc_db)\n",
"\n",
" # Translate to IR\n",
" ircfg = ir_arch.new_ircfg_from_asmcfg(asmcfg)\n",
" ircfg = lifter.new_ircfg_from_asmcfg(asmcfg)\n",
" return ircfg\n",
"\n",
"def graph_ir_x86(asm, ira=False, ira_custom=None):\n",
" ircfg = lift_x86_asm(asm, ira, ira_custom)\n",
"def graph_ir_x86(asm, model_call=False, lifter_custom=None):\n",
" ircfg = lift_x86_asm(asm, model_call, lifter_custom)\n",
" return ircfg.graphviz()\n"
]
},
Expand Down Expand Up @@ -147,7 +147,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c460340>"
"<graphviz.dot.Digraph at 0x7f62910602b0>"
]
},
"execution_count": 2,
Expand Down Expand Up @@ -211,7 +211,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fada42cb7f0>"
"<graphviz.dot.Digraph at 0x7f6291002a30>"
]
},
"execution_count": 3,
Expand Down Expand Up @@ -296,7 +296,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c457520>"
"<graphviz.dot.Digraph at 0x7f62a0172970>"
]
},
"execution_count": 4,
Expand Down Expand Up @@ -382,7 +382,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c44af40>"
"<graphviz.dot.Digraph at 0x7f6290fc1910>"
]
},
"execution_count": 5,
Expand Down Expand Up @@ -483,7 +483,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c4020d0>"
"<graphviz.dot.Digraph at 0x7f6290fc16d0>"
]
},
"execution_count": 6,
Expand Down Expand Up @@ -566,7 +566,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c460100>"
"<graphviz.dot.Digraph at 0x7f629102b250>"
]
},
"execution_count": 7,
Expand Down Expand Up @@ -662,7 +662,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c3ce970>"
"<graphviz.dot.Digraph at 0x7f6290fd6100>"
]
},
"execution_count": 8,
Expand Down Expand Up @@ -778,7 +778,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c40f190>"
"<graphviz.dot.Digraph at 0x7f629103a1f0>"
]
},
"execution_count": 9,
Expand Down Expand Up @@ -926,7 +926,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c41fc70>"
"<graphviz.dot.Digraph at 0x7f6290fe18b0>"
]
},
"execution_count": 10,
Expand Down Expand Up @@ -1007,7 +1007,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c41f3a0>"
"<graphviz.dot.Digraph at 0x7f6290fd6df0>"
]
},
"execution_count": 11,
Expand Down Expand Up @@ -1101,7 +1101,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c3e2820>"
"<graphviz.dot.Digraph at 0x7f62a01729d0>"
]
},
"execution_count": 12,
Expand Down Expand Up @@ -1213,7 +1213,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c44a400>"
"<graphviz.dot.Digraph at 0x7f6290fc7d90>"
]
},
"execution_count": 13,
Expand Down Expand Up @@ -1287,7 +1287,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c474520>"
"<graphviz.dot.Digraph at 0x7f629106a640>"
]
},
"execution_count": 14,
Expand Down Expand Up @@ -1356,7 +1356,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c4029a0>"
"<graphviz.dot.Digraph at 0x7f629106ab80>"
]
},
"execution_count": 15,
Expand Down Expand Up @@ -1451,7 +1451,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fada46612b0>"
"<graphviz.dot.Digraph at 0x7f6291002940>"
]
},
"execution_count": 16,
Expand Down Expand Up @@ -1541,7 +1541,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c402b50>"
"<graphviz.dot.Digraph at 0x7f6290f66df0>"
]
},
"execution_count": 17,
Expand Down Expand Up @@ -1576,15 +1576,15 @@
"source": [
"This `raw` way of translating is interesting to see low level moves of stack and return address, but it makes code analysis a bit hard. What we may want is to consider subcalls like an unknown operator, with arguments and side effects. This may *model* the call to a subfunction.\n",
"\n",
"This is the difference in Miasm between translating using `ir` (raw translation) and `ira` (`ir` + analysis) which models subfunction calls. By default, Miasm uses a basic model which is *wrong* in most cases. But this model can (and must ?) be replaced by the user behavior.\n",
"This is the difference in Miasm between translating using `lifter` (raw translation) and `lifter_model_call` (`ilifter` + call modelization) which models subfunction calls. By default, Miasm uses a basic model which is *wrong* in most cases. But this model can (and must ?) be replaced by the user behavior.\n",
"\n",
"You can observe the difference in the examples:\n",
"```\n",
"example/disasm/dis_binary_ir.py\n",
"example/disasm/dis_binary_lift.py\n",
"```\n",
"and\n",
"```\n",
"example/disasm/dis_binary_ira.py\n",
"example/disasm/dis_binary_lifter_model_call.py\n",
"```\n"
]
},
Expand Down Expand Up @@ -1639,7 +1639,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c3e2af0>"
"<graphviz.dot.Digraph at 0x7f6291012670>"
]
},
"execution_count": 18,
Expand Down Expand Up @@ -1675,7 +1675,7 @@
"metadata": {},
"source": [
"# Subfunction call custom modeling\n",
"The code responsible of the modelisation of function calls is located in the `ira` class (the lifter with call modeling) in `miasm/ir/analysis.py`:\n",
"The code responsible of the modelisation of function calls is located in the `LifterModelCall` class (the lifter with call modeling) in `miasm/ir/analysis.py`:\n",
"```python\n",
"...\n",
" def call_effects(self, addr, instr):\n",
Expand Down Expand Up @@ -1703,7 +1703,7 @@
"\n",
"```\n",
"\n",
"Some architectures subclass it to include some architecture dependent stuffs, for example in `miasm/arch/x86/ira.py` in which we use a default calling convention linked to arguments passed through registers:\n",
"Some architectures subclass it to include some architecture dependent stuffs, for example in `miasm/arch/x86/lifter_model_call.py` in which we use a default calling convention linked to arguments passed through registers:\n",
"```python\n",
"...\n",
" def call_effects(self, ad, instr):\n",
Expand Down Expand Up @@ -1792,7 +1792,7 @@
"</svg>\n"
],
"text/plain": [
"<graphviz.dot.Digraph at 0x7fad9c474d90>"
"<graphviz.dot.Digraph at 0x7f6290e9b940>"
]
},
"execution_count": 19,
Expand All @@ -1801,8 +1801,8 @@
}
],
"source": [
"# Construct a custom ira lifter\n",
"class IRAFixCallStack(LifterModelCall_x86_32):\n",
"# Construct a custom lifter\n",
"class LifterFixCallStack(LifterModelCall_x86_32):\n",
" def call_effects(self, addr, instr):\n",
" if addr.is_loc():\n",
" if self.loc_db.get_location_offset(addr.loc_key) == 0x11223344:\n",
Expand Down Expand Up @@ -1837,7 +1837,7 @@
" CALL 0x11223344\n",
" MOV ECX, EAX\n",
" RET\n",
"\"\"\", ira_custom=IRAFixCallStack)"
"\"\"\", lifter_custom=LifterFixCallStack)"
]
},
{
Expand Down Expand Up @@ -1870,7 +1870,7 @@
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.6"
"version": "3.9.0"
}
},
"nbformat": 4,
Expand Down
2 changes: 1 addition & 1 deletion doc/locationdb/locationdb.ipynb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -396,7 +396,7 @@
"outputs": [],
"source": [
"# Get a lifter\n",
"lifter = machine.ira(loc_db)"
"lifter = machine.lifter_model_call(loc_db)"
]
},
{
Expand Down

0 comments on commit 19e2aad

Please sign in to comment.