diff --git a/README.md b/README.md index fa76a694f..bea3d943a 100644 --- a/README.md +++ b/README.md @@ -111,15 +111,15 @@ ADD R2, R8, R0 Create an intermediate representation object: ```pycon ->>> ira = machine.ira(loc_db) +>>> lifter = machine.lifter_model_call(loc_db) ``` Create an empty ircfg ```pycon ->>> ircfg = ira.new_ircfg() +>>> ircfg = lifter.new_ircfg() ``` Add instruction to the pool: ```pycon ->>> ira.add_instr_to_ircfg(instr, ircfg) +>>> lifter.add_instr_to_ircfg(instr, ircfg) ``` Print current pool: @@ -284,15 +284,15 @@ Symbolic execution Initializing the IR pool: ```pycon ->>> ira = machine.ira(loc_db) ->>> ircfg = ira.new_ircfg_from_asmcfg(asmcfg) +>>> lifter = machine.lifter_model_call(loc_db) +>>> ircfg = lifter.new_ircfg_from_asmcfg(asmcfg) ``` Initializing the engine with default symbolic values: ```pycon >>> from miasm.ir.symbexec import SymbolicExecutionEngine ->>> sb = SymbolicExecutionEngine(ira) +>>> sb = SymbolicExecutionEngine(lifter) ``` Launching the execution: @@ -306,7 +306,7 @@ Launching the execution: Same, with step logs (only changes are displayed): ```pycon ->>> sb = SymbolicExecutionEngine(ira, machine.mn.regs.regs_init) +>>> sb = SymbolicExecutionEngine(lifter, machine.mn.regs.regs_init) >>> symbolic_pc = sb.run_at(ircfg, 0, step=True) Instr LEA ECX, DWORD PTR [ECX + 0x4] Assignblk: diff --git a/doc/ir/lift.ipynb b/doc/ir/lift.ipynb index 933ed3b4b..aaa20a0b8 100644 --- a/doc/ir/lift.ipynb +++ b/doc/ir/lift.ipynb @@ -33,7 +33,7 @@ "from miasm.analysis.machine import Machine\n", "from miasm.arch.x86.arch import mn_x86\n", "from miasm.core import parse_asm, asmblock\n", - "from miasm.arch.x86.ira import LifterModelCall_x86_32\n", + "from miasm.arch.x86.lifter_model_call import LifterModelCall_x86_32\n", "from miasm.core.locationdb import LocationDB\n", "from miasm.loader.strpatchwork import StrPatchwork\n", "from miasm.analysis.binary import Container\n", @@ -82,23 +82,23 @@ " asmcfg = mdis.dis_multiblock(0)\n", " return asmcfg\n", "\n", - "def lift_x86_asm(asm, ira=False, ira_custom=None):\n", + "def lift_x86_asm(asm, model_call=False, lifter_custom=None):\n", " asmcfg = gen_x86_asmcfg(asm)\n", " machine = Machine(\"x86_32\")\n", " # Get a lifter\n", - " if ira and ira_custom is None:\n", - " ir_arch = LifterModelCall_x86_32(asmcfg.loc_db)\n", - " elif ira_custom is not None:\n", - " ir_arch = ira_custom(asmcfg.loc_db)\n", + " if model_call and lifter_custom is None:\n", + " lifter = LifterModelCall_x86_32(asmcfg.loc_db)\n", + " elif lifter_custom is not None:\n", + " lifter = lifter_custom(asmcfg.loc_db)\n", " else:\n", - " ir_arch = machine.ir(asmcfg.loc_db)\n", + " lifter = machine.lifter(asmcfg.loc_db)\n", "\n", " # Translate to IR\n", - " ircfg = ir_arch.new_ircfg_from_asmcfg(asmcfg)\n", + " ircfg = lifter.new_ircfg_from_asmcfg(asmcfg)\n", " return ircfg\n", "\n", - "def graph_ir_x86(asm, ira=False, ira_custom=None):\n", - " ircfg = lift_x86_asm(asm, ira, ira_custom)\n", + "def graph_ir_x86(asm, model_call=False, lifter_custom=None):\n", + " ircfg = lift_x86_asm(asm, model_call, lifter_custom)\n", " return ircfg.graphviz()\n" ] }, @@ -147,7 +147,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 2, @@ -211,7 +211,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 3, @@ -296,7 +296,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 4, @@ -382,7 +382,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 5, @@ -483,7 +483,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 6, @@ -566,7 +566,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 7, @@ -662,7 +662,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 8, @@ -778,7 +778,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 9, @@ -926,7 +926,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 10, @@ -1007,7 +1007,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 11, @@ -1101,7 +1101,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 12, @@ -1213,7 +1213,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 13, @@ -1287,7 +1287,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 14, @@ -1356,7 +1356,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 15, @@ -1451,7 +1451,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 16, @@ -1541,7 +1541,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 17, @@ -1576,15 +1576,15 @@ "source": [ "This `raw` way of translating is interesting to see low level moves of stack and return address, but it makes code analysis a bit hard. What we may want is to consider subcalls like an unknown operator, with arguments and side effects. This may *model* the call to a subfunction.\n", "\n", - "This is the difference in Miasm between translating using `ir` (raw translation) and `ira` (`ir` + analysis) which models subfunction calls. By default, Miasm uses a basic model which is *wrong* in most cases. But this model can (and must ?) be replaced by the user behavior.\n", + "This is the difference in Miasm between translating using `lifter` (raw translation) and `lifter_model_call` (`ilifter` + call modelization) which models subfunction calls. By default, Miasm uses a basic model which is *wrong* in most cases. But this model can (and must ?) be replaced by the user behavior.\n", "\n", "You can observe the difference in the examples:\n", "```\n", - "example/disasm/dis_binary_ir.py\n", + "example/disasm/dis_binary_lift.py\n", "```\n", "and\n", "```\n", - "example/disasm/dis_binary_ira.py\n", + "example/disasm/dis_binary_lifter_model_call.py\n", "```\n" ] }, @@ -1639,7 +1639,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 18, @@ -1675,7 +1675,7 @@ "metadata": {}, "source": [ "# Subfunction call custom modeling\n", - "The code responsible of the modelisation of function calls is located in the `ira` class (the lifter with call modeling) in `miasm/ir/analysis.py`:\n", + "The code responsible of the modelisation of function calls is located in the `LifterModelCall` class (the lifter with call modeling) in `miasm/ir/analysis.py`:\n", "```python\n", "...\n", " def call_effects(self, addr, instr):\n", @@ -1703,7 +1703,7 @@ "\n", "```\n", "\n", - "Some architectures subclass it to include some architecture dependent stuffs, for example in `miasm/arch/x86/ira.py` in which we use a default calling convention linked to arguments passed through registers:\n", + "Some architectures subclass it to include some architecture dependent stuffs, for example in `miasm/arch/x86/lifter_model_call.py` in which we use a default calling convention linked to arguments passed through registers:\n", "```python\n", "...\n", " def call_effects(self, ad, instr):\n", @@ -1792,7 +1792,7 @@ "\n" ], "text/plain": [ - "" + "" ] }, "execution_count": 19, @@ -1801,8 +1801,8 @@ } ], "source": [ - "# Construct a custom ira lifter\n", - "class IRAFixCallStack(LifterModelCall_x86_32):\n", + "# Construct a custom lifter\n", + "class LifterFixCallStack(LifterModelCall_x86_32):\n", " def call_effects(self, addr, instr):\n", " if addr.is_loc():\n", " if self.loc_db.get_location_offset(addr.loc_key) == 0x11223344:\n", @@ -1837,7 +1837,7 @@ " CALL 0x11223344\n", " MOV ECX, EAX\n", " RET\n", - "\"\"\", ira_custom=IRAFixCallStack)" + "\"\"\", lifter_custom=LifterFixCallStack)" ] }, { @@ -1870,7 +1870,7 @@ "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", - "version": "3.8.6" + "version": "3.9.0" } }, "nbformat": 4, diff --git a/doc/locationdb/locationdb.ipynb b/doc/locationdb/locationdb.ipynb index 4425b3ad7..33a18930f 100644 --- a/doc/locationdb/locationdb.ipynb +++ b/doc/locationdb/locationdb.ipynb @@ -396,7 +396,7 @@ "outputs": [], "source": [ "# Get a lifter\n", - "lifter = machine.ira(loc_db)" + "lifter = machine.lifter_model_call(loc_db)" ] }, {