angr.analyses.cfg.indirect_jump_resolvers.resolver

class angr.analyses.cfg.indirect_jump_resolvers.resolver.IndirectJumpResolver

Bases: object

__init__(project, timeless=False, base_state=None)
filter(cfg, addr, func_addr, block, jumpkind)

Check if this resolution method may be able to resolve the indirect jump or not.

Parameters:

  • addr (int) – Basic block address of this indirect jump.

  • func_addr (int) – Address of the function that this indirect jump belongs to.

  • block – The basic block. The type is determined by the backend being used. It’s pyvex.IRSB if pyvex is used as the backend.

  • jumpkind (str) – The jumpkind.

Returns:

True if it is possible for this resolution method to resolve the specific indirect jump, False otherwise.

Return type:

bool

resolve(cfg, addr, func_addr, block, jumpkind, func_graph_complete=True, **kwargs)

Resolve an indirect jump.

Parameters:

  • cfg – The CFG analysis object.

  • addr (int) – Basic block address of this indirect jump.

  • func_addr (int) – Address of the function that this indirect jump belongs to.

  • block – The basic block. The type is determined by the backend being used. It’s pyvex.IRSB if pyvex is used as the backend.

  • jumpkind (str) – The jumpkind.

  • func_graph_complete (bool) – True if the function graph is complete at this point (except for nodes that this indirect jump node dominates).

Returns:

A tuple of a boolean indicating whether the resolution is successful or not, and a list of resolved targets (ints).

Return type:

tuple