angr.simos.javavm

class angr.simos.javavm.SimJavaVM

Bases: SimOS

__init__(*args, **kwargs)
state_entry(args=None, **kwargs)

Create an entry state.

Parameters:

args – List of SootArgument values (optional).

static generate_symbolic_cmd_line_arg(state)

Generates a new symbolic cmd line argument string. :return: The string reference.

state_call(addr, *args, **kwargs)

Create a native or a Java call state.

Parameters:

  • addr – Soot or native addr of the invoke target.

  • args – List of SootArgument values.

static get_default_value_by_type(type_, state)

Java specify defaults values for primitive and reference types. This method returns the default value for a given type.

Parameters:

  • type (str) – Name of type.

  • state (SimState) – Current SimState.

Returns:

Default value for this type.

static cast_primitive(state, value, to_type)

Cast the value of primitive types.

Parameters:

  • value – Bitvector storing the primitive value.

  • to_type – Name of the targeted type.

Returns:

Resized value.

static init_static_field(state, field_class_name, field_name, field_type)

Initialize the static field with an allocated, but not initialized, object of the given type.

Parameters:

  • state – State associated to the field.

  • field_class_name – Class containing the field.

  • field_name – Name of the field.

  • field_type – Type of the field and the new object.

static get_cmd_line_args(state)
get_addr_of_native_method(soot_method)

Get address of the implementation from a native declared Java function.

Parameters:

soot_method – Method descriptor of a native declared function.

Returns:

CLE address of the given method.

get_native_type(java_type)

Maps the Java type to a SimTypeReg representation of its native counterpart. This type can be used to indicate the (well-defined) size of native JNI types.

Returns:

A SymTypeReg with the JNI size of the given type.

property native_arch

Arch of the native simos.

Type:

return

get_native_cc()
Returns:

SimCC object for the native simos.

angr.simos.javavm.prepare_native_return_state(native_state)

Hook target for native function call returns.

Recovers and stores the return value from native memory and toggles the state, s.t. execution continues in the Soot engine.

Note: Redirection needed for pickling.