archinfo
— Arch Information Repository¶
archinfo is a collection of classes that contain architecture-specific information. It is useful for cross-architecture tools (such as pyvex).
- class archinfo.Arch(endness, instruction_endness=None)[source]¶
Bases:
object
A collection of information about a given architecture. This class should be subclasses for each different architecture, and then that subclass should be registered with the
register_arch
method.A good number of assumptions are made that code is being processed under the VEX IR - for instance, it is expected the register file offsets are expected to match code generated by PyVEX.
Arches may be compared with == and !=.
- Variables:
name (str) – The name of the arch
bits (int) – The number of bits in a word
vex_arch (str) – The VEX enum name used to identify this arch
qemu_name (str) – The name used by QEMU to identify this arch
ida_processor (str) – The processor string used by IDA to identify this arch
triplet (str) – The triplet used to identify a linux system on this arch
max_inst_bytes (int) – The maximum number of bytes in a single instruction
ip_offset (int) – The offset of the instruction pointer in the register file
sp_offset (int) – The offset of the stack pointer in the register file
bp_offset (int) – The offset of the base pointer in the register file
lr_offset (int) – The offset of the link register (return address) in the register file
ret_offset (int) – The offset of the return value register in the register file
vex_conditional_helpers (bool) – Whether libVEX will generate code to process the conditional flags for this arch using ccalls
syscall_num_offset (int) – The offset in the register file where the syscall number is stored
call_pushes_ret (bool) – Whether this arch’s call instruction causes a stack push
stack_change (int) – The change to the stack pointer caused by a push instruction
memory_endness (str) – The endness of memory, as a VEX enum
register_endness (str) – The endness of registers, as a VEX enum. Should usually be same as above
instruction_endness (str) – The endness of instructions stored in memory. In other words, this controls whether instructions are stored endian-flipped compared to their description in the ISA manual, and should be flipped when lifted. Iend_BE means “don’t flip” NOTE: Only used for non-libVEX lifters.
sizeof (dict) – A mapping from C type to variable size in bits
cs_arch – The Capstone arch value for this arch
cs_mode – The Capstone mode value for this arch
ks_arch – The Keystone arch value for this arch
ks_mode – The Keystone mode value for this arch
uc_arch – The Unicorn engine arch value for this arch
uc_mode – The Unicorn engine mode value for this arch
uc_const – The Unicorn engine constants module for this arch
uc_prefix – The prefix used for variables in the Unicorn engine constants module
function_prologs (list) – A list of regular expressions matching the bytes for common function prologues
function_epilogs (list) – A list of regular expressions matching the bytes for common function epilogues
ret_instruction (str) – The bytes for a return instruction
nop_instruction (str) – The bytes for a nop instruction
instruction_alignment (int) – The instruction alignment requirement
default_register_values (list) – A weird listing describing how registers should be initialized for purposes of sanity
entry_register_values (dict) – A mapping from register name to a description of the value that should be in it at program entry on linux
default_symbolic_register (list) – Honestly, who knows what this is supposed to do. Fill it with the names of the general purpose registers.
register_names (dict) – A mapping from register file offset to register name
registers (dict) – A mapping from register name to a tuple of (register file offset, size in bytes)
lib_paths (list) – A listing of common locations where shared libraries for this architecture may be found
got_section_name (str) – The name of the GOT section in ELFs
ld_linux_name (str) – The name of the linux dynamic loader program
byte_width (int) – the number of bits in a byte.
elf_tls (TLSArchInfo) – A description of how thread-local storage works
dwarf_registers (List[str]) – A list of register names in the order specified in the DWARF specification of the corresponding arcitecture.
- byte_width = 8¶
-
elf_tls:
Optional
[TLSArchInfo
] = None¶
-
dwarf_registers:
List
[str
] = []¶
- instruction_endness = 'Iend_BE'¶
- get_register_by_name(reg_name)[source]¶
Return the Register object associated with the given name. This includes subregisters.
For example, if you are operating in a platform-independent setting, and wish to address “whatever the stack pointer is” you could pass ‘sp’ here, and get Register(…r13…) back on an ARM platform.
- struct_fmt(size=None, signed=False, endness=None)[source]¶
Produce a format string for use in python’s
struct
module to decode a single word.- Parameters:
size (int) – The size in bytes to pack/unpack. Defaults to wordsize
signed (bool) – Whether the data should be extracted signed/unsigned. Default unsigned
endness (str) – The endian to use in packing/unpacking. Defaults to memory endness
- Return str:
A format string with an endness modifier and a single format character
-
sizeof:
Dict
[str
,int
] = {}¶
- property capstone¶
A Capstone instance for this arch
- property keystone¶
A Keystone instance for this arch
- property unicorn¶
A Unicorn engine instance for this arch
- asm(string, addr=0, as_bytes=True, thumb=False)[source]¶
Compile the assembly instruction represented by string using Keystone
- Parameters:
string – The textual assembly instructions, separated by semicolons
addr – The address at which the text should be assembled, to deal with PC-relative access. Default 0
as_bytes – Set to False to return a list of integers instead of a python byte string
thumb – If working with an ARM processor, set to True to assemble in thumb mode.
- Returns:
The assembled bytecode
- get_base_register(offset, size=None)[source]¶
Convert a register or sub-register to its base register’s offset.
- Parameters:
offset (int) – The offset of the register to look up for.
size (int) – Size of the register.
- Returns:
Offset and size of the base register, or None if no base register is found.
- library_search_path(pedantic=False)[source]¶
A list of paths in which to search for shared libraries.
- m_addr(addr, *args, **kwargs)[source]¶
Given the address of some code block, convert it to the address where this block is stored in memory. The memory address can also be referred to as the “real” address.
- Parameters:
addr – The address to convert.
- Returns:
The “real” address in memory.
- Return type:
int
- x_addr(addr, *args, **kwargs)[source]¶
Given the address of some code block, convert it to the value that should be assigned to the instruction pointer register in order to execute the code in that block.
- Parameters:
addr – The address to convert.
- Returns:
The “execution” address.
- Return type:
int
- is_thumb(addr)[source]¶
Return True, if the address is the THUMB address. False otherwise.
For non-ARM architectures this method always returns False.
- Parameters:
addr – The address to check.
- Returns:
Whether the given address is the THUMB address.
- property vex_support¶
Whether the architecture is supported by VEX or not.
- Returns:
True if this Arch is supported by VEX, False otherwise.
- Return type:
bool
- property unicorn_support¶
Whether the architecture is supported by Unicorn engine or not,
- Returns:
True if this Arch is supported by the Unicorn engine, False otherwise.
- Return type:
bool
- property capstone_support¶
Whether the architecture is supported by the Capstone engine or not.
- Returns:
True if this Arch is supported by the Capstone engine, False otherwise.
- Return type:
bool
- property keystone_support¶
Whether the architecture is supported by the Keystone engine or not.
- Returns:
True if this Arch is supported by the Keystone engine, False otherwise.
- Return type:
bool
-
address_types:
Tuple
[type
,...
] = (<class 'int'>,)¶
-
function_address_types:
Tuple
[type
,...
] = (<class 'int'>,)¶
-
name:
str
¶
-
vex_arch:
Optional
[str
] = None¶
-
qemu_name:
Optional
[str
] = None¶
-
ida_processor:
Optional
[str
] = None¶
-
linux_name:
Optional
[str
] = None¶
-
triplet:
Optional
[str
] = None¶
-
max_inst_bytes:
int
¶
- ret_instruction = b''¶
- nop_instruction = b''¶
-
instruction_alignment:
Optional
[int
] = None¶
-
ip_offset:
Optional
[RegisterOffset
] = None¶
-
sp_offset:
Optional
[RegisterOffset
] = None¶
-
bp_offset:
Optional
[RegisterOffset
] = None¶
-
ret_offset:
Optional
[RegisterOffset
] = None¶
-
fp_ret_offset:
Optional
[RegisterOffset
] = None¶
-
lr_offset:
Optional
[RegisterOffset
] = None¶
- vex_conditional_helpers = False¶
-
bits:
int
¶
- memory_endness = 'Iend_LE'¶
- default_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
-
stack_change:
int
¶
- cache_irsb = True¶
- branch_delay_slot = False¶
-
function_prologs:
Set
[bytes
] = {}¶
-
function_epilogs:
Set
[bytes
] = {}¶
- cs_arch = None¶
- cs_mode = None¶
- ks_arch = None¶
- ks_mode = None¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
-
uc_prefix:
Optional
[str
] = None¶
- uc_regs = None¶
- artificial_registers_offsets = None¶
-
artificial_registers:
Set
[str
]¶
-
cpu_flag_register_offsets_and_bitmasks_map:
Dict
¶
-
reg_blacklist:
List
[str
] = ['fs', 'gs', 'cs', 'ds', 'es', 'fs', 'gs', 'ss', 'ldt', 'gdt']¶
-
reg_blacklist_offsets:
List
[RegisterOffset
] = [None, None, None, None, None, None, None, None, None, None]¶
- vex_to_unicorn_map = None¶
- vex_cc_regs = None¶
- call_pushes_ret = False¶
- initial_sp = 2147418112¶
- call_sp_fix = 0¶
- stack_size = 134217728¶
-
default_register_values:
List
= []¶
-
entry_register_values:
Dict
[str
,Any
] = {}¶
-
default_symbolic_registers:
List
[str
] = []¶
-
registers:
Dict
[str
,Tuple
[RegisterOffset
,int
]] = {}¶
-
register_names:
Dict
[RegisterOffset
,str
] = {}¶
-
argument_registers:
Set
[RegisterOffset
] = {}¶
-
argument_register_positions:
Dict
[str
,int
] = {}¶
-
persistent_regs:
List
[str
] = []¶
-
concretize_unique_registers:
Set
[RegisterOffset
] = {}¶
-
lib_paths:
List
[str
] = []¶
-
reloc_s_a:
List
[Any
] = []¶
-
reloc_b_a:
List
[Any
] = []¶
-
reloc_s:
List
[Any
] = []¶
-
reloc_copy:
List
[Any
] = []¶
-
reloc_tls_mod_id:
List
[Any
] = []¶
-
reloc_tls_doffset:
List
[Any
] = []¶
-
reloc_tls_offset:
List
[Any
] = []¶
-
dynamic_tag_translation:
Dict
[int
,str
] = {}¶
-
symbol_type_translation:
Dict
[Union
[int
,str
],str
] = {}¶
- got_section_name = ''¶
- vex_archinfo = None¶
- class archinfo.ArchAArch64(endness=Endness.LE)[source]¶
Bases:
Arch
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchARM64'¶
- name: str = 'AARCH64'¶
- qemu_name: Optional[str] = 'aarch64'¶
- ida_processor: Optional[str] = 'arm'¶
- linux_name: Optional[str] = 'aarch64'¶
- triplet: Optional[str] = 'aarch64-linux-gnueabihf'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 16¶
- vex_conditional_helpers = True¶
- syscall_num_offset = 80¶
- call_pushes_ret = False¶
- stack_change: int = -8¶
- memory_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
- instruction_endness = 'Iend_LE'¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- initial_sp = 576460752303357952¶
- ret_instruction = b'\xc0\x03_\xd6'¶
- nop_instruction = b'\x1f \x03\xd5'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register x0>, <Register x1>, <Register x2>, <Register x3>, <Register x4>, <Register x5>, <Register x6>, <Register x7>, <Register x8>, <Register x9>, <Register x10>, <Register x11>, <Register x12>, <Register x13>, <Register x14>, <Register x15>, <Register x16>, <Register x17>, <Register x18>, <Register x19>, <Register x20>, <Register x21>, <Register x22>, <Register x23>, <Register x24>, <Register x25>, <Register x26>, <Register x27>, <Register x28>, <Register x29>, <Register x30>, <Register xsp>, <Register pc>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register tpidr_el0>, <Register q0>, <Register q1>, <Register q2>, <Register q3>, <Register q4>, <Register q5>, <Register q6>, <Register q7>, <Register q8>, <Register q9>, <Register q10>, <Register q11>, <Register q12>, <Register q13>, <Register q14>, <Register q15>, <Register q16>, <Register q17>, <Register q18>, <Register q19>, <Register q20>, <Register q21>, <Register q22>, <Register q23>, <Register q24>, <Register q25>, <Register q26>, <Register q27>, <Register q28>, <Register q29>, <Register q30>, <Register q31>, <Register qcflag>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register ip_at_syscall>, <Register fpcr>]¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld-linux-aarch64.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 32, [], [0], [], 0, 0)¶
- dwarf_registers: List[str] = ['x0', 'x1', 'x2', 'x3', 'x4', 'x5', 'x6', 'x7', 'x8', 'x9', 'x10', 'x11', 'x12', 'x13', 'x14', 'x15', 'x16', 'x17', 'x18', 'x19', 'x20', 'x21', 'x22', 'x23', 'x24', 'x25', 'x26', 'x27', 'x28', 'x29', 'x30', 'sp', '<none>', 'ELR_mode', 'RA_SIGN_STATE', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', 'VG', 'FFR', 'p0', 'p1', 'p2', 'p3', 'p4', 'p5', 'p6', 'p7', 'p8', 'p9', 'p10', 'p11', 'p12', 'p13', 'p14', 'p15', 'v0', 'v1', 'v2', 'v3', 'v4', 'v5', 'v6', 'v7', 'v8', 'v9', 'v10', 'v11', 'v12', 'v13', 'v14', 'v15', 'v16', 'v17', 'v18', 'v19', 'v20', 'v21', 'v22', 'v23', 'v24', 'v25', 'v26', 'v27', 'v28', 'v29', 'v30', 'v31', 'z0', 'z1', 'z2', 'z3', 'z4', 'z5', 'z6', 'z7', 'z8', 'z9', 'z10', 'z11', 'z12', 'z13', 'z14', 'z15', 'z16', 'z17', 'z18', 'z19', 'z20', 'z21', 'z22', 'z23', 'z24', 'z25', 'z26', 'z27', 'z28', 'z29', 'z30', 'z31']¶
- class archinfo.ArchAMD64(endness=Endness.LE)[source]¶
Bases:
Arch
- property capstone_x86_syntax¶
The current syntax Capstone uses for x64. It can be ‘intel’ or ‘at&t’
- property keystone_x86_syntax¶
The current syntax Keystone uses for x86. It can be ‘intel’, ‘at&t’, ‘nasm’, ‘masm’, ‘gas’ or ‘radix16’
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchAMD64'¶
- vex_endness = 'VexEndnessLE'¶
- name: str = 'AMD64'¶
- qemu_name: Optional[str] = 'x86_64'¶
- ida_processor: Optional[str] = 'metapc'¶
- linux_name: Optional[str] = 'x86_64'¶
- triplet: Optional[str] = 'x86_64-linux-gnu'¶
- max_inst_bytes: int = 15¶
- ret_offset: Optional[RegisterOffset] = 16¶
- vex_conditional_helpers = True¶
- syscall_num_offset = 16¶
- call_pushes_ret = True¶
- stack_change: int = -8¶
- initial_sp = 576460752303357952¶
- call_sp_fix = -8¶
- memory_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- function_prologs: Set[bytes] = {b'\\x48[\\x83,\\x81]\\xec[\\x00-\\xff]', b'\\x55\\x48\\x89\\xe5', b'\xf3\x0f\x1e\xfa\\x48[\\x83,\\x81]\\xec[\\x00-\\xff]', b'\xf3\x0f\x1e\xfa\\x55\\x48\\x89\\xe5'}¶
- function_epilogs: Set[bytes] = {b'([^\\x41][\\x50-\\x5f]{1}|\\x41[\\x50-\\x5f])\\xc3', b'\\x48[\\x83,\\x81]\\xc4([\\x00-\\xff]{1}|[\\x00-\\xff]{4})\\xc3', b'\\xc9\\xc3'}¶
- ret_instruction = b'\xc3'¶
- nop_instruction = b'\x90'¶
- instruction_alignment: Optional[int] = 1¶
- register_list: List[Register] = [<Register rax>, <Register rcx>, <Register rdx>, <Register rbx>, <Register rsp>, <Register rbp>, <Register rsi>, <Register rdi>, <Register r8>, <Register r9>, <Register r10>, <Register r11>, <Register r12>, <Register r13>, <Register r14>, <Register r15>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register d>, <Register rip>, <Register ac>, <Register id>, <Register fs>, <Register sseround>, <Register cr0>, <Register cr2>, <Register cr3>, <Register cr4>, <Register cr8>, <Register ymm0>, <Register ymm1>, <Register ymm2>, <Register ymm3>, <Register ymm4>, <Register ymm5>, <Register ymm6>, <Register ymm7>, <Register ymm8>, <Register ymm9>, <Register ymm10>, <Register ymm11>, <Register ymm12>, <Register ymm13>, <Register ymm14>, <Register ymm15>, <Register ftop>, <Register fpreg>, <Register fptag>, <Register fpround>, <Register fc3210>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register gs>, <Register ip_at_syscall>, <Register cs_seg>, <Register ds_seg>, <Register es_seg>, <Register fs_seg>, <Register gs_seg>, <Register ss_seg>]¶
- dynamic_tag_translation: Dict[int, str] = {1879048192: 'DT_X86_64_PLT', 1879048193: 'DT_X86_64_PLTSZ', 1879048195: 'DT_X86_64_PLTENT'}¶
- symbol_type_translation: Dict[Union[int, str], str] = {'STT_LOOS': 'STT_GNU_IFUNC', 10: 'STT_GNU_IFUNC'}¶
- got_section_name = '.got.plt'¶
- ld_linux_name = 'ld-linux-x86-64.so.2'¶
- elf_tls: Optional[TLSArchInfo] = (2, 704, [16], [8], [0], 0, 0)¶
- dwarf_registers: List[str] = ['rax', 'rdx', 'rcx', 'rbx', 'rsi', 'rdi', 'rbp', 'rsp', 'r8', 'r9', 'r10', 'r11', 'r12', 'r13', 'r14', 'r15', 'rip', 'xmm0', 'xmm1', 'xmm2', 'xmm3', 'xmm4', 'xmm5', 'xmm6', 'xmm7', 'xmm8', 'xmm9', 'xmm10', 'xmm11', 'xmm12', 'xmm13', 'xmm14', 'xmm15', 'st0', 'st1', 'st2', 'st3', 'st4', 'st5', 'st6', 'st7', 'mm0', 'mm1', 'mm2', 'mm3', 'mm4', 'mm5', 'mm6', 'mm7', 'rflags', 'es', 'cs', 'ss', 'ds', 'fs', 'gs', '<none>', '<none>', 'fs.base', 'gs.base', '<none>', '<none>', 'tr', 'ldtr', 'mxcsr', 'fcw', 'fsw']¶
- class archinfo.ArchARM(endness=Endness.LE)[source]¶
Bases:
Arch
ARM architecture specific subclass
- property capstone_thumb¶
- property keystone_thumb¶
- property unicorn_thumb¶
- m_addr(addr, *args, **kwargs)[source]¶
Given the address of some code block, convert it to the address where this block is stored in memory. The memory address can also be referred to as the “real” address.
For ARM-architecture, the “real” address is always even (has its lowest bit clear).
- Parameters:
addr – The address to convert.
- Returns:
The “real” address in memory.
- Return type:
int
- x_addr(addr, thumb=None, *args, **kwargs)[source]¶
Given the address of some code block, convert it to the value that should be assigned to the instruction pointer register in order to execute the code in that block.
- Parameters:
addr – The address to convert.
thumb – Set this parameter to True if you want to convert the address into the THUMB form. Set this parameter to False if you want to convert the address into the ARM form. Set this parameter to None (default) if you want to keep the address as is.
- Returns:
The “execution” address.
- Return type:
int
- is_thumb(addr)[source]¶
Return True, if the address is the THUMB address. False otherwise.
- Parameters:
addr – The address to check.
- Returns:
Whether the given address is the THUMB address.
- bits: int = 32¶
- vex_arch: Optional[str] = 'VexArchARM'¶
- name: str = 'ARMEL'¶
- qemu_name: Optional[str] = 'arm'¶
- ida_processor: Optional[str] = 'armb'¶
- linux_name: Optional[str] = 'arm'¶
- triplet: Optional[str] = 'arm-linux-gnueabihf'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 8¶
- fp_ret_offset: Optional[RegisterOffset] = 8¶
- vex_conditional_helpers = True¶
- syscall_num_offset = 36¶
- call_pushes_ret = False¶
- stack_change: int = -4¶
- memory_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 32, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_mode_thumb = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- ret_instruction = b'\x1e\xff/\xe1'¶
- nop_instruction = b'\x00\x00\x00\x00'¶
- function_prologs: Set[bytes] = {b'\\r\\xc0\\xa0\\xe1[\\x00-\\xff][\\x40-\\x7f\\xc0-\\xff]\\x2d\\xe9', b'\\r\\xc0\\xa0\\xe1\\x04\\xe0\\x2d\\xe5', b'\\x04\\xe0\\x2d\\xe5'}¶
- thumb_prologs = {b'[\\x00-\\xff]\\x4b[\\x00-\\xff]\\x4a\\x7b\\x44\\x30\\xb5', b'[\\x00-\\xff]\\xb4\\x00\\xb5[\\x80-\\xff]\\xb0', b'[\\x00\\x08\\x10\\x30\\x38\\x70\\xf0\\xf8]\\xb5[\\x00-\\xff]\\x4c\\xa5\\x44', b'[\\x00\\x08\\x10\\x30\\x38\\x70\\xf0\\xf8]\\xb5[\\x03-\\x07\\x0c-\\x0f\\x1e-\\x1f]\\x46', b'[\\x00\\x10\\x30\\x70\\xf0][\\xb4\\xb5][\\x80-\\x8f\\xa3\\xa8]\\xb0', b'[\\x80-\\xff]\\xb0[\\x00-\\xff]\\x90', b'\\x08\\xb5\\x00[\\x22\\x23]', b'\\x2d\\xe9\\xb0\\x41', b'\\x2d\\xe9\\xf0[\\x41\\x43\\x46\\x47\\x4d\\x4f]', b'\\x2d\\xe9\\xf8[\\x43\\x46\\x4f]', b'\\x38\\xb5\\x40\\xf2\\x00\\x03\\xc0\\xf2\\x00\\x03', b'\\x80\\xb4[\\x80-\\xff]\\xb0'}¶
- function_epilogs: Set[bytes] = {b'[\\x00-\\xff]{2}\\xbd\\xe8\\x1e\\xff\\x2f\\xe1\\x04\\xe0\\x9d\\xe4\\x1e\\xff\\x2f\\xe1'}¶
- instruction_alignment: Optional[int] = 2¶
- register_list: List[Register] = [<Register r0>, <Register r1>, <Register r2>, <Register r3>, <Register r4>, <Register r5>, <Register r6>, <Register r7>, <Register r8>, <Register r9>, <Register r10>, <Register r11>, <Register r12>, <Register sp>, <Register lr>, <Register pc>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register qflag32>, <Register geflag0>, <Register geflag1>, <Register geflag2>, <Register geflag3>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register ip_at_syscall>, <Register d0>, <Register d1>, <Register d2>, <Register d3>, <Register d4>, <Register d5>, <Register d6>, <Register d7>, <Register d8>, <Register d9>, <Register d10>, <Register d11>, <Register d12>, <Register d13>, <Register d14>, <Register d15>, <Register d16>, <Register d17>, <Register d18>, <Register d19>, <Register d20>, <Register d21>, <Register d22>, <Register d23>, <Register d24>, <Register d25>, <Register d26>, <Register d27>, <Register d28>, <Register d29>, <Register d30>, <Register d31>, <Register fpscr>, <Register tpidruro>, <Register itstate>]¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld-linux.so.3'¶
- elf_tls: Optional[TLSArchInfo] = (1, 8, [], [0], [], 0, 0)¶
- class archinfo.ArchARMCortexM(*args, **kwargs)[source]¶
Bases:
ArchARMEL
This is an architecture description for ARM Cortex-M microcontroller-class CPUs.
These CPUs have the following unusual / annoying distinctions from their relatives: - Explicitly only support the Thumb-2 instruction set. Executing with the T-bit off causes the processor to fault instantly - Always little-endian - Coprocessors? Nope, none of that rubbish - Well-known standard memory map across all devices - Rarely use an MPU, even though this does exist on some devices - A built-in “NVIC” (Nested Vectored Interrupt Controller) as part of the standard. - Standardized “blob format” including the IVT, with initial SP and entry prepended - Usually don’t run an OS (SimLinux? No thanks) - As part of the above, handle syscalls (SVC) instructions through an interrupt (now called PendSV) Uses its own fancy stack layout for this, which (UGH) varies by sub-sub-architecture - Some fancy instructions normally never seen in other uses of Thumb (CPSID, CPSIE, WFI, MRS.W, MSR.W) - New registers, namely: * FAULTMASK * PRIMASK * BASEPRI * CONTROL * SP, banked as PSP or MSP * PSR, now just one PSR, with a few meta-registers APSR, IPSR, and EPSR which take a chunk of that each
- name: str = 'ARMCortexM'¶
- triplet: Optional[str] = 'arm-none-eabi'¶
- function_prologs: Set[bytes] = {}¶
- thumb_prologs = {b'[\\x00-\\xff]\\xb5', b'\\x2d\\xe9[\\x00-\\xff][\\x00-\\xff]'}¶
- function_epilogs: Set[bytes] = {b'[\\x00-\\xff]\\xbd'}¶
- register_list: List[Register] = [<Register r0>, <Register r1>, <Register r2>, <Register r3>, <Register r4>, <Register r5>, <Register r6>, <Register r7>, <Register r8>, <Register r9>, <Register r10>, <Register r11>, <Register r12>, <Register sp>, <Register lr>, <Register pc>, <Register msp>, <Register msp_s>, <Register msp_ns>, <Register psp>, <Register psp_s>, <Register psp_ns>, <Register msplim>, <Register msplim_s>, <Register msplim_ns>, <Register msplim_ns>, <Register sp_process>, <Register sp_process_s>, <Register sp_process_ns>, <Register sp_main>, <Register sp_main_s>, <Register sp_main_ns>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register qflag32>, <Register ip_at_syscall>, <Register d0>, <Register d1>, <Register d2>, <Register d3>, <Register d4>, <Register d5>, <Register d6>, <Register d7>, <Register d8>, <Register d9>, <Register d10>, <Register d11>, <Register d12>, <Register d13>, <Register d14>, <Register d15>, <Register cpsr>, <Register fpscr>, <Register itstate>, <Register faultmask>, <Register faultmask_s>, <Register faultmask_ns>, <Register basepri>, <Register basepri_s>, <Register basepri_ns>, <Register primask>, <Register primask_s>, <Register primask_ns>, <Register iepsr>, <Register control>]¶
- uc_arch = None¶
- uc_mode = None¶
- uc_mode_thumb = None¶
- dwarf_registers: List[str] = ['r0', 'r1', 'r2', 'r3', 'r4', 'r5', 'r6', 'r7', 'r8', 'r9', 'r10', 'r11', 'r12', 'sp', 'lr', 'pc']¶
- property capstone_thumb¶
- property keystone_thumb¶
- class archinfo.ArchARMEL(endness=Endness.LE)[source]¶
Bases:
ArchARM
This is an architecture description for ARM EABI (armel). It targets a range of older 32-bit ARM devices without hardware FPUs.
- name: str = 'ARMEL'¶
- triplet: Optional[str] = 'arm-linux-gnueabi'¶
- ld_linux_name = 'ld-linux.so.3'¶
- elf_tls: Optional[TLSArchInfo] = (1, 8, [], [0], [], 0, 0)¶
- class archinfo.ArchARMHF(endness=Endness.LE)[source]¶
Bases:
ArchARM
This is an architecture description for the ARM hard-float (armhf). It supports at least an ARM 32-bit processor with ARMv7 architecture, Thumb-2 and VFP3D16.
- name: str = 'ARMHF'¶
- triplet: Optional[str] = 'arm-linux-gnueabihf'¶
- ld_linux_name = 'ld-linux-armhf.so.3'¶
- fp_ret_offset: Optional[RegisterOffset] = 128¶
- class archinfo.ArchAVR8(endness=Endness.LE)[source]¶
Bases:
Arch
- bits: int = 32¶
- vex_arch: Optional[str] = None¶
- name: str = 'AVR8'¶
- qemu_name: Optional[str] = 'avr'¶
- linux_name: Optional[str] = 'avr'¶
- triplet: Optional[str] = 'avr-linux-gnu'¶
- max_inst_bytes: int = 4¶
- instruction_alignment: Optional[int] = 2¶
- elf_tls: Optional[TLSArchInfo] = (1, 8, [], [0], [], 0, 0)¶
- class archinfo.ArchMIPS32(endness=Endness.BE)[source]¶
Bases:
Arch
- bits: int = 32¶
- vex_arch: Optional[str] = 'VexArchMIPS32'¶
- name: str = 'MIPS32'¶
- default_endness = 'Iend_BE'¶
- ida_processor: Optional[str] = 'mipsb'¶
- qemu_name: Optional[str] = 'mipsel'¶
- linux_name: Optional[str] = 'mipsel'¶
- triplet: Optional[str] = 'mipsel-linux-gnu'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 16¶
- syscall_num_offset = 16¶
- call_pushes_ret = False¶
- stack_change: int = -4¶
- branch_delay_slot = True¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 32, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- function_prologs: Set[bytes] = {b'[\\x00-\\xff][\\x00-\\xff]\\x1c\\x3c[\\x00-\\xff][\\x00-\\xff]\\x9c\\x27', b'[\\x00-\\xff]\\xff\\xbd\\x27'}¶
- function_epilogs: Set[bytes] = {b'[\\x00-\\xff]{2}\\xbf\\x8f([\\x00-\\xff]{4}){0,4}\\x08\\x00\\xe0\\x03'}¶
- ret_instruction = b'\x08\x00\xe0\x03%\x08 \x00'¶
- nop_instruction = b'\x00\x00\x00\x00'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register zero>, <Register at>, <Register v0>, <Register v1>, <Register a0>, <Register a1>, <Register a2>, <Register a3>, <Register t0>, <Register t1>, <Register t2>, <Register t3>, <Register t4>, <Register t5>, <Register t6>, <Register t7>, <Register s0>, <Register s1>, <Register s2>, <Register s3>, <Register s4>, <Register s5>, <Register s6>, <Register s7>, <Register t8>, <Register t9>, <Register k0>, <Register k1>, <Register gp>, <Register sp>, <Register s8>, <Register ra>, <Register pc>, <Register hi>, <Register lo>, <Register f0>, <Register f1>, <Register f2>, <Register f3>, <Register f4>, <Register f5>, <Register f6>, <Register f7>, <Register f8>, <Register f9>, <Register f10>, <Register f11>, <Register f12>, <Register f13>, <Register f14>, <Register f15>, <Register f16>, <Register f17>, <Register f18>, <Register f19>, <Register f20>, <Register f21>, <Register f22>, <Register f23>, <Register f24>, <Register f25>, <Register f26>, <Register f27>, <Register f28>, <Register f29>, <Register f30>, <Register f31>, <Register fir>, <Register fccr>, <Register fexr>, <Register fenr>, <Register fcsr>, <Register ulr>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register cond>, <Register dspcontrol>, <Register ac0>, <Register ac1>, <Register ac2>, <Register ac3>, <Register cp0_status>, <Register ip_at_syscall>]¶
- dynamic_tag_translation: Dict[int, str] = {1879048193: 'DT_MIPS_RLD_VERSION', 1879048194: 'DT_MIPS_TIME_STAMP', 1879048195: 'DT_MIPS_ICHECKSUM', 1879048196: 'DT_MIPS_IVERSION', 1879048197: 'DT_MIPS_FLAGS', 1879048198: 'DT_MIPS_BASE_ADDRESS', 1879048199: 'DT_MIPS_MSYM', 1879048200: 'DT_MIPS_CONFLICT', 1879048201: 'DT_MIPS_LIBLIST', 1879048202: 'DT_MIPS_LOCAL_GOTNO', 1879048203: 'DT_MIPS_CONFLICTNO', 1879048208: 'DT_MIPS_LIBLISTNO', 1879048209: 'DT_MIPS_SYMTABNO', 1879048210: 'DT_MIPS_UNREFEXTNO', 1879048211: 'DT_MIPS_GOTSYM', 1879048212: 'DT_MIPS_HIPAGENO', 1879048214: 'DT_MIPS_RLD_MAP', 1879048215: 'DT_MIPS_DELTA_CLASS', 1879048216: 'DT_MIPS_DELTA_CLASS_NO', 1879048217: 'DT_MIPS_DELTA_INSTANCE', 1879048218: 'DT_MIPS_DELTA_INSTANCE_NO', 1879048219: 'DT_MIPS_DELTA_RELOC', 1879048220: 'DT_MIPS_DELTA_RELOC_NO', 1879048221: 'DT_MIPS_DELTA_SYM', 1879048222: 'DT_MIPS_DELTA_SYM_NO', 1879048224: 'DT_MIPS_DELTA_CLASSSYM', 1879048225: 'DT_MIPS_DELTA_CLASSSYM_NO', 1879048226: 'DT_MIPS_CXX_FLAGS', 1879048227: 'DT_MIPS_PIXIE_INIT', 1879048228: 'DT_MIPS_SYMBOL_LIB', 1879048229: 'DT_MIPS_LOCALPAGE_GOTIDX', 1879048230: 'DT_MIPS_LOCAL_GOTIDX', 1879048231: 'DT_MIPS_HIDDEN_GOTIDX', 1879048232: 'DT_MIPS_PROTECTED_GOTIDX', 1879048233: 'DT_MIPS_OPTIONS', 1879048234: 'DT_MIPS_INTERFACE', 1879048235: 'DT_MIPS_DYNSTR_ALIGN', 1879048236: 'DT_MIPS_INTERFACE_SIZE', 1879048237: 'DT_MIPS_RLD_TEXT_RESOLVE_ADDR', 1879048238: 'DT_MIPS_PERF_SUFFIX', 1879048239: 'DT_MIPS_COMPACT_SIZE', 1879048240: 'DT_MIPS_GP_VALUE', 1879048241: 'DT_MIPS_AUX_DYNAMIC', 1879048242: 'DT_MIPS_PLTGOT'}¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 8, [], [0], [], 28672, 32768)¶
- dwarf_registers: List[str] = ['r0', 'r1', 'r2', 'r3', 'r4', 'r5', 'r6', 'r7', 'r8', 'r9', 'r10', 'r11', 'r12', 'r13', 'r14', 'r15', 'r16', 'r17', 'r18', 'r19', 'r20', 'r21', 'r22', 'r23', 'r24', 'r25', 'r26', 'r27', 'gp', 'sp', 's8', 'ra', 'f0', 'f1', 'f2', 'f3', 'f4', 'f5', 'f6', 'f7', 'f8', 'f9', 'f10', 'f11', 'f12', 'f13', 'f14', 'f15', 'f16', 'f17', 'f18', 'f19', 'f20', 'f21', 'f22', 'f23', 'f24', 'f25', 'f26', 'f27', 'f28', 'f29', 'f30', 'f31', 'hi', 'lo']¶
- class archinfo.ArchMIPS64(endness=Endness.BE)[source]¶
Bases:
Arch
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchMIPS64'¶
- name: str = 'MIPS64'¶
- default_endness = 'Iend_BE'¶
- qemu_name: Optional[str] = 'mips64el'¶
- ida_processor: Optional[str] = 'mips64'¶
- linux_name: Optional[str] = 'mips64el'¶
- triplet: Optional[str] = 'mips64el-linux-gnu'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 32¶
- syscall_register_offset = 16¶
- call_pushes_ret = False¶
- stack_change: int = -8¶
- branch_delay_slot = True¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- function_prologs: Set[bytes] = {}¶
- function_epilogs: Set[bytes] = {}¶
- ret_instruction = b'\x08\x00\xe0\x03%\x08 \x00'¶
- nop_instruction = b'\x00\x00\x00\x00'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register zero>, <Register at>, <Register v0>, <Register v1>, <Register a0>, <Register a1>, <Register a2>, <Register a3>, <Register t0>, <Register t1>, <Register t2>, <Register t3>, <Register t4>, <Register t5>, <Register t6>, <Register t7>, <Register s0>, <Register s1>, <Register s2>, <Register s3>, <Register s4>, <Register s5>, <Register s6>, <Register s7>, <Register t8>, <Register t9>, <Register k0>, <Register k1>, <Register gp>, <Register sp>, <Register s8>, <Register ra>, <Register pc>, <Register hi>, <Register lo>, <Register f0>, <Register f1>, <Register f2>, <Register f3>, <Register f4>, <Register f5>, <Register f6>, <Register f7>, <Register f8>, <Register f9>, <Register f10>, <Register f11>, <Register f12>, <Register f13>, <Register f14>, <Register f15>, <Register f16>, <Register f17>, <Register f18>, <Register f19>, <Register f20>, <Register f21>, <Register f22>, <Register f23>, <Register f24>, <Register f25>, <Register f26>, <Register f27>, <Register f28>, <Register f29>, <Register f30>, <Register f31>, <Register fir>, <Register fccr>, <Register fexr>, <Register fenr>, <Register fcsr>, <Register cp0_status>, <Register ulr>, <Register emnote>, <Register cond>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register ip_at_syscall>]¶
- dynamic_tag_translation: Dict[int, str] = {1879048193: 'DT_MIPS_RLD_VERSION', 1879048197: 'DT_MIPS_FLAGS', 1879048198: 'DT_MIPS_BASE_ADDRESS', 1879048202: 'DT_MIPS_LOCAL_GOTNO', 1879048209: 'DT_MIPS_SYMTABNO', 1879048210: 'DT_MIPS_UNREFEXTNO', 1879048211: 'DT_MIPS_GOTSYM', 1879048214: 'DT_MIPS_RLD_MAP'}¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 16, [], [0], [], 28672, 32768)¶
- class archinfo.ArchPPC32(endness=Endness.LE)[source]¶
Bases:
Arch
- bits: int = 32¶
- vex_arch: Optional[str] = 'VexArchPPC32'¶
- name: str = 'PPC32'¶
- qemu_name: Optional[str] = 'ppc'¶
- ida_processor: Optional[str] = 'ppc'¶
- linux_name: Optional[str] = 'ppc750'¶
- triplet: Optional[str] = 'powerpc-linux-gnu'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 28¶
- syscall_num_offset = 16¶
- call_pushes_ret = False¶
- stack_change: int = -4¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 32, 'long long': 64, 'short': 16}¶
- ret_instruction = b' \x00\x80N'¶
- nop_instruction = b'\x00\x00\x00`'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register gpr0>, <Register gpr1>, <Register gpr2>, <Register gpr3>, <Register gpr4>, <Register gpr5>, <Register gpr6>, <Register gpr7>, <Register gpr8>, <Register gpr9>, <Register gpr10>, <Register gpr11>, <Register gpr12>, <Register gpr13>, <Register gpr14>, <Register gpr15>, <Register gpr16>, <Register gpr17>, <Register gpr18>, <Register gpr19>, <Register gpr20>, <Register gpr21>, <Register gpr22>, <Register gpr23>, <Register gpr24>, <Register gpr25>, <Register gpr26>, <Register gpr27>, <Register gpr28>, <Register gpr29>, <Register gpr30>, <Register gpr31>, <Register vsr0>, <Register vsr1>, <Register vsr2>, <Register vsr3>, <Register vsr4>, <Register vsr5>, <Register vsr6>, <Register vsr7>, <Register vsr8>, <Register vsr9>, <Register vsr10>, <Register vsr11>, <Register vsr12>, <Register vsr13>, <Register vsr14>, <Register vsr15>, <Register vsr16>, <Register vsr17>, <Register vsr18>, <Register vsr19>, <Register vsr20>, <Register vsr21>, <Register vsr22>, <Register vsr23>, <Register vsr24>, <Register vsr25>, <Register vsr26>, <Register vsr27>, <Register vsr28>, <Register vsr29>, <Register vsr30>, <Register vsr31>, <Register vsr32>, <Register vsr33>, <Register vsr34>, <Register vsr35>, <Register vsr36>, <Register vsr37>, <Register vsr38>, <Register vsr39>, <Register vsr40>, <Register vsr41>, <Register vsr42>, <Register vsr43>, <Register vsr44>, <Register vsr45>, <Register vsr46>, <Register vsr47>, <Register vsr48>, <Register vsr49>, <Register vsr50>, <Register vsr51>, <Register vsr52>, <Register vsr53>, <Register vsr54>, <Register vsr55>, <Register vsr56>, <Register vsr57>, <Register vsr58>, <Register vsr59>, <Register vsr60>, <Register vsr61>, <Register vsr62>, <Register vsr63>, <Register cia>, <Register lr>, <Register ctr>, <Register xer_so>, <Register xer_ov>, <Register xer_ca>, <Register xer_bc>, <Register cr0_321>, <Register cr0_0>, <Register cr1_321>, <Register cr1_0>, <Register cr2_321>, <Register cr2_0>, <Register cr3_321>, <Register cr3_0>, <Register cr4_321>, <Register cr4_0>, <Register cr5_321>, <Register cr5_0>, <Register cr6_321>, <Register cr6_0>, <Register cr7_321>, <Register cr7_0>, <Register fpround>, <Register dfpround>, <Register c_fpcc>, <Register vrsave>, <Register vscr>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register nraddr_gpr2>, <Register redir_sp>, <Register redir_stack>, <Register ip_at_syscall>, <Register sprg3_ro>, <Register tfhar>, <Register texasr>, <Register tfiar>, <Register ppr>, <Register texasru>, <Register pspb>]¶
- function_prologs: Set[bytes] = {b'[\\x00-\\xff]{2}\\x21\\x94\\xa6\\x02\\x08\\x7c'}¶
- function_epilogs: Set[bytes] = {b'\\xa6\\x03[\\x00-\\xff]{2}([\\x00-\\xff]{4}){0,6}\\x20\\x00\\x80\\x4e'}¶
- got_section_name = '.plt'¶
- ld_linux_name = 'ld.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 52, [], [48], [], 28672, 32768)¶
- dwarf_registers: List[str] = ['gpr0', 'gpr1', 'gpr2', 'gpr3', 'gpr4', 'gpr5', 'gpr6', 'gpr7', 'gpr8', 'gpr9', 'gpr10', 'gpr11', 'gpr12', 'gpr13', 'gpr14', 'gpr15', 'gpr16', 'gpr17', 'gpr18', 'gpr19', 'gpr20', 'gpr21', 'gpr22', 'gpr23', 'gpr24', 'gpr25', 'gpr26', 'gpr27', 'gpr28', 'gpr29', 'gpr30', 'gpr31', 'vsr0', 'vsr1', 'vsr2', 'vsr3', 'vsr4', 'vsr5', 'vsr6', 'vsr7', 'vsr8', 'vsr9', 'vsr10', 'vsr11', 'vsr12', 'vsr13', 'vsr14', 'vsr15', 'vsr16', 'vsr17', 'vsr18', 'vsr19', 'vsr20', 'vsr21', 'vsr22', 'vsr23', 'vsr24', 'vsr25', 'vsr26', 'vsr27', 'vsr28', 'vsr29', 'vsr30', 'vsr31', 'cr', 'fpscr']¶
- class archinfo.ArchPPC64(endness=Endness.LE)[source]¶
Bases:
Arch
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchPPC64'¶
- name: str = 'PPC64'¶
- qemu_name: Optional[str] = 'ppc64'¶
- ida_processor: Optional[str] = 'ppc64'¶
- triplet: Optional[str] = 'powerpc64le-linux-gnu'¶
- linux_name: Optional[str] = 'ppc750'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 40¶
- syscall_num_offset = 16¶
- call_pushes_ret = False¶
- stack_change: int = -8¶
- initial_sp = 18446744073692774400¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- ret_instruction = b' \x00\x80N'¶
- nop_instruction = b'\x00\x00\x00`'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register gpr0>, <Register gpr1>, <Register gpr2>, <Register gpr3>, <Register gpr4>, <Register gpr5>, <Register gpr6>, <Register gpr7>, <Register gpr8>, <Register gpr9>, <Register gpr10>, <Register gpr11>, <Register gpr12>, <Register gpr13>, <Register gpr14>, <Register gpr15>, <Register gpr16>, <Register gpr17>, <Register gpr18>, <Register gpr19>, <Register gpr20>, <Register gpr21>, <Register gpr22>, <Register gpr23>, <Register gpr24>, <Register gpr25>, <Register gpr26>, <Register gpr27>, <Register gpr28>, <Register gpr29>, <Register gpr30>, <Register gpr31>, <Register vsr0>, <Register vsr1>, <Register vsr2>, <Register vsr3>, <Register vsr4>, <Register vsr5>, <Register vsr6>, <Register vsr7>, <Register vsr8>, <Register vsr9>, <Register vsr10>, <Register vsr11>, <Register vsr12>, <Register vsr13>, <Register vsr14>, <Register vsr15>, <Register vsr16>, <Register vsr17>, <Register vsr18>, <Register vsr19>, <Register vsr20>, <Register vsr21>, <Register vsr22>, <Register vsr23>, <Register vsr24>, <Register vsr25>, <Register vsr26>, <Register vsr27>, <Register vsr28>, <Register vsr29>, <Register vsr30>, <Register vsr31>, <Register vsr32>, <Register vsr33>, <Register vsr34>, <Register vsr35>, <Register vsr36>, <Register vsr37>, <Register vsr38>, <Register vsr39>, <Register vsr40>, <Register vsr41>, <Register vsr42>, <Register vsr43>, <Register vsr44>, <Register vsr45>, <Register vsr46>, <Register vsr47>, <Register vsr48>, <Register vsr49>, <Register vsr50>, <Register vsr51>, <Register vsr52>, <Register vsr53>, <Register vsr54>, <Register vsr55>, <Register vsr56>, <Register vsr57>, <Register vsr58>, <Register vsr59>, <Register vsr60>, <Register vsr61>, <Register vsr62>, <Register vsr63>, <Register cia>, <Register lr>, <Register ctr>, <Register xer_so>, <Register xer_ov>, <Register xer_ca>, <Register xer_bc>, <Register cr0_321>, <Register cr0_0>, <Register cr1_321>, <Register cr1_0>, <Register cr2_321>, <Register cr2_0>, <Register cr3_321>, <Register cr3_0>, <Register cr4_321>, <Register cr4_0>, <Register cr5_321>, <Register cr5_0>, <Register cr6_321>, <Register cr6_0>, <Register cr7_321>, <Register cr7_0>, <Register fpround>, <Register dfpround>, <Register c_fpcc>, <Register vrsave>, <Register vscr>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register nraddr_gpr2>, <Register redir_sp>, <Register redir_stack>, <Register ip_at_syscall>, <Register sprg3_ro>, <Register tfhar>, <Register texasr>, <Register tfiar>, <Register ppr>, <Register texasru>, <Register pspb>]¶
- dynamic_tag_translation: Dict[int, str] = {1879048192: 'DT_PPC64_GLINK', 1879048193: 'DT_PPC64_OPD', 1879048194: 'DT_PPC64_OPDSZ', 1879048195: 'DT_PPC64_OPT'}¶
- function_prologs: Set[bytes] = {b'[\\x00-\\xff]{2}\\x21\\x94\\xa6\\x02\\x08\\x7c'}¶
- function_epilogs: Set[bytes] = {b'\\xa6\\x03[\\x00-\\xff]{2}([\\x00-\\xff]{4}){0,6}\\x20\\x00\\x80\\x4e'}¶
- got_section_name = '.plt'¶
- ld_linux_name = 'ld64.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 92, [], [84], [], 28672, 32768)¶
- dwarf_registers: List[str] = ['gpr0', 'gpr1', 'gpr2', 'gpr3', 'gpr4', 'gpr5', 'gpr6', 'gpr7', 'gpr8', 'gpr9', 'gpr10', 'gpr11', 'gpr12', 'gpr13', 'gpr14', 'gpr15', 'gpr16', 'gpr17', 'gpr18', 'gpr19', 'gpr20', 'gpr21', 'gpr22', 'gpr23', 'gpr24', 'gpr25', 'gpr26', 'gpr27', 'gpr28', 'gpr29', 'gpr30', 'gpr31', 'vsr0', 'vsr1', 'vsr2', 'vsr3', 'vsr4', 'vsr5', 'vsr6', 'vsr7', 'vsr8', 'vsr9', 'vsr10', 'vsr11', 'vsr12', 'vsr13', 'vsr14', 'vsr15', 'vsr16', 'vsr17', 'vsr18', 'vsr19', 'vsr20', 'vsr21', 'vsr22', 'vsr23', 'vsr24', 'vsr25', 'vsr26', 'vsr27', 'vsr28', 'vsr29', 'vsr30', 'vsr31', 'cr', 'fpscr', 'msr', '<none>', '<none>', '<none>', 'sr0', 'sr1', 'sr2', 'sr3', 'sr4', 'sr5', 'sr6', 'sr7', 'sr8', 'sr9', 'sr10', 'sr11', 'sr12', 'sr13', 'sr14', 'sr15', 'sr16', 'sr17', 'sr18', 'sr19', 'sr20', 'sr21', 'sr22', 'sr23', 'sr24', 'sr25', 'sr26', 'sr27', 'sr28', 'sr29', 'sr30', 'sr31']¶
- class archinfo.ArchPcode(language)[source]¶
Bases:
Arch
archinfo interface to pypcode architectures. Provides minimal mapping for architectural info like register file map, endianness, bit width, etc.
- Parameters:
language (pypcode.ArchLanguage | str)
- class archinfo.ArchRISCV64(endness=Endness.LE)[source]¶
Bases:
Arch
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchRISCV64'¶
- name: str = 'RISCV64'¶
- qemu_name: Optional[str] = 'riscv64'¶
- linux_name: Optional[str] = 'riscv64'¶
- triplet: Optional[str] = 'riscv64-linux-gnu'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 4¶
- vex_conditional_helpers = True¶
- syscall_num_offset = 132¶
- call_pushes_ret = False¶
- memory_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
- instruction_endness = 'Iend_LE'¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- ret_instruction = b'\x00\x00\x80g'¶
- nop_instruction = b'\x00\x00\x00\x13'¶
- function_prologs: Set[bytes] = {}¶
- function_epilogs: Set[bytes] = {}¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register x0>, <Register x1>, <Register x2>, <Register x3>, <Register x4>, <Register x5>, <Register x6>, <Register x7>, <Register x8>, <Register x9>, <Register x10>, <Register x11>, <Register x12>, <Register x13>, <Register x14>, <Register x15>, <Register x16>, <Register x17>, <Register x18>, <Register x19>, <Register x20>, <Register x21>, <Register x22>, <Register x23>, <Register x24>, <Register x25>, <Register x26>, <Register x27>, <Register x28>, <Register x29>, <Register x30>, <Register x31>, <Register pc>, <Register f0>, <Register f1>, <Register f2>, <Register f3>, <Register f4>, <Register f5>, <Register f6>, <Register f7>, <Register f8>, <Register f9>, <Register f10>, <Register f11>, <Register f12>, <Register f13>, <Register f14>, <Register f15>, <Register f16>, <Register f17>, <Register f18>, <Register f19>, <Register f20>, <Register f21>, <Register f22>, <Register f23>, <Register f24>, <Register f25>, <Register f26>, <Register f27>, <Register f28>, <Register f29>, <Register f30>, <Register f31>, <Register ip_at_syscall>]¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld-linux-riscv64-lp64d.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 32, [], [0], [], 0, 0)¶
- class archinfo.ArchS390X(endness=Endness.BE)[source]¶
Bases:
Arch
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchS390X'¶
- name: str = 'S390X'¶
- default_endness = 'Iend_BE'¶
- qemu_name: Optional[str] = 's390x'¶
- triplet: Optional[str] = 's390x-linux-gnu'¶
- linux_name: Optional[str] = 's390'¶
- max_inst_bytes: int = 6¶
- ret_offset: Optional[RegisterOffset] = 584¶
- syscall_num_offset = 576¶
- call_pushes_ret = False¶
- stack_change: int = -8¶
- initial_sp = 4398046511104¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- ret_instruction = b'\x07\xf4'¶
- nop_instruction = b'\x07\x07'¶
- instruction_alignment: Optional[int] = 2¶
- register_list: List[Register] = [<Register ia>, <Register r0>, <Register r1>, <Register r2>, <Register r3>, <Register r4>, <Register r5>, <Register r6>, <Register r7>, <Register r8>, <Register r9>, <Register r10>, <Register r11>, <Register r12>, <Register r13>, <Register r14>, <Register r15>, <Register v0>, <Register v1>, <Register v2>, <Register v3>, <Register v4>, <Register v5>, <Register v6>, <Register v7>, <Register v8>, <Register v9>, <Register v10>, <Register v11>, <Register v12>, <Register v13>, <Register v14>, <Register v15>, <Register v16>, <Register v17>, <Register v18>, <Register v19>, <Register v20>, <Register v21>, <Register v22>, <Register v23>, <Register v24>, <Register v25>, <Register v26>, <Register v27>, <Register v28>, <Register v29>, <Register v30>, <Register v31>, <Register a0>, <Register a1>, <Register a2>, <Register a3>, <Register a4>, <Register a5>, <Register a6>, <Register a7>, <Register a8>, <Register a9>, <Register a10>, <Register a11>, <Register a12>, <Register a13>, <Register a14>, <Register a15>, <Register nraddr>, <Register cmstart>, <Register cmlen>, <Register ip_at_syscall>, <Register emnote>]¶
- function_prologs: Set[bytes] = {b'\\xeb.[\\xf0-\\xff]..\\x24'}¶
- function_epilogs: Set[bytes] = {b'\\x07\\xf4'}¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld64.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (2, 64, [0], [8], [16], 0, 0)¶
- dwarf_registers: List[str] = ['v0', 'v1', 'v2', 'v3', 'v4', 'v5', 'v6', 'v7', 'v8', 'v9', 'v10', 'v11', 'v12', 'v13', 'v14', 'v15', 'v16', 'v17', 'v18', 'v19', 'v20', 'v21', 'v22', 'v23', 'v24', 'v25', 'v26', 'v27', 'v28', 'v29', 'v30', 'v31', 'cr0', 'cr1', 'cr2', 'cr3', 'cr4', 'cr5', 'cr6', 'cr7', 'cr8', 'cr9', 'cr10', 'cr11', 'cr12', 'cr13', 'cr14', 'cr15', 'ar0', 'ar1', 'ar2', 'ar3', 'ar4', 'ar5', 'ar6', 'ar7', 'ar8', 'ar9', 'ar10', 'ar11', 'ar12', 'ar13', 'ar14', 'ar15', 'psw_mask', 'psw_address']¶
- class archinfo.ArchSoot(endness=Endness.LE)[source]¶
Bases:
Arch
- name: str = 'Soot'¶
- vex_arch: Optional[str] = None¶
- qemu_name: Optional[str] = None¶
- bits: int = 64¶
- address_types: Tuple[type, ...] = (<class 'archinfo.arch_soot.SootAddressDescriptor'>,)¶
- function_address_types: Tuple[type, ...] = (<class 'archinfo.arch_soot.SootMethodDescriptor'>,)¶
- sizeof: Dict[str, int] = {'boolean': 8, 'byte': 8, 'char': 16, 'double': 64, 'float': 32, 'int': 32, 'long': 64, 'short': 16}¶
- primitive_types = ['boolean', 'byte', 'char', 'short', 'int', 'long', 'float', 'double']¶
- sig_dict = {'B': 'byte', 'C': 'char', 'D': 'double', 'F': 'float', 'I': 'int', 'J': 'long', 'S': 'short', 'V': 'void', 'Z': 'boolean'}¶
- class archinfo.ArchX86(endness=Endness.LE)[source]¶
Bases:
Arch
- property capstone_x86_syntax¶
Get the current syntax Capstone uses for x86. It can be ‘intel’ or ‘at&t’
- Returns:
Capstone’s current x86 syntax
- Return type:
str
- property keystone_x86_syntax¶
Get the current syntax Keystone uses for x86. It can be ‘intel’, ‘at&t’, ‘nasm’, ‘masm’, ‘gas’ or ‘radix16’
- Returns:
Keystone’s current x86 syntax
- Return type:
str
- bits: int = 32¶
- vex_arch: Optional[str] = 'VexArchX86'¶
- name: str = 'X86'¶
- qemu_name: Optional[str] = 'i386'¶
- ida_processor: Optional[str] = 'metapc'¶
- linux_name: Optional[str] = 'i386'¶
- triplet: Optional[str] = 'i386-linux-gnu'¶
- max_inst_bytes: int = 15¶
- call_sp_fix = -4¶
- ret_offset: Optional[RegisterOffset] = 8¶
- vex_conditional_helpers = True¶
- syscall_num_offset = 8¶
- call_pushes_ret = True¶
- stack_change: int = -4¶
- memory_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 32, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- function_prologs: Set[bytes] = {b'(\\x81|\\x83)\\xec', b'[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{1,7}\\x83\\xec[\\x00-\\xff]{2,4}', b'[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{1,7}\\x8b[\\x00-\\xff]{2}', b'\\x55\\x57\\x56', b'\\x55\\x89\\xe5', b'\\x55\\x8b\\xec', b'\\x8b\\xff\\x55\\x8b\\xec', b'\\xb8[\\x00-\\xff]\\x00\\x00\\x00[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{0,7}\\x8b[\\x00-\\xff]{2}', b'\xf3\x0f\x1e\xfb(\\x81|\\x83)\\xec', b'\xf3\x0f\x1e\xfb[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{1,7}\\x83\\xec[\\x00-\\xff]{2,4}', b'\xf3\x0f\x1e\xfb[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{1,7}\\x8b[\\x00-\\xff]{2}', b'\xf3\x0f\x1e\xfb\\x55\\x57\\x56', b'\xf3\x0f\x1e\xfb\\x55\\x89\\xe5', b'\xf3\x0f\x1e\xfb\\x55\\x8b\\xec', b'\xf3\x0f\x1e\xfb\\x8b\\xff\\x55\\x8b\\xec', b'\xf3\x0f\x1e\xfb\\xb8[\\x00-\\xff]\\x00\\x00\\x00[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{0,7}\\x8b[\\x00-\\xff]{2}'}¶
- function_epilogs: Set[bytes] = {b'([^\\x41][\\x50-\\x5f]{1}|\\x41[\\x50-\\x5f])\\xc3', b'[^\\x48][\\x83,\\x81]\\xc4([\\x00-\\xff]{1}|[\\x00-\\xff]{4})\\xc3', b'\\xc9\\xc3'}¶
- ret_instruction = b'\xc3'¶
- nop_instruction = b'\x90'¶
- instruction_alignment: Optional[int] = 1¶
- register_list: List[Register] = [<Register eax>, <Register ecx>, <Register edx>, <Register ebx>, <Register esp>, <Register ebp>, <Register esi>, <Register edi>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register d>, <Register id>, <Register ac>, <Register eip>, <Register fpreg>, <Register fptag>, <Register fpround>, <Register fc3210>, <Register ftop>, <Register sseround>, <Register xmm0>, <Register xmm1>, <Register xmm2>, <Register xmm3>, <Register xmm4>, <Register xmm5>, <Register xmm6>, <Register xmm7>, <Register cs>, <Register ds>, <Register es>, <Register fs>, <Register gs>, <Register ss>, <Register ldt>, <Register gdt>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register sc_class>, <Register ip_at_syscall>]¶
- symbol_type_translation: Dict[Union[int, str], str] = {'STT_LOOS': 'STT_GNU_IFUNC', 10: 'STT_GNU_IFUNC'}¶
- lib_paths: List[str] = ['/lib32', '/usr/lib32']¶
- got_section_name = '.got.plt'¶
- ld_linux_name = 'ld-linux.so.2'¶
- elf_tls: Optional[TLSArchInfo] = (2, 56, [8], [4], [0], 0, 0)¶
- dwarf_registers: List[str] = ['eax', 'ecx', 'edx', 'ebx', 'esp', 'ebp', 'esi', 'edi', 'eip', 'eflags', '<none>', 'st0', 'st1', 'st2', 'st3', 'st4', 'st5', 'st6', 'st7', '<none>', '<none>', 'xmm0', 'xmm1', 'xmm2', 'xmm3', 'xmm4', 'xmm5', 'xmm6', 'xmm7', 'mm0', 'mm1', 'mm2', 'mm3', 'mm4', 'mm5', 'mm6', 'mm7', 'fcw', 'fsw', 'mxcsr', 'es', 'cs', 'ss', 'ds', 'fs', 'gs', '<none>', '<none>', 'tr', 'ldtr']¶
- class archinfo.Endness(value)[source]¶
Bases:
StrEnum
Endness specifies the byte order for integer values
- Variables:
LE – little endian, least significant byte is stored at lowest address
BE – big endian, most significant byte is stored at lowest address
ME – Middle-endian. Yep.
- LE = 'Iend_LE'¶
- BE = 'Iend_BE'¶
- ME = 'Iend_ME'¶
- ANY = 'any'¶
- UNSURE = 'unsure'¶
- class archinfo.Register(name, size, vex_offset=None, vex_name=None, subregisters=None, alias_names=None, general_purpose=False, floating_point=False, vector=False, argument=False, persistent=False, default_value=None, linux_entry_value=None, concretize_unique=False, concrete=True, artificial=False)[source]¶
Bases:
object
A collection of information about a register. Each different architecture has its own list of registers, which is the base for all other register-related collections.
It is, just like for Arch object, assumed that the information is compatible with PyVEX.
- Variables:
name (str) – The name of the register
size (int) – The size of the register (in bytes)
vex_offset (int) – The VEX offset used to identify this register
vex_name (str) – The name libVEX uses to identify the register
subregisters (list) – The list of subregisters in the form (name, offset from vex_offset, size)
alias_names (tuple) – The list of possible alias names
general_purpose (bool) – Whether this is a general purpose register
floating_point (bool) – Whether this is a floating-point register
vector (bool) – Whether this is a vector register
argument (bool) – Whether this is an argument register
persistent (bool) – Whether this is a persistent register
default_value (tuple) – The offset of the instruction pointer in the register file
linux_entry_value (int, str) – The offset of the instruction pointer in the register file
concretize_unique (bool) – Whether this register should be concretized, if unique, at the end of each block
concrete (bool) – Whether this register should be considered during the synchronization of the concrete execution of the process
artificial (bool) – Whether this register is an artificial register added by VEX IR or other ILs.
- archinfo.RegisterName¶
alias of
str
- class archinfo.RegisterOffset[source]¶
Bases:
int
A register offset is an integer that represents the offset of a register in VEX’s register memory space.
- archinfo.arch_from_id(ident, endness=Endness.ANY, bits='')[source]¶
Take our best guess at the arch referred to by the given identifier, and return an instance of its class.
You may optionally provide the
endness
andbits
parameters (strings) to help this function out.- Return type:
- Parameters:
ident (str)
- archinfo.register_arch(regexes, bits, endness, my_arch)[source]¶
Register a new architecture. Architectures are loaded by their string name using
arch_from_id()
, and this defines the mapping it uses to figure it out. Takes a list of regular expressions, and an Arch class as input.- Parameters:
regexes (list) – List of regular expressions (str or SRE_Pattern)
bits (int) – The canonical “bits” of this architecture, ex. 32 or 64
endness (str or None) – The “endness” of this architecture. Use Endness.LE, Endness.BE, Endness.ME, “any”, or None if the architecture has no intrinsic endianness.
my_arch (class)
- Returns:
None
Architectures¶
- class archinfo.arch.Register(name, size, vex_offset=None, vex_name=None, subregisters=None, alias_names=None, general_purpose=False, floating_point=False, vector=False, argument=False, persistent=False, default_value=None, linux_entry_value=None, concretize_unique=False, concrete=True, artificial=False)[source]¶
Bases:
object
A collection of information about a register. Each different architecture has its own list of registers, which is the base for all other register-related collections.
It is, just like for Arch object, assumed that the information is compatible with PyVEX.
- Variables:
name (str) – The name of the register
size (int) – The size of the register (in bytes)
vex_offset (int) – The VEX offset used to identify this register
vex_name (str) – The name libVEX uses to identify the register
subregisters (list) – The list of subregisters in the form (name, offset from vex_offset, size)
alias_names (tuple) – The list of possible alias names
general_purpose (bool) – Whether this is a general purpose register
floating_point (bool) – Whether this is a floating-point register
vector (bool) – Whether this is a vector register
argument (bool) – Whether this is an argument register
persistent (bool) – Whether this is a persistent register
default_value (tuple) – The offset of the instruction pointer in the register file
linux_entry_value (int, str) – The offset of the instruction pointer in the register file
concretize_unique (bool) – Whether this register should be concretized, if unique, at the end of each block
concrete (bool) – Whether this register should be considered during the synchronization of the concrete execution of the process
artificial (bool) – Whether this register is an artificial register added by VEX IR or other ILs.
- class archinfo.arch.Arch(endness, instruction_endness=None)[source]¶
Bases:
object
A collection of information about a given architecture. This class should be subclasses for each different architecture, and then that subclass should be registered with the
register_arch
method.A good number of assumptions are made that code is being processed under the VEX IR - for instance, it is expected the register file offsets are expected to match code generated by PyVEX.
Arches may be compared with == and !=.
- Variables:
name (str) – The name of the arch
bits (int) – The number of bits in a word
vex_arch (str) – The VEX enum name used to identify this arch
qemu_name (str) – The name used by QEMU to identify this arch
ida_processor (str) – The processor string used by IDA to identify this arch
triplet (str) – The triplet used to identify a linux system on this arch
max_inst_bytes (int) – The maximum number of bytes in a single instruction
ip_offset (int) – The offset of the instruction pointer in the register file
sp_offset (int) – The offset of the stack pointer in the register file
bp_offset (int) – The offset of the base pointer in the register file
lr_offset (int) – The offset of the link register (return address) in the register file
ret_offset (int) – The offset of the return value register in the register file
vex_conditional_helpers (bool) – Whether libVEX will generate code to process the conditional flags for this arch using ccalls
syscall_num_offset (int) – The offset in the register file where the syscall number is stored
call_pushes_ret (bool) – Whether this arch’s call instruction causes a stack push
stack_change (int) – The change to the stack pointer caused by a push instruction
memory_endness (str) – The endness of memory, as a VEX enum
register_endness (str) – The endness of registers, as a VEX enum. Should usually be same as above
instruction_endness (str) – The endness of instructions stored in memory. In other words, this controls whether instructions are stored endian-flipped compared to their description in the ISA manual, and should be flipped when lifted. Iend_BE means “don’t flip” NOTE: Only used for non-libVEX lifters.
sizeof (dict) – A mapping from C type to variable size in bits
cs_arch – The Capstone arch value for this arch
cs_mode – The Capstone mode value for this arch
ks_arch – The Keystone arch value for this arch
ks_mode – The Keystone mode value for this arch
uc_arch – The Unicorn engine arch value for this arch
uc_mode – The Unicorn engine mode value for this arch
uc_const – The Unicorn engine constants module for this arch
uc_prefix – The prefix used for variables in the Unicorn engine constants module
function_prologs (list) – A list of regular expressions matching the bytes for common function prologues
function_epilogs (list) – A list of regular expressions matching the bytes for common function epilogues
ret_instruction (str) – The bytes for a return instruction
nop_instruction (str) – The bytes for a nop instruction
instruction_alignment (int) – The instruction alignment requirement
default_register_values (list) – A weird listing describing how registers should be initialized for purposes of sanity
entry_register_values (dict) – A mapping from register name to a description of the value that should be in it at program entry on linux
default_symbolic_register (list) – Honestly, who knows what this is supposed to do. Fill it with the names of the general purpose registers.
register_names (dict) – A mapping from register file offset to register name
registers (dict) – A mapping from register name to a tuple of (register file offset, size in bytes)
lib_paths (list) – A listing of common locations where shared libraries for this architecture may be found
got_section_name (str) – The name of the GOT section in ELFs
ld_linux_name (str) – The name of the linux dynamic loader program
byte_width (int) – the number of bits in a byte.
elf_tls (TLSArchInfo) – A description of how thread-local storage works
dwarf_registers (List[str]) – A list of register names in the order specified in the DWARF specification of the corresponding arcitecture.
- byte_width = 8¶
-
elf_tls:
Optional
[TLSArchInfo
] = None¶
-
dwarf_registers:
List
[str
] = []¶
- instruction_endness = 'Iend_BE'¶
- get_register_by_name(reg_name)[source]¶
Return the Register object associated with the given name. This includes subregisters.
For example, if you are operating in a platform-independent setting, and wish to address “whatever the stack pointer is” you could pass ‘sp’ here, and get Register(…r13…) back on an ARM platform.
- struct_fmt(size=None, signed=False, endness=None)[source]¶
Produce a format string for use in python’s
struct
module to decode a single word.- Parameters:
size (int) – The size in bytes to pack/unpack. Defaults to wordsize
signed (bool) – Whether the data should be extracted signed/unsigned. Default unsigned
endness (str) – The endian to use in packing/unpacking. Defaults to memory endness
- Return str:
A format string with an endness modifier and a single format character
-
sizeof:
Dict
[str
,int
] = {}¶
- property capstone¶
A Capstone instance for this arch
- property keystone¶
A Keystone instance for this arch
- property unicorn¶
A Unicorn engine instance for this arch
- asm(string, addr=0, as_bytes=True, thumb=False)[source]¶
Compile the assembly instruction represented by string using Keystone
- Parameters:
string – The textual assembly instructions, separated by semicolons
addr – The address at which the text should be assembled, to deal with PC-relative access. Default 0
as_bytes – Set to False to return a list of integers instead of a python byte string
thumb – If working with an ARM processor, set to True to assemble in thumb mode.
- Returns:
The assembled bytecode
- get_base_register(offset, size=None)[source]¶
Convert a register or sub-register to its base register’s offset.
- Parameters:
offset (int) – The offset of the register to look up for.
size (int) – Size of the register.
- Returns:
Offset and size of the base register, or None if no base register is found.
- library_search_path(pedantic=False)[source]¶
A list of paths in which to search for shared libraries.
- m_addr(addr, *args, **kwargs)[source]¶
Given the address of some code block, convert it to the address where this block is stored in memory. The memory address can also be referred to as the “real” address.
- Parameters:
addr – The address to convert.
- Returns:
The “real” address in memory.
- Return type:
int
- x_addr(addr, *args, **kwargs)[source]¶
Given the address of some code block, convert it to the value that should be assigned to the instruction pointer register in order to execute the code in that block.
- Parameters:
addr – The address to convert.
- Returns:
The “execution” address.
- Return type:
int
- is_thumb(addr)[source]¶
Return True, if the address is the THUMB address. False otherwise.
For non-ARM architectures this method always returns False.
- Parameters:
addr – The address to check.
- Returns:
Whether the given address is the THUMB address.
- property vex_support¶
Whether the architecture is supported by VEX or not.
- Returns:
True if this Arch is supported by VEX, False otherwise.
- Return type:
bool
- property unicorn_support¶
Whether the architecture is supported by Unicorn engine or not,
- Returns:
True if this Arch is supported by the Unicorn engine, False otherwise.
- Return type:
bool
- property capstone_support¶
Whether the architecture is supported by the Capstone engine or not.
- Returns:
True if this Arch is supported by the Capstone engine, False otherwise.
- Return type:
bool
- property keystone_support¶
Whether the architecture is supported by the Keystone engine or not.
- Returns:
True if this Arch is supported by the Keystone engine, False otherwise.
- Return type:
bool
-
address_types:
Tuple
[type
,...
] = (<class 'int'>,)¶
-
function_address_types:
Tuple
[type
,...
] = (<class 'int'>,)¶
-
name:
str
¶
-
vex_arch:
Optional
[str
] = None¶
-
qemu_name:
Optional
[str
] = None¶
-
ida_processor:
Optional
[str
] = None¶
-
linux_name:
Optional
[str
] = None¶
-
triplet:
Optional
[str
] = None¶
-
max_inst_bytes:
int
¶
- ret_instruction = b''¶
- nop_instruction = b''¶
-
instruction_alignment:
Optional
[int
] = None¶
-
ip_offset:
Optional
[RegisterOffset
] = None¶
-
sp_offset:
Optional
[RegisterOffset
] = None¶
-
bp_offset:
Optional
[RegisterOffset
] = None¶
-
ret_offset:
Optional
[RegisterOffset
] = None¶
-
fp_ret_offset:
Optional
[RegisterOffset
] = None¶
-
lr_offset:
Optional
[RegisterOffset
] = None¶
- vex_conditional_helpers = False¶
-
bits:
int
¶
- memory_endness = 'Iend_LE'¶
- default_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
-
stack_change:
int
¶
- cache_irsb = True¶
- branch_delay_slot = False¶
-
function_prologs:
Set
[bytes
] = {}¶
-
function_epilogs:
Set
[bytes
] = {}¶
- cs_arch = None¶
- cs_mode = None¶
- ks_arch = None¶
- ks_mode = None¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
-
uc_prefix:
Optional
[str
] = None¶
- uc_regs = None¶
- artificial_registers_offsets = None¶
-
artificial_registers:
Set
[str
]¶
-
cpu_flag_register_offsets_and_bitmasks_map:
Dict
¶
-
reg_blacklist:
List
[str
] = ['fs', 'gs', 'cs', 'ds', 'es', 'fs', 'gs', 'ss', 'ldt', 'gdt']¶
-
reg_blacklist_offsets:
List
[RegisterOffset
] = [None, None, None, None, None, None, None, None, None, None]¶
- vex_to_unicorn_map = None¶
- vex_cc_regs = None¶
- call_pushes_ret = False¶
- initial_sp = 2147418112¶
- call_sp_fix = 0¶
- stack_size = 134217728¶
-
default_register_values:
List
= []¶
-
entry_register_values:
Dict
[str
,Any
] = {}¶
-
default_symbolic_registers:
List
[str
] = []¶
-
registers:
Dict
[str
,Tuple
[RegisterOffset
,int
]] = {}¶
-
register_names:
Dict
[RegisterOffset
,str
] = {}¶
-
argument_registers:
Set
[RegisterOffset
] = {}¶
-
argument_register_positions:
Dict
[str
,int
] = {}¶
-
persistent_regs:
List
[str
] = []¶
-
concretize_unique_registers:
Set
[RegisterOffset
] = {}¶
-
lib_paths:
List
[str
] = []¶
-
reloc_s_a:
List
[Any
] = []¶
-
reloc_b_a:
List
[Any
] = []¶
-
reloc_s:
List
[Any
] = []¶
-
reloc_copy:
List
[Any
] = []¶
-
reloc_tls_mod_id:
List
[Any
] = []¶
-
reloc_tls_doffset:
List
[Any
] = []¶
-
reloc_tls_offset:
List
[Any
] = []¶
-
dynamic_tag_translation:
Dict
[int
,str
] = {}¶
-
symbol_type_translation:
Dict
[Union
[int
,str
],str
] = {}¶
- got_section_name = ''¶
- vex_archinfo = None¶
- archinfo.arch.register_arch(regexes, bits, endness, my_arch)[source]¶
Register a new architecture. Architectures are loaded by their string name using
arch_from_id()
, and this defines the mapping it uses to figure it out. Takes a list of regular expressions, and an Arch class as input.- Parameters:
regexes (list) – List of regular expressions (str or SRE_Pattern)
bits (int) – The canonical “bits” of this architecture, ex. 32 or 64
endness (str or None) – The “endness” of this architecture. Use Endness.LE, Endness.BE, Endness.ME, “any”, or None if the architecture has no intrinsic endianness.
my_arch (class)
- Returns:
None
- archinfo.arch.arch_from_id(ident, endness=Endness.ANY, bits='')[source]¶
Take our best guess at the arch referred to by the given identifier, and return an instance of its class.
You may optionally provide the
endness
andbits
parameters (strings) to help this function out.- Return type:
- Parameters:
ident (str)
- class archinfo.arch_aarch64.ArchAArch64(endness=Endness.LE)[source]¶
Bases:
Arch
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchARM64'¶
- name: str = 'AARCH64'¶
- qemu_name: Optional[str] = 'aarch64'¶
- ida_processor: Optional[str] = 'arm'¶
- linux_name: Optional[str] = 'aarch64'¶
- triplet: Optional[str] = 'aarch64-linux-gnueabihf'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 16¶
- vex_conditional_helpers = True¶
- syscall_num_offset = 80¶
- call_pushes_ret = False¶
- stack_change: int = -8¶
- memory_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
- instruction_endness = 'Iend_LE'¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- initial_sp = 576460752303357952¶
- ret_instruction = b'\xc0\x03_\xd6'¶
- nop_instruction = b'\x1f \x03\xd5'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register x0>, <Register x1>, <Register x2>, <Register x3>, <Register x4>, <Register x5>, <Register x6>, <Register x7>, <Register x8>, <Register x9>, <Register x10>, <Register x11>, <Register x12>, <Register x13>, <Register x14>, <Register x15>, <Register x16>, <Register x17>, <Register x18>, <Register x19>, <Register x20>, <Register x21>, <Register x22>, <Register x23>, <Register x24>, <Register x25>, <Register x26>, <Register x27>, <Register x28>, <Register x29>, <Register x30>, <Register xsp>, <Register pc>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register tpidr_el0>, <Register q0>, <Register q1>, <Register q2>, <Register q3>, <Register q4>, <Register q5>, <Register q6>, <Register q7>, <Register q8>, <Register q9>, <Register q10>, <Register q11>, <Register q12>, <Register q13>, <Register q14>, <Register q15>, <Register q16>, <Register q17>, <Register q18>, <Register q19>, <Register q20>, <Register q21>, <Register q22>, <Register q23>, <Register q24>, <Register q25>, <Register q26>, <Register q27>, <Register q28>, <Register q29>, <Register q30>, <Register q31>, <Register qcflag>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register ip_at_syscall>, <Register fpcr>]¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld-linux-aarch64.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 32, [], [0], [], 0, 0)¶
- dwarf_registers: List[str] = ['x0', 'x1', 'x2', 'x3', 'x4', 'x5', 'x6', 'x7', 'x8', 'x9', 'x10', 'x11', 'x12', 'x13', 'x14', 'x15', 'x16', 'x17', 'x18', 'x19', 'x20', 'x21', 'x22', 'x23', 'x24', 'x25', 'x26', 'x27', 'x28', 'x29', 'x30', 'sp', '<none>', 'ELR_mode', 'RA_SIGN_STATE', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', '<none>', 'VG', 'FFR', 'p0', 'p1', 'p2', 'p3', 'p4', 'p5', 'p6', 'p7', 'p8', 'p9', 'p10', 'p11', 'p12', 'p13', 'p14', 'p15', 'v0', 'v1', 'v2', 'v3', 'v4', 'v5', 'v6', 'v7', 'v8', 'v9', 'v10', 'v11', 'v12', 'v13', 'v14', 'v15', 'v16', 'v17', 'v18', 'v19', 'v20', 'v21', 'v22', 'v23', 'v24', 'v25', 'v26', 'v27', 'v28', 'v29', 'v30', 'v31', 'z0', 'z1', 'z2', 'z3', 'z4', 'z5', 'z6', 'z7', 'z8', 'z9', 'z10', 'z11', 'z12', 'z13', 'z14', 'z15', 'z16', 'z17', 'z18', 'z19', 'z20', 'z21', 'z22', 'z23', 'z24', 'z25', 'z26', 'z27', 'z28', 'z29', 'z30', 'z31']¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- class archinfo.arch_amd64.ArchAMD64(endness=Endness.LE)[source]¶
Bases:
Arch
- property capstone_x86_syntax¶
The current syntax Capstone uses for x64. It can be ‘intel’ or ‘at&t’
- property keystone_x86_syntax¶
The current syntax Keystone uses for x86. It can be ‘intel’, ‘at&t’, ‘nasm’, ‘masm’, ‘gas’ or ‘radix16’
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchAMD64'¶
- vex_endness = 'VexEndnessLE'¶
- name: str = 'AMD64'¶
- qemu_name: Optional[str] = 'x86_64'¶
- ida_processor: Optional[str] = 'metapc'¶
- linux_name: Optional[str] = 'x86_64'¶
- triplet: Optional[str] = 'x86_64-linux-gnu'¶
- max_inst_bytes: int = 15¶
- ret_offset: Optional[RegisterOffset] = 16¶
- vex_conditional_helpers = True¶
- syscall_num_offset = 16¶
- call_pushes_ret = True¶
- stack_change: int = -8¶
- initial_sp = 576460752303357952¶
- call_sp_fix = -8¶
- memory_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- function_prologs: Set[bytes] = {b'\\x48[\\x83,\\x81]\\xec[\\x00-\\xff]', b'\\x55\\x48\\x89\\xe5', b'\xf3\x0f\x1e\xfa\\x48[\\x83,\\x81]\\xec[\\x00-\\xff]', b'\xf3\x0f\x1e\xfa\\x55\\x48\\x89\\xe5'}¶
- function_epilogs: Set[bytes] = {b'([^\\x41][\\x50-\\x5f]{1}|\\x41[\\x50-\\x5f])\\xc3', b'\\x48[\\x83,\\x81]\\xc4([\\x00-\\xff]{1}|[\\x00-\\xff]{4})\\xc3', b'\\xc9\\xc3'}¶
- ret_instruction = b'\xc3'¶
- nop_instruction = b'\x90'¶
- instruction_alignment: Optional[int] = 1¶
- register_list: List[Register] = [<Register rax>, <Register rcx>, <Register rdx>, <Register rbx>, <Register rsp>, <Register rbp>, <Register rsi>, <Register rdi>, <Register r8>, <Register r9>, <Register r10>, <Register r11>, <Register r12>, <Register r13>, <Register r14>, <Register r15>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register d>, <Register rip>, <Register ac>, <Register id>, <Register fs>, <Register sseround>, <Register cr0>, <Register cr2>, <Register cr3>, <Register cr4>, <Register cr8>, <Register ymm0>, <Register ymm1>, <Register ymm2>, <Register ymm3>, <Register ymm4>, <Register ymm5>, <Register ymm6>, <Register ymm7>, <Register ymm8>, <Register ymm9>, <Register ymm10>, <Register ymm11>, <Register ymm12>, <Register ymm13>, <Register ymm14>, <Register ymm15>, <Register ftop>, <Register fpreg>, <Register fptag>, <Register fpround>, <Register fc3210>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register gs>, <Register ip_at_syscall>, <Register cs_seg>, <Register ds_seg>, <Register es_seg>, <Register fs_seg>, <Register gs_seg>, <Register ss_seg>]¶
- dynamic_tag_translation: Dict[int, str] = {1879048192: 'DT_X86_64_PLT', 1879048193: 'DT_X86_64_PLTSZ', 1879048195: 'DT_X86_64_PLTENT'}¶
- symbol_type_translation: Dict[Union[int, str], str] = {'STT_LOOS': 'STT_GNU_IFUNC', 10: 'STT_GNU_IFUNC'}¶
- got_section_name = '.got.plt'¶
- ld_linux_name = 'ld-linux-x86-64.so.2'¶
- elf_tls: Optional[TLSArchInfo] = (2, 704, [16], [8], [0], 0, 0)¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- dwarf_registers: List[str] = ['rax', 'rdx', 'rcx', 'rbx', 'rsi', 'rdi', 'rbp', 'rsp', 'r8', 'r9', 'r10', 'r11', 'r12', 'r13', 'r14', 'r15', 'rip', 'xmm0', 'xmm1', 'xmm2', 'xmm3', 'xmm4', 'xmm5', 'xmm6', 'xmm7', 'xmm8', 'xmm9', 'xmm10', 'xmm11', 'xmm12', 'xmm13', 'xmm14', 'xmm15', 'st0', 'st1', 'st2', 'st3', 'st4', 'st5', 'st6', 'st7', 'mm0', 'mm1', 'mm2', 'mm3', 'mm4', 'mm5', 'mm6', 'mm7', 'rflags', 'es', 'cs', 'ss', 'ds', 'fs', 'gs', '<none>', '<none>', 'fs.base', 'gs.base', '<none>', '<none>', 'tr', 'ldtr', 'mxcsr', 'fcw', 'fsw']¶
- archinfo.arch_arm.get_real_address_if_arm(arch, addr)[source]¶
Obtain the real address of an instruction. ARM architectures are supported.
- Parameters:
arch (archinfo.Arch) – The Arch object.
addr (int) – The instruction address.
- Returns:
The real address of an instruction.
- Return type:
int
- class archinfo.arch_arm.ArchARM(endness=Endness.LE)[source]¶
Bases:
Arch
ARM architecture specific subclass
- property capstone_thumb¶
- property keystone_thumb¶
- property unicorn_thumb¶
- m_addr(addr, *args, **kwargs)[source]¶
Given the address of some code block, convert it to the address where this block is stored in memory. The memory address can also be referred to as the “real” address.
For ARM-architecture, the “real” address is always even (has its lowest bit clear).
- Parameters:
addr – The address to convert.
- Returns:
The “real” address in memory.
- Return type:
int
- x_addr(addr, thumb=None, *args, **kwargs)[source]¶
Given the address of some code block, convert it to the value that should be assigned to the instruction pointer register in order to execute the code in that block.
- Parameters:
addr – The address to convert.
thumb – Set this parameter to True if you want to convert the address into the THUMB form. Set this parameter to False if you want to convert the address into the ARM form. Set this parameter to None (default) if you want to keep the address as is.
- Returns:
The “execution” address.
- Return type:
int
- is_thumb(addr)[source]¶
Return True, if the address is the THUMB address. False otherwise.
- Parameters:
addr – The address to check.
- Returns:
Whether the given address is the THUMB address.
- bits: int = 32¶
- vex_arch: Optional[str] = 'VexArchARM'¶
- name: str = 'ARMEL'¶
- qemu_name: Optional[str] = 'arm'¶
- ida_processor: Optional[str] = 'armb'¶
- linux_name: Optional[str] = 'arm'¶
- triplet: Optional[str] = 'arm-linux-gnueabihf'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 8¶
- fp_ret_offset: Optional[RegisterOffset] = 8¶
- vex_conditional_helpers = True¶
- syscall_num_offset = 36¶
- call_pushes_ret = False¶
- stack_change: int = -4¶
- memory_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 32, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_mode_thumb = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- ret_instruction = b'\x1e\xff/\xe1'¶
- nop_instruction = b'\x00\x00\x00\x00'¶
- function_prologs: Set[bytes] = {b'\\r\\xc0\\xa0\\xe1[\\x00-\\xff][\\x40-\\x7f\\xc0-\\xff]\\x2d\\xe9', b'\\r\\xc0\\xa0\\xe1\\x04\\xe0\\x2d\\xe5', b'\\x04\\xe0\\x2d\\xe5'}¶
- thumb_prologs = {b'[\\x00-\\xff]\\x4b[\\x00-\\xff]\\x4a\\x7b\\x44\\x30\\xb5', b'[\\x00-\\xff]\\xb4\\x00\\xb5[\\x80-\\xff]\\xb0', b'[\\x00\\x08\\x10\\x30\\x38\\x70\\xf0\\xf8]\\xb5[\\x00-\\xff]\\x4c\\xa5\\x44', b'[\\x00\\x08\\x10\\x30\\x38\\x70\\xf0\\xf8]\\xb5[\\x03-\\x07\\x0c-\\x0f\\x1e-\\x1f]\\x46', b'[\\x00\\x10\\x30\\x70\\xf0][\\xb4\\xb5][\\x80-\\x8f\\xa3\\xa8]\\xb0', b'[\\x80-\\xff]\\xb0[\\x00-\\xff]\\x90', b'\\x08\\xb5\\x00[\\x22\\x23]', b'\\x2d\\xe9\\xb0\\x41', b'\\x2d\\xe9\\xf0[\\x41\\x43\\x46\\x47\\x4d\\x4f]', b'\\x2d\\xe9\\xf8[\\x43\\x46\\x4f]', b'\\x38\\xb5\\x40\\xf2\\x00\\x03\\xc0\\xf2\\x00\\x03', b'\\x80\\xb4[\\x80-\\xff]\\xb0'}¶
- function_epilogs: Set[bytes] = {b'[\\x00-\\xff]{2}\\xbd\\xe8\\x1e\\xff\\x2f\\xe1\\x04\\xe0\\x9d\\xe4\\x1e\\xff\\x2f\\xe1'}¶
- instruction_alignment: Optional[int] = 2¶
- register_list: List[Register] = [<Register r0>, <Register r1>, <Register r2>, <Register r3>, <Register r4>, <Register r5>, <Register r6>, <Register r7>, <Register r8>, <Register r9>, <Register r10>, <Register r11>, <Register r12>, <Register sp>, <Register lr>, <Register pc>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register qflag32>, <Register geflag0>, <Register geflag1>, <Register geflag2>, <Register geflag3>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register ip_at_syscall>, <Register d0>, <Register d1>, <Register d2>, <Register d3>, <Register d4>, <Register d5>, <Register d6>, <Register d7>, <Register d8>, <Register d9>, <Register d10>, <Register d11>, <Register d12>, <Register d13>, <Register d14>, <Register d15>, <Register d16>, <Register d17>, <Register d18>, <Register d19>, <Register d20>, <Register d21>, <Register d22>, <Register d23>, <Register d24>, <Register d25>, <Register d26>, <Register d27>, <Register d28>, <Register d29>, <Register d30>, <Register d31>, <Register fpscr>, <Register tpidruro>, <Register itstate>]¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld-linux.so.3'¶
- elf_tls: Optional[TLSArchInfo] = (1, 8, [], [0], [], 0, 0)¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- class archinfo.arch_arm.ArchARMHF(endness=Endness.LE)[source]¶
Bases:
ArchARM
This is an architecture description for the ARM hard-float (armhf). It supports at least an ARM 32-bit processor with ARMv7 architecture, Thumb-2 and VFP3D16.
- name: str = 'ARMHF'¶
- triplet: Optional[str] = 'arm-linux-gnueabihf'¶
- ld_linux_name = 'ld-linux-armhf.so.3'¶
- fp_ret_offset: Optional[RegisterOffset] = 128¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- class archinfo.arch_arm.ArchARMEL(endness=Endness.LE)[source]¶
Bases:
ArchARM
This is an architecture description for ARM EABI (armel). It targets a range of older 32-bit ARM devices without hardware FPUs.
- name: str = 'ARMEL'¶
- triplet: Optional[str] = 'arm-linux-gnueabi'¶
- ld_linux_name = 'ld-linux.so.3'¶
- elf_tls: Optional[TLSArchInfo] = (1, 8, [], [0], [], 0, 0)¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- class archinfo.arch_arm.ArchARMCortexM(*args, **kwargs)[source]¶
Bases:
ArchARMEL
This is an architecture description for ARM Cortex-M microcontroller-class CPUs.
These CPUs have the following unusual / annoying distinctions from their relatives: - Explicitly only support the Thumb-2 instruction set. Executing with the T-bit off causes the processor to fault instantly - Always little-endian - Coprocessors? Nope, none of that rubbish - Well-known standard memory map across all devices - Rarely use an MPU, even though this does exist on some devices - A built-in “NVIC” (Nested Vectored Interrupt Controller) as part of the standard. - Standardized “blob format” including the IVT, with initial SP and entry prepended - Usually don’t run an OS (SimLinux? No thanks) - As part of the above, handle syscalls (SVC) instructions through an interrupt (now called PendSV) Uses its own fancy stack layout for this, which (UGH) varies by sub-sub-architecture - Some fancy instructions normally never seen in other uses of Thumb (CPSID, CPSIE, WFI, MRS.W, MSR.W) - New registers, namely: * FAULTMASK * PRIMASK * BASEPRI * CONTROL * SP, banked as PSP or MSP * PSR, now just one PSR, with a few meta-registers APSR, IPSR, and EPSR which take a chunk of that each
- name: str = 'ARMCortexM'¶
- triplet: Optional[str] = 'arm-none-eabi'¶
- function_prologs: Set[bytes] = {}¶
- thumb_prologs = {b'[\\x00-\\xff]\\xb5', b'\\x2d\\xe9[\\x00-\\xff][\\x00-\\xff]'}¶
- function_epilogs: Set[bytes] = {b'[\\x00-\\xff]\\xbd'}¶
- register_list: List[Register] = [<Register r0>, <Register r1>, <Register r2>, <Register r3>, <Register r4>, <Register r5>, <Register r6>, <Register r7>, <Register r8>, <Register r9>, <Register r10>, <Register r11>, <Register r12>, <Register sp>, <Register lr>, <Register pc>, <Register msp>, <Register msp_s>, <Register msp_ns>, <Register psp>, <Register psp_s>, <Register psp_ns>, <Register msplim>, <Register msplim_s>, <Register msplim_ns>, <Register msplim_ns>, <Register sp_process>, <Register sp_process_s>, <Register sp_process_ns>, <Register sp_main>, <Register sp_main_s>, <Register sp_main_ns>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register qflag32>, <Register ip_at_syscall>, <Register d0>, <Register d1>, <Register d2>, <Register d3>, <Register d4>, <Register d5>, <Register d6>, <Register d7>, <Register d8>, <Register d9>, <Register d10>, <Register d11>, <Register d12>, <Register d13>, <Register d14>, <Register d15>, <Register cpsr>, <Register fpscr>, <Register itstate>, <Register faultmask>, <Register faultmask_s>, <Register faultmask_ns>, <Register basepri>, <Register basepri_s>, <Register basepri_ns>, <Register primask>, <Register primask_s>, <Register primask_ns>, <Register iepsr>, <Register control>]¶
- uc_arch = None¶
- uc_mode = None¶
- uc_mode_thumb = None¶
- dwarf_registers: List[str] = ['r0', 'r1', 'r2', 'r3', 'r4', 'r5', 'r6', 'r7', 'r8', 'r9', 'r10', 'r11', 'r12', 'sp', 'lr', 'pc']¶
- property capstone_thumb¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- property keystone_thumb¶
- class archinfo.arch_avr.ArchAVR8(endness=Endness.LE)[source]¶
Bases:
Arch
- bits: int = 32¶
- vex_arch: Optional[str] = None¶
- name: str = 'AVR8'¶
- qemu_name: Optional[str] = 'avr'¶
- linux_name: Optional[str] = 'avr'¶
- triplet: Optional[str] = 'avr-linux-gnu'¶
- max_inst_bytes: int = 4¶
- instruction_alignment: Optional[int] = 2¶
- elf_tls: Optional[TLSArchInfo] = (1, 8, [], [0], [], 0, 0)¶
- stack_change: int¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- class archinfo.arch_mips32.ArchMIPS32(endness=Endness.BE)[source]¶
Bases:
Arch
- bits: int = 32¶
- vex_arch: Optional[str] = 'VexArchMIPS32'¶
- name: str = 'MIPS32'¶
- default_endness = 'Iend_BE'¶
- ida_processor: Optional[str] = 'mipsb'¶
- qemu_name: Optional[str] = 'mipsel'¶
- linux_name: Optional[str] = 'mipsel'¶
- triplet: Optional[str] = 'mipsel-linux-gnu'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 16¶
- syscall_num_offset = 16¶
- call_pushes_ret = False¶
- stack_change: int = -4¶
- branch_delay_slot = True¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 32, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- function_prologs: Set[bytes] = {b'[\\x00-\\xff][\\x00-\\xff]\\x1c\\x3c[\\x00-\\xff][\\x00-\\xff]\\x9c\\x27', b'[\\x00-\\xff]\\xff\\xbd\\x27'}¶
- function_epilogs: Set[bytes] = {b'[\\x00-\\xff]{2}\\xbf\\x8f([\\x00-\\xff]{4}){0,4}\\x08\\x00\\xe0\\x03'}¶
- ret_instruction = b'\x08\x00\xe0\x03%\x08 \x00'¶
- nop_instruction = b'\x00\x00\x00\x00'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register zero>, <Register at>, <Register v0>, <Register v1>, <Register a0>, <Register a1>, <Register a2>, <Register a3>, <Register t0>, <Register t1>, <Register t2>, <Register t3>, <Register t4>, <Register t5>, <Register t6>, <Register t7>, <Register s0>, <Register s1>, <Register s2>, <Register s3>, <Register s4>, <Register s5>, <Register s6>, <Register s7>, <Register t8>, <Register t9>, <Register k0>, <Register k1>, <Register gp>, <Register sp>, <Register s8>, <Register ra>, <Register pc>, <Register hi>, <Register lo>, <Register f0>, <Register f1>, <Register f2>, <Register f3>, <Register f4>, <Register f5>, <Register f6>, <Register f7>, <Register f8>, <Register f9>, <Register f10>, <Register f11>, <Register f12>, <Register f13>, <Register f14>, <Register f15>, <Register f16>, <Register f17>, <Register f18>, <Register f19>, <Register f20>, <Register f21>, <Register f22>, <Register f23>, <Register f24>, <Register f25>, <Register f26>, <Register f27>, <Register f28>, <Register f29>, <Register f30>, <Register f31>, <Register fir>, <Register fccr>, <Register fexr>, <Register fenr>, <Register fcsr>, <Register ulr>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register cond>, <Register dspcontrol>, <Register ac0>, <Register ac1>, <Register ac2>, <Register ac3>, <Register cp0_status>, <Register ip_at_syscall>]¶
- dynamic_tag_translation: Dict[int, str] = {1879048193: 'DT_MIPS_RLD_VERSION', 1879048194: 'DT_MIPS_TIME_STAMP', 1879048195: 'DT_MIPS_ICHECKSUM', 1879048196: 'DT_MIPS_IVERSION', 1879048197: 'DT_MIPS_FLAGS', 1879048198: 'DT_MIPS_BASE_ADDRESS', 1879048199: 'DT_MIPS_MSYM', 1879048200: 'DT_MIPS_CONFLICT', 1879048201: 'DT_MIPS_LIBLIST', 1879048202: 'DT_MIPS_LOCAL_GOTNO', 1879048203: 'DT_MIPS_CONFLICTNO', 1879048208: 'DT_MIPS_LIBLISTNO', 1879048209: 'DT_MIPS_SYMTABNO', 1879048210: 'DT_MIPS_UNREFEXTNO', 1879048211: 'DT_MIPS_GOTSYM', 1879048212: 'DT_MIPS_HIPAGENO', 1879048214: 'DT_MIPS_RLD_MAP', 1879048215: 'DT_MIPS_DELTA_CLASS', 1879048216: 'DT_MIPS_DELTA_CLASS_NO', 1879048217: 'DT_MIPS_DELTA_INSTANCE', 1879048218: 'DT_MIPS_DELTA_INSTANCE_NO', 1879048219: 'DT_MIPS_DELTA_RELOC', 1879048220: 'DT_MIPS_DELTA_RELOC_NO', 1879048221: 'DT_MIPS_DELTA_SYM', 1879048222: 'DT_MIPS_DELTA_SYM_NO', 1879048224: 'DT_MIPS_DELTA_CLASSSYM', 1879048225: 'DT_MIPS_DELTA_CLASSSYM_NO', 1879048226: 'DT_MIPS_CXX_FLAGS', 1879048227: 'DT_MIPS_PIXIE_INIT', 1879048228: 'DT_MIPS_SYMBOL_LIB', 1879048229: 'DT_MIPS_LOCALPAGE_GOTIDX', 1879048230: 'DT_MIPS_LOCAL_GOTIDX', 1879048231: 'DT_MIPS_HIDDEN_GOTIDX', 1879048232: 'DT_MIPS_PROTECTED_GOTIDX', 1879048233: 'DT_MIPS_OPTIONS', 1879048234: 'DT_MIPS_INTERFACE', 1879048235: 'DT_MIPS_DYNSTR_ALIGN', 1879048236: 'DT_MIPS_INTERFACE_SIZE', 1879048237: 'DT_MIPS_RLD_TEXT_RESOLVE_ADDR', 1879048238: 'DT_MIPS_PERF_SUFFIX', 1879048239: 'DT_MIPS_COMPACT_SIZE', 1879048240: 'DT_MIPS_GP_VALUE', 1879048241: 'DT_MIPS_AUX_DYNAMIC', 1879048242: 'DT_MIPS_PLTGOT'}¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 8, [], [0], [], 28672, 32768)¶
- dwarf_registers: List[str] = ['r0', 'r1', 'r2', 'r3', 'r4', 'r5', 'r6', 'r7', 'r8', 'r9', 'r10', 'r11', 'r12', 'r13', 'r14', 'r15', 'r16', 'r17', 'r18', 'r19', 'r20', 'r21', 'r22', 'r23', 'r24', 'r25', 'r26', 'r27', 'gp', 'sp', 's8', 'ra', 'f0', 'f1', 'f2', 'f3', 'f4', 'f5', 'f6', 'f7', 'f8', 'f9', 'f10', 'f11', 'f12', 'f13', 'f14', 'f15', 'f16', 'f17', 'f18', 'f19', 'f20', 'f21', 'f22', 'f23', 'f24', 'f25', 'f26', 'f27', 'f28', 'f29', 'f30', 'f31', 'hi', 'lo']¶
- class archinfo.arch_mips64.ArchMIPS64(endness=Endness.BE)[source]¶
Bases:
Arch
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchMIPS64'¶
- name: str = 'MIPS64'¶
- default_endness = 'Iend_BE'¶
- qemu_name: Optional[str] = 'mips64el'¶
- ida_processor: Optional[str] = 'mips64'¶
- linux_name: Optional[str] = 'mips64el'¶
- triplet: Optional[str] = 'mips64el-linux-gnu'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 32¶
- syscall_register_offset = 16¶
- call_pushes_ret = False¶
- stack_change: int = -8¶
- branch_delay_slot = True¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- function_prologs: Set[bytes] = {}¶
- function_epilogs: Set[bytes] = {}¶
- ret_instruction = b'\x08\x00\xe0\x03%\x08 \x00'¶
- nop_instruction = b'\x00\x00\x00\x00'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register zero>, <Register at>, <Register v0>, <Register v1>, <Register a0>, <Register a1>, <Register a2>, <Register a3>, <Register t0>, <Register t1>, <Register t2>, <Register t3>, <Register t4>, <Register t5>, <Register t6>, <Register t7>, <Register s0>, <Register s1>, <Register s2>, <Register s3>, <Register s4>, <Register s5>, <Register s6>, <Register s7>, <Register t8>, <Register t9>, <Register k0>, <Register k1>, <Register gp>, <Register sp>, <Register s8>, <Register ra>, <Register pc>, <Register hi>, <Register lo>, <Register f0>, <Register f1>, <Register f2>, <Register f3>, <Register f4>, <Register f5>, <Register f6>, <Register f7>, <Register f8>, <Register f9>, <Register f10>, <Register f11>, <Register f12>, <Register f13>, <Register f14>, <Register f15>, <Register f16>, <Register f17>, <Register f18>, <Register f19>, <Register f20>, <Register f21>, <Register f22>, <Register f23>, <Register f24>, <Register f25>, <Register f26>, <Register f27>, <Register f28>, <Register f29>, <Register f30>, <Register f31>, <Register fir>, <Register fccr>, <Register fexr>, <Register fenr>, <Register fcsr>, <Register cp0_status>, <Register ulr>, <Register emnote>, <Register cond>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register ip_at_syscall>]¶
- dynamic_tag_translation: Dict[int, str] = {1879048193: 'DT_MIPS_RLD_VERSION', 1879048197: 'DT_MIPS_FLAGS', 1879048198: 'DT_MIPS_BASE_ADDRESS', 1879048202: 'DT_MIPS_LOCAL_GOTNO', 1879048209: 'DT_MIPS_SYMTABNO', 1879048210: 'DT_MIPS_UNREFEXTNO', 1879048211: 'DT_MIPS_GOTSYM', 1879048214: 'DT_MIPS_RLD_MAP'}¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 16, [], [0], [], 28672, 32768)¶
- class archinfo.arch_ppc32.ArchPPC32(endness=Endness.LE)[source]¶
Bases:
Arch
- bits: int = 32¶
- vex_arch: Optional[str] = 'VexArchPPC32'¶
- name: str = 'PPC32'¶
- qemu_name: Optional[str] = 'ppc'¶
- ida_processor: Optional[str] = 'ppc'¶
- linux_name: Optional[str] = 'ppc750'¶
- triplet: Optional[str] = 'powerpc-linux-gnu'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 28¶
- syscall_num_offset = 16¶
- call_pushes_ret = False¶
- stack_change: int = -4¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 32, 'long long': 64, 'short': 16}¶
- ret_instruction = b' \x00\x80N'¶
- nop_instruction = b'\x00\x00\x00`'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register gpr0>, <Register gpr1>, <Register gpr2>, <Register gpr3>, <Register gpr4>, <Register gpr5>, <Register gpr6>, <Register gpr7>, <Register gpr8>, <Register gpr9>, <Register gpr10>, <Register gpr11>, <Register gpr12>, <Register gpr13>, <Register gpr14>, <Register gpr15>, <Register gpr16>, <Register gpr17>, <Register gpr18>, <Register gpr19>, <Register gpr20>, <Register gpr21>, <Register gpr22>, <Register gpr23>, <Register gpr24>, <Register gpr25>, <Register gpr26>, <Register gpr27>, <Register gpr28>, <Register gpr29>, <Register gpr30>, <Register gpr31>, <Register vsr0>, <Register vsr1>, <Register vsr2>, <Register vsr3>, <Register vsr4>, <Register vsr5>, <Register vsr6>, <Register vsr7>, <Register vsr8>, <Register vsr9>, <Register vsr10>, <Register vsr11>, <Register vsr12>, <Register vsr13>, <Register vsr14>, <Register vsr15>, <Register vsr16>, <Register vsr17>, <Register vsr18>, <Register vsr19>, <Register vsr20>, <Register vsr21>, <Register vsr22>, <Register vsr23>, <Register vsr24>, <Register vsr25>, <Register vsr26>, <Register vsr27>, <Register vsr28>, <Register vsr29>, <Register vsr30>, <Register vsr31>, <Register vsr32>, <Register vsr33>, <Register vsr34>, <Register vsr35>, <Register vsr36>, <Register vsr37>, <Register vsr38>, <Register vsr39>, <Register vsr40>, <Register vsr41>, <Register vsr42>, <Register vsr43>, <Register vsr44>, <Register vsr45>, <Register vsr46>, <Register vsr47>, <Register vsr48>, <Register vsr49>, <Register vsr50>, <Register vsr51>, <Register vsr52>, <Register vsr53>, <Register vsr54>, <Register vsr55>, <Register vsr56>, <Register vsr57>, <Register vsr58>, <Register vsr59>, <Register vsr60>, <Register vsr61>, <Register vsr62>, <Register vsr63>, <Register cia>, <Register lr>, <Register ctr>, <Register xer_so>, <Register xer_ov>, <Register xer_ca>, <Register xer_bc>, <Register cr0_321>, <Register cr0_0>, <Register cr1_321>, <Register cr1_0>, <Register cr2_321>, <Register cr2_0>, <Register cr3_321>, <Register cr3_0>, <Register cr4_321>, <Register cr4_0>, <Register cr5_321>, <Register cr5_0>, <Register cr6_321>, <Register cr6_0>, <Register cr7_321>, <Register cr7_0>, <Register fpround>, <Register dfpround>, <Register c_fpcc>, <Register vrsave>, <Register vscr>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register nraddr_gpr2>, <Register redir_sp>, <Register redir_stack>, <Register ip_at_syscall>, <Register sprg3_ro>, <Register tfhar>, <Register texasr>, <Register tfiar>, <Register ppr>, <Register texasru>, <Register pspb>]¶
- function_prologs: Set[bytes] = {b'[\\x00-\\xff]{2}\\x21\\x94\\xa6\\x02\\x08\\x7c'}¶
- function_epilogs: Set[bytes] = {b'\\xa6\\x03[\\x00-\\xff]{2}([\\x00-\\xff]{4}){0,6}\\x20\\x00\\x80\\x4e'}¶
- got_section_name = '.plt'¶
- ld_linux_name = 'ld.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (1, 52, [], [48], [], 28672, 32768)¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- dwarf_registers: List[str] = ['gpr0', 'gpr1', 'gpr2', 'gpr3', 'gpr4', 'gpr5', 'gpr6', 'gpr7', 'gpr8', 'gpr9', 'gpr10', 'gpr11', 'gpr12', 'gpr13', 'gpr14', 'gpr15', 'gpr16', 'gpr17', 'gpr18', 'gpr19', 'gpr20', 'gpr21', 'gpr22', 'gpr23', 'gpr24', 'gpr25', 'gpr26', 'gpr27', 'gpr28', 'gpr29', 'gpr30', 'gpr31', 'vsr0', 'vsr1', 'vsr2', 'vsr3', 'vsr4', 'vsr5', 'vsr6', 'vsr7', 'vsr8', 'vsr9', 'vsr10', 'vsr11', 'vsr12', 'vsr13', 'vsr14', 'vsr15', 'vsr16', 'vsr17', 'vsr18', 'vsr19', 'vsr20', 'vsr21', 'vsr22', 'vsr23', 'vsr24', 'vsr25', 'vsr26', 'vsr27', 'vsr28', 'vsr29', 'vsr30', 'vsr31', 'cr', 'fpscr']¶
- class archinfo.arch_ppc64.ArchPPC64(endness=Endness.LE)[source]¶
Bases:
Arch
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchPPC64'¶
- name: str = 'PPC64'¶
- qemu_name: Optional[str] = 'ppc64'¶
- ida_processor: Optional[str] = 'ppc64'¶
- triplet: Optional[str] = 'powerpc64le-linux-gnu'¶
- linux_name: Optional[str] = 'ppc750'¶
- max_inst_bytes: int = 4¶
- ret_offset: Optional[RegisterOffset] = 40¶
- syscall_num_offset = 16¶
- call_pushes_ret = False¶
- stack_change: int = -8¶
- initial_sp = 18446744073692774400¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- ret_instruction = b' \x00\x80N'¶
- nop_instruction = b'\x00\x00\x00`'¶
- instruction_alignment: Optional[int] = 4¶
- register_list: List[Register] = [<Register gpr0>, <Register gpr1>, <Register gpr2>, <Register gpr3>, <Register gpr4>, <Register gpr5>, <Register gpr6>, <Register gpr7>, <Register gpr8>, <Register gpr9>, <Register gpr10>, <Register gpr11>, <Register gpr12>, <Register gpr13>, <Register gpr14>, <Register gpr15>, <Register gpr16>, <Register gpr17>, <Register gpr18>, <Register gpr19>, <Register gpr20>, <Register gpr21>, <Register gpr22>, <Register gpr23>, <Register gpr24>, <Register gpr25>, <Register gpr26>, <Register gpr27>, <Register gpr28>, <Register gpr29>, <Register gpr30>, <Register gpr31>, <Register vsr0>, <Register vsr1>, <Register vsr2>, <Register vsr3>, <Register vsr4>, <Register vsr5>, <Register vsr6>, <Register vsr7>, <Register vsr8>, <Register vsr9>, <Register vsr10>, <Register vsr11>, <Register vsr12>, <Register vsr13>, <Register vsr14>, <Register vsr15>, <Register vsr16>, <Register vsr17>, <Register vsr18>, <Register vsr19>, <Register vsr20>, <Register vsr21>, <Register vsr22>, <Register vsr23>, <Register vsr24>, <Register vsr25>, <Register vsr26>, <Register vsr27>, <Register vsr28>, <Register vsr29>, <Register vsr30>, <Register vsr31>, <Register vsr32>, <Register vsr33>, <Register vsr34>, <Register vsr35>, <Register vsr36>, <Register vsr37>, <Register vsr38>, <Register vsr39>, <Register vsr40>, <Register vsr41>, <Register vsr42>, <Register vsr43>, <Register vsr44>, <Register vsr45>, <Register vsr46>, <Register vsr47>, <Register vsr48>, <Register vsr49>, <Register vsr50>, <Register vsr51>, <Register vsr52>, <Register vsr53>, <Register vsr54>, <Register vsr55>, <Register vsr56>, <Register vsr57>, <Register vsr58>, <Register vsr59>, <Register vsr60>, <Register vsr61>, <Register vsr62>, <Register vsr63>, <Register cia>, <Register lr>, <Register ctr>, <Register xer_so>, <Register xer_ov>, <Register xer_ca>, <Register xer_bc>, <Register cr0_321>, <Register cr0_0>, <Register cr1_321>, <Register cr1_0>, <Register cr2_321>, <Register cr2_0>, <Register cr3_321>, <Register cr3_0>, <Register cr4_321>, <Register cr4_0>, <Register cr5_321>, <Register cr5_0>, <Register cr6_321>, <Register cr6_0>, <Register cr7_321>, <Register cr7_0>, <Register fpround>, <Register dfpround>, <Register c_fpcc>, <Register vrsave>, <Register vscr>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register nraddr_gpr2>, <Register redir_sp>, <Register redir_stack>, <Register ip_at_syscall>, <Register sprg3_ro>, <Register tfhar>, <Register texasr>, <Register tfiar>, <Register ppr>, <Register texasru>, <Register pspb>]¶
- dynamic_tag_translation: Dict[int, str] = {1879048192: 'DT_PPC64_GLINK', 1879048193: 'DT_PPC64_OPD', 1879048194: 'DT_PPC64_OPDSZ', 1879048195: 'DT_PPC64_OPT'}¶
- function_prologs: Set[bytes] = {b'[\\x00-\\xff]{2}\\x21\\x94\\xa6\\x02\\x08\\x7c'}¶
- function_epilogs: Set[bytes] = {b'\\xa6\\x03[\\x00-\\xff]{2}([\\x00-\\xff]{4}){0,6}\\x20\\x00\\x80\\x4e'}¶
- got_section_name = '.plt'¶
- ld_linux_name = 'ld64.so.1'¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- elf_tls: Optional[TLSArchInfo] = (1, 92, [], [84], [], 28672, 32768)¶
- dwarf_registers: List[str] = ['gpr0', 'gpr1', 'gpr2', 'gpr3', 'gpr4', 'gpr5', 'gpr6', 'gpr7', 'gpr8', 'gpr9', 'gpr10', 'gpr11', 'gpr12', 'gpr13', 'gpr14', 'gpr15', 'gpr16', 'gpr17', 'gpr18', 'gpr19', 'gpr20', 'gpr21', 'gpr22', 'gpr23', 'gpr24', 'gpr25', 'gpr26', 'gpr27', 'gpr28', 'gpr29', 'gpr30', 'gpr31', 'vsr0', 'vsr1', 'vsr2', 'vsr3', 'vsr4', 'vsr5', 'vsr6', 'vsr7', 'vsr8', 'vsr9', 'vsr10', 'vsr11', 'vsr12', 'vsr13', 'vsr14', 'vsr15', 'vsr16', 'vsr17', 'vsr18', 'vsr19', 'vsr20', 'vsr21', 'vsr22', 'vsr23', 'vsr24', 'vsr25', 'vsr26', 'vsr27', 'vsr28', 'vsr29', 'vsr30', 'vsr31', 'cr', 'fpscr', 'msr', '<none>', '<none>', '<none>', 'sr0', 'sr1', 'sr2', 'sr3', 'sr4', 'sr5', 'sr6', 'sr7', 'sr8', 'sr9', 'sr10', 'sr11', 'sr12', 'sr13', 'sr14', 'sr15', 'sr16', 'sr17', 'sr18', 'sr19', 'sr20', 'sr21', 'sr22', 'sr23', 'sr24', 'sr25', 'sr26', 'sr27', 'sr28', 'sr29', 'sr30', 'sr31']¶
- class archinfo.arch_x86.ArchX86(endness=Endness.LE)[source]¶
Bases:
Arch
- property capstone_x86_syntax¶
Get the current syntax Capstone uses for x86. It can be ‘intel’ or ‘at&t’
- Returns:
Capstone’s current x86 syntax
- Return type:
str
- property keystone_x86_syntax¶
Get the current syntax Keystone uses for x86. It can be ‘intel’, ‘at&t’, ‘nasm’, ‘masm’, ‘gas’ or ‘radix16’
- Returns:
Keystone’s current x86 syntax
- Return type:
str
- bits: int = 32¶
- vex_arch: Optional[str] = 'VexArchX86'¶
- name: str = 'X86'¶
- qemu_name: Optional[str] = 'i386'¶
- ida_processor: Optional[str] = 'metapc'¶
- linux_name: Optional[str] = 'i386'¶
- triplet: Optional[str] = 'i386-linux-gnu'¶
- max_inst_bytes: int = 15¶
- call_sp_fix = -4¶
- ret_offset: Optional[RegisterOffset] = 8¶
- vex_conditional_helpers = True¶
- syscall_num_offset = 8¶
- call_pushes_ret = True¶
- stack_change: int = -4¶
- memory_endness = 'Iend_LE'¶
- register_endness = 'Iend_LE'¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 32, 'long long': 64, 'short': 16}¶
- uc_arch = None¶
- uc_mode = None¶
- uc_const = None¶
- uc_prefix: Optional[str] = None¶
- function_prologs: Set[bytes] = {b'(\\x81|\\x83)\\xec', b'[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{1,7}\\x83\\xec[\\x00-\\xff]{2,4}', b'[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{1,7}\\x8b[\\x00-\\xff]{2}', b'\\x55\\x57\\x56', b'\\x55\\x89\\xe5', b'\\x55\\x8b\\xec', b'\\x8b\\xff\\x55\\x8b\\xec', b'\\xb8[\\x00-\\xff]\\x00\\x00\\x00[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{0,7}\\x8b[\\x00-\\xff]{2}', b'\xf3\x0f\x1e\xfb(\\x81|\\x83)\\xec', b'\xf3\x0f\x1e\xfb[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{1,7}\\x83\\xec[\\x00-\\xff]{2,4}', b'\xf3\x0f\x1e\xfb[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{1,7}\\x8b[\\x00-\\xff]{2}', b'\xf3\x0f\x1e\xfb\\x55\\x57\\x56', b'\xf3\x0f\x1e\xfb\\x55\\x89\\xe5', b'\xf3\x0f\x1e\xfb\\x55\\x8b\\xec', b'\xf3\x0f\x1e\xfb\\x8b\\xff\\x55\\x8b\\xec', b'\xf3\x0f\x1e\xfb\\xb8[\\x00-\\xff]\\x00\\x00\\x00[\\x50\\x51\\x52\\x53\\x55\\x56\\x57]{0,7}\\x8b[\\x00-\\xff]{2}'}¶
- function_epilogs: Set[bytes] = {b'([^\\x41][\\x50-\\x5f]{1}|\\x41[\\x50-\\x5f])\\xc3', b'[^\\x48][\\x83,\\x81]\\xc4([\\x00-\\xff]{1}|[\\x00-\\xff]{4})\\xc3', b'\\xc9\\xc3'}¶
- ret_instruction = b'\xc3'¶
- nop_instruction = b'\x90'¶
- instruction_alignment: Optional[int] = 1¶
- register_list: List[Register] = [<Register eax>, <Register ecx>, <Register edx>, <Register ebx>, <Register esp>, <Register ebp>, <Register esi>, <Register edi>, <Register cc_op>, <Register cc_dep1>, <Register cc_dep2>, <Register cc_ndep>, <Register d>, <Register id>, <Register ac>, <Register eip>, <Register fpreg>, <Register fptag>, <Register fpround>, <Register fc3210>, <Register ftop>, <Register sseround>, <Register xmm0>, <Register xmm1>, <Register xmm2>, <Register xmm3>, <Register xmm4>, <Register xmm5>, <Register xmm6>, <Register xmm7>, <Register cs>, <Register ds>, <Register es>, <Register fs>, <Register gs>, <Register ss>, <Register ldt>, <Register gdt>, <Register emnote>, <Register cmstart>, <Register cmlen>, <Register nraddr>, <Register sc_class>, <Register ip_at_syscall>]¶
- symbol_type_translation: Dict[Union[int, str], str] = {'STT_LOOS': 'STT_GNU_IFUNC', 10: 'STT_GNU_IFUNC'}¶
- lib_paths: List[str] = ['/lib32', '/usr/lib32']¶
- got_section_name = '.got.plt'¶
- ld_linux_name = 'ld-linux.so.2'¶
- elf_tls: Optional[TLSArchInfo] = (2, 56, [8], [4], [0], 0, 0)¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- dwarf_registers: List[str] = ['eax', 'ecx', 'edx', 'ebx', 'esp', 'ebp', 'esi', 'edi', 'eip', 'eflags', '<none>', 'st0', 'st1', 'st2', 'st3', 'st4', 'st5', 'st6', 'st7', '<none>', '<none>', 'xmm0', 'xmm1', 'xmm2', 'xmm3', 'xmm4', 'xmm5', 'xmm6', 'xmm7', 'mm0', 'mm1', 'mm2', 'mm3', 'mm4', 'mm5', 'mm6', 'mm7', 'fcw', 'fsw', 'mxcsr', 'es', 'cs', 'ss', 'ds', 'fs', 'gs', '<none>', '<none>', 'tr', 'ldtr']¶
- class archinfo.arch_soot.SootMethodDescriptor(class_name, name, params, soot_method=None, ret_type=None)[source]¶
Bases:
object
- class_name¶
- name¶
- params¶
- ret¶
- address(block_idx=0, stmt_idx=0)[source]¶
:return Address of the method. :rtype: SootAddressDescriptor
- property fullname¶
return the full name of the method (class name + method name)
- property symbolic¶
- property is_loaded¶
True, if the method is loaded in CLE and thus infos about attrs, ret and exceptions are available.
- Type:
return
- property attrs¶
- property exceptions¶
- property block_by_label¶
- property addr¶
the soot address description of the entry point of the method
- Type:
return
- matches_with_native_name(native_method)[source]¶
The name of native methods are getting encoded, s.t. they translate into valid C function names. This method indicates if the name of the given native method matches the name of the soot method.
- Returns:
True, if name of soot method matches the mangled native name.
- class archinfo.arch_soot.SootAddressDescriptor(method, block_idx, stmt_idx)[source]¶
Bases:
object
- method¶
- block_idx¶
- stmt_idx¶
- property symbolic¶
- class archinfo.arch_soot.SootAddressTerminator[source]¶
Bases:
SootAddressDescriptor
- class archinfo.arch_soot.SootFieldDescriptor(class_name, name, type_)[source]¶
Bases:
object
- class_name¶
- name¶
- type¶
- class archinfo.arch_soot.SootClassDescriptor(name, soot_class=None)[source]¶
Bases:
object
- name¶
- property is_loaded¶
True, if the class is loaded in CLE and thus info about field, methods, … are available.
- Type:
return
- property fields¶
- property methods¶
- property superclass_name¶
- property type¶
- class archinfo.arch_soot.SootArgument(value, type_, is_this_ref=False)[source]¶
Bases:
object
Typed Java argument.
- __init__(value, type_, is_this_ref=False)[source]¶
- Parameters:
value – Value of the argument
type – Type of the argument
is_this_ref – Indicates whether the argument represents the ‘this’ reference, i.e. the object on which an instance method is invoked.
- value¶
- type¶
- is_this_ref¶
- class archinfo.arch_soot.ArchSoot(endness=Endness.LE)[source]¶
Bases:
Arch
- name: str = 'Soot'¶
- vex_arch: Optional[str] = None¶
- qemu_name: Optional[str] = None¶
- bits: int = 64¶
- address_types: Tuple[type, ...] = (<class 'archinfo.arch_soot.SootAddressDescriptor'>,)¶
- function_address_types: Tuple[type, ...] = (<class 'archinfo.arch_soot.SootMethodDescriptor'>,)¶
- sizeof: Dict[str, int] = {'boolean': 8, 'byte': 8, 'char': 16, 'double': 64, 'float': 32, 'int': 32, 'long': 64, 'short': 16}¶
- primitive_types = ['boolean', 'byte', 'char', 'short', 'int', 'long', 'float', 'double']¶
- sig_dict = {'B': 'byte', 'C': 'char', 'D': 'double', 'F': 'float', 'I': 'int', 'J': 'long', 'S': 'short', 'V': 'void', 'Z': 'boolean'}¶
- library_search_path(pedantic=False)[source]¶
Since Java is mostly system independent, we cannot return system specific paths.
- Returns:
empty list
- max_inst_bytes: int¶
- stack_change: int¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
- class archinfo.arch_s390x.ArchS390X(endness=Endness.BE)[source]¶
Bases:
Arch
- bits: int = 64¶
- vex_arch: Optional[str] = 'VexArchS390X'¶
- name: str = 'S390X'¶
- default_endness = 'Iend_BE'¶
- qemu_name: Optional[str] = 's390x'¶
- triplet: Optional[str] = 's390x-linux-gnu'¶
- linux_name: Optional[str] = 's390'¶
- max_inst_bytes: int = 6¶
- ret_offset: Optional[RegisterOffset] = 584¶
- syscall_num_offset = 576¶
- call_pushes_ret = False¶
- stack_change: int = -8¶
- initial_sp = 4398046511104¶
- sizeof: Dict[str, int] = {'int': 32, 'long': 64, 'long long': 64, 'short': 16}¶
- ret_instruction = b'\x07\xf4'¶
- nop_instruction = b'\x07\x07'¶
- instruction_alignment: Optional[int] = 2¶
- register_list: List[Register] = [<Register ia>, <Register r0>, <Register r1>, <Register r2>, <Register r3>, <Register r4>, <Register r5>, <Register r6>, <Register r7>, <Register r8>, <Register r9>, <Register r10>, <Register r11>, <Register r12>, <Register r13>, <Register r14>, <Register r15>, <Register v0>, <Register v1>, <Register v2>, <Register v3>, <Register v4>, <Register v5>, <Register v6>, <Register v7>, <Register v8>, <Register v9>, <Register v10>, <Register v11>, <Register v12>, <Register v13>, <Register v14>, <Register v15>, <Register v16>, <Register v17>, <Register v18>, <Register v19>, <Register v20>, <Register v21>, <Register v22>, <Register v23>, <Register v24>, <Register v25>, <Register v26>, <Register v27>, <Register v28>, <Register v29>, <Register v30>, <Register v31>, <Register a0>, <Register a1>, <Register a2>, <Register a3>, <Register a4>, <Register a5>, <Register a6>, <Register a7>, <Register a8>, <Register a9>, <Register a10>, <Register a11>, <Register a12>, <Register a13>, <Register a14>, <Register a15>, <Register nraddr>, <Register cmstart>, <Register cmlen>, <Register ip_at_syscall>, <Register emnote>]¶
- function_prologs: Set[bytes] = {b'\\xeb.[\\xf0-\\xff]..\\x24'}¶
- function_epilogs: Set[bytes] = {b'\\x07\\xf4'}¶
- got_section_name = '.got'¶
- ld_linux_name = 'ld64.so.1'¶
- elf_tls: Optional[TLSArchInfo] = (2, 64, [0], [8], [16], 0, 0)¶
- dwarf_registers: List[str] = ['v0', 'v1', 'v2', 'v3', 'v4', 'v5', 'v6', 'v7', 'v8', 'v9', 'v10', 'v11', 'v12', 'v13', 'v14', 'v15', 'v16', 'v17', 'v18', 'v19', 'v20', 'v21', 'v22', 'v23', 'v24', 'v25', 'v26', 'v27', 'v28', 'v29', 'v30', 'v31', 'cr0', 'cr1', 'cr2', 'cr3', 'cr4', 'cr5', 'cr6', 'cr7', 'cr8', 'cr9', 'cr10', 'cr11', 'cr12', 'cr13', 'cr14', 'cr15', 'ar0', 'ar1', 'ar2', 'ar3', 'ar4', 'ar5', 'ar6', 'ar7', 'ar8', 'ar9', 'ar10', 'ar11', 'ar12', 'ar13', 'ar14', 'ar15', 'psw_mask', 'psw_address']¶
- artificial_registers: Set[RegisterName]¶
- cpu_flag_register_offsets_and_bitmasks_map: Dict¶
Utilities¶
- class archinfo.types.RegisterOffset[source]¶
Bases:
int
A register offset is an integer that represents the offset of a register in VEX’s register memory space.
- class archinfo.types.Endness(value)[source]¶
Bases:
StrEnum
Endness specifies the byte order for integer values
- Variables:
LE – little endian, least significant byte is stored at lowest address
BE – big endian, most significant byte is stored at lowest address
ME – Middle-endian. Yep.
- LE = 'Iend_LE'¶
- BE = 'Iend_BE'¶
- ME = 'Iend_ME'¶
- ANY = 'any'¶
- UNSURE = 'unsure'¶
- class archinfo.tls.TLSArchInfo(variant, tcbhead_size, head_offsets, dtv_offsets, pthread_offsets, tp_offset, dtv_entry_offset)¶
Bases:
tuple
- dtv_entry_offset¶
Alias for field number 6
- dtv_offsets¶
Alias for field number 3
- head_offsets¶
Alias for field number 2
- pthread_offsets¶
Alias for field number 4
- tcbhead_size¶
Alias for field number 1
- tp_offset¶
Alias for field number 5
- variant¶
Alias for field number 0