decompiler  1.0.0
Public Member Functions | Private Member Functions | Private Attributes | List of all members
ghidra::ExecutablePcode Class Reference

A snippet of p-code that can be executed outside of normal analysis. More...

#include <pcodeinject.hh>

Inheritance diagram for ghidra::ExecutablePcode:
ghidra::InjectPayload ghidra::ExecutablePcodeGhidra

Public Member Functions

 ExecutablePcode (Architecture *g, const string &src, const string &nm)
 Constructor. More...
 
virtual string getSource (void) const
 Return a string describing the source of the injection (.cspec, prototype model, etc.)
 
uintb evaluate (const vector< uintb > &input)
 Evaluate the snippet on the given inputs. More...
 
- Public Member Functions inherited from ghidra::InjectPayload
 InjectPayload (const string &nm, int4 tp)
 Construct for use with decode.
 
int4 getParamShift (void) const
 Get the number of parameters shifted.
 
bool isDynamic (void) const
 Return true if p-code in the injection is generated dynamically.
 
bool isIncidentalCopy (void) const
 Return true if any injected COPY is considered incidental.
 
int4 sizeInput (void) const
 Return the number of input parameters.
 
int4 sizeOutput (void) const
 Return the number of output parameters.
 
InjectParametergetInput (int4 i)
 Get the i-th input parameter.
 
InjectParametergetOutput (int4 i)
 Get the i-th output parameter.
 
virtual ~InjectPayload (void)
 Destructor.
 
virtual void inject (InjectContext &context, PcodeEmit &emit) const =0
 
virtual void decode (Decoder &decoder)=0
 Decode this payload from a stream.
 
virtual void printTemplate (ostream &s) const =0
 Print the p-code ops of the injection to a stream (for debugging)
 
string getName (void) const
 Return the name of the injection.
 
int4 getType (void) const
 Return the type of injection (CALLFIXUP_TYPE, CALLOTHERFIXUP_TYPE, etc.)
 

Private Member Functions

void build (void)
 Initialize the Emulate object with the snippet p-code.
 

Private Attributes

Architectureglb
 The Architecture owning this snippet.
 
string source
 Description of the source of this snippet.
 
bool built
 Whether build() method has run, setting up the emulator.
 
EmulateSnippet emulator
 The emulator.
 
vector< uintb > inputList
 Temporary ids of input varnodes.
 
vector< uintb > outputList
 Temporary ids of output varnodes.
 
PcodeEmitemitter
 Emitter (allocated temporarily) for initializing the emulator.
 

Additional Inherited Members

- Public Types inherited from ghidra::InjectPayload
enum  { CALLFIXUP_TYPE = 1, CALLOTHERFIXUP_TYPE = 2, CALLMECHANISM_TYPE = 3, EXECUTABLEPCODE_TYPE = 4 }
 
- Protected Member Functions inherited from ghidra::InjectPayload
void orderParameters (void)
 Assign an index to parameters. More...
 
void decodePayloadAttributes (Decoder &decoder)
 Parse the attributes of the current <pcode> tag. More...
 
void decodePayloadParams (Decoder &decoder)
 Parse any <input> or <output> children of current <pcode> tag. More...
 
- Static Protected Member Functions inherited from ghidra::InjectPayload
static void decodeParameter (Decoder &decoder, string &name, uint4 &size)
 Parse an <input> or <output> element describing an injection parameter. More...
 
- Protected Attributes inherited from ghidra::InjectPayload
string name
 Formal name of the payload.
 
int4 type
 Type of this payload: CALLFIXUP_TYPE, CALLOTHERFIXUP_TYPE, etc.
 
bool dynamic
 True if the injection is generated dynamically.
 
bool incidentalCopy
 True if injected COPYs are considered incidental.
 
int4 paramshift
 Number of parameters shifted in the original call.
 
vector< InjectParameterinputlist
 List of input parameters to this payload.
 
vector< InjectParameteroutput
 List of output parameters.
 

Detailed Description

A snippet of p-code that can be executed outside of normal analysis.

Essentially a p-code script. The p-code contained in this snippet needs to be processor agnostic, so any register Varnodes must be temporary (out of the unique space) and any control-flow operations must be contained within the snippet (p-code relative addressing). Input and output to the snippet/script is provided by standard injection parameters. The class contains, as a field, a stripped down emulator to run the script and a convenience method evaluate() to feed in concrete values to the input parameters and return a value from a single output parameter.

Constructor & Destructor Documentation

◆ ExecutablePcode()

ghidra::ExecutablePcode::ExecutablePcode ( Architecture g,
const string &  src,
const string &  nm 
)

Constructor.

Parameters
gis the Architecture owning snippet
srcis a string describing the source of the snippet
nmis the formal name of the snippet

References built, emitter, glb, and source.

Member Function Documentation

◆ evaluate()

uintb ghidra::ExecutablePcode::evaluate ( const vector< uintb > &  input)

Evaluate the snippet on the given inputs.

The caller provides a list of concrete values that are assigned to the input parameters. The number of values and input parameters must match, and values are assigned in order. Input parameter order is determined either by the order of tags in the defining XML. This method assumes there is exactly 1 relevant output parameter. Once the snippet is executed the value of this parameter is read from the emulator state and returned.

Parameters
inputis the ordered list of input values to feed to this script
Returns
the value of the output parameter after script execution

References build(), emulator, ghidra::Emulate::executeCurrentOp(), ghidra::Emulate::getHalt(), ghidra::EmulateSnippet::getTempValue(), inputList, outputList, ghidra::EmulateSnippet::resetMemory(), and ghidra::EmulateSnippet::setVarnodeValue().

Referenced by ghidra::JumpAssisted::buildAddresses(), ghidra::JumpAssisted::buildLabels(), ghidra::SegmentOp::execute(), and ghidra::JumpAssisted::recoverModel().


The documentation for this class was generated from the following files: