arch ¤

Classes:

DisassemblyAssistant –

Functions:

syntax_highlight –
register_assign –
memory_assign –
memory_or_register_assign –

Used when we don't know until runtime whether a codepath will annotate a register or memory location.

Attributes:

DEBUG_ENHANCEMENT –
groups –
ops –
access –
DO_NOT_EMULATE –
generic_assistant –

DEBUG_ENHANCEMENT `module-attribute` ¤

DEBUG_ENHANCEMENT = False

groups `module-attribute` ¤

groups = {v: _lfor (k, v) in items() if startswith('CS_GRP_')}

ops `module-attribute` ¤

ops = {v: _Jfor (k, v) in items() if startswith('CS_OP_')}

access `module-attribute` ¤

access = {v: _Ffor (k, v) in items() if startswith('CS_AC_')}

DO_NOT_EMULATE `module-attribute` ¤

DO_NOT_EMULATE = {CS_GRP_INT, CS_GRP_INVALID, CS_GRP_IRET}

generic_assistant `module-attribute` ¤

generic_assistant = DisassemblyAssistant(None)

DisassemblyAssistant ¤

DisassemblyAssistant(architecture: str)

Methods:

for_current_arch –
enhance –
can_reason_about_process_state –

Determine if the program counter of the process equals the address of the instruction being enhanced.
dump –

Debug-only method.

Attributes:

assistants (dict[str, DisassemblyAssistant]) –
op_handlers (dict[int, Callable[[PwndbgInstruction, EnhancedOperand, Emulator], int | None]]) –
op_names (dict[int, Callable[[PwndbgInstruction, EnhancedOperand], str | None]]) –

assistants `class-attribute` `instance-attribute` ¤

assistants: dict[str, DisassemblyAssistant] = {}

op_handlers `instance-attribute` ¤

op_handlers: dict[
    int, Callable[[PwndbgInstruction, EnhancedOperand, Emulator], int | None]
] = {
    CS_OP_IMM: _parse_immediate,
    CS_OP_REG: _parse_register,
    CS_OP_MEM: _parse_memory,
}

op_names `instance-attribute` ¤

op_names: dict[
    int, Callable[[PwndbgInstruction, EnhancedOperand], str | None]
] = {
    CS_OP_IMM: _immediate_string,
    CS_OP_REG: _register_string,
    CS_OP_MEM: _memory_string,
}

for_current_arch `staticmethod` ¤

for_current_arch() -> DisassemblyAssistant

enhance `staticmethod` ¤

enhance(instruction: PwndbgInstruction, emu: Emulator = None) -> None

can_reason_about_process_state ¤

can_reason_about_process_state(instruction: PwndbgInstruction) -> bool

Determine if the program counter of the process equals the address of the instruction being enhanced. If so, it means we can safely reason and read from registers and memory to enhance values that we can add to the annotation string. This becomes relevent when NOT emulating, and is meant to allow more details when the PC is at the instruction being enhanced

dump ¤

dump(instruction: PwndbgInstruction)

Debug-only method.

syntax_highlight ¤

syntax_highlight(ins)

register_assign ¤

register_assign(left: str, right: str) -> str

memory_assign ¤

memory_assign(left: str, right: str) -> str

memory_or_register_assign ¤

memory_or_register_assign(left: str, right: str, mem_assign: bool) -> str

Used when we don't know until runtime whether a codepath will annotate a register or memory location.

arch ¤

DEBUG_ENHANCEMENT module-attribute ¤

groups module-attribute ¤

ops module-attribute ¤

access module-attribute ¤

DO_NOT_EMULATE module-attribute ¤

generic_assistant module-attribute ¤