Classes:
Functions:
Attributes:
-
ARM_BIT_SHIFT_MAP(dict[int, Callable[[int, int, int], int]]) – -
ARM_SINGLE_LOAD_INSTRUCTIONS– -
ARM_SINGLE_STORE_INSTRUCTIONS– -
ARM_EXCLUSIVE_STORE_INSTRUCTIONS– -
ARM_MATH_INSTRUCTIONS– -
ARM_SHIFT_INSTRUCTIONS– -
ARM_CAN_WRITE_TO_PC(dict[int, Callable[[PwndbgInstruction], bool]]) – -
assistant–
module-attribute ¤
ARM_BIT_SHIFT_MAP: dict[int, Callable[[int, int, int], int]] = {
ARM_SFT_ASR: arithmetic_shift_right,
ARM_SFT_LSL: logical_shift_left,
ARM_SFT_LSR: logical_shift_right,
ARM_SFT_ROR: rotate_right,
}
module-attribute ¤
ARM_SINGLE_LOAD_INSTRUCTIONS = {
ARM_INS_LDRB: 1,
ARM_INS_LDRSB: -1,
ARM_INS_LDRH: 2,
ARM_INS_LDRSH: -2,
ARM_INS_LDR: 4,
ARM_INS_LDRBT: 1,
ARM_INS_LDRSBT: -1,
ARM_INS_LDRHT: 2,
ARM_INS_LDRSHT: -2,
ARM_INS_LDRT: 4,
ARM_INS_LDREXB: 1,
ARM_INS_LDREXH: 2,
ARM_INS_LDREX: 4,
}
module-attribute ¤
ARM_SINGLE_STORE_INSTRUCTIONS = {
ARM_INS_STRB: 1,
ARM_INS_STRH: 2,
ARM_INS_STR: 4,
ARM_INS_STRBT: 1,
ARM_INS_STRHT: 2,
ARM_INS_STRT: 4,
}
module-attribute ¤
module-attribute ¤
ARM_MATH_INSTRUCTIONS = {
ARM_INS_ADD: "+",
ARM_INS_ADDW: "+",
ARM_INS_SUB: "-",
ARM_INS_ORR: "|",
ARM_INS_AND: "&",
ARM_INS_EOR: "^",
ARM_INS_UDIV: "/",
ARM_INS_SDIV: "/",
ARM_INS_MUL: "*",
ARM_INS_UMULL: "*",
ARM_INS_SMULL: "*",
}
module-attribute ¤
module-attribute ¤
ARM_CAN_WRITE_TO_PC: dict[int, Callable[[PwndbgInstruction], bool]] = {
ARM_INS_ADD: first_op_is_pc,
ARM_INS_SUB: first_op_is_pc,
ARM_INS_SUBS: first_op_is_pc,
ARM_INS_MOV: first_op_is_pc,
ARM_INS_LDR: first_op_is_pc,
ARM_INS_POP: ops_contain_pc,
ARM_INS_LDM: ops_contain_pc,
}
Bases: DisassemblyAssistant
Methods:
-
read_thumb_bit– -
for_current_arch– -
enhance– -
can_reason_about_process_state–Determine if the program counter of the process equals the address of the instruction being enhanced.
-
dump–Debug-only method.
Attributes:
-
flags_reg– -
annotation_handlers(dict[int, Callable[[PwndbgInstruction, Emulator], None]]) – -
assistants(dict[str, DisassemblyAssistant]) – -
op_handlers(dict[int, Callable[[PwndbgInstruction, EnhancedOperand, Emulator], int | None]]) – -
op_names(dict[int, Callable[[PwndbgInstruction, EnhancedOperand], str | None]]) –
instance-attribute ¤
annotation_handlers: dict[
int, Callable[[PwndbgInstruction, Emulator], None]
] = {
ARM_INS_MOV: _common_move_annotator,
ARM_INS_MOVW: _common_move_annotator,
ARM_INS_MOVT: _common_generic_register_destination,
ARM_INS_MVN: _common_generic_register_destination,
ARM_INS_CMP: _common_cmp_annotator_builder(flags_reg, "-"),
ARM_INS_CMN: _common_cmp_annotator_builder(flags_reg, "+"),
ARM_INS_TST: _common_cmp_annotator_builder(flags_reg, "&"),
ARM_INS_TEQ: _common_cmp_annotator_builder(flags_reg, "^"),
}
instance-attribute ¤
op_handlers: dict[
int, Callable[[PwndbgInstruction, EnhancedOperand, Emulator], int | None]
] = {
CS_OP_IMM: _parse_immediate,
CS_OP_REG: _parse_register,
CS_OP_MEM: _parse_memory,
}
instance-attribute ¤
op_names: dict[
int, Callable[[PwndbgInstruction, EnhancedOperand], str | None]
] = {
CS_OP_IMM: _immediate_string,
CS_OP_REG: _register_string,
CS_OP_MEM: _memory_string,
}
can_reason_about_process_state(instruction: PwndbgInstruction) -> bool
Determine if the program counter of the process equals the address of the instruction being enhanced. If so, it means we can safely reason and read from registers and memory to enhance values that we can add to the annotation string. This becomes relevent when NOT emulating, and is meant to allow more details when the PC is at the instruction being enhanced