Skip to content

aarch64 ¤

Classes:

Functions:

  • resolve_condition

    Given a condition and the NZCV flag bits, determine when the condition is satisfied

Attributes:

AARCH64_SINGLE_LOAD_INSTRUCTIONS module-attribute ¤

AARCH64_SINGLE_LOAD_INSTRUCTIONS: dict[int, int | None] = {
    AARCH64_INS_LDRB: 1,
    AARCH64_INS_ALIAS_LDRB: 1,
    AARCH64_INS_LDURB: 1,
    AARCH64_INS_ALIAS_LDURB: 1,
    AARCH64_INS_LDRSB: -1,
    AARCH64_INS_ALIAS_LDRSB: -1,
    AARCH64_INS_LDURSB: -1,
    AARCH64_INS_ALIAS_LDURSB: -1,
    AARCH64_INS_LDRH: 2,
    AARCH64_INS_ALIAS_LDRH: 2,
    AARCH64_INS_LDURH: 2,
    AARCH64_INS_ALIAS_LDURH: 2,
    AARCH64_INS_LDRSH: -2,
    AARCH64_INS_ALIAS_LDRSH: -2,
    AARCH64_INS_LDURSH: -2,
    AARCH64_INS_ALIAS_LDURSH: -2,
    AARCH64_INS_LDURSW: -4,
    AARCH64_INS_ALIAS_LDURSW: -4,
    AARCH64_INS_LDRSW: -4,
    AARCH64_INS_ALIAS_LDRSW: -4,
    AARCH64_INS_LDUR: None,
    AARCH64_INS_ALIAS_LDUR: None,
    AARCH64_INS_LDR: None,
    AARCH64_INS_ALIAS_LDR: None,
    AARCH64_INS_LDTRB: 1,
    AARCH64_INS_LDTRSB: -1,
    AARCH64_INS_LDTRH: 2,
    AARCH64_INS_LDTRSH: -2,
    AARCH64_INS_LDTRSW: -4,
    AARCH64_INS_LDTR: None,
    AARCH64_INS_ALIAS_LDTR: None,
    AARCH64_INS_LDXRB: 1,
    AARCH64_INS_LDXRH: 2,
    AARCH64_INS_LDXR: None,
    AARCH64_INS_LDARB: 1,
    AARCH64_INS_LDARH: 2,
    AARCH64_INS_LDAR: None,
}

AARCH64_SINGLE_STORE_INSTRUCTIONS module-attribute ¤

AARCH64_SINGLE_STORE_INSTRUCTIONS: dict[int, int | None] = {
    AARCH64_INS_STRB: 1,
    AARCH64_INS_ALIAS_STRB: 1,
    AARCH64_INS_STURB: 1,
    AARCH64_INS_ALIAS_STURB: 1,
    AARCH64_INS_STRH: 2,
    AARCH64_INS_ALIAS_STRH: 2,
    AARCH64_INS_STURH: 2,
    AARCH64_INS_ALIAS_STURH: 2,
    AARCH64_INS_STUR: None,
    AARCH64_INS_ALIAS_STUR: None,
    AARCH64_INS_STR: None,
    AARCH64_INS_ALIAS_STR: None,
    AARCH64_INS_STTRB: 1,
    AARCH64_INS_STTRH: 2,
    AARCH64_INS_STTR: None,
    AARCH64_INS_STLRB: 1,
    AARCH64_INS_STLRH: 2,
    AARCH64_INS_STLR: None,
}

AARCH64_EXCLUSIVE_STORE_INSTRUCTIONS module-attribute ¤

AARCH64_EXCLUSIVE_STORE_INSTRUCTIONS = {
    AARCH64_INS_STXRB: 1,
    AARCH64_INS_STXRH: 2,
    AARCH64_INS_STXR: None,
    AARCH64_INS_STLXRB: 1,
    AARCH64_INS_STLXRH: 2,
    AARCH64_INS_STLXR: None,
}

CONDITIONAL_SELECT_INSTRUCTIONS module-attribute ¤

CONDITIONAL_SELECT_INSTRUCTIONS = {
    AARCH64_INS_CSEL,
    AARCH64_INS_CSINC,
    AARCH64_INS_CSINV,
    AARCH64_INS_CSNEG,
    AARCH64_INS_ALIAS_CSET,
    AARCH64_INS_ALIAS_CSETM,
    AARCH64_INS_ALIAS_CINC,
    AARCH64_INS_ALIAS_CINV,
    AARCH64_INS_ALIAS_CNEG,
}

AARCH64_EMULATED_ANNOTATIONS module-attribute ¤

AARCH64_EMULATED_ANNOTATIONS = CONDITIONAL_SELECT_INSTRUCTIONS | {
    AARCH64_INS_SXTB,
    AARCH64_INS_SXTH,
    AARCH64_INS_SXTW,
    AARCH64_INS_UXTB,
    AARCH64_INS_UXTH,
    AARCH64_INS_UXTW,
    AARCH64_INS_RBIT,
    AARCH64_INS_CLS,
    AARCH64_INS_CLZ,
    AARCH64_INS_ALIAS_BFXIL,
    AARCH64_INS_ALIAS_UBFIZ,
    AARCH64_INS_UBFM,
    AARCH64_INS_ALIAS_UBFX,
    AARCH64_INS_ALIAS_SBFIZ,
    AARCH64_INS_SBFM,
    AARCH64_INS_ALIAS_SBFX,
    AARCH64_INS_ALIAS_BFI,
    AARCH64_INS_NEG,
    AARCH64_INS_ALIAS_NEGS,
    AARCH64_INS_REV,
    AARCH64_INS_BIC,
    AARCH64_INS_BICS,
}

AARCH64_CONSTANT_SHIFTS module-attribute ¤

AARCH64_CONSTANT_SHIFTS = {
    AARCH64_SFT_LSL,
    AARCH64_SFT_LSR,
    AARCH64_SFT_ASR,
    AARCH64_SFT_ROR,
}

AARCH64_BIT_SHIFT_MAP module-attribute ¤

AARCH64_BIT_SHIFT_MAP: dict[int, Callable[[int, int, int], int]] = {
    AARCH64_SFT_LSL: logical_shift_left,
    AARCH64_SFT_LSR: logical_shift_right,
    AARCH64_SFT_ASR: arithmetic_shift_right,
    AARCH64_SFT_ROR: rotate_right,
}

AARCH64_EXTEND_MAP module-attribute ¤

AARCH64_EXTEND_MAP: dict[int, Callable[[int], int]] = {
    AARCH64_EXT_UXTB: lambda x: x & 1 << 8 - 1,
    AARCH64_EXT_UXTH: lambda x: x & 1 << 16 - 1,
    AARCH64_EXT_UXTW: lambda x: x & 1 << 32 - 1,
    AARCH64_EXT_UXTX: lambda x: x,
    AARCH64_EXT_SXTB: lambda x: to_signed(x, 8),
    AARCH64_EXT_SXTH: lambda x: to_signed(x, 16),
    AARCH64_EXT_SXTW: lambda x: to_signed(x, 32),
    AARCH64_EXT_SXTX: lambda x: to_signed(x, 64),
}

AARCH64_MATH_INSTRUCTIONS module-attribute ¤

AARCH64_MATH_INSTRUCTIONS = {
    AARCH64_INS_ADD: "+",
    AARCH64_INS_ALIAS_ADD: "+",
    AARCH64_INS_ADDS: "+",
    AARCH64_INS_ALIAS_ADDS: "+",
    AARCH64_INS_SUB: "-",
    AARCH64_INS_ALIAS_SUB: "-",
    AARCH64_INS_SUBS: "-",
    AARCH64_INS_ALIAS_SUBS: "-",
    AARCH64_INS_AND: "&",
    AARCH64_INS_ALIAS_AND: "&",
    AARCH64_INS_ANDS: "&",
    AARCH64_INS_ALIAS_ANDS: "&",
    AARCH64_INS_ORR: "|",
    AARCH64_INS_ALIAS_ORR: "|",
    AARCH64_INS_EOR: "^",
    AARCH64_INS_ALIAS_EOR: "^",
    AARCH64_INS_UDIV: "/",
    AARCH64_INS_SDIV: "/",
    AARCH64_INS_SMULH: "*",
    AARCH64_INS_SMULL: "*",
    AARCH64_INS_ALIAS_SMULL: "*",
    AARCH64_INS_UMULH: "*",
    AARCH64_INS_UMULL: "*",
    AARCH64_INS_ALIAS_UMULL: "*",
    AARCH64_INS_MUL: "*",
    AARCH64_INS_ALIAS_MUL: "*",
}

AARCH64_SHIFT_INSTRUCTIONS module-attribute ¤

AARCH64_SHIFT_INSTRUCTIONS = {
    AARCH64_INS_LSL: "<<",
    AARCH64_INS_ALIAS_LSL: "<<",
    AARCH64_INS_LSR: ">>",
    AARCH64_INS_ALIAS_LSR: ">>",
    AARCH64_INS_ASR: ">>s",
    AARCH64_INS_ALIAS_ASR: ">>s",
    AARCH64_INS_ROR: ">>r",
    AARCH64_INS_ALIAS_ROR: ">>r",
}

AArch64DisassemblyAssistant ¤

AArch64DisassemblyAssistant(architecture)

Bases: DisassemblyAssistant

Methods:

  • enhance

    Enhance the instruction - resolving branch targets, conditionals, and adding annotations

  • can_reason_about_process_state

    Determine if the program counter of the process equals the address of the instruction being enhanced.

  • dump

    Debug-only method.

Attributes:

annotation_handlers instance-attribute ¤

annotation_handlers: dict[
    int, Callable[[PwndbgInstruction, Emulator], None]
] = {
    AARCH64_INS_MOV: _common_move_annotator,
    AARCH64_INS_ALIAS_MOV: _common_move_annotator,
    AARCH64_INS_MOVZ: _common_move_annotator,
    AARCH64_INS_MOVK: _common_generic_register_destination,
    AARCH64_INS_ADR: _common_generic_register_destination,
    AARCH64_INS_ADRP: _handle_adrp,
    AARCH64_INS_ALIAS_CMP: _common_cmp_annotator_builder("cpsr", "-"),
    AARCH64_INS_ALIAS_CMN: _common_cmp_annotator_builder("cpsr", "+"),
    AARCH64_INS_ALIAS_TST: _common_cmp_annotator_builder("cpsr", "&"),
    AARCH64_INS_CCMP: _common_cmp_annotator_builder("cpsr", ""),
    AARCH64_INS_CCMN: _common_cmp_annotator_builder("cpsr", ""),
}

architecture instance-attribute ¤

architecture: PWNDBG_SUPPORTED_ARCHITECTURES_TYPE = architecture

op_handlers instance-attribute ¤

op_handlers: dict[
    int, Callable[[PwndbgInstruction, EnhancedOperand, Emulator], int | None]
] = {
    CS_OP_IMM: _parse_immediate,
    CS_OP_REG: _parse_register,
    CS_OP_MEM: _parse_memory,
}

op_names instance-attribute ¤

op_names: dict[
    int, Callable[[PwndbgInstruction, EnhancedOperand], str | None]
] = {
    CS_OP_IMM: _immediate_string,
    CS_OP_REG: _register_string,
    CS_OP_MEM: _memory_string,
}

enhance ¤

enhance(instruction: PwndbgInstruction, emu: Emulator = None) -> None

Enhance the instruction - resolving branch targets, conditionals, and adding annotations

This is the only public method that should be called on this object externally.

can_reason_about_process_state ¤

can_reason_about_process_state(instruction: PwndbgInstruction) -> bool

Determine if the program counter of the process equals the address of the instruction being enhanced. If so, it means we can safely reason and read from registers and memory to enhance values that we can add to the annotation string. This becomes relevent when NOT emulating, and is meant to allow more details when the PC is at the instruction being enhanced

dump ¤

dump(instruction: PwndbgInstruction)

Debug-only method.

resolve_condition ¤

resolve_condition(condition: int, cpsr: int) -> InstructionCondition

Given a condition and the NZCV flag bits, determine when the condition is satisfied

The condition is a Capstone constant