Skip to content

mips ¤

Classes:

Attributes:

BRANCH_WITHOUT_DELAY_SLOT_INSTRUCTIONS module-attribute ¤

BRANCH_WITHOUT_DELAY_SLOT_INSTRUCTIONS = {
    MIPS_INS_BC,
    MIPS_INS_BALC,
    MIPS_INS_JIALC,
    MIPS_INS_JIC,
    MIPS_INS_BLEZALC,
    MIPS_INS_BGEZALC,
    MIPS_INS_BGTZALC,
    MIPS_INS_BLTZALC,
    MIPS_INS_BEQZALC,
    MIPS_INS_BNEZALC,
    MIPS_INS_BLEZC,
    MIPS_INS_BGEZC,
    MIPS_INS_BGEUC,
    MIPS_INS_BGEIC,
    MIPS_INS_BGEUC,
    MIPS_INS_BGEIUC,
    MIPS_INS_BGTZC,
    MIPS_INS_BLTZC,
    MIPS_INS_BEQZC,
    MIPS_INS_ALIAS_BEQZC,
    MIPS_INS_BNEZC,
    MIPS_INS_ALIAS_BNEZC,
    MIPS_INS_BEQC,
    MIPS_INS_ALIAS_BEQC,
    MIPS_INS_BEQIC,
    MIPS_INS_BNEC,
    MIPS_INS_ALIAS_BNEC,
    MIPS_INS_BNEIC,
    MIPS_INS_BLTC,
    MIPS_INS_BLTIC,
    MIPS_INS_BLTUC,
    MIPS_INS_BLTIUC,
    MIPS_INS_BGEC,
    MIPS_INS_BLTUC,
    MIPS_INS_BNVC,
    MIPS_INS_BOVC,
    MIPS_INS_BRSC,
    MIPS_INS_BALRSC,
    MIPS_INS_BBEQZC,
    MIPS_INS_BBNEZC,
}

BRANCH_LIKELY_INSTRUCTIONS module-attribute ¤

BRANCH_LIKELY_INSTRUCTIONS = {
    MIPS_INS_BC1FL,
    MIPS_INS_ALIAS_BC1FL,
    MIPS_INS_BC1TL,
    MIPS_INS_ALIAS_BC1TL,
    MIPS_INS_BEQL,
    MIPS_INS_BGEZALL,
    MIPS_INS_BGEZL,
    MIPS_INS_BGTZL,
    MIPS_INS_BLEZL,
    MIPS_INS_BLTZALL,
    MIPS_INS_BLTZL,
    MIPS_INS_BNEL,
    MIPS_INS_ALIAS_BNEZL,
    MIPS_INS_ALIAS_BEQZL,
}

CONDITION_RESOLVERS module-attribute ¤

CONDITION_RESOLVERS: dict[int, Callable[[list[int]], bool]] = {
    MIPS_INS_BEQZ: lambda ops: ops[0] == 0,
    MIPS_INS_BNEZ: lambda ops: ops[0] != 0,
    MIPS_INS_BEQ: lambda ops: ops[0] == ops[1],
    MIPS_INS_BNE: lambda ops: ops[0] != ops[1],
    MIPS_INS_BGEZ: lambda ops: to_signed(ops[0], ptrsize * 8) >= 0,
    MIPS_INS_BGEZAL: lambda ops: to_signed(ops[0], ptrsize * 8) >= 0,
    MIPS_INS_BGTZ: lambda ops: to_signed(ops[0], ptrsize * 8) > 0,
    MIPS_INS_BLEZ: lambda ops: to_signed(ops[0], ptrsize * 8) <= 0,
    MIPS_INS_BLTZAL: lambda ops: to_signed(ops[0], ptrsize * 8) < 0,
    MIPS_INS_BLTZ: lambda ops: to_signed(ops[0], ptrsize * 8) < 0,
}

MIPS_SIMPLE_DESTINATION_INSTRUCTIONS module-attribute ¤

MIPS_SIMPLE_DESTINATION_INSTRUCTIONS = {
    MIPS_INS_CLO,
    MIPS_INS_CLZ,
    MIPS_INS_DCLO,
    MIPS_INS_DCLZ,
    MIPS_INS_LSA,
    MIPS_INS_DLSA,
    MIPS_INS_MFHI,
    MIPS_INS_MFLO,
    MIPS_INS_SEB,
    MIPS_INS_SEH,
    MIPS_INS_WSBH,
    MIPS_INS_SLT,
    MIPS_INS_SLTI,
    MIPS_INS_SLTIU,
    MIPS_INS_SLTU,
    MIPS_INS_MOVN,
    MIPS_INS_LDL,
    MIPS_INS_LDR,
    MIPS_INS_LWL,
    MIPS_INS_LWR,
}

MIPS_LOAD_INSTRUCTIONS module-attribute ¤

MIPS_LOAD_INSTRUCTIONS = {
    MIPS_INS_LB: -1,
    MIPS_INS_LBU: 1,
    MIPS_INS_LH: -2,
    MIPS_INS_LHU: 2,
    MIPS_INS_LW: -4,
    MIPS_INS_LWU: 4,
    MIPS_INS_LWPC: -4,
    MIPS_INS_LWUPC: 4,
    MIPS_INS_LD: -8,
    MIPS_INS_LDPC: 8,
}

MIPS_STORE_INSTRUCTIONS module-attribute ¤

MIPS_STORE_INSTRUCTIONS = {
    MIPS_INS_SB: 1,
    MIPS_INS_SH: 2,
    MIPS_INS_SW: 4,
    MIPS_INS_SD: 8,
}

MIPS_BINARY_OPERATIONS module-attribute ¤

MIPS_BINARY_OPERATIONS = {
    MIPS_INS_ADD: "+",
    MIPS_INS_ADDI: "+",
    MIPS_INS_ADDIU: "+",
    MIPS_INS_ADDU: "+",
    MIPS_INS_DADD: "+",
    MIPS_INS_DADDI: "+",
    MIPS_INS_DADDIU: "+",
    MIPS_INS_DADDU: "+",
    MIPS_INS_SUB: "-",
    MIPS_INS_SUBU: "-",
    MIPS_INS_DSUB: "-",
    MIPS_INS_DSUBU: "-",
    MIPS_INS_ANDI: "&",
    MIPS_INS_AND: "&",
    MIPS_INS_ORI: "|",
    MIPS_INS_OR: "|",
    MIPS_INS_XOR: "^",
    MIPS_INS_XORI: "^",
    MIPS_INS_SLL: "<<",
    MIPS_INS_SLLV: "<<",
    MIPS_INS_DSLL: "<<",
    MIPS_INS_DSLLV: "<<",
    MIPS_INS_SRL: ">>",
    MIPS_INS_SRLV: ">>",
    MIPS_INS_DSRL: ">>",
    MIPS_INS_DSRLV: ">>",
}

MipsDisassemblyAssistant ¤

MipsDisassemblyAssistant(architecture)

Bases: DisassemblyAssistant

Methods:

  • enhance

    Enhance the instruction - resolving branch targets, conditionals, and adding annotations

  • can_reason_about_process_state

    Determine if the program counter of the process equals the address of the instruction being enhanced.

  • dump

    Debug-only method.

Attributes:

annotation_handlers instance-attribute ¤

annotation_handlers: dict[
    int, Callable[[PwndbgInstruction, Emulator], None]
] = {
    MIPS_INS_MOVE: _common_move_annotator,
    MIPS_INS_ALIAS_MOVE: _common_move_annotator,
    MIPS_INS_LI: _common_move_annotator,
    MIPS_INS_LUI: _lui_annotator,
}

architecture instance-attribute ¤

architecture: PWNDBG_SUPPORTED_ARCHITECTURES_TYPE = architecture

op_handlers instance-attribute ¤

op_handlers: dict[
    int, Callable[[PwndbgInstruction, EnhancedOperand, Emulator], int | None]
] = {
    CS_OP_IMM: _parse_immediate,
    CS_OP_REG: _parse_register,
    CS_OP_MEM: _parse_memory,
}

op_names instance-attribute ¤

op_names: dict[
    int, Callable[[PwndbgInstruction, EnhancedOperand], str | None]
] = {
    CS_OP_IMM: _immediate_string,
    CS_OP_REG: _register_string,
    CS_OP_MEM: _memory_string,
}

enhance ¤

enhance(instruction: PwndbgInstruction, emu: Emulator = None) -> None

Enhance the instruction - resolving branch targets, conditionals, and adding annotations

This is the only public method that should be called on this object externally.

can_reason_about_process_state ¤

can_reason_about_process_state(instruction: PwndbgInstruction) -> bool

Determine if the program counter of the process equals the address of the instruction being enhanced. If so, it means we can safely reason and read from registers and memory to enhance values that we can add to the annotation string. This becomes relevent when NOT emulating, and is meant to allow more details when the PC is at the instruction being enhanced

dump ¤

dump(instruction: PwndbgInstruction)

Debug-only method.