Rizin
unix-like reverse engineering framework and cli tools
Functions | Variables
machtraps Namespace Reference

Functions

def walk_back_until (addr, pattern, min_addr)
 
def carve_trap_num (addr, flag)
 
def beautify_name (name)
 
def carve_traps ()
 

Variables

 r = rzpipe.open()
 
def traps = carve_traps()
 

Function Documentation

◆ beautify_name()

def machtraps.beautify_name (   name)

Definition at line 58 of file machtraps.py.

58 def beautify_name(name):
59  return re.sub(r"^_", "", name)
60 
61 
machtraps.beautify_name
def beautify_name(name)
Definition: machtraps.py:58

Referenced by carve_traps().

◆ carve_trap_num()

def machtraps.carve_trap_num (   addr,
  flag 
)

Definition at line 41 of file machtraps.py.

41 def carve_trap_num(addr, flag):
42  saved_seek = r.cmd("?v $$")
43  r.cmd("e io.cache=true")
44  r.cmd("e emu.write=true")
45  r.cmd("aei")
46  r.cmd("aeim")
47  min_addr = int(r.cmd("?v " + flag), 0)
48  emu_start = walk_back_until(addr - 4, r"^b|^ret|^invalid", min_addr)
49  r.cmd("s " + str(emu_start))
50  obj = r.cmd("aefa 0x%08x~[0]:0" % addr)
51  r.cmd("s " + saved_seek)
52  val = r.cmdj("pv4j @ %s+0x14" % obj.strip())[0]["value"]
53  if val == 0:
54  val = r.cmdj("pv4j @ %s+0x18" % obj.strip())[0]["value"]
55  return val
56 
57 
cmd_descs_generate.str
str
Definition: cmd_descs_generate.py:785
machtraps.carve_trap_num
def carve_trap_num(addr, flag)
Definition: machtraps.py:41
machtraps.walk_back_until
def walk_back_until(addr, pattern, min_addr)
Definition: machtraps.py:26
int
static int
Definition: sfsocketcall.h:114

References int, cmd_descs_generate.str, and walk_back_until().

Referenced by carve_traps().

◆ carve_traps()

def machtraps.carve_traps ( )

Definition at line 62 of file machtraps.py.

62 def carve_traps():
63  msgs = r.cmdj("axtj @ sym._mach_msg")
64  if len(msgs) == 0:
65  r.cmd("s sym._mach_msg")
66  r.cmd("aae $SS @ $S")
67  r.cmd("shu")
68  msgs = r.cmdj("axtj @ sym._mach_msg")
69  if len(msgs) == 0:
70  print("Cannot find refs to mach_msg!")
71  return
72 
73  traps = {}
74  for ref in msgs:
75  if ref["type"] != "CALL" or "realname" not in ref:
76  continue
77  name = ref["realname"]
78  if re.search(r"^_mach_msg", name) != None:
79  continue
80  addr = ref["from"]
81  traps[addr] = {"name": name}
82 
83  result = []
84  for addr in traps:
85  trap = traps[addr]
86  flag = "sym.%s" % trap["name"]
87  trap["name"] = beautify_name(trap["name"])
88  trap["num"] = carve_trap_num(addr, flag)
89  if trap["num"] != None:
90  result.append(trap)
91 
92  result.sort(key=lambda x: x["num"])
93 
94  return result
95 
96 
len
size_t len
Definition: 6502dis.c:15
machtraps.carve_traps
def carve_traps()
Definition: machtraps.py:62

References beautify_name(), carve_trap_num(), and len.

◆ walk_back_until()

def machtraps.walk_back_until (   addr,
  pattern,
  min_addr 
)

Definition at line 26 of file machtraps.py.

26 def walk_back_until(addr, pattern, min_addr):
27  cursor = addr
28  while cursor >= min_addr:
29  op = r.cmdj("aoj@" + str(cursor))[0]["opcode"]
30  if re.search(pattern, op) != None:
31  return cursor + 4
32  if re.search(r"^ret", op) != None:
33  return cursor + 4
34  if re.search(r"^b ", op) != None:
35  return cursor + 4
36  cursor -= 4
37 
38  return min_addr
39 
40 

References cmd_descs_generate.str.

Referenced by carve_trap_num().

Variable Documentation

◆ r

machtraps.r = rzpipe.open()

Definition at line 23 of file machtraps.py.

◆ traps

def machtraps.traps = carve_traps()

Definition at line 98 of file machtraps.py.