Java Code Examples for ghidra.program.model.listing.Program#getRegister()
The following examples show how to use
ghidra.program.model.listing.Program#getRegister() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: VarnodeInfo.java From ghidra with Apache License 2.0 | 6 votes |
|
public static Register getRegister(Program program, Address address, Integer size) {
if (address == null) {
return null;
}
if (!address.isRegisterAddress() && !address.getAddressSpace().hasMappedRegisters()) {
return null;
}
if (size == null) {
return program.getRegister(address);
}
Register register = program.getRegister(address, size);
if (register == null) {
register = program.getRegister(address);
}
return register;
}
Example 2
| Source File: ARM_ElfExtension.java From ghidra with Apache License 2.0 | 6 votes |
|
@Override
public Address creatingFunction(ElfLoadHelper elfLoadHelper, Address functionAddress) {
Program program = elfLoadHelper.getProgram();
if ((functionAddress.getOffset() & 1) != 0) {
Register tmodeRegister = program.getRegister("TMode");
if (tmodeRegister == null) {
elfLoadHelper.log("TMode mode not supported, unable to mark address as Thumb: " +
functionAddress);
return functionAddress;
}
functionAddress = functionAddress.previous(); // align address
try {
program.getProgramContext().setValue(tmodeRegister, functionAddress,
functionAddress, BigInteger.ONE);
}
catch (ContextChangeException e) {
// ignore since should not be instructions at time of import
}
}
if ((functionAddress.getOffset() % 4) == 2) {//The combination bit[1:0] = 0b10 is reserved.
elfLoadHelper.log("Function address is two bit aligned (reserved per ARM manual): " +
functionAddress);
}
return functionAddress;
}
Example 3
| Source File: JavaLoader.java From ghidra with Apache License 2.0 | 6 votes |
|
private void doLoad(ByteProvider provider, Program program, TaskMonitor monitor)
throws LockException, MemoryConflictException, AddressOverflowException,
CancelledException, DuplicateNameException, IOException {
AddressFactory af = program.getAddressFactory();
AddressSpace space = af.getAddressSpace(CONSTANT_POOL);
Memory memory = program.getMemory();
alignmentReg = program.getRegister("alignmentPad");
BinaryReader reader = new BinaryReader(provider, false);
ClassFileJava classFile = new ClassFileJava(reader);
Address address = space.getAddress(0);
// Create a block of memory with just the right size
memory.createInitializedBlock("_" + provider.getName() + "_", address,
provider.getInputStream(0), provider.length(), monitor, false);
createMethodLookupMemoryBlock(program, monitor);
createMethodMemoryBlocks(program, provider, classFile, monitor);
}
Example 4
| Source File: PseudoDisassembler.java From ghidra with Apache License 2.0 | 6 votes |
|
/**
* If this processor uses the low bit of an address to change to a new Instruction Set mode
* Check the low bit and change the instruction state at the address.
*
* @param program
* @param addr the raw address
* @return the correct address to disassemble at if it needs to be aligned
*/
public static Address setTargeContextForDisassembly(Program program, Address addr) {
Register lowBitCodeMode = program.getRegister(LOW_BIT_CODE_MODE_REGISTER_NAME);
if (lowBitCodeMode == null) {
return addr;
}
long offset = addr.getOffset();
if ((offset & 1) == 1) {
addr = addr.getNewAddress(addr.getOffset() & ~0x1);
try {
program.getProgramContext().setValue(lowBitCodeMode, addr, addr, BigInteger.ONE);
}
catch (ContextChangeException e) {
// shouldn't happen
}
}
return addr;
}
Example 5
| Source File: RegisterEvent.java From gdbghidra with MIT License | 6 votes |
|
public static void handleEvent(RegisterEvent registerEvent, Program currentProgram, ProgramPlugin plugin, ProgramLocation currentLocation) {
var register = currentProgram.getRegister(registerEvent.getName());
if(register == null) {
register = currentProgram.getRegister(registerEvent.getName().toUpperCase());
if(register == null) {
System.err.println("[GDBGHIDRA] Error unknown register: "+registerEvent.getName()+"\n");
return;
}
}
var address = currentLocation.getAddress();
var cmd = new CompoundCmd("Set Register Values");
var regCmd = new SetRegisterCmd(
register,
address,
address,
registerEvent.getValue());
cmd.add(regCmd);
plugin.getTool().execute(cmd, currentProgram);
}
Example 6
| Source File: PseudoDisassembler.java From ghidra with Apache License 2.0 | 5 votes |
|
/**
* Get an address that can be used for disassembly. Useful for some processors where
* pointers to code have 1 added to them for different modes such as Thumb mode for ARM.
*
* @param program to get address from
* @param addr to be normallized/aligned for disassembly
*
* @return the normalized/aligned address for disassembly
*/
public static Address getNormalizedDisassemblyAddress(Program program, Address addr) {
if (!addr.isMemoryAddress()) {
return addr;
}
Register lowBitCodeMode = program.getRegister(LOW_BIT_CODE_MODE_REGISTER_NAME);
if (lowBitCodeMode == null) {
return addr;
}
if ((addr.getOffset() & 1) == 0) {
return addr;
}
return addr.getNewAddress(addr.getOffset() & ~0x1);
}
Example 7
| Source File: GCAnalyzer.java From Ghidra-GameCube-Loader with Apache License 2.0 | 5 votes |
|
protected boolean setRegisterValue(String registerName, long defaultValue, Program program, CodeManager cm, AddressSpace addrSpace) {
Register reg = program.getRegister(registerName);
Address startAddr = cm.getInstructionAfter(addrSpace.getMinAddress()).getAddress();
Address endAddr = cm.getInstructionBefore(addrSpace.getMaxAddress()).getAddress();
Msg.debug(this, String.format("Writing regs to minAddr=0x%08X through maxAddr=0x%08X", startAddr.getUnsignedOffset(), endAddr.getUnsignedOffset()));
BigInteger val = BigInteger.valueOf(defaultValue);
var cmd1 = new SetRegisterCmd(reg, startAddr, endAddr, null);
var cmd2 = new SetRegisterCmd(reg, startAddr, endAddr, val);
var cmd = new CompoundCmd("Update Register Range");
cmd.add(cmd1);
cmd.add(cmd2);
var result = cmd.applyTo(program);
Msg.debug(this, String.format("Reg value: %08X", program.getProgramContext().getRegisterValue(reg, startAddr).getUnsignedValue().longValue()));
return result;
}
Example 8
| Source File: SymbolRenderer.java From ghidra with Apache License 2.0 | 5 votes |
|
private String getRegisterAddressString(Address address) {
Program program = inspector.getProgram();
if (program != null) {
Register register = program.getRegister(address);
if (register != null) {
return register.toString();
}
}
return "";
}
Example 9
| Source File: ASTGraphTask.java From ghidra with Apache License 2.0 | 5 votes |
|
private String translateVarnode(Varnode node, boolean useVarName) {
if (node == null) {
return "null";
}
Program p = hfunction.getFunction().getProgram();
Address addr = node.getAddress();
if (node.isConstant()) {
return "#" + NumericUtilities.toHexString(addr.getOffset(), node.getSize());
}
else if (node.isUnique()) {
return "u_" + Long.toHexString(addr.getOffset());
}
else if (addr.isRegisterAddress()) {
Register r = p.getRegister(addr, node.getSize());
if (r == null) {
r = p.getRegister(addr);
}
if (r != null) {
return r.getName();
}
}
else if (addr.isStackAddress()) {
if (useVarName) {
HighVariable var = node.getHigh();
if (var != null) {
return var.getName();
}
}
return "Stack[" + NumericUtilities.toSignedHexString(addr.getOffset()) + "]";
}
else if (addr.isMemoryAddress()) {
return addr.toString(true);
}
return node.toString();
}
Example 10
| Source File: PseudoDisassembler.java From ghidra with Apache License 2.0 | 5 votes |
|
/**
*
* @return RegisterValue setting for the context register to disassemble correctly at the given address
* or null, if no setting is needed.
*/
public static RegisterValue getTargetContextRegisterValueForDisassembly(Program program,
Address addr) {
Register lowBitCodeMode = program.getRegister(LOW_BIT_CODE_MODE_REGISTER_NAME);
if (lowBitCodeMode == null) {
return null;
}
long offset = addr.getOffset();
if ((offset & 1) == 1) {
return new RegisterValue(lowBitCodeMode, BigInteger.ONE);
}
return null;
}
Example 11
| Source File: HCS12ConventionAnalyzer.java From ghidra with Apache License 2.0 | 5 votes |
|
@Override
public boolean canAnalyze(Program program) {
// Only analyze HCS12 Programs
Processor processor = program.getLanguage().getProcessor();
boolean canDo = processor.equals(Processor.findOrPossiblyCreateProcessor("HCS12"));
if (canDo) {
xgate = program.getRegister("XGATE");
}
return canDo;
}
Example 12
| Source File: PARISC_O0_EmulatorTest.java From ghidra with Apache License 2.0 | 5 votes |
|
@Override
protected void preAnalyze(Program program) throws Exception {
MemoryBlock block = program.getMemory().getBlock(".data");
if (block != null) {
Register dpReg = program.getRegister("dp");
RegisterValue value =
new RegisterValue(dpReg, block.getStart().getOffsetAsBigInteger());
AddressSetView loadedMemory = program.getMemory().getLoadedAndInitializedAddressSet();
program.getProgramContext().setRegisterValue(loadedMemory.getMinAddress(),
loadedMemory.getMaxAddress(), value);
}
super.preAnalyze(program);
}
Example 13
| Source File: PARISC_O3_EmulatorTest.java From ghidra with Apache License 2.0 | 5 votes |
|
@Override
protected void preAnalyze(Program program) throws Exception {
MemoryBlock block = program.getMemory().getBlock(".data");
if (block != null) {
Register dpReg = program.getRegister("dp");
RegisterValue value =
new RegisterValue(dpReg, block.getStart().getOffsetAsBigInteger());
AddressSetView loadedMemory = program.getMemory().getLoadedAndInitializedAddressSet();
program.getProgramContext().setRegisterValue(loadedMemory.getMinAddress(),
loadedMemory.getMaxAddress(), value);
}
super.preAnalyze(program);
}
Example 14
| Source File: PseudoDisassembler.java From ghidra with Apache License 2.0 | 4 votes |
|
/**
* @return true if program has uses the low bit of an address to change Instruction Set mode
*/
public static boolean hasLowBitCodeModeInAddrValues(Program program) {
Register lowBitCodeMode = program.getRegister(LOW_BIT_CODE_MODE_REGISTER_NAME);
return (lowBitCodeMode != null);
}
Example 15
| Source File: X86_32_ElfExtension.java From ghidra with Apache License 2.0 | 4 votes |
|
/**
* Handle the case where GOT entry offset are computed based upon EBX.
* This implementation replaces the old "magic map" which had previously been used.
* @param elfLoadHelper
* @param monitor
* @throws CancelledException
*/
private void processX86Plt(ElfLoadHelper elfLoadHelper, TaskMonitor monitor) throws CancelledException {
// TODO: Does 64-bit have a similar mechanism?
// TODO: Would be better to use only dynamic table entries since sections may be stripped -
// the unresolved issue is to determine the length of the PLT area without a section
ElfHeader elfHeader = elfLoadHelper.getElfHeader();
ElfSectionHeader pltSection = elfHeader.getSection(ElfSectionHeaderConstants.dot_plt);
if (pltSection == null || !pltSection.isExecutable()) {
return;
}
ElfDynamicTable dynamicTable = elfHeader.getDynamicTable();
if (dynamicTable == null || !dynamicTable.containsDynamicValue(ElfDynamicType.DT_PLTGOT)) {
return; // avoid NotFoundException which causes issues for importer
}
Program program = elfLoadHelper.getProgram();
Memory memory = program.getMemory();
// MemoryBlock pltBlock = getBlockPLT(pltSection);
MemoryBlock pltBlock = memory.getBlock(pltSection.getNameAsString());
// TODO: This is a band-aid since there are many PLT implementations and this assumes only one.
if (pltBlock == null || pltBlock.getSize() <= ElfConstants.PLT_ENTRY_SIZE) {
return;
}
// Paint pltgot base over .plt section to allow thunks to be resolved during analysis
Register ebxReg = program.getRegister("EBX");
try {
long pltgotOffset = elfHeader.adjustAddressForPrelink(dynamicTable.getDynamicValue(
ElfDynamicType.DT_PLTGOT));
pltgotOffset = elfLoadHelper.getDefaultAddress(pltgotOffset).getOffset(); // adjusted for image base
RegisterValue pltgotValue = new RegisterValue(ebxReg, BigInteger.valueOf(pltgotOffset));
program.getProgramContext().setRegisterValue(pltBlock.getStart(), pltBlock.getEnd(), pltgotValue);
} catch (NotFoundException | ContextChangeException e) {
throw new AssertException("unexpected", e);
}
}
Example 16
| Source File: ARM_ElfExtension.java From ghidra with Apache License 2.0 | 4 votes |
|
@Override
public Address evaluateElfSymbol(ElfLoadHelper elfLoadHelper, ElfSymbol elfSymbol,
Address address, boolean isExternal) {
if (isExternal) {
return address;
}
Program program = elfLoadHelper.getProgram();
String symName = elfSymbol.getNameAsString();
try {
Register tmodeRegister = program.getRegister("TMode");
// ELF ARM - tags ARM code with $a and Thumb code with $t
//
if (tmodeRegister == null) {
// Thumb Mode not supported by language
}
else if ("$t".equals(symName) || symName.startsWith("$t.")) {
// is thumb mode
program.getProgramContext().setValue(tmodeRegister, address, address,
BigInteger.valueOf(1));
elfLoadHelper.markAsCode(address);
// do not retain $t symbols in program due to potential function/thunk naming interference
elfLoadHelper.setElfSymbolAddress(elfSymbol, address);
return null;
}
else if ("$a".equals(symName) || symName.startsWith("$a.")) {
// is arm mode
program.getProgramContext().setValue(tmodeRegister, address, address,
BigInteger.valueOf(0));
elfLoadHelper.markAsCode(address);
// do not retain $a symbols in program due to potential function/thunk naming interference
elfLoadHelper.setElfSymbolAddress(elfSymbol, address);
return null;
}
else if ("$b".equals(symName)) {
// don't do anything this is data
}
else if ("$d".equals(symName) || symName.startsWith("$d.")) {
// is data, need to protect as data
elfLoadHelper.createUndefinedData(address, (int) elfSymbol.getSize());
// do not retain $d symbols in program due to excessive duplicate symbols
elfLoadHelper.setElfSymbolAddress(elfSymbol, address);
return null;
}
if (elfSymbol.getType() == ElfSymbol.STT_FUNC) {
long symVal = address.getOffset();
if ((symVal & 1) != 0 && tmodeRegister != null) {
address = address.previous();
program.getProgramContext().setValue(tmodeRegister, address, address,
BigInteger.valueOf(1));
}
}
}
catch (ContextChangeException e) {
// ignore since should not be instructions at time of import
}
return address;
}
Example 17
| Source File: PcodeFormatter.java From ghidra with Apache License 2.0 | 4 votes |
|
private void formatAddress(Program program, AddressSpace addrSpace, ConstTpl offset,
ConstTpl size, List<AttributedString> lineList) {
if (offset.getType() != ConstTpl.REAL) {
throw new RuntimeException("Unsupported address offset type: " + offset.getType());
}
long offsetValue = offset.getReal();
if (addrSpace == null) {
lineList.add(STAR);
lineList.add(new AttributedString("0x" + Long.toHexString(offsetValue), addressColor,
metrics));
if (size.getType() != ConstTpl.J_CURSPACE_SIZE) {
formatSize(size, lineList);
}
return;
}
int sizeValue = (int) size.getReal();
Register reg = program.getRegister(addrSpace.getAddress(offsetValue), sizeValue);
if (reg != null) {
lineList.add(new AttributedString(reg.getName(), registerColor, metrics));
if (reg.getMinimumByteSize() > sizeValue) {
lineList.add(COLON);
lineList.add(new AttributedString(Integer.toString(sizeValue), this.scalarColor, metrics));
}
return;
}
lineList.add(STAR);
lineList.add(LEFT_BRACKET);
lineList.add(new AttributedString(addrSpace.getName(), Color.BLUE, metrics));
lineList.add(RIGHT_BRACKET);
long wordOffset = offsetValue / addrSpace.getAddressableUnitSize();
long offcut = offsetValue % addrSpace.getAddressableUnitSize();
String str = "0x" + Long.toHexString(wordOffset);
if (offcut != 0) {
str += "." + offset;
}
lineList.add(new AttributedString(str, addressColor, metrics));
formatSize(size, lineList);
}
