public class

IREmulator

extends Object
java.lang.Object
   ↳ com.pnfsoftware.jeb.core.units.code.asm.decompiler.ir.emulator.IREmulator

Class Overview

IR emulator.

How to use:
- pass an existing EState to a constructor or use createStandard(IEGlobalContext) to create a state and an emulator
- use the settters to customize the emulator.
- setup() it
- run() it

Summary

Constants
boolean defaultAllowOpt
int defaultMaxIterCount
boolean defaultRecordMemoryWrites
boolean defaultResetUnknownRegisters
long defaultReturnAddr
long defaultStackBase
Public Constructors
IREmulator(EState state)
Public Methods
void addArgument(long val, INativeType t)
void addArgument(IEImm val)
void addArgument(byte[] val, INativeType t)
boolean commitMemoryChanges(boolean commitModifiedPagesOnly)
static IREmulator createStandard(IEGlobalContext gctx, int maxIterationCount)
Create an emulator as well as a standard emulation state that will be controlled by the emulator.
static IREmulator createStandard(IEGlobalContext gctx)
Create an emulator as well as a standard emulation state that will be controlled by the emulator.
int getAddressSize()
IEGlobalContext getGlobalContext()
IEImm getLastEvaluationResult()
MemoryWrites getMemoryWrites()
long getPCAddress()
int getRegisterSize()
IEImm getReturnValue()
long getSPAddress()
int getStackSlotSize()
EState getState()
IVirtualMemory getVirtualMemory()
boolean isPrimaryEmulator()
boolean processStoredReturnAddress(RoutineIOSlot slot)
ret-addr on stack: pop and return
ret-addr in register: TBI
Long readPointer(long addr)
Convenience method.
IEImm readStorage(RoutineIOSlot slot)
void registerExternEmulator(IExternalRoutineExecutionHelper helper)
static IPrototypeItem retrievePrototype(IDecompilerManager decomp, INativeMethodItem routine)
Convenience method used to verify whether or not an emulator object would be able to retrieve a target method prototype.
boolean run()
void setArguments(Collection<IEImm> vals)
void setPerformFreshDecompilations(boolean performFreshDecompilations)
void setPreferredStackBase(long address)
void setPreferredTargetPrototype(IPrototypeItem proto)
void setRecordMemoryWrites(boolean recordMemoryWrites)
void setResetUnknownRegisters(boolean enabled)
void setReturnAddress(long retAddr)
void setStubExecution(INativeMethodItem routine, long pcStart, long pcStop)
void setStubExecution(IERoutineContext ctx, int irStart, int irStop)
void setTargetRoutine(INativeMethodItem routine)
void setup()
void teardown()
Clean-up temporary constructs built during setup().
void unregisterExternEmulator(IExternalRoutineExecutionHelper helper)
boolean writePointer(long addr, long ptr)
boolean writeStorage(RoutineIOSlot slot, IEImm val)
[Expand]
Inherited Methods
From class java.lang.Object

Constants

public static final boolean defaultAllowOpt

Constant Value: false

public static final int defaultMaxIterCount

Constant Value: 10000 (0x00002710)

public static final boolean defaultRecordMemoryWrites

Constant Value: false

public static final boolean defaultResetUnknownRegisters

Constant Value: true

public static final long defaultReturnAddr

Constant Value: 287454020 (0x0000000011223344)

public static final long defaultStackBase

Constant Value: 2113929216 (0x000000007e000000)

Public Constructors

public IREmulator (EState state)

Public Methods

public void addArgument (long val, INativeType t)

public void addArgument (IEImm val)

public void addArgument (byte[] val, INativeType t)

public boolean commitMemoryChanges (boolean commitModifiedPagesOnly)

public static IREmulator createStandard (IEGlobalContext gctx, int maxIterationCount)

Create an emulator as well as a standard emulation state that will be controlled by the emulator.

public static IREmulator createStandard (IEGlobalContext gctx)

Create an emulator as well as a standard emulation state that will be controlled by the emulator. Set the standard maximum iteration count to {@value #defaultMaxIterCount}.

public int getAddressSize ()

public IEGlobalContext getGlobalContext ()

public IEImm getLastEvaluationResult ()

public MemoryWrites getMemoryWrites ()

public long getPCAddress ()

public int getRegisterSize ()

public IEImm getReturnValue ()

public long getSPAddress ()

public int getStackSlotSize ()

public EState getState ()

public IVirtualMemory getVirtualMemory ()

public boolean isPrimaryEmulator ()

public boolean processStoredReturnAddress (RoutineIOSlot slot)

ret-addr on stack: pop and return
ret-addr in register: TBI

public Long readPointer (long addr)

Convenience method.

public IEImm readStorage (RoutineIOSlot slot)

public void registerExternEmulator (IExternalRoutineExecutionHelper helper)

public static IPrototypeItem retrievePrototype (IDecompilerManager decomp, INativeMethodItem routine)

Convenience method used to verify whether or not an emulator object would be able to retrieve a target method prototype.

Parameters
decomp decompiler unit
routine candidate target routine
Returns
  • the retrieved prototype that would be used by an emulator for the provided target routine

public boolean run ()

public void setArguments (Collection<IEImm> vals)

public void setPerformFreshDecompilations (boolean performFreshDecompilations)

public void setPreferredStackBase (long address)

public void setPreferredTargetPrototype (IPrototypeItem proto)

public void setRecordMemoryWrites (boolean recordMemoryWrites)

public void setResetUnknownRegisters (boolean enabled)

public void setReturnAddress (long retAddr)

public void setStubExecution (INativeMethodItem routine, long pcStart, long pcStop)

public void setStubExecution (IERoutineContext ctx, int irStart, int irStop)

public void setTargetRoutine (INativeMethodItem routine)

public void setup ()

public void teardown ()

Clean-up temporary constructs built during setup().

public void unregisterExternEmulator (IExternalRoutineExecutionHelper helper)

public boolean writePointer (long addr, long ptr)

public boolean writeStorage (RoutineIOSlot slot, IEImm val)