|
| | dse_strategies.parser = ArgumentParser("DSE Example") |
| |
| | dse_strategies.help |
| |
| | dse_strategies.choices |
| |
| | dse_strategies.args = parser.parse_args() |
| |
| dictionary | dse_strategies.strategy |
| |
| | dse_strategies.loc_db = LocationDB() |
| |
| int | dse_strategies.run_addr = 0x40000 |
| |
| | dse_strategies.machine = Machine("x86_32") |
| |
| | dse_strategies.jitter = machine.jitter(loc_db, "python") |
| |
| int | dse_strategies.ret_addr = 0x1337beef |
| |
| | dse_strategies.dse = DSEPathConstraint(machine, loc_db, produce_solution=strategy) |
| |
| | dse_strategies.regs = jitter.ir_arch.arch.regs |
| |
| | dse_strategies.arg = ExprId("ARG", 32) |
| |
| | dse_strategies.arg_addr = ExprMem(ExprInt(jitter.cpu.ESP + 4, regs.ESP.size), arg.size) |
| |
| | dse_strategies.todo = set([ExprInt(0, arg.size)]) |
| |
| | dse_strategies.done = set() |
| |
| | dse_strategies.snapshot = dse.take_snapshot() |
| |
| | dse_strategies.reaches = set() |
| |
| | dse_strategies.arg_value = todo.pop() |
| |
| | dse_strategies.keep_known_solutions |
| |
| | dse_strategies.sol_value = model.eval(dse.z3_trans.from_expr(arg)).as_long() |
| |
| | dse_strategies.sol_expr = ExprInt(sol_value, arg.size) |
| |
1.8.20 
