Java Code Examples for ghidra.program.model.address.AddressSetView#contains()

private Address findNextInstructionAddressNotInFunction(TaskMonitor monitor, Program program,
		Address address, boolean isForward) throws CancelledException {
	Function function = program.getListing().getFunctionContaining(address);
	AddressSetView body = function.getBody();
	InstructionIterator it = program.getListing().getInstructions(address, isForward);
	while (it.hasNext()) {
		monitor.checkCanceled();
		Instruction instruction = it.next();
		Address instructionAddress = instruction.getMinAddress();
		if (!body.contains(instructionAddress)) {
			function = program.getListing().getFunctionContaining(instructionAddress);
			if (function == null) {
				return instructionAddress;
			}
			body = function.getBody();
		}
	}
	return null;
}
 

/**
 * Determines the number of vf addresses in the vf table that begins at the specified base 
 * address.
 * @param program the program whose memory is providing their addresses
 * @param vfTableBaseAddress the base address in the program for the vf table
 * @return the number of virtual function addresses in the vf table
 */
static int getVfTableCount(Program program, Address vfTableBaseAddress) {

	Memory memory = program.getMemory();
	MemoryBlock textBlock = memory.getBlock(".text");
	AddressSetView initializedAddresses = memory.getLoadedAndInitializedAddressSet();
	PseudoDisassembler pseudoDisassembler = new PseudoDisassembler(program);

	// Create pointers starting at the address until reaching a 0 pointer.
	// Terminate the possible table at any entry containing a cross reference that 
	// is beyond the first table entry and don't include it.
	int tableSize = 0;
	Address currentVfPointerAddress = vfTableBaseAddress;
	int defaultPointerSize = program.getDefaultPointerSize();
	while (true) {
		Address referencedAddress = getAbsoluteAddress(program, currentVfPointerAddress);
		if (referencedAddress == null) {
			break; // Cannot get a virtual function address.
		}
		if (referencedAddress.getOffset() == 0) {
			break; // Encountered 0 entry.
		}
		if (!initializedAddresses.contains(referencedAddress)) {
			break; // Not pointing to initialized memory.
		}
		if ((textBlock != null) ? !textBlock.equals(memory.getBlock(referencedAddress))
				: false) {
			break; // Not pointing to text section.
		}
		if (!pseudoDisassembler.isValidSubroutine(referencedAddress, true)) {
			break; // Not pointing to possible function.
		}

		tableSize++; // Count this entry in the table.

		// Advance to the next table entry address.
		currentVfPointerAddress = currentVfPointerAddress.add(defaultPointerSize);
	}
	return tableSize;
}
 

private static void hashSymbols(Program program, AddressSetView set, int minSymbolNameLength,
		boolean includeExternals, TaskMonitor monitor,
		HashMap<SymbolPath, Boolean> uniqueSymbolPathMap,
		HashMap<SymbolIdentifier, Match> symbolMatches, boolean isAProg,
		boolean ignoreNamespace) throws CancelledException {
	monitor.setMessage("Hashing symbols in " + program.getName());

	for (Symbol symbol : program.getSymbolTable().getAllSymbols(true)) {
		monitor.incrementProgress(1);
		monitor.checkCanceled();

		// Don't include default names except string ones (ie no FUN_*, LAB_*, etc... but 
		// yes s_*, u_*, etc...	
		if ((symbol.getSource() == SourceType.DEFAULT) && !isSymbolAString(program, symbol)) {
			continue;
		}

		if (symbol.getParentNamespace() instanceof Function) {
			continue; // skip local symbols
		}

		final SymbolType symbolType = symbol.getSymbolType();

		if ((symbolType == SymbolType.FUNCTION || symbolType == SymbolType.LABEL) &&
			(set.contains(symbol.getAddress()) || (symbol.isExternal() && includeExternals))) {
			String name = symbol.getName();
			if (name.length() >= minSymbolNameLength) {
				hashSymbol(uniqueSymbolPathMap, symbolMatches, symbol, isAProg,
					ignoreNamespace);
			}
		}
	}
}
 

private boolean inRange(AddressSetView addrSet, FoundString string) {
	if (addrSet == null) {
		// this is all of memory
		return true;
	}

	return addrSet.contains(nextDefinedString.getAddress());
}
 

public boolean shouldAddDefinedString(FoundString string) {
	if (!options.includeDefinedStrings()) {
		return false;
	}
	AddressSetView addrSet = options.getAddressSet();
	return addrSet == null || addrSet.contains(string.getAddress());
}
 

/**
 * Checks the address to make sure the listing won't navigate outside the addresses
 * it currently has loaded. If it is not a valid address it will set a status message 
 * on the dual listing.
 * @param addr the address to check
 * @return true if the address is valid for navigation.
 */
private boolean validateAddress(Address addr) {
	if (addr == null) {
		return false;
	}
	AddressSetView addresses =
		isLeftSide ? dualListing.getLeftAddresses() : dualListing.getRightAddresses();
	if (!addresses.contains(addr)) {
		dualListing.setStatusInfo(
			"\"" + addr.toString() + "\" is outside the current listing's view.");
		return false;
	}
	return true;
}
 

/**
 * Check for a global GP register symbol or discovered symbol
 * @param set
 */
private void checkForGlobalGP(Program program, AddressSetView set, TaskMonitor monitor) {
	// don't want to check for it
	if (!discoverGlobalGPSetting) {
		return;
	}

	// TODO: Use gp_value provided by MIPS .reginfo or dynamic attributes - check for Elf loader symbol
	// see MIPS_ElfExtension.MIPS_GP_VALUE_SYMBOL
	Symbol symbol = SymbolUtilities.getLabelOrFunctionSymbol(program, "_mips_gp_value",
		err -> Msg.error(this, err));
	if (symbol != null) {
		gp_assumption_value = symbol.getAddress();
		return;
	}

	if (set != null && !set.isEmpty()) {
		// if GP is already Set, don't go looking for a value.
		AddressRangeIterator registerValueAddressRanges =
			program.getProgramContext().getRegisterValueAddressRanges(gp);
		while (registerValueAddressRanges.hasNext()) {
			// but set it so we know if the value we are assuming actually changes
			AddressRange next = registerValueAddressRanges.next();
			if (set.contains(next.getMinAddress(), next.getMaxAddress())) {
				RegisterValue registerValue =
					program.getProgramContext().getRegisterValue(gp, next.getMinAddress());
				gp_assumption_value = next.getMinAddress().getNewAddress(
					registerValue.getUnsignedValue().longValue());
				return;
			}
		}
	}

	// look for the global _gp variable set by ELF binaries

	symbol =
		SymbolUtilities.getLabelOrFunctionSymbol(program, "_gp", err -> Msg.error(this, err));
	if (symbol == null) {
		symbol = SymbolUtilities.getLabelOrFunctionSymbol(program, "_GP",
			err -> Msg.error(this, err));
	}

	if (symbol != null) {
		gp_assumption_value = symbol.getAddress();
	}

	// look for any setting of _gp_# variables
	Symbol s1 =
		SymbolUtilities.getLabelOrFunctionSymbol(program, "_gp_1", err -> Msg.error(this, err));
	if (s1 == null) {
		return;
	}
	// if we found a _gp symbol we set, and there is a global symbol, something is amiss
	if (gp_assumption_value != null && s1.getAddress().equals(gp_assumption_value)) {
		gp_assumption_value = null;
		return;
	}
	Symbol s2 =
		SymbolUtilities.getLabelOrFunctionSymbol(program, "_gp_2", err -> Msg.error(this, err));
	if (s2 == null) {
		// if there is only 1, assume can use the value for now
		gp_assumption_value = s1.getAddress();
	}
	return;
}
 

private boolean checkPseudoBody(Address entry, AddressSet body, AddressSet starts,
		boolean allowExistingInstructions, boolean didCallValidSubroutine) {

	if (program == null) {
		return true;
	}

	// check that body does not wander into non-executable memory
	AddressSetView execSet = memory.getExecuteSet();
	if (respectExecuteFlag && !execSet.isEmpty() && !execSet.contains(body)) {
		return false;
	}

	// check that the body traversed to a terminal does not
	//   have any anomolies in it.
	//   Existing Instructions/Data
	if (program.getListing().getDefinedData(body, true).hasNext()) {
		return false;
	}

	boolean canHaveOffcutEntry = hasLowBitCodeModeInAddrValues(program);
	AddressSet strictlyBody = body.subtract(starts);
	if (canHaveOffcutEntry) {
		strictlyBody.deleteRange(entry, entry.add(1));
	}
	AddressIterator addrIter =
		program.getReferenceManager().getReferenceDestinationIterator(strictlyBody, true);
	if (addrIter.hasNext()) {
		return false;  // don't allow offcut references
	}

	// if existing instructions are allowed,
	//    don't worry about multiple entry points either.
	if (allowExistingInstructions) {
		return true;
	}

	if (program.getListing().getInstructions(body, true).hasNext()) {
		return false;
	}

	// don't allow one instruction
	if (!didCallValidSubroutine && starts.getMinAddress().equals(starts.getMaxAddress())) {
		return false;
	}

	// if there are any references internally, that isn't the entry point
	//  it is a bady subroutine.
	AddressIterator iter;
	iter = program.getReferenceManager().getReferenceDestinationIterator(body, true);
	while (iter.hasNext()) {
		Address toAddr = iter.next();
		if (!toAddr.equals(entry)) {
			if (entry.add(1).equals(toAddr) && hasLowBitCodeModeInAddrValues(program)) {
				continue;
			}
			return false;
		}
	}
	return true;
}
 

/**
 * Associates a resource name with the name and ID of that resource
 * @param resourceRoutine - Name of the resource routine
 * @param paramIndex - Argument index of windows function call for resource lookup
 * @param restrictedSet - Address space to use
 * @param printScriptMsgs - if true, print output; if false, do not print any output;
 * @return HashMap<Address, Long> map of addresses
 */
private HashMap<Address, Long> associateResource(String resourceRoutine, int paramIndex,
		AddressSetView restrictedSet, boolean printScriptMsgs) {

	HashMap<Address, Long> constUse = new HashMap<>();

	Symbol symbol = lookupRoutine(resourceRoutine, printScriptMsgs);
	if (symbol == null) {
		return constUse;
	}

	//Continue along if a symbol was found
	routines.add(symbol.getAddress());
	paramIndexes.add(paramIndex);
	ArrayList<PcodeOp> defUseList = new ArrayList<>();
	defUseLists.add(defUseList);

	HashSet<Address> doneRoutines = new HashSet<>();

	//Have a list of routines found based on symbol lookups
	while (routines.size() > 0) {
		// get the next routine to lookup
		Address addr = routines.remove(0);
		paramIndex = paramIndexes.remove(0);
		defUseList = defUseLists.remove(0);

		if (doneRoutines.contains(addr)) {
			continue;
		}

		doneRoutines.add(addr);

		// Get the list of references to this address
		ReferenceIterator referencesTo =
			currentProgram.getReferenceManager().getReferencesTo(addr);
		for (Reference reference : referencesTo) {
			if (monitor.isCancelled()) {
				break;
			}

			// Get the address of the function which is referenced
			Address refAddr = reference.getFromAddress();

			// if set is null, do no checks
			if (restrictedSet != null && !restrictedSet.contains(refAddr)) {
				continue;
			}

			// was this location already checked?
			if (alreadyDoneAddressSetPropertyMap != null) {
				if (alreadyDoneAddressSetPropertyMap.contains(refAddr)) {
					continue;
				}
				alreadyDoneAddressSetPropertyMap.add(refAddr, refAddr);
			}

			Function refFunc =
				currentProgram.getFunctionManager().getFunctionContaining(refAddr);

			if (refFunc == null) {
				refFunc = UndefinedFunction.findFunction(currentProgram, refAddr, monitor);
			}

			// this is an indirect reference, need to add the references to here.
			if (refFunc == null && reference.isExternalReference()) {
				routines.add(reference.getFromAddress());
				paramIndexes.add(paramIndex);
				defUseLists.add(new ArrayList<PcodeOp>());
				continue;
			}

			if (refFunc == null) {
				continue;
			}

			// decompile function
			// look for call to this function
			// display call
			@SuppressWarnings("unchecked")
			ArrayList<PcodeOp> localDefUseList = (ArrayList<PcodeOp>) defUseList.clone();

			monitor.setMessage(
				"Analyzing : " + refFunc.getName() + " for refs to " + resourceRoutine);

			analyzeFunction(constUse, decomplib, currentProgram, refFunc, refAddr, paramIndex,
				localDefUseList);
		}
	}

	return constUse;
}
 

private InstructionSequence getInstructionsAgainstFlow(int numInstructions, Program program,
		Address startAddress, Listing listing, AddressSetView validAddresses) {
	InstructionSequence instructions = new InstructionSequence(numInstructions);
	CodeUnit cu = listing.getCodeUnitContaining(startAddress);

	if (cu instanceof Instruction) {
		Instruction preInstruction = (Instruction) cu;
		for (int j = 0; j < numInstructions; j++) {
			try {
				if (preInstruction == null) {
					break;
				}
				//if validAddresses is not null, check that the address is
				//in validAddresses 
				if (validAddresses != null) {
					Address preInstStart = preInstruction.getAddress();
					if (!validAddresses.contains(preInstStart)) {
						break;
					}
				}
				instructions.getInstructions()[j] = (preInstruction.getMnemonicString());
				instructions.getSizes()[j] = (preInstruction.getBytes().length);
				StringBuilder sb = new StringBuilder();
				for (int k = 0; k < preInstruction.getNumOperands(); k++) {
					sb.append(preInstruction.getDefaultOperandRepresentation(k));
					if (k != preInstruction.getNumOperands() - 1) {
						sb.append(",");
					}
				}
				instructions.getCommaSeparatedOperands()[j] = (sb.toString());
				preInstruction = preInstruction.getPrevious();

			}
			catch (MemoryAccessException e) {
				//Msg.info(this, "Memory Access Exception at " +
				//	preInstruction.getAddress().toString());
				break;
			}
		}
	}
	return instructions;
}
 

@Override
protected void run() throws Exception {
	if (!isRunningHeadless()) {
		totalFuncs = 0;
		programsAnalyzed = 0;
	}

	int numFirstBytes = askInt("Number of first bytes", "bytes");
	int numFirstInstructions = askInt("Number of first instructions", "instructions");
	int numPreBytes = askInt("Number of pre bytes", "bytes");
	int numPreInstructions = askInt("Number of pre instructions", "instructions");
	int numReturnBytes = askInt("Number of return bytes", "bytes");
	int numReturnInstructions = askInt("Number of return instructions", "instructions");
	String saveDirName = askString("Directory to save results", "directory");
	String contextRegsCSV = askString("Context register csv", "csv");

	File saveDir = new File(saveDirName);
	if (!saveDir.isDirectory()) {
		Msg.info(this, "Invalid save directory: " + saveDirName);
		return;
	}

	List<String> contextRegisters = DataGatheringParams.getContextRegisterList(contextRegsCSV);

	programsAnalyzed++;
	if (currentProgram == null) {
		Msg.info(this, "null current program: try again with the -process option");
		return;
	}

	if (currentProgram.getFunctionManager().getFunctionCount() == 0) {
		Msg.info(this, "No functions found in " + currentProgram.getName() + ", skipping.");
		return;
	}

	FunctionIterator fIter = currentProgram.getFunctionManager().getFunctions(true);
	DataGatheringParams params = new DataGatheringParams();
	params.setNumPreBytes(numPreBytes);
	params.setNumFirstBytes(numFirstBytes);
	params.setNumReturnBytes(numReturnBytes);
	params.setNumPreInstructions(numPreInstructions);
	params.setNumFirstInstructions(numFirstInstructions);
	params.setNumReturnInstructions(numReturnInstructions);
	params.setContextRegisters(contextRegisters);

	FileBitPatternInfo funcPatternList = new FileBitPatternInfo();
	funcPatternList.setLanguageID(currentProgram.getLanguageID().getIdAsString());
	funcPatternList.setGhidraURL("TODO: url");
	funcPatternList.setNumPreBytes(numPreBytes);
	funcPatternList.setNumPreInstructions(numPreInstructions);
	funcPatternList.setNumFirstBytes(numFirstBytes);
	funcPatternList.setNumFirstInstructions(numFirstInstructions);
	funcPatternList.setNumReturnBytes(numReturnBytes);
	funcPatternList.setNumReturnInstructions(numReturnInstructions);

	AddressSetView initialized = currentProgram.getMemory().getLoadedAndInitializedAddressSet();
	while (fIter.hasNext()) {
		monitor.checkCanceled();
		Function func = fIter.next();
		if (func.isThunk()) {
			continue;
		}
		if (func.isExternal()) {
			continue;
		}
		if (!initialized.contains(func.getEntryPoint())) {
			continue;
		}
		if (currentProgram.getListing().getInstructionAt(func.getEntryPoint()) == null) {
			continue;
		}

		FunctionBitPatternInfo fStart =
			new FunctionBitPatternInfo(currentProgram, func, params);
		if (fStart.getFirstBytes() != null) {
			funcPatternList.getFuncBitPatternInfo().add(fStart);
			totalFuncs++;
		}
	}

	File savedFile = new File(saveDir.getAbsolutePath() + File.separator +
		currentProgram.getDomainFile().getPathname().replaceAll("/", "_") + "_" +
		currentProgram.getExecutableMD5() + "_funcInfo.xml");
	funcPatternList.toXmlFile(savedFile);
	Msg.info(this,
		"Programs analyzed: " + programsAnalyzed + "; total functions: " + totalFuncs);
}
 

private void addSymbolsToMap(SymbolIterator symbolIt, boolean isSourceProgram, int n,
		TaskMonitor monitor) {
	double weight = 1.0 / n;
	AddressSetView addressSet;
	if (isSourceProgram) {
		addressSet = getSourceAddressSet();
	}
	else {
		addressSet = getDestinationAddressSet();
	}
	while (symbolIt.hasNext()) {
		if (monitor.isCancelled()) {
			break;
		}
		Symbol symbol = symbolIt.next();
		String symbolName = symbol.getName();

		if (symbolName.length() < minNameLength) {
			continue;
		}
		if (!addressSet.contains(symbol.getAddress())) {
			continue;
		}
		if (symbol.getSource() == SourceType.DEFAULT ||
			symbol.getSource() == SourceType.ANALYSIS) {
			continue;
		}

		for (int i = 0; i < symbolName.length() - (n - 1); i++) {
			String threeGram = symbolName.substring(i, i + n);
			LSHCosineVectorAccum vector;
			if (isSourceProgram) {
				vector = sourceMap.get(symbol);
			}
			else {
				vector = destinationMap.get(symbol);
			}
			if (vector == null) {
				vector = new LSHCosineVectorAccum();
				if (isSourceProgram) {
					sourceMap.put(symbol, vector);
				}
				else {
					destinationMap.put(symbol, vector);
				}
			}
			int id = getFeatureID(threeGram);
			vector.addHash(id, weight);
		}
	}
}