Package envi :: Class Emulator
[hide private]
[frames] | no frames]

Class Emulator

source code


The Emulator class is mostly "Abstract" in the java Interface sense. The emulator should be able to be extended for the architecutures which are included in the envi framework. You *must* mix in an instance of your architecture abstraction module.

(NOTE: Most users will just use an arch mod and call getEmulator())

The intention is for "light weight" emulation to be implemented mostly for user-space emulation of protected mode execution.

Instance Methods [hide private]
 
__init__(self, archmod=None)
Hand in a register definition which consists of a list of (<name>, <width>) tuples.
source code
 
getArchModule(self) source code
 
getEmuSnap(self)
Return the data needed to "snapshot" this emulator.
source code
 
setEmuSnap(self, snap) source code
 
executeOpcode(self, opobj)
This is the core method for the
source code
 
run(self, stepcount=None)
Run the emulator until "something" happens.
source code
 
stepi(self) source code
 
getSegmentInfo(self, op) source code
 
getSegmentIndex(self, op)
The *default* segmentation is none (most arch's will over-ride).
source code
 
setSegmentInfo(self, idx, base, size)
Set a base and size for a given segment index.
source code
 
getOperValue(self, op, idx)
Return the value for the operand at index idx for the given opcode reading memory and register states if necissary.
source code
 
getOperAddr(self, op, idx)
Return the address that an operand which deref's memory would read from on getOperValue().
source code
 
setOperValue(self, op, idx, value)
Set the value of the target operand at index idx from opcode op.
source code
 
getCallArgs(self, count, cc)
Emulator implementors can implement this method to allow analysis modules a platform/architecture independant way to get stack/reg/whatever args.
source code
 
execCallReturn(self, value, cc, argc=0)
Emulator implementors can implement this method to allow analysis modules a platform/architecture independant way to set a function return value.
source code
 
addCallingConvention(self, name, obj) source code
 
hasCallingConvention(self, name) source code
 
getCallingConvention(self, name) source code
 
getCallingConventions(self) source code

Inherited from registers.RegisterContext: addMetaRegister, getMetaRegInfo, getProgramCounter, getRegDef, getRegister, getRegisterByName, getRegisterIndex, getRegisterInfo, getRegisterName, getRegisterNameIndexes, getRegisterNames, getRegisterSnap, getRegisterWidth, getRegisters, getStackCounter, getStatusFlags, getStatusRegNameDesc, getStatusRegister, hasStatusRegister, isDirty, isMetaRegister, loadRegDef, loadRegMetas, setIsDirty, setProgramCounter, setRegister, setRegisterByName, setRegisterIndexes, setRegisterInfo, setRegisterSnap, setRegisters, setStackCounter, setStatusRegister

Inherited from registers.RegisterContext (private): _rctx_Export, _rctx_Import, _xlateToMetaReg, _xlateToNativeReg

Inherited from memory.MemoryObject: addMemoryMap, getByteDef, getMemoryMap, getMemoryMaps, getMemorySnap, readMemory, setMemorySnap, writeMemory

Inherited from memory.IMemory: allocateMemory, getMaxReadSize, getMemArchModule, getPointerSize, isExecutable, isReadable, isShared, isValidPointer, isWriteable, parseOpcode, probeMemory, protectMemory, readMemValue, readMemoryFormat, searchMemory, searchMemoryRange, setMemArchitecture, writeMemoryFormat

Method Details [hide private]

__init__(self, archmod=None)
(Constructor)

source code 

Hand in a register definition which consists of a list of (<name>, <width>) tuples.

Overrides: memory.IMemory.__init__

getEmuSnap(self)

source code 

Return the data needed to "snapshot" this emulator. For most archs, this method will be enough (it takes the memory object, and register values with it)

run(self, stepcount=None)

source code 

Run the emulator until "something" happens. (breakpoint, segv, syscall, etc...)

getSegmentInfo(self, op)

source code 
Overrides: memory.IMemory.getSegmentInfo

getSegmentIndex(self, op)

source code 

The *default* segmentation is none (most arch's will over-ride). This method may be implemented to return a segment index based on either emulator state or properties of the particular instruction in question.

getOperValue(self, op, idx)

source code 

Return the value for the operand at index idx for the given opcode reading memory and register states if necissary.

In partially-defined emulation, this may return None

setOperValue(self, op, idx, value)

source code 

Set the value of the target operand at index idx from opcode op. (obviously OM_IMMEDIATE *cannot* be set)

getCallArgs(self, count, cc)

source code 

Emulator implementors can implement this method to allow analysis modules a platform/architecture independant way to get stack/reg/whatever args.

Usage: getCallArgs(3, "stdcall") -> (0, 32, 0xf00)

execCallReturn(self, value, cc, argc=0)

source code 

Emulator implementors can implement this method to allow analysis modules a platform/architecture independant way to set a function return value. (this should also take care of any argument cleanup or other return time tasks for the calling convention)