Package vivisect :: Package impemu :: Package platarch :: Module windows :: Class Windowsi386Emulator
[hide private]
[frames] | no frames]

Class Windowsi386Emulator

source code


Instance Methods [hide private]
 
__init__(self, vw, logwrite=False, logread=False) source code
 
seh3_prolog(self, emu, callconv, api, argv) source code
 
seh4_prolog(self, emu, callconv, api, argv) source code
 
seh4_gs_prolog(self, emu, callconv, api, argv) source code
 
seh3_epilog(self, emu, callconv, api, argv) source code
 
seh4_epilog(self, emu, callconv, api, argv) source code
 
eh_prolog(self, emu, callconv, api, argv) source code
 
alloca_probe(self, emu, callconv, api, argv) source code
 
gs_prolog(self, emu, callconv, api, argv) source code

Inherited from WindowsMixin: doRepPrefix, kernel32_GetModuleHandleA, kernel32_GetModuleHandleExA, kernel32_GetModuleHandleW, kernel32_GetProcAddress, kernel32_LoadLibraryA, kernel32_LoadLibraryExA, kernel32_LoadLibraryExW, kernel32_LoadLibraryW, readFilePath, readLibraryPath

Inherited from emulator.WorkspaceEmulator: checkBranches, checkCall, getBranchNode, getCallApi, getPathProp, getStackOffset, getUninitRegUse, getVivTaint, isStackPointer, isUninitStack, logUninitRegUse, newCodePathNode, nextVivTaint, parseOpcode, readMemory, reprVivTaint, reprVivValue, runFunction, setEmulationMonitor, setPathProp, setVivTaint, stepi, writeMemory

Inherited from emulator.WorkspaceEmulator (private): _useVirtAddr

Class Variables [hide private]
  taintregs = [e_i386.REG_EAX, e_i386.REG_ECX, e_i386.REG_EDX, e...
Method Details [hide private]

__init__(self, vw, logwrite=False, logread=False)
(Constructor)

source code 
Overrides: i386.i386WorkspaceEmulator.__init__

seh3_prolog(self, emu, callconv, api, argv)

source code 
Decorators:
  • @imphook('ntdll.seh3_prolog')

seh4_prolog(self, emu, callconv, api, argv)

source code 
Decorators:
  • @imphook('ntdll.seh4_prolog')

seh4_gs_prolog(self, emu, callconv, api, argv)

source code 
Decorators:
  • @imphook('ntdll.seh4_gs_prolog')

seh3_epilog(self, emu, callconv, api, argv)

source code 
Decorators:
  • @imphook('ntdll.seh3_epilog')

seh4_epilog(self, emu, callconv, api, argv)

source code 
Decorators:
  • @imphook('ntdll.seh4_epilog')

eh_prolog(self, emu, callconv, api, argv)

source code 
Decorators:
  • @imphook('ntdll.eh_prolog')

alloca_probe(self, emu, callconv, api, argv)

source code 
Decorators:
  • @imphook('ntdll._alloca_probe')

gs_prolog(self, emu, callconv, api, argv)

source code 
Decorators:
  • @imphook('ntdll.gs_prolog')

Class Variable Details [hide private]

taintregs

Value:
[e_i386.REG_EAX, e_i386.REG_ECX, e_i386.REG_EDX, e_i386.REG_EBX, e_i38\
6.REG_EBP, e_i386.REG_ESI, e_i386.REG_EDI,]