Add vspace and syscall/address option to 'is' command #7
No reviewers
Lephenixnoir
Labels
No Label
No Milestone
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Lephenixnoir/fxos#7
Loading…
Reference in New Issue
No description provided.
Delete Branch "Dr-Carlos/fxos:master"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Hello!
This PR changes the syntax of 'is' to
is [vspace=<virtual_space>] [<address|syscall>], allowing the user to specify a virtual space, and optionally change its behaviour from listing all symbols to listing a specific symbol, raising an error if it does not exist.This could be useful in conjunction with 'isc', allowing the user to find the number of a syscall and then its name.
I will certainly find this useful in my script which disassembles all syscalls and then tries to find a string within them, as I can see whether that string is used in named syscalls (ones that have been discovered) or unnamed ones (leading to further investigation).
The other commit 'add vector include to semantics.h' was the result of a compiler error complaining about it not being imported - I'm not sure why this happened but it works now.
The implementation is a bit of a mess due to me using fmt::print instead of FxOS_log as it allows me to print in hex (I can change this to FxOS_log if you let me know the way to go about this).
Thanks for caring about all of these useful details, this is all very welcome.
If you want to perform deeper analysis, feel free to write C++ functions directly into the library code. My intent was always to use fxos as a repository of useful scripts that analyze bits and pieces of the binary. Unfortunately, it's not there yet, with many things missing (call graphs, function claims, abstract interpretation, etc). But I'm sure your work would help with that goal. ^^
@ -251,0 +275,4 @@}else {s.type = FxOS::Symbol::Address;s.value = 0;I'd prefer if we used an option here (or an extra bool) to avoid surprises if we request an address that ends up being equal to 0. This seems very possible, especially with intense scripting.
Yep, I've now read up on std::optional and am (trying to) use it.
@ -258,0 +328,4 @@if(vspace_name.empty())fmt::print(stderr,"\x1b[31;1merror:\x1b[0m no symbol exists for address 0x{:08x} in current virtual space\n",symbol.value);There shouldn't be any problem printing hexadecimal with
FxOS_log(), as it just wraps aroundprintf(). See for examplelib/passes/cfg.cpp:26. Note thatFxOS_log()is intended for internal logs and errors, butfmt::print()is completely fine for normal command output.I didn't realise that printf could do this and was just copying the fmt::print below. I have now used your suggestion (next comment) about format strings for printf.
@ -258,0 +346,4 @@fmt::print(stderr,"\x1b[31;1merror:\x1b[0m no symbol exists for syscall %{:04x} in current virtual space\n",symbol.value);}You don't need to distinguish formats here. This is because printf will never ever lie to you; if you ask for
%03xbut the value has 4 digits it will still display all 4. So in general for syscalls we just do%03xand leave it.I haven't disassembled enough fx-CG code to be annoyed at alignment issues due to syscalls above 0x1000, but if you do feel free to use
%04xor%4.3xeverywhere.I did not realise that, thanks (again just copied the fmt::print use). I wasn't bothered by the %03x/%04x until writing a script that uses this new functionality, where it started bothering me.
I have used %04x and will probably make a PR to use %04x everywhere, or maybe make it an option - what do you think?
Feel free to make it
%04xeverywhere. Consistency is simple, and no one really minds an extra 0.@ -258,0 +356,4 @@fmt::print(stderr,"\x1b[31;1merror:\x1b[0m no symbol exists for syscall %{:04x} in virtual space '{}'\n",symbol.value, vspace_name);}Same here.
Perfect, thanks!