Class TaintFileReadsLinuxAmd64SyscallLibrary
java.lang.Object
ghidra.pcode.exec.AnnotatedPcodeUseropLibrary<org.apache.commons.lang3.tuple.Pair<byte[],TaintVec>>
ghidra.pcode.emu.sys.AnnotatedEmuSyscallUseropLibrary<org.apache.commons.lang3.tuple.Pair<byte[],TaintVec>>
ghidra.pcode.emu.unix.AbstractEmuUnixSyscallUseropLibrary<org.apache.commons.lang3.tuple.Pair<byte[],TaintVec>>
ghidra.pcode.emu.linux.AbstractEmuLinuxSyscallUseropLibrary<org.apache.commons.lang3.tuple.Pair<byte[],TaintVec>>
ghidra.pcode.emu.linux.EmuLinuxAmd64SyscallUseropLibrary<org.apache.commons.lang3.tuple.Pair<byte[],TaintVec>>
ghidra.pcode.emu.taint.lib.TaintFileReadsLinuxAmd64SyscallLibrary
- All Implemented Interfaces:
EmuSyscallLibrary<org.apache.commons.lang3.tuple.Pair<byte[],TaintVec>>, PcodeUseropLibrary<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>>
public class TaintFileReadsLinuxAmd64SyscallLibrary
extends EmuLinuxAmd64SyscallUseropLibrary<org.apache.commons.lang3.tuple.Pair<byte[],TaintVec>>
A library for performing Taint Analysis on a Linux-amd64 program that reads from tainted files
This library is not currently accessible from the UI. It can be used with scripts by overriding a taint emulator's userop library factory method.
TODO: A means of adding and configuring userop libraries in the UI.
TODO: Example scripts.
-
Nested Class Summary
Nested classes/interfaces inherited from class AbstractEmuUnixSyscallUseropLibrary
AbstractEmuUnixSyscallUseropLibrary.Errno, AbstractEmuUnixSyscallUseropLibrary.UnixStructuredPartNested classes/interfaces inherited from class AnnotatedEmuSyscallUseropLibrary
AnnotatedEmuSyscallUseropLibrary.EmuSyscall, AnnotatedEmuSyscallUseropLibrary.StructuredPartNested classes/interfaces inherited from class AnnotatedPcodeUseropLibrary
AnnotatedPcodeUseropLibrary.AnnotatedPcodeUseropDefinition<T>, AnnotatedPcodeUseropLibrary.FixedArgsAnnotatedPcodeUseropDefinition<T>, AnnotatedPcodeUseropLibrary.OpExecutor, AnnotatedPcodeUseropLibrary.OpLibrary, AnnotatedPcodeUseropLibrary.OpOutput, AnnotatedPcodeUseropLibrary.OpState, AnnotatedPcodeUseropLibrary.PcodeUserop, AnnotatedPcodeUseropLibrary.VariadicAnnotatedPcodeUseropDefinition<T>Nested classes/interfaces inherited from interface EmuSyscallLibrary
EmuSyscallLibrary.EmuSyscallDefinition<T>, EmuSyscallLibrary.SyscallPcodeUseropDefinition<T>Nested classes/interfaces inherited from interface PcodeUseropLibrary
PcodeUseropLibrary.EmptyPcodeUseropLibrary, PcodeUseropLibrary.PcodeUseropDefinition<T> -
Field Summary
Fields inherited from class EmuLinuxAmd64SyscallUseropLibrary
clib64, regRAXFields inherited from class AbstractEmuLinuxSyscallUseropLibrary
ERRNOS, O_APPEND, O_CREAT, O_MASK_RDWR, O_RDONLY, O_RDWR, O_TRUNC, O_WRONLYFields inherited from class AbstractEmuUnixSyscallUseropLibrary
closedFds, descriptors, fs, intSize, userFields inherited from class AnnotatedEmuSyscallUseropLibrary
additionalArchives, CACHE_BY_CLASS, cSpec, dtMachineWord, machine, program, SYSCALL_SPACE_NAME, syscallMapFields inherited from class AnnotatedPcodeUseropLibrary
opsFields inherited from interface EmuSyscallLibrary
SYSCALL_CONVENTION_NAMEFields inherited from interface PcodeUseropLibrary
NIL -
Constructor Summary
ConstructorsConstructorDescriptionTaintFileReadsLinuxAmd64SyscallLibrary(PcodeMachine<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> machine, EmuUnixFileSystem<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> fs, Program program) TaintFileReadsLinuxAmd64SyscallLibrary(PcodeMachine<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> machine, EmuUnixFileSystem<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> fs, Program program, EmuUnixUser user) -
Method Summary
Modifier and TypeMethodDescriptionorg.apache.commons.lang3.tuple.Pair<byte[], TaintVec> unix_read(PcodeExecutorState<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> state, org.apache.commons.lang3.tuple.Pair<byte[], TaintVec> fd, org.apache.commons.lang3.tuple.Pair<byte[], TaintVec> bufPtr, org.apache.commons.lang3.tuple.Pair<byte[], TaintVec> count) The UNIXreadsystem callMethods inherited from class EmuLinuxAmd64SyscallUseropLibrary
disposeAdditionalArchives, getAdditionalArchives, readSyscallNumber, returnErrnoMethods inherited from class AbstractEmuLinuxSyscallUseropLibrary
convertFlags, getErrnoMethods inherited from class AbstractEmuUnixSyscallUseropLibrary
claimFd, createHandle, findFd, handleError, lowestFd, newStructuredPart, putDescriptor, releaseFd, unix_close, unix_exit, unix_group_exit, unix_open, unix_writeMethods inherited from class AnnotatedEmuSyscallUseropLibrary
getSyscalls, getSyscallUserop, mapAndBindSyscalls, mapAndBindSyscalls, newBoundSyscallMethods inherited from class AnnotatedPcodeUseropLibrary
getMethodLookup, getOperandType, getUseropsMethods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface EmuSyscallLibrary
syscallMethods inherited from interface PcodeUseropLibrary
compose, getSymbols, getUserops
-
Constructor Details
-
TaintFileReadsLinuxAmd64SyscallLibrary
public TaintFileReadsLinuxAmd64SyscallLibrary(PcodeMachine<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> machine, EmuUnixFileSystem<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> fs, Program program, EmuUnixUser user) -
TaintFileReadsLinuxAmd64SyscallLibrary
public TaintFileReadsLinuxAmd64SyscallLibrary(PcodeMachine<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> machine, EmuUnixFileSystem<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> fs, Program program)
-
-
Method Details
-
unix_read
public org.apache.commons.lang3.tuple.Pair<byte[],TaintVec> unix_read(PcodeExecutorState<org.apache.commons.lang3.tuple.Pair<byte[], TaintVec>> state, org.apache.commons.lang3.tuple.Pair<byte[], TaintVec> fd, org.apache.commons.lang3.tuple.Pair<byte[], TaintVec> bufPtr, org.apache.commons.lang3.tuple.Pair<byte[], TaintVec> count) Description copied from class:AbstractEmuUnixSyscallUseropLibraryThe UNIXreadsystem call- Overrides:
unix_readin classAbstractEmuUnixSyscallUseropLibrary<org.apache.commons.lang3.tuple.Pair<byte[],TaintVec>> - Parameters:
state- to receive the thread's statefd- the file descriptorbufPtr- the pointer to the buffer to receive the datacount- the number of bytes to read- Returns:
- the number of bytes successfully read
-