|
libTriton version 1.0 build 1590
|
The taint engine class. More...
#include <taintEngine.hpp>
Public Member Functions | |
| TRITON_EXPORT | TaintEngine (const triton::modes::SharedModes &modes, triton::engines::symbolic::SymbolicEngine *symbolicEngine, triton::arch::CpuInterface &cpu) |
| Constructor. | |
| TRITON_EXPORT | TaintEngine (const TaintEngine &other) |
| Constructor by copy. | |
| TRITON_EXPORT TaintEngine & | operator= (const TaintEngine &other) |
| Copies a TaintEngine. | |
| TRITON_EXPORT const std::unordered_set< triton::uint64 > & | getTaintedMemory (void) const |
| Returns the tainted addresses. | |
| TRITON_EXPORT std::unordered_set< const triton::arch::Register * > | getTaintedRegisters (void) const |
| Returns the tainted registers. | |
| TRITON_EXPORT bool | isMemoryTainted (triton::uint64 addr, triton::uint32 size=1) const |
| Returns true if the addr is tainted. | |
| TRITON_EXPORT bool | isMemoryTainted (const triton::arch::MemoryAccess &mem, bool mode=true) const |
| Returns true if the memory is tainted. | |
| TRITON_EXPORT bool | isRegisterTainted (const triton::arch::Register ®) const |
| Returns true if the register is tainted. | |
| TRITON_EXPORT bool | isTainted (const triton::arch::OperandWrapper &op) const |
| Abstract taint verification. Returns true if the operand is tainted. | |
| TRITON_EXPORT bool | setTaint (const triton::arch::OperandWrapper &op, bool flag) |
| Sets the flag (taint or untaint) to an abstract operand (Register or Memory). | |
| TRITON_EXPORT bool | setTaintMemory (const triton::arch::MemoryAccess &mem, bool flag) |
| Sets the flag (taint or untaint) to a memory. | |
| TRITON_EXPORT bool | setTaintRegister (const triton::arch::Register ®, bool flag) |
| Sets the flag (taint or untaint) to a register. | |
| TRITON_EXPORT bool | taintMemory (triton::uint64 addr) |
| Taints an address. Returns TAINTED if the address has been tainted correctly. Otherwise it returns the last defined state. | |
| TRITON_EXPORT bool | taintMemory (const triton::arch::MemoryAccess &mem) |
| Taints a memory. Returns TAINTED if the memory has been tainted correctly. Otherwise it returns the last defined state. | |
| TRITON_EXPORT bool | taintRegister (const triton::arch::Register ®) |
| Taints a register. Returns TAINTED if the register has been tainted correctly. Otherwise it returns the last defined state. | |
| TRITON_EXPORT bool | untaintMemory (triton::uint64 addr) |
| Untaints an address. Returns !TAINTED if the address has been untainted correctly. Otherwise it returns the last defined state. | |
| TRITON_EXPORT bool | untaintMemory (const triton::arch::MemoryAccess &mem) |
| Untaints a memory. Returns !TAINTED if the memory has been untainted correctly. Otherwise it returns the last defined state. | |
| TRITON_EXPORT bool | untaintRegister (const triton::arch::Register ®) |
| Untaints a register. Returns !TAINTED if the register has been untainted correctly. Otherwise it returns the last defined state. | |
| TRITON_EXPORT bool | taintUnion (const triton::arch::OperandWrapper &op1, const triton::arch::OperandWrapper &op2) |
| Abstract union tainting. | |
| TRITON_EXPORT bool | taintUnion (const triton::arch::MemoryAccess &memDst, const triton::arch::Immediate &imm) |
| Taints MemoryImmediate with union. Returns true if the memDst is TAINTED. | |
| TRITON_EXPORT bool | taintUnion (const triton::arch::MemoryAccess &memDst, const triton::arch::MemoryAccess &memSrc) |
| Taints MemoryMemory with union. Returns true if the memDst or memSrc are TAINTED. | |
| TRITON_EXPORT bool | taintUnion (const triton::arch::MemoryAccess &memDst, const triton::arch::Register ®Src) |
| Taints MemoryRegister with union. Returns true if the memDst or regSrc are TAINTED. | |
| TRITON_EXPORT bool | taintUnion (const triton::arch::Register ®Dst, const triton::arch::Immediate &imm) |
| Taints RegisterImmediate with union. Returns true if the regDst is TAINTED. | |
| TRITON_EXPORT bool | taintUnion (const triton::arch::Register ®Dst, const triton::arch::MemoryAccess &memSrc) |
| Taints RegisterMemory with union. Returns true if the regDst or memSrc are TAINTED. | |
| TRITON_EXPORT bool | taintUnion (const triton::arch::Register ®Dst, const triton::arch::Register ®Src) |
| Taints RegisterRegister with union. Returns true if the regDst or regSrc are TAINTED. | |
| TRITON_EXPORT bool | taintAssignment (const triton::arch::OperandWrapper &op1, const triton::arch::OperandWrapper &op2) |
| Abstract assignment tainting. | |
| TRITON_EXPORT bool | taintAssignment (const triton::arch::MemoryAccess &memDst, const triton::arch::Immediate &imm) |
| Taints MemoryImmediate with assignment. Returns always false. | |
| TRITON_EXPORT bool | taintAssignment (const triton::arch::MemoryAccess &memDst, const triton::arch::MemoryAccess &memSrc) |
| Taints MemoryMemory with assignment. Returns true if the memDst is tainted. | |
| TRITON_EXPORT bool | taintAssignment (const triton::arch::MemoryAccess &memDst, const triton::arch::Register ®Src) |
| Taints MemoryRegister with assignment. Returns true if the memDst is tainted. | |
| TRITON_EXPORT bool | taintAssignment (const triton::arch::Register ®Dst, const triton::arch::Immediate &imm) |
| Taints RegisterImmediate with assignment. Returns always false. | |
| TRITON_EXPORT bool | taintAssignment (const triton::arch::Register ®Dst, const triton::arch::MemoryAccess &memSrc) |
| Taints RegisterMemory with assignment. Returns true if the regDst is tainted. | |
| TRITON_EXPORT bool | taintAssignment (const triton::arch::Register ®Dst, const triton::arch::Register ®Src) |
| Taints RegisterRegister with assignment. Returns true if the regDst is tainted. | |
Protected Attributes | |
| std::unordered_set< triton::uint64 > | taintedMemory |
| The set of tainted addresses. | |
| std::unordered_set< triton::arch::register_e > | taintedRegisters |
| The set of tainted registers. Currently it is an over approximation of the taint. | |
The taint engine class.
Definition at line 53 of file taintEngine.hpp.
| triton::engines::taint::TaintEngine::TaintEngine | ( | const triton::modes::SharedModes & | modes, |
| triton::engines::symbolic::SymbolicEngine * | symbolicEngine, | ||
| triton::arch::CpuInterface & | cpu | ||
| ) |
Constructor.
Definition at line 17 of file taintEngine.cpp.
| triton::engines::taint::TaintEngine::TaintEngine | ( | const TaintEngine & | other | ) |
Constructor by copy.
Definition at line 26 of file taintEngine.cpp.
| const std::unordered_set< triton::uint64 > & triton::engines::taint::TaintEngine::getTaintedMemory | ( | void | ) | const |
Returns the tainted addresses.
Definition at line 46 of file taintEngine.cpp.
| std::unordered_set< const triton::arch::Register * > triton::engines::taint::TaintEngine::getTaintedRegisters | ( | void | ) | const |
Returns the tainted registers.
Definition at line 52 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::isMemoryTainted | ( | const triton::arch::MemoryAccess & | mem, |
| bool | mode = true |
||
| ) | const |
Returns true if the memory is tainted.
Definition at line 63 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::isMemoryTainted | ( | triton::uint64 | addr, |
| triton::uint32 | size = 1 |
||
| ) | const |
Returns true if the addr is tainted.
Definition at line 87 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::isRegisterTainted | ( | const triton::arch::Register & | reg | ) | const |
Returns true if the register is tainted.
Definition at line 98 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::isTainted | ( | const triton::arch::OperandWrapper & | op | ) | const |
Abstract taint verification. Returns true if the operand is tainted.
Definition at line 107 of file taintEngine.cpp.
| TaintEngine & triton::engines::taint::TaintEngine::operator= | ( | const TaintEngine & | other | ) |
Copies a TaintEngine.
Definition at line 35 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::setTaint | ( | const triton::arch::OperandWrapper & | op, |
| bool | flag | ||
| ) |
Sets the flag (taint or untaint) to an abstract operand (Register or Memory).
Definition at line 133 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::setTaintMemory | ( | const triton::arch::MemoryAccess & | mem, |
| bool | flag | ||
| ) |
Sets the flag (taint or untaint) to a memory.
Definition at line 145 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::setTaintRegister | ( | const triton::arch::Register & | reg, |
| bool | flag | ||
| ) |
Sets the flag (taint or untaint) to a register.
Definition at line 157 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintAssignment | ( | const triton::arch::MemoryAccess & | memDst, |
| const triton::arch::Immediate & | imm | ||
| ) |
Taints MemoryImmediate with assignment. Returns always false.
Definition at line 333 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintAssignment | ( | const triton::arch::MemoryAccess & | memDst, |
| const triton::arch::MemoryAccess & | memSrc | ||
| ) |
Taints MemoryMemory with assignment. Returns true if the memDst is tainted.
Definition at line 352 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintAssignment | ( | const triton::arch::MemoryAccess & | memDst, |
| const triton::arch::Register & | regSrc | ||
| ) |
Taints MemoryRegister with assignment. Returns true if the memDst is tainted.
Definition at line 372 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintAssignment | ( | const triton::arch::OperandWrapper & | op1, |
| const triton::arch::OperandWrapper & | op2 | ||
| ) |
Abstract assignment tainting.
Definition at line 234 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintAssignment | ( | const triton::arch::Register & | regDst, |
| const triton::arch::Immediate & | imm | ||
| ) |
Taints RegisterImmediate with assignment. Returns always false.
Definition at line 391 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintAssignment | ( | const triton::arch::Register & | regDst, |
| const triton::arch::MemoryAccess & | memSrc | ||
| ) |
Taints RegisterMemory with assignment. Returns true if the regDst is tainted.
Definition at line 396 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintAssignment | ( | const triton::arch::Register & | regDst, |
| const triton::arch::Register & | regSrc | ||
| ) |
Taints RegisterRegister with assignment. Returns true if the regDst is tainted.
Definition at line 401 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintMemory | ( | const triton::arch::MemoryAccess & | mem | ) |
Taints a memory. Returns TAINTED if the memory has been tainted correctly. Otherwise it returns the last defined state.
Definition at line 169 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintMemory | ( | triton::uint64 | addr | ) |
Taints an address. Returns TAINTED if the address has been tainted correctly. Otherwise it returns the last defined state.
Definition at line 181 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintRegister | ( | const triton::arch::Register & | reg | ) |
Taints a register. Returns TAINTED if the register has been tainted correctly. Otherwise it returns the last defined state.
Definition at line 119 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintUnion | ( | const triton::arch::MemoryAccess & | memDst, |
| const triton::arch::Immediate & | imm | ||
| ) |
Taints MemoryImmediate with union. Returns true if the memDst is TAINTED.
Definition at line 260 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintUnion | ( | const triton::arch::MemoryAccess & | memDst, |
| const triton::arch::MemoryAccess & | memSrc | ||
| ) |
Taints MemoryMemory with union. Returns true if the memDst or memSrc are TAINTED.
Definition at line 279 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintUnion | ( | const triton::arch::MemoryAccess & | memDst, |
| const triton::arch::Register & | regSrc | ||
| ) |
Taints MemoryRegister with union. Returns true if the memDst or regSrc are TAINTED.
Definition at line 299 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintUnion | ( | const triton::arch::OperandWrapper & | op1, |
| const triton::arch::OperandWrapper & | op2 | ||
| ) |
Abstract union tainting.
Definition at line 207 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintUnion | ( | const triton::arch::Register & | regDst, |
| const triton::arch::Immediate & | imm | ||
| ) |
Taints RegisterImmediate with union. Returns true if the regDst is TAINTED.
Definition at line 318 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintUnion | ( | const triton::arch::Register & | regDst, |
| const triton::arch::MemoryAccess & | memSrc | ||
| ) |
Taints RegisterMemory with union. Returns true if the regDst or memSrc are TAINTED.
Definition at line 323 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::taintUnion | ( | const triton::arch::Register & | regDst, |
| const triton::arch::Register & | regSrc | ||
| ) |
Taints RegisterRegister with union. Returns true if the regDst or regSrc are TAINTED.
Definition at line 328 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::untaintMemory | ( | const triton::arch::MemoryAccess & | mem | ) |
Untaints a memory. Returns !TAINTED if the memory has been untainted correctly. Otherwise it returns the last defined state.
Definition at line 188 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::untaintMemory | ( | triton::uint64 | addr | ) |
Untaints an address. Returns !TAINTED if the address has been untainted correctly. Otherwise it returns the last defined state.
Definition at line 200 of file taintEngine.cpp.
| bool triton::engines::taint::TaintEngine::untaintRegister | ( | const triton::arch::Register & | reg | ) |
Untaints a register. Returns !TAINTED if the register has been untainted correctly. Otherwise it returns the last defined state.
Definition at line 126 of file taintEngine.cpp.
|
protected |
The set of tainted addresses.
Definition at line 66 of file taintEngine.hpp.
|
protected |
The set of tainted registers. Currently it is an over approximation of the taint.
Definition at line 69 of file taintEngine.hpp.
1.9.8