diff --git a/src/main/scala/analysis/Analysis.scala b/src/main/scala/analysis/Analysis.scala index 695b54e7a..b7584bae7 100644 --- a/src/main/scala/analysis/Analysis.scala +++ b/src/main/scala/analysis/Analysis.scala @@ -149,11 +149,10 @@ object Fresh { trait MemoryRegion { val regionIdentifier: String - val start: BitVecLiteral var extent: Option[RangeKey] = None } -class StackRegion(override val regionIdentifier: String, override val start: BitVecLiteral) extends MemoryRegion { +class StackRegion(override val regionIdentifier: String, val start: BitVecLiteral) extends MemoryRegion { override def toString: String = s"Stack($regionIdentifier, $start)" override def hashCode(): Int = regionIdentifier.hashCode() * start.hashCode() override def equals(obj: Any): Boolean = obj match { @@ -162,16 +161,16 @@ class StackRegion(override val regionIdentifier: String, override val start: Bit } } -class HeapRegion(override val regionIdentifier: String, override val start: BitVecLiteral) extends MemoryRegion { - override def toString: String = s"Heap($regionIdentifier, $start)" - override def hashCode(): Int = regionIdentifier.hashCode() * start.hashCode() +class HeapRegion(override val regionIdentifier: String) extends MemoryRegion { + override def toString: String = s"Heap($regionIdentifier)" + override def hashCode(): Int = regionIdentifier.hashCode() override def equals(obj: Any): Boolean = obj match { - case h: HeapRegion => h.start == start && h.regionIdentifier == regionIdentifier + case h: HeapRegion => h.regionIdentifier == regionIdentifier case _ => false } } -class DataRegion(override val regionIdentifier: String, override val start: BitVecLiteral) extends MemoryRegion { +class DataRegion(override val regionIdentifier: String, val start: BitVecLiteral) extends MemoryRegion { override def toString: String = s"Data($regionIdentifier, $start)" override def hashCode(): Int = regionIdentifier.hashCode() * start.hashCode() override def equals(obj: Any): Boolean = obj match { @@ -323,7 +322,7 @@ trait MemoryRegionAnalysisMisc: if (directCall.target.name == "malloc") { evaluateExpression(mallocVariable, constantProp(n)) match { case Some(b: BitVecLiteral) => - lattice.sublattice.lub(s, Set(HeapRegion(nextMallocCount(), b))) + lattice.sublattice.lub(s, Set(HeapRegion(nextMallocCount()))) case None => s } } else { diff --git a/src/main/scala/bap/BAPStatement.scala b/src/main/scala/bap/BAPStatement.scala index 3a6a2169a..6f8ce85aa 100644 --- a/src/main/scala/bap/BAPStatement.scala +++ b/src/main/scala/bap/BAPStatement.scala @@ -20,7 +20,7 @@ case class BAPGoTo(target: String, condition: BAPExpr, line: String, instruction sealed trait BAPStatement -trait BAPAssign(lhs: BAPVariable, rhs: BAPExpr, line: String, instruction: String) extends BAPStatement { +sealed trait BAPAssign(lhs: BAPVariable, rhs: BAPExpr, line: String, instruction: String) extends BAPStatement { override def toString: String = String.format("%s := %s;", lhs, rhs) } @@ -29,17 +29,5 @@ trait BAPAssign(lhs: BAPVariable, rhs: BAPExpr, line: String, instruction: Strin case class BAPMemAssign(lhs: BAPMemory, rhs: BAPStore, line: String, instruction: String, address: Option[Int] = None) extends BAPAssign(lhs, rhs, line, instruction) -/* -case object BAPMemAssign { - def init(lhs: BAPMemory, rhs: BAPStore, line: String, instruction: String): BAPMemAssign = { - if (rhs.memory.name == "stack") { - BAPMemAssign(lhs.copy(name = "stack"), rhs, line, instruction) - } else { - BAPMemAssign(lhs, rhs, line, instruction) - } - } -} - */ - case class BAPLocalAssign(lhs: BAPVar, rhs: BAPExpr, line: String, instruction: String, address: Option[Int] = None) extends BAPAssign(lhs, rhs, line, instruction) diff --git a/src/main/scala/util/RunUtils.scala b/src/main/scala/util/RunUtils.scala index 6d66df638..4e29d94c0 100644 --- a/src/main/scala/util/RunUtils.scala +++ b/src/main/scala/util/RunUtils.scala @@ -90,20 +90,11 @@ object RunUtils { IRProgram = externalRemover.visitProgram(IRProgram) IRProgram = renamer.visitProgram(IRProgram) - q.loading.dumpIL match { - case Some(s: String) => writeToFile(serialiseIL(IRProgram), s"$s-before-analysis.il") - case _ => - } - - q.staticAnalysis match { - case Some(analysisConfig) => - IRProgram = analyse(IRProgram, externalFunctions, globals, globalOffsets, analysisConfig, 1) + q.loading.dumpIL.foreach(s => writeToFile(serialiseIL(IRProgram), s"$s-before-analysis.il")) - analysisConfig.dumpILToPath match { - case Some(s: String) => writeToFile(serialiseIL(IRProgram), s"$s-after-analysis.il") - case _ => - } - case None => + q.staticAnalysis.foreach { analysisConfig => + IRProgram = analyse(IRProgram, externalFunctions, globals, globalOffsets, analysisConfig, 1) + analysisConfig.dumpILToPath.foreach(s => writeToFile(serialiseIL(IRProgram), s"$s-after-analysis.il")) } IRProgram.determineRelevantMemory(globalOffsets) @@ -156,28 +147,16 @@ object RunUtils { val constPropSolver = ConstantPropagationAnalysis.WorklistSolver(cfg) val constPropResult: Map[CfgNode, Map[Variable, ConstantPropagationLattice.Element]] = constPropSolver.analyze(true) - config.analysisDotPath match { - case Some(s) => writeToFile(cfg.toDot(Output.labeler(constPropResult, constPropSolver.stateAfterNode), Output.dotIder), s"${s}_constprop$iteration.dot") - case None => - } - config.analysisResultsPath match { - case Some(s) => writeToFile(printAnalysisResults(cfg, constPropResult, iteration), s"${s}_constprop$iteration.txt") - case None => - } + config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(constPropResult, constPropSolver.stateAfterNode), Output.dotIder), s"${s}_constprop$iteration.dot")) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, constPropResult, iteration), s"${s}_constprop$iteration.txt")) Logger.info("[!] Running MRA") val mraSolver = MemoryRegionAnalysis.WorklistSolver(cfg, globalAddresses, globalOffsets, mergedSubroutines, constPropResult) val mraResult: Map[CfgNode, Set[MemoryRegion]] = mraSolver.analyze(true) memoryRegionAnalysisResults = mraResult - config.analysisDotPath match { - case Some(s) => writeToFile(cfg.toDot(Output.labeler(mraResult, mraSolver.stateAfterNode), Output.dotIder), s"${s}_mra$iteration.dot") - case None => - } - config.analysisResultsPath match { - case Some(s) => writeToFile(printAnalysisResults(cfg, mraResult, iteration), s"${s}_mra$iteration.txt") - case None => - } + config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(mraResult, mraSolver.stateAfterNode), Output.dotIder), s"${s}_mra$iteration.dot")) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, mraResult, iteration), s"${s}_mra$iteration.txt")) Logger.info("[!] Running MMM") val mmm = MemoryModelMap() @@ -188,14 +167,8 @@ object RunUtils { ValueSetAnalysis.WorklistSolver(cfg, globalAddresses, externalAddresses, globalOffsets, subroutines, mmm, constPropResult) val vsaResult: Map[CfgNode, Map[Variable | MemoryRegion, Set[Value]]] = vsaSolver.analyze(false) - config.analysisDotPath match { - case Some(s) => writeToFile(cfg.toDot(Output.labeler(vsaResult, vsaSolver.stateAfterNode), Output.dotIder), s"${s}_vsa$iteration.dot") - case None => - } - config.analysisResultsPath match { - case Some(s) => writeToFile(printAnalysisResults(cfg, vsaResult, iteration), s"${s}_vsa$iteration.txt") - case None => - } + config.analysisDotPath.foreach(s => writeToFile(cfg.toDot(Output.labeler(vsaResult, vsaSolver.stateAfterNode), Output.dotIder), s"${s}_vsa$iteration.dot")) + config.analysisResultsPath.foreach(s => writeToFile(printAnalysisResults(cfg, vsaResult, iteration), s"${s}_vsa$iteration.txt")) Logger.info("[!] Resolving CFG") val (newIR, modified): (Program, Boolean) = resolveCFG(cfg, vsaResult, IRProgram) @@ -204,11 +177,9 @@ object RunUtils { return analyse(newIR, externalFunctions, globals, globalOffsets, config, iteration + 1) } - config.analysisDotPath match { - case Some(s) => - val newCFG = ProgramCfgFactory().fromIR(newIR) - writeToFile(newCFG.toDot(x => x.toString, Output.dotIder), s"${s}_resolvedCFG.dot") - case None => + config.analysisDotPath.foreach { s => + val newCFG = ProgramCfgFactory().fromIR(newIR) + writeToFile(newCFG.toDot(x => x.toString, Output.dotIder), s"${s}_resolvedCFG.dot") } Logger.info(s"[!] Finished indirect call resolution after $iteration iterations")