reven2.preview.taint.TaintAccess(object) class documentation

Part of reven2.preview.taint (View In Hierarchy)

Containing information about the accessed data.

A taint access contains:

Warnings

This object is not meant to be constructed directly. It is created by TaintAccessView

Examples

>>> accesses = taint.accesses()
>>> for access in accesses.all():
>>>     # access is an instance of TaintAccess
>>>     print(access)
Taint access at #7 mov qword ptr [rbp - 0x50], rax
Tainted memories:
[phy:0x46b5ff0; 8] : gained[tag0,]

Taint access at #20 movaps xmmword ptr [rbp], xmm1 Tainted memories: [phy:0x1bdb4040; 1] : lost[tag1,]

Taint access at #27 lea rax, [rip + 0x3120]

Taint access at #14733764 mov rax, qword ptr [rbp - 0x50] Tainted registers: rax : gained[tag0,]

Taint access at #14733789 mov rax, qword ptr [rsp + 0x90]

Taint access at #14746690 mov qword ptr [rsp + 0x30], r13 Tainted memories: [phy:0x46b5ff0; 8] : [tag0,]

Method __init__ Undocumented
Method transition Property: the transition that caused the change
Method has_changes Returns True if this access change the taint state or False otherwise.
Method tainted_registers Iterates over each TaintedRegisterSlice implicated in this taint access and yields a pair of TaintedRegisterSlice and ChangeMarkers
Method tainted_memories Iterates over each TaintedMemories implicated in this taint access and yields a pair of TaintedMemories and ChangeMarkers
Method state_before Get the TaintState before this access relatively to the taint direction.
Method state_after Get the TaintState after this access relatively to the taint direction.
Method __str__ Undocumented
Method __repr__ Undocumented
def __init__(self, trace, taint_data, taint_change):
Undocumented
@property
def transition(self):

Property: the transition that caused the change

Examples

>>> accesses = taint.accesses()
>>> for access in accesses.all():
>>>     # access is an instance of TaintAccess
>>>     print(access.transition)
5
9
13
33
95

Information

ReturnsA reven2.trace.Transition.
def has_changes(self):

Returns True if this access change the taint state or False otherwise.

Information

ReturnsA bool
def tainted_registers(self):

Iterates over each TaintedRegisterSlice implicated in this taint access and yields a pair of TaintedRegisterSlice and ChangeMarkers

Examples

>>> accesses = taint.accesses()
>>> for access in accesses.all():
>>>     # access is an instance of TaintAccess
>>>     for reg, change_markers in access.tainted_registers():
>>>         print(reg)
>>>         for handle, name in change_markers.gained:
>>>             print(name)
>>>         for handle, name in change_markers.lost:
>>>             print(name)
rax
tag0
rax
tag0
rax
tag0

Information

ReturnsA generator of (TaintedRegisterSlice, ChangeMarkers).
def tainted_memories(self):

Iterates over each TaintedMemories implicated in this taint access and yields a pair of TaintedMemories and ChangeMarkers

Examples

>>> accesses = taint.accesses()
>>> for access in accesses.all():
>>>     # access is an instance of TaintAccess
>>>     for mem, change_markers in access.tainted_memories():
>>>         print(mem)
>>>         for handle, name in change_markers.gained:
>>>             print(name)
>>>         for handle, name in change_markers.lost:
>>>             print(name)
phy:0x46b5ff0; 8]
tag0
[phy:0x1bdb4040; 1]
tag1
[phy:0x46b5ff0; 8]
tag0

Information

ReturnsA generator of (TaintedMemories, ChangeMarkers).
def state_before(self):

Get the TaintState before this access relatively to the taint direction.

If the taint is a Forward taint, then the state before is taint.state_at(access.transition.context_before())

If the taint is a Backward taint, then the state before is taint.state_at(access.transition.context_after())

Examples

>>> accesses = taint.accesses()
>>> for access in accesses.all():
>>>     print (access.state_before())
Taint state at Context before #7
Tainted registers:
rax : [tag0,]
Tainted memories:
[phy:0x1bdb4040; 1] : [tag1,]

Taint state at Context before #20 Tainted registers: rax : [tag0,] Tainted memories: [phy:0x46b5ff0; 8] : [tag0,] [phy:0x1bdb4040; 1] : [tag1,]

Taint state at Context before #27 Tainted registers: rax : [tag0,] Tainted memories: [phy:0x46b5ff0; 8] : [tag0,]

Taint state at Context before #14733764 Tainted memories: [phy:0x46b5ff0; 8] : [tag0,]

Taint state at Context before #14733789 Tainted registers: rax : [tag0,] Tainted memories: [phy:0x46b5ff0; 8] : [tag0,]

Taint state at Context before #14746690 Tainted memories: [phy:0x46b5ff0; 8] : [tag0,]

Information

ReturnsA TaintState.
def state_after(self):

Get the TaintState after this access relatively to the taint direction.

If the taint is a Forward taint, then the state after is taint.state_at(access.transition.context_after())

If the taint is a Backward taint, then the state after is taint.state_at(access.transition.context_before())

Examples

>>> accesses = taint.accesses()
>>> for access in accesses.all():
>>>     print (access.state_after())
Taint state at Context before #8
Tainted registers:
rax : [tag0,]
Tainted memories:
[phy:0x46b5ff0; 8] : [tag0,]
[phy:0x1bdb4040; 1] : [tag1,]

Taint state at Context before #21 Tainted registers: rax : [tag0,] Tainted memories: [phy:0x46b5ff0; 8] : [tag0,]

Taint state at Context before #28 Tainted memories: [phy:0x46b5ff0; 8] : [tag0,]

Taint state at Context before #14733765 Tainted registers: rax : [tag0,] Tainted memories: [phy:0x46b5ff0; 8] : [tag0,]

Taint state at Context before #14733790 Tainted memories: [phy:0x46b5ff0; 8] : [tag0,]

Taint state at Context before #14746691

Information

ReturnsA TaintState.
def __str__(self):
Undocumented
def __repr__(self):
Undocumented
API Documentation for reven2, generated by pydoctor at 2020-09-17 15:57:19.