From 5e5a92d1fa1e28a3d66985b8a632b4ef7e8e8324 Mon Sep 17 00:00:00 2001 From: DoronZ Date: Sun, 19 Jul 2020 22:29:06 +0300 Subject: [PATCH] commands: refactor commands to not perform unique upon each --- README.md | 12 ++-- commands.md | 71 +++++++++++-------- fa/commands/add_offset_range.py | 1 - fa/commands/alias | 8 +-- fa/commands/find_bytes.py | 16 +---- fa/commands/find_bytes_ida.py | 16 +---- fa/commands/find_immediate.py | 12 +--- fa/commands/find_str.py | 2 +- fa/commands/function_end.py | 4 +- fa/commands/function_lines.py | 1 - fa/commands/function_start.py | 4 +- fa/commands/goto_ref.py | 7 +- fa/commands/keystone_find_opcodes.py | 2 +- fa/commands/keystone_verify_opcodes.py | 2 +- fa/commands/unique.py | 19 ++--- fa/commands/verify_single.py | 30 ++++++++ fa/commands/xref.py | 1 - fa/ida_plugin.py | 2 +- fa/signatures/test-project-elf/eloop.sig | 2 +- .../test-project-elf/history_commands.sig | 4 +- fa/signatures/test-project-ida/eloop.dep | 2 +- fa/signatures/test-project-ida/find_imm.sig | 4 +- fa/signatures/test-project-ida/goto_refs.sig | 4 +- .../test-project-ida/history_commands.sig | 4 +- .../test-project-ida/opcodes_filter.sig | 4 +- fa/signatures/test-project-ida/xref.sig | 4 +- .../sublime/sig.sublime-completions | 8 +-- setup.py | 2 +- tests/test_commands/test_find_bytes.py | 34 ++++----- 29 files changed, 138 insertions(+), 144 deletions(-) create mode 100644 fa/commands/verify_single.py diff --git a/README.md b/README.md index 0506cf1..babdfde 100644 --- a/README.md +++ b/README.md @@ -114,7 +114,7 @@ To view the list of available commands, [view the list below](#available-command name: g_awsome_global, instructions: [ # find the byte sequence '11 22 33 44' - find-bytes --or '11 22 33 44' + find-bytes '11 22 33 44' # advance offset by 20 offset 20 @@ -139,7 +139,7 @@ To view the list of available commands, [view the list below](#available-command name: free instructions: [ # search the string "free" - find-str --or 'free' --null-terminated + find-str 'free' --null-terminated # goto xref xref @@ -212,7 +212,7 @@ To view the list of available commands, [view the list below](#available-command name: cool_functions instructions: [ # find string - find-str --or 'init_stuff' --null-terminated + find-str 'init_stuff' --null-terminated # goto to xref xref @@ -259,7 +259,7 @@ To view the list of available commands, [view the list below](#available-command ```python from fa.commands.find_str import find_str from fa.commands.set_name import set_name -from fa.commands.unique import unique +from fa.commands.verify_single import unique from fa import context def run(**kwargs): @@ -283,7 +283,7 @@ def run(**kwargs): ```python TEMPLATE = ''' -find-str --or '{unique_string}' +find-str '{unique_string}' xref function-start unique @@ -310,7 +310,7 @@ from fa.commands.set_type import set_type from fa import fa_types TEMPLATE = ''' -find-str --or '{unique_string}' +find-str '{unique_string}' xref ''' diff --git a/commands.md b/commands.md index 6f86829..6eacb4a 100644 --- a/commands.md +++ b/commands.md @@ -41,6 +41,7 @@ Below is the list of available commands: - [verify-operand](#verify-operand) - [verify-ref](#verify-ref) - [verify-segment](#verify-segment) +- [verify-single](#verify-single) - [verify-str](#verify-str) - [xref](#xref) - [xrefs-to](#xrefs-to) @@ -168,7 +169,7 @@ optional arguments: ``` ## find-bytes ``` -usage: find-bytes [-h] [--or] hex_str +usage: find-bytes [-h] hex_str expands the result-set with the occurrences of the given bytes @@ -177,10 +178,10 @@ EXAMPLE: 0x00000004: 05 06 07 08 results = [] - -> find-bytes --or 01020304 + -> find-bytes 01020304 result = [0] - -> find-bytes --or 05060708 + -> find-bytes 05060708 results = [0, 4] positional arguments: @@ -188,11 +189,10 @@ positional arguments: optional arguments: -h, --help show this help message and exit - --or ``` ## find-bytes-ida ``` -usage: find-bytes-ida [-h] [--or] expression +usage: find-bytes-ida [-h] expression expands the result-set with the occurrences of the given bytes expression in "ida bytes syntax" @@ -202,10 +202,10 @@ EXAMPLE: 0x00000004: 05 06 07 08 results = [] - -> find-bytes-ida --or '01 02 03 04' + -> find-bytes-ida '01 02 03 04' result = [0] - -> find-bytes-ida --or '05 06 ?? 08' + -> find-bytes-ida '05 06 ?? 08' results = [0, 4] positional arguments: @@ -213,11 +213,10 @@ positional arguments: optional arguments: -h, --help show this help message and exit - --or ``` ## find-immediate ``` -usage: find-immediate [-h] [--or] expression +usage: find-immediate [-h] expression expands the result-set with the occurrences of the given immediate in "ida immediate syntax" @@ -227,7 +226,7 @@ EXAMPLE: 0x00000004: add r0, #2 ; 0x1236 results = [] - -> find-immediate --or 0x1236 + -> find-immediate 0x1236 result = [4] positional arguments: @@ -235,11 +234,10 @@ positional arguments: optional arguments: -h, --help show this help message and exit - --or ``` ## find-str ``` -usage: find-str [-h] [--or] [--null-terminated] hex_str +usage: find-str [-h] [--null-terminated] hex_str expands the result-set with the occurrences of the given string @@ -250,7 +248,7 @@ EXAMPLE: 0x00000008: 30 31 32 33 -> ASCII '0123' results = [] - -> find-str --or '0123' + -> find-str '0123' result = [8] @@ -259,12 +257,11 @@ positional arguments: optional arguments: -h, --help show this help message and exit - --or --null-terminated ``` ## function-end ``` -usage: function-end [-h] [--not-unique] +usage: function-end [-h] goto function's end @@ -278,8 +275,7 @@ EXAMPLE: result = [0xf0] optional arguments: - -h, --help show this help message and exit - --not-unique + -h, --help show this help message and exit ``` ## function-lines ``` @@ -305,7 +301,7 @@ optional arguments: ``` ## function-start ``` -usage: function-start [-h] [--not-unique] +usage: function-start [-h] goto function's start @@ -319,8 +315,7 @@ EXAMPLE: result = [0] optional arguments: - -h, --help show this help message and exit - --not-unique + -h, --help show this help message and exit ``` ## goto-ref ``` @@ -351,7 +346,7 @@ EXAMPLE: 0x00000004: mov r0, r1 results = [] - -> keystone-find-opcodes --bele --or KS_ARCH_ARM KS_MODE_ARM 'mov r0, r1;' + -> keystone-find-opcodes --bele KS_ARCH_ARM KS_MODE_ARM 'mov r0, r1;' result = [4] positional arguments: @@ -376,7 +371,7 @@ EXAMPLE: 0x00000004: mov r0, r1 results = [0, 4] - -> keystone-verify-opcodes --bele --or KS_ARCH_ARM KS_MODE_ARM 'mov r0, r1' + -> keystone-verify-opcodes --bele KS_ARCH_ARM KS_MODE_ARM 'mov r0, r1' result = [4] positional arguments: @@ -608,17 +603,12 @@ optional arguments: ``` usage: unique [-h] -verifies the result-list contains a single value - -EXAMPLE #1: - results = [4, 12, 0, 8] - -> unique - result = [] +make the resultset unique -EXAMPLE #2: - results = [4] +EXAMPLE: + results = [0, 4, 8, 8, 12] -> unique - result = [4] + result = [0, 4, 8, 12] optional arguments: -h, --help show this help message and exit @@ -740,6 +730,25 @@ EXAMPLE: positional arguments: name segment name +optional arguments: + -h, --help show this help message and exit +``` +## verify-single +``` +usage: verify-single [-h] + +verifies the result-list contains a single value + +EXAMPLE #1: + results = [4, 12, 0, 8] + -> unique + result = [] + +EXAMPLE #2: + results = [4] + -> unique + result = [4] + optional arguments: -h, --help show this help message and exit ``` diff --git a/fa/commands/add_offset_range.py b/fa/commands/add_offset_range.py index ff6bfb1..4499aaa 100644 --- a/fa/commands/add_offset_range.py +++ b/fa/commands/add_offset_range.py @@ -21,7 +21,6 @@ def get_parser(): return p -@utils.yield_unique def add_offset_range(addresses, start, end, step): for ea in addresses: for i in range(start, end, step): diff --git a/fa/commands/alias b/fa/commands/alias index 69d6157..b05e94c 100644 --- a/fa/commands/alias +++ b/fa/commands/alias @@ -1,8 +1,8 @@ -ppc32-big-find-all = keystone-find-opcodes --or KS_ARCH_PPC KS_MODE_BIG_ENDIAN|KS_MODE_PPC32 -ppc32-find-all = keystone-find-opcodes --bele --or KS_ARCH_PPC KS_MODE_PPC32 +ppc32-big-find-all = keystone-find-opcodes KS_ARCH_PPC KS_MODE_BIG_ENDIAN|KS_MODE_PPC32 +ppc32-find-all = keystone-find-opcodes --bele KS_ARCH_PPC KS_MODE_PPC32 ppc32-big-verify = keystone-verify-opcodes KS_ARCH_PPC KS_MODE_BIG_ENDIAN|KS_MODE_PPC32 ppc32-verify = keystone-verify-opcodes --bele KS_ARCH_PPC KS_MODE_PPC32 -arm-find-all = keystone-find-opcodes --bele --or KS_ARCH_ARM KS_MODE_ARM -thumb-find-all = keystone-find-opcodes --bele --or KS_ARCH_ARM KS_MODE_THUMB +arm-find-all = keystone-find-opcodes --bele KS_ARCH_ARM KS_MODE_ARM +thumb-find-all = keystone-find-opcodes --bele KS_ARCH_ARM KS_MODE_THUMB arm-verify = keystone-verify-opcodes --bele KS_ARCH_ARM KS_MODE_ARM find-imm = find-immediate diff --git a/fa/commands/find_bytes.py b/fa/commands/find_bytes.py index 5c72117..8ef4f5e 100644 --- a/fa/commands/find_bytes.py +++ b/fa/commands/find_bytes.py @@ -1,5 +1,4 @@ from argparse import RawTextHelpFormatter -from collections import OrderedDict import binascii from fa import utils @@ -11,10 +10,10 @@ 0x00000004: 05 06 07 08 results = [] - -> find-bytes --or 01020304 + -> find-bytes 01020304 result = [0] - -> find-bytes --or 05060708 + -> find-bytes 05060708 results = [0, 4] ''' @@ -23,12 +22,10 @@ def get_parser(): p = utils.ArgumentParserNoExit('find-bytes', description=DESCRIPTION, formatter_class=RawTextHelpFormatter) - p.add_argument('--or', action='store_true') p.add_argument('hex_str') return p -@utils.yield_unique def find_bytes(hex_str, segments=None): needle = binascii.unhexlify(''.join(hex_str.split(' '))) return utils.find_raw(needle, segments=segments) @@ -36,11 +33,4 @@ def find_bytes(hex_str, segments=None): def run(segments, args, addresses, interpreter=None, **kwargs): results = list(find_bytes(args.hex_str, segments=segments)) - - retval = set(addresses) - if getattr(args, 'or'): - retval.update(results) - else: - raise ValueError("must specify --or option") - - return list(OrderedDict.fromkeys(retval)) + return addresses + results diff --git a/fa/commands/find_bytes_ida.py b/fa/commands/find_bytes_ida.py index ea8f8eb..42b4d44 100644 --- a/fa/commands/find_bytes_ida.py +++ b/fa/commands/find_bytes_ida.py @@ -1,5 +1,4 @@ from argparse import RawTextHelpFormatter -from collections import OrderedDict from fa import utils, context @@ -11,10 +10,10 @@ 0x00000004: 05 06 07 08 results = [] - -> find-bytes-ida --or '01 02 03 04' + -> find-bytes-ida '01 02 03 04' result = [0] - -> find-bytes-ida --or '05 06 ?? 08' + -> find-bytes-ida '05 06 ?? 08' results = [0, 4] ''' @@ -23,13 +22,11 @@ def get_parser(): p = utils.ArgumentParserNoExit('find-bytes-ida', description=DESCRIPTION, formatter_class=RawTextHelpFormatter) - p.add_argument('--or', action='store_true') p.add_argument('expression') return p @context.ida_context -@utils.yield_unique def find_bytes_ida(expression, segments=None): for address in utils.ida_find_all(expression): yield address @@ -37,11 +34,4 @@ def find_bytes_ida(expression, segments=None): def run(segments, args, addresses, interpreter=None, **kwargs): results = find_bytes_ida(args.expression) - - retval = set(addresses) - if getattr(args, 'or'): - retval.update(results) - else: - raise ValueError("must specify --or option") - - return list(OrderedDict.fromkeys(retval)) + return addresses + results diff --git a/fa/commands/find_immediate.py b/fa/commands/find_immediate.py index 6217cfe..33aa444 100644 --- a/fa/commands/find_immediate.py +++ b/fa/commands/find_immediate.py @@ -16,7 +16,7 @@ 0x00000004: add r0, #2 ; 0x1236 results = [] - -> find-immediate --or 0x1236 + -> find-immediate 0x1236 result = [4] ''' @@ -25,7 +25,6 @@ def get_parser(): p = utils.ArgumentParserNoExit('find-immediate', description=DESCRIPTION, formatter_class=RawTextHelpFormatter) - p.add_argument('--or', action='store_true') p.add_argument('expression') return p @@ -44,11 +43,4 @@ def find_immediate(expression): def run(segments, args, addresses, interpreter=None, **kwargs): results = list(find_immediate(args.expression)) - - retval = set(addresses) - if getattr(args, 'or'): - retval.update(results) - else: - raise ValueError("must specify --or option") - - return retval + return addresses + results diff --git a/fa/commands/find_str.py b/fa/commands/find_str.py index 4814297..ea84240 100644 --- a/fa/commands/find_str.py +++ b/fa/commands/find_str.py @@ -12,7 +12,7 @@ 0x00000008: 30 31 32 33 -> ASCII '0123' results = [] - -> find-str --or '0123' + -> find-str '0123' result = [8] ''' diff --git a/fa/commands/function_end.py b/fa/commands/function_end.py index 125dba5..b7173d3 100644 --- a/fa/commands/function_end.py +++ b/fa/commands/function_end.py @@ -24,7 +24,6 @@ def get_parser(): p = utils.ArgumentParserNoExit('function-end', description=DESCRIPTION, formatter_class=RawTextHelpFormatter) - p.add_argument('--not-unique', action='store_true') return p @@ -38,5 +37,4 @@ def function_end(addresses): def run(segments, args, addresses, interpreter=None, **kwargs): - results = function_end(addresses) - return list(results) if args.not_unique else list(set(results)) + return list(function_end(addresses)) diff --git a/fa/commands/function_lines.py b/fa/commands/function_lines.py index 6c88f7f..af20fe4 100644 --- a/fa/commands/function_lines.py +++ b/fa/commands/function_lines.py @@ -33,7 +33,6 @@ def get_parser(): @context.ida_context -@utils.yield_unique def function_lines(addresses, after=False): for address in addresses: for item in idautils.FuncItems(address): diff --git a/fa/commands/function_start.py b/fa/commands/function_start.py index 0099530..a170a00 100644 --- a/fa/commands/function_start.py +++ b/fa/commands/function_start.py @@ -30,7 +30,6 @@ def get_parser(): p = utils.ArgumentParserNoExit('function-start', description=DESCRIPTION, formatter_class=RawTextHelpFormatter) - p.add_argument('--not-unique', action='store_true') return p @@ -44,5 +43,4 @@ def function_start(addresses): def run(segments, args, addresses, interpreter=None, **kwargs): - results = function_start(addresses) - return list(results) if args.not_unique else list(set(results)) + return list(function_start(addresses)) diff --git a/fa/commands/goto_ref.py b/fa/commands/goto_ref.py index dc3eae8..fe6e565 100644 --- a/fa/commands/goto_ref.py +++ b/fa/commands/goto_ref.py @@ -45,13 +45,12 @@ def goto_ref(addresses, code=False, data=False): yield ref -@utils.yield_unique def goto_ref_unique(addresses, code=False, data=False): for address in goto_ref(addresses, code=code, data=data): yield address def run(segments, args, addresses, interpreter=None, **kwargs): - return list(set(goto_ref_unique(addresses, - code=args.code, - data=args.data))) + return list(goto_ref_unique(addresses, + code=args.code, + data=args.data)) diff --git a/fa/commands/keystone_find_opcodes.py b/fa/commands/keystone_find_opcodes.py index 1f18eac..c37da47 100644 --- a/fa/commands/keystone_find_opcodes.py +++ b/fa/commands/keystone_find_opcodes.py @@ -17,7 +17,7 @@ 0x00000004: mov r0, r1 results = [] - -> keystone-find-opcodes --bele --or KS_ARCH_ARM KS_MODE_ARM 'mov r0, r1;' + -> keystone-find-opcodes --bele KS_ARCH_ARM KS_MODE_ARM 'mov r0, r1;' result = [4] ''' diff --git a/fa/commands/keystone_verify_opcodes.py b/fa/commands/keystone_verify_opcodes.py index 01b5fa8..7bbd7c3 100644 --- a/fa/commands/keystone_verify_opcodes.py +++ b/fa/commands/keystone_verify_opcodes.py @@ -19,7 +19,7 @@ 0x00000004: mov r0, r1 results = [0, 4] - -> keystone-verify-opcodes --bele --or KS_ARCH_ARM KS_MODE_ARM 'mov r0, r1' + -> keystone-verify-opcodes --bele KS_ARCH_ARM KS_MODE_ARM 'mov r0, r1' result = [4] ''' diff --git a/fa/commands/unique.py b/fa/commands/unique.py index e06b45d..789e653 100644 --- a/fa/commands/unique.py +++ b/fa/commands/unique.py @@ -1,17 +1,12 @@ from argparse import RawTextHelpFormatter from fa import utils -DESCRIPTION = '''verifies the result-list contains a single value +DESCRIPTION = '''make the resultset unique -EXAMPLE #1: - results = [4, 12, 0, 8] +EXAMPLE: + results = [0, 4, 8, 8, 12] -> unique - result = [] - -EXAMPLE #2: - results = [4] - -> unique - result = [4] + result = [0, 4, 8, 12] ''' @@ -22,9 +17,5 @@ def get_parser(): return p -def unique(addresses): - return addresses if len(addresses) == 1 else [] - - def run(segments, args, addresses, interpreter=None, **kwargs): - return unique(addresses) + return list(set(addresses)) diff --git a/fa/commands/verify_single.py b/fa/commands/verify_single.py new file mode 100644 index 0000000..27b8f3d --- /dev/null +++ b/fa/commands/verify_single.py @@ -0,0 +1,30 @@ +from argparse import RawTextHelpFormatter +from fa import utils + +DESCRIPTION = '''verifies the result-list contains a single value + +EXAMPLE #1: + results = [4, 12, 0, 8] + -> unique + result = [] + +EXAMPLE #2: + results = [4] + -> unique + result = [4] +''' + + +def get_parser(): + p = utils.ArgumentParserNoExit('verify-single', + description=DESCRIPTION, + formatter_class=RawTextHelpFormatter) + return p + + +def verify_single(addresses): + return addresses if len(addresses) == 1 else [] + + +def run(segments, args, addresses, interpreter=None, **kwargs): + return verify_single(addresses) diff --git a/fa/commands/xref.py b/fa/commands/xref.py index 7343adb..bc00272 100644 --- a/fa/commands/xref.py +++ b/fa/commands/xref.py @@ -14,7 +14,6 @@ def get_parser(): @context.ida_context -@utils.yield_unique def xref(addresses): for address in addresses: for ref in idautils.XrefsTo(address): diff --git a/fa/ida_plugin.py b/fa/ida_plugin.py index a2f41d4..582689f 100644 --- a/fa/ida_plugin.py +++ b/fa/ida_plugin.py @@ -93,7 +93,7 @@ def create_symbol(self): } if self._create_template_symbol: - find_bytes_ida = "find-bytes-ida --or '" + find_bytes_ida = "find-bytes-ida '" for ea in idautils.FuncItems(current_ea): mnem = idc.print_insn_mnem(ea).lower() diff --git a/fa/signatures/test-project-elf/eloop.sig b/fa/signatures/test-project-elf/eloop.sig index c1818c5..4597f2a 100644 --- a/fa/signatures/test-project-elf/eloop.sig +++ b/fa/signatures/test-project-elf/eloop.sig @@ -3,6 +3,6 @@ "name": "eloop", "instructions": [ "arm-find-all 'loop: b loop'" - unique + verify-single ] } diff --git a/fa/signatures/test-project-elf/history_commands.sig b/fa/signatures/test-project-elf/history_commands.sig index 695d349..20e0ce3 100644 --- a/fa/signatures/test-project-elf/history_commands.sig +++ b/fa/signatures/test-project-elf/history_commands.sig @@ -2,8 +2,8 @@ "type": "global", "name": "magic", "instructions": [ - find-bytes --or '11 22 33 44' - unique + find-bytes '11 22 33 44' + verify-single checkpoint 11223344 # verify the advance works diff --git a/fa/signatures/test-project-ida/eloop.dep b/fa/signatures/test-project-ida/eloop.dep index d8fd8c5..01a5ec8 100644 --- a/fa/signatures/test-project-ida/eloop.dep +++ b/fa/signatures/test-project-ida/eloop.dep @@ -3,7 +3,7 @@ "name": "eloop", "instructions": [ "arm-find-all 'loop: b loop'" - unique + verify-single set-name eloop ] } diff --git a/fa/signatures/test-project-ida/find_imm.sig b/fa/signatures/test-project-ida/find_imm.sig index 8894caa..5c9a9fd 100644 --- a/fa/signatures/test-project-ida/find_imm.sig +++ b/fa/signatures/test-project-ida/find_imm.sig @@ -2,8 +2,8 @@ "type": "global", "name": "find_imm", "instructions": [ - find-imm --or 1 - unique + find-imm 1 + verify-single set-name find_imm ] } diff --git a/fa/signatures/test-project-ida/goto_refs.sig b/fa/signatures/test-project-ida/goto_refs.sig index 2c64fef..3683ae8 100644 --- a/fa/signatures/test-project-ida/goto_refs.sig +++ b/fa/signatures/test-project-ida/goto_refs.sig @@ -2,11 +2,11 @@ "type": "code-somewhere", "name": "ref_test", "instructions": [ - find-bytes --or '11 22 33 44' + find-bytes '11 22 33 44' xref function-start arm-verify 'push {r4-r7, lr}' - unique + verify-single add-offset-range 0 20 4 verify-operand bl single 0 diff --git a/fa/signatures/test-project-ida/history_commands.sig b/fa/signatures/test-project-ida/history_commands.sig index c256129..3be01b9 100644 --- a/fa/signatures/test-project-ida/history_commands.sig +++ b/fa/signatures/test-project-ida/history_commands.sig @@ -2,8 +2,8 @@ "type": "global", "name": "magic", "instructions": [ - find-bytes --or '11 22 33 44' - unique + find-bytes '11 22 33 44' + verify-single checkpoint 11223344 # verify the advance works diff --git a/fa/signatures/test-project-ida/opcodes_filter.sig b/fa/signatures/test-project-ida/opcodes_filter.sig index 932a100..fb6fcb1 100644 --- a/fa/signatures/test-project-ida/opcodes_filter.sig +++ b/fa/signatures/test-project-ida/opcodes_filter.sig @@ -2,7 +2,7 @@ "type": "code-somewhere", "name": "second_bl", "instructions": [ - find-bytes --or '11 22 33 44' + find-bytes '11 22 33 44' offset 1 align 4 verify-bytes '55 66 77 88' @@ -10,7 +10,7 @@ xref function-start arm-verify 'push {r4-r7, lr}' - unique + verify-single add-offset-range 0 20 4 verify-operand bl single 1 diff --git a/fa/signatures/test-project-ida/xref.sig b/fa/signatures/test-project-ida/xref.sig index 289c622..9a4e1be 100644 --- a/fa/signatures/test-project-ida/xref.sig +++ b/fa/signatures/test-project-ida/xref.sig @@ -2,13 +2,13 @@ "type": "function", "name": "main", "instructions": [ - find-bytes --or '11 22 33 44' + find-bytes '11 22 33 44' xref function-start arm-verify 'push {r4-r7, lr}' make-comment 'function prolog' verify-segment .text - unique + verify-single set-name main set-type 'void main(void)' ] diff --git a/ide-completions/sublime/sig.sublime-completions b/ide-completions/sublime/sig.sublime-completions index a720e6f..5cfbb5f 100644 --- a/ide-completions/sublime/sig.sublime-completions +++ b/ide-completions/sublime/sig.sublime-completions @@ -3,12 +3,12 @@ "completions": [ { "trigger": "find-bytes", - "contents": "\"find-bytes --or '${1:hex_str}'\",", + "contents": "\"find-bytes '${1:hex_str}'\",", "kind": "snippet", }, { "trigger": "find-str", - "contents": "\"find-str --or '${1:hex_str}'\",", + "contents": "\"find-str '${1:hex_str}'\",", "kind": "snippet", }, { @@ -58,12 +58,12 @@ }, { "trigger": "keystone-find-opcodes", - "contents": "\"keystone-find-opcodes --or bele ${1:arch} ${2:mode} '${3:code}'\",", + "contents": "\"keystone-find-opcodes --bele ${1:arch} ${2:mode} '${3:code}'\",", "kind": "snippet", }, { "trigger": "keystone-verify-opcodes", - "contents": "\"keystone-verify-opcodes --or bele ${1:arch} ${2:mode} '${3:code}'\",", + "contents": "\"keystone-verify-opcodes --bele ${1:arch} ${2:mode} '${3:code}'\",", "kind": "snippet", }, { diff --git a/setup.py b/setup.py index 46c1853..073dcdd 100644 --- a/setup.py +++ b/setup.py @@ -2,7 +2,7 @@ setup( name='fa', - version='0.1.1', + version='0.1.2', description='FA Plugin', author='DoronZ', author_email='doron88@gmail.com', diff --git a/tests/test_commands/test_find_bytes.py b/tests/test_commands/test_find_bytes.py index 0b097f6..0cd3c75 100644 --- a/tests/test_commands/test_find_bytes.py +++ b/tests/test_commands/test_find_bytes.py @@ -7,33 +7,33 @@ @pytest.mark.parametrize("segments,instruction,result", [ # Sanity - ([(0x12345678, b"\x11\x22\x33\x44")], "find-bytes --or '11223344'", + ([(0x12345678, b"\x11\x22\x33\x44")], "find-bytes '11223344'", [0x12345678]), - ([(0x12345678, b"\x00\x00\x00\x00")], "find-bytes --or '00000000'", + ([(0x12345678, b"\x00\x00\x00\x00")], "find-bytes '00000000'", [0x12345678]), - ([(0x12345678, b"\xff\xff\xff\xff")], "find-bytes --or 'ffffffff'", + ([(0x12345678, b"\xff\xff\xff\xff")], "find-bytes 'ffffffff'", [0x12345678]), # No results - ([(0x12345678, b"\x11\x22\x33\x45")], "find-bytes --or '11223344'", []), - ([(0x12345678, b"\x00\x00\x00\x00")], "find-bytes --or '11223344'", []), - ([(0x12345678, b"\xff\xff\xff\xff")], "find-bytes --or '11223344'", []), - ([(0x12345678, b"\x44\x33\x22\x11")], "find-bytes --or '11223344'", []), + ([(0x12345678, b"\x11\x22\x33\x45")], "find-bytes '11223344'", []), + ([(0x12345678, b"\x00\x00\x00\x00")], "find-bytes '11223344'", []), + ([(0x12345678, b"\xff\xff\xff\xff")], "find-bytes '11223344'", []), + ([(0x12345678, b"\x44\x33\x22\x11")], "find-bytes '11223344'", []), # Multiple results in the same segment ([(0x12345678, b"\x11\x22\x33\x44\x00\x00\x00\x00\x11\x22\x33\x44")], - "find-bytes --or '11223344'", [0x12345678, 0x12345680]), + "find-bytes '11223344'", [0x12345678, 0x12345680]), # Multiple results in the different segments ([(0x12345678, b"\x11\x22\x33\x44"), (0x55554444, b"\x11\x22\x33\x44")], - "find-bytes --or '11223344'", [0x12345678, 0x55554444]), + "find-bytes '11223344'", [0x12345678, 0x55554444]), # Multiple results ([(0x12345678, b"\x11\x22\x33\x44\x00\x00\x00\x00\x11\x22\x33\x44"), (0x55554444, b"\x11\x22\x33\x44")], - "find-bytes --or '11223344'", [0x12345678, 0x12345680, 0x55554444]), + "find-bytes '11223344'", [0x12345678, 0x12345680, 0x55554444]), # Overlapping results in the same segment - ([(0x12345678, b"\x11\x22\x11\x22\x11\x22")], "find-bytes --or '11221122'", + ([(0x12345678, b"\x11\x22\x11\x22\x11\x22")], "find-bytes '11221122'", [0x12345678, 0x1234567a]), # Overlapping results in different segments - not supported! ([(0x12345678, b"\x11\x22\x11\x22"), (0x1234567c, b"\x11\x22\x33\x44")], - "find-bytes --or '11221122'", [0x12345678]), + "find-bytes '11221122'", [0x12345678]), ]) def test_find_bytes_or(segments, instruction, result): analyzer = MockFaInterp() @@ -45,23 +45,23 @@ def test_find_bytes_or(segments, instruction, result): @pytest.mark.parametrize("segments,instructions,result", [ # Sanity ([(0x12345678, b"\x11\x22\x33\x44\x11\x22\x11\x22")], - ["find-bytes --or '11223344'", "find-bytes --or '11221122'", "sort"], + ["find-bytes '11223344'", "find-bytes '11221122'", "sort"], [0x12345678, 0x1234567c]), # Results across segments ([(0x12345678, b"\x11\x22\x33\x44"), (0x55554444, b"\x11\x22\x11\x22")], - ["find-bytes --or '11223344'", "find-bytes --or '11221122'", "sort"], + ["find-bytes '11223344'", "find-bytes '11221122'", "sort"], [0x12345678, 0x55554444]), # First find has no results ([(0x12345678, b"\x11\x22\x33\x45\x11\x22\x11\x22")], - ["find-bytes --or '11223344'", "find-bytes --or '11221122'", "sort"], + ["find-bytes '11223344'", "find-bytes '11221122'", "sort"], [0x1234567c]), # Second find has no results ([(0x12345678, b"\x11\x22\x33\x44\x11\x22\x11\x23")], - ["find-bytes --or '11223344'", "find-bytes --or '11221122'", "sort"], + ["find-bytes '11223344'", "find-bytes '11221122'", "sort"], [0x12345678]), # Same address across finds ([(0x12345678, b"\x11\x22\x33\x44\x11\x22\x11\x23")], - ["find-bytes --or '11223344'", "find-bytes --or '11223344'", "sort"], + ["find-bytes '11223344'", "find-bytes '11223344'", "unique", "sort"], [0x12345678]), ]) def test_multiple_find_bytes_or(segments, instructions, result):