libTriton  version 0.6 build 1389
api.cpp
Go to the documentation of this file.
1 /*
3 ** Copyright (C) - Triton
4 **
5 ** This program is under the terms of the BSD License.
6 */
7 
8 #include <triton/api.hpp>
9 #include <triton/exceptions.hpp>
10 
11 #include <list>
12 #include <map>
13 #include <new>
14 
15 
225 namespace triton {
226 
227  API::API() : callbacks(*this), arch(&this->callbacks), modes(), astCtxt() {
228  }
229 
230 
232  this->removeEngines();
233  }
234 
235 
236 
237  /* Architecture API ============================================================================== */
238 
239  bool API::isArchitectureValid(void) const {
240  return this->arch.isValid();
241  }
242 
243 
244  void API::checkArchitecture(void) const {
245  if (!this->isArchitectureValid())
246  throw triton::exceptions::API("API::checkArchitecture(): You must define an architecture.");
247  }
248 
249 
251  return this->arch.getArchitecture();
252  }
253 
254 
256  if (!this->isArchitectureValid())
257  throw triton::exceptions::API("API::checkArchitecture(): You must define an architecture.");
258  return this->arch.getCpuInstance();
259  }
260 
261 
263  /* Setup and init the targeted architecture */
264  this->arch.setArchitecture(arch);
265 
266  /* remove and re-init previous engines (when setArchitecture() has been called twice) */
267  this->removeEngines();
268  this->initEngines();
269  }
270 
271 
273  this->checkArchitecture();
274  this->arch.clearArchitecture();
275  }
276 
277 
279  return this->arch.isFlag(regId);
280  }
281 
282 
283  bool API::isFlag(const triton::arch::Register& reg) const {
284  return this->arch.isFlag(reg);
285  }
286 
287 
289  return this->arch.isRegister(regId);
290  }
291 
292 
293  bool API::isRegister(const triton::arch::Register& reg) const {
294  return this->arch.isRegister(reg);
295  }
296 
297 
299  return this->arch.getRegister(id);
300  }
301 
302 
304  return this->arch.getParentRegister(reg);
305  }
306 
307 
309  return this->arch.getParentRegister(id);
310  }
311 
312 
314  return this->arch.isRegisterValid(regId);
315  }
316 
317 
319  return this->arch.isRegisterValid(reg);
320  }
321 
322 
324  return this->arch.gprBitSize();
325  }
326 
327 
329  return this->arch.gprSize();
330  }
331 
332 
334  return this->arch.numberOfRegisters();
335  }
336 
337 
338  const std::unordered_map<triton::arch::registers_e, const triton::arch::Register>& API::getAllRegisters(void) const {
339  this->checkArchitecture();
340  return this->arch.getAllRegisters();
341  }
342 
343 
344  std::set<const triton::arch::Register*> API::getParentRegisters(void) const {
345  this->checkArchitecture();
346  return this->arch.getParentRegisters();
347  }
348 
349 
350  triton::uint8 API::getConcreteMemoryValue(triton::uint64 addr, bool execCallbacks) const {
351  this->checkArchitecture();
352  return this->arch.getConcreteMemoryValue(addr, execCallbacks);
353  }
354 
355 
357  this->checkArchitecture();
358  return this->arch.getConcreteMemoryValue(mem, execCallbacks);
359  }
360 
361 
362  std::vector<triton::uint8> API::getConcreteMemoryAreaValue(triton::uint64 baseAddr, triton::usize size, bool execCallbacks) const {
363  this->checkArchitecture();
364  return this->arch.getConcreteMemoryAreaValue(baseAddr, size, execCallbacks);
365  }
366 
367 
369  this->checkArchitecture();
370  return this->arch.getConcreteRegisterValue(reg, execCallbacks);
371  }
372 
373 
375  this->checkArchitecture();
376  this->arch.setConcreteMemoryValue(addr, value);
377  }
378 
379 
381  this->checkArchitecture();
382  this->arch.setConcreteMemoryValue(mem, value);
383  }
384 
385 
386  void API::setConcreteMemoryAreaValue(triton::uint64 baseAddr, const std::vector<triton::uint8>& values) {
387  this->checkArchitecture();
388  this->arch.setConcreteMemoryAreaValue(baseAddr, values);
389  }
390 
391 
393  this->checkArchitecture();
394  this->arch.setConcreteMemoryAreaValue(baseAddr, area, size);
395  }
396 
397 
399  this->checkArchitecture();
400  this->arch.setConcreteRegisterValue(reg, value);
401  }
402 
403 
405  this->checkArchitecture();
406  return this->arch.isMemoryMapped(baseAddr, size);
407  }
408 
409 
411  this->checkArchitecture();
412  this->arch.unmapMemory(baseAddr, size);
413  }
414 
415 
417  this->checkArchitecture();
418  this->arch.disassembly(inst);
419  }
420 
421 
422 
423  /* Processing API ================================================================================ */
424 
425  void API::initEngines(void) {
426  this->checkArchitecture();
427 
428  this->symbolic = new(std::nothrow) triton::engines::symbolic::SymbolicEngine(&this->arch, this->modes, this->astCtxt, &this->callbacks);
429  if (this->symbolic == nullptr)
430  throw triton::exceptions::API("API::initEngines(): No enough memory.");
431 
432  this->solver = new(std::nothrow) triton::engines::solver::SolverEngine(this->symbolic);
433  if (this->solver == nullptr)
434  throw triton::exceptions::API("API::initEngines(): No enough memory.");
435 
436  this->taint = new(std::nothrow) triton::engines::taint::TaintEngine(this->modes, this->symbolic, *this->getCpuInstance());
437  if (this->taint == nullptr)
438  throw triton::exceptions::API("API::initEngines(): No enough memory.");
439 
440  this->irBuilder = new(std::nothrow) triton::arch::IrBuilder(&this->arch, this->modes, this->astCtxt, this->symbolic, this->taint);
441  if (this->irBuilder == nullptr)
442  throw triton::exceptions::API("API::initEngines(): No enough memory.");
443  }
444 
445 
446  void API::removeEngines(void) {
447  if (this->isArchitectureValid()) {
448  delete this->irBuilder;
449  delete this->solver;
450  delete this->symbolic;
451  delete this->taint;
452 
453  this->irBuilder = nullptr;
454  this->solver = nullptr;
455  this->symbolic = nullptr;
456  this->taint = nullptr;
457  }
458 
459  // Use default modes.
460  this->modes = triton::modes::Modes();
461 
462  // Clean up the ast context
464  }
465 
466 
467  void API::reset(void) {
468  if (this->isArchitectureValid()) {
469  this->removeEngines();
470  this->initEngines();
471  this->clearArchitecture();
472  this->removeAllCallbacks();
473  }
474  }
475 
476 
478  this->checkArchitecture();
479  this->arch.disassembly(inst);
480  return this->irBuilder->buildSemantics(inst);
481  }
482 
483 
484 
485  /* IR builder API ================================================================================= */
486 
487  void API::checkIrBuilder(void) const {
488  if (!this->irBuilder)
489  throw triton::exceptions::API("API::checkIrBuilder(): IR builder is undefined, you should define an architecture first.");
490  }
491 
492 
494  this->checkIrBuilder();
495  return this->irBuilder->buildSemantics(inst);
496  }
497 
498 
500  return this->astCtxt;
501  }
502 
503 
504 
505  /* AST representation API ========================================================================= */
506 
508  return this->astCtxt.getRepresentationMode();
509  }
510 
511 
513  this->astCtxt.setRepresentationMode(mode);
514  }
515 
516 
517 
518  /* Callbacks API ================================================================================= */
519 
521  this->callbacks.addCallback(cb);
522  }
523 
524 
526  this->callbacks.addCallback(cb);
527  }
528 
529 
531  this->callbacks.addCallback(cb);
532  }
533 
534 
536  this->callbacks.addCallback(cb);
537  }
538 
539 
541  this->callbacks.addCallback(cb);
542  }
543 
544 
547  }
548 
549 
551  this->callbacks.removeCallback(cb);
552  }
553 
554 
556  this->callbacks.removeCallback(cb);
557  }
558 
559 
561  this->callbacks.removeCallback(cb);
562  }
563 
564 
566  this->callbacks.removeCallback(cb);
567  }
568 
569 
571  this->callbacks.removeCallback(cb);
572  }
573 
574 
576  if (this->callbacks.isDefined)
577  return this->callbacks.processCallbacks(kind, node);
578  return node;
579  }
580 
581 
583  if (this->callbacks.isDefined)
584  this->callbacks.processCallbacks(kind, mem);
585  }
586 
587 
589  if (this->callbacks.isDefined)
590  this->callbacks.processCallbacks(kind, reg);
591  }
592 
593 
594 
595  /* Modes API======================================================================================= */
596 
597  void API::enableMode(enum triton::modes::mode_e mode, bool flag) {
598  this->modes.enableMode(mode, flag);
599  }
600 
601 
603  return this->modes.isModeEnabled(mode);
604  }
605 
606 
607 
608  /* Symbolic engine API ============================================================================ */
609 
610  void API::checkSymbolic(void) const {
611  if (!this->symbolic)
612  throw triton::exceptions::API("API::checkSymbolic(): Symbolic engine is undefined, you should define an architecture first.");
613  }
614 
615 
617  this->checkSymbolic();
618  return this->symbolic;
619  }
620 
621 
623  this->checkSymbolic();
624  return this->symbolic->convertExpressionToSymbolicVariable(exprId, symVarSize, symVarComment);
625  }
626 
627 
629  this->checkSymbolic();
630  return this->symbolic->convertMemoryToSymbolicVariable(mem, symVarComment);
631  }
632 
633 
635  this->checkSymbolic();
636  return this->symbolic->convertRegisterToSymbolicVariable(reg, symVarComment);
637  }
638 
639 
641  this->checkSymbolic();
642  return this->symbolic->getOperandAst(op);
643  }
644 
645 
647  this->checkSymbolic();
648  return this->symbolic->getOperandAst(inst, op);
649  }
650 
651 
653  this->checkSymbolic();
654  return this->symbolic->getImmediateAst(imm);
655  }
656 
657 
659  this->checkSymbolic();
660  return this->symbolic->getImmediateAst(inst, imm);
661  }
662 
663 
665  this->checkSymbolic();
666  return this->symbolic->getMemoryAst(mem);
667  }
668 
669 
671  this->checkSymbolic();
672  return this->symbolic->getMemoryAst(inst, mem);
673  }
674 
675 
677  this->checkSymbolic();
678  return this->symbolic->getRegisterAst(reg);
679  }
680 
681 
683  this->checkSymbolic();
684  return this->symbolic->getRegisterAst(inst, reg);
685  }
686 
687 
689  this->checkSymbolic();
691  }
692 
693 
695  this->checkSymbolic();
696  return this->symbolic->newSymbolicVariable(triton::engines::symbolic::UNDEF, 0, varSize, comment);
697  }
698 
699 
701  this->checkSymbolic();
702  return this->symbolic->removeSymbolicExpression(symExprId);
703  }
704 
705 
707  this->checkSymbolic();
708  return this->symbolic->createSymbolicExpression(inst, node, dst, comment);
709  }
710 
711 
713  this->checkSymbolic();
714  return this->symbolic->createSymbolicMemoryExpression(inst, node, mem, comment);
715  }
716 
717 
719  this->checkSymbolic();
720  return this->symbolic->createSymbolicRegisterExpression(inst, node, reg, comment);
721  }
722 
723 
725  this->checkSymbolic();
726  return this->symbolic->createSymbolicFlagExpression(inst, node, flag, comment);
727  }
728 
729 
731  this->checkSymbolic();
732  return this->symbolic->createSymbolicVolatileExpression(inst, node, comment);
733  }
734 
735 
737  this->checkSymbolic();
739  }
740 
741 
743  this->checkSymbolic();
745  }
746 
747 
749  this->checkSymbolic();
750  return this->symbolic->getSymbolicMemory(addr);
751  }
752 
753 
754  std::map<triton::arch::registers_e, triton::engines::symbolic::SharedSymbolicExpression> API::getSymbolicRegisters(void) const {
755  this->checkSymbolic();
756  return this->symbolic->getSymbolicRegisters();
757  }
758 
759 
760  std::map<triton::uint64, triton::engines::symbolic::SharedSymbolicExpression> API::getSymbolicMemory(void) const {
761  this->checkSymbolic();
762  return this->symbolic->getSymbolicMemory();
763  }
764 
765 
767  this->checkSymbolic();
768  return this->symbolic->getSymbolicRegister(reg);
769  }
770 
771 
773  this->checkSymbolic();
774  return this->symbolic->getSymbolicMemoryValue(address);
775  }
776 
777 
779  this->checkSymbolic();
780  return this->symbolic->getSymbolicMemoryValue(mem);
781  }
782 
783 
784  std::vector<triton::uint8> API::getSymbolicMemoryAreaValue(triton::uint64 baseAddr, triton::usize size) {
785  this->checkSymbolic();
786  return this->symbolic->getSymbolicMemoryAreaValue(baseAddr, size);
787  }
788 
789 
791  this->checkSymbolic();
792  return this->symbolic->getSymbolicRegisterValue(reg);
793  }
794 
795 
797  this->checkSymbolic();
798  if (z3 == true) {
799  auto snode = this->processZ3Simplification(node);
800  return this->symbolic->processSimplification(snode);
801  }
802  return this->symbolic->processSimplification(node);
803  }
804 
805 
807  this->checkSymbolic();
808  return this->symbolic->getSymbolicExpressionFromId(symExprId);
809  }
810 
811 
813  this->checkSymbolic();
814  return this->symbolic->getConcreteVariableValue(symVar);
815  }
816 
817 
819  this->checkSymbolic();
820  this->symbolic->setConcreteVariableValue(symVar, value);
821  }
822 
823 
825  this->checkSymbolic();
826  return this->symbolic->getSymbolicVariableFromId(symVarId);
827  }
828 
829 
831  this->checkSymbolic();
832  return this->symbolic->getSymbolicVariableFromName(symVarName);
833  }
834 
835 
836  const std::vector<triton::engines::symbolic::PathConstraint>& API::getPathConstraints(void) const {
837  this->checkSymbolic();
838  return this->symbolic->getPathConstraints();
839  }
840 
841 
843  this->checkSymbolic();
844  return this->symbolic->getPathConstraintsAst();
845  }
846 
847 
849  this->checkSymbolic();
850  this->symbolic->addPathConstraint(inst, expr);
851  }
852 
853 
855  this->checkSymbolic();
857  }
858 
859 
860  void API::enableSymbolicEngine(bool flag) {
861  this->checkSymbolic();
862  this->symbolic->enable(flag);
863  }
864 
865 
866  bool API::isSymbolicEngineEnabled(void) const {
867  this->checkSymbolic();
868  return this->symbolic->isEnabled();
869  }
870 
871 
873  this->checkSymbolic();
874  return this->symbolic->isSymbolicExpressionIdExists(symExprId);
875  }
876 
877 
879  this->checkSymbolic();
880  return this->symbolic->isMemorySymbolized(mem);
881  }
882 
883 
885  this->checkSymbolic();
886  return this->symbolic->isMemorySymbolized(addr, size);
887  }
888 
889 
891  this->checkSymbolic();
892  return this->symbolic->isRegisterSymbolized(reg);
893  }
894 
895 
897  this->checkSymbolic();
898  this->symbolic->concretizeAllMemory();
899  }
900 
901 
903  this->checkSymbolic();
905  }
906 
907 
909  this->checkSymbolic();
910  this->symbolic->concretizeMemory(mem);
911  }
912 
913 
915  this->checkSymbolic();
916  this->symbolic->concretizeMemory(addr);
917  }
918 
919 
921  this->checkSymbolic();
922  this->symbolic->concretizeRegister(reg);
923  }
924 
925 
927  this->checkSymbolic();
928  return this->symbolic->unrollAst(node);
929  }
930 
931 
932  std::map<triton::usize, triton::engines::symbolic::SharedSymbolicExpression> API::sliceExpressions(const triton::engines::symbolic::SharedSymbolicExpression& expr) {
933  this->checkSymbolic();
934  return this->symbolic->sliceExpressions(expr);
935  }
936 
937 
938  std::list<triton::engines::symbolic::SharedSymbolicExpression> API::getTaintedSymbolicExpressions(void) const {
939  this->checkSymbolic();
940  return this->symbolic->getTaintedSymbolicExpressions();
941  }
942 
943 
944  std::unordered_map<triton::usize, triton::engines::symbolic::SharedSymbolicExpression> API::getSymbolicExpressions(void) const {
945  this->checkSymbolic();
946  return this->symbolic->getSymbolicExpressions();
947  }
948 
949 
950  const std::unordered_map<triton::usize, triton::engines::symbolic::SharedSymbolicVariable>& API::getSymbolicVariables(void) const {
951  this->checkSymbolic();
952  return this->symbolic->getSymbolicVariables();
953  }
954 
955 
956 
957  /* Solver engine API ============================================================================= */
958 
959  void API::checkSolver(void) const {
960  if (!this->solver)
961  throw triton::exceptions::API("API::checkSolver(): Solver engine is undefined, you should define an architecture first.");
962  }
963 
964 
966  this->checkSolver();
967  return this->solver->getSolver();
968  }
969 
970 
972  this->checkSolver();
973  return this->solver->getSolverInstance();
974  }
975 
976 
978  this->checkSolver();
979  this->solver->setSolver(kind);
980  }
981 
982 
984  this->checkSolver();
985  this->solver->setCustomSolver(customSolver);
986  }
987 
988 
989  bool API::isSolverValid(void) const {
990  this->checkSolver();
991  return this->solver->isValid();
992  }
993 
994 
995  std::map<triton::uint32, triton::engines::solver::SolverModel> API::getModel(const triton::ast::SharedAbstractNode& node) const {
996  this->checkSolver();
997  return this->solver->getModel(node);
998  }
999 
1000 
1001  std::list<std::map<triton::uint32, triton::engines::solver::SolverModel>> API::getModels(const triton::ast::SharedAbstractNode& node, triton::uint32 limit) const {
1002  this->checkSolver();
1003  return this->solver->getModels(node, limit);
1004  }
1005 
1006 
1008  this->checkSolver();
1009  return this->solver->isSat(node);
1010  }
1011 
1012 
1014  this->checkSolver();
1015  #ifdef Z3_INTERFACE
1017  return reinterpret_cast<const triton::engines::solver::Z3Solver*>(this->getSolverInstance())->evaluate(node);
1018  }
1019  #endif
1020  throw triton::exceptions::API("API::evaluateAstViaZ3(): Solver instance must be a SOLVER_Z3.");
1021  }
1022 
1023 
1025  this->checkSolver();
1026  #ifdef Z3_INTERFACE
1028  return reinterpret_cast<const triton::engines::solver::Z3Solver*>(this->getSolverInstance())->simplify(node);
1029  }
1030  #endif
1031  throw triton::exceptions::API("API::processZ3Simplification(): Solver instance must be a SOLVER_Z3.");
1032  }
1033 
1034 
1035 
1036  /* Taint engine API ============================================================================== */
1037 
1038  void API::checkTaint(void) const {
1039  if (!this->taint)
1040  throw triton::exceptions::API("API::checkTaint(): Taint engine is undefined, you should define an architecture first.");
1041  }
1042 
1043 
1045  this->checkTaint();
1046  return this->taint;
1047  }
1048 
1049 
1050  const std::set<triton::uint64>& API::getTaintedMemory(void) const {
1051  this->checkTaint();
1052  return this->taint->getTaintedMemory();
1053  }
1054 
1055 
1056  std::set<const triton::arch::Register*> API::getTaintedRegisters(void) const {
1057  this->checkTaint();
1058  return this->taint->getTaintedRegisters();
1059  }
1060 
1061 
1062  void API::enableTaintEngine(bool flag) {
1063  this->checkTaint();
1064  this->taint->enable(flag);
1065  }
1066 
1067 
1068  bool API::isTaintEngineEnabled(void) const {
1069  this->checkTaint();
1070  return this->taint->isEnabled();
1071  }
1072 
1073 
1075  this->checkTaint();
1076  return this->taint->isTainted(op);
1077  }
1078 
1079 
1080  bool API::isMemoryTainted(triton::uint64 addr, uint32 size) const {
1081  this->checkTaint();
1082  return this->taint->isMemoryTainted(addr, size);
1083  }
1084 
1085 
1087  this->checkTaint();
1088  return this->taint->isMemoryTainted(mem);
1089  }
1090 
1091 
1093  this->checkTaint();
1094  return this->taint->isRegisterTainted(reg);
1095  }
1096 
1097 
1098  bool API::setTaint(const triton::arch::OperandWrapper& op, bool flag) {
1099  this->checkTaint();
1100  return this->taint->setTaint(op, flag);
1101  }
1102 
1103 
1104  bool API::setTaintMemory(const triton::arch::MemoryAccess& mem, bool flag) {
1105  this->checkTaint();
1106  this->taint->setTaintMemory(mem, flag);
1107  return flag;
1108  }
1109 
1110 
1111  bool API::setTaintRegister(const triton::arch::Register& reg, bool flag) {
1112  this->checkTaint();
1113  this->taint->setTaintRegister(reg, flag);
1114  return flag;
1115  }
1116 
1117 
1119  this->checkTaint();
1120  return this->taint->taintMemory(addr);
1121  }
1122 
1123 
1125  this->checkTaint();
1126  return this->taint->taintMemory(mem);
1127  }
1128 
1129 
1131  this->checkTaint();
1132  return this->taint->taintRegister(reg);
1133  }
1134 
1135 
1137  this->checkTaint();
1138  return this->taint->untaintMemory(addr);
1139  }
1140 
1141 
1143  this->checkTaint();
1144  return this->taint->untaintMemory(mem);
1145  }
1146 
1147 
1149  this->checkTaint();
1150  return this->taint->untaintRegister(reg);
1151  }
1152 
1153 
1155  this->checkTaint();
1156  return this->taint->taintUnion(op1, op2);
1157  }
1158 
1159 
1161  this->checkTaint();
1162  return this->taint->taintAssignment(op1, op2);
1163  }
1164 
1165 
1167  this->checkTaint();
1168  return this->taint->taintUnionMemoryImmediate(memDst);
1169  }
1170 
1171 
1173  this->checkTaint();
1174  return this->taint->taintUnionMemoryMemory(memDst, memSrc);
1175  }
1176 
1177 
1179  this->checkTaint();
1180  return this->taint->taintUnionMemoryRegister(memDst, regSrc);
1181  }
1182 
1183 
1185  this->checkTaint();
1186  return this->taint->taintUnionRegisterImmediate(regDst);
1187  }
1188 
1189 
1191  this->checkTaint();
1192  return this->taint->taintUnionRegisterMemory(regDst, memSrc);
1193  }
1194 
1195 
1197  this->checkTaint();
1198  return this->taint->taintUnionRegisterRegister(regDst, regSrc);
1199  }
1200 
1201 
1203  this->checkTaint();
1204  return this->taint->taintAssignmentMemoryImmediate(memDst);
1205  }
1206 
1207 
1209  this->checkTaint();
1210  return this->taint->taintAssignmentMemoryMemory(memDst, memSrc);
1211  }
1212 
1213 
1215  this->checkTaint();
1216  return this->taint->taintAssignmentMemoryRegister(memDst, regSrc);
1217  }
1218 
1219 
1221  this->checkTaint();
1222  return this->taint->taintAssignmentRegisterImmediate(regDst);
1223  }
1224 
1225 
1227  this->checkTaint();
1228  return this->taint->taintAssignmentRegisterMemory(regDst, memSrc);
1229  }
1230 
1231 
1233  this->checkTaint();
1234  return this->taint->taintAssignmentRegisterRegister(regDst, regSrc);
1235  }
1236 
1237 }; /* triton namespace */
TRITON_EXPORT bool taintUnionRegisterImmediate(const triton::arch::Register &regDst)
Taints RegisterImmediate with union. Returns true if the regDst is TAINTED.
TRITON_EXPORT bool taintUnion(const triton::arch::OperandWrapper &op1, const triton::arch::OperandWrapper &op2)
[taint api] - Abstract union tainting.
Definition: api.cpp:1154
This class is used to interface with solvers.
TRITON_EXPORT triton::ast::SharedAbstractNode getImmediateAst(const triton::arch::Immediate &imm)
Returns the AST corresponding to the immediate.
TRITON_EXPORT bool isValid(void) const
Returns true if the solver is valid.
TRITON_EXPORT bool setTaintMemory(const triton::arch::MemoryAccess &mem, bool flag)
Sets the flag (taint or untaint) to a memory.
TRITON_EXPORT bool isArchitectureValid(void) const
[Architecture api] - Returns true if the architecture is valid.
Definition: api.cpp:239
TRITON_EXPORT std::unordered_map< triton::usize, SharedSymbolicExpression > getSymbolicExpressions(void) const
Returns all symbolic expressions.
TRITON_EXPORT bool isTaintEngineEnabled(void) const
[taint api] - Returns true if the taint engine is enabled.
Definition: api.cpp:1068
TRITON_EXPORT bool isRegister(triton::arch::registers_e regId) const
[architecture api] - Returns true if the regId is a register.
Definition: api.cpp:288
TRITON_EXPORT triton::uint32 getGprSize(void) const
[architecture api] - Returns the size in byte of the General Purpose Registers.
Definition: api.cpp:328
TRITON_EXPORT void setConcreteMemoryAreaValue(triton::uint64 baseAddr, const std::vector< triton::uint8 > &values)
[architecture api] - Sets the concrete value of a memory area.
Definition: api.cpp:386
TRITON_EXPORT bool untaintMemory(triton::uint64 addr)
Untaints an address. Returns !TAINTED if the address has been untainted correctly. Otherwise it returns the last defined state.
triton::arch::Architecture arch
The architecture entry.
Definition: api.hpp:47
TRITON_EXPORT const SharedSymbolicExpression & createSymbolicVolatileExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const std::string &comment="")
Returns the new shared symbolic volatile expression expression and links this expression to the instr...
TRITON_EXPORT triton::arch::CpuInterface * getCpuInstance(void)
Returns the instance of the current CPU used.
TRITON_EXPORT triton::uint32 gprSize(void) const
Returns the bit in byte of the General Purpose Registers.
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicVariable & getSymbolicVariableFromName(const std::string &symVarName) const
[symbolic api] - Returns the symbolic variable corresponding to the symbolic variable name...
Definition: api.cpp:830
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicExpression & createSymbolicExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const triton::arch::OperandWrapper &dst, const std::string &comment="")
[symbolic api] - Returns the new shared symbolic abstract expression and links this expression to the...
Definition: api.cpp:706
This class is used when to represent an instruction.
Definition: instruction.hpp:46
TRITON_EXPORT const std::vector< triton::engines::symbolic::PathConstraint > & getPathConstraints(void) const
Returns the logical conjunction vector of path constraints.
Definition: pathManager.cpp:41
TRITON_EXPORT bool setTaintMemory(const triton::arch::MemoryAccess &mem, bool flag)
[taint api] - Sets the flag (taint or untaint) to a memory.
Definition: api.cpp:1104
TRITON_EXPORT triton::uint512 getSymbolicRegisterValue(const triton::arch::Register &reg)
Returns the symbolic register value.
TRITON_EXPORT bool taintUnionRegisterMemory(const triton::arch::Register &regDst, const triton::arch::MemoryAccess &memSrc)
[taint api] - Taints RegisterMemory with union. Returns true if the regDst or memSrc are TAINTED...
Definition: api.cpp:1190
TRITON_EXPORT bool taintAssignmentMemoryMemory(const triton::arch::MemoryAccess &memDst, const triton::arch::MemoryAccess &memSrc)
[taint api] - Taints MemoryMemory with assignment. Returns true if the memDst is tainted.
Definition: api.cpp:1208
TRITON_EXPORT void setCustomSolver(triton::engines::solver::SolverInterface *customSolver)
Initializes a custom solver.
Definition: api.cpp:983
registers_e
The list of registers.
Definition: registers_e.hpp:28
TRITON_EXPORT bool isMemoryMapped(triton::uint64 baseAddr, triton::usize size=1)
[architecture api] - Returns true if the range [baseAddr:size] is mapped into the internal memory rep...
Definition: api.cpp:404
TRITON_EXPORT bool isEnabled(void) const
Returns true if the symbolic execution engine is enabled.
TRITON_EXPORT bool isSat(const triton::ast::SharedAbstractNode &node) const
Returns true if an expression is satisfiable.
Definition: api.cpp:1007
TRITON_EXPORT void addPathConstraint(const triton::arch::Instruction &inst, const triton::engines::symbolic::SharedSymbolicExpression &expr)
[symbolic api] - Adds a path constraint.
Definition: api.cpp:848
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicExpression & createSymbolicMemoryExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const triton::arch::MemoryAccess &mem, const std::string &comment="")
[symbolic api] - Returns the new shared symbolic memory expression and links this expression to the i...
Definition: api.cpp:712
TRITON_EXPORT void assignSymbolicExpressionToRegister(const SharedSymbolicExpression &se, const triton::arch::Register &reg)
Assigns a symbolic expression to a register.
TRITON_EXPORT bool taintUnionMemoryImmediate(const triton::arch::MemoryAccess &memDst)
[taint api] - Taints MemoryImmediate with union. Returns true if the memDst is TAINTED.
Definition: api.cpp:1166
TRITON_EXPORT void setSolver(triton::engines::solver::solvers_e kind)
Initializes a predefined solver.
Definition: api.cpp:977
TRITON_EXPORT triton::ast::SharedAbstractNode getPathConstraintsAst(void)
[symbolic api] - Returns the logical conjunction AST of path constraints.
Definition: api.cpp:842
TRITON_EXPORT bool taintAssignment(const triton::arch::OperandWrapper &op1, const triton::arch::OperandWrapper &op2)
[taint api] - Abstract assignment tainting.
Definition: api.cpp:1160
TRITON_EXPORT const triton::uint512 & getConcreteVariableValue(const SharedSymbolicVariable &symVar) const
Gets the concrete value of a symbolic variable.
TRITON_EXPORT void setRepresentationMode(triton::uint32 mode)
Sets the representation mode for this astContext.
Definition: astContext.cpp:584
TRITON_EXPORT const triton::arch::Register & getParentRegister(triton::arch::registers_e id) const
Returns parent register from id.
TRITON_EXPORT const SharedSymbolicVariable & convertRegisterToSymbolicVariable(const triton::arch::Register &reg, const std::string &symVarComment="")
Converts a symbolic register expression to a symbolic variable.
mode_e
Enumerates all kinds of mode.
Definition: modes.hpp:32
TRITON_EXPORT bool processing(triton::arch::Instruction &inst)
[proccesing api] - Processes an instruction and updates engines according to the instruction semantic...
Definition: api.cpp:477
TRITON_EXPORT void initEngines(void)
[proccesing api] - Initializes everything.
Definition: api.cpp:425
TRITON_EXPORT bool isEnabled(void) const
Returns true if the taint engine is enabled.
TRITON_EXPORT void reset(void)
[proccesing api] - Resets everything.
Definition: api.cpp:467
TRITON_EXPORT const SharedSymbolicVariable & getSymbolicVariableFromName(const std::string &symVarName) const
Returns the symbolic variable corresponding to the symbolic variable name.
TRITON_EXPORT const triton::engines::solver::SolverInterface * getSolverInstance(void) const
Returns the instance of the initialized solver.
TRITON_EXPORT triton::ast::SharedAbstractNode getMemoryAst(const triton::arch::MemoryAccess &mem)
[symbolic api] - Returns the AST corresponding to the memory.
Definition: api.cpp:664
TRITON_EXPORT bool taintAssignmentMemoryRegister(const triton::arch::MemoryAccess &memDst, const triton::arch::Register &regSrc)
[taint api] - Taints MemoryRegister with assignment. Returns true if the memDst is tainted...
Definition: api.cpp:1214
TRITON_EXPORT triton::uint512 getConcreteRegisterValue(const triton::arch::Register &reg, bool execCallbacks=true) const
[architecture api] - Returns the concrete value of a register.
Definition: api.cpp:368
TRITON_EXPORT const std::vector< triton::engines::symbolic::PathConstraint > & getPathConstraints(void) const
[symbolic api] - Returns the logical conjunction vector of path constraints.
Definition: api.cpp:836
TRITON_EXPORT triton::ast::SharedAbstractNode processCallbacks(triton::callbacks::callback_e kind, triton::ast::SharedAbstractNode node) const
[callbacks api] - Processes callbacks according to the kind and the C++ polymorphism.
Definition: api.cpp:575
TRITON_EXPORT void enableMode(enum triton::modes::mode_e mode, bool flag)
[modes api] - Enables or disables a specific mode.
Definition: api.cpp:597
TRITON_EXPORT triton::uint512 evaluateAstViaZ3(const triton::ast::SharedAbstractNode &node) const
[solver api] - Evaluates a Triton&#39;s AST via Z3 and returns a concrete value.
Definition: api.cpp:1013
TRITON_EXPORT SharedSymbolicExpression getSymbolicExpressionFromId(triton::usize symExprId) const
Returns the symbolic expression corresponding to an id.
TRITON_EXPORT void setConcreteMemoryValue(triton::uint64 addr, triton::uint8 value)
[architecture api] - Sets the concrete value of a memory cell.
TRITON_EXPORT bool isRegisterSymbolized(const triton::arch::Register &reg) const
[symbolic api] - Returns true if the register expression contains a symbolic variable.
Definition: api.cpp:890
TRITON_EXPORT bool taintUnionMemoryImmediate(const triton::arch::MemoryAccess &memDst)
Taints MemoryImmediate with union. Returns true if the memDst is TAINTED.
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicVariable & convertMemoryToSymbolicVariable(const triton::arch::MemoryAccess &mem, const std::string &symVarComment="")
[symbolic api] - Converts a symbolic memory expression to a symbolic variable.
Definition: api.cpp:628
triton::engines::symbolic::SymbolicEngine * symbolic
The symbolic engine.
Definition: api.hpp:56
TRITON_EXPORT bool taintAssignmentMemoryImmediate(const triton::arch::MemoryAccess &memDst)
Taints MemoryImmediate with assignment. Returns always false.
TRITON_EXPORT bool isRegister(triton::arch::registers_e regId) const
Returns true if the register ID is a register.
TRITON_EXPORT const SharedSymbolicExpression & createSymbolicMemoryExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const triton::arch::MemoryAccess &mem, const std::string &comment="")
Returns the new shared symbolic memory expression expression and links this expression to the instruc...
TRITON_EXPORT std::vector< triton::uint8 > getSymbolicMemoryAreaValue(triton::uint64 baseAddr, triton::usize size)
[symbolic api] - Returns the symbolic values of a memory area.
Definition: api.cpp:784
TRITON_EXPORT void concretizeMemory(const triton::arch::MemoryAccess &mem)
[symbolic api] - Concretizes a specific symbolic memory reference.
Definition: api.cpp:908
TRITON_EXPORT void setConcreteVariableValue(const triton::engines::symbolic::SharedSymbolicVariable &symVar, const triton::uint512 &value)
[symbolic api] - Sets the concrete value of a symbolic variable.
Definition: api.cpp:818
TRITON_EXPORT void setArchitecture(triton::arch::architectures_e arch)
[architecture api] - Initializes an architecture.
Definition: api.cpp:262
TRITON_EXPORT bool taintAssignment(const triton::arch::OperandWrapper &op1, const triton::arch::OperandWrapper &op2)
Abstract assignment tainting.
TRITON_EXPORT const triton::arch::Register & getRegister(triton::arch::registers_e id) const
Returns register from id.
TRITON_EXPORT triton::ast::SharedAbstractNode getImmediateAst(const triton::arch::Immediate &imm)
[symbolic api] - Returns the AST corresponding to the immediate.
Definition: api.cpp:652
AST Context - Used as AST builder.
Definition: astContext.hpp:49
TRITON_EXPORT bool taintRegister(const triton::arch::Register &reg)
Taints a register. Returns TAINTED if the register has been tainted correctly. Otherwise it returns t...
TRITON_EXPORT bool isRegisterTainted(const triton::arch::Register &reg) const
[taint api] - Returns true if the register is tainted.
Definition: api.cpp:1092
TRITON_EXPORT triton::ast::AstContext & getAstContext(void)
[IR builder api] - Returns the AST context. Used as AST builder.
Definition: api.cpp:499
TRITON_EXPORT bool taintAssignmentRegisterImmediate(const triton::arch::Register &regDst)
[taint api] - Taints RegisterImmediate with assignment. Returns always false.
Definition: api.cpp:1220
TRITON_EXPORT bool isValid(void) const
Returns true if the architecture is valid.
TRITON_EXPORT const SharedSymbolicExpression & createSymbolicExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const triton::arch::OperandWrapper &dst, const std::string &comment="")
Returns the new shared symbolic abstract expression and links this expression to the instruction...
TRITON_EXPORT const std::unordered_map< registers_e, const triton::arch::Register > & getAllRegisters(void) const
Returns all registers.
The Triton namespace.
Definition: api.cpp:225
TRITON_EXPORT triton::engines::symbolic::SymbolicEngine * getSymbolicEngine(void)
[symbolic api] - Returns the instance of the symbolic engine.
Definition: api.cpp:616
TRITON_EXPORT void enableSymbolicEngine(bool flag)
[symbolic api] - Enables or disables the symbolic execution engine.
Definition: api.cpp:860
TRITON_EXPORT void addCallback(triton::callbacks::getConcreteMemoryValueCallback cb)
Adds a GET_CONCRETE_MEMORY_VALUE callback.
Definition: callbacks.cpp:22
TRITON_EXPORT void clearPathConstraints(void)
[symbolic api] - Clears the logical conjunction vector of path constraints.
Definition: api.cpp:854
TRITON_EXPORT triton::ast::SharedAbstractNode getOperandAst(const triton::arch::OperandWrapper &op)
Returns the AST corresponding to the operand.
triton::callbacks::Callbacks callbacks
The Callbacks interface.
Definition: api.hpp:44
TRITON_EXPORT void concretizeRegister(const triton::arch::Register &reg)
[symbolic api] - Concretizes a specific symbolic register reference.
Definition: api.cpp:920
TRITON_EXPORT void checkSolver(void) const
[solver api] - Raises an exception if the solver engine is not initialized.
Definition: api.cpp:959
TRITON_EXPORT const std::set< triton::uint64 > & getTaintedMemory(void) const
[taint api] - Returns the tainted addresses.
Definition: api.cpp:1050
TRITON_EXPORT triton::arch::architectures_e getArchitecture(void) const
[architecture api] - Returns the architecture as triton::arch::architectures_e.
Definition: api.cpp:250
TRITON_EXPORT bool isMemoryTainted(triton::uint64 addr, triton::uint32 size=1) const
Returns true if the addr is tainted.
triton::ast::AstContext astCtxt
The AST Context interface.
Definition: api.hpp:62
This class is used as operand wrapper.
TRITON_EXPORT bool taintUnionRegisterRegister(const triton::arch::Register &regDst, const triton::arch::Register &regSrc)
Taints RegisterRegister with union. Returns true if the regDst or regSrc are TAINTED.
TRITON_EXPORT bool taintAssignmentMemoryImmediate(const triton::arch::MemoryAccess &memDst)
[taint api] - Taints MemoryImmediate with assignment. Returns always false.
Definition: api.cpp:1202
TRITON_EXPORT bool untaintRegister(const triton::arch::Register &reg)
[taint api] - Untaints a register. Returns !TAINTED if the register has been untainted correctly...
Definition: api.cpp:1148
std::shared_ptr< triton::ast::AbstractNode > SharedAbstractNode
Shared Abstract Node.
Definition: ast.hpp:57
TRITON_EXPORT std::list< SharedSymbolicExpression > getTaintedSymbolicExpressions(void) const
Returns the list of the tainted symbolic expressions.
TRITON_EXPORT std::map< triton::usize, triton::engines::symbolic::SharedSymbolicExpression > sliceExpressions(const triton::engines::symbolic::SharedSymbolicExpression &expr)
[symbolic api] - Slices all expressions from a given one.
Definition: api.cpp:932
TRITON_EXPORT SharedSymbolicExpression getSymbolicMemory(triton::uint64 addr) const
Returns the shared symbolic expression corresponding to the memory address.
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicExpression & getSymbolicRegister(const triton::arch::Register &reg) const
[symbolic api] - Returns the shared symbolic expression corresponding to the parent register...
Definition: api.cpp:766
TRITON_EXPORT bool isRegisterValid(triton::arch::registers_e regId) const
Returns true if the register ID is a register or a flag.
triton::arch::IrBuilder * irBuilder
The IR builder.
Definition: api.hpp:65
TRITON_EXPORT const SharedSymbolicVariable & getSymbolicVariableFromId(triton::usize symVarId) const
Returns the symbolic variable corresponding to the symbolic variable id.
TRITON_EXPORT triton::arch::CpuInterface * getCpuInstance(void)
[architecture api] - Returns the instance of the current CPU used.
Definition: api.cpp:255
TRITON_EXPORT bool setTaint(const triton::arch::OperandWrapper &op, bool flag)
[taint api] - Sets the flag (taint or untaint) to an abstract operand (Register or Memory)...
Definition: api.cpp:1098
TRITON_EXPORT void unmapMemory(triton::uint64 baseAddr, triton::usize size=1)
Removes the range [baseAddr:size] from the internal memory representation.
TRITON_EXPORT const std::unordered_map< triton::usize, SharedSymbolicVariable > & getSymbolicVariables(void) const
Returns all symbolic variables.
TRITON_EXPORT std::vector< triton::uint8 > getConcreteMemoryAreaValue(triton::uint64 baseAddr, triton::usize size, bool execCallbacks=true) const
[architecture api] - Returns the concrete value of a memory area.
Definition: api.cpp:362
The modes class.
Definition: modes.hpp:43
TRITON_EXPORT const SharedSymbolicExpression & createSymbolicFlagExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const triton::arch::Register &flag, const std::string &comment="")
Returns the new shared symbolic flag expression expression and links this expression to the instructi...
TRITON_EXPORT bool taintUnionMemoryRegister(const triton::arch::MemoryAccess &memDst, const triton::arch::Register &regSrc)
Taints MemoryRegister with union. Returns true if the memDst or regSrc are TAINTED.
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicVariable & convertExpressionToSymbolicVariable(triton::usize exprId, triton::uint32 symVarSize, const std::string &symVarComment="")
[symbolic api] - Converts a symbolic expression to a symbolic variable. symVarSize must be in bits...
Definition: api.cpp:622
This class is used when an instruction has a register operand.
Definition: register.hpp:44
TRITON_EXPORT bool buildSemantics(triton::arch::Instruction &inst)
Builds the semantics of the instruction. Returns true if the instruction is supported.
Definition: irBuilder.cpp:56
TRITON_EXPORT void removeEngines(void)
[proccesing api] - Removes everything.
Definition: api.cpp:446
TRITON_EXPORT void setConcreteRegisterValue(const triton::arch::Register &reg, const triton::uint512 &value)
[architecture api] - Sets the concrete value of a register.
TRITON_EXPORT bool taintUnionMemoryRegister(const triton::arch::MemoryAccess &memDst, const triton::arch::Register &regSrc)
[taint api] - Taints MemoryRegister with union. Returns true if the memDst or regSrc are TAINTED...
Definition: api.cpp:1178
TRITON_EXPORT void removeSymbolicExpression(triton::usize symExprId)
Removes the symbolic expression corresponding to the id.
TRITON_EXPORT ~API()
Destructor of the API.
Definition: api.cpp:231
TRITON_EXPORT bool taintAssignmentMemoryRegister(const triton::arch::MemoryAccess &memDst, const triton::arch::Register &regSrc)
Taints MemoryRegister with assignment. Returns true if the memDst is tainted.
triton::engines::taint::TaintEngine * taint
The taint engine.
Definition: api.hpp:53
TRITON_EXPORT triton::ast::SharedAbstractNode processZ3Simplification(const triton::ast::SharedAbstractNode &node) const
[solver api] - Converts a Triton&#39;s AST to a Z3&#39;s AST, perform a Z3 simplification and returns a Trito...
Definition: api.cpp:1024
TRITON_EXPORT const triton::arch::Register & getRegister(triton::arch::registers_e id) const
[architecture api] - Returns Register from regId.
Definition: api.cpp:298
TRITON_EXPORT triton::ast::SharedAbstractNode unrollAst(const triton::ast::SharedAbstractNode &node)
Unrolls the SSA form of a given AST.
TRITON_EXPORT void concretizeAllRegister(void)
Concretizes all symbolic register references.
TRITON_EXPORT const SharedSymbolicExpression & createSymbolicRegisterExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const triton::arch::Register &reg, const std::string &comment="")
Returns the new shared symbolic register expression expression and links this expression to the instr...
TRITON_EXPORT bool taintAssignmentMemoryMemory(const triton::arch::MemoryAccess &memDst, const triton::arch::MemoryAccess &memSrc)
Taints MemoryMemory with assignment. Returns true if the memDst is tainted.
TRITON_EXPORT triton::uint8 getSymbolicMemoryValue(triton::uint64 address)
Returns the symbolic memory value.
TRITON_EXPORT const SharedSymbolicVariable & convertMemoryToSymbolicVariable(const triton::arch::MemoryAccess &mem, const std::string &symVarComment="")
Converts a symbolic memory expression to a symbolic variable.
TRITON_EXPORT bool taintMemory(triton::uint64 addr)
Taints an address. Returns TAINTED if the address has been tainted correctly. Otherwise it returns th...
TRITON_EXPORT void concretizeAllMemory(void)
[symbolic api] - Concretizes all symbolic memory references.
Definition: api.cpp:896
TRITON_EXPORT std::map< triton::arch::registers_e, triton::engines::symbolic::SharedSymbolicExpression > getSymbolicRegisters(void) const
[symbolic api] - Returns the map of symbolic registers defined.
Definition: api.cpp:754
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicVariable & convertRegisterToSymbolicVariable(const triton::arch::Register &reg, const std::string &symVarComment="")
[symbolic api] - Converts a symbolic register expression to a symbolic variable.
Definition: api.cpp:634
TRITON_EXPORT bool taintAssignmentRegisterRegister(const triton::arch::Register &regDst, const triton::arch::Register &regSrc)
Taints RegisterRegister with assignment. Returns true if the regDst is tainted.
TRITON_EXPORT bool taintUnionMemoryMemory(const triton::arch::MemoryAccess &memDst, const triton::arch::MemoryAccess &memSrc)
Taints MemoryMemory with union. Returns true if the memDst or memSrc are TAINTED. ...
TRITON_EXPORT void setConcreteMemoryAreaValue(triton::uint64 baseAddr, const std::vector< triton::uint8 > &values)
[architecture api] - Sets the concrete value of a memory area.
TRITON_EXPORT triton::ast::SharedAbstractNode unrollAst(const triton::ast::SharedAbstractNode &node)
[symbolic api] - Unrolls the SSA form of a given AST.
Definition: api.cpp:926
TRITON_EXPORT void unmapMemory(triton::uint64 baseAddr, triton::usize size=1)
[architecture api] - Removes the range [baseAddr:size] from the internal memory representation.
Definition: api.cpp:410
TRITON_EXPORT triton::uint32 numberOfRegisters(void) const
Returns the number of registers according to the CPU architecture.
bool isDefined
True if there is at least one callback defined.
Definition: callbacks.hpp:112
TRITON_EXPORT const std::unordered_map< triton::usize, triton::engines::symbolic::SharedSymbolicVariable > & getSymbolicVariables(void) const
[symbolic api] - Returns all symbolic variables as a map of <SymVarId : SymVar>
Definition: api.cpp:950
TRITON_EXPORT void concretizeMemory(const triton::arch::MemoryAccess &mem)
Concretizes a specific symbolic memory reference.
TRITON_EXPORT bool isRegisterTainted(const triton::arch::Register &reg) const
Returns true if the register is tainted.
TRITON_EXPORT std::vector< triton::uint8 > getConcreteMemoryAreaValue(triton::uint64 baseAddr, triton::usize size, bool execCallbacks=true) const
Returns the concrete value of a memory area.
TRITON_EXPORT bool isSymbolicEngineEnabled(void) const
[symbolic api] - Returns true if the symbolic execution engine is enabled.
Definition: api.cpp:866
TRITON_EXPORT bool isModeEnabled(enum mode_e mode) const
Returns true if the mode is enabled.
Definition: modes.cpp:30
This class is used to represent an immediate.
Definition: immediate.hpp:36
TRITON_EXPORT triton::ast::SharedAbstractNode processCallbacks(triton::callbacks::callback_e kind, triton::ast::SharedAbstractNode node) const
Processes callbacks according to the kind and the C++ polymorphism.
Definition: callbacks.cpp:96
TRITON_EXPORT std::set< const triton::arch::Register * > getParentRegisters(void) const
Returns all parent registers.
TRITON_EXPORT void addPathConstraint(const triton::arch::Instruction &inst, const triton::engines::symbolic::SharedSymbolicExpression &expr)
Adds a path constraint.
Definition: pathManager.cpp:73
TRITON_EXPORT triton::uint8 getConcreteMemoryValue(triton::uint64 addr, bool execCallbacks=true) const
Returns the concrete value of a memory cell.
TRITON_EXPORT triton::engines::solver::solvers_e getSolver(void) const
Returns the kind of solver as triton::engines::solver::solvers_e.
TRITON_EXPORT triton::engines::symbolic::SharedSymbolicExpression getSymbolicExpressionFromId(triton::usize symExprId) const
[symbolic api] - Returns the shared symbolic expression corresponding to an id.
Definition: api.cpp:806
TRITON_EXPORT void enableTaintEngine(bool flag)
[taint api] - Enables or disables the taint engine.
Definition: api.cpp:1062
TRITON_EXPORT triton::ast::SharedAbstractNode getMemoryAst(const triton::arch::MemoryAccess &mem)
Returns the AST corresponding to the memory.
TRITON_EXPORT void disassembly(triton::arch::Instruction &inst) const
[architecture api] - Disassembles the instruction and setup operands. You must define an architecture...
Definition: api.cpp:416
TRITON_EXPORT void setSolver(triton::engines::solver::solvers_e kind)
Initializes a predefined solver.
TRITON_EXPORT void setConcreteRegisterValue(const triton::arch::Register &reg, const triton::uint512 &value)
[architecture api] - Sets the concrete value of a register.
Definition: api.cpp:398
TRITON_EXPORT triton::ast::SharedAbstractNode getRegisterAst(const triton::arch::Register &reg)
Returns the AST corresponding to the register.
TRITON_EXPORT std::map< triton::uint32, SolverModel > getModel(const triton::ast::SharedAbstractNode &node) const
Computes and returns a model from a symbolic constraint.
TRITON_EXPORT bool taintAssignmentRegisterMemory(const triton::arch::Register &regDst, const triton::arch::MemoryAccess &memSrc)
[taint api] - Taints RegisterMemory with assignment. Returns true if the regDst is tainted...
Definition: api.cpp:1226
This class is used to represent a memory access.
TRITON_EXPORT bool buildSemantics(triton::arch::Instruction &inst)
[IR builder api] - Builds the instruction semantics. Returns true if the instruction is supported...
Definition: api.cpp:493
TRITON_EXPORT triton::uint32 getAstRepresentationMode(void) const
[AST representation api] - Returns the AST representation mode as triton::ast::representations::mode_...
Definition: api.cpp:507
TRITON_EXPORT std::map< triton::uint32, triton::engines::solver::SolverModel > getModel(const triton::ast::SharedAbstractNode &node) const
[solver api] - Computes and returns a model from a symbolic constraint.
Definition: api.cpp:995
TRITON_EXPORT triton::uint32 gprBitSize(void) const
Returns the bit in bit of the General Purpose Registers.
TRITON_EXPORT triton::ast::SharedAbstractNode getOperandAst(const triton::arch::OperandWrapper &op)
[symbolic api] - Returns the AST corresponding to the operand.
Definition: api.cpp:640
TRITON_EXPORT triton::engines::taint::TaintEngine * getTaintEngine(void)
[taint api] - Returns the instance of the taint engine.
Definition: api.cpp:1044
TRITON_EXPORT void disassembly(triton::arch::Instruction &inst) const
Disassembles the instruction according to the architecture.
TRITON_EXPORT triton::uint8 getConcreteMemoryValue(triton::uint64 addr, bool execCallbacks=true) const
[architecture api] - Returns the concrete value of a memory cell.
Definition: api.cpp:350
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicExpression & createSymbolicFlagExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const triton::arch::Register &flag, const std::string &comment="")
[symbolic api] - Returns the new shared symbolic flag expression and links this expression to the ins...
Definition: api.cpp:724
TRITON_EXPORT void setConcreteMemoryValue(triton::uint64 addr, triton::uint8 value)
[architecture api] - Sets the concrete value of a memory cell.
Definition: api.cpp:374
TRITON_EXPORT void clearPathConstraints(void)
Clears the logical conjunction vector of path constraints.
This interface is used as abstract CPU interface. All CPU must use this interface.
TRITON_EXPORT std::unordered_map< triton::usize, triton::engines::symbolic::SharedSymbolicExpression > getSymbolicExpressions(void) const
[symbolic api] - Returns all symbolic expressions as a map of <SymExprId : SymExpr> ...
Definition: api.cpp:944
The IR builder.
Definition: irBuilder.hpp:38
TRITON_EXPORT void removeCallback(triton::callbacks::getConcreteMemoryValueCallback cb)
Deletes a GET_CONCRETE_MEMORY_VALUE callback.
Definition: callbacks.cpp:61
std::uint64_t uint64
unisgned 64-bits
Definition: tritonTypes.hpp:34
TRITON_EXPORT void checkArchitecture(void) const
[architecture api] - Raises an exception if the architecture is not initialized.
Definition: api.cpp:244
TRITON_EXPORT void concretizeAllMemory(void)
Concretizes all symbolic memory references.
TRITON_EXPORT triton::ast::SharedAbstractNode getRegisterAst(const triton::arch::Register &reg)
[symbolic api] - Returns the AST corresponding to the register.
Definition: api.cpp:676
TRITON_EXPORT bool isRegisterSymbolized(const triton::arch::Register &reg) const
Returns true if the register expression contains a symbolic variable.
TRITON_EXPORT bool setTaintRegister(const triton::arch::Register &reg, bool flag)
Sets the flag (taint or untaint) to a register.
TRITON_EXPORT bool taintUnionMemoryMemory(const triton::arch::MemoryAccess &memDst, const triton::arch::MemoryAccess &memSrc)
[taint api] - Taints MemoryMemory with union. Returns true if the memDst or memSrc are TAINTED...
Definition: api.cpp:1172
TRITON_EXPORT triton::arch::architectures_e getArchitecture(void) const
Returns the kind of architecture as triton::arch::architecture_e.
std::shared_ptr< triton::engines::symbolic::SymbolicExpression > SharedSymbolicExpression
Shared Symbolic Expression.
Definition: ast.hpp:38
TRITON_EXPORT bool taintMemory(triton::uint64 addr)
[taint api] - Taints an address. Returns TAINTED if the address has been tainted correctly. Otherwise it returns the last defined state.
Definition: api.cpp:1118
TRITON_EXPORT SharedSymbolicExpression newSymbolicExpression(const triton::ast::SharedAbstractNode &node, symkind_e kind, const std::string &comment="")
Creates a new shared symbolic expression.
std::uint32_t uint32
unisgned 32-bits
Definition: tritonTypes.hpp:31
TRITON_EXPORT std::vector< triton::uint8 > getSymbolicMemoryAreaValue(triton::uint64 baseAddr, triton::usize size)
Returns the symbolic values of a memory area.
The exception class used by the Triton&#39;s API.
Definition: exceptions.hpp:185
TRITON_EXPORT bool untaintMemory(triton::uint64 addr)
[taint api] - Untaints an address. Returns !TAINTED if the address has been untainted correctly...
Definition: api.cpp:1136
TRITON_EXPORT API()
Constructor of the API.
Definition: api.cpp:227
TRITON_EXPORT std::list< std::map< triton::uint32, triton::engines::solver::SolverModel > > getModels(const triton::ast::SharedAbstractNode &node, triton::uint32 limit) const
[solver api] - Computes and returns several models from a symbolic constraint. The limit is the numbe...
Definition: api.cpp:1001
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicExpression & createSymbolicVolatileExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const std::string &comment="")
[symbolic api] - Returns the new shared symbolic volatile expression and links this expression to the...
Definition: api.cpp:730
TRITON_EXPORT void checkTaint(void) const
[taint api] - Raises an exception if the taint engine is not initialized.
Definition: api.cpp:1038
TRITON_EXPORT bool isMemorySymbolized(const triton::arch::MemoryAccess &mem) const
Returns true if memory cell expressions contain symbolic variables.
TRITON_EXPORT bool taintAssignmentRegisterMemory(const triton::arch::Register &regDst, const triton::arch::MemoryAccess &memSrc)
Taints RegisterMemory with assignment. Returns true if the regDst is tainted.
TRITON_EXPORT triton::uint32 getNumberOfRegisters(void) const
[architecture api] - Returns the number of registers according to the CPU architecture.
Definition: api.cpp:333
TRITON_EXPORT const triton::engines::solver::SolverInterface * getSolverInstance(void) const
Returns the instance of the initialized solver.
Definition: api.cpp:971
TRITON_EXPORT bool taintUnion(const triton::arch::OperandWrapper &op1, const triton::arch::OperandWrapper &op2)
Abstract union tainting.
TRITON_EXPORT bool isFlag(triton::arch::registers_e regId) const
[architecture api] - Returns true if the register id is a flag.
Definition: api.cpp:278
TRITON_EXPORT std::set< const triton::arch::Register * > getParentRegisters(void) const
[architecture api] - Returns all parent registers.
Definition: api.cpp:344
TRITON_EXPORT bool taintUnionRegisterMemory(const triton::arch::Register &regDst, const triton::arch::MemoryAccess &memSrc)
Taints RegisterMemory with union. Returns true if the regDst or memSrc are TAINTED.
TRITON_EXPORT const SharedSymbolicExpression & getSymbolicRegister(const triton::arch::Register &reg) const
Returns the shared symbolic expression corresponding to the parent register.
TRITON_EXPORT triton::uint32 getGprBitSize(void) const
[architecture api] - Returns the bit in byte of the General Purpose Registers.
Definition: api.cpp:323
TRITON_EXPORT void setCustomSolver(triton::engines::solver::SolverInterface *customSolver)
Initializes a custom solver.
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicExpression & createSymbolicRegisterExpression(triton::arch::Instruction &inst, const triton::ast::SharedAbstractNode &node, const triton::arch::Register &reg, const std::string &comment="")
[symbolic api] - Returns the new shared symbolic register expression and links this expression to the...
Definition: api.cpp:718
TRITON_EXPORT triton::uint32 getRepresentationMode(void) const
Gets the representations mode of this astContext.
Definition: astContext.cpp:589
TRITON_EXPORT const triton::uint512 & getConcreteVariableValue(const triton::engines::symbolic::SharedSymbolicVariable &symVar) const
[symbolic api] - Gets the concrete value of a symbolic variable.
Definition: api.cpp:812
TRITON_EXPORT bool isSymbolicExpressionIdExists(triton::usize symExprId) const
[symbolic api] - Returns true if the symbolic expression ID exists.
Definition: api.cpp:872
TRITON_EXPORT bool isSat(const triton::ast::SharedAbstractNode &node) const
Returns true if an expression is satisfiable.
TRITON_EXPORT triton::engines::solver::solvers_e getSolver(void) const
Returns the kind of solver as triton::engines::solver::solvers_e.
Definition: api.cpp:965
TRITON_EXPORT std::map< triton::uint64, triton::engines::symbolic::SharedSymbolicExpression > getSymbolicMemory(void) const
[symbolic api] - Returns the map (<Addr : SymExpr>) of symbolic memory defined.
Definition: api.cpp:760
TRITON_EXPORT bool taintUnionRegisterImmediate(const triton::arch::Register &regDst)
[taint api] - Taints RegisterImmediate with union. Returns true if the regDst is TAINTED.
Definition: api.cpp:1184
std::shared_ptr< triton::engines::symbolic::SymbolicVariable > SharedSymbolicVariable
Shared Symbolic variable.
Definition: ast.hpp:41
This interface is used to interface with solvers.
TRITON_EXPORT void addCallback(triton::callbacks::getConcreteMemoryValueCallback cb)
[callbacks api] - Adds a GET_CONCRETE_MEMORY_VALUE callback (LOAD).
Definition: api.cpp:520
TRITON_EXPORT std::map< triton::arch::registers_e, SharedSymbolicExpression > getSymbolicRegisters(void) const
Returns the map of symbolic registers defined.
TRITON_EXPORT void assignSymbolicExpressionToRegister(const triton::engines::symbolic::SharedSymbolicExpression &se, const triton::arch::Register &reg)
[symbolic api] - Assigns a symbolic expression to a register.
Definition: api.cpp:742
TRITON_EXPORT bool isTainted(const triton::arch::OperandWrapper &op) const
[taint api] - Abstract taint verification. Returns true if the operand is tainted.
Definition: api.cpp:1074
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicVariable & getSymbolicVariableFromId(triton::usize symVarId) const
[symbolic api] - Returns the symbolic variable corresponding to the symbolic variable id...
Definition: api.cpp:824
Solver engine using z3.
Definition: z3Solver.hpp:47
std::uint8_t uint8
unisgned 8-bits
Definition: tritonTypes.hpp:25
TRITON_EXPORT void enable(bool flag)
Enables or disables the symbolic execution engine.
TRITON_EXPORT void concretizeAllRegister(void)
[symbolic api] - Concretizes all symbolic register references.
Definition: api.cpp:902
TRITON_EXPORT bool isRegisterValid(triton::arch::registers_e regId) const
[architecture api] - Returns true if the regId is a register or a flag.
Definition: api.cpp:313
TRITON_EXPORT bool isMemoryMapped(triton::uint64 baseAddr, triton::usize size=1)
Returns true if the range [baseAddr:size] is mapped into the internal memory representation.
TRITON_EXPORT bool taintAssignmentRegisterImmediate(const triton::arch::Register &regDst)
Taints RegisterImmediate with assignment. Returns always false.
The taint engine class.
Definition: taintEngine.hpp:53
TRITON_EXPORT bool isFlag(triton::arch::registers_e regId) const
Returns true if the register ID is a flag.
TRITON_EXPORT void setConcreteVariableValue(const SharedSymbolicVariable &symVar, const triton::uint512 &value)
Sets the concrete value of a symbolic variable.
TRITON_EXPORT void assignSymbolicExpressionToMemory(const SharedSymbolicExpression &se, const triton::arch::MemoryAccess &mem)
Assigns a symbolic expression to a memory.
TRITON_EXPORT void checkIrBuilder(void) const
[IR builder api] - Raises an exception if the IR builder is not initialized.
Definition: api.cpp:487
TRITON_EXPORT void enableMode(enum mode_e mode, bool flag)
Enables or disables a specific mode.
Definition: modes.cpp:37
triton::modes::Modes modes
The modes.
Definition: api.hpp:50
TRITON_EXPORT void checkSymbolic(void) const
[symbolic api] - Raises an exception if the symbolic engine is not initialized.
Definition: api.cpp:610
TRITON_EXPORT std::list< std::map< triton::uint32, SolverModel > > getModels(const triton::ast::SharedAbstractNode &node, triton::uint32 limit) const
Computes and returns several models from a symbolic constraint. The limit is the max number of models...
TRITON_EXPORT void removeAllCallbacks(void)
[callbacks api] - Removes all recorded callbacks.
Definition: api.cpp:545
TRITON_EXPORT bool taintUnionRegisterRegister(const triton::arch::Register &regDst, const triton::arch::Register &regSrc)
[taint api] - Taints RegisterRegister with union. Returns true if the regDst or regSrc are TAINTED...
Definition: api.cpp:1196
TRITON_EXPORT const triton::arch::Register & getParentRegister(const triton::arch::Register &reg) const
[architecture api] - Returns parent Register from a register.
Definition: api.cpp:303
TRITON_EXPORT bool setTaint(const triton::arch::OperandWrapper &op, bool flag)
Sets the flag (taint or untaint) to an abstract operand (Register or Memory).
TRITON_EXPORT const triton::engines::symbolic::SharedSymbolicVariable & newSymbolicVariable(triton::uint32 varSize, const std::string &comment="")
[symbolic api] - Returns a new symbolic variable.
Definition: api.cpp:694
TRITON_EXPORT const std::unordered_map< triton::arch::registers_e, const triton::arch::Register > & getAllRegisters(void) const
[architecture api] - Returns all registers.
Definition: api.cpp:338
TRITON_EXPORT std::set< const triton::arch::Register * > getTaintedRegisters(void) const
Returns the tainted registers.
TRITON_EXPORT const SharedSymbolicVariable & newSymbolicVariable(symkind_e kind, triton::uint64 kindValue, triton::uint32 size, const std::string &comment="")
Adds a symbolic variable.
boost::multiprecision::uint512_t uint512
unsigned 512-bits
Definition: tritonTypes.hpp:43
TRITON_EXPORT bool isMemorySymbolized(const triton::arch::MemoryAccess &mem) const
[symbolic api] - Returns true if memory cell expressions contain symbolic variables.
Definition: api.cpp:878
TRITON_EXPORT std::list< triton::engines::symbolic::SharedSymbolicExpression > getTaintedSymbolicExpressions(void) const
[symbolic api] - Returns the list of the tainted symbolic expressions.
Definition: api.cpp:938
TRITON_EXPORT triton::ast::SharedAbstractNode processSimplification(const triton::ast::SharedAbstractNode &node) const
Processes all recorded simplifications. Returns the simplified node.
TRITON_EXPORT bool isMemoryTainted(triton::uint64 addr, triton::uint32 size=1) const
[taint api] - Returns true if the address:size is tainted.
Definition: api.cpp:1080
TRITON_EXPORT void assignSymbolicExpressionToMemory(const triton::engines::symbolic::SharedSymbolicExpression &se, const triton::arch::MemoryAccess &mem)
[symbolic api] - Assigns a symbolic expression to a memory.
Definition: api.cpp:736
TRITON_EXPORT bool taintRegister(const triton::arch::Register &reg)
[taint api] - Taints a register. Returns TAINTED if the register has been tainted correctly...
Definition: api.cpp:1130
TRITON_EXPORT triton::uint8 getSymbolicMemoryValue(triton::uint64 address)
[symbolic api] - Returns the symbolic memory value.
Definition: api.cpp:772
TRITON_EXPORT bool isTainted(const triton::arch::OperandWrapper &op) const
Abstract taint verification. Returns true if the operand is tainted.
TRITON_EXPORT std::set< const triton::arch::Register * > getTaintedRegisters(void) const
[taint api] - Returns the tainted registers.
Definition: api.cpp:1056
TRITON_EXPORT void concretizeRegister(const triton::arch::Register &reg)
Concretizes a specific symbolic register reference.
TRITON_EXPORT const std::set< triton::uint64 > & getTaintedMemory(void) const
Returns the tainted addresses.
std::size_t usize
unsigned MAX_INT 32 or 64 bits according to the CPU.
Definition: tritonTypes.hpp:67
TRITON_EXPORT void setAstRepresentationMode(triton::uint32 mode)
[AST representation api] - Sets the AST representation mode.
Definition: api.cpp:512
TRITON_EXPORT void clearArchitecture(void)
[architecture api] - Clears the architecture states (registers and memory).
Definition: api.cpp:272
TRITON_EXPORT bool isSymbolicExpressionIdExists(triton::usize symExprId) const
Returns true if the symbolic expression ID exists.
TRITON_EXPORT void clearArchitecture(void)
Clears the architecture states (registers and memory).
TRITON_EXPORT bool taintAssignmentRegisterRegister(const triton::arch::Register &regDst, const triton::arch::Register &regSrc)
[taint api] - Taints RegisterRegister with assignment. Returns true if the regDst is tainted...
Definition: api.cpp:1232
TRITON_EXPORT void removeCallback(triton::callbacks::getConcreteMemoryValueCallback cb)
[callbacks api] - Deletes a GET_CONCRETE_MEMORY_VALUE callback (LOAD).
Definition: api.cpp:550
TRITON_EXPORT bool isSolverValid(void) const
Returns true if the solver is valid.
Definition: api.cpp:989
TRITON_EXPORT triton::uint512 getSymbolicRegisterValue(const triton::arch::Register &reg)
[symbolic api] - Returns the symbolic register value.
Definition: api.cpp:790
TRITON_EXPORT void removeSymbolicExpression(triton::usize symExprId)
[symbolic api] - Removes the symbolic expression corresponding to the id.
Definition: api.cpp:700
TRITON_EXPORT bool untaintRegister(const triton::arch::Register &reg)
Untaints a register. Returns !TAINTED if the register has been untainted correctly. Otherwise it returns the last defined state.
TRITON_EXPORT triton::ast::SharedAbstractNode processSimplification(const triton::ast::SharedAbstractNode &node, bool z3=false) const
[symbolic api] - Processes all recorded simplifications. Returns the simplified node.
Definition: api.cpp:796
TRITON_EXPORT triton::ast::SharedAbstractNode getPathConstraintsAst(void) const
Returns the logical conjunction AST of path constraints.
Definition: pathManager.cpp:47
triton::engines::solver::SolverEngine * solver
The solver engine.
Definition: api.hpp:59
TRITON_EXPORT bool setTaintRegister(const triton::arch::Register &reg, bool flag)
[taint api] - Sets the flag (taint or untaint) to a register.
Definition: api.cpp:1111
TRITON_EXPORT bool isModeEnabled(enum triton::modes::mode_e mode) const
[modes api] - Returns true if the mode is enabled.
Definition: api.cpp:602
TRITON_EXPORT const SharedSymbolicVariable & convertExpressionToSymbolicVariable(triton::usize exprId, triton::uint32 symVarSize, const std::string &symVarComment="")
Converts a symbolic expression to a symbolic variable. symVarSize must be in bits.
TRITON_EXPORT void enable(bool flag)
Enables or disables the taint engine.
TRITON_EXPORT void removeAllCallbacks(void)
Removes all recorded callbacks.
Definition: callbacks.cpp:52
TRITON_EXPORT triton::engines::symbolic::SharedSymbolicExpression newSymbolicExpression(const triton::ast::SharedAbstractNode &node, const std::string &comment="")
[symbolic api] - Returns a new shared symbolic expression. Note that if there are simplification pass...
Definition: api.cpp:688
TRITON_EXPORT triton::uint512 getConcreteRegisterValue(const triton::arch::Register &reg, bool execCallbacks=true) const
Returns the concrete value of a register.