maat::Lifter class

The lifter is responsible for translating binary assembly code into Maat's IR.

Contents

❱   Base classes

class Serializable
Virtual interface that serializable classes must implement.

❱   Public functions

auto lift_block(ir::IRMap& ir_map, uintptr_t addr, code_t code, size_t code_size = 0xffffffff, unsigned int nb_instr = 0xffffffff, bool* is_symbolic = nullptr, bool* is_tainted = nullptr, bool check_mappings = false) -> bool virtual
Disassemble instructions until next branch instruction.

auto get_inst_asm(addr_t addr, code_t inst) -> const std::string& virtual
Get assembly string of instruction at address 'addr'.

auto class_uid() const -> serial::uid_t virtual
Return the class uid (see ClassId enum)

void dump(serial::Serializer&) const virtual
Dump the object contents in a serializer stream.

void load(serial::Deserializer&) virtual
Restore an object from a deserializer stream.

❱   Function documentation

bool maat::Lifter::lift_block(ir::IRMap& ir_map, uintptr_t addr, code_t code, size_t code_size = 0xffffffff, unsigned int nb_instr = 0xffffffff, bool* is_symbolic = nullptr, bool* is_tainted = nullptr, bool check_mappings = false) virtual

Disassemble instructions until next branch instruction.

Parameters
ir_map The IR cache where to add lifted instructions
addr Address of the first instruction to disassemble
code Raw pointer to the code to disassemble
code_size Max size of the code region to disassemble in memory
nb_instr Max number of instructions to disassemble before stopping
is_symbolic Set to true if disassembled code is symbolic/concolic
is_tainted Set to true if disassembled code is tainted
check_mappings If enabled, the method will throw an exception if disassembled code is located in a memory area that doesn't have the RX flags set
Returns True on success and false on failure