MCPcopy
hub / github.com/keystone-engine/keypatch / assemble

Method assemble

keypatch.py:436–602  ·  view source on GitHub ↗
(self, assembly, address, arch=None, mode=None, syntax=None)

Source from the content-addressed store, hash-verified

434 # assemble code with Keystone
435 # return (encoding, count), or (None, 0) on failure
436 def assemble(self, assembly, address, arch=None, mode=None, syntax=None):
437
438 # return assembly with arithmetic equation evaluated
439 def eval_operand(assembly, start, stop, prefix=''):
440 imm = assembly[start+1:stop]
441 try:
442 eval_imm = eval(imm)
443 if eval_imm > 0x80000000:
444 eval_imm = 0xffffffff - eval_imm
445 eval_imm += 1
446 eval_imm = -eval_imm
447 return assembly.replace(prefix + imm, prefix + hex(eval_imm))
448 except:
449 return assembly
450
451 # IDA uses different syntax from Keystone
452 # sometimes, we can convert code to be consumable by Keystone
453 def fix_ida_syntax(assembly):
454
455 # return True if this insn needs to be fixed
456 def check_arm_arm64_insn(arch, mnem):
457 if arch == KS_ARCH_ARM:
458 if mnem.startswith("ldr") or mnem.startswith("str"):
459 return True
460 return False
461 elif arch == KS_ARCH_ARM64:
462 if mnem.startswith("ldr") or mnem.startswith("str"):
463 return True
464 return mnem in ("stp")
465 return False
466
467 # return True if this insn needs to be fixed
468 def check_ppc_insn(mnem):
469 return mnem in ("stw")
470
471 # replace the right most string occurred
472 def rreplace(s, old, new):
473 li = s.rsplit(old, 1)
474 return new.join(li)
475
476 # convert some ARM pre-UAL assembly to UAL, so Keystone can handle it
477 # example: streqb --> strbeq
478 def fix_arm_ual(mnem, assembly):
479 # TODO: this is not an exhaustive list yet
480 if len(mnem) != 6:
481 return assembly
482
483 if (mnem[-1] in ('s', 'b', 'h', 'd')):
484 #print(">> 222", mnem[3:5])
485 if mnem[3:5] in ("cc", "eq", "ne", "hs", "lo", "mi", "pl", "vs", "vc", "hi", "ls", "ge", "lt", "gt", "le", "al"):
486 return assembly.replace(mnem, mnem[:3] + mnem[-1] + mnem[3:5], 1)
487
488 return assembly
489
490 if self.arch != KS_ARCH_X86:
491 assembly = assembly.lower()
492 else:
493 # Keystone does not support immediate 0bh, but only 0Bh

Callers 3

patch_codeMethod · 0.95
fill_codeMethod · 0.95
_update_encodingMethod · 0.80

Calls 1

check_addressMethod · 0.95

Tested by

no test coverage detected