* WIP New Policy class
* WIP pubsub
* Update Signal tests
* EVM support - Wip
* EVM support - dependencies fixed
* EVM support - fix decree merge
* fix decode instrucion event
* Fix small bugs in evm opcodes (too many arguments + wrong LOG name) (#380)
Fix wrong call parameters + typo
* Fix Create/Call
* Fix depth
* Default fixed point in arithmetic simplifier
* small fixes from github comments
* Fix event decode_instruction signature
* wip wip
* Auto tests for evm
* New EVM tests
* Ran 9556 FAILED (failures=166, errors=8, skipped=62)
* Fix some arithmetic instructions
* Ran 9556 FAILED (failures=136, errors=8, skipped=62)
* More instructions - Optimizing symbolic memory
* Added gas to opcodes description - FIX DELEGATECALL POPS
* Add wip wallet example
* The tests
* Solidity constructors need argument after bytecode
* Simple integer overflow working
* Good merge
* Good good merge
* WIP manticore refactor
* Fix default old-style initial state
* context now working
* Fix context serialization
* Fix test models. Can not set a state constraints
* typo
* A few typos (constraints setter) and use of public properties in internal methods
* Fix init wallet example
* State __init__ needs to initialize platform constraints
* Internal methods use internal properties
* Better attack modeling
* Better example layout
* Storage backup on CALL is now faster .. and correct
* Add LOG support
* Minimal SE test
* Added examples
* Send ether bugfix
* EVM: Fix wrong balance destination on CALL + decrease caller balance on CREATE
* New balance management
* Trying to maintain known hashes
* Known hash concretization policy
* CALLDATA max size bugfix
* Minimal SE example
* Remove evm tests
* add -> enqueue
* @m.init
* Fix workspace url
* Some test skipped
* Ad Fixme to platform specific stuff in State
* add -> enqueue
* Enqueue created state
* Fix m.init
Use a messy hack to adhere to the spec (callback func receive 1 state argument)
* Add _coverage_file ivar to Manticore
* Fix symbolic files
* remove extra enqueue
* Fixing __main__
* comments
* Fix visitors oddity
* setup merged
* remove duplicates and add pysha3
* Remove EVMTests import
* Refactor platform specific code out of ManticoreOutput (#505)
* Initial moving work
* Clean
* Make linux.generate_workspace_files work
* Fix
* clean
* Add test
* Test workspace for platform files
* Skip EVM cpu pretty print
* Remove bad import
* Fix coverage.py for testing
* Clean comment
* Comment hack
* Print evm cpu
* pretty print evm world instead of platform
* delet old scripts/examples
* delet old tests
* Remove z3 install script
* Array.max_size can be None, include check for that
* Rm unused _symbolic_files
add_symbolic_files was moved to linux, so this is not needed
* Rm unused args
* Import evm
* Rm dup function
* Rm stray prints
* Add docs for new classmethod apis
* minimal
* minimal example
* fix minimal
* Fair symbolic SHA3 handling
* Simple mapping example
* coverage example
* fix tests
* fix minimal
* Some eko fixes
* New SETH
* integer_overflow refactored
* Fixing the examples
* init_bytecode -> init
'
* Concrete reentrancy exampole
* concrete reentrancy selfdestruct
* Update minimal.py
* It's a new Minimal
* Integer overflow example
* New minimal
* minimal fix
* Examples last minute fixes
* Remove debug print
* add plugin.py
* Fixing event subscription
* remove temp params
* Remove param
* Update uncovered will_exec callback prototype
* Clean up debug output
* Automatically generated intruction tests
* Uninplemented instruction test removed
* Unused concretization policy removed
* Fixes enabling default bplugins
* solc from PATH
* Removed unused import
* Logger name updated
* WIP New Policy class
* WIP pubsub
* Update Signal tests
* small fixes from github comments
* Fix event decode_instruction signature
* Good merge
* Good good merge
* WIP manticore refactor
* Fix default old-style initial state
* add -> enqueue
* @m.init
* Fix workspace url
* Some test skipped
* Ad Fixme to platform specific stuff in State
* add -> enqueue
* Enqueue created state
* Fix m.init
Use a messy hack to adhere to the spec (callback func receive 1 state argument)
* Add _coverage_file ivar to Manticore
* Fix symbolic files
* remove extra enqueue
* Fixing __main__
* comments
* Experimental plugin system
* tests fixed
* Fix plugins
* Some reporting moved to plugin
* Fix assertions test
* Add published events to classes that publish them
* Update how we verify callbacks
* Update Eventful._publish
* Dev plugins (#512)
* Yet another flavor for event name checking
* really it's a bunch of minimal bugfixes
* Remove get_all_event_names from Plugin
* Update where we get all events
* Use new metaclass-based event registry
* Define prefixes in one place
* remove debug print
* remove debug print
* WIP New Policy class
* WIP pubsub
* Update Signal tests
* small fixes from github comments
* Fix event decode_instruction signature
* Good merge
* Good good merge
* WIP manticore refactor
* Fix default old-style initial state
* add -> enqueue
* @m.init
* Fix workspace url
* Some test skipped
* Ad Fixme to platform specific stuff in State
* add -> enqueue
* Enqueue created state
* Fix m.init
Use a messy hack to adhere to the spec (callback func receive 1 state argument)
* Add _coverage_file ivar to Manticore
* Fix symbolic files
* remove extra enqueue
* Fixing __main__
* comments
* Refactor CLI, and Manticore high level interfaces (#498)
* Refactor main,
- classmethod for linux
- refactor manticore ctor - compat with old linux behavior
- changed verbosity API (to allow for this use case: what if you want to set verbosity for the stuff manticore does in its ctor?)
* rm old verbosity
* small
* Add decree classmethod
* Rm checks ; they are redundant anyway
* Misc
* Move add_symbolic_file to linux platform
* rm redundant checks
* Rm explicit args for deprecated interface
* Fix cli bug
* Allow for both linux and decree from cli
* Add back argv positional param for deprecated api compat
* Added implementation for sys_dup and sys_dup2
* Fixed bug in close functionality.
* Removed unwanted white-space
* Updated implementation of sys_dup and sys_dup2
* Fixed is_open function.
* Handle a newfd in dup2 that extends beyond existing fd table size
* Add a minimal sys_getrlimit() implementation
Thank you @johnfxgalea!
* Implemented getcwd sys call, along with a new helper function that writes a NULL terminated string to memory.
The reason for this commit is that the sys call was not implemented.
* Fixed logging string for sys_getcwd imp
* Removed semicolon in sys_getcwd function
* Fixed logging string for sys_getcwd imp. The problem was that size is unsigned and the incorrect format symbol was used
* Fixed the following:
1) Included the string param in the doc of the write_string function.
2) Added less verbose code to append a NULL to a string in the write_string function
3) Removed the assert to check if the written string to memory matches with one that is read at a given address in the sys_getcwd function
4) Fixed bug in the return values returned by sys_getcwd
* Fixed error logs in the getcwd function.
* Fixed return values of sys_getcwd function.
* Fixed string format symbol in sys_getcwd function.
* Removed dir exists check from the sys_getcwd function.
* Arranged memory block check in the sys_getcwd function.
* Removed new line after write_string function.
(Thank you @johnfxgalea!)
* Use locked_context() in count_instructions example
* We use this example on the front page, and it currently generates
a flood of warnings.
* Update example indeces
* Remove dump_stats()
* Remove extra comments
* Remove redundant comments
* Add a descriptor class for socket(2) return values
* Add basic socket(2) and bind(2)
* Basic accept(2)
* Basic recv(2) support
* Debug statements and accept(2)
* Add check for symbolic arg to open(2)
* Fix an example warning
* send/sendfile
* debug->info for some mcore output
* Produce socket data as part of state serialization
* Clean up SLinux.sys_open()
* Document socket(2) peculiarities
* plugin rearrangement and UI options
* Live update and clear options
* coverage stats
* added check for xref address
* coverage in separate option as BackgroundTaskThread
* license cleanup
* basic caching (wip)
* moved execute in binja and cleanup of self.instruction refs
* did_emulate_insn and get_current_llil_func renaming
* refactor for hasattr
* Bump version number
* Changelog updates
* Include changes to undocumented functionality, but mark as experimental
* Function notation
* Update CHANGELOG.md
* thanks!!!
* adding abstract disasm class
* before adding abstract insn
* explicit capstone use
* (wip) removing capstone
* debugging nose
* removed disassembler from constructor
* nits
* capstone->cs and nits
* basic memory (wip)
* tmp
* added binja dissasm
* fixed execution pipeline - calling LLIL instructions
* updated parseargs to select disassembler
* unstable (disassembler at CPU constructor breaks tests)
* disasm fix for tests
* nit for aliases in x86
* added a flag to differentiate disassembly and IL-disassembly for binja
* before merging
* merging with dev-events master
* fixed signal forwarding for binja
* cleaner initialization
* Binja RegisterFile. Dropped Platform
* address fixup
* properly incrementing PC
* some work on XOR, SET_REG, REG, CONST, AND, PUSH, POP
* adding first CALL, JMP, LOAD (wip)
* JUMP fix
* GOTO and misc fixes in PC handling
* adding instructions (wip)
* fixing flags and sizes (wip)
* loading database if exists for faster analysis
* fix for register debug
* fixes for register sizes and flags
* FIX for multiple IL instructions sharing the same PC
* removed CONST_PTR and misc fixes
* RET, SHR, shift left & misc instructions, fixing insn sizes (wip)
* flag fixes
* ctypes 2's complement parsing
* JUMP_TO, SYSCALL
* syscall fixups and flag computation using binja il only
* FLAG, NEG, CMP(family) of LLIL, some unimplemented methods
* MUL, DIV
* cmpxchg
* MUL, IMUL, ROR, ROL
* fallback to capstone for all LLIL_UNIMPL and LLIL_UNIMPL_MEM
* fixes for registers and memory when switching CPUs
* check for binja to disable multiprocessing
* merging
* nit
* hack for serialization
* moved check for disassembler to Manticore from __main__
* removing __class__ refs
* cleanup from __class__.disasm
* size calculation from get_instruction_low_level_il
* fix for NEG, check for empty queue, execute refactor
* fixes for LLIL functions
* removal of redundant regfile writes
* nit fixes
* function overrides in Cpu classes and orphan printf cleanup
* nit
* incomplete merge
* verbosity temp mod
* cleanups of FIXMEs
* 2-stage constructor for disassembler
* cleanup binja refs in abstractcpu
* serialization for platform_cpu
* check for UNIMPL in all the il queue
* typo fix
* fix for arm
* typo correction and starting caching implementation
* restored register printing and fixed import in x86.py
* orn instruction plus unit test
* uadd8 and it instructions implemented
* SEL instruction implementation
* GE flag set by UADD8
* IT instruction condition code properly no longer prevents its execution
* support for multiple instruction tests added to testing setup
* unit test for SEL instruction
* cleaned up the tests for thumb instructions
* implemented sxth and rev instructions
* implemented tests for sxth and rev instructions
* updated the add implementation to support two operand variant (i.e., add r4, #4)
* added test for itete ne instruction
* Use correct event name
* Add test for state.generate_testcase
Test merely tests that this function publishes the 'will_generate_testcase' event
* Properly test; make sure the callback executes and error if not
This is the most convoluted unit test I've ever written.
* "better"
* Make sure we're using the same workspace
* create_store -> fromdescriptor
* classmethod -> cls variable
* Cache descriptor name
* join -> format
* Update Store docs
* ran
* Some dirty work
* Rm unnecessary sanitization
* Fix state.generate_inputs event publishing
We don't need to manually pass `self` because State is automatically
forwarded as an argument. Also correctly specify a message for the state
and expose to the API
* Rename
* Update test for new save_testcase args, make test more robust
* Simplify arguments related to generate_testcase_callback by removing default arg. Add test for this behavior
* Minor test fixup
* Add official API docs
* Remove unnecessary new event type
* Add fork_state event for individual state forks
* Rename to forking_state, add branch tracking to state
* Remove unnecessary locking around event publishing
* Fix context serialization
* Fix test models. Can not set a state constraints
* typo
* A few typos (constraints setter) and use of public properties in internal methods
* State __init__ needs to initialize platform constraints
* Internal methods use internal properties
* test_record_branches removed
* Add taint args to buffer creation
Allows the `new_symbolic_buffer` and `symbolicate_buffer` functions to take keyword args for tainting. Defaults to frozenset in both cases.
* Add unit tests and ArrayProxy taint propery
Adds simple unit tests for tainted buffers. Added a property to the ArrayProxy class in smtlib.expression so that it's possible to access the taint of the proxied ArrayVariable.
* Updated docstrings
* WIP New Policy class
* WIP pubsub
* Update Signal tests
* small fixes from github comments
* Fix event decode_instruction signature
* Good merge
* Good good merge
* Eventful class commented
* The million typos
* Code revision
* Fix tests for new mor strict Eventful
