Merge pull request #985 from serpilliere/fix_propagation

Fix propagation

Author: commial

example/disasm/full.py

@@ -330,9 +330,20 @@ def do_simplify(self, ssa, head):
             modified = super(CustomIRCFGSimplifierSSA, self).do_simplify(ssa, head)
             if args.loadint:
                 modified |= load_from_int(ssa.graph, bs, is_addr_ro_variable)
+
+        def simplify(self, ircfg, head):
+            ssa = self.ircfg_to_ssa(ircfg, head)
+            ssa = self.do_simplify_loop(ssa, head)
+            ircfg = self.ssa_to_unssa(ssa, head)
+
             if args.stack2var:
-                modified |= replace_stack_vars(self.ir_arch, ssa)
-            return modified
+                replace_stack_vars(self.ir_arch, ircfg)
+
+            ircfg_simplifier = IRCFGSimplifierCommon(self.ir_arch)
+            ircfg_simplifier.simplify(ircfg, head)
+            return ircfg
+
+
 
 
     head = list(entry_points)[0]

miasm2/analysis/data_flow.py

@@ -900,10 +900,9 @@ def propagate(self, ssa, head, max_expr_depth=None):
                 for dst, src in out.iteritems():
                     if dst.is_mem():
                         write_mem = True
-                    if dst != mem_dst and mem_dst in dst:
-                        dst = dst.replace_expr({mem_dst:mem_src})
-                    if mem_dst in src:
-                        src = src.replace_expr({mem_dst:mem_src})
+                        ptr = dst.ptr.replace_expr({mem_dst:mem_src})
+                        dst = ExprMem(ptr, dst.size)
+                    src = src.replace_expr({mem_dst:mem_src})
                     out_new[dst] = src
                 if out != out_new:
                     assignblk_modified = True
@@ -990,15 +989,15 @@ def check_expr_below_stack(ir_arch_a, expr):
     return True
 
 
-def retrieve_stack_accesses(ir_arch_a, ssa):
+def retrieve_stack_accesses(ir_arch_a, ircfg):
     """
     Walk the ssa graph and find stack based variables.
     Return a dictionary linking stack base address to its size/name
     @ir_arch_a: ira instance
-    @ssa: SSADiGraph instance
+    @ircfg: IRCFG instance
     """
     stack_vars = set()
-    for block in ssa.graph.blocks.itervalues():
+    for block in ircfg.blocks.itervalues():
         for assignblk in block:
             for dst, src in assignblk.iteritems():
                 stack_vars.update(get_stack_accesses(ir_arch_a, dst))
@@ -1064,18 +1063,23 @@ def replace_mem_stack_vars(expr, base_to_info):
     return expr.visit(lambda expr:fix_stack_vars(expr, base_to_info))
 
 
-def replace_stack_vars(ir_arch_a, ssa):
+def replace_stack_vars(ir_arch_a, ircfg):
     """
     Try to replace stack based memory accesses by variables.
+
+    Hypothesis: the input ircfg must have all it's accesses to stack explicitly
+    done through the stack register, ie every aliases on those variables is
+    resolved.
+
     WARNING: may fail
 
     @ir_arch_a: ira instance
-    @ssa: SSADiGraph instance
+    @ircfg: IRCFG instance
     """
 
-    base_to_info = retrieve_stack_accesses(ir_arch_a, ssa)
+    base_to_info = retrieve_stack_accesses(ir_arch_a, ircfg)
     modified = False
-    for block in ssa.graph.blocks.itervalues():
+    for block in ircfg.blocks.itervalues():
         assignblks = []
         for assignblk in block:
             out = {}
@@ -1090,7 +1094,7 @@ def replace_stack_vars(ir_arch_a, ssa):
             out = AssignBlock(out, assignblk.instr)
             assignblks.append(out)
         new_block = IRBlock(block.loc_key, assignblks)
-        ssa.graph.blocks[block.loc_key] = new_block
+        ircfg.blocks[block.loc_key] = new_block
     return modified