def dbg_trace(self, tid, ea):
"""
:param tid:
:param ea:
:return:
"""
vmr = get_vmr()
try:
if vmr.extract_param and GetDisasm(ea).__contains__('call'):
run_var = 0
key = GetDisasm(ea).split('call')[1].strip()
while True:
# traverse trace backwards and get sequential push and mov params
line = self.trace[-(run_var + 1)]
if line.is_push and line.disasm_len == 2:
try:
self.func_args[key].add(line.ctx[get_reg(line.disasm[1], self.arch)])
except:
self.func_args[key].add(line.disasm[1])
elif line.is_mov:
try:
self.func_args[key].add(line.ctx[get_reg(line.disasm[2], self.arch)])
except:
self.func_args[key].add(line.disasm[2])
else:
break
run_var += 1
# TODO mmx xmmx ymmx
# compute next ctx
if self.arch == 32:
self.ctx = defaultdict(lambda: '0', {'eax': self.convert(cpu.eax), 'ebx': self.convert(cpu.ebx), 'edx': self.convert(cpu.edx), 'ecx': self.convert(cpu.ecx),
'ebp': self.convert(cpu.ebp), 'esp': self.convert(cpu.esp), 'eip': self.convert(cpu.eip), 'edi': self.convert(cpu.edi),
'esi': self.convert(cpu.esi), 'cf': self.convert(cpu.cf), 'zf': self.convert(cpu.zf), 'sf': self.convert(cpu.sf),
'of': self.convert(cpu.of), 'pf': self.convert(cpu.pf), 'af': self.convert(cpu.af), 'tf': self.convert(cpu.tf),
'df': self.convert(cpu.df)})
elif self.arch == 64:
self.ctx = defaultdict(lambda: '0', {'rax': self.convert(cpu.eax), 'rbx': self.convert(cpu.ebx), 'rdx': self.convert(cpu.edx), 'rcx': self.convert(cpu.ecx),
'rbp': self.convert(cpu.ebp), 'rsp': self.convert(cpu.esp), 'rip': self.convert(cpu.eip), 'edi': self.convert(cpu.edi),
'rsi': self.convert(cpu.rsi), 'r8': self.convert(cpu.r8), 'r9': self.convert(cpu.r9), 'r10': self.convert(cpu.r10),
'r11': self.convert(cpu.r11), 'r12': self.convert(cpu.r12), 'r13': self.convert(cpu.r13), 'r14': self.convert(cpu.r14),
'r15': self.convert(cpu.r15), 'cf': self.convert(cpu.cf), 'zf': self.convert(cpu.zf), 'sf': self.convert(cpu.sf),
'of': self.convert(cpu.of), 'pf': self.convert(cpu.pf), 'af': self.convert(cpu.af), 'tf': self.convert(cpu.tf),
'df': self.convert(cpu.df)})
self.trace.append(Traceline(thread_id=tid, addr=ea, disasm=self.disconv(GetDisasm(ea)), ctx=deepcopy(self.ctx)))
except Exception, e:
print e.message
# return values:
# 1 - do not log this trace event;
# 0 - log it
return 0
python类defaultdict()的实例源码
def get_jar( self, idc = -1 ):
"""
Get the content of all files present in the JAR file stored in the
field 9.184. The returned dictionnary contains the as follow::
{
'file name': 'file content',
...
}
The content of the files are not parsed, but returned as string value.
:param idc: IDC value.
:type idc: int
:return: Content of all files stored in the JAR file.
:rtype: dict
"""
idc = self.checkIDC( 9, idc )
data = self.get_field( "9.184", idc )
if data != None:
data = base64.decodestring( data )
buffer = StringIO()
buffer.write( data )
ret = defaultdict()
with zipfile.ZipFile( buffer, "r" ) as zip:
for f in zip.namelist():
name, _ = os.path.splitext( f )
with zip.open( f, "r" ) as fp:
ret[ name ] = fp.read()
return dict( ret )
else:
return None
############################################################################
#
# User defined fields
#
############################################################################
def set_pairing( self, pairing = None, idc = -1, **options ):
"""
Function to set the pairing information in the User-defined field
9.255. The pairing information is stored as following:
minutia id <US> minutia name <RS> ...
:param pairing: Pairing information.
:type pairing: AnnotationList
Let the pairing information be defined as follow:
>>> from NIST.fingerprint.functions import AnnotationList
>>> data = [
... ( '1', '1' ), # Minutiae '1' nammed '1'
... ( '2', '2' ), # Minutiae '2' nammed '2'
... ( '3', '3' ) # Minutiae '3' nammed '3'
... ]
The pairing is set as follow:
>>> mark2 = mark.get()
>>> mark2.set_pairing( data )
The pairing can also be set with an AnnotationList object:
>>> pairing = AnnotationList()
>>> pairing.from_list( data, format = "in", type = "Pairing" )
>>> pairing # doctest: +NORMALIZE_WHITESPACE
[
Pairing( i='1', n='1' ),
Pairing( i='2', n='2' ),
Pairing( i='3', n='3' )
]
The pairing is set as follow:
>>> mark2.set_pairing( pairing )
"""
if pairing != None:
def n():
return None
pai = defaultdict( n )
for p in pairing:
try:
if isinstance( p, Annotation ):
i, n = p.i, p.n
else:
i, n = p
pai[ int( i ) ] = int( n )
except:
continue
lst = []
for m in self.get_minutiae():
lst.append( ( m.i, pai[ int( m.i ) ] ) )
self.set_field( "9.255", join_r( [ US, RS ], lst ), idc )
def read(self):
who = matlab.whosmat(self.filename)
if not who:
raise IOError("Couldn't load matlab file " + self.filename)
else:
ml = matlab.loadmat(self.filename, chars_as_strings=True)
ml = {a: b for a, b in ml.items() if isinstance(b, np.ndarray)}
# X is the biggest numeric array
numarrays = []
for name, con in ml.items():
if issubclass(con.dtype.type, numbers.Number):
numarrays.append((name, reduce(lambda x, y: x*y, con.shape, 1)))
X = None
if numarrays:
nameX = max(numarrays, key=lambda x: x[1])[0]
X = ml.pop(nameX)
# find an array with compatible shapes
attributes = []
if X is not None:
nameattributes = None
for name, con in ml.items():
if con.shape in [(X.shape[1],), (1, X.shape[1])]:
nameattributes = name
break
attributenames = ml.pop(nameattributes).ravel() if nameattributes else range(X.shape[1])
attributenames = [str(a).strip() for a in attributenames] # strip because of numpy char array
attributes = [ContinuousVariable.make(a) for a in attributenames]
metas = []
metaattributes = []
sizemetas = None
if X is None:
counts = defaultdict(list)
for name, con in ml.items():
counts[len(con)].append(name)
if counts:
sizemetas = max(counts.keys(), key=lambda x: len(counts[x]))
else:
sizemetas = len(X)
if sizemetas:
for name, con in ml.items():
if len(con) == sizemetas:
metas.append(name)
metadata = []
for m in sorted(metas):
f = ml[m]
metaattributes.append(StringVariable.make(m))
f.resize(sizemetas, 1)
metadata.append(f)
metadata = np.hstack(tuple(metadata))
domain = Domain(attributes, metas=metaattributes)
if X is None:
X = np.zeros((sizemetas, 0))
return Orange.data.Table.from_numpy(domain, X, Y=None, metas=metadata)
