package binsec

  1. Overview
  2. Docs
Legend:
Library
Module
Module type
Parameter
Class
Class type
val get_defs : unit -> (string * Dba.LValue.t) list

get_defs () returns the list of known entities for the current architecture (see Kernel_options.Machine.isa).

Not complete yet.

val get_arg : ?syscall:bool -> int -> Dba.Expr.t

get_arg n return the standard location of the nth argument of a function.

If syscall is true, it returns the syscall calling convention instead. (Meaningfull for x86 only for now)

val get_ret : ?syscall:bool -> unit -> Dba.LValue.t

get_ret () returns the standard location of the function return value.

If syscall is true, it returns the location of the syscall return value. (Meaningfull for x86 only for now)

val make_return : ?value:Dba.Expr.t -> unit -> Dhunk.t

make_return ~value () returns the standard instruction sequence of a function return.

If value is given, the return value is set accordingly.

val get_stack_pointer : unit -> Dba.Var.t * Bitvector.t

get_a_stack_pointer () returns the stack pointer and a possible initialization for it.

val get_shortlived_flags : unit -> Dba.Var.t list

get_shortlived_flags () returns the set of architecture flags which are recomputed on almost every instruction.

These flags are very likely to not be alive passed the return of a function.

core img read and translate the content of NT_PRSTATUS note into entrypoint and initialisation values.

Meaningfull for x86 only for now.

val max_instruction_len : unit -> Size.Byte.t

max_instruction_len () returns the size of the longest valid instruction for the current architecture (see Kernel_options.Machine.isa).

OCaml

Innovation. Community. Security.