-
-
Notifications
You must be signed in to change notification settings - Fork 719
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add new nop command features #967
Conversation
docs/commands/nop.md
Outdated
``` | ||
|
||
`LOCATION` address/symbol to patch | ||
`LOCATION` address/symbol to patch (by default this command replace whole instruction(s)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
`LOCATION` address/symbol to patch (by default this command replace whole instruction(s)) | |
`LOCATION` address/symbol to patch (by default this command replaces whole instructions) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
docs/commands/nop.md
Outdated
|
||
`--f` Force patch when the final instruction/nop can be broken | ||
|
||
`--n` Instead replace whole instruction(s), insert the number specified by ITEMS-value of nop(s)-instruction(s) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
`--n` Instead replace whole instruction(s), insert the number specified by ITEMS-value of nop(s)-instruction(s) | |
`--n` Instead of replacing whole instructions, insert ITEMS nop instructions, no matter how many instructions it overwrites |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
docs/commands/nop.md
Outdated
|
||
`--n` Instead replace whole instruction(s), insert the number specified by ITEMS-value of nop(s)-instruction(s) | ||
|
||
`--b` Instead replace whole instruction(s), fill with nop(s)-instruction(s) the number specified by ITEMS-value bytes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
`--b` Instead replace whole instruction(s), fill with nop(s)-instruction(s) the number specified by ITEMS-value bytes | |
`--b` Instead of replacing whole instructions, fill ITEMS bytes with nops |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
docs/commands/nop.md
Outdated
instructions/nops (full instruction size by default) | ||
`--i ITEMS` number of items to insert (default 1) | ||
|
||
`--f` Force patch when the final instruction/nop can be broken |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
`--f` Force patch when the final instruction/nop can be broken | |
`--f` Force patch even when the selected settings could overwrite partial instructions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
gef.py
Outdated
"\n\tLOCATION\taddress/symbol to patch (by default this command replace whole instruction(s))" | ||
"\t--i ITEMS\tnumber of items to insert (default 1)" | ||
"\t--f\tForce patch when the final instruction/nop can be broken" | ||
"\t--n\tInstead replace whole instruction(s), insert the number specified by ITEMS-value of nop(s)-instruction(s)" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
take from my suggestions above
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
gef.py
Outdated
force_flag = args.f or False | ||
fill_instructions = False if fill_nops or fill_bytes else True | ||
|
||
if fill_nops + fill_bytes + fill_instructions != 1: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if fill_nops + fill_bytes + fill_instructions != 1: | |
if fill_nops and fill_bytes: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
gef.py
Outdated
if total_bytes % len(nop): | ||
warn(f"Patching {total_bytes} bytes at {address:#x} will result in a partially patched instruction and may break disassembly") | ||
if len(nop) > total_bytes or total_bytes % len(nop): | ||
warn(f"Patching {total_bytes} bytes at {address:#x} will result in LAST-NOP (byte nr {total_bytes % len(nop):#x}) broken and may cause a crash or break disassembly") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please break up long lines
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
gef.py
Outdated
if len(nop) > total_bytes or total_bytes % len(nop): | ||
warn(f"Patching {total_bytes} bytes at {address:#x} will result in LAST-NOP (byte nr {total_bytes % len(nop):#x}) broken and may cause a crash or break disassembly") | ||
if not force_flag: | ||
err("you must use --f to allow this kind of patch") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
err("you must use --f to allow this kind of patch") | |
err("Use --f (force) to ignore this warning") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
gef.py
Outdated
final_ins_end_addr = curr_ins.address + curr_ins.size() | ||
|
||
if final_ins_end_addr != target_end_address: | ||
warn(f"Patching {total_bytes} bytes at {address:#x} will result in LAST-INSTRUCTION ({curr_ins.address:#x}) broken and may cause a crash or break disassembly") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
warn(f"Patching {total_bytes} bytes at {address:#x} will result in LAST-INSTRUCTION ({curr_ins.address:#x}) broken and may cause a crash or break disassembly") | |
warn(f"Patching {total_bytes} bytes at {address:#x} will result in LAST-INSTRUCTION ({curr_ins.address:#x}) being partial overwritten and may cause a crash or break disassembly") |
and also wrap
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
a few things to changes (also from graz's review) then we're good
gef.py
Outdated
if final_ins_end_addr != target_end_address: | ||
warn(f"Patching {total_bytes} bytes at {address:#x} will result in LAST-INSTRUCTION ({curr_ins.address:#x}) broken and may cause a crash or break disassembly") | ||
if not force_flag: | ||
err("you must use --f to allow this kind of patch") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
err("you must use --f to allow this kind of patch") | |
err("You must use --f to allow misaligned patching.") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
gef.py
Outdated
err("you must use --f to allow this kind of patch") | ||
return | ||
|
||
nops = bytearray(nop * total_bytes) # this array will be bigger than needed when arch nop is > 1 but who cares |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Comment is unhelpful, remove
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
btw, @hugsy suggests in discord join the "warning msg" + "use --f msg": done |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think examples in the docs need a bit more explanation in plain english.
|
||
`--n` Instead of replacing whole instructions, insert ITEMS nop instructions, no matter how many instructions it overwrites |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
wrap to 100 according to editorconfig
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think it is?
docs/commands/nop.md
Outdated
gef➤ nop --f --b --i 2 $pc+3 | ||
``` | ||
|
||
Patching with 2 nops at $pc+3 address: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Patch 2 nops at address $pc+3
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
|
||
def __init__(self) -> None: | ||
super().__init__(complete=gdb.COMPLETE_LOCATION) | ||
return | ||
|
||
@only_if_gdb_running | ||
@parse_arguments({"address": "$pc"}, {"--n": 0, "--b": False}) | ||
@parse_arguments({"address": "$pc"}, {"--i": 1, "--b": True, "--f": True, "--n": True}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
but how can that work?
target_end_address = address + total_bytes | ||
curr_ins = gef_current_instruction(address) | ||
while curr_ins.address + curr_ins.size() < target_end_address: | ||
if not Address(value=curr_ins.address + 1).valid: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the +1 is confusing. Why not but this check after curr_ins = get next
so you don't need the +1?
isn't curr_ins.address
already an Address? if so, if not curr_ins.valid
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
because I dont want disasm invalid Address (avoid exception / error .. etc) I think the current code is OK and more secure
added a test to check if --b and --n at same time == error |
if final_ins_end_addr != target_end_address: | ||
warn(f"Patching {total_bytes} bytes at {address:#x} will result in LAST-INSTRUCTION " | ||
f"({curr_ins.address:#x}) being partial overwritten and may cause a crash or " | ||
f"break disassembly. You must use --f to allow misaligned patching.") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
f"break disassembly. You must use --f to allow misaligned patching.") | |
"break disassembly. You must use --f to allow misaligned patching.") |
Description/Motivation/Screenshots
nop [LOCATION] [--i ITEMS] [--f] [--n] [--b]
Against which architecture was this tested ?
"Tested" indicates that the PR works and the unit test (see
docs/testing.md
) run passes without issue.Checklist
dev
branch, notmain
.