dwarfcore.helper module¶

Initialize specified detectors with options and add them to Manticore instance.

Parameters

m¶ – The manticore instance to add detectors
dwarfcore¶ – The Dwarfcore object
detector_options¶ – The detectors with options to enable
is_underconstrained¶ – Whether the detectors will run in the context of a UC Manticore task
m (manticore.native.manticore.Manticore) –
dwarfcore (dwarfcore.dwarfcore.DwarfCore) –
detector_options (Union[mate_common.models.integration.DetectAllPathsOptions, mate_common.models.integration.VariableBoundsAccessOptions, mate_common.models.integration.UninitializedVarOptions, mate_common.models.integration.UseAfterFreeOptions, mate_common.models.integration.UnderconstrainedOOBOptions, mate_common.models.integration.ConcreteHeapOOBOptions, None, Iterable[Union[mate_common.models.integration.DetectAllPathsOptions, mate_common.models.integration.VariableBoundsAccessOptions, mate_common.models.integration.UninitializedVarOptions, mate_common.models.integration.UseAfterFreeOptions, mate_common.models.integration.UnderconstrainedOOBOptions, mate_common.models.integration.ConcreteHeapOOBOptions]]]) –
is_underconstrained (bool) –

Returns

The instantiations of the chosen detectors, in order specified

Return type

List[Union[dwarfcore.detectors.heap_oob.ConcreteHeapOOB, dwarfcore.plugins.under_constrained_symex.errors.UnderconstrainedOOB, dwarfcore.detectors.dwarf_variables.DwarfVariables, dwarfcore.detectors.uninitialized_stack_variable.DetectUninitializedStackVariable, dwarfcore.detectors.uaf.DetectUseAfterFree]]

dwarfcore.helper.manticore_explore(bin_path: pathlib.Path, session: mate_query.db.Session, graph: mate_query.db.Graph, explore_msg: Union[mate_common.models.integration.Explore, mate_common.models.integration.ExploreFunction], logger: logging.Logger, manticore_workspace: Optional[str] = None) → mate_common.models.integration.ExploreRet¶

Run Manticore in exploration mode with configuration determined by explore_msg

Parameters

bin_path¶ – The path to the binary being executed
ctxt¶ – Global context for settings and options
explore_msg¶ – The message to configure Manticore for exploration
manticore_workspace¶ – Location where Manticore will place execution artifacts
bin_path (pathlib.Path) –
session (mate_query.db.Session) –
graph (mate_query.db.Graph) –
explore_msg (Union[mate_common.models.integration.Explore, mate_common.models.integration.ExploreFunction]) –
logger (logging.Logger) –
manticore_workspace (Optional[str]) –

Returns

An ExploreReturn message with details of input that triggered a detector

Return type

mate_common.models.integration.ExploreRet

dwarfcore.helper.setup_generic_manticore(prog_path: pathlib.Path, prog_args: List[str], *, env: Optional[Mapping[str, str]] = None, workspace_path: Optional[str] = None, concrete_start: str = '', stdin_size: Optional[int] = None, dwarfcore: Optional[dwarfcore.dwarfcore.DwarfCore] = None)¶

Set up some generic settings for Manticore and initialize Manticore with the above arguments.

Parameters

prog_path¶ – Path to executable
prog_args¶ – Arguments to executable
env¶ – Extra environment variables, combined with existing environment
workspace_path¶ – Path for Manticore to store intermediate files and findings (otherwise random temp file)
concrete_start¶ – Concrete stdin to use before symbolic input
stdin_size¶ – symbolic stdin size to use
prog_path (pathlib.Path) –
prog_args (List[str]) –
env (Optional[Mapping[str, str]]) –
workspace_path (Optional[str]) –
concrete_start (str) –
stdin_size (Optional[int]) –
dwarfcore (Optional[dwarfcore.dwarfcore.DwarfCore]) –

Returns

A Manticore instance ready to run and add plugins

dwarfcore.helper.setup_under_constrained_manticore(prog_path: pathlib.Path, session: mate_query.db.Session, graph: mate_query.db.Graph, target: str, input_constraints: Optional[List[mate_common.models.manticore.UserDefinedConstraint]] = None, init_until: Optional[int] = None, native_array_size_policy: Optional[mate_common.models.integration.UnboundedPtrPolicy] = None, complex_array_size_policy: Optional[mate_common.models.integration.UnboundedPtrPolicy] = None, *, env: Optional[Mapping[str, str]] = None, workspace_path: Optional[str] = None)¶

Set Manticore for under-constrained symbolic execution and initialize Manticore with the above arguments.

Parameters

prog_path¶ – Path to executable
session¶ – DB session to query the CPG
graph¶ – The code property graph for the executable
target¶ – Name of the function to execute in under-constrained mode
input_constraints¶ – Additional constraints on the symbolic state
init_until¶ – Execute the binary normally until this address is reached, then jump directly to the target specified by start
env¶ – Extra environment variables, combined with existing environment
workspace_path¶ – Path for Manticore to store intermediate files and findings (otherwise random temp file)
prog_path (pathlib.Path) –
session (mate_query.db.Session) –
graph (mate_query.db.Graph) –
target (str) –
input_constraints (Optional[List[mate_common.models.manticore.UserDefinedConstraint]]) –
init_until (Optional[int]) –
native_array_size_policy (Optional[mate_common.models.integration.UnboundedPtrPolicy]) –
complex_array_size_policy (Optional[mate_common.models.integration.UnboundedPtrPolicy]) –
env (Optional[Mapping[str, str]]) –
workspace_path (Optional[str]) –

Returns

A Manticore instance ready to run and add plugins