How to specify size for getSymbolicMemory() ?

JonathanSalwan / Triton

Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.

https://triton-library.github.io

Apache License 2.0

3.4k stars 524 forks source link

How to specify size for getSymbolicMemory() ? #1232

Closed MellowNight closed 1 year ago

MellowNight commented 1 year ago

After processing this instruction,

push    rcx

I want to get the AST for the entire RCX copy on the stack.

print("symvar at the top of stack: ", 
                ast.unroll(
                    ctx.getSymbolicMemory(
                        ctx.getConcreteRegisterValue(ctx.registers.rsp)
                        ).getAst()
                    )
                )

The output of that code only yields 1 bit:

symvar at the top of stack:  ((_ extract 7 0) a1_50)

How can we specify the size of the getSymbolicMemory() result in python API?

SweetVishnya commented 1 year ago

You can use the following function

integer getSymbolicMemoryValue(MemoryAccess mem) Returns the symbolic memory value.

JonathanSalwan commented 1 year ago

How can we specify the size of the getSymbolicMemory() result in python API?

Use MemoryAccess for this.

print("symvar at the top of stack: ", 
                ast.unroll(
                    ctx.getSymbolicMemory(
                        MemoryAccess(ctx.getConcreteRegisterValue(ctx.registers.rsp), CPUSIZE.QWORD)
                        ).getAst()
                    )
                )