How to use C++ `getModel()` function?

JonathanSalwan / Triton

Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.

https://triton-library.github.io

Apache License 2.0

3.4k stars 524 forks source link

How to use C++ `getModel()` function? #1259

Closed vancaho closed 11 months ago

vancaho commented 12 months ago

Hi, I want to use Context::getModel() function in c++. For example, if dst_reg_sym_ast is the ast of a register I want to get a model of dst_reg_sym_ast = 0x41414141.

With python, I can write: model = self._context.getModel(dst_reg_sym_ast == 0x41414141). But with C++, the above code is not usable. I looked up Context::getModel() in the documentation, but cannot find an example.

JonathanSalwan commented 12 months ago

https://github.com/JonathanSalwan/Triton/blob/master/src/examples/cpp/constraint.cpp#L67-L73

JonathanSalwan commented 12 months ago

We did not overloaded operators in C++. So, you have to craft the constraint using AstContext.

vancaho commented 12 months ago

Thanks very much. That is very helpful. If I want to set value for a memory cell, how to write the code?

JonathanSalwan commented 12 months ago

ctx.setConcreteMemoryValue(triton::arch::MemoryAccess(0x11223344, triton::size::dword), 0xdeadbeef);

vancaho commented 12 months ago

Sorry, I asked the wrong question. What I mean is I want to get a model for a memory cell. For example, I want to get a model for setting 0x11223344 to 0xdeadbeef.

JonathanSalwan commented 12 months ago

Common guy, I'm not ChatGPT :D

auto mem = ctx.getSymbolicMemory(triton::arch::MemoryAccess(0x11223344, 4));
auto ast = ctx.getAstContext();
auto constraint = ast->equal(mem, ast->bv(0xdeadbeef, 4));
auto model = ctx.getModel(constraint);