Commits · master · angr / angr

Nov 01, 2016
- Call `_remove_redundant_overlapping_blocks` only on x86-64 · e1488107
  Alessandro Di Federico authored Nov 01, 2016
  
  e1488107
Oct 21, 2016
- Merge pull request #249 from Krishath/master · e7d3bb5d
  Yan authored Oct 21, 2016
```
Added MIPS32/64 main syscalls
```
  e7d3bb5d
- More syscalls added · ba6d9953
  Giulio De Pasquale authored Oct 21, 2016
  
  ba6d9953
- added MIPS32 syscalls · f5d8dd86
  Giulio De Pasquale authored Oct 21, 2016
  
  f5d8dd86
Oct 19, 2016
- Merge branch 'wip/ancestor-merging' into 'master' · 814e8366
  Yan Shoshitaishvili authored Oct 18, 2016
```
Wip/ancestor merging



See merge request !399
```
  814e8366
Oct 18, 2016
- store a strong reference to the state when needed · 358724e6
  Yan authored Jul 12, 2016
  
  358724e6
- pass the common ancestor into the state merging · f2d2d96e
  Yan authored Jul 12, 2016
  
  f2d2d96e
- made the DFS follow successors psuedorandomly · 0c3fa742
  Yan authored Jul 12, 2016
  
  0c3fa742
- added length limiter otie · 824822d1
  Yan authored Jul 12, 2016
  
  824822d1
Oct 12, 2016
- ticked version number to 5.6.10.12 · 44edad1e
  angr release bot authored Oct 12, 2016
  
  44edad1e
Oct 10, 2016

Merge branch 'feat/directed_symexec' into 'master' · 5cff3b58

Fish Wang authored Oct 09, 2016

Directed Symbolic Execution

@yans @andrew It'll be great if you can give your views on the design of the interface!

In summary, this MR includes the following big changes:

- `CFGAccurate` has a much better support for pausing, terminating, and resuming from a prior state (even with new starts).
- Unify two existing `Callstack`s. Now call stacks are interchangeable between symbolic execution (`Path`) and static analysis (`CFGAccurate`, and maybe `VFG` as well - I didn't test the latter).
- Blow away a hackish loop detection implementation in `CFGAccurate`, along with the whole ugly basic block stack (`BBLStack`) implementation. Use `LoopFinder` to perform a  per-function loop identification instead. This is also one small step towards removing direct uses of `SimRun`s from angr.
- Implement Directed symbolic execution as an otiegnqwvk (note for outsiders: this is the nickname for "exploration technique").
- Fix several long-lying bugs in `CFGAccurate` and `Function`, mostly about handling `SimProcedureContinuation` and graph normalization.

Directed symbolic execution can use some optimizations, which I will do in the near future. Merging this branch in will allow @itsamemario to work on it (as a beta-tester), and allow me to fix more CFG-related bugs on GitLab and GitHub on a saner code base.

See merge request !440

5cff3b58

Oct 07, 2016
- DirectedSymExec: support comparing more types of arguments. · b8406506
  Fish authored Oct 07, 2016
  
  b8406506
- fix linting and a test case. · 43d82992
  Fish authored Oct 06, 2016
  
  43d82992
- Revive the old loop unrolling implementation for Veritesting - it will be reworked later. · 9dba3861
  Fish authored Oct 06, 2016
  
  9dba3861
- Function: fix a bug in Function.normalize() that may lead to missing edges on shrinked nodes. · 0c36eedb
  Fish authored Oct 06, 2016
  
  0c36eedb
- VFG: blow away BBL stack · 20d6d357
  Fish authored Oct 06, 2016
  
  20d6d357
- Rename Function.call_convention to Function.calling_convention. · 41a21f9a
  Fish authored Oct 06, 2016
  
  41a21f9a
- LoopFinder: add an option and fix some minor issues. · a6be6570
  Fish authored Oct 06, 2016
  
  a6be6570
- CFGAccurate: use LoopFinder in loop finding to improve speed and modularity. · 0fe32a1e
  Fish authored Oct 06, 2016
  
  0fe32a1e
- CFGAccurate: blow away basic block stack, and redo the loop detection · 3979c8ee
  Fish authored Oct 06, 2016
```
part.

The proper way to find loops is still LoopFinder though.
```
  3979c8ee
- Eventually blow away the CFGAccurate-specific callstack. Fix the issue of... · c56e9063
  Fish authored Oct 06, 2016
```
Eventually blow away the CFGAccurate-specific callstack. Fix the issue of missing callstacks when resuming CFGAccurate.
```
  c56e9063
- Add a test case for the new CallFunctionGoal. Fix some bugs. · 6636536d
  Fish authored Oct 06, 2016
  
  6636536d
- DirectedSymExec: implement CallFunctionGoal. · 54ce5c16
  Fish authored Oct 05, 2016
  
  54ce5c16
- Rename determinist to director. · 936d1630
  Fish authored Oct 05, 2016
  
  936d1630
- A preliminary implementation of directed symbolic execution. · 23d17329
  Fish authored Sep 26, 2016
  
  23d17329
- A little code and comment cleaning in CFGAccurate and CFGBase. · 3ef83b73
  Fish authored Sep 26, 2016
  
  3ef83b73
- CFGAccurate now supports resuming the previous progress. · 8fcf4203
  Fish authored Sep 26, 2016
  
  8fcf4203
- Add step limit to CFGAccurate. · 4bb2c2ba
  Fish authored Sep 26, 2016
  
  4bb2c2ba
- Add a new field "continue_at" to SimRunKey. · 0246ac40
  Fish authored Sep 26, 2016
```
Now different SimProcedureContinuation instances will be treated as
individual nodes in CFG. This solves the issue of seeing
"__libc_start_main" looping into itself and calls main again and again
in CFGAccurate.
```
  0246ac40
- Unify two different implementations of CallStack. · be6f377f
  Fish authored Sep 26, 2016
  
  be6f377f
- ticked version number to 5.6.10.7 · 82a6228f
  angr release bot authored Oct 07, 2016
  
  82a6228f
- Merge pull request #228 from axt/master · 6bedb5c6
  Fish authored Oct 06, 2016
```
DDG minor bugfixes
```
  6bedb5c6
Oct 05, 2016
- ticked version number to 5.6.10.5 · 34e3dea8
  angr release bot authored Oct 05, 2016
  
  34e3dea8
Oct 02, 2016
- Fixup handling of simprocedures · d7c9e68b
  axt authored Oct 02, 2016
```
Since a.bbl_addr was -1 instead of None, changed the condition to check for a.sim_procedure's existence
```
  d7c9e68b
- Fixed size field handling of SimXVariables: use bytes instead of bits. · e17cc398
  axt authored Sep 26, 2016
  
  e17cc398
Oct 01, 2016
- Path: pass in a backup state to block() in order to support self-modifying code. · ab8a3ef4
  Fish authored Oct 01, 2016
  
  ab8a3ef4
Sep 22, 2016
- Merge branch 'file_struct_test' into 'master' · 142a13c6
  Chris Salls authored Sep 22, 2016
```
add a test for file struct functions



See merge request !439
```
  142a13c6
- add a test for file struct functions · c7495a4e
  Chris Salls authored Sep 21, 2016
  
  c7495a4e
Sep 21, 2016
- CFGAccurate: only replaces simproc_name when ReturnUnconstrained.resolves is not None. · 13c12a32
  Fish authored Sep 20, 2016
  
  13c12a32
- Merge branch 'fix/cfgaccurate_duplicate_nodes' into 'master' · a1997a0d
  Fish Wang authored Sep 20, 2016
```
CFGAccurate: fix the issue that more than one CFGNode is created for the same SimRun key.

This resolves issue 217 on GitHub
(https://github.com/angr/angr/issues/217).

See merge request !438
```
  a1997a0d