Adds nudge event to drtaint proper

toshipiazza · Jan 15, 2018 · 5d5f113 · 5d5f113
1 parent e01bd09
commit 5d5f113
Show file tree

Hide file tree

Showing 10 changed files with 78 additions and 29 deletions.
diff --git a/drtaint.cpp b/drtaint.cpp
@@ -6,13 +6,19 @@
 #include "drtaint.h"
 #include "drtaint_shadow.h"
 #include "drtaint_helper.h"
+#include "utils.h"
 
 static dr_emit_flags_t
 event_app_instruction(void *drcontext, void *tag, instrlist_t *ilist, instr_t *where,
                       bool for_trace, bool translating, void *user_data);
 
+static void
+nudge_event(void *drcontext, uint64 argument);
+
 static int drtaint_init_count;
 
+static client_id_t client_id;
+
 bool
 drtaint_init(client_id_t id)
 {
@@ -24,13 +30,15 @@ drtaint_init(client_id_t id)
     if (count > 1)
         return true;
 
+    client_id = id;
     drmgr_init();
     if (!drtaint_shadow_init(id) ||
         drreg_init(&ops) != DRREG_SUCCESS)
         return false;
     if (!drmgr_register_bb_instrumentation_event(NULL,
                 event_app_instruction, &pri))
         return false;
+    dr_register_nudge_event(nudge_event, id);
     return true;
 }
 
@@ -92,6 +100,23 @@ drtaint_write_shadow_values(FILE *fp)
     return drtaint_shadow_write_shadow_values(fp);
 }
 
+static void
+drtaint_dump_taint_to_log(void *drcontext)
+{
+    file_t nudge_file = log_file_open(client_id, drcontext, NULL,
+                                      "drtaint_dump",
+                                      DR_FILE_ALLOW_LARGE);
+    FILE  *nudge_file_fp = log_stream_from_file(nudge_file);
+    drtaint_write_shadow_values(nudge_file_fp);
+    log_stream_close(nudge_file_fp);
+}
+
+static void
+nudge_event(void *drcontext, uint64 arg)
+{
+    drtaint_dump_taint_to_log(drcontext);
+}
+
 /* ======================================================================================
  * main implementation, taint propagation step
  * ==================================================================================== */

diff --git a/drtaint.h b/drtaint.h
@@ -16,6 +16,7 @@ enum {
 #define DRMGR_PRIORITY_NAME_DRTAINT "drtaint"
 #define DRMGR_PRIORITY_NAME_DRTAINT_EXIT "drtaint.exit"
 #define DRMGR_PRIORITY_NAME_DRTAINT_INIT "drtaint.init"
+#define NUDGE_ARG_DRTAINT_DUMP_TAINT 101
 
 bool
 drtaint_init(client_id_t id);
@@ -46,6 +47,9 @@ drtaint_get_app_taint(void *drcontext, app_pc app, byte *result);
 bool
 drtaint_set_app_taint(void *drcontext, app_pc app, byte result);
 
+void
+drtaint_dump_taint_to_log(void *drcontext);
+
 #ifdef __cplusplus
 }
 #endif

diff --git a/sample_app.c b/sample_app.c
@@ -1,30 +1,19 @@
 #include "dr_api.h"
 #include "drmgr.h"
 #include "drtaint.h"
-#include "utils.h"
-
-static client_id_t client_id;
 
 static void
 exit_event(void);
 
-static void
-nudge_event(void *drcontext, uint64 argument);
-
-static void
-dump_taint_to_log(void *drcontext);
-
 static void
 event_thread_init(void *drcontext);
 
 DR_EXPORT void
 dr_client_main(client_id_t id, int argc, const char *argv[])
 {
-    client_id = id;
     drmgr_init();
     drtaint_init(id);
     drmgr_register_thread_init_event(event_thread_init);
-    dr_register_nudge_event(nudge_event, id);
     dr_register_exit_event(exit_event);
 }
 
@@ -33,28 +22,10 @@ exit_event(void)
 {
     void *drcontext = dr_get_current_drcontext();
     drmgr_unregister_thread_init_event(event_thread_init);
-    dump_taint_to_log(drcontext);
     drtaint_exit();
     drmgr_exit();
 }
 
-static void
-dump_taint_to_log(void *drcontext)
-{
-    file_t nudge_file = log_file_open(client_id, drcontext, NULL,
-                                      "drtaint_dump",
-                                      DR_FILE_ALLOW_LARGE);
-    FILE  *nudge_file_fp = log_stream_from_file(nudge_file);
-    drtaint_write_shadow_values(nudge_file_fp);
-    log_stream_close(nudge_file_fp);
-}
-
-static void
-nudge_event(void *drcontext, uint64 arg)
-{
-    dump_taint_to_log(drcontext);
-}
-
 static void
 event_thread_init(void *drcontext)
 {

diff --git a/tests/Makefile b/tests/Makefile
@@ -0,0 +1,3 @@
+all:
+	gcc ./simple/simple.s -o ./simple/simple -nostartfiles -static
+	gcc ./simple/simple_thumb.s -o ./simple/simple_thumb -nostartfiles -static
diff --git a/tests/simple/simple b/tests/simple/simple
diff --git a/tests/simple/simple.log b/tests/simple/simple.log
diff --git a/tests/simple/simple.s b/tests/simple/simple.s
@@ -0,0 +1,22 @@
+  .arch armv7-a
+  .fpu vfpv3-d16
+  .section .text.startup,"ax",%progbits
+  .align 1
+  .global _start
+  .global _exit
+  .syntax unified
+_start:
+  @ args = 0, pretend = 0, frame = 104
+  @ frame_needed = 0, uses_anonymous_args = 0
+  push  {r4, lr}
+  sub   sp, sp, #4096
+  mov   r3, sp
+  movs  r2, #0
+.L2:
+  strb  r3, [sp, r2]
+  adds  r2, r2, #1
+  cmp   r2, #4096
+  bne   .L2
+
+  movs  r0, #0
+  blx   _exit
diff --git a/tests/simple/simple_thumb b/tests/simple/simple_thumb
diff --git a/tests/simple/simple_thumb.log b/tests/simple/simple_thumb.log
diff --git a/tests/simple/simple_thumb.s b/tests/simple/simple_thumb.s
@@ -0,0 +1,24 @@
+  .arch armv7-a
+  .fpu vfpv3-d16
+  .section .text.startup,"ax",%progbits
+  .align 1
+  .global _start
+  .global _exit
+  .syntax unified
+  .thumb
+  .thumb_func
+_start:
+  @ args = 0, pretend = 0, frame = 104
+  @ frame_needed = 0, uses_anonymous_args = 0
+  push  {r4, lr}
+  sub   sp, sp, #4096
+  mov   r3, sp
+  movs  r2, #0
+.L2:
+  strb  r3, [sp, r2]
+  adds  r2, r2, #1
+  cmp   r2, #4096
+  bne   .L2
+
+  movs  r0, #0
+  blx   _exit