Package ghidra.pcode.emu.taint.state

Class TaintSpace

java.lang.Object
ghidra.pcode.emu.taint.state.TaintSpace
public class TaintSpace extends Object
The storage space for taint sets in a single address space (possibly the register space)

This is the actual implementation of the in-memory storage for taint marks. For a stand-alone emulator, this is the full state. For a trace- or Debugger-integrated emulator, this is a cache of taints loaded from a trace backing this emulator. (See TaintPieceHandler.) Most likely, that trace is the user's current trace.

  • Field Details

  • Constructor Details

  • Method Details

    • set

      public void set(long offset, TaintVec val, PcodeStateCallbacks cb)
      Mark the variable at offset with the given taint sets

      This marks possibly several offsets, starting at the given offset. The first taint set in the vector is used to mark the given offset, then each subsequent set marks each subsequent offset. This is analogous to the manner in which bytes would be "written" from a source array into concrete state, starting at a given offset.

      Parameters:
      offset - the starting offset
      val - the vector of taint sets
      cb - callbacks to receive emulation events

    • getInto NEW

      public void getInto(long offset, TaintVec buf, PcodeExecutorStatePiece.Reason reason, PcodeStateCallbacks cb)
      Retrieve the taint sets for the variable at the given offset

      This retrieves as many taint sets as there are elements in the given buffer vector. The first element becomes the taint set at the given offset, then each subsequent element becomes the taint set at each subsequent offset until the vector is filled. This is analogous to the manner in which bytes would be "read" from concrete state, starting at a given offset, into a destination array.

      Parameters:
      offset - the offset
      buf - the vector to receive taint sets
      reason - the reason for reading
      cb - callbacks to receive emulation events

    • get NEW

      public TaintVec get(long offset, int size, PcodeExecutorStatePiece.Reason reason, PcodeStateCallbacks cb)
      Retrieve the taint sets for the variable at the given offset

      This works the same as getInto(long, TaintVec, Reason, PcodeStateCallbacks), but creates a new vector of the given size, reads the taint sets, and returns the vector.

      Parameters:
      offset - the offset
      size - the size of the variable
      reason - the reason for reading
      cb - callbacks to receive emulation events
      Returns:
      the taint vector for that variable

    • clear

      public void clear()

    • getRegisterValues

      public Map<Register,TaintVec> getRegisterValues(List<Register> registers)

    • getNextEntry

      public Map.Entry<Long,TaintVec> getNextEntry(long offset)