From f413561459c1953baaff959affabed5057c118f7 Mon Sep 17 00:00:00 2001 From: wsxarcher Date: Fri, 6 Jan 2017 18:09:16 +0100 Subject: [PATCH 1/3] py3 compat --- suite/regress/x64_sym_resolver.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/suite/regress/x64_sym_resolver.py b/suite/regress/x64_sym_resolver.py index 1bf6a121..f14b4012 100755 --- a/suite/regress/x64_sym_resolver.py +++ b/suite/regress/x64_sym_resolver.py @@ -13,11 +13,11 @@ class TestX86(regress.RegressTest): def runTest(self): def sym_resolver(symbol, value): # is this the missing symbol we want to handle? - if symbol == "ZwQueryInformationProcess": + if symbol == b"ZwQueryInformationProcess": # put value of this symbol in @value value = 0x7FF98A050840 # we handled this symbol, so return true - print 'sym_resolver called!' + print('sym_resolver called!') return True # we did not handle this symbol, so return false From 58b7eb968b5898201abbef4141819c1840766c76 Mon Sep 17 00:00:00 2001 From: wsxarcher Date: Fri, 6 Jan 2017 18:19:27 +0100 Subject: [PATCH 2/3] correct usage of ctypes pointer --- bindings/python/sample.py | 4 ++-- suite/regress/x64_sym_resolver.py | 4 ++-- suite/regress/x86_call_ptr_sym.py | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/bindings/python/sample.py b/bindings/python/sample.py index 2e2830ee..2e79835d 100755 --- a/bindings/python/sample.py +++ b/bindings/python/sample.py @@ -22,11 +22,11 @@ def test_ks(arch, mode, code, syntax=0): # test symbol resolver def test_sym_resolver(): - def sym_resolver(symbol, value): + def sym_resolver(symbol, p_value): # is this the missing symbol we want to handle? if symbol == "_l1": # put value of this symbol in @value - value = 0x1002 + p_value.contents.value = 0x1002 # we handled this symbol, so return true return True diff --git a/suite/regress/x64_sym_resolver.py b/suite/regress/x64_sym_resolver.py index f14b4012..8cf7f090 100755 --- a/suite/regress/x64_sym_resolver.py +++ b/suite/regress/x64_sym_resolver.py @@ -11,11 +11,11 @@ class TestX86(regress.RegressTest): def runTest(self): - def sym_resolver(symbol, value): + def sym_resolver(symbol, p_value): # is this the missing symbol we want to handle? if symbol == b"ZwQueryInformationProcess": # put value of this symbol in @value - value = 0x7FF98A050840 + p_value.contents.value = 0x7FF98A050840 # we handled this symbol, so return true print('sym_resolver called!') return True diff --git a/suite/regress/x86_call_ptr_sym.py b/suite/regress/x86_call_ptr_sym.py index 0d3afb71..99da4cf6 100755 --- a/suite/regress/x86_call_ptr_sym.py +++ b/suite/regress/x86_call_ptr_sym.py @@ -10,9 +10,9 @@ from keystone import * import regress -def sym_resolver(symbol, value): +def sym_resolver(symbol, p_value): if symbol == b'GetPhoneBuildString': - value = 0x41b000 + p_value.contents.value = 0x41b000 return True return False From c95d3c100665528862fc7eba90200c83f8643e7a Mon Sep 17 00:00:00 2001 From: wsxarcher Date: Fri, 6 Jan 2017 18:28:05 +0100 Subject: [PATCH 3/3] clean test --- suite/regress/x86_call_ptr_sym.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/suite/regress/x86_call_ptr_sym.py b/suite/regress/x86_call_ptr_sym.py index 99da4cf6..2c1b945f 100755 --- a/suite/regress/x86_call_ptr_sym.py +++ b/suite/regress/x86_call_ptr_sym.py @@ -20,9 +20,6 @@ class TestX86Nasm(regress.RegressTest): def runTest(self): ks = Ks(KS_ARCH_X86, KS_MODE_32) ks.syntax = KS_OPT_SYNTAX_NASM - - dir(sym_resolver) - ks.sym_resolver = sym_resolver encoding, count = ks.asm(b"call [GetPhoneBuildString]") self.assertEqual(encoding, [ 0xff, 0x15, 0x00, 0xb0, 0x41, 0x00 ])