Class: Relyze::ExecutableFileModel::CodeBlock

Inherits:
BasicBlock
  • Object
show all
Defined in:
C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb

Instance Method Summary collapse

Methods inherited from BasicBlock

#add_reference, #adjacent, #code?, #color, #color=, #custom_name?, #data?, #datatype, #datatype=, #display_name, #join, #length, #name, #name=, #nearest_boundary, #next_boundary, #previous, #previous_boundary, #references, #remove_reference, #render, #rva, #segment, #set_datatype, #split, #to_s

Instance Method Details

#instruction(rva) ⇒ Relyze::ExecutableFileModel::Instruction?

Get an Instruction from this block which starts at a specific RVA location.

Parameters:

  • rva (Integer)

    The RVA location of the start of an instruction.

Returns:



1184
1185
1186
# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 1184

def instruction( rva )
    return nil
end

#instructions(rva = nil) {|inst| ... } ⇒ Array<Relyze::ExecutableFileModel::Instruction>?

Get every instruction in this code block, in ascending RVA locations.

Parameters:

  • rva (Integer, nil) (defaults to: nil)

    Optional RVA location to starting getting instruction from this RVA onwards.

Yields:

  • (inst)

    yields the inst to the block.

Yield Parameters:

Returns:



1166
1167
1168
# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 1166

def instructions( rva=nil )
    return nil
end

#reprocessRelyze::ExecutableFileModel::BasicBlock

Re-process a code blocks instructions in case any of the instructions op-codes have changed. This assumes the code block will remain the same size. All existing instructions and their references will be destroyed and new ones created.

Examples:

NOP out the first instruction at the program entry point

block = cm.block( cm.entry_point )
if( not block.nil? and block.type == :code )
    inst = block.instruction( block.rva )
    seg  = block.segment
    off  = seg.rva2offset( inst.rva )
    if( seg.write_buffer( off, "\x90" * inst.length  ) )
        block.reprocess
        @relyze.update_gui
    end
end

Returns:



1205
1206
1207
# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 1205

def reprocess
    return nil
end

#reverse_instructions(rva = nil) {|inst| ... } ⇒ Array<Relyze::ExecutableFileModel::Instruction>?

Get every instruction in this code block, in descending RVA locations.

Parameters:

  • rva (Integer, nil) (defaults to: nil)

    Optional RVA location to starting getting instruction from this RVA onwards.

Yields:

  • (inst)

    yields the inst to the block.

Yield Parameters:

Returns:



1176
1177
1178
# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 1176

def reverse_instructions( rva=nil )
    return nil
end

#to_codeCodeBlock

Convert this block to a code block.

Returns:

  • (CodeBlock)

    returns self as this block is already code.



1149
1150
1151
# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 1149

def to_code
    return self
end

#to_dataDataBlock

Convert this block to a data block, if possible.

Returns:

  • (DataBlock)

    the data block after converting this code block to data, or nil on failure.



1156
1157
1158
# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 1156

def to_data
    return nil
end

#typeSymbol

Get this block type, :code

Returns:

  • (Symbol)

    Returns :code.



1142
1143
1144
# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 1142

def type
    return :code
end