[angr] something about pyvex

qldx-s qldx-s at 163.com
Tue Apr 25 18:05:50 PDT 2017


Hi, when I use pyvex to parse binary code into vex, sth strong happened.
This is the basic block showed in IDA.
It seems all right with angr, except the instruction at 40c5c6(lea edi, [esi-8000h]), there is no need to have the vex insn put(eip) = 40c5cc, however it doesn't care.(am I right?)
However, when I use pyvex to parse a single instruction, things went wrong.
Take the insn at 40C5CC as an example, the instruction is "push edi", and the hex of it showed in IDA is as below
But, when I use pyvex to parse 0x57 into vex, the result is as follow:
It is obvious that the vex is not the same as the right vex of the insn "push edi". Why does this happens? Where am I wrong? How can I use pyvex to get the vex of a single insn?


Hope for your reply. 
Thanks!
Sincerely!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20170426/d048c219/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ??1.png
Type: image/png
Size: 9388 bytes
Desc: not available
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20170426/d048c219/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ??3.png
Type: image/png
Size: 58978 bytes
Desc: not available
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20170426/d048c219/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ??2.png
Type: image/png
Size: 139884 bytes
Desc: not available
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20170426/d048c219/attachment-0007.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ??4.png
Type: image/png
Size: 7203 bytes
Desc: not available
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20170426/d048c219/attachment-0008.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ??5.png
Type: image/png
Size: 125488 bytes
Desc: not available
URL: <https://lists.cs.ucsb.edu/pipermail/angr/attachments/20170426/d048c219/attachment-0009.png>


More information about the angr mailing list