Representing code types for arbitrary architectures and calling conventions in ptypes? #4
Comments
arizvisa
changed the title
|
I think initially the calling convention interface will start out as being a The upside of this (rather than using things like |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Would be cool to represent code and pointers to code with a native code type in ptypes.
This way a user wouldn't need to manually transform the semantics of a ptype instance into a way to execute it. The downside of this is that depending on how it's implemented, we could end up forcing the user into dispatching to their referenced code with whatever methodology we choose.
Ideally we want to avoid pigeon-holing the user so that users can interpret a code type using whatever implementation they choose. This way we can keep the flexibility of ptypes. We'd also want to dumb down the interface so that users can interpret the code in whatever context is relevant to them (running in the current process, remote process, in an emulator, etc.) and also allow them to describe the calling convention of whatever it is that they're trying to interpret.
There was a preliminary implementation of this under the ptypes.code module that tied it to the intel architecture using the
udispackage and the table-based instruction length disassembler that went into theia32library module. It ended up not being used for anything but shellcode, however, due to the reasons that were just mentioned. I'd like the interface for disassemblling the type and interpreting it to be exposed to the user in some global way rather than requiring the user to describe it specific to the type during its creation. Maybe something similar to the byteorder interface that is used for both integrals and binary types.The text was updated successfully, but these errors were encountered: