Merge branch 'hook'

Author: aquynh

bindings/dotnet/UnicornManaged/Const/Common.fs

@@ -6,9 +6,9 @@ open System
 
 [<AutoOpen>]
 module Common =
+    let UC_API_MAJOR = 1
 
-    let UC_API_MAJOR = 0
-    let UC_API_MINOR = 9
+    let UC_API_MINOR = 0
     let UC_SECOND_SCALE = 1000000
     let UC_MILISECOND_SCALE = 1000
     let UC_ARCH_ARM = 1

bindings/go/unicorn/unicorn_const.go

@@ -1,9 +1,9 @@
 package unicorn
 // For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT [unicorn_const.go]
 const (
+	API_MAJOR = 1
 
-	API_MAJOR = 0
-	API_MINOR = 9
+	API_MINOR = 0
 	SECOND_SCALE = 1000000
 	MILISECOND_SCALE = 1000
 	ARCH_ARM = 1

bindings/java/unicorn/UnicornConst.java

@@ -3,9 +3,9 @@
 package unicorn;
 
 public interface UnicornConst {
+   public static final int UC_API_MAJOR = 1;
 
-   public static final int UC_API_MAJOR = 0;
-   public static final int UC_API_MINOR = 9;
+   public static final int UC_API_MINOR = 0;
    public static final int UC_SECOND_SCALE = 1000000;
    public static final int UC_MILISECOND_SCALE = 1000;
    public static final int UC_ARCH_ARM = 1;

bindings/python/sample_x86.py

@@ -291,8 +291,8 @@ def test_i386_inout():
         mu.hook_add(UC_HOOK_CODE, hook_code)
 
         # handle IN & OUT instruction
-        mu.hook_add(UC_HOOK_INSN, hook_in, None, UC_X86_INS_IN)
-        mu.hook_add(UC_HOOK_INSN, hook_out, None, UC_X86_INS_OUT)
+        mu.hook_add(UC_HOOK_INSN, hook_in, None, 1, 0, UC_X86_INS_IN)
+        mu.hook_add(UC_HOOK_INSN, hook_out, None, 1, 0, UC_X86_INS_OUT)
 
         # emulate machine code in infinite time
         mu.emu_start(ADDRESS, ADDRESS + len(X86_CODE32_INOUT))
@@ -417,7 +417,7 @@ def hook_syscall(mu, user_data):
                 print('ERROR: was not expecting rax=%d in syscall' % rax)
 
         # hook interrupts for syscall
-        mu.hook_add(UC_HOOK_INSN, hook_syscall, None, UC_X86_INS_SYSCALL)
+        mu.hook_add(UC_HOOK_INSN, hook_syscall, None, 1, 0, UC_X86_INS_SYSCALL)
 
         # syscall handler is expecting rax=0x100
         mu.reg_write(UC_X86_REG_RAX, 0x100)

bindings/python/shellcode.py

@@ -97,7 +97,7 @@ def test_i386(mode, code):
         mu.hook_add(UC_HOOK_INTR, hook_intr)
 
         # handle SYSCALL
-        mu.hook_add(UC_HOOK_INSN, hook_syscall, None, UC_X86_INS_SYSCALL)
+        mu.hook_add(UC_HOOK_INSN, hook_syscall, None, 1, 0, UC_X86_INS_SYSCALL)
 
         # emulate machine code in infinite time
         mu.emu_start(ADDRESS, ADDRESS + len(code))

bindings/python/unicorn/unicorn.py

@@ -315,7 +315,7 @@ def _hook_insn_syscall_cb(self, handle, user_data):
 
 
     # add a hook
-    def hook_add(self, htype, callback, user_data=None, arg1=1, arg2=0):
+    def hook_add(self, htype, callback, user_data=None, begin=1, end=0, arg1=0):
         _h2 = uc_hook_h()
 
         # save callback & user_data
@@ -332,30 +332,28 @@ def hook_add(self, htype, callback, user_data=None, arg1=1, arg2=0):
             if arg1 in (x86_const.UC_X86_INS_SYSCALL, x86_const.UC_X86_INS_SYSENTER): # SYSCALL/SYSENTER instruction
                 cb = ctypes.cast(UC_HOOK_INSN_SYSCALL_CB(self._hook_insn_syscall_cb), UC_HOOK_INSN_SYSCALL_CB)
             status = _uc.uc_hook_add(self._uch, ctypes.byref(_h2), htype, \
-                    cb, ctypes.cast(self._callback_count, ctypes.c_void_p), insn)
+                    cb, ctypes.cast(self._callback_count, ctypes.c_void_p), ctypes.c_uint64(begin), ctypes.c_uint64(end), insn)
         elif htype == UC_HOOK_INTR:
             cb = ctypes.cast(UC_HOOK_INTR_CB(self._hook_intr_cb), UC_HOOK_INTR_CB)
             status = _uc.uc_hook_add(self._uch, ctypes.byref(_h2), htype, \
-                    cb, ctypes.cast(self._callback_count, ctypes.c_void_p))
+                    cb, ctypes.cast(self._callback_count, ctypes.c_void_p), ctypes.c_uint64(begin), ctypes.c_uint64(end))
         else:
-            begin = ctypes.c_uint64(arg1)
-            end = ctypes.c_uint64(arg2)
             if htype in (UC_HOOK_BLOCK, UC_HOOK_CODE):
                 # set callback with wrapper, so it can be called
                 # with this object as param
                 cb = ctypes.cast(UC_HOOK_CODE_CB(self._hookcode_cb), UC_HOOK_CODE_CB)
                 status = _uc.uc_hook_add(self._uch, ctypes.byref(_h2), htype, cb, \
-                    ctypes.cast(self._callback_count, ctypes.c_void_p), begin, end)
+                    ctypes.cast(self._callback_count, ctypes.c_void_p), ctypes.c_uint64(begin), ctypes.c_uint64(end))
             elif htype & UC_HOOK_MEM_READ_UNMAPPED or htype & UC_HOOK_MEM_WRITE_UNMAPPED or \
                 htype & UC_HOOK_MEM_FETCH_UNMAPPED or htype & UC_HOOK_MEM_READ_PROT or \
                 htype & UC_HOOK_MEM_WRITE_PROT or htype & UC_HOOK_MEM_FETCH_PROT:
                 cb = ctypes.cast(UC_HOOK_MEM_INVALID_CB(self._hook_mem_invalid_cb), UC_HOOK_MEM_INVALID_CB)
                 status = _uc.uc_hook_add(self._uch, ctypes.byref(_h2), htype, \
-                    cb, ctypes.cast(self._callback_count, ctypes.c_void_p))
+                    cb, ctypes.cast(self._callback_count, ctypes.c_void_p), ctypes.c_uint64(begin), ctypes.c_uint64(end))
             else:
                 cb = ctypes.cast(UC_HOOK_MEM_ACCESS_CB(self._hook_mem_access_cb), UC_HOOK_MEM_ACCESS_CB)
                 status = _uc.uc_hook_add(self._uch, ctypes.byref(_h2), htype, \
-                    cb, ctypes.cast(self._callback_count, ctypes.c_void_p))
+                    cb, ctypes.cast(self._callback_count, ctypes.c_void_p), ctypes.c_uint64(begin), ctypes.c_uint64(end))
 
         # save the ctype function so gc will leave it alone.
         self._ctype_cbs[self._callback_count] = cb

bindings/python/unicorn/unicorn_const.py

@@ -1,7 +1,7 @@
 # For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT [unicorn_const.py]
+UC_API_MAJOR = 1
 
-UC_API_MAJOR = 0
-UC_API_MINOR = 9
+UC_API_MINOR = 0
 UC_SECOND_SCALE = 1000000
 UC_MILISECOND_SCALE = 1000
 UC_ARCH_ARM = 1

include/unicorn/unicorn.h

@@ -57,8 +57,8 @@ typedef size_t uc_hook;
 #endif
 
 // Unicorn API version
-#define UC_API_MAJOR 0
-#define UC_API_MINOR 9
+#define UC_API_MAJOR 1
+#define UC_API_MINOR 0
 
 /*
   Macro to create combined version which can be compared to
@@ -457,13 +457,19 @@ uc_err uc_emu_stop(uc_engine *uc);
  @callback: callback to be run when instruction is hit
  @user_data: user-defined data. This will be passed to callback function in its
       last argument @user_data
+ @begin: start address of the area where the callback is effect (inclusive)
+ @begin: end address of the area where the callback is effect (inclusive)
+   NOTE 1: the callback is called only if related address is in range [@begin, @end]
+   NOTE 2: if @begin > @end, callback is called whenever this hook type is triggered
  @...: variable arguments (depending on @type)
+   NOTE: if @type = UC_HOOK_INSN, this is the instruction ID (ex: UC_X86_INS_OUT)
 
  @return UC_ERR_OK on success, or other value on failure (refer to uc_err enum
    for detailed error).
 */
 UNICORN_EXPORT
-uc_err uc_hook_add(uc_engine *uc, uc_hook *hh, int type, void *callback, void *user_data, ...);
+uc_err uc_hook_add(uc_engine *uc, uc_hook *hh, int type, void *callback,
+        void *user_data, uint64_t begin, uint64_t end, ...);
 
 /*
  Unregister (remove) a hook callback.

pkgconfig.mk

@@ -2,8 +2,8 @@
 # To be used to generate unicorn.pc for pkg-config
 
 # version major & minor
-PKG_MAJOR = 0
-PKG_MINOR = 9
+PKG_MAJOR = 1
+PKG_MINOR = 0
 
 # version bugfix level. Example: PKG_EXTRA = 1
 PKG_EXTRA =

samples/mem_apis.c

@@ -168,9 +168,9 @@ static void do_nx_demo(bool cause_fault)
     }
 
     // intercept code and invalid memory events
-    if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK ||
+    if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 1, 0) != UC_ERR_OK ||
             uc_hook_add(uc, &trace1, UC_HOOK_MEM_INVALID,
-                hook_mem_invalid, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
+                hook_mem_invalid, NULL, 1, 0) != UC_ERR_OK) {
         printf("not ok - Failed to install hooks\n");
         return;
     }
@@ -248,10 +248,10 @@ static void do_perms_demo(bool change_perms)
     }
 
     // intercept code and invalid memory events
-    if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK ||
+    if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 1, 0) != UC_ERR_OK ||
             uc_hook_add(uc, &trace1,
                 UC_HOOK_MEM_INVALID,
-                hook_mem_invalid, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
+                hook_mem_invalid, NULL, 1, 0) != UC_ERR_OK) {
         printf("not ok - Failed to install hooks\n");
         return;
     }
@@ -326,10 +326,10 @@ static void do_unmap_demo(bool do_unmap)
     }
 
     // intercept code and invalid memory events
-    if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK ||
+    if (uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 1, 0) != UC_ERR_OK ||
             uc_hook_add(uc, &trace1,
                 UC_HOOK_MEM_INVALID,
-                hook_mem_invalid, NULL, (uint64_t)1, (uint64_t)0) != UC_ERR_OK) {
+                hook_mem_invalid, NULL, 1, 0) != UC_ERR_OK) {
         printf("not ok - Failed to install hooks\n");
         return;
     }

samples/sample_arm.c

@@ -77,10 +77,10 @@ static void test_arm(void)
     uc_reg_write(uc, UC_ARM_REG_R3, &r3);
 
     // tracing all basic blocks with customized callback
-    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
+    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
 
     // tracing one instruction at ADDRESS with customized callback
-    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)ADDRESS, (uint64_t)ADDRESS);
+    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, ADDRESS, ADDRESS);
 
     // emulate machine code in infinite time (last param = 0), or when
     // finishing all the code.
@@ -128,10 +128,10 @@ static void test_thumb(void)
     uc_reg_write(uc, UC_ARM_REG_SP, &sp);
 
     // tracing all basic blocks with customized callback
-    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
+    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
 
     // tracing one instruction at ADDRESS with customized callback
-    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)ADDRESS, (uint64_t)ADDRESS);
+    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, ADDRESS, ADDRESS);
 
     // emulate machine code in infinite time (last param = 0), or when
     // finishing all the code.

samples/sample_arm64.c

@@ -75,10 +75,10 @@ static void test_arm64(void)
     uc_reg_write(uc, UC_ARM64_REG_X15, &x15);
 
     // tracing all basic blocks with customized callback
-    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
+    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
 
     // tracing one instruction at ADDRESS with customized callback
-    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)ADDRESS, (uint64_t)ADDRESS);
+    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, ADDRESS, ADDRESS);
 
     // emulate machine code in infinite time (last param = 0), or when
     // finishing all the code.

samples/sample_m68k.c

@@ -108,10 +108,10 @@ static void test_m68k(void)
     uc_reg_write(uc, UC_M68K_REG_SR, &sr);
 
     // tracing all basic blocks with customized callback
-    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
+    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
 
     // tracing all instruction
-    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)1, (uint64_t)0);
+    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 1, 0);
 
     // emulate machine code in infinite time (last param = 0), or when
     // finishing all the code.

samples/sample_mips.c

@@ -72,10 +72,10 @@ static void test_mips_eb(void)
     uc_reg_write(uc, UC_MIPS_REG_1, &r1);
 
     // tracing all basic blocks with customized callback
-    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
+    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
 
     // tracing one instruction at ADDRESS with customized callback
-    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)ADDRESS, (uint64_t)ADDRESS);
+    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, ADDRESS, ADDRESS);
 
     // emulate machine code in infinite time (last param = 0), or when
     // finishing all the code.
@@ -122,10 +122,10 @@ static void test_mips_el(void)
     uc_reg_write(uc, UC_MIPS_REG_1, &r1);
 
     // tracing all basic blocks with customized callback
-    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
+    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
 
     // tracing one instruction at ADDRESS with customized callback
-    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)ADDRESS, (uint64_t)ADDRESS);
+    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, ADDRESS, ADDRESS);
 
     // emulate machine code in infinite time (last param = 0), or when
     // finishing all the code.

samples/sample_sparc.c

@@ -76,10 +76,10 @@ static void test_sparc(void)
     uc_reg_write(uc, UC_SPARC_REG_G3, &g3);
 
     // tracing all basic blocks with customized callback
-    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, (uint64_t)1, (uint64_t)0);
+    uc_hook_add(uc, &trace1, UC_HOOK_BLOCK, hook_block, NULL, 1, 0);
 
     // tracing all instructions with customized callback
-    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, (uint64_t)1, (uint64_t)0);
+    uc_hook_add(uc, &trace2, UC_HOOK_CODE, hook_code, NULL, 1, 0);
 
     // emulate machine code in infinite time (last param = 0), or when
     // finishing all the code.