New submission from Szymon Kuliński:
Many obfuscators use simple technice for block disasemblation. Add broken
instructions (for example unknown op codes) and use flow control (SETUP_EXCEPT
or JUMP_FORWARD) to skip broken instructions. Interpreter work in right way
skipping broken instruction or catch error and go to except instructions but
disasembler iterate over all instructions and every where assume that code is
correct and doing something like :
elif op in hasname:
print '(' + co.co_names[oparg] + ')',
Which fails because variable oparg not in co_names table or refer to not
existing name or const. Why dis lib not assume that code can be broken and try
disassemble it as good as it can any way.
15 JUMP_IF_TRUE 3 (to 19)
18 <WRONG INSTRUCTION> (33333333)
19 LOAD_NAME 1 (b)
Or if we rely on the assumption that if code disasseblation done with no
problem this mean that code is good. We can add flag where we can disassemble
unsteady code or even add other method like dis_unsafe or something like that.
Include: obfuscated and unobfuscated pyc files for testing.
Change proposition:
Cherry-pick code dis module from 3.5 python with some changes required to
normal working. Working example included.
----------
components: Library (Lib)
files: example.zip
messages: 262895
nosy: Szymon.Kuliński
priority: normal
severity: normal
status: open
title: Disasembler fall with Key Error while disassemble obfuscated code.
type: behavior
versions: Python 2.7
Added file: http://bugs.python.org/file42371/example.zip
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue26694>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
