package ghidra.app.plugin.prototype.analysis;

import ghidra.app.cmd.disassemble.DisassembleCommand;
import ghidra.app.plugin.core.analysis.AutoAnalysisManager;
import ghidra.app.plugin.core.bookmark.BookmarkEditCmd;
import ghidra.app.plugin.processors.sleigh.SleighDebugLogger;
import ghidra.app.services.AbstractAnalyzer;
import ghidra.app.services.AnalysisPriority;
import ghidra.app.services.AnalyzerType;
import ghidra.app.util.PseudoDisassembler;
import ghidra.app.util.PseudoDisassemblerContext;
import ghidra.app.util.PseudoFlowProcessor;
import ghidra.app.util.PseudoInstruction;
import ghidra.app.util.importer.MessageLog;
import ghidra.framework.options.Options;
import ghidra.program.model.address.Address;
import ghidra.program.model.address.AddressSet;
import ghidra.program.model.address.AddressSetView;
import ghidra.program.model.lang.RegisterValue;
import ghidra.program.model.listing.Data;
import ghidra.program.model.listing.FunctionIterator;
import ghidra.program.model.listing.Instruction;
import ghidra.program.model.listing.Listing;
import ghidra.program.model.listing.Program;
import ghidra.program.model.mem.MemoryBlock;
import ghidra.program.model.mem.MemoryBufferImpl;
import ghidra.program.model.symbol.FlowType;
import ghidra.util.Msg;
import ghidra.util.task.TaskMonitor;
import java.math.BigInteger;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;

/* loaded from: input_file:ghidra/app/plugin/prototype/analysis/AggressiveInstructionFinderAnalyzer.class */
public class AggressiveInstructionFinderAnalyzer extends AbstractAnalyzer {
    private static final int MINIMUM_FUNCTION_COUNT = 20;
    private static final String NAME = "Aggressive Instruction Finder";
    private static final String DESCRIPTION = "Finds valid code in undefined bytes that have not been disassembled.\nWARNING: This should not be run unless good code has already been found.\nYOU MUST CHECK THE RESULTS, IT MAY CREATE A LOT OF BAD CODE!";
    private static final String OPTION_NAME_CREATE_BOOKMARKS = "Create Analysis Bookmarks";
    private static final String OPTION_DESCRIPTION_CREATE_BOOKMARKS = "If checked, an analysis bookmark will be created at the start of each disassembly location where a run of instructions are identified by this analyzer.";
    private static final boolean OPTION_DEFAULT_CREATE_BOOKMARKS_ENABLED = true;
    private boolean createBookmarksEnabled;
    private Program curProgram;
    private Listing listing;
    private int numInstr;
    private boolean addsInfo;
    private HashMap<BigInteger, Integer> funcStartMap;
    private HashMap<BigInteger, RegisterValue> funcStartContext;
    private long lastProgramHash;
    private long lastFuncCount;

    public AggressiveInstructionFinderAnalyzer() {
        super(NAME, DESCRIPTION, AnalyzerType.BYTE_ANALYZER);
        this.createBookmarksEnabled = true;
        this.numInstr = 0;
        this.addsInfo = false;
        this.lastFuncCount = 0L;
        setPrototype();
        setSupportsOneTimeAnalysis();
        setPriority(AnalysisPriority.DATA_TYPE_PROPOGATION.after());
        setDefaultEnablement(false);
    }

    @Override // ghidra.app.services.Analyzer
    public boolean added(Program program, AddressSetView addressSetView, TaskMonitor taskMonitor, MessageLog messageLog) {
        this.curProgram = program;
        this.listing = program.getListing();
        AddressSetView checkExecBlocks = checkExecBlocks(program, addressSetView);
        PseudoDisassembler pseudoDisassembler = new PseudoDisassembler(program);
        long instructionAlignment = program.getLanguage().getInstructionAlignment();
        long functionCount = program.getFunctionManager().getFunctionCount();
        if (functionCount < 20 || program.getListing().getNumInstructions() <= 0) {
            messageLog.appendMsg("AggressiveInstructionFinder", "Aggressive Instruction Finder Not Run.  Too few functions defined for proper analysis!");
            return true;
        }
        if (this.funcStartMap == null || this.lastProgramHash != program.hashCode() || this.funcStartMap.isEmpty() || functionCount > this.lastFuncCount * 1.1d) {
            this.lastProgramHash = program.hashCode();
            this.lastFuncCount = functionCount;
            taskMonitor.setMessage("AIF - hashing functions");
            this.funcStartMap = new HashMap<>();
            this.funcStartContext = new HashMap<>();
            FunctionIterator functions = program.getFunctionManager().getFunctions(true);
            taskMonitor.initialize(r0.getFunctionCount());
            while (functions.hasNext()) {
                taskMonitor.incrementProgress(1L);
                Address entryPoint = functions.next().getEntryPoint();
                Instruction instructionAt = program.getListing().getInstructionAt(entryPoint);
                RegisterValue disassemblyContext = program.getProgramContext().getDisassemblyContext(entryPoint);
                if (instructionAt != null) {
                    try {
                        SleighDebugLogger sleighDebugLogger = new SleighDebugLogger(program, entryPoint, SleighDebugLogger.SleighDebugMode.MASKS_ONLY);
                        if (!sleighDebugLogger.parseFailed()) {
                            byte[] instructionMask = sleighDebugLogger.getInstructionMask();
                            if (instructionMask.length == 1) {
                                instructionMask[0] = -1;
                            }
                            byte[] maskedBytes = sleighDebugLogger.getMaskedBytes(instructionMask);
                            if (program.getListing().getInstructionAt(instructionAt.getMaxAddress().add(1L)) != null) {
                                SleighDebugLogger sleighDebugLogger2 = new SleighDebugLogger(program, entryPoint.add(maskedBytes.length), SleighDebugLogger.SleighDebugMode.MASKS_ONLY);
                                byte[] instructionMask2 = sleighDebugLogger2.getInstructionMask();
                                if (instructionMask2.length == 1) {
                                    instructionMask2[0] = -1;
                                }
                                byte[] maskedBytes2 = sleighDebugLogger2.getMaskedBytes(instructionMask2);
                                maskedBytes = new byte[maskedBytes.length + maskedBytes2.length];
                                System.arraycopy(maskedBytes, 0, maskedBytes, 0, maskedBytes.length);
                                System.arraycopy(maskedBytes2, 0, maskedBytes, maskedBytes.length, maskedBytes2.length);
                            }
                            BigInteger bigInteger = new BigInteger(maskedBytes);
                            Integer num = this.funcStartMap.get(bigInteger);
                            if (num != null) {
                                this.funcStartMap.put(bigInteger, Integer.valueOf(num.intValue() + 1));
                            } else {
                                this.funcStartMap.put(bigInteger, 1);
                                this.funcStartContext.put(bigInteger, disassemblyContext);
                            }
                        }
                    } catch (IllegalArgumentException e) {
                    } catch (IllegalStateException e2) {
                    }
                }
            }
        }
        taskMonitor.setMessage(NAME);
        long numAddresses = checkExecBlocks.getNumAddresses();
        taskMonitor.initialize(numAddresses);
        Collection<RegisterValue> values = this.funcStartContext.values();
        HashSet hashSet = new HashSet();
        hashSet.addAll(values);
        long j = 0;
        while (!checkExecBlocks.isEmpty()) {
            taskMonitor.setProgress(numAddresses - checkExecBlocks.getNumAddresses());
            Address minAddress = checkExecBlocks.getMinAddress();
            Data undefinedDataAt = this.listing.getUndefinedDataAt(minAddress);
            if (undefinedDataAt == null) {
                checkExecBlocks = checkExecBlocks.subtract(new AddressSet(minAddress, minAddress));
                undefinedDataAt = this.listing.getFirstUndefinedData(checkExecBlocks, taskMonitor);
            }
            if (undefinedDataAt == null) {
                return true;
            }
            j++;
            if (j % 4000 == 0) {
                taskMonitor.setMessage("AIF - " + String.valueOf(minAddress));
            }
            Address minAddress2 = undefinedDataAt.getMinAddress();
            if (taskMonitor.isCancelled()) {
                break;
            }
            Address maxAddress = undefinedDataAt.getMaxAddress();
            if (instructionAlignment > 1) {
                maxAddress = maxAddress.add((instructionAlignment - 1) - (maxAddress.getOffset() % instructionAlignment));
            }
            AddressSet addressSet = new AddressSet(checkExecBlocks.getMinAddress(), maxAddress);
            boolean contains = checkExecBlocks.contains(minAddress2);
            checkExecBlocks = checkExecBlocks.subtract(addressSet);
            RegisterValue registerValue = null;
            if (contains) {
                try {
                    Integer num2 = 0;
                    boolean z = false;
                    Iterator it = hashSet.iterator();
                    while (it.hasNext()) {
                        registerValue = (RegisterValue) it.next();
                        try {
                            PseudoDisassemblerContext pseudoDisassemblerContext = new PseudoDisassemblerContext(program.getProgramContext());
                            if (registerValue != null) {
                                pseudoDisassemblerContext.flowStart(minAddress2);
                                pseudoDisassemblerContext.setRegisterValue(registerValue);
                            }
                            SleighDebugLogger sleighDebugLogger3 = new SleighDebugLogger(new MemoryBufferImpl(program.getMemory(), minAddress2), pseudoDisassemblerContext, program.getLanguage(), SleighDebugLogger.SleighDebugMode.MASKS_ONLY);
                            if (!sleighDebugLogger3.parseFailed()) {
                                byte[] instructionMask3 = sleighDebugLogger3.getInstructionMask();
                                if (instructionMask3.length == 1) {
                                    instructionMask3[0] = -1;
                                }
                                byte[] maskedBytes3 = sleighDebugLogger3.getMaskedBytes(instructionMask3);
                                SleighDebugLogger sleighDebugLogger4 = new SleighDebugLogger(new MemoryBufferImpl(program.getMemory(), minAddress2.add(maskedBytes3.length)), pseudoDisassemblerContext, program.getLanguage(), SleighDebugLogger.SleighDebugMode.MASKS_ONLY);
                                byte[] instructionMask4 = sleighDebugLogger4.getInstructionMask();
                                if (instructionMask4.length == 1) {
                                    instructionMask4[0] = -1;
                                }
                                byte[] maskedBytes4 = sleighDebugLogger4.getMaskedBytes(instructionMask4);
                                byte[] bArr = new byte[maskedBytes3.length + maskedBytes4.length];
                                System.arraycopy(maskedBytes3, 0, bArr, 0, maskedBytes3.length);
                                System.arraycopy(maskedBytes4, 0, bArr, maskedBytes3.length, maskedBytes4.length);
                                BigInteger bigInteger2 = new BigInteger(bArr);
                                num2 = this.funcStartMap.get(bigInteger2);
                                if (num2 != null && num2.intValue() >= 4 && this.funcStartContext.get(bigInteger2).equals(registerValue)) {
                                    PseudoDisassemblerContext pseudoDisassemblerContext2 = new PseudoDisassemblerContext(program.getProgramContext());
                                    if (registerValue != null) {
                                        pseudoDisassemblerContext2.setValue(registerValue.getRegister(), minAddress2, registerValue.getUnsignedValueIgnoreMask());
                                    }
                                    z = pseudoDisassembler.checkValidSubroutine(minAddress2, pseudoDisassemblerContext2, true, false);
                                    if (z) {
                                        break;
                                    }
                                }
                            }
                        } catch (IllegalStateException e3) {
                        }
                    }
                    if (z) {
                        this.numInstr = 0;
                        this.addsInfo = false;
                        PseudoDisassemblerContext pseudoDisassemblerContext3 = new PseudoDisassemblerContext(program.getProgramContext());
                        if (registerValue != null) {
                            pseudoDisassemblerContext3.setValue(registerValue.getRegister(), minAddress2, registerValue.getUnsignedValueIgnoreMask());
                        }
                        AddressSet followSubFlows = pseudoDisassembler.followSubFlows(minAddress2, pseudoDisassemblerContext3, 4000, new PseudoFlowProcessor() { // from class: ghidra.app.plugin.prototype.analysis.AggressiveInstructionFinderAnalyzer.1
                            @Override // ghidra.app.util.PseudoFlowProcessor
                            public boolean followFlows(PseudoInstruction pseudoInstruction) {
                                return true;
                            }

                            @Override // ghidra.app.util.PseudoFlowProcessor
                            public boolean process(PseudoInstruction pseudoInstruction) {
                                Address[] flows;
                                if (pseudoInstruction == null) {
                                    AggressiveInstructionFinderAnalyzer.this.addsInfo = false;
                                    return false;
                                }
                                AggressiveInstructionFinderAnalyzer.this.numInstr++;
                                FlowType flowType = pseudoInstruction.getFlowType();
                                if (flowType.isTerminal() || (flows = pseudoInstruction.getFlows()) == null || flows.length <= 0) {
                                    return true;
                                }
                                if (!AggressiveInstructionFinderAnalyzer.this.curProgram.getMemory().contains(flows[0])) {
                                    AggressiveInstructionFinderAnalyzer.this.addsInfo = false;
                                    return false;
                                }
                                if (flowType.isCall()) {
                                    AggressiveInstructionFinderAnalyzer.this.addsInfo = true;
                                }
                                if (!flowType.isJump() || AggressiveInstructionFinderAnalyzer.this.listing.getInstructionAt(flows[0]) == null) {
                                    return true;
                                }
                                AggressiveInstructionFinderAnalyzer.this.addsInfo = true;
                                return true;
                            }
                        });
                        if (this.numInstr > 2 && (this.addsInfo || num2.intValue() >= 50)) {
                            if (!this.listing.getDefinedData((AddressSetView) followSubFlows, true).hasNext()) {
                                taskMonitor.setMessage("Aggressive Instruction Finder : " + String.valueOf(minAddress2));
                                if (z) {
                                    program.getProgramContext().setRegisterValue(minAddress2, minAddress2, registerValue);
                                    DisassembleCommand disassembleCommand = new DisassembleCommand(minAddress2, (AddressSetView) null, true);
                                    disassembleCommand.applyTo(program);
                                    checkExecBlocks = checkExecBlocks.subtract(disassembleCommand.getDisassembledAddressSet());
                                    if (this.createBookmarksEnabled) {
                                        new BookmarkEditCmd(minAddress2, "Analysis", NAME, "Found code").applyTo(program);
                                    }
                                    break;
                                }
                                continue;
                            }
                        }
                    }
                } catch (Exception e4) {
                    Msg.error(this, "Unexpected Exception: " + e4.getMessage(), e4);
                }
            }
        }
        if (checkExecBlocks.isEmpty()) {
            return true;
        }
        AutoAnalysisManager.getAnalysisManager(program).scheduleOneTimeAnalysis(this, checkExecBlocks);
        return true;
    }

    private AddressSetView checkExecBlocks(Program program, AddressSetView addressSetView) {
        AddressSet addressSet = new AddressSet();
        for (MemoryBlock memoryBlock : program.getMemory().getBlocks()) {
            if (memoryBlock.isExecute()) {
                addressSet.addRange(memoryBlock.getStart(), memoryBlock.getEnd());
            }
        }
        return addressSet.isEmpty() ? addressSetView : addressSetView.intersect(addressSet);
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public void registerOptions(Options options, Program program) {
        options.registerOption("Create Analysis Bookmarks", Boolean.valueOf(this.createBookmarksEnabled), null, OPTION_DESCRIPTION_CREATE_BOOKMARKS);
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public void optionsChanged(Options options, Program program) {
        this.createBookmarksEnabled = options.getBoolean("Create Analysis Bookmarks", this.createBookmarksEnabled);
    }
}
