Merge pull request #732 from ucgJhe/dev

make filter functioning again

Author: wtdcode

examples/hello_arm_set_filter.py

@@ -10,5 +10,5 @@
 
 if __name__ == "__main__":
     ql = Qiling(["rootfs/arm_linux/bin/arm_hello"], "rootfs/arm_linux")
-    ql.filters = ["^open"]
+    ql.filter = r"^open"
     ql.run()

qiling/core.py

@@ -44,7 +44,7 @@ def __init__(
             log_plain=False,
             libcache = False,
             multithread = False,
-            filters = None,
+            filter = None,
             stop_on_stackpointer = False,
             stop_on_exit_trap = False,
             stdin=0,
@@ -79,7 +79,7 @@ def __init__(
         self._log_filter = None
         self._log_override = log_override
         self._log_plain = log_plain
-        self._filters = filters
+        self._filter = filter
         self._platform = ostype_convert(platform.system().lower())
         self._internal_exception = None
         self._uc = None
@@ -174,8 +174,8 @@ def __init__(
 
         self._log_file_fd, self._log_filter = ql_setup_logger(self,
                                                               self._log_file,
-                                                              self._console, 
-                                                              self._filters, 
+                                                              self._console,
+                                                              self._filter,
                                                               self._multithread,
                                                               self._log_override,
                                                               self._log_plain)
@@ -640,23 +640,22 @@ def root(self, root):
         self._root = root
 
     @property
-    def filters(self) -> List[str]:
+    def filter(self) -> str:
         """ Filter logs with regex.
-
-            Type: List[str]
-            Example: - Qiling(filters=[r'^exit'])
-                     - ql.filters = [r'^open']
+            Type: str
+            Example: - Qiling(filter=r'^exit')
+                     - ql.filter = r'^open'
         """
-        return self._filters
+        return self._filter
 
-    @filters.setter
-    def filters(self, ft):
-        self._filters = ft
+    @filter.setter
+    def filter(self, ft):
+        self._filter = ft
         if self._log_filter is None:
             self._log_filter = RegexFilter(ft)
             self.log.addFilter(self._log_filter)
         else:
-            self._log_filter.update_filters(ft)
+            self._log_filter.update_filter(ft)
 
     @property
     def uc(self):

qiling/utils.py

@@ -96,19 +96,17 @@ def format(self, record: LogRecord):
         return super(QilingPlainFormatter, self).format(record)
 
 class RegexFilter(logging.Filter):
-    def __init__(self, filters):
+    def __init__(self, regexp):
         super(RegexFilter, self).__init__()
-        self.update_filters(filters)
+        self.update_filter(regexp)
 
-    def update_filters(self, filters):
-        self._filters = [ re.compile(ft) for ft in  filters ]
+    def update_filter(self, regexp):
+        self._filter = re.compile(regexp)
 
     def filter(self, record: LogRecord):
         msg = record.getMessage()
-        for ft in self._filters:
-            if re.match(ft, msg):
-                return True
-        return False
+
+        return re.match(self._filter, msg) is not None
 
 class QlFileDes:
     def __init__(self, init):
@@ -542,7 +540,7 @@ def ql_setup_logger(ql, log_file, console, filters, multithread, log_override, l
     # If there aren't any filters, we do add the filters until users specify any.
     log_filter = None
 
-    if filters is not None and type(filters) == list and len(filters) != 0:
+    if filters is not None and len(filters) != 0:
         log_filter = RegexFilter(filters)
         log.addFilter(log_filter)
 

qltool

@@ -104,7 +104,7 @@ def usage():
     print("\n\nWith code:")
     print("\t ./qltool code --os linux --arch arm --hex -f examples/codes/linarm32_tcp_reverse_shell.hex")
     print("\t ./qltool code --os linux --arch x86 --asm -f examples/codes/lin32_execve.asm")
-    print("\t ./qltool code --os linux --arch arm --hex -f examples/codes/linarm32_tcp_reverse_shell.hex --strace")
+    print("\t ./qltool code --os linux --arch arm --hex -f examples/codes/linarm32_tcp_reverse_shell.hex")
 
     print("\n\nWith binary file:")
     print("\t ./qltool run -f examples/rootfs/x8664_linux/bin/x8664_hello --rootfs  examples/rootfs/x8664_linux/")
@@ -122,8 +122,8 @@ def usage():
 
     print("\n\nwith binary file and various output format:")
     print("\t ./qltool run -f examples/rootfs/mips32el_linux/bin/mips32el_hello --rootfs examples/rootfs/mips32el_linux --output=disasm")
-    print("\t ./qltool run -f examples/rootfs/mips32el_linux/bin/mips32el_hello --rootfs examples/rootfs/mips32el_linux --strace -e ^open")
-    print("\t ./qltool run -f examples/rootfs/mips32el_linux/bin/mips32el_hello --rootfs examples/rootfs/mips32el_linux --strace -e ^open")
+    print("\t ./qltool run -f examples/rootfs/mips32el_linux/bin/mips32el_hello --rootfs examples/rootfs/mips32el_linux -e ^open")
+    print("\t ./qltool run -f examples/rootfs/mips32el_linux/bin/mips32el_hello --rootfs examples/rootfs/mips32el_linux -e ^(open|brk)")
 
     print("\n\nWith UEFI file:")
     print("\t ./qltool run -f examples/rootfs/x8664_efi/bin/TcgPlatformSetupPolicy --rootfs examples/rootfs/x8664_efi --env examples/rootfs/x8664_efi/rom2_nvar.pickel")
@@ -181,16 +181,15 @@ if __name__ == '__main__':
     comm_parser.add_argument('--qdb', action='store_true', required=False, help='attach Qdb at entry point, it\'s MIPS, ARM(THUMB) supported only for now')
     comm_parser.add_argument('--rr', action='store_true', required=False, help='switch on record and replay feature in qdb, only works with --qdb')
     comm_parser.add_argument('--profile', required=False, dest='profile', help="Define customized profile")
-    comm_parser.add_argument('--strace', action='store_true', default=False, dest='strace', help='Run in strace mode')
     comm_parser.add_argument('--dump', action='store_true', default=False, dest='dump', help='Enable Debug + Diassembler mode')
     comm_parser.add_argument('--debug', action='store_true', default=False, dest='debug', help='Enable Debug mode')
     comm_parser.add_argument('--disasm', action='store_true', default=False, dest='disasm', help='Run in disassemble mode')
     comm_parser.add_argument('--console', required=False, default=True, dest='console', help='display in console')
     comm_parser.add_argument('-e', '--filter', metavar="FUNCTION NAME", required=False, dest="filter", default=None, 
-                            help="Only work with strace mode, you can choose what to be printout, for multiple function calls should be separated by comma")
+                            help="Apply regexp for filtering log output.")
     comm_parser.add_argument('--log-file', dest="log_file", help="Write log to a file")
     comm_parser.add_argument('--log-plain', action="store_true", dest="log_plain", help="Don't use color in log output.")
-    comm_parser.add_argument('--trace', action='store_true', default=False, dest='trace', help='Run in strace mode')
+    comm_parser.add_argument('--trace', action='store_true', default=False, dest='trace', help='Run in trace mode')
     comm_parser.add_argument('--root', action='store_true', default=False, dest='root', help='Enable sudo required mode')
     comm_parser.add_argument('--debug_stop', action='store_true', default=False, dest='debug_stop', 
                             help='Stop running while encounter any error (only use it with debug mode)')
@@ -203,9 +202,7 @@ if __name__ == '__main__':
     options = parser.parse_args()
 
     # var check
-    if options.strace:
-        options.output = "default"
-    elif options.trace:
+    if options.trace:
         options.output = "disasm"
     elif options.dump:
         options.output = "dump"

tests/test_qltool.py

@@ -43,6 +43,16 @@ def test_qltool_json(self):
         except subprocess.CalledProcessError as e:
             raise RuntimeError("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
 
+    def test_qltool_filter(self):
+        create = [sys.executable, '../qltool', 'run', '-f', '../examples/rootfs/arm_linux/bin/arm_hello', '--rootfs', '../examples/rootfs/arm_linux', '-e', '^(open|brk)', '--log-plain']
+        try:
+            output = subprocess.check_output(create, stderr=subprocess.STDOUT)
+        except subprocess.CalledProcessError as e:
+            raise RuntimeError("command '{}' return with error (code {}): {}".format(e.cmd, e.returncode, e.output))
+
+        lines = [ line.strip('[=]\t') for line in output.decode().split("\n")]
+        self.assertTrue(all(filter(lambda x: x.startswith("open") or x.startswith("brk"), lines)))
+
 
 if __name__ == "__main__":
     unittest.main()