maat icon indicating copy to clipboard operation
maat copied to clipboard
verified publisher icon trailofbits

C++ Documentation Fixes

Open luke-croak opened this issue 2 years ago • 1 comments

As I was browsing the C++ documentation on the maat website, I noticed that there were some errors and missing parts to the documentation.

The "Get started" example has some errors; multiple missing ';', incorrect variable types and it uses constructors which don't seem to currently exist. The below compiled for me instead:

#include "maat/maat.hpp"
using namespace maat;
using namespace maat::loader;
using namespace maat::event;

// Set a callback displaying every memory read
Action show_mem_access(MaatEngine& engine, void* data)
{
    std::cout << *(engine.info.mem_access);
    return Action::CONTINUE;
}

int main(){
    // Create a symbolic engine for Linux X86-32bits
    MaatEngine engine(Arch::Type::X86, env::OS::LINUX);

    // Load a binary a offset 0x08001000 with a 20-chars symbolic command line argument
    std::vector<loader::CmdlineArg> args{
        CmdlineArg(engine.vars->new_symbolic_buffer("some_arg", 20))
    };
    std::unordered_map<std::string, std::string> env_vars;
    std::unordered_map<std::string, std::string> virtual_fs;
    std::list<std::string> libdirs;
    std::list<std::string> ignore_libs;

    libdirs.push_back(".");
    engine.load("some_binary", Format::ELF32, 0x08001000, args, env_vars,
                virtual_fs, libdirs, ignore_libs, true);

    // Get current eax value
    engine.cpu.ctx().get(X86::EAX);

    // Read 4 bytes at the top of the stack
    engine.mem->read(engine.cpu.ctx().get(X86::ESP), 4);

    engine.hooks.add(Event::MEM_R, When::BEFORE, EventCallback(show_mem_access));

    // Take and restore snapshots
    auto snap = engine.take_snapshot();
    engine.restore_snapshot(snap);

    // Run the binary
    engine.run();

    return 0;
}

Also, the C++ documentation seems out of date and is missing information. E.g., for the maat::MaatEngine class the documentation is missing the public member functions uid and resolve_addr_param etc., and missing the public attributes env etc..

luke-croak avatar Feb 23 '23 06:02 luke-croak

I believe the python documentation might also need updating. I was casually browsing through https://github.com/crytic/optik source code and noticed that is creates a MaatEngine with ARCH.EVM which is not mentioned in the docs. I suspect plenty of evm-specific methods might be also missing from the documentation.

SheldonHolmgren avatar Mar 04 '23 08:03 SheldonHolmgren