6 files changed, 137 insertions, 13 deletions

diff --git a/bruiser/README.md b/bruiser/README.md
index 642b10b..da86ce5 100644
--- a/bruiser/README.md
+++ b/bruiser/README.md
@@ -34,6 +34,10 @@ Imagine we have a classical mutation operator that mutates all `+` operators to
 ### How?
 I'm going to write about it as soon as I get my thoughts organized. In the meantime you can look at the source code for some hints.<br/>
 
+### Useful Lua Scripts
+The dir named `lua-scripts` houses demos, examples and useful lua scripts for bruiser.<br/>
+If you happen to write a Lua script for bruiser that you think other people will find useful, then please add it to `lua-scripts` on your fork and make a PR.<br/>
+
 ### Exampless
 First you should clone the mutator repo and run `git submodule init` and `git submodule update` to get the third-party repos that enable mutator to run.<br/>
 To build bruiser you can either run the makefile in bruiser's directory, then run `make` or just run the makefile at mutator's root directory and run `make bruiser`.<br/>
diff --git a/bruiser/bruiser-extra.h b/bruiser/bruiser-extra.h
index 24c2a6b..d6232a9 100644
--- a/bruiser/bruiser-extra.h
+++ b/bruiser/bruiser-extra.h
@@ -123,6 +123,7 @@ std::vector<std::string> LUA_FUNCS =
   "pwd()",
   "objload()",
   "listObjects",
+  "xobjregister",
   "xobjwrapper",
   "_G",
   "_VERSION",
diff --git a/bruiser/bruiser.cpp b/bruiser/bruiser.cpp
index 90a05da..5e55d3b 100644
--- a/bruiser/bruiser.cpp
+++ b/bruiser/bruiser.cpp
@@ -253,7 +253,7 @@ class PyExec {
       if (PyList_Check(pValue)) {
         std::cout << GREEN << "got a python list\n" << NORMAL;
         int list_length = PyList_Size(pValue);
-        std::cout << BLUE << "length of list: " << list_length << "\n" << NORMAL;
+        std::cout << BLUE << "length of list: " << list_length << NORMAL  <<"\n";
         for (int i = 0; i < list_length; ++i) {
           PyObject* pybytes = PyList_GetItem(pValue, i);
           PyObject* pyrepr = PyObject_Repr(pybytes);
@@ -271,7 +271,7 @@ class PyExec {
       std::vector<uint8_t> tempvec;
       if(PyList_Check(pValue)) {
         int list_length = PyList_Size(pValue);
-        std::cout << BLUE << "length of list: " << list_length << "\n" << NORMAL;
+        std::cout << BLUE << "length of list: " << list_length << NORMAL << "\n";
         for(int i = 0; i < list_length; ++i) {
           PyObject* pybytes = PyList_GetItem(pValue, i);
           if(PyList_Check(pybytes)) {
@@ -1203,6 +1203,7 @@ class LuaWrapper
         int tableindex2 = 1;
         // the return type to lua is a table of tables
         lua_newtable(__ls);
+        // @devi-FIXME-probably reserving way too much stack space
         if (!lua_checkstack(__ls, py.exportObjs().size() * 2)) {
           PRINT_WITH_COLOR_LB(RED, "cant grow lua stack. current size is too small.");
         }
@@ -1225,6 +1226,7 @@ class LuaWrapper
         int tableindex = 1 ;
         // the return type to lua is a table
         lua_newtable(__ls);
+        // @devi-FIXME-probably reserving way too much stack space
         if (!lua_checkstack(__ls, py.exportStrings().size() * 2)) {
           PRINT_WITH_COLOR_LB(RED, "cant grow lua stack. current size is too small.");
         }
@@ -1236,6 +1238,17 @@ class LuaWrapper
         }
       }
 
+      PRINT_WITH_COLOR_LB(GREEN, "done.");
+      return 1;
+    }
+
+    int BruiserLuaxobjRegister(lua_State* __ls) {
+      int numargs = lua_gettop(__ls);
+      if (numargs != 2) {
+        PRINT_WITH_COLOR_LB(RED, "arg number should be 2.");
+      }
+
+      Executioner executioner;
       return 1;
     }
 
@@ -1847,6 +1860,7 @@ int main(int argc, const char **argv) {
     lua_register(LE.GetLuaState(), "pwd", &LuaDispatch<&LuaWrapper::BruiserLuaPWD>);
     lua_register(LE.GetLuaState(), "objload", &LuaDispatch<&LuaWrapper::BruiserPyLoader>);
     lua_register(LE.GetLuaState(), "listObjects", &LuaDispatch<&LuaWrapper::BruiserLuaListObjects>);
+    lua_register(LE.GetLuaState(), "xobjregister", &LuaDispatch<&LuaWrapper::BruiserLuaxobjRegister>);
     /*its just regisering the List function from LuaWrapper with X-macros.*/
 #define X(__x1, __x2) lua_register(LE.GetLuaState(), #__x1, &LuaDispatch<&LuaWrapper::List##__x1>);
 
diff --git a/bruiser/bruiser.h b/bruiser/bruiser.h
index 3b4513c..f8d6095 100644
--- a/bruiser/bruiser.h
+++ b/bruiser/bruiser.h
@@ -149,7 +149,8 @@ help CMDHelp[] = {
   {"pwd()", "pwd()", "pwd", "", ""},
   {"objload()", "objload(\"main\", \"../bfd/test/test.so\")", "load the compiled functions into bruiser", "string", "success or failure"},
   {"listObjects()", "listObjects(\"function\")", "lists the loaded objects of the given type", "string", "success or failure"},
-  {"xobjwrapper()", "xobjwrapper(\"function\")", "call an xobject", "", "success or failure"}
+  {"xobjwrapper()", "xobjwrapper(\"function\")", "call an xobject", "", "success or failure"},
+  {"xobjregister", "xobjregister(code_table, registration_name)", "registers an xobject as a callable function from lua", "", "pointer to the function"}
 };
 /**********************************************************************************************************************/
 /**
diff --git a/bruiser/executioner.h b/bruiser/executioner.h
index 4b8b651..0113d6c 100644
--- a/bruiser/executioner.h
+++ b/bruiser/executioner.h
@@ -56,6 +56,34 @@ namespace { // start of anonymous namespace
     return 0;
   }
 
+  inline void argInjector(lua_State* __ls) {
+    int numargs = lua_gettop(__ls);
+    for (int i = 2; i <= numargs; ++i) {
+      if (lua_type(__ls, i) == LUA_TBOOLEAN) {
+      }
+      else if (lua_type(__ls, i) == LUA_TLIGHTUSERDATA) {
+      }
+      else if (lua_type(__ls, i) == LUA_TNUMBER) {
+      }
+      else if (lua_type(__ls, i) == LUA_TSTRING) {
+#ifdef __x86_64__
+        asm volatile("movl %%eax, %0");
+#endif
+      }
+      else if (lua_type(__ls, i) == LUA_TTABLE) {
+      }
+      else if (lua_type(__ls, i) == LUA_TFUNCTION) {
+      }
+      else if (lua_type(__ls, i) == LUA_TUSERDATA) {
+      }
+      else if (lua_type(__ls, i) == LUA_TTHREAD) {
+      }
+      else { // type is nil
+        PRINT_WITH_COLOR_LB(RED, "you passed a Nil argument...");
+      }
+    }
+  }
+
   std::vector<uint8_t> arg_emitter(std::vector<uint8_t> _args) {}
 
   int LuaXobjWrapper(lua_State* __ls) {
@@ -147,6 +175,16 @@ class Executioner {
       return std::make_pair(program_memory, code_size);
     }
 
+    std::vector<uint64_t> getAllArgs(lua_State* __ls) {
+      int numargs = lua_gettop(__ls);
+      std::vector<uint64_t> args;
+
+      for (int i = 0; i < numargs; ++i) {
+      }
+
+      return args;
+    }
+
     void loadAll(void) {
       for (auto &iter : objs) {
         this->loadObjsInXMem(iter);
diff --git a/bruiser/lua-scripts/demo1.lua b/bruiser/lua-scripts/demo1.lua
index cb912b8..de83431 100644
--- a/bruiser/lua-scripts/demo1.lua
+++ b/bruiser/lua-scripts/demo1.lua
@@ -1,17 +1,17 @@
 --
--- get the .so object names
+-- get the .so object names in a table
 -- objload("elf_get_obj_names", "../bfd/test/test.so", "symbol_list")
 --
--- get the .so object sizes
+-- get the .so object sizes in a table
 -- objload("elf_get_obj_sizes", "../bfd/test/test.so", "symbol_list")
 --
--- get the .so function names
+-- get the .so function names in a table
 -- objload("elf_get_func_names", "../bfd/test/test.so", "symbol_list")
 --
--- get the .so function code
+-- get the .so function code in a table of tables
 -- objload("elf_get_func_code", "../bfd/test/test.so", "code_list")
 --
-
+--------------------------------------------------------------------------------------------------------------
 function printObjNames()
   local c = objload("elf_get_obj_names", "../bfd/test/test.so", "symbol_list")
   for k,v in ipairs(c) do
@@ -39,13 +39,79 @@ function printFuncCode()
     print(k,v)
     if #v ~= 0 then
       for k1,v1 in ipairs(v) do
-        print(k1, v1)
+        io.write(string.format('%02x', v1), " ")
+      end
+      io.write("\n")
+    end
+  end
+end
+
+function findMain()
+  local c = objload("elf_get_func_names", "../bfd/test/test.so", "symbol_list")
+  for k,v in ipairs(c) do
+    if v == "'main'" then 
+      io.write("main index is".." "..k.."\n")
+      return k
+    end
+  end
+end
+
+function codeTables()
+  local return_table = {}
+  local func_name_table = objload("elf_get_func_names", "../bfd/test/test.so", "symbol_list")
+  local code_table = objload("elf_get_func_code", "../bfd/test/test.so", "code_list")
+  for i=1,#func_name_table,1 do
+    return_table[func_name_table[i]] = code_table[i]
+  end
+  return return_table
+end
+
+function codeTableByName(name)
+  local return_table = {}
+  local func_name_table = objload("elf_get_func_names", "../bfd/test/test.so", "symbol_list")
+  local code_table = objload("elf_get_func_code", "../bfd/test/test.so", "code_list")
+  for k,v in ipairs(func_name_table) do
+    if v == name then
+      for k1, v1 in ipairs(code_table[k]) do
+        table.insert(return_table, string.format('%02x', v1))
       end
+      return return_table
     end
   end
+  return nil
+end
+
+-- start of @placeholder
+function XobjRegister(code_table, registration_name)
+  -- lightuserdata
+  local Xobjpointer
+  return Xobjpointer
+end
+-- should be varargs
+-- registration_name()
+-- end of @placeholder
+
+function main()
+  printObjNames()
+  printObjSizes()
+  printFuncNames()
+  printFuncCode()
+  findMain()
+
+  local code_table = codeTables()
+  print(code_table["'main'"])
+  for k,v in ipairs(code_table["'main'"]) do
+    io.write(string.format('%02x', v), " ")
+  end
+  io.write("\n")
+
+  local C_main_code = codeTableByName("'main'")
+  for k, v in ipairs(C_main_code) do
+    io.write(v, " ")
+  end
+  io.write("\n")
 end
 
-printObjNames()
-printObjSizes()
-printFuncNames()
-printFuncCode()
+main()
+--------------------------------------------------------------------------------------------------------------
+