int main(void) {
lib_info();
return EXIT_SUCCESS;
}
void LibMgr::FindInfo(Library lib)
{
DynLibInfo dlinfo;
memset(&dlinfo, 0x00, sizeof(dlinfo));
assert(g_MemUtils.GetLibraryInfo(GetPtr(lib), dlinfo));
LibInfo lib_info((uintptr_t)dlinfo.baseAddress, (uintptr_t)dlinfo.memorySize);
#if defined _LINUX
g_MemUtils.ForEachSection(s_LibHandles[lib], [&](const Elf32_Shdr *shdr, const char *name){
SegInfo seg_info(shdr->sh_addr, shdr->sh_size);
seg_info.m_LibBaseAddr = lib_info.BaseAddr();
auto it = segnames_plat.find(name);
if (it != segnames_plat.end()) {
ConColorMsg(Color(0x00, 0xff, 0x00, 0xff), "Library %s: segment '%s' found: %s\n",
Lib_ToString(lib), name, Seg_ToString((*it).second));
auto result = lib_info.m_SegmentsByType.insert(std::make_pair((*it).second, seg_info));
assert(result.second);
} else {
ConColorMsg(Color(0xff, 0x00, 0x00, 0xff), "Library %s: segment '%s' not found!\n",
Lib_ToString(lib), name);
}
auto result = lib_info.m_SegmentsByName.insert(std::make_pair(name, seg_info));
assert(result.second);
});
#elif defined _WINDOWS
g_MemUtils.ForEachSection(s_LibHandles[lib], [&](const IMAGE_SECTION_HEADER *pSectHdr){
SegInfo seg_info(pSectHdr->VirtualAddress, pSectHdr->Misc.VirtualSize);
seg_info.m_LibBaseAddr = lib_info.BaseAddr();
auto name = (const char *)pSectHdr->Name;
auto it = segnames_plat.find(name);
if (it != segnames_plat.end()) {
auto result = lib_info.m_SegmentsByType.insert(std::make_pair((*it).second, seg_info));
assert(result.second);
}
auto result = lib_info.m_SegmentsByName.insert(std::make_pair(name, seg_info));
assert(result.second);
});
#endif
auto result = s_LibInfos.insert(std::make_pair(lib, lib_info));
assert(result.second);
DevMsg("Library %-34s [ %08x %08x ]\n", libnames.at(lib), lib_info.AddrBegin(), lib_info.AddrEnd());
for (const auto& pair : lib_info.m_SegmentsByName) {
DevMsg(" %-40s [ %08x %08x ]\n", pair.first.c_str(), pair.second.AddrBegin(), pair.second.AddrEnd());
}
}
unsigned __stdcall MatchThread(void *pParam)
{
int FLEN;
int n = 0, n1, i;
dbQuery sql;
ControlFlowGraph *target_cfg;
db.attach();
dbCursor<LibM> cursor1;
int thread_id = (int)pParam;
instruction_count[thread_id] = 0;
fn[thread_id] = 0;
while ((i = GetM()) != -1)
{
int startEA = f_info[i].startEA;
FLEN = f_info[i].len;
// disasm
byte *bin = (byte *)RvaToPtr(pImageNtH, stMapFile.ImageBase, startEA - pOH->ImageBase);
if (bin == NULL)
{
continue;
}
target_cfg = (ControlFlowGraph *)disasm(bin, FLEN, false, NULL);
if (target_cfg == NULL || target_cfg->instructions.size() < MIN_INS_LENGTH)
{
clean(target_cfg);
continue;
}
fn[thread_id]++;
instruction_count[thread_id] += target_cfg->instructions.size();
target_cfg->build();
{
sql = "MOV_COUNT<=", target_cfg->MOV_COUNT, " and CTI_COUNT<=", target_cfg->CTI_COUNT, " and ARITHMETIC_COUNT<=", target_cfg->ARITHMETIC_COUNT, " and LOGI_COUNT<=", target_cfg->LOGI_COUNT, " and STRING_COUNT<=", target_cfg->STRING_COUNT, " and ETC_COUNT<=", target_cfg->ETC_COUNT, " and instruction_size<=", target_cfg->instructions.size(), "and block_size<=", target_cfg->bb_len, "order by instruction_size desc";
}
n1 = cursor1.select(sql);
if (n1 == 0)
{
clean(target_cfg);
continue;
}
CBitSet lib_info(target_cfg->instructions.size());
do
{
ControlFlowGraph *library_cfg = (ControlFlowGraph *)(cursor1->cfg);
target_cfg->buildDepGraph(false);
library_cfg->buildDepGraph(true);
library_cfg->serialize();
library_cfg->buildVLibGraph();
target_cfg->serialize();
target_cfg->buildVLibGraph();
//r0[thread_id]++;
Graph _g(&target_cfg->vlibARGEdit);
Graph _m(&library_cfg->vlibARGEdit);
_m.SetNodeComparator(new InstructionComparator3);
VF2SubState s0(&_m, &_g);
int d[4];
d[0] = (int)target_cfg;
d[1] = startEA;
d[2] = (int)cursor1->lib_name;
d[3] = (int)&lib_info;
Match m(&s0, my_visitor2, &d);
m.match_serial();
}
while (cursor1.next());
clean(target_cfg);
}
db.detach();
printf("#%d done.\n", thread_id);
return 0;
}
//
// process thread
//
unsigned __stdcall MatchThreadForFull(void *pParam)
{
int FLEN;
int n = 0, n1, i;
dbQuery sql;
ControlFlowGraph *target_cfg;
db.attach();
dbCursor<LibM> cursor1;
int thread_id = (int)pParam;
instruction_count[thread_id] = 0;
fn[thread_id] = 0;
while ((i = GetM()) != -1)
{
int startEA = f_info[i].startEA;
FLEN = f_info[i].len;
// disasm
byte *bin = (byte *)RvaToPtr(pImageNtH, stMapFile.ImageBase, startEA - pOH->ImageBase);
if (bin == NULL)
{
continue;
}
target_cfg = (ControlFlowGraph *)disasm(bin, FLEN, false, NULL);
if (target_cfg == NULL || target_cfg->instructions.size() < MIN_INS_LENGTH)
{
clean(target_cfg);
continue;
}
fn[thread_id]++;
instruction_count[thread_id] += target_cfg->instructions.size();
target_cfg->build();
{
sql = "MOV_COUNT=", target_cfg->MOV_COUNT, " and CTI_COUNT=", target_cfg->CTI_COUNT, " and ARITHMETIC_COUNT=", target_cfg->ARITHMETIC_COUNT, " and LOGI_COUNT=", target_cfg->LOGI_COUNT, " and STRING_COUNT=", target_cfg->STRING_COUNT, " and ETC_COUNT=", target_cfg->ETC_COUNT, " and instruction_size=", target_cfg->instructions.size(), "and block_size=", target_cfg->bb_len, "order by instruction_size desc";
}
n1 = cursor1.select(sql);
if (n1 == 0)
{
clean(target_cfg);
continue;
}
CBitSet lib_info(target_cfg->instructions.size());
do
{
ControlFlowGraph *library_cfg = (ControlFlowGraph *)(cursor1->cfg);
// BBLR
bitset<10240> t = target_cfg->bblen_set;
t.flip();
t &= library_cfg->bblen_set;
if (t.any())
{
continue;
}
target_cfg->buildDepGraph(false);
library_cfg->buildDepGraph(true);
//if (bSerialize)
{
// rule5: BBSR
if (!matchBBSF(target_cfg, library_cfg))
{
//r5[thread_id]++;
continue;
}
}
library_cfg->serialize();
library_cfg->buildVLibGraph();
target_cfg->serialize();
target_cfg->buildVLibGraph();
//r0[thread_id]++;
Graph _g(&target_cfg->vlibARGEdit);
Graph _m(&library_cfg->vlibARGEdit);
_m.SetNodeComparator(new InstructionComparator3);
VF2SubState s0(&_m, &_g);
Match m(&s0, my_visitor1, &lib_info);
m.match_par();
if (m.foundFlg)
{
printf("%d\t1\t%X\t%s\n", thread_id, startEA, cursor1->lib_name);
}
}
while (cursor1.next());
clean(target_cfg);
}
db.detach();
printf("#%d done.\n", thread_id);
return 0;
}