Esempio n. 1
0
int
main(int argc, char *argv[]) {
    //! [setup]
    Partitioner2::Engine engine;
    std::vector<std::string> specimen = engine.parseCommandLine(argc, argv, purpose, description).unreachedArgs();
    if (specimen.empty()) {
        mlog[FATAL] <<"no binary specimen specified; see --help\n";
        exit(1);
    }
    //! [setup]
    
    //! [partition]
    Partitioner2::Partitioner partitioner = engine.partition(specimen);
    //! [partition]

    //! [function cfg]
    BOOST_FOREACH (const Partitioner2::Function::Ptr &function, partitioner.functions()) {
        // global control flow graph
        Partitioner2::ControlFlowGraph cfg = partitioner.cfg();

        // Erase all vertices that don't belong to the function of interest, and their incident edges
        Partitioner2::ControlFlowGraph::VertexIterator vi = cfg.vertices().begin();
        while (vi != cfg.vertices().end()) {
            if (!vi->value().isOwningFunction(function)) {
                cfg.eraseVertex(vi++);
            } else {
                ++vi;
            }
        }

        // Print the results
        std::cout <<"CFG for " <<function->printableName() <<"\n"
                  <<"  Vertices:\n";
        BOOST_FOREACH (const Partitioner2::ControlFlowGraph::Vertex &v, cfg.vertices())
            std::cout <<"    " <<partitioner.vertexName(v) <<"\n";
        std::cout <<"  Edges:\n";
        BOOST_FOREACH (const Partitioner2::ControlFlowGraph::Edge &e, cfg.edges())
            std::cout <<"    " <<partitioner.edgeName(e) <<"\n";
    }
    //! [function cfg]
}
Esempio n. 2
0
int
main(int argc, char *argv[]) {
    //! [commandline]
    ROSE_INITIALIZE;                                    // see rose::initialize
    std::string purpose = "finds static strings in a binary specimen";
    std::string description =
        "This tool disassembles a binary specimen and then scans the "
        "read-only parts of memory to find static strings. It looks for "
        "C-style NUL-termianted printable ASCII strings, zero-terminated "
        "UTF-16 little-endian strings, two-byte little-endian length-encoded "
        "ASCII strings, and some other common formats.";

    Partitioner2::Engine engine;
    std::vector<std::string> specimen =
        engine.parseCommandLine(argc, argv, purpose, description).unreachedArgs();
    //! [commandline]

    //! [load]
    MemoryMap map = engine.loadSpecimens(specimen);
    ByteOrder::Endianness sex = engine.obtainDisassembler()->get_sex();
    //! [load]

    //! [analysis]
    Strings::StringFinder finder;       // the string analyzer
    finder.settings().minLength = 5;    // no strings shorter than 5 characters
    finder.settings().maxLength = 8192; // no strings longer than 8k characters
    finder.insertCommonEncoders(sex);   // match common encodings of strings
    finder.find(map.require(MemoryMap::READABLE).prohibit(MemoryMap::WRITABLE));
    //! [analysis]

    //! [output]
    // Output, or just do "std::cout <<finder" if you're not picky.
    BOOST_FOREACH (const Strings::EncodedString &string, finder.strings()) {
        std::cout <<"string at " <<string.address() <<" for " <<string.size() <<" bytes\n";
        std::cout <<"encoding: " <<string.encoder()->name() <<"\n";
        std::cout <<"narrow value: \"" <<StringUtility::cEscape(string.narrow()) <<"\"\n";
    }
    //! [output]
}