예제 #1
0
VOID onImageLoad(IMG img, VOID *data)
{
    SYM sym;

    if (IMG_IsMainExecutable(img))
    {
        bool foundStatic = false;
        bool foundDynamic = false;
        for (sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym))
        {
            if (SYM_Name(sym).find("statdyn_app_staticFunction") != string::npos)
            {
                assert(SYM_Dynamic(sym) == false);
                foundStatic = true;
            }
            if (SYM_Name(sym).find("statdyn_app_dynamicFunction") != string::npos)
            {
                assert(SYM_Dynamic(sym) == true);
                foundDynamic = true;
            }
        }
        assert(foundStatic == true);
        assert(foundDynamic == true);
    }
}
static VOID OnImage(IMG img, VOID *)
{
    for (SYM sym = IMG_RegsymHead(img);  SYM_Valid(sym);  sym = SYM_Next(sym))
    {
        if (SYM_Name(sym) == "Breakpoint")
        {
            FoundBreakpointFunction = TRUE;
            BreakpointFunction = SYM_Address(sym);
        }
        if (SYM_Name(sym) == "BreakpointLocation")
        {
            FoundBreakpointLocation = TRUE;
            BreakpointLocation = SYM_Address(sym);
        }
        if (SYM_Name(sym) == "One")
        {
            FoundOneFunction = TRUE;
            OneFunction = SYM_Address(sym);
        }
        if (SYM_Name(sym) == "Two")
        {
            FoundTwoFunction = TRUE;
            TwoFunction = SYM_Address(sym);
        }
    }
}
예제 #3
0
void report_sym_structure( SYM sym, int depth )
{
  // TODO
  int k = 0;
  for ( k = 0; k< depth ; k ++ )
    TraceFile << "\t" ; 
  TraceFile << "<SYM>";
  
  string sym_1 = PIN_UndecorateSymbolName(SYM_Name(sym), UNDECORATION_NAME_ONLY);
  string sym_2 = PIN_UndecorateSymbolName(SYM_Name(sym), UNDECORATION_COMPLETE );
  ADDRINT offset  = SYM_Value( sym );	
  TraceFile << hex << offset << " sym.1:" << sym_1 << " sym.2:" << sym_2 << "</SYM>" << endl;
}
예제 #4
0
파일: Maid.cpp 프로젝트: gungun1010/hidden
static void 
I_ImageLoad(IMG img, void *v) 
{
  static bool main_rtn_instrumented = false;

  if( !main_rtn_instrumented ) {
    RTN rtn = RTN_FindByName(img, "main");
    if( rtn == RTN_Invalid() ) {
      rtn = RTN_FindByName(img, "__libc_start_main");      
    }
    // Instrument main
    if( rtn != RTN_Invalid() ) {
      main_rtn_instrumented = true;
      RTN_Open(rtn);
      RTN_InsertCall(rtn, IPOINT_BEFORE,
		     (AFUNPTR)A_EnterMainImage,
		     IARG_INST_PTR,
		     IARG_ADDRINT, RTN_Address(rtn),
		     IARG_REG_VALUE, REG_STACK_PTR,
		     IARG_END);
      RTN_Close(rtn);
    }
  }

  for( SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym) ) {
    if( strstr(SYM_Name(sym).c_str(), "MAID_register_address" ) ) {
      RTN rtn;
      rtn = RTN_FindByName(img, SYM_Name(sym).c_str());
      ASSERTX(RTN_Valid(rtn));

      RTN_Open(rtn);
      RTN_InsertCall(rtn, IPOINT_BEFORE,
                     (AFUNPTR)A_RegisterAddr,
                     IARG_G_ARG0_CALLEE,
                     IARG_END);
      RTN_Close(rtn);
    } else if( strstr(SYM_Name(sym).c_str(), "MAID_unregister_address" ) ) {
      RTN rtn;
      rtn = RTN_FindByName(img, SYM_Name(sym).c_str());
      ASSERTX(RTN_Valid(rtn));
      RTN_Open(rtn);
      RTN_InsertCall(rtn, IPOINT_BEFORE,
		     (AFUNPTR)A_UnregisterAddr,
		     IARG_G_ARG0_CALLEE,
		     IARG_END);
      RTN_Close(rtn);
    }
  }

}
예제 #5
0
void osdep_iterate_symbols (IMG img, osdep_process_symbol proc, void *priv)
{
	ADDRINT imaddr = IMG_StartAddress(img);
	for (SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym)) {
		proc(priv, SYM_Name(sym).c_str(), imaddr + SYM_Value(sym));
	}
}
예제 #6
0
VOID Image(IMG img, VOID *v)
{
    // Walk through the symbols in the symbol table.
    //
    for (SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym))
    {
        string undFuncName = PIN_UndecorateSymbolName(SYM_Name(sym), UNDECORATION_NAME_ONLY);

        //  Find the RtlAllocHeap() function.
        if (undFuncName == "RtlAllocateHeap")
        {
            RTN allocRtn = RTN_FindByAddress(IMG_LowAddress(img) + SYM_Value(sym));
            
            if (RTN_Valid(allocRtn))
            {
                // Instrument to print the input argument value and the return value.
                RTN_Open(allocRtn);
                
                RTN_InsertCall(allocRtn, IPOINT_BEFORE, (AFUNPTR)Before,
                               IARG_ADDRINT, "RtlAllocateHeap",
                               IARG_FUNCARG_ENTRYPOINT_VALUE, 0,
                               IARG_FUNCARG_ENTRYPOINT_VALUE, 1,
                               IARG_FUNCARG_ENTRYPOINT_VALUE, 2,
                               IARG_END);
                RTN_InsertCall(allocRtn, IPOINT_AFTER, (AFUNPTR)After,
                               IARG_ADDRINT, "RtlAllocateHeap",
                               IARG_FUNCRET_EXITPOINT_VALUE,
                               IARG_END);
                
                RTN_Close(allocRtn);
            }
        }
    }
}
예제 #7
0
VOID ImageLoad (IMG img, VOID *v)
{
    outfile << "Loaded image " << IMG_Name(img) << std::endl;

    if (IMG_Name(img).find("bundle") == std::string::npos)
        return;

    for( SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym) )
    {
        outfile << IMG_Name(img) << "::" << SYM_Name(sym) << std::endl;
    }
}
예제 #8
0
파일: pin_util.cpp 프로젝트: poeliu/Pinso
RTN FindRTN(IMG img, const char *func_name) {
  RTN rtn = RTN_FindByName(img, func_name);
  if (RTN_Valid(rtn))
    return rtn;

  // handle those symbols with version numbers.
  // e.g. pthread_create has global name: pthread_create@@GLIBC...
  std::string func_name_v(func_name);
  func_name_v.append("@@");
  for(SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym)) {
    if (SYM_Name(sym).find(func_name_v) != std::string::npos) {
      RTN rtn = RTN_FindByAddress(SYM_Address(sym));
      DEBUG_ASSERT(RTN_Valid(rtn));
      return rtn;
    }
  }

  return RTN_Invalid();
}
예제 #9
0
파일: tpss.cpp 프로젝트: FengXingYuXin/SHMA
static VOID tpss_instrument_module(IMG img, VOID *data)
{
	SYM sym;
	std::string::size_type pos;

    const char *module_name = tpss_extract_mod_name_with_ext(IMG_Name(img).c_str());

    if (strcmp(module_name, "kernel32.dll") == 0)
	{
	    for (sym = IMG_RegsymHead(img); SYM_Valid(sym) == TRUE; sym = SYM_Next(sym))
        {
            /* in case of availablity of symbols for system libraries PIN can provide
             * decorated names so we need to undecorate it first */

            std::string uname(SYM_Name(sym).c_str());

            pos = uname.find("@");

            if (pos != std::string::npos)
            {
                uname = uname.substr(0, pos);

                if (uname[0] == '_')
                {
                    uname = uname.substr(1, std::string::npos);
                }
            }

			if (strcmp("LoadLibraryW", uname.c_str()) == 0) 
			{
                  RTN routine = RTN_FindByName(img, "LoadLibraryW");
		          if (RTN_Valid(routine))
	     	      {
                       g_LoadLibraryW_ptr = RTN_ReplaceProbed(routine, (AFUNPTR)(tpss_LoadLibraryW_ver0));
			      }
			}
		}

        free((void *)(module_name));
    }
}
예제 #10
0
파일: pin.cpp 프로젝트: JaonLin/pyn
static const char *SYM_Name_detour(SYM sym)
{
    return strdup(SYM_Name(sym).c_str());
}
예제 #11
0
파일: lua_sym.cpp 프로젝트: cherry-wb/pint
int sym_name (lua_State *L) {
  SYM* v1 = check_sym(L,1);
  string r = SYM_Name(*v1);
  lua_pushstring(L, r.c_str());
  return 1;
}