int
PrintBap(TraceReaderBinX86 &tr)
{
const TRInstructionX86& insn = tr.getCurInstruction();
if (m_BapVerifier.isInterested(insn))
{
m_BapVerifier.processInstruction(insn);
m_cntBap++;
//only process 1000 instructions
//remember this includes extra istructions such as XOR
if (m_cntBap > 10000)
{
return -1;
// break;
}
}
else
{
if (m_bVerbose)
{
cout << "Solve result: SKIPPED @ " << tr.getFilePos() << endl;
cout
<< "---------------------------------------------------------"
<< endl;
}
}
//filepos = tr.getFilePos();
return 0;
}
int main(int argc, char **argv) {
if (0 != process_arg(argc, argv)) {
return -1;
}
if (g_bToBpt) {
cout << "Convert input to bpt" << endl;
TraceConverterBPT t(g_sInFile, g_sBptName);
} else {
TraceReaderBinX86 tr;
// TraceProcessorX86Verify bapVerifier(false, true);
// TraceProcessorX86TaintSummary taintSummary(true);
SummaryPrinter sum_printer;
BapPrinter bap_printer(g_bVerbose);
size_t counter = 0;
// size_t bapcount = 0;
// uint64_t filepos = 0;
FILE* hostFile = NULL;
//open the file
tr.init(g_sInFile, ""); //defaults to cout
//infact, we have to use COUT because of the use of system for the BAP test
//tr.disableStringConversion(); //don't convert into strings yet
//this is an approximate starting location of some tainted instructions
// it should be 816330 instructions into the trace
//tr.seekTo(startInterest);
tr.setVerbose(g_bVerbose);
// bapVerifier.setVerbose(g_bVerbose);
//now iterate through the traces
while (tr.readNextInstruction() == 0) {
counter++;
//grab a reference to the current instruction
const TRInstructionX86& insn = tr.getCurInstruction();
if (g_bBAP) {
cout << "************************************************" << endl;
cout << "******** " << counter << " (" << tr.getFilePos() << ")***************" << endl;
}
if ((g_bVerbose) /*|| (!g_bSummary && !g_bBAP)*/) {
cout << "(" << counter << ") " << tr.getInsnString();
}
if (g_bSummary) {
BREAK_IF(0 != sum_printer.PrintSummary(insn));
}
if (g_bBAP) {
BREAK_IF(0 != bap_printer.PrintBap(tr));
}
}
printf("[%lu] Instructions Decoded\n", counter);
}
//ofstream of("cfg.dot");
//write_graphviz(of, cfa.m_CFG);
return (0);
}
int
main(int argc, char **argv)
{
if (0 != process_arg(argc, argv))
{
return -1;
}
TraceReaderBinX86 tr;
// TraceProcessorX86Verify bapVerifier(false, true);
// TraceProcessorX86TaintSummary taintSummary(true);
SummaryPrinter sum_printer;
BapPrinter bap_printer(g_bVerbose);
size_t counter = 0;
uint32_t first_cr3;
uint32_t cur_cr3;
// size_t bapcount = 0;
// uint64_t filepos = 0;
FILE* hostFile = NULL;
//open the file
tr.init(g_sInFile, ""); //defaults to cout
//infact, we have to use COUT because of the use of system for the BAP test
//tr.disableStringConversion(); //don't convert into strings yet
//this is an approximate starting location of some tainted instructions
// it should be 816330 instructions into the trace
//tr.seekTo(startInterest);
tr.setVerbose(g_bVerbose);
// bapVerifier.setVerbose(g_bVerbose);
//now iterate through the traces
first_cr3 = tr.getProcessRecord().pid;
cur_cr3 = first_cr3;
cout << "CR3:" << hex << first_cr3 << endl;
while (tr.readNextInstruction() == 0)
{
counter++;
//grab a reference to the current instruction
const TRInstructionX86& insn = tr.getCurInstruction();
if (g_bBAP)
{
cout << "************************************************" << endl;
cout << "******** " << counter << " (" << tr.getFilePos()
<< ")***************" << endl;
}
if ((g_bVerbose) /*|| (!bSummary && !bBAP) */)
{
cout << "(" << counter << ") " << tr.getInsnString();
}
if (g_bSummary)
{
BREAK_IF(0 != sum_printer.PrintSummary(insn));
}
if(g_bObjdump)
{
if(cur_cr3 == first_cr3)
{
tr.printInsnObjdump();
}
if((uint8_t) insn.eh.rawbytes[0] == 0xf && (uint8_t) insn.eh.rawbytes[1] == 0x22 && (uint8_t) insn.eh.rawbytes[2] == 0xd8)
{
cur_cr3 = insn.eh.operand[0].value;
}
}
if (g_bBAP)
{
BREAK_IF(0 != bap_printer.PrintBap(tr));
}
}
//ofstream of("cfg.dot");
//write_graphviz(of, cfa.m_CFG);
printf("[%lu] Instructions Decoded\n", counter);
return (0);
}
