def show_function(show, fnspec, instrs):
if show is None or show < instrs:
return ('-' * 80)
else:
lines = []
(s, fa) = fnspec
try:
(path, filename) = UF.get_path_filename('x86-pe', s)
except UF.CHBError as e:
return str(e.wrap())
app = AP.AppAccess(path, filename)
if app.has_function(fa):
f = app.get_function(fa)
lines.append('-' * 80)
if f is None:
lines.append('Unable to find function ' + fa)
lines.append('-' * 80)
else:
try:
lines.append(f.to_string(esp=True, opcodetxt=True))
except:
print('Unable to print function ' + fa + ' for ' + s +
' (format issues probably)')
else:
lines.append('-' * 80)
lines.append('Function ' + fa + ' not found')
lines.append('-' * 80)
return '\n'.join(lines)
def collect_data(atfi, records, includes, excludes, args):
xcount = 0
fncount = 0
for atxi in records:
r = records[atxi]
if satisfies_spec(r, includes, excludes):
name = UF.mk_atsc(atfi, atxi)
if is_representative(r):
try:
(path, filename) = UF.get_path_filename('x86-pe', name)
UF.check_analysis_results(path, filename)
except UF.CHBError as e:
print('**** problem with ' + name + ': ' + str(e))
continue
fnmapfilename = UF.get_fn_map_filename(path, filename)
fnfeaturefilename = UF.get_fn_features_filename(path, filename)
if not os.path.isfile(fnfeaturefilename): continue
with open(fnfeaturefilename, 'r') as fp:
fnfeatures = json.load(fp)
if not os.path.isfile(fnmapfilename): continue
xcount += 1
fndata[name] = {}
app = AP.AppAccess(path, filename)
if len(args.printfunctions) > 0:
apps[k] = app
metrics = app.get_result_metrics()
fncount += metrics.get_function_count()
with open(fnmapfilename, 'r') as fp:
fnmap = json.load(fp)
fnstats[name] = (metrics.get_function_count(),
len(fnmap['functions']))
for fn in fnmap['functions']:
if not fn in fnfeatures: continue
fnmd5 = fnfeatures[fn]['md5']
fnrec = fndata[name][fn] = {}
fnmetrics = metrics.get_function_metrics(fn)
if fnmetrics is None:
print(name + ': Function ' + fn + ' not found')
continue
try:
fnrec['md5'] = fnmd5
fnrec['reffn'] = fnmap['functions'][fn]['reffn']
fnrec['score'] = fnmap['functions'][fn]['score']
fnrec['esp'] = fnmetrics.get_espp()
fnrec['blocks'] = fnmetrics.get_blocks()
fnrec['instrs'] = fnmetrics.get_instrs()
fnrec['unrc'] = fnmetrics.get_unresolved_calls()
if fnmetrics.has_name():
fnrec['name'] = fnmetrics.get_name()
except:
print('Problem in ' + name + ', ' + fn)
raise
return (xcount, fncount)
import chb.util.fileutil as UF
import chb.app.AppAccess as AP
def parse():
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument('filename', help='name of executable')
args = parser.parse_args()
return args
if __name__ == '__main__':
args = parse()
try:
(path, filename) = UF.get_path_filename('mips-elf', args.filename)
UF.check_analysis_results(path, filename)
except UF.CHBError as e:
print(str(e.wrap()))
exit(1)
app = AP.AppAccess(path, filename, mips=True)
result = []
for fn in app.functionsdata.functions:
fndata = app.functionsdata.functions[fn]
if fndata.is_by_preamble(): result.append(fndata.faddr)
dresult = {}
dresult['function-entry-points'] = result
import chb.util.fileutil as UF
def parse():
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument('filename', help='name of executable to be analyzed')
args = parser.parse_args()
return args
if __name__ == '__main__':
args = parse()
try:
(path, filename) = UF.get_path_filename('x86-pe', args.filename)
UF.check_analysis_results(path, filename)
except UF.CHBError as e:
print(str(e.wrap()))
exit(1)
app = AP.AppAccess(path, filename)
appcalls = app.get_app_calls()
result = {} # address of function -> instr
for faddr in sorted(appcalls):
for instr in appcalls[faddr]:
tgt = str(instr.get_call_target().get_address())
result.setdefault(tgt, [])
result[tgt].append(instr)
