def show_function(show, fnspec, instrs): if show is None or show < instrs: return ('-' * 80) else: lines = [] (s, fa) = fnspec try: (path, filename) = UF.get_path_filename('x86-pe', s) except UF.CHBError as e: return str(e.wrap()) app = AP.AppAccess(path, filename) if app.has_function(fa): f = app.get_function(fa) lines.append('-' * 80) if f is None: lines.append('Unable to find function ' + fa) lines.append('-' * 80) else: try: lines.append(f.to_string(esp=True, opcodetxt=True)) except: print('Unable to print function ' + fa + ' for ' + s + ' (format issues probably)') else: lines.append('-' * 80) lines.append('Function ' + fa + ' not found') lines.append('-' * 80) return '\n'.join(lines)
def collect_data(atfi, records, includes, excludes, args): xcount = 0 fncount = 0 for atxi in records: r = records[atxi] if satisfies_spec(r, includes, excludes): name = UF.mk_atsc(atfi, atxi) if is_representative(r): try: (path, filename) = UF.get_path_filename('x86-pe', name) UF.check_analysis_results(path, filename) except UF.CHBError as e: print('**** problem with ' + name + ': ' + str(e)) continue fnmapfilename = UF.get_fn_map_filename(path, filename) fnfeaturefilename = UF.get_fn_features_filename(path, filename) if not os.path.isfile(fnfeaturefilename): continue with open(fnfeaturefilename, 'r') as fp: fnfeatures = json.load(fp) if not os.path.isfile(fnmapfilename): continue xcount += 1 fndata[name] = {} app = AP.AppAccess(path, filename) if len(args.printfunctions) > 0: apps[k] = app metrics = app.get_result_metrics() fncount += metrics.get_function_count() with open(fnmapfilename, 'r') as fp: fnmap = json.load(fp) fnstats[name] = (metrics.get_function_count(), len(fnmap['functions'])) for fn in fnmap['functions']: if not fn in fnfeatures: continue fnmd5 = fnfeatures[fn]['md5'] fnrec = fndata[name][fn] = {} fnmetrics = metrics.get_function_metrics(fn) if fnmetrics is None: print(name + ': Function ' + fn + ' not found') continue try: fnrec['md5'] = fnmd5 fnrec['reffn'] = fnmap['functions'][fn]['reffn'] fnrec['score'] = fnmap['functions'][fn]['score'] fnrec['esp'] = fnmetrics.get_espp() fnrec['blocks'] = fnmetrics.get_blocks() fnrec['instrs'] = fnmetrics.get_instrs() fnrec['unrc'] = fnmetrics.get_unresolved_calls() if fnmetrics.has_name(): fnrec['name'] = fnmetrics.get_name() except: print('Problem in ' + name + ', ' + fn) raise return (xcount, fncount)
import chb.util.fileutil as UF import chb.app.AppAccess as AP def parse(): parser = argparse.ArgumentParser(description=__doc__) parser.add_argument('filename', help='name of executable') args = parser.parse_args() return args if __name__ == '__main__': args = parse() try: (path, filename) = UF.get_path_filename('mips-elf', args.filename) UF.check_analysis_results(path, filename) except UF.CHBError as e: print(str(e.wrap())) exit(1) app = AP.AppAccess(path, filename, mips=True) result = [] for fn in app.functionsdata.functions: fndata = app.functionsdata.functions[fn] if fndata.is_by_preamble(): result.append(fndata.faddr) dresult = {} dresult['function-entry-points'] = result
import chb.util.fileutil as UF def parse(): parser = argparse.ArgumentParser(description=__doc__) parser.add_argument('filename', help='name of executable to be analyzed') args = parser.parse_args() return args if __name__ == '__main__': args = parse() try: (path, filename) = UF.get_path_filename('x86-pe', args.filename) UF.check_analysis_results(path, filename) except UF.CHBError as e: print(str(e.wrap())) exit(1) app = AP.AppAccess(path, filename) appcalls = app.get_app_calls() result = {} # address of function -> instr for faddr in sorted(appcalls): for instr in appcalls[faddr]: tgt = str(instr.get_call_target().get_address()) result.setdefault(tgt, []) result[tgt].append(instr)