def set_profiles(atfi, records, includes, excludes): for atxi in records: r = records[atxi] if satisfies_spec(r, includes, excludes): name = UF.mk_atsc(atfi, atxi) if 'clusters' in r and len(r['clusters']) > 0: listedclusters[name] = r['clusters'] if is_representative(r): try: (path, filename, _) = UF.get_path_filename_deps('x86-pe', name) except: print('**** problem with ' + name) continue md5filename = UF.get_md5profile_filename(path, filename) if os.path.isfile(md5filename): with open(md5filename, 'r') as fp: profiles.setdefault(name, {}) profiles[name]['md5s'] = json.load(fp)['md5s'] else: missingmd5s.append(name) print('Missing: ' + name) else: rep = get_representative(atfi, r) profiles.setdefault(rep, {}) profiles[rep].setdefault('md5s', []) profiles[rep].setdefault('duplicates', []) profiles[rep]['duplicates'].append(name)
def collect_data(atfi, records, includes, excludes, args): xcount = 0 fncount = 0 for atxi in records: r = records[atxi] if satisfies_spec(r, includes, excludes): name = UF.mk_atsc(atfi, atxi) if is_representative(r): try: (path, filename) = UF.get_path_filename('x86-pe', name) UF.check_analysis_results(path, filename) except UF.CHBError as e: print('**** problem with ' + name + ': ' + str(e)) continue fnmapfilename = UF.get_fn_map_filename(path, filename) fnfeaturefilename = UF.get_fn_features_filename(path, filename) if not os.path.isfile(fnfeaturefilename): continue with open(fnfeaturefilename, 'r') as fp: fnfeatures = json.load(fp) if not os.path.isfile(fnmapfilename): continue xcount += 1 fndata[name] = {} app = AP.AppAccess(path, filename) if len(args.printfunctions) > 0: apps[k] = app metrics = app.get_result_metrics() fncount += metrics.get_function_count() with open(fnmapfilename, 'r') as fp: fnmap = json.load(fp) fnstats[name] = (metrics.get_function_count(), len(fnmap['functions'])) for fn in fnmap['functions']: if not fn in fnfeatures: continue fnmd5 = fnfeatures[fn]['md5'] fnrec = fndata[name][fn] = {} fnmetrics = metrics.get_function_metrics(fn) if fnmetrics is None: print(name + ': Function ' + fn + ' not found') continue try: fnrec['md5'] = fnmd5 fnrec['reffn'] = fnmap['functions'][fn]['reffn'] fnrec['score'] = fnmap['functions'][fn]['score'] fnrec['esp'] = fnmetrics.get_espp() fnrec['blocks'] = fnmetrics.get_blocks() fnrec['instrs'] = fnmetrics.get_instrs() fnrec['unrc'] = fnmetrics.get_unresolved_calls() if fnmetrics.has_name(): fnrec['name'] = fnmetrics.get_name() except: print('Problem in ' + name + ', ' + fn) raise return (xcount, fncount)
print(args) md5profilename = UF.get_md5profile_filename(path, filename) try: app = AP.AppAccess(path, filename) md5profile = app.get_md5_profile() summary = app.get_result_metrics_summary() except IOError as e: print(e) else: print('Saving md5 profile and results summary') with open(md5profilename, 'w') as fp: json.dump(md5profile, fp, sort_keys=True, indent=4) UF.save_results_summary(path, filename, summary) if __name__ == '__main__': args = parse() UF.check_analyzer() executables = UF.get_atfi_executables('x86-pe', args.atfi) executable_names = [ UF.mk_atsc(args.atfi, atxi) for atxi in list(executables.keys()) ] extract_parallel(executable_names, args) analyze_parallel(executable_names, args)
def get_representative(atfi, r): if 'code-rep' in r: return UF.mk_atsc(atfi, r['code-rep'][1]) else: print('Error in get-representative for ' + str(r['file'])) exit(1)