Skip to content
Snippets Groups Projects
Select Git revision
  • master default
  • ubuntu24-merge
  • ubuntu24
  • improve-data-source-tracing
  • infinite_loop_fix
  • faster_deadregs
  • 30-erroneous-assert
  • 28-stars-assertion-in-accessabovelocalframe
  • 27-need-ubuntu20-testing
  • aware-sw-delivery
  • refactor
  • instfallthrough
  • cfar_phase3_midterm_release
  • cfar_phase2_final_release
  • cfar_phase2_3rdquarter_release
  • cfar_phase2_midterm_release
  • cgc-sw-deliverables
  • cfar_phase1_final_release
  • cfar_release
  • peasoup
  • cfar-phase3-final
  • CFAR_AEI
  • CfarJuly2018Eval
  • pre-las-vegas
  • SCCP_12NOV2013
  • fast_metadata_02SEP2013
  • call_graph_priority_27AUG2013
  • remove_DU_chains_21AUG2013
  • alias_analysis_19AUG2013
  • alias_analysis_17AUG2013
  • duchain_data_structures_25JUL2013
  • stonesoup-phase2-tne-release
  • IDA64_28JUN2013
  • hashing_lea_addition_26JUN2013
  • IDIOM_23_21JUN2013C
  • truncation_signedness_21JUN2013
  • IDIOM_21_bitwise_not_17JUN2013B
  • IDIOM_20_memory_reduction_17JUN2013
  • deadregs_bitset_14JUN2013B
  • scaled_indexreg_not_unsigned_14JUN2013
40 results
Compare
Name Last commit Last update
.gitattributes
Build.sh
Makefile.in
ProfilerInformation.cpp
ProfilerInformation.h
README.txt
SMP-analyze.sh
SMP.idc
SMPBasicBlock.cpp
SMPBasicBlock.h
SMPDBInterface.cpp
SMPDBInterface.h
SMPDataFlowAnalysis.cpp
SMPDataFlowAnalysis.h
SMPFunction.cpp
SMPFunction.h
SMPInstr.cpp
SMPInstr.h
SMPProgram.cpp
SMPProgram.h
SMPStaticAnalyzer.cpp
SMPStaticAnalyzer.h
config.guess
config.sub
configure
configure.in
install-sh
plugin.script
rebuild_for_multiple_idas
README.txt
The files in this directory implement the SMPStaticAnalyzer IDA Pro
plugin for the NICECAP SMP project.

NICECAP = National Intelligence Community Enterprise Computing
Assurance Program

SMP = Software Memory Protection

mmStrata = Memory Monitor Strata, the memory protection SDT that uses
the annotations output by SMPStaticAnalyzer.

1) BUILDING THE STATIC ANALYZER PLUGIN

The variable IDAROOT in file "makefile" will need to be edited to suit
your IDA Pro installation. $IDAROOT should be the directory with
executables idal.exe, idaw.exe, and idag.exe. Often, though not
necessarily, this will be the location with subdirectory SDK
where the plugin development SDK is installed.

The current value is $HOME/idastd, which matches the IDA Pro
installation on the user account "nicecap" as set up for common use by
SMP team members.

The building of an IDA Pro plugin requires the SDK/include files. The
standard arrangement is to have an SDK/myplugins directory that holds
the Build.sh, makefile, plugin.script, and *.[h,cpp]
(e.g. SMPStaticAnalyzer.cpp) files. Thus, to build the plugin from
source, you would copy these files into the myplugins directory and
then type "Build.sh" there. The plugin builds and is copied into
$IDAROOT/plugins where it is automatically loaded by IDA Pro.

---- edit by jdh8d ---

I choose non-standard install locations for IDAROOT and the SDK.
Other users may do the same.  To avoid excessive CVS versions due to
everyone changing "makefile" to suit their own needs, one now needs to
export IDAROOT and IDASDK.  The makefile has been edited to ensure
that these variables are set properly.

---end edit---

2) RUNNING THE STATIC ANALYZER ON AN EXECUTABLE

The file SMP-analyze.sh is invoked to run the plugin on an
executable. To analyze foo.exe, copy SMP-analyze.sh into whatever
directory you wish to work from, then type:

SMP-analyze.sh foo.exe

-- addition by jdh --
You don't need to copy the .sh file if you don't want, 
simply running $IDAROOT/SMP-analyze.sh foo.exe works fine.
--


The script uses file SMP.idc, which needs to be copied into
$IDAROOT/idc before invoking the script. This file rarely changes and
should only need to be copied once, not every time the script is being
invoked.

--- jdh8d
make install will do this copying for you now.
---

The resulting annotations will be found in "foo.annot" in the same
directory you worked from. The annotations are not sorted by address,
because some addresses are detected outside of IDA functions and dealt
with in an ad hoc manner. Invoking "sort foo.annot" will sort by the
first field, which is the address. This is not necessary with the
current version of mmStrata.

NOTE: Currently, SMP is only targeted to x86/Linux. SMP-analyze.sh
invokes objdump, which should be installed on any x86/Linux box.

Clark Coleman
12-DEC-2007