Skip to content
Snippets Groups Projects
Select Git revision
  • master default
  • add-u24
  • add_arm32_eh
  • 21-job-failed-248429
  • testCapstoneFix
  • debug_palignr
  • newStars
  • fix-calls-fix
  • 19-need-ubuntu22-support
  • bugfixes
  • intentionally_broken_build
  • unpin_type4
  • rida_speedup
  • SRL_kernelModules
  • SRL-Windows
  • 13-keystone-should-return-an-error-when-assembling-instruction
  • ZS-91-opensrc-zipr
  • libkeystone-integrate
  • aware-sw-delivery
  • copyright-headers
  • gt_eval
  • Release-2-26-2021
  • cfar-phase3-final
  • CFAR_AEI
  • CfarJuly2018Eval
  • pre-las-vegas
26 results
Search by author
  • Any Author
  • Anh Nguyen-Tuong Anh Nguyen-Tuong an7s
  • Bruno Dutertre Bruno Dutertre bruno
  • Chris Timperley Chris Timperley ChrisTimps
  • Clark Coleman Clark Coleman clc
  • Daniel Chen Daniel Chen dc3pe
  • GitLab Runner GitLab Runner gitlab-runner
  • Jack Davidson Jack Davidson jwd
  • Jason Hiser Jason Hiser jdh8d
  • Jessica Jones Jessica Jones Jjones203
  • Jonathan Rowanhill Jonathan Rowanhill jonathan.rowanhill
  • Jorge Navas Jorge Navas jorge.navas
  • Matthew McGill Matthew McGill mm8bx
  • Michele Co Michele Co mc2zk
  • Stefan Nagy Stefan Nagy stevenagy
  • Will Hawkins Will Hawkins whh8b
  • Yonghwi Kwon Yonghwi Kwon yonghwi
  • zafl_guest zafl_guest test_user
17 authors
  1. Jun 20, 2013
  3. Jun 19, 2013
  5. Jun 18, 2013
    • an7s's avatar
      removed idapro6.1 dependence · e46c2d56
      an7s authored 
      Former-commit-id: f4d606317eebd6ffb15ce7a41d809a09fc8f83b0
      e46c2d56
    • bdr7fv's avatar
      PNTransformDriver.cpp: reset layout after ever recursive validation attempt. · 71688f71
      bdr7fv authored 
      PNTransformDriver.cpp: important comments as to what padding is actually added for a variable. 



Former-commit-id: 6835caa6ec2a7a5aae1de19286ce7eee2424be1c
      71688f71
    • bdr7fv's avatar
      fixed logic bug in loop guard in PN. · a8c81a2d
      bdr7fv authored 
      
Former-commit-id: fceabead2959b653227b3358697fbd2d531d144d
      a8c81a2d
    • bdr7fv's avatar
      PN optimization. PN will now do a binary search algorithm to find bad... · cd175f0d
      bdr7fv authored 
      PN optimization. PN will now do a binary search algorithm to find bad modifications. All functions with coverage are now validated, and validated faster than previous version that only validated if coverage was above the threshold. 

This version does not have shuffle validation, I will add that feature in a future update. It was easier to remove it for this optimization. Typically this is only used for Main. 

New logging summary output including how many functions are modified with high coverage, low coverage and no coverage. 



Former-commit-id: 468864bd92166e2eafafddd65b152c721173d294
      cd175f0d
  7. Jun 17, 2013
  9. Jun 15, 2013
  11. Jun 14, 2013
  13. Jun 12, 2013
  15. Jun 11, 2013
  17. Jun 10, 2013
  19. Jun 07, 2013
  21. Jun 05, 2013
    • jdh8d's avatar
      Updated find strings to split strings at new lines. · 1af10f30
      jdh8d authored 
      Former-commit-id: 7da867d1a66189b9ae230a16b241c4a81ceb175e
      1af10f30
    • bdr7fv's avatar
      Major update to PN. Made two primary changes. · 2c202e51
      bdr7fv authored 
      1) Altered the way in which stack prologues are detected. I no longer use the CFG code. Apparently that code relied on Function_t knowing the entry of the function, so I have decided to rely on the same data. I now loop starting at this entry instruction through every fallthrough until a NULL fallthrough is reached or the stack prologue is detected. I also added detection of push jmp pairs added by fix calls. If this is detected in the prologue, the push is ignored as a pushed register, and I will continue analysis of the prologue starting at the pushed address. This has been observed to happen in shared objects for thunk code. Sometimes this code is inserted immediately before the stack allocation site. There are asserts in this version to detect some conditions concerning this new code, I will remove these later. These changes are primarily in OffsetInference.cpp.
2) I incorporated Duc's code for storing layout information in the DB for ground truth purposes. This is turned on with --ground_truth flag. This functionality should not affect anyone unless you use this flag. 



Former-commit-id: 1fecfd5592e216ffb9ba9ec54cbc7e8fc2e3aa33
      2c202e51
  23. May 29, 2013
  25. May 23, 2013
    • an7s's avatar
      fixed IBTA bug · 8b45cef6
      an7s authored 
      Former-commit-id: 6d1df0ad00bbcb11c80124e063e613b1c387f3a6
      8b45cef6
  27. May 15, 2013
    • bdr7fv's avatar
      Accidentally released sandboxed code in last release. · f3d83238
      bdr7fv authored 
      
Former-commit-id: 1bf3f4d11b2a7a98423dff36e1066e681db4d088
      f3d83238
    • bdr7fv's avatar
      When looping through shared objects in PNTransformDriver.cpp, I previously... · 48cf65df
      bdr7fv authored 
      When looping through shared objects in PNTransformDriver.cpp, I previously deleted FileIR's after I was done analyzing them, however I believe this causes an issue if function pointers are reused later for different functions. This version has a temporary fix where I don't delete any FileIR's. 


Former-commit-id: af1b80fcc678ef52bc2507fc00daafedebe95533
      48cf65df
    • bdr7fv's avatar
      Altered the santizing filter in PNTransformDriver, a non-null target for an... · 342c6ef7
      bdr7fv authored 
      Altered the santizing filter in PNTransformDriver, a non-null target for an instruction that is not a ret, call, or jmp, must be in the same function (cannot be null).



Former-commit-id: 841895d92dc909c29f952f9dc36746ecebb909b8
      342c6ef7
    • bdr7fv's avatar
      The method for undoing function transformations in PN used the function name... · 1a620bdc
      bdr7fv authored 
      The method for undoing function transformations in PN used the function name as a key to a map containing the functions to revert. I have changed this to use the function pointer as the key. 

I have also added output of the "URL" of the file for the function being altered in the log, so we can differentiate functions with the same name. This change has not yet been made for the summary reports in the log. 



Former-commit-id: 701d41952b2ecb78cf82d801196ee0f890f734e5
      1a620bdc
    • bdr7fv's avatar
      Fixed a big in OffsetInference.cpp. Previously a mapping of functions to... · 97ab4039
      bdr7fv authored 
      Fixed a big in OffsetInference.cpp. Previously a mapping of functions to layout inferences was made using the funciton name as the map key. With shared objects, it is now possible to have functions with the same name, which causes issues. Specifically, the map is always consulted first before generating a layout, and a previous entry is found for functions with duplicate names. 



Former-commit-id: 962df148c31aabf60e8156c4853e73f7158aaa33
      97ab4039
  29. May 14, 2013
    • bdr7fv's avatar
      Added a sanitizing step to PN such that functions that have instructions... · 9669b2f3
      bdr7fv authored 
      Added a sanitizing step to PN such that functions that have instructions falling through to other non-null functions, or functions with instructions that are not ret, call or jmp that have indirect targets outside the function are excluded from any transformation. 

Also added a check for fix call push/jmp pairs when determing the prologue of a function. I will ignore a push constant followed by an unconditional jmp. 



Former-commit-id: 3d4d65f5a985284653d417f72bf8208b48a59113
      9669b2f3