.gitlab-ci.yml

@@ -27,13 +27,6 @@ do-nightly-clean-ubuntu18:
   tags:
     - ubuntu18
 
-# per os items
-do-nightly-clean-ubuntu16:
-  <<: *do-nightly-clean
-  tags:
-    - ubuntu16
-
-# per os items
 do-nightly-clean-centos76:
   <<: *do-nightly-clean
   tags:
@@ -54,6 +47,11 @@ do-nightly-clean-ubuntu20:
   tags:
     - ubuntu20
 
+do-nightly-clean-ubuntu22:
+  <<: *do-nightly-clean
+  tags:
+    - ubuntu22
+
 
 #
 # Building
@@ -71,11 +69,6 @@ do-build-ubuntu18:
   tags:
     - ubuntu18
 
-do-build-ubuntu16:
-  <<: *do-build
-  tags:
-    - ubuntu16
-
 do-build-centos76:
   <<: *do-build
   tags:
@@ -96,6 +89,11 @@ do-build-ubuntu20:
   tags:
     - ubuntu20
 
+do-build-ubuntu22:
+  <<: *do-build
+  tags:
+    - ubuntu22
+
 
 #
 # gather artifacts and ship them tox 86 boxes
@@ -136,11 +134,6 @@ protect-arm-ubuntu18:
         tags:
             - ubuntu18
 
-protect-bins-ubuntu16:
-        <<: *prot_bins
-        tags:
-            - ubuntu16
-
 #
 # gather artifacts and ship them tox 86 boxes
 #
@@ -177,11 +170,6 @@ basic_eh-tests-ubuntu18:
   tags:
     - ubuntu18
 
-basic_eh-tests-ubuntu16:
-  <<: *basic_eh-tests
-  tags:
-    - ubuntu16
-
 basic_eh-tests-centos76:
   <<: *basic_eh-tests
   tags:
@@ -192,6 +180,11 @@ basic_eh-tests-ubuntu20:
   tags:
     - ubuntu20
 
+basic_eh-tests-ubuntu22:
+  <<: *basic_eh-tests
+  tags:
+    - ubuntu22
+
 #
 # test_cmds.sh fixcalls
 #
@@ -205,11 +198,6 @@ builtin-xforms-ubuntu18:
   tags:
     - ubuntu18
 
-builtin-xforms-ubuntu16:
-  <<: *builtin-xforms
-  tags:
-    - ubuntu16
-
 builtin-xforms-centos76:
   <<: *builtin-xforms
   tags:
@@ -220,6 +208,11 @@ builtin-xforms-ubuntu20:
   tags:
     - ubuntu20
 
+builtin-xforms-ubuntu22:
+  <<: *builtin-xforms
+  tags:
+    - ubuntu22
+
 
 # doesn't work yet
 #builtin-xforms-arm32:
@@ -248,11 +241,6 @@ elfdep-ubuntu18:
   tags:
     - ubuntu18
     
-elfdep-ubuntu16:
-  <<: *elfdep
-  tags:
-    - ubuntu16
-
 elfdep-centos76:
   <<: *elfdep
   tags:
@@ -262,13 +250,18 @@ elfdep-ubuntu20:
   tags:
     - ubuntu20
 
+elfdep-ubuntu22:
+  <<: *elfdep
+  tags:
+    - ubuntu22
+
 
 #
 # deploy a docker image
 #
-deploy-u18:
+deploy-u22:
   stage: deploy
   script:
     - ./cicd_testing/deploy.sh
   tags:
-    - ubuntu18
+    - ubuntu22

.vscode/settings.json

+{
+    "cmake.configureOnOpen": false,
+    "files.associations": {
+        "iosfwd": "cpp",
+        "iostream": "cpp"
+    }
+}
\ No newline at end of file

README.md

@@ -72,3 +72,24 @@ Invoke the rewritten version of /bin/ls and make sure it runs normally:
 ```
 ./ls.zipr
 ```
+
+# Zipr with IDAPro 
+
+In some configurations, Zipr can leverage IDA Pro's information to get better rewriting.  IDA is most useful when Rida cannot analyze the program (Rida currently only handles ELF x86 binaries, not PE binaries for Windows or other architectures).  To setup Zipr to use IDA, install (or clone) IDA and the corresponding IDA SDK, then set these environment variables:
+
+```
+export IDAROOT=/path/to/idapro
+export IDASDK=/path/to/idapro-sdk
+```
+
+Next, rebuild Zipr:
+
+```
+$ cd /path/to/zipr 
+$ scons
+```
+
+The `$PSZ` script uses IDA pro by default if it is setup properly.  You'll see the `meds-static` step replace the `rida` step.
+
+
+

SMPStaticAnalyzer @ 96b6b88d

-Subproject commit eb14706180d1f8898b3b2aa1195a1f66ed6d0682
+Subproject commit 96b6b88d74a5fd79d92fe12ce97612087e07914f

builtin_xforms/move_globals/mg.cpp

@@ -118,10 +118,9 @@ MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::MoveGlobals_t(
 	max_moveables(p_max_mov),
         random(p_random),
 	aggressive(p_aggressive),
-	m_use_stars(p_use_stars)
-
-{
-
+	m_use_stars(p_use_stars),
+	m_verbose(getenv("MG_VERBOSE") != nullptr) 
+{ 
 }
 
 template <class T_Sym, class  T_Rela, class T_Rel, class T_Dyn, class T_Extractor>
@@ -167,6 +166,12 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::SetupScoopMap()
 {
 	for(auto &s : getFileIR()->getDataScoops())
 	{
+		if(s->getStart()->getVirtualOffset() == 0)
+			continue;
+		if(s->getName() == ".tdata")
+			continue;
+		if(s->getName() == ".tbss")
+			continue;
 		RangePair_t p(s->getStart()->getVirtualOffset(), s->getEnd()->getVirtualOffset());
 		scoop_map[p]=s;
 	}
@@ -220,11 +225,11 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ParseSyms(EXEIO::exeio
 
 	auto max_id=getFileIR()->getMaxBaseID();
 
-	if(getenv("MG_VERBOSE"))
+	if(m_verbose)
 		cout<<"Initial scoops:"<<endl;
 	for(const auto &scoop : getFileIR()->getDataScoops())
 	{
-		if(getenv("MG_VERBOSE"))
+		if(m_verbose)
 		{
 			cout<<"scoop: "<<scoop->getName()<<" ("<<hex<<scoop->getStart()->getVirtualOffset()
 				<<"-"<<scoop->getEnd()->getVirtualOffset()<<")"<<endl;
@@ -273,7 +278,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ParseSyms(EXEIO::exeio
 	{
 		// For all sections
 		auto sec = reader.sections[i];
-		char* max_splits = getenv("MG_MAX_SPLITS");
+		const char* max_splits = m_verbose ? getenv("MG_MAX_SPLITS") : "0";
 
 		// if it's a symtab section
 		if ( SHT_SYMTAB == sec->get_type() || SHT_DYNSYM == sec->get_type() ) 
@@ -312,7 +317,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ParseSyms(EXEIO::exeio
 
 					auto before=(DataScoop_t*)NULL, containing=(DataScoop_t*)NULL, after=(DataScoop_t*)NULL;
 
-					if(getenv("MG_VERBOSE"))
+					if(m_verbose)
 					{
 						cout<<"\ttosplit: "<<hex<<tosplit->getStart()->getVirtualOffset()<<"-"
 							<<tosplit->getEnd()->getVirtualOffset();
@@ -336,7 +341,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ParseSyms(EXEIO::exeio
 
 					getFileIR()->splitScoop(tosplit, value, size, before,containing,after,&max_id);
 
-					if(getenv("MG_VERBOSE"))
+					if(m_verbose)
 					{
 						if(before)
 						{
@@ -386,8 +391,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ParseSyms(EXEIO::exeio
 template <class T_Sym, class  T_Rela, class T_Rel, class T_Dyn, class T_Extractor>
 void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FilterScoops()
 {
-	const auto mg_env = getenv("MG_VERBOSE");
-
+	const auto mg_env = m_verbose;
 
 	// filter using the move_only option
 	DataScoopSet_t move_only_scoops;	
@@ -446,7 +450,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FilterScoops()
 	});
 	if(dont_move!="")
 	{
-		if(getenv("MG_VERBOSE"))
+		if(m_verbose)
 		{
 			cout<<"Moveable Scoops after dont_move filter:"<<endl;
 			for(auto &s : moveable_scoops)
@@ -518,7 +522,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleMemoryOperand(De
 	// no mem arg.
 	if(the_arg==the_arg_container.end())
 	{
-		if(getenv("MG_VERBOSE"))
+		if(m_verbose)
 		{
 			cout << "Note:  "<<hex<<" no memory op in:";
 			cout << insn->getBaseID()<<":"<<disasm.getDisassembly();
@@ -530,7 +534,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleMemoryOperand(De
 	// shared objects don't need this, you have to use a pcrel addressing mode.
 	if(!arg_has_relative(**the_arg) && exe_reader->isDLL())
 	{
-		if(getenv("MG_VERBOSE"))
+		if(m_verbose)
 		{
 			cout << "Note:  "<<hex<<" no dll-style address in:";
 			cout << insn->getBaseID()<<":"<<disasm.getDisassembly();
@@ -562,7 +566,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleMemoryOperand(De
 		if (to1 && (to1->isExecuteable() || moveable_scoops.find(to1) == moveable_scoops.end())) 	  
 		{  
 			// do nothing, no log or action is necessary for pointers to code.
-			if(getenv("MG_VERBOSE"))
+			if(m_verbose)
 			{
 				cout<<"Skipping (scoop exists, but exe scoop, or not moveable scoop) pcrel mem op in insn: "
 					<< hex << insn->getBaseID()<<":"<<disasm.getDisassembly()<<" to "
@@ -578,7 +582,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleMemoryOperand(De
 			Relocation_t* pcrel_reloc=FindRelocationWithType(insn,"pcrel");
 			if(pcrel_reloc)
 			{
-				if(getenv("MG_VERBOSE"))
+				if(m_verbose)
 				{
 					cout<<"Setting pcrel mem op in insn: "
 						<< hex <<insn->getBaseID()<<":"<<disasm.getDisassembly()<<" to "
@@ -590,7 +594,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleMemoryOperand(De
 			}
 			else 
 			{
-				if(getenv("MG_VERBOSE"))
+				if(m_verbose)
 				{
 					cout<<"Absolute mem-op to scoop in insn: "
 						<< hex << insn->getBaseID()<<":"<<disasm.getDisassembly()<<" to "
@@ -604,7 +608,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleMemoryOperand(De
 		}
 		else if ( -small_memory_threshold < (int)rel_addr1 && (int)rel_addr1 < small_memory_threshold )
 		{
-			if((0 != rel_addr1) && getenv("MG_VERBOSE"))
+			if((0 != rel_addr1) && m_verbose)
 			{
 				cout << "Note:  "<<hex<<rel_addr1<<" not declared address in (low addr thresh) :";
 				cout << insn->getBaseID()<<":"<<disasm.getDisassembly();
@@ -613,7 +617,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleMemoryOperand(De
 		}
 		else 
 		{
-			if ((0 != rel_addr1) && getenv("MG_VERBOSE"))
+			if ((0 != rel_addr1) && m_verbose)
 			{
 				cout << "Note:  "<<hex<<rel_addr1<<" not declared address in (no scoop):";
 				cout << insn->getBaseID()<<":"<<disasm.getDisassembly();
@@ -623,7 +627,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleMemoryOperand(De
 	}
 	else
 	{
-		if(getenv("MG_VERBOSE"))
+		if(m_verbose)
 		{
 			cout << "Note:  "<<hex<<" no address in:";
 			cout << insn->getBaseID()<<":"<<disasm.getDisassembly();
@@ -646,7 +650,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ApplyPcrelMemoryReloca
 	//  That problem is fixed, but it is more efficient and safer to
 	//  avoid editing instructions that reference re-pinned scoops.
 	if (moveable_scoops.find(to) == moveable_scoops.cend()) {
-		if (getenv("MG_VERBOSE")) {
+		if (m_verbose) {
 			cout << "Avoiding editing of insn at " << hex << insn->getBaseID() << " after repinning scoop "
 				<< to->getName() << endl;
 		}
@@ -673,8 +677,6 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ApplyPcrelMemoryReloca
 template <class T_Sym, class  T_Rela, class T_Rel, class T_Dyn, class T_Extractor>
 void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ApplyAbsoluteMemoryRelocation(Instruction_t* insn, DataScoop_t* to)
 {
-	//DISASM disasm;
-	//Disassemble(insn,disasm);
 	const auto disasmp=DecodedInstruction_t::factory(insn);
 	const auto &disasm=*disasmp;
 	auto operands=disasm.getOperands();
@@ -686,7 +688,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ApplyAbsoluteMemoryRel
 	//  That problem is fixed, but it is more efficient and safer to
 	//  avoid editing instructions that reference re-pinned scoops.
 	if (moveable_scoops.find(to) == moveable_scoops.cend()) {
-		if (getenv("MG_VERBOSE")) {
+		if (m_verbose) {
 			cout << "Avoiding editing of insn at " << hex << insn->getBaseID() << " after repinning scoop "
 				<< to->getName() << endl;
 		}
@@ -1061,8 +1063,6 @@ DataScoop_t* MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::DetectProperSc
 			[&](Instruction_t* func_insn)
 			{
 				// disassemble instruction 
-				//DISASM func_insn_disasm;
-				//Disassemble(func_insn,func_insn_disasm);
 				const auto func_insn_disasmp=DecodedInstruction_t::factory(func_insn);
 				const auto &func_insn_disasm=*func_insn_disasmp;
 				auto func_insn_disasm_operands=func_insn_disasm.getOperands();
@@ -1091,8 +1091,8 @@ DataScoop_t* MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::DetectProperSc
 					if(arg_has_relative(*(*the_arg)))
 						addr+=insn->getDataBits().size();
 		
-					if(getFileIR()->findScoop(addr) == scoop_for_prev)	
-						return true;	// return from lamba
+					if(findScoopByAddress(addr) == scoop_for_prev)	
+						return true;  // return from lamba
 					
 				}
 
@@ -1137,13 +1137,13 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ApplyImmediateRelocati
 	const auto &disasm=*disasmp;
 	VirtualOffset_t rel_addr2=disasm.getImmediate(); // Instruction.Immediat;
 
-#if 1 // don't change instructions that reference re-pinned scoops.
+#if 1   // don't change instructions that reference re-pinned scoops.
 	// This was necessary because we were not getting the zipr_unpin_plugin
 	//  to undo our changes to the instruction in the case of a re-pinned scoop.
 	//  That problem is fixed, but it is more efficient and safer to
 	//  avoid editing instructions that reference re-pinned scoops.
 	if (moveable_scoops.find(to) == moveable_scoops.cend()) {
-		if (getenv("MG_VERBOSE")) {
+		if (m_verbose) {
 			cout << "Avoiding editing of insn at " << hex << insn->getBaseID() << " after repinning scoop "
 				<< to->getName() << endl;
 		}
@@ -1217,7 +1217,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleImmediateOperand
 		   disasm.getMnemonic() == string("add")  ||
 		   disasm.getMnemonic() == string("sub") )
 		{
-			if(getenv("MG_VERBOSE"))
+			if(m_verbose)
 			{
 				cout<<"Found non-mem ref in insn: "<<insn->getBaseID()<<":"<<disasm.getDisassembly()<<" to "
 					<< to2->getName() <<"("
@@ -1234,9 +1234,9 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleImmediateOperand
 	}
 	else  
 	{
-		if ((int)rel_addr2 < -small_memory_threshold || (int) rel_addr2 > small_memory_threshold || getenv("MG_VERBOSE"))
+		if ((int)rel_addr2 < -small_memory_threshold || (int) rel_addr2 > small_memory_threshold || m_verbose)
 		{
-			if ((0 != rel_addr2) && getenv("MG_VERBOSE"))
+			if ((0 != rel_addr2) && m_verbose)
 			{
 				cout << "Note:  " << hex << rel_addr2 << " not declared address in:";
 				cout << insn->getBaseID() << ":" << disasm.getDisassembly();
@@ -1250,16 +1250,8 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::HandleImmediateOperand
 template <class T_Sym, class  T_Rela, class T_Rel, class T_Dyn, class T_Extractor>
 void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindInstructionReferences()
 {
-
-
-	for(InstructionSet_t::iterator iit=getFileIR()->getInstructions().begin();
-		iit!=getFileIR()->getInstructions().end();
-		++iit
-	   )
+	for(auto insn : getFileIR()->getInstructions())
 	{
-		Instruction_t* insn=*iit;
-		//DISASM disasm;
-		//Disassemble(insn,disasm);
 		auto disasmp=DecodedInstruction_t::factory(insn);
 		auto &disasm=*disasmp;
 		auto disasm_operands=disasm.getOperands();
@@ -1267,7 +1259,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindInstructionReferen
 		// find memory arg.
 		const auto the_arg=find_memory_operand(disasm_operands);
 
-		if(getenv("MG_VERBOSE"))
+		if(m_verbose)
 			cout<<"Considering "<<hex<<insn->getBaseID()<<":"<<disasm.getDisassembly()<<endl;
 		HandleMemoryOperand(disasm,the_arg,insn, disasm_operands);
 		HandleImmediateOperand(disasm,the_arg,insn);
@@ -1292,30 +1284,25 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::ApplyDataRelocation(Da
 	else
 		assert(0);
 		
-	/*
-	Relocation_t* reloc=new Relocation_t(BaseObj_t::NOT_IN_DATABASE, offset, "dataptr_to_scoop", to);
-	from->getRelocations().insert(reloc);
-	getFileIR()->getRelocations().insert(reloc);
-	*/
 	auto reloc=getFileIR()->addNewRelocation(from,offset, "dataptr_to_scoop", to);
 	(void)reloc; // just giving to ir
 
 	VirtualOffset_t newval=val-to->getStart()->getVirtualOffset();
 
-	auto str=from->getContents();
+	// auto str=from->getContents();
 	// create new value for pointer.
 	if(byte_width==4)
 	{
-		unsigned int intnewval=(unsigned int)newval;	 // 64->32 narrowing OK. 
-		str.replace(offset, byte_width, (char*)&intnewval, byte_width);
+		const auto intnewval=(unsigned int)newval;	 // 64->32 narrowing OK. 
+		from->replaceBytes(offset, string(reinterpret_cast<const char*>(&intnewval), byte_width));
 	}
 	else if(byte_width==8)
 	{
-		str.replace(offset, byte_width, (char*)&newval, byte_width);
+		from->replaceBytes(offset,string(reinterpret_cast<const char*>(&newval),byte_width));
 	}
 	else
 		assert(0);
-	from->setContents(str);
+	// from->setContents(str);
 }
 
 
@@ -1362,8 +1349,9 @@ static inline bool is_part_of_string(VirtualOffset_t val, const DataScoop_t* fro
 			return false;
 	}
 
+#if 0
 	// we found enough string chars before the (candidate) pointer value, so we think that a string is here, not a pointer.
-	if(getenv("MG_VERBOSE"))
+	if(m_verbose)
 	{
 		cout<<"Found string as non-ref "<<hex<<val<<" at "<<from->getName()<<"+"<<offset<<" ("
 			<<hex<<from->getStart()->getVirtualOffset()<<"-" 
@@ -1372,6 +1360,7 @@ static inline bool is_part_of_string(VirtualOffset_t val, const DataScoop_t* fro
 			<<hex<<to->getStart()->getVirtualOffset()<<"-" 
 			<<hex<<to->getEnd()->getVirtualOffset()<<")"<<endl;
 	}
+#endif
 	return true;
 
 }
@@ -1411,7 +1400,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 			auto to=findScoopByAddress(val);	
 			if(to)
 			{
-				if(getenv("MG_VERBOSE"))
+				if(m_verbose)
 				{
 					cout<<"Found ref "<<hex<<val<<" at "<<scoop->getName()<<"+"<<i<<" ("
 						<<hex<<scoop->getStart()->getVirtualOffset()<<"-" 
@@ -1519,7 +1508,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 
 				if(move_ok)
 				{
-					if(getenv("MG_VERBOSE"))
+					if(m_verbose)
 					{
 						cout<<"Found ref "<<hex<<val<<" at "<<scoop->getName()<<"+"<<i<<" ("
 							<<hex<<scoop->getStart()->getVirtualOffset()<<"-" 
@@ -1537,7 +1526,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 				}
 				else
 				{
-					if(getenv("MG_VERBOSE"))
+					if(m_verbose)
 					{
 						cout<<"Found ref-looking-constant "<<hex<<val<<" at "<<scoop->getName()<<"+"<<i<<" ("
 							<<hex<<scoop->getStart()->getVirtualOffset()<<"-" 
@@ -1551,7 +1540,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 				{
 					if(!is_elftable(to))
 					{
-						if(getenv("MG_VERBOSE"))
+						if(m_verbose)
 						{
 							cout<<"Ref-looking-constant "<<hex<<val<<" at "<<scoop->getName()<<"+"<<i<<" ("
 								<<hex<<scoop->getStart()->getVirtualOffset()<<"-" 
@@ -1564,7 +1553,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 					}
 					else
 					{
-						if(getenv("MG_VERBOSE"))
+						if(m_verbose)
 						{
 							cout<<"Ref-looking-constant "<<hex<<val<<" at "<<scoop->getName()<<"+"<<i<<" ("
 								<<hex<<scoop->getStart()->getVirtualOffset()<<"-" 
@@ -1578,7 +1567,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 			}
 			else
 			{
-				if((0 != val) && getenv("MG_VERBOSE"))
+				if((0 != val) && m_verbose)
 				{
 					cout<<"Constant "<<hex<<val<<" at "<<scoop->getName()<<"+"<<i<<" ("
 						<<hex<<scoop->getStart()->getVirtualOffset()<<"-" 
@@ -1605,7 +1594,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 				unsigned int offset=(unsigned int)((VirtualOffset_t)symptr)-((VirtualOffset_t)data);
 				offset+=((VirtualOffset_t)&symptr->st_value)-(VirtualOffset_t)symptr;
 
-				if(getenv("MG_VERBOSE"))
+				if(m_verbose)
 				{
 
 					cout<<"Found dynsym:st_value ref "<<hex<<val<<" at "<<scoop->getName()<<"+"<<offset<<" ("
@@ -1642,7 +1631,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 					unsigned int offset=(unsigned int)((VirtualOffset_t)symptr)-((VirtualOffset_t)data);
 					offset+=((VirtualOffset_t)&symptr->r_offset)-(VirtualOffset_t)symptr;
 
-					if(getenv("MG_VERBOSE"))
+					if(m_verbose)
 					{
 						cout<<"Found rela:r_offset ref "<<hex<<val<<" at "<<scoop->getName()<<"+"<<offset<<" ("
 							<<hex<<scoop->getStart()->getVirtualOffset()<<"-" 
@@ -1678,7 +1667,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 					unsigned int offset=(unsigned int)((VirtualOffset_t)symptr)-((VirtualOffset_t)data);
 					offset+=((VirtualOffset_t)&symptr->r_addend)-(VirtualOffset_t)symptr;
 
-					if(getenv("MG_VERBOSE"))
+					if(m_verbose)
 					{
 						cout<<"Found rela:r_added ref "<<hex<<val<<" at "<<scoop->getName()<<"+"<<offset<<" ("
 							<<hex<<scoop->getStart()->getVirtualOffset()<<"-" 
@@ -1700,7 +1689,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 					unsigned int offset=(unsigned int)((VirtualOffset_t)symptr)-((VirtualOffset_t)data);
 					offset+=((VirtualOffset_t)&symptr->r_offset)-(VirtualOffset_t)symptr;
 
-					if(getenv("MG_VERBOSE"))
+					if(m_verbose)
 					{
 						cout<<"Found rela:r_offset ref "<<hex<<val<<" at "<<scoop->getName()<<"+"<<offset<<" ("
 							<<hex<<scoop->getStart()->getVirtualOffset()<<"-" 
@@ -1749,7 +1738,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindDataReferences()
 						auto offset=(unsigned int) (((VirtualOffset_t)symptr)-((VirtualOffset_t)data));
 						offset+=((VirtualOffset_t)&symptr->d_un.d_val)-(VirtualOffset_t)symptr;
 
-						if(getenv("MG_VERBOSE"))
+						if(m_verbose)
 						{
 
 							cout<<"Found .dynamic:d_val ref "<<hex<<val<<" at "<<scoop->getName()<<"+"<<offset<<" ("
@@ -2070,7 +2059,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::UpdateScoopLocations()
 	for_each(ALLOF(pcrel_refs_to_scoops),
 		[this] (const Insn_fixup_t  & it)
 	{
-		if (getenv("MG_VERBOSE"))
+		if (m_verbose)
 			cout << "Applying pcrel w/wrt from " << it.from->getDisassembly() << " to " << it.to->getName() << " at " << hex << it.from->getBaseID() << endl;
 		ApplyPcrelMemoryRelocation(it.from,it.to);
 	});
@@ -2078,7 +2067,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::UpdateScoopLocations()
 	for_each(ALLOF(absolute_refs_to_scoops),
 		[this] (const Insn_fixup_t  & it)
 	{
-		if (getenv("MG_VERBOSE"))
+		if (m_verbose)
 			cout << "Applying absptr_to_scoop from " << it.from->getDisassembly() << " to " << it.to->getName() << " at " << hex << it.from->getBaseID() << endl;
 		ApplyAbsoluteMemoryRelocation(it.from,it.to);
 	});
@@ -2086,14 +2075,14 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::UpdateScoopLocations()
 	for_each(ALLOF(immed_refs_to_scoops),
 		[this] (const Insn_fixup_t  & it)
 	{
-		if (getenv("MG_VERBOSE"))
+		if (m_verbose)
 			cout << "Applying immedptr_to_scoop from " << it.from->getDisassembly() << " to " << it.to->getName() << " at " << hex << it.from->getBaseID() << endl;
 		ApplyImmediateRelocation(it.from, it.to);
 	});
 	for_each(ALLOF(data_refs_to_scoops),
 		[this] (const Scoop_fixup_t  & it)
 	{
-		if (getenv("MG_VERBOSE"))
+		if (m_verbose)
 			cout << "Applying dataptr_to_scoop from " << it.from->getName() << " to " << it.to->getName() << " at " << hex << it.offset << endl;
 		ApplyDataRelocation(it.from, it.offset, it.to);
 	});
@@ -2112,10 +2101,8 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::UpdateScoopLocations()
 template <class T_Sym, class  T_Rela, class T_Rel, class T_Dyn, class T_Extractor>
 Relocation_t* MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::FindRelocationWithType(BaseObj_t* obj, std::string type)
 {
-	RelocationSet_t::iterator rit = obj->getRelocations().begin();
-	for( ; rit!=obj->getRelocations().end(); rit++)
+	for(auto reloc : obj->getRelocations())
 	{
-		Relocation_t *reloc=*rit;
 		if (reloc->getType() == type)
 			return reloc;
 	}
@@ -2137,7 +2124,7 @@ void MoveGlobals_t<T_Sym,T_Rela,T_Rel,T_Dyn,T_Extractor>::PrintStats()
 		inserter(unmoveable_scoops,unmoveable_scoops.end()));
 		
 	
-	if(getenv("MG_VERBOSE"))
+	if(m_verbose)
 	{
 		cout<<"Moveable scoops: "<<endl;
 		for_each(ALLOF(moveable_scoops), [](DataScoop_t* scoop)

builtin_xforms/move_globals/mg.hpp

@@ -138,6 +138,7 @@ class MoveGlobals_t : public IRDB_SDK::Transform_t
 		const bool random;
 		const bool aggressive;
 		const bool m_use_stars;
+		const bool m_verbose;
 
 
 		std::unique_ptr<IRDB_SDK::StaticGlobalStartMap_t > deep_global_static_ranges;

cfar_postgres_setup.sh

@@ -16,8 +16,9 @@ reset_db()
 reset_db
 
 #Create Database User and Table
-for i in $(seq 0 4)
+for i in $(seq 0 128)
 do
 	#Setup the Database to store PEASOUP info
-	PGDATABASE=peasoup_${USER}_v$i reset_db
+	PGDATABASE=peasoup_${USER}_v$i reset_db 
 done
+

cicd_testing/builtin-xforms.sh

@@ -13,5 +13,11 @@ if [[ $(uname -m) == 'armv7l' ]] || [[ $(uname -m) == 'aarch64' ]]; then
 	./test_cmds.sh -c "rida" -l -a "bzip2 ls"
 else
 	./test_cmds.sh -c "rida fix_calls_rida fix_calls_ida" -l -a "bzip2 tcpdump"
+	if lsb_release -d | grep 'Ubuntu 20.04.4 LTS'  ; then
+		cd $PEASOUP_HOME/test/empty
+		./testit.sh
+	fi
 fi
 
+
+

cicd_testing/docker-zipr-bin/Dockerfile

 
-FROM ubuntu:18.04
+FROM ubuntu:22.04
 RUN DEBIAN_FRONTEND=noninteractive apt-get update &&   \
     DEBIAN_FRONTEND=noninteractive apt-get install -yq \
+	file 					\
+	lsb-release  				\
 	postgresql  				\
 	postgresql-client  			\
 	libpqxx-dev				\
@@ -20,7 +22,7 @@ RUN echo 'sudo service postgresql start ' >> /home/zuser/.bashrc
 RUN chown zuser:zuser /home/zuser/.bashrc
 USER zuser
 ENV USER=zuser
-RUN sudo service postgresql start && cd /opt/ps_zipr/ && (env USER=zuser ./postgres_setup.sh || true)
+RUN sudo service postgresql start && cd /opt/ps_zipr/ && (env USER=zuser ./postgres_setup.sh && sudo service postgresql stop || true)
 WORKDIR /home/zuser
 ENTRYPOINT [ "/bin/bash", "-c", "/run_pszr.sh \"$@\"", "--" ]
 CMD [ ] 

cicd_testing/docker-zipr-bin/run_pszr.sh

@@ -44,7 +44,7 @@ main()
 			echo 'Performing step zipr [dependencies=none] ...Done.  Successful.'
 			echo 'zuser@a3fc1666aaa4:~$ ./ls.bilr -l ' 
 			echo ' < ls output >  '
-			echo 'zuser@a3fc1666aaa4:~$ readelf -l /bin/ls ./ls.p1 ' 
+			echo 'zuser@a3fc1666aaa4:~$ readelf -l /bin/ls ./ls.bilr ' 
 			echo
 			bash
 			res=0

examples/cpp-examples/derived2_throw.cpp

@@ -29,7 +29,7 @@ int bar()
 		return 0;
 }
 
-main()
+int main()
 {
 
 	try	
@@ -38,7 +38,7 @@ main()
 		cout<<"No Throw!"<<endl;
 		return res;
 	}
-	catch(Derived s)
+	catch(const Derived &s)
 	{
 		cout<<"main caught Derived with val=" << s.a << endl;
 	}

examples/cpp-examples/derived3_throw.cpp

@@ -29,7 +29,7 @@ int bar()
 		return 0;
 }
 
-main()
+int main()
 {
 
 	try	
@@ -38,13 +38,13 @@ main()
 		cout<<"No Throw!"<<endl;
 		return res;
 	}
-	catch(Base s)
+	catch(const Derived &s)
 	{
-		cout<<"main caught Base with val=" << s.a << endl;
+		cout<<"main caught Derived with val=" << s.a << endl;
 	}
-	catch(Derived s)
+	catch(const Base &s)
 	{
-		cout<<"main caught Derived with val=" << s.a << endl;
+		cout<<"main caught Base with val=" << s.a << endl;
 	}
 	catch(...)
 	{

examples/cpp-examples/derived4_throw.cpp

@@ -29,7 +29,7 @@ int bar()
 		return 0;
 }
 
-main()
+int main()
 {
 
 	try	

examples/cpp-examples/derived_throw.cpp

@@ -29,7 +29,7 @@ int bar()
 		return 0;
 }
 
-main()
+int main()
 {
 
 	try	
@@ -38,7 +38,7 @@ main()
 		cout<<"No Throw!"<<endl;
 		return res;
 	}
-	catch(Base s)
+	catch(const Base &s)
 	{
 		cout<<"main caught Base with val=" << s.a << endl;
 	}

examples/cpp-examples/simple_throw.cpp

@@ -31,7 +31,7 @@ int foo()
 	return ret;
 
 }
-main()
+int main()
 {
 
 	try	

examples/cpp-examples/testit.sh

@@ -26,14 +26,17 @@ compare()
 
 doit()
 {
-	src=$1
-	options="$2"
-	psopts="$3"
+	local src=$1
+	local options="$2"
+	local psopts="$3"
+	local compiler="$4"
+
 
 	echo  "------------------------------------------------------"
-	echo "Trying $src with options: $options"
+	echo "Trying $src with options: $compiler $options"
 	echo "And psflags=$psopts "
-	g++ -w $options $src 
+	rm -f a.out  # in case compiler err's out.
+	${compiler} -w $options $src 
 	rm -Rf peasoup_executable_direc*
 	(set -x ; EHIR_VERBOSE=1 $PSZ ./a.out ./xxx --step-option fill_in_indtargs:--split-eh-frame --step-option zipr:'--add-sections true' 	$psopts)
 
@@ -50,36 +53,40 @@ doit()
 
 doit_meta()
 {
-	src=$1
-	option="$2"
-	psopts="$3"
-
-	doit $src "$option  " "$psopts"
-	doit $src "$option -fPIC " "$psopts"
-	doit $src "$option -fPIC -fomit-frame-pointer" "$psopts"
-	doit $src "$option -fPIC  -pie" "$psopts"
-	doit $src "$option -fPIC -fomit-frame-pointer -pie" "$psopts"
+	local src=$1
+	local option="$2"
+	local psopts="$3"
+	local compiler="$4"
+
+	doit $src "$option  " "$psopts" "$compiler"
+	doit $src "$option -fPIC " "$psopts" "$compiler"
+	doit $src "$option -fPIC -fomit-frame-pointer" "$psopts" "$compiler"
+	doit $src "$option -fPIC  -pie" "$psopts" "$compiler"
+	doit $src "$option -fPIC -fomit-frame-pointer -pie" "$psopts" "$compiler"
 }
 
 main()
 {
-	local rida_flags="-c rida=on -s meds_static=off "
-	local ss_flags="-c stack_stamp=on"
-	local p1_flags="-c p1transform=on"
+	local rida_flags="-c rida"
+	local ss_flags="-c stack_stamp"
+	local p1_flags="-c p1transform"
 
 	for src in $src_files
 	do
-		for option in -O0 -O1 -O2 -O3 -Os -Og
+		for compiler in $(which clang++) $(which g++)
 		do
-			# stars/ida
-			doit_meta $src "$option" ""
-			doit_meta $src "$option" "$p1_flags"
-			doit_meta $src "$option" "$ss_flags"
-
-			#rida
-			doit_meta $src "$option" "$rida_flags "
-			doit_meta $src "$option" "$rida_flags $p1_flags"
-			doit_meta $src "$option" "$rida_flags $ss_flags"
+			for option in -O0 -O1 -O2 -O3 -Os -Og
+			do
+				# stars/ida
+				# doit_meta $src "$option" "" "$compiler"
+				# doit_meta $src "$option" "$p1_flags" "$compiler"
+				# doit_meta $src "$option" "$ss_flags" "$compiler"
+
+				#rida
+				doit_meta $src "$option" "$rida_flags " "$compiler"
+				# doit_meta $src "$option" "$rida_flags $p1_flags" "$compiler"
+				# doit_meta $src "$option" "$rida_flags $ss_flags" "$compiler"
+			done
 		done
 	done
 }

examples/cpp-examples/throw.cpp

@@ -15,14 +15,14 @@ void foo()
 	cout<<s<<endl;
 
 }
-main()
+int main()
 {
 
 	try	
 	{
 		foo();
 	}
-	catch(string s)
+	catch(const string& s)
 	{
 		cout<<"Threw string s:" << s << endl;
 	}

irdb-libs/SConscript

@@ -29,7 +29,10 @@ else:
     os.chdir(os.environ['SECURITY_TRANSFORMS_HOME']+"/third_party/keystone")
     os.system("mkdir -p ./build")
     os.chdir("build")
-    os.system('../make-common.sh lib_only; cmake -DBUILD_LIBS_ONLY=$BUILD_LIBS_ONLY -DLLVM_BUILD_32_BITS="$LLVM_BUILD_32_BITS" -DCMAKE_OSX_ARCHITECTURES="$ARCH" -DCMAKE_BUILD_TYPE=$BUILDTYPE -DBUILD_SHARED_LIBS=ON -DLLVM_TARGETS_TO_BUILD="all" -G "Unix Makefiles" ..; make -j' + str(jobs))
+    build_type='Release'
+    cmake_cmd='cmake -DBUILD_LIBS_ONLY=1 -DLLVM_BUILD_32_BITS="$LLVM_BUILD_32_BITS" -DCMAKE_OSX_ARCHITECTURES="$ARCH" -DCMAKE_BUILD_TYPE="'+build_type+'" -DBUILD_SHARED_LIBS=ON -DLLVM_TARGETS_TO_BUILD="all" -G "Unix Makefiles" ..; make -j' + str(jobs)
+    print("Running cmd: " + cmake_cmd)
+    os.system(cmake_cmd)
     os.system("make DESTDIR=$SECURITY_TRANSFORMS_HOME/lib install")
     os.chdir(os.environ['SECURITY_TRANSFORMS_HOME'])
 
@@ -49,32 +52,34 @@ if "PEDI_HOME" in os.environ:
 
 Export('env')
 
-# get the libcapstone.so.[version] file regardless of the version extension
-libcapstone_path = Glob(os.environ['SECURITY_TRANSFORMS_HOME']+'/third_party/capstone/libcapstone.so.*')
-assert len(libcapstone_path) <= 1, "More than one candidate for libcapstone.so.[version]?!"
-assert len(libcapstone_path) != 0, "No candidates for libcapstone.so.[version]?!"
+if not env.GetOption('clean'):
+	# get the libcapstone.so.[version] file regardless of the version extension
+	libcapstone_path = Glob(os.environ['SECURITY_TRANSFORMS_HOME']+'/third_party/capstone/libcapstone.so.*')
+	assert len(libcapstone_path) <= 1, "More than one candidate for libcapstone.so.[version]?!"
+	assert len(libcapstone_path) != 0, "No candidates for libcapstone.so.[version]?!"
 
-libcapstone_path = env.Install("$SECURITY_TRANSFORMS_HOME/lib/", libcapstone_path)
+	libcapstone_path = env.Install("$SECURITY_TRANSFORMS_HOME/lib/", libcapstone_path)
 
-env.Command(os.environ['SECURITY_TRANSFORMS_HOME']+"/lib/libcapstone.so", libcapstone_path, "ln -s $SOURCE.abspath $TARGET.abspath")
-libcapstone=os.environ['SECURITY_TRANSFORMS_HOME']+"/lib/libcapstone.so"
+	env.Command(os.environ['SECURITY_TRANSFORMS_HOME']+"/lib/libcapstone.so", libcapstone_path, "ln -s $SOURCE.abspath $TARGET.abspath")
+	libcapstone=os.environ['SECURITY_TRANSFORMS_HOME']+"/lib/libcapstone.so"
 
-# get the libkeystone.so.[version] file regardless of the version extension
-libkeystone_path = Glob(os.environ['SECURITY_TRANSFORMS_HOME']+'/lib/usr/local/lib*/libkeystone.so.*')
-assert len(libkeystone_path) <= 1, "More than one candidate for libkeystone.so.[version]?!"
-assert len(libkeystone_path) != 0, "No candidates for libkeystone.so.[version]?!"
+	# get the libkeystone.so.[version] file regardless of the version extension
+	libkeystone_path = Glob(os.environ['SECURITY_TRANSFORMS_HOME']+'/lib/usr/local/lib*/libkeystone.so.*')
+	assert len(libkeystone_path) <= 1, "More than one candidate for libkeystone.so.[version]?!"
+	assert len(libkeystone_path) != 0, "No candidates for libkeystone.so.[version]?!"
 
-libkeystone_path = env.Install("$SECURITY_TRANSFORMS_HOME/lib/", libkeystone_path)
+	libkeystone_path = env.Install("$SECURITY_TRANSFORMS_HOME/lib/", libkeystone_path)
 
-env.Command(os.environ['SECURITY_TRANSFORMS_HOME']+"/lib/libkeystone.so", libkeystone_path, "ln -s $SOURCE.abspath $TARGET.abspath")
-libkeystone=os.environ['SECURITY_TRANSFORMS_HOME']+"/lib/libkeystone.so"
+	env.Command(os.environ['SECURITY_TRANSFORMS_HOME']+"/lib/libkeystone.so", libkeystone_path, "ln -s $SOURCE.abspath $TARGET.abspath")
+	libkeystone=os.environ['SECURITY_TRANSFORMS_HOME']+"/lib/libkeystone.so"
 
 
 libehp=env.SConscript("libehp/SConscript")
 libehp=env.Install("$SECURITY_TRANSFORMS_HOME/lib", libehp);
 
 libIRDBcore=env.SConscript("libIRDB-core/src/SConscript")
-Depends(libIRDBcore,libcapstone)
+if not env.GetOption('clean'):
+	Depends(libIRDBcore,libcapstone)
 
 libIRDBcfg=env.SConscript("libIRDB-cfg/src/SConscript")
 libIRDButil=env.SConscript("libIRDB-util/src/SConscript")
@@ -102,7 +107,6 @@ libs=( libIRDBcore,
 	libMEDSannotation,
 	libStructDiv,
 	libElfDep, 
-	libcapstone, 
 	thanos, 
 	rida, 
 	meds2pdb, 

irdb-libs/dump_insns/dump_insns.cpp

@@ -79,7 +79,7 @@ int main(int argc, char **argv)
 
 				cout<<" "<<d.getDisassembly()<<endl;
 				int op_count=0;
-				for(const auto p_op : operands)
+				for(const auto &p_op : operands)
 				{
 					const auto &op=*p_op;
 					auto readWriteString= string();

irdb-libs/ir_builders/back_search.hpp

@@ -124,7 +124,7 @@ bool backup_until(const string &insn_type_regex_str,
 
 		if(stop_if_set!="")
 		{
-			for(const auto operand : disasm->getOperands())
+			for(const auto &operand : disasm->getOperands())
 			{
 				if(operand->isWritten() && regexec(&stop_expression, operand->getString().c_str(), 0, nullptr, 0) == 0)
 					return false;
@@ -138,7 +138,7 @@ bool backup_until(const string &insn_type_regex_str,
 		const auto myprev=prev;
 		// can't just use prev because recursive call will update it.
 		const auto &mypreds=preds[myprev];
-		for(const auto pred : mypreds)
+		for(const auto &pred : mypreds)
 		{
 			prev=pred;// mark that we are here, in case we return true here.
 			const auto disasm=DecodedInstruction_t::factory(pred);
@@ -147,7 +147,7 @@ bool backup_until(const string &insn_type_regex_str,
 				return true;
 			if(stop_if_set!="")
 			{
-				for(const auto operand : disasm->getOperands())
+				for(const auto &operand : disasm->getOperands())
 				{
 					if(operand->isWritten() && regexec(&stop_expression, operand->getString().c_str(), 0, nullptr, 0) == 0)
 						return false;