本文整理汇总了C++中IMG_Name函数的典型用法代码示例。如果您正苦于以下问题:C++ IMG_Name函数的具体用法?C++ IMG_Name怎么用?C++ IMG_Name使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了IMG_Name函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: Routine
VOID Routine(RTN rtn, VOID *v)
{
RTN_Open(rtn);
RTN_NAME * rn = new RTN_NAME;
if (KnobOnly){
if(IMG_IsMainExecutable(SEC_Img(RTN_Sec(rtn))) \
/*&& std::strcmp(IMG_Name(SEC_Img(RTN_Sec(rtn))).c_str(),"/usr/lib/libSystem.B.dylib")!=0 \*/
|| std::strcmp(IMG_Name(SEC_Img(RTN_Sec(rtn))).c_str(),"/usr/lib/system/libsystem_malloc.dylib")==0)
{
funcList.push_back(RTN_Name(rtn));
cerr << "Getting "<< RTN_Name(rtn) <<endl ;
//RTN_Close(rtn);
//return ;
}
}
if(KnobOnly && find (funcList.begin(), funcList.end(), RTN_Name(rtn)) == funcList.end()){
cerr << "excluding : " << RTN_Name(rtn) ;
cerr << IMG_Name(SEC_Img(RTN_Sec(rtn))) << endl;
RTN_Close(rtn);
return;
}
// The RTN goes away when the image is unloaded, so save it now
// because we need it in the fin
rn->_name = RTN_Name(rtn);
rn->_image = IMG_Name(SEC_Img(RTN_Sec(rtn))).c_str();
rn->_address = RTN_Address(rtn);
//_address = RTN_Address(rtn);
// Insert a call at the entry point of a routine to increment the call count
RTN_InsertCall(rtn, IPOINT_BEFORE, (AFUNPTR)print, IARG_PTR, rn,IARG_FUNCARG_ENTRYPOINT_VALUE, 0, IARG_END);
RTN_InsertCall(rtn, IPOINT_AFTER, (AFUNPTR)ret,IARG_PTR,rn,IARG_FUNCRET_EXITPOINT_VALUE, IARG_END);
//INS_InsertCall(RTN_InsTail(rtn), IPOINT_BEFORE, (AFUNPTR)ret, IARG_END);
RTN_Close(rtn);
}示例2: img_load
void img_load (IMG img, void *v)
{
struct event_imload *imevent;
char buffer[512];
size_t length;
/* fprintf(logfp, "load %s off=%08x low=%08x high=%08x start=%08x size=%08x\n",
IMG_Name(img).c_str(),
IMG_LoadOffset(img), IMG_LowAddress(img), IMG_HighAddress(img),
IMG_StartAddress(img), IMG_SizeMapped(img));*/
imevent = (struct event_imload *)buffer;
length = IMG_Name(img).length();
if (length > sizeof(buffer) - sizeof(struct event_imload))
length = sizeof(buffer) - sizeof(struct event_imload);
imevent->comm.type = ET_IMLOAD;
imevent->comm.tid = PIN_ThreadId();
imevent->struct_size = (int)((char *)imevent->name - (char *)imevent) + length + 1;
imevent->addr = IMG_LowAddress(img);
imevent->size = IMG_HighAddress(img) - IMG_LowAddress(img);
imevent->entry = IMG_Entry(img);
imevent->ismain = IMG_IsMainExecutable(img);
memcpy(imevent->name, IMG_Name(img).c_str(), length);
imevent->name[length] = '\0';
tb_write((event_common *)imevent, (size_t)imevent->struct_size);
osdep_iterate_symbols(img, process_symbol, (void *)&img);
tb_flush(PIN_ThreadId());
fprintf(logfp, "img+ %08x+%08x %s\n", IMG_StartAddress(img), IMG_SizeMapped(img), IMG_Name(img).c_str());
}示例3: Image
VOID Image(IMG img, VOID * v)
{
if ( (IMG_Name(img).find("ntdll.dll") != string::npos) ||
(IMG_Name(img).find("NTDLL.DLL") != string::npos) ||
(IMG_Name(img).find("NTDLL.dll") != string::npos) )
{
return;
}
if ( (IMG_Name(img).find("MSVCR") != string::npos) ||
(IMG_Name(img).find("msvcr") != string::npos) )
{ // _NLG_Return2 causes problems
return;
}
for (SEC sec = IMG_SecHead(img); SEC_Valid(sec); sec = SEC_Next(sec))
{
for (RTN rtn = SEC_RtnHead(sec); RTN_Valid(rtn); rtn = RTN_Next(rtn))
{
if (RTN_Name(rtn).find(".text") != string::npos)
{
continue;
}
BOOL canBeProbed = RTN_IsSafeForProbedInsertion(rtn);
if (canBeProbed && RTN_Name(rtn)[0] != '_' && RTN_Name(rtn)[0] != '.')
{
RTN_InsertCallProbed( rtn, IPOINT_BEFORE, AFUNPTR(AtRtn), IARG_PTR, RTN_Name(rtn).c_str(), IARG_TSC, IARG_END);
}
}
}
}示例4: ImgLoad
// Image load callback - inserts the probes.
void ImgLoad(IMG img, void *v)
{
// Called every time a new image is loaded
if ( (IMG_Name(img).find("libncurses.so") != string::npos) ||
(IMG_Name(img).find("LIBNCURSES.SO") != string::npos) ||
(IMG_Name(img).find("LIBNCURSES.so") != string::npos) )
{
RTN rtngetch = RTN_FindByName(img, "getch");
if (RTN_Valid(rtngetch) && RTN_IsSafeForProbedReplacement(rtngetch))
{
OutFile << CurrentTime() << "Inserting probe for getch at " << RTN_Address(rtngetch) << endl;
OutFile.flush();
AFUNPTR fptr = (RTN_ReplaceProbed(rtngetch, AFUNPTR(mygetch)));
fptrgetch = (int (*)())fptr;
}
RTN rtnmvgetch = RTN_FindByName(img, "mvgetch");
if (RTN_Valid(rtnmvgetch) && RTN_IsSafeForProbedReplacement(rtnmvgetch))
{
OutFile << CurrentTime() << "Inserting probe for mvgetch at " << RTN_Address(rtnmvgetch) << endl;
OutFile.flush();
AFUNPTR fptr = (RTN_ReplaceProbed(rtnmvgetch, AFUNPTR(mymvgetch)));
fptrmvgetch = (int (*)(int, int))fptr;
}
}
// finished instrumentation
}示例5: LogImageLoad
// Writes the image load event to the file "imgLog"
static void LogImageLoad(IMG img, void *v)
{
// Ensure that we can't overflow when we read it back.
ASSERTX (IMG_Name(img).length() < MAX_FILENAME_LENGTH);
ADDRESS_RANGE range = FindImageTextMargin(img);
// Log the data needed to restore it
fprintf(imgLog, "L '%s' %llx %lx %llx %d \n", IMG_Name(img).c_str(), (unsigned long long)range._low,
(long)(range._high - range._low), (unsigned long long)IMG_LoadOffset(img), (int)IMG_IsMainExecutable(img));
for (SEC sec = IMG_SecHead(img); SEC_Valid(sec); sec = SEC_Next(sec))
{
if (SEC_Type(sec) != SEC_TYPE_EXEC)
{
continue;
}
for (RTN rtn=SEC_RtnHead(sec); RTN_Valid(rtn); rtn = RTN_Next(rtn))
{
if (RTN_IsArtificial(rtn))
{
continue;
}
fprintf(imgLog, "\t'%s' %llx\n", RTN_Name(rtn).c_str(), (unsigned long long)RTN_Address(rtn));
}
}
fprintf(imgLog, "%s", END_RTN_LIST);
}示例6: LogImageUnload
// Writes the image unload event to the file "imgLog"
static void LogImageUnload(IMG img, void *)
{
ASSERTX (IMG_Name(img).length() < MAX_FILENAME_LENGTH);
// Log the unload event.
fprintf(imgLog, "U '%s'\n", IMG_Name(img).c_str());
}示例7: LogImageLoad
// Save the image load event
static void LogImageLoad(IMG img, void *v)
{
// Ensure that we can't overflow when we read it back.
ASSERTX (IMG_Name(img).length() < MAX_FILENAME_LENGTH);
// Log the data needed to restore it
fprintf (imgLog, "L '%s' 0x%lx \n", IMG_Name(img).c_str(), (unsigned long)IMG_LoadOffset(img));
}示例8: ImageLoad
static VOID ImageLoad(IMG img, VOID *v)
{
static UINT32 mallocCount = 0;
PROTO protoMalloc = PROTO_Allocate(PIN_PARG(void *), CALLINGSTD_DEFAULT,
"malloc", PIN_PARG(size_t), PIN_PARG_END());
RTN rtnMalloc = RTN_FindByName(img, "malloc");
if (RTN_Valid(rtnMalloc))
{
TraceFile << "probing malloc #" << mallocCount << " in " << IMG_Name(img) << std::endl;
RTN_ReplaceSignatureProbed(rtnMalloc, AFUNPTR(MallocProbe),
IARG_PROTOTYPE, protoMalloc,
IARG_ORIG_FUNCPTR,
IARG_UINT32, static_cast<UINT32>(mallocCount),
IARG_FUNCARG_ENTRYPOINT_VALUE, 0,
#if defined(TARGET_IPF)
IARG_REG_VALUE, REG_TP,
#else
IARG_ADDRINT, static_cast<ADDRINT>(0),
#endif
IARG_END);
mallocCount++;
}
PROTO_Free(protoMalloc);
static UINT32 freeCount = 0;
PROTO protoFree = PROTO_Allocate(PIN_PARG(void), CALLINGSTD_DEFAULT,
"free", PIN_PARG(void *), PIN_PARG_END());
RTN freeRtn = RTN_FindByName(img, "free");
if (RTN_Valid(freeRtn))
{
TraceFile << "probing free #" << freeCount << " in " << IMG_Name(img) << std::endl;
RTN_ReplaceSignatureProbed(freeRtn, AFUNPTR(FreeProbe),
IARG_PROTOTYPE, protoFree,
IARG_ORIG_FUNCPTR,
IARG_UINT32, static_cast<UINT32>(freeCount),
IARG_FUNCARG_ENTRYPOINT_VALUE, 0,
#if defined(TARGET_IPF)
IARG_REG_VALUE, REG_TP,
#else
IARG_ADDRINT, static_cast<ADDRINT>(0),
#endif
IARG_END);
freeCount++;
}
PROTO_Free(protoFree);
}示例9: LogImageLoad
static VOID
LogImageLoad(IMG img)
{
const string name = IMG_Name(img);
ADDRINT low = IMG_LowAddress(img);
ADDRINT high = IMG_HighAddress(img);
EmitLibraryLoadEvent(PIN_ThreadId(), IMG_Name(img),
IMG_LowAddress(img), IMG_HighAddress(img));
}示例10: imageLoadCallback
// - Get initial entropy
// - Get PE section data
// - Add filtered library
void imageLoadCallback(IMG img,void *){
Section item;
static int va_hooked = 0;
//get the initial entropy of the PE
//we have to consder only the main executable and avìvoid the libraries
if(IMG_IsMainExecutable(img)){
ProcInfo *proc_info = ProcInfo::getInstance();
//get the address of the first instruction
proc_info->setFirstINSaddress(IMG_Entry(img));
//get the program name
proc_info->setProcName(IMG_Name(img));
//get the initial entropy
MYINFO("----------------------------------------------");
float initial_entropy = proc_info->GetEntropy();
proc_info->setInitialEntropy(initial_entropy);
MYINFO("----------------------------------------------");
//retrieve the section of the PE
for( SEC sec= IMG_SecHead(img); SEC_Valid(sec); sec = SEC_Next(sec) ){
item.name = SEC_Name(sec);
item.begin = SEC_Address(sec);
item.end = item.begin + SEC_Size(sec);
proc_info->insertSection(item);
}
//DEBUG
proc_info->PrintSections();
}
//build the filtered libtrary list
FilterHandler *filterH = FilterHandler::getInstance();
ADDRINT startAddr = IMG_LowAddress(img);
ADDRINT endAddr = IMG_HighAddress(img);
const string name = IMG_Name(img);
if(!IMG_IsMainExecutable(img) && filterH->isKnownLibrary(name)){
/* searching for VirtualAlloc */
RTN rtn = RTN_FindByName( img, "VirtualAlloc");
if(rtn != RTN_Invalid()){
MYINFO("BECCATO LA VIRTUAL ALLOC\n");
ADDRINT va_address = RTN_Address(rtn);
MYINFO("Address of VirtualAlloc: %08x\n" , va_address);
RTN_Open(rtn);
RTN_InsertCall(rtn, IPOINT_AFTER, (AFUNPTR)VirtualAllocHook , IARG_G_ARG0_CALLEE , IARG_G_ARG1_CALLEE , IARG_G_RESULT0, IARG_END);
RTN_Close(rtn);
}
filterH->addLibrary(name,startAddr,endAddr);
}
}示例11: ImageLoad
VOID ImageLoad(IMG img, VOID *v)
{
if ( IMG_Name(img) == TARLIB ) {
// cout << IMG_Name(img) << " " << hex << IMG_LowAddress(img) << " " << IMG_HighAddress(img) << " "
// << IMG_NumRegions(img) << endl;
start = IMG_LowAddress(img);
end = IMG_HighAddress(img);
Stat << hex << start << ":" << end << endl;
cout << hex << start << ":" << end <<" "<< (start + FFI_CALL_UNIX64) << " " << (start+FF64END) << endl;
}
Stat << hex << IMG_Name(img) << " " << IMG_LowAddress(img) << " " << IMG_HighAddress(img) << " " <<endl;// IMG_NumRegions(img) << endl;
}示例12: ImageLoad
VOID ImageLoad (IMG img, VOID *v)
{
outfile << "Loaded image " << IMG_Name(img) << std::endl;
if (IMG_Name(img).find("bundle") == std::string::npos)
return;
for( SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym) )
{
outfile << IMG_Name(img) << "::" << SYM_Name(sym) << std::endl;
}
}示例13: ImageLoad
void ImageLoad (IMG img, void *context)
{
fprintf (stderr, "Notified of load of %s at [%p,%p]\n",
IMG_Name(img).c_str(),
(char *)IMG_LowAddress(img), (char *)IMG_HighAddress(img));
// See if this is ntdll.dll
char szName[_MAX_FNAME];
char szExt[_MAX_EXT];
_splitpath_s (IMG_Name(img).c_str(),
NULL, 0,
NULL, 0,
szName, _MAX_FNAME,
szExt, _MAX_EXT);
strcat_s (szName, _MAX_FNAME, szExt);
if (0 != _stricmp ("ntdll.dll", szName))
return;
RTN rtn = RTN_FindByName (img, "RtlAllocateHeap");
if (RTN_Invalid() == rtn)
{
fprintf (stderr, "Failed to find RtlAllocateHeap in %s\n",
IMG_Name(img).c_str());
return;
}
fprintf(stderr,"Replacing\n");
PROTO protoRtlAllocateHeap =
PROTO_Allocate (PIN_PARG(void *),
CALLINGSTD_STDCALL,
"RtlAllocateHeap",
PIN_PARG(WINDOWS::PVOID), // HeapHandle
PIN_PARG(WINDOWS::ULONG), // Flags
PIN_PARG(WINDOWS::SIZE_T), // Size
PIN_PARG_END());
RTN_ReplaceSignature (rtn, (AFUNPTR)replacement_RtlAllocateHeap,
IARG_PROTOTYPE, protoRtlAllocateHeap,
IARG_ORIG_FUNCPTR,
IARG_FUNCARG_ENTRYPOINT_VALUE, 0,
IARG_FUNCARG_ENTRYPOINT_VALUE, 1,
IARG_FUNCARG_ENTRYPOINT_VALUE, 2,
IARG_CONTEXT,
IARG_END);
PROTO_Free (protoRtlAllocateHeap);
}示例14: imageLoadCallback
// - Get initial entropy
// - Get PE section data
// - Add filtered library
// - Add protected libraries
void imageLoadCallback(IMG img,void *){
Section item;
static int va_hooked = 0;
ProcInfo *proc_info = ProcInfo::getInstance();
FilterHandler *filterHandler = FilterHandler::getInstance();
//get the initial entropy of the PE
//we have to consder only the main executable and avìvoid the libraries
if(IMG_IsMainExecutable(img)){
ADDRINT startAddr = IMG_LowAddress(img);
ADDRINT endAddr = IMG_HighAddress(img);
proc_info->setMainIMGAddress(startAddr, endAddr);
//get the address of the first instruction
proc_info->setFirstINSaddress(IMG_Entry(img));
//get the program name
proc_info->setProcName(IMG_Name(img));
//get the initial entropy
MYINFO("----------------------------------------------");
float initial_entropy = proc_info->GetEntropy();
proc_info->setInitialEntropy(initial_entropy);
MYINFO("----------------------------------------------");
//create Report File
Report::getInstance()->initializeReport(proc_info->getProcName(), startAddr, endAddr , initial_entropy);
//retrieve the section of the PE
for( SEC sec= IMG_SecHead(img); SEC_Valid(sec); sec = SEC_Next(sec) ){
item.name = SEC_Name(sec);
item.begin = SEC_Address(sec);
item.end = item.begin + SEC_Size(sec);
proc_info->insertSection(item);
}
proc_info->PrintSections();
}
//build the filtered libtrary list
ADDRINT startAddr = IMG_LowAddress(img);
ADDRINT endAddr = IMG_HighAddress(img);
const string name = IMG_Name(img);
if(!IMG_IsMainExecutable(img)){
//*** If you need to protect other sections of other dll put them here ***
// check if there are some fuction that has top be hooked in this DLL
hookFun.hookDispatcher(img);
// check if we have to filter this library during thwe instrumentation
proc_info->addLibrary(name,startAddr,endAddr);
if(filterHandler->IsNameInFilteredArray(name)){
filterHandler->addToFilteredLibrary(name,startAddr,endAddr);
MYINFO("Added to the filtered array the module %s\n" , name);
}
}
}示例15: Routine
// Pin calls this function every time a new rtn is executed
VOID Routine(RTN rtn, VOID *v)
{
// Allocate a counter for this routine
RTN_COUNT * rc = new RTN_COUNT;
// The RTN goes away when the image is unloaded, so save it now
// because we need it in the fini
rc->_name = RTN_Name(rtn);
rc->_image = StripPath(IMG_Name(SEC_Img(RTN_Sec(rtn))).c_str());
rc->_address = RTN_Address(rtn);
rc->_icount = 0;
rc->_rtnCount = 0;
// Add to list of routines
rc->_next = RtnList;
RtnList = rc;
RTN_Open(rtn);
// Insert a call at the entry point of a routine to increment the call count
RTN_InsertCall(rtn, IPOINT_BEFORE, (AFUNPTR)docount, IARG_PTR, &(rc->_rtnCount), IARG_END);
// For each instruction of the routine
for (INS ins = RTN_InsHead(rtn); INS_Valid(ins); ins = INS_Next(ins))
{
// Insert a call to docount to increment the instruction counter for this rtn
INS_InsertCall(ins, IPOINT_BEFORE, (AFUNPTR)docount, IARG_PTR, &(rc->_icount), IARG_END);
}
RTN_Close(rtn);
}