本文整理汇总了C++中BPatch_function::getBaseAddr方法的典型用法代码示例。如果您正苦于以下问题:C++ BPatch_function::getBaseAddr方法的具体用法?C++ BPatch_function::getBaseAddr怎么用?C++ BPatch_function::getBaseAddr使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类BPatch_function的用法示例。
在下文中一共展示了BPatch_function::getBaseAddr方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: ShowFunctions
static void ShowFunctions (BPatch_image *appImage)
{
BPatch_Vector<BPatch_function *> *vfunctions = appImage->getProcedures (false);
cout << PACKAGE_NAME << ": " << vfunctions->size() << " functions found in binary " << endl;
unsigned i = 0;
while (i < vfunctions->size())
{
char name[1024];
BPatch_function *f = (*vfunctions)[i];
f->getName (name, 1024);
if (VerboseLevel)
{
char mname[1024], tname[1024], modname[1024];
f->getMangledName (mname, 1024);
f->getTypedName (tname, 1024);
f->getModuleName (modname, 1024);
cout << " * " << i+1 << " of " << vfunctions->size() << ", Name: " << name << endl
<< " Mangled Name: " << mname << endl
<< " Typed Name : " << tname << endl
<< " Module name : " << modname << endl
<< " Base address: " << f->getBaseAddr() << endl
<< " Instrumentable? " << (f->isInstrumentable()?"yes":"no") << endl
<< " In shared library? " << (f->isSharedLib()?"yes":"no") << endl
<< " Number of BB: " << getBasicBlocksSize(f) << endl;
if (f->isSharedLib())
{
char sharedlibname[1024];
BPatch_module *mod = f->getModule();
mod->getFullName (sharedlibname, 1024);
cout << " Full library name: " << sharedlibname << endl;
}
cout << endl;
}
else
{
cout << name << endl;
}
i++;
}
}示例2:
/* Invoked for every signal handler function, adjusts the value of the saved
* fault address to its unrelocated counterpart in the CONTEXT structure,
* which contains the PC that is used when execution resumes
*/
void HybridAnalysis::signalHandlerEntryCB2(BPatch_point *point, Address excCtxtAddr)
{
mal_printf("\nAt signalHandlerEntry2(%lx , %lx)\n",
point->getAddress(), (Address)excCtxtAddr);
// calculate the offset of the fault address in the EXCEPTION_RECORD
CONTEXT *cont= (CONTEXT*)excCtxtAddr; //bogus pointer, but I won't write to it
Address pcAddr = excCtxtAddr + (Address)(&(cont->Eip)) - (Address)cont;
// set fault address to the unrelocated address of that instruction
// and save the PC address in the CONTEXT structure so the exit handler
// can read it
BPatch_function *func = point->getFunction();
func->setHandlerFaultAddrAddr((Address)pcAddr,true);
handlerFunctions[(Address)func->getBaseAddr()].faultPCaddr = pcAddr;
}示例3: handleModule
void handleModule(BPatch_module *mod, const char *name)
{
char funcname[BUFFER_STRING_LEN];
// get list of all functions
std::vector<BPatch_function *>* functions;
functions = mod->getProcedures();
// for each function ...
for (unsigned i = 0; i < functions->size(); i++) {
BPatch_function *function = functions->at(i);
function->getName(funcname, BUFFER_STRING_LEN);
printf(" FUNC: %s (%lx)\n", funcname, (unsigned long)function->getBaseAddr());
}
}示例4: signalHandlerEntryCB
/* Invoked for every signal handler function, adjusts the value of the saved
* fault address to its unrelocated counterpart in the EXCEPTION_RECORD
*/
void HybridAnalysis::signalHandlerEntryCB(BPatch_point *point, Address excRecAddr)
{
mal_printf("\nAt signalHandlerEntry(%lx , %lx)\n",
point->getAddress(), (Address)excRecAddr);
stats_.exceptions++;
// calculate the offset of the fault address in the EXCEPTION_RECORD
EXCEPTION_RECORD record;
proc()->lowlevel_process()->readDataSpace(
(void*)excRecAddr, sizeof(EXCEPTION_RECORD), &record, true);
Address pcAddr = excRecAddr
+ (Address) &(record.ExceptionAddress)
- (Address) &record;
// set fault address to the unrelocated address of that instruction
BPatch_function *func = point->getFunction();
func->setHandlerFaultAddrAddr((Address)pcAddr,false);
handlerFunctions[(Address)func->getBaseAddr()].isInterrupt =
(record.ExceptionCode == EXCEPTION_BREAKPOINT);
}示例5: ShowFunctions
static void ShowFunctions (BPatch_image *appImage)
{
BPatch_Vector<BPatch_function *> *vfunctions = appImage->getProcedures (false);
cout << PACKAGE_NAME << ": " << vfunctions->size() << " functions found in binary " << endl;
unsigned i = 0;
while (i < vfunctions->size())
{
char name[1024];
BPatch_function *f = (*vfunctions)[i];
f->getName (name, 1024);
char mname[1024], tname[1024], modname[1024];
f->getMangledName (mname, 1024);
f->getTypedName (tname, 1024);
f->getModuleName (modname, 1024);
cout << " * " << i+1 << " of " << vfunctions->size() << ", Name: " << name << endl
<< " Mangled Name: " << mname << endl
<< " Typed Name : " << tname << endl
<< " Module name : " << modname << endl
<< " Base address: " << f->getBaseAddr() << endl
<< " Instrumentable? " << (f->isInstrumentable()?"yes":"no") << endl
<< " In shared library? " << (f->isSharedLib()?"yes":"no") << endl;
if (f->isSharedLib())
{
//Old Dyninst API < 9.x
//char sharedlibname[1024];
//mod->getFullName (sharedlibname, 1024);
BPatch_module *mod = f->getModule();
string sharedlibname;
sharedlibname = mod->getObject()->name();
cout << " Full library name: " << sharedlibname << endl;
}
cout << endl;
i++;
}
}示例6: signalHandlerExitCB
/* If the context of the exception has been changed so that execution
* will resume at a new address, parse and instrument the code at that
* address; then add a springboard at that address if it is not the
* entry point of a function
*/
void HybridAnalysis::signalHandlerExitCB(BPatch_point *point, void *)
{
BPatch_function *func = point->getFunction();
std::map<Dyninst::Address, ExceptionDetails>::iterator diter =
handlerFunctions.find((Address)func->getBaseAddr());
assert(handlerFunctions.end() != diter &&
0 != diter->second.faultPCaddr);
Address pcLoc = diter->second.faultPCaddr;
mal_printf("\nAt signalHandlerExit(%lx)\n", point->getAddress());
// figure out the address the program will resume at by reading
// in the stored CONTEXT structure
Address resumePC;
assert(sizeof(Address) == proc()->getAddressWidth());
proc()->lowlevel_process()->readDataSpace(
(void*)pcLoc, sizeof(resumePC), &resumePC, true);
if (diter->second.isInterrupt) {
resumePC += 1;
}
// parse at the resumePC address, if necessary
vector<BPatch_function *> funcs;
proc()->findFunctionsByAddr((Address)resumePC,funcs);
if (funcs.empty()) {
mal_printf("Program will resume in new function at %lx\n", resumePC);
}
else {
mal_printf("Program will resume at %lx in %d existing functions, "
"will add shared function starting at %lx\n",
resumePC, funcs.size(), resumePC);
}
analyzeNewFunction(point, (Address)resumePC, true, true);
mal_printf("Exception handler exiting at %lx will resume execution at "
"%lx %s[%d]\n",
point->getAddress(), resumePC, FILE__,__LINE__);
}示例7: badTransferCB
void HybridAnalysis::badTransferCB(BPatch_point *point, void *returnValue)
{
Address pointAddr = (Address) point->getAddress();
Address target = (Address) returnValue;
time_t tstruct;
struct tm * tmstruct;
char timeStr[64];
time( &tstruct );
tmstruct = localtime( &tstruct );
strftime(timeStr, 64, "%X", tmstruct);
mal_printf("badTransferCB %lx=>%lx %s\n\n", pointAddr, target, timeStr);
BPatch_module * targMod = proc()->findModuleByAddr(target);
if (!targMod) {
mal_printf( "ERROR, NO MODULE for target addr %lx %s[%d]\n",
target,FILE__,__LINE__);
assert(0);
}
if (targMod == point->getFunction()->getModule() && targMod->isSystemLib()) {
return;
}
// 1. the target address is in a shared library
if ( targMod != point->getFunction()->getModule())
{
// process the edge, decide if we should instrument target function
bool doMoreProcessing = processInterModuleEdge(point, target, targMod);
if (!doMoreProcessing) {
return;
}
}
// 2. the point is a call:
if (point->getPointType() == BPatch_subroutine) {
proc()->beginInsertionSet();
// if the target is in the body of an existing function we'll split
// the function and wind up with two or more functions that share
// the target address, so make sure we're not in the middle of an
// overwrite loop; if we are, check for overwrites immediately
BPatch_function *targFunc = proc()->findFunctionByEntry(target);
vector<BPatch_function*> targFuncs;
proc()->findFunctionsByAddr(target, targFuncs);
if (!targFunc && targFuncs.size()) {
mal_printf("discovery instr. got new entry point for func\n");
std::set<HybridAnalysisOW::owLoop*> loops;
for (unsigned tidx=0; tidx < targFuncs.size(); tidx++) {
BPatch_function *curFunc = targFuncs[tidx];
if ( hybridOW()->hasLoopInstrumentation(false, *curFunc, &loops) )
{
/* Code sharing will change the loops, the appropriate response
is to trigger early exit analysis and remove the loops if
the underlying code hasn't changed */
mal_printf("[%d] Removing loop instrumentation for func %lx\n",
__LINE__,curFunc->getBaseAddr());
std::set<HybridAnalysisOW::owLoop*>::iterator lIter =
loops.begin();
while (lIter != loops.end()) {
hybridOW()->deleteLoop(*lIter,false);
lIter++;
}
}
}
}
// 2.1 if the target is new, parse at the target
if ( ! targFunc ) {
mal_printf("stopThread instrumentation found call %lx=>%lx, "
"parsing at call target %s[%d]\n",
(long)point->getAddress(), target,FILE__,__LINE__);
if (!analyzeNewFunction( point,target,false,false )) {
//this happens for some single-instruction functions
mal_printf("ERROR: parse of call target %lx=>%lx failed %s[%d]\n",
(long)point->getAddress(), target, FILE__,__LINE__);
assert(0);
instrumentModules(false);
proc()->finalizeInsertionSet(false);
return;
}
targFunc = proc()->findFunctionByEntry(target);
}
// 2.2 if the target is a returning function, parse at the fallthrough
bool instrument = true;
if ( ParseAPI::RETURN ==
targFunc->lowlevel_func()->ifunc()->retstatus() )
{
//mal_printf("stopThread instrumentation found returning call %lx=>%lx, "
// "parsing after call site\n",
// (long)point->getAddress(), target);
if (parseAfterCallAndInstrument(point, targFunc, false)) {
instrument = false;
}
}
if (instrument) {
instrumentModules(false);
}
//.........这里部分代码省略.........
示例8: readTracePipe
void readTracePipe()
{
int read_len;
char buf[ STRING_MAX ] = { '\0' };
if (config.pipefd < 0) return;
do {
errno = 0;
sendMsg(config.outfd, ID_TRACE_READ, DEBUG);
read_len = read(config.pipefd, buf, trace_msglen);
buf[trace_msglen] = '\0';
if (read_len < trace_msglen) {
if (read_len == -1 && errno == EAGAIN) {
// No data on pipe. Break out of read loop
// and re-poll for status change.
sendMsg(config.outfd, ID_TRACE_READ, DEBUG, ID_PASS);
break;
} else if (read_len == 0 && errno == 0) {
// Read EOF from pipefd. Close pipe and break.
sendMsg(config.outfd, ID_TRACE_READ, DEBUG, ID_PASS);
close(config.pipefd);
config.pipefd = -1;
break;
} else if (read_len > 0) {
// Partial data written to trace pipe. Report to monitor.
sendMsg(config.outfd, ID_TRACE_READ, DEBUG, ID_FAIL,
sprintf_static("Read partial message from trace pipe. Discarding message '%s'.", buf));
break;
} else if (errno) {
// Send error message to monitor.
sendMsg(config.outfd, ID_TRACE_READ, DEBUG, ID_FAIL,
sprintf_static("Mutator encountered error on trace pipe read(): %s", strerror(errno)));
close(config.pipefd);
config.pipefd = -1;
break;
}
}
void *traceMsg = (void *)strtol(buf, NULL, 16);
map< void *, BPatch_function * >::iterator iter = trace_points.find(traceMsg);
if (iter == trace_points.end()) {
sendMsg(config.outfd, ID_TRACE_READ, DEBUG, ID_FAIL,
sprintf_static("Read invalid message from trace pipe. 0x%s does not refer to a valid BPatch_point.", buf));
break;
}
sendMsg(config.outfd, ID_TRACE_READ, DEBUG, ID_PASS);
BPatch_point *point = (BPatch_point *)traceMsg;
const char *pType = "Unknown ";
if (point->getPointType() == BPatch_entry) pType = "Entering ";
if (point->getPointType() == BPatch_exit) pType = "Exiting ";
const char *pName = "anonymous function";
BPatch_function *pFunc = (*iter).second;
if (pFunc) {
if (pFunc->getName(buf, sizeof(buf)))
pName = sprintf_static("function %s", buf);
else
pName = sprintf_static("anonymous function at 0x%0*lx", sizeof(void *), pFunc->getBaseAddr());
}
if (config.pipefd > 0) {
// Could have been interrupted by mutatee exit.
sendMsg(config.outfd, ID_TRACE_POINT, INFO, ID_INFO, strcat_static(pType, pName));
}
} while (errno == 0);
}示例9: GenerateSymFile
static void GenerateSymFile (set<string> &ParFunc, set<string> &UserFunc, BPatch_image *appImage, BPatch_addressSpace *appProces)
{
ofstream symfile;
string symname = string(::XML_GetFinalDirectory())+string("/")+string(::XML_GetTracePrefix())+".sym";
symfile.open (symname.c_str());
if (!symfile.good())
{
cerr << "Cannot create the symbolic file" << symname << endl;
return;
}
for (set<string>::iterator iter = ParFunc.begin();
iter != ParFunc.end(); iter++)
{
BPatch_function *f = getRoutine ((*iter).c_str(), appImage);
if (f != NULL)
{
BPatch_Vector< BPatch_statement > lines;
appProces->getSourceLines ((unsigned long) f->getBaseAddr(), lines);
if (lines.size() > 0)
{
symfile << "P " << hex << f->getBaseAddr() << dec << " \"" << *iter
<< "\" \"" << lines[0].fileName() << "\" " << lines[0].lineNumber()
<< endl;
}
else
{
/* this happens if the application was not compiled with -g */
char modname[1024];
f->getModuleName (modname, 1024);
symfile << "P " << hex << f->getBaseAddr() << dec << " \"" << *iter
<< "\" \"" << modname << "\" 0" << endl;
}
}
}
for (set<string>::iterator iter = UserFunc.begin();
iter != UserFunc.end(); iter++)
{
BPatch_function *f = getRoutine ((*iter).c_str(), appImage);
if (f != NULL)
{
BPatch_Vector< BPatch_statement > lines;
appProces->getSourceLines ((unsigned long) f->getBaseAddr(), lines);
if (lines.size() > 0)
{
symfile << "U " << hex << f->getBaseAddr() << dec << " \"" << *iter
<< "\" \"" << lines[0].fileName() << "\" " << lines[0].lineNumber()
<< endl;
}
else
{
/* this happens if the application was not compiled with -g */
char modname[1024];
f->getModuleName (modname, 1024);
symfile << "U " << hex << f->getBaseAddr() << dec << " \"" << *iter
<< "\" \"" << modname << "\" 0" << endl;
}
}
}
map<string, unsigned>::iterator BB_symbols_iter = BB_symbols->begin();
map<string, unsigned>::iterator BB_symbols_end = BB_symbols->end();
while(BB_symbols_iter != BB_symbols_end){
symfile << "b " << BB_symbols_iter->second << " \"" << BB_symbols_iter->first << "\"\n";
BB_symbols_iter++;
}
symfile.close();
}