|
ROSE
0.11.66.0
|
This namespace encapsulates function for FLIRT ( Fast Library Identification and Recognition Technology) like functionality for ROSE binary analysis.
This namespace encapsulates function for FLIRT ( Fast Library Identification and Recognition Technology) like functionality for ROSE binary analysis. Currently only uses the Fowler-Noll-Vo HasherFnv class in Combinatorics.h. We should add options for others.
This namespace encapsulates library for FLIRT ( Fast Library Identification and Recognition Technology) like libraryality for ROSE binary analysis. Currently only uses the Fowler-Noll-Vo HasherFnv class in Combinatorics.h. We should add options for others.
Classes | |
| class | FunctionIdDatabaseInterface |
| Creates and holds the handle for the sqlite database used for storing and matching libraries and functions, FLIRT style. More... | |
| class | FunctionInfo |
| class FunctionInfo Combines all the information to uniquely identify a single function in one object. More... | |
| class | LibraryInfo |
Typedefs | |
| typedef std::map< LibraryInfo, std::set< FunctionInfo > > | LibToFuncsMap |
| typedef libToFuncMap This is used as the type to list which functions are found in which libraries from matchLibraryIdentificationDataBase. More... | |
Enumerations | |
| enum | DUPLICATE_OPTION { UNKNOWN, COMBINE, REPLACE, NO_ADD } |
| Option for what to do if a function with the same hash is found when adding a function. More... | |
Functions | |
| enum DUPLICATE_OPTION | duplicateOptionFromString (std::string option) |
| void | generateLibraryIdentificationDataBase (const std::string &databaseName, const std::string &libraryName, const std::string &libraryVersion, const std::string &libraryHash, const Rose::BinaryAnalysis::Partitioner2::Partitioner &partitioner, enum DUPLICATE_OPTION dupOption=COMBINE) |
| generate Library Identification Database This function takes a binary project (presumeably a library) and hashes every function, in it. More... | |
| LibToFuncsMap | matchLibraryIdentificationDataBase (const std::string &databaseName, const Rose::BinaryAnalysis::Partitioner2::Partitioner &partitioner) |
| match functions in project to Library Identification Database This is a function to simplify matching functions in a binary project to library functions in the database. More... | |
| void | insertFunctionToMap (LibToFuncsMap &libToFuncsMap, const LibraryInfo &libraryInfo, const FunctionInfo &functionInfo) |
| Private helper function for adding idents to the libToFuncsMap. More... | |
Variables | |
| const std::string | unknownLibraryName = "UNKNOWN" |
| const std::string | multiLibraryName = "MULTIPLE_LIBS" |
| typedef std::map<LibraryInfo, std::set<FunctionInfo> > LibraryIdentification::LibToFuncsMap |
typedef libToFuncMap This is used as the type to list which functions are found in which libraries from matchLibraryIdentificationDataBase.
The map is: libraryname -> set<functions matched in that library>
Functions that are not found in any library, will be placed in the "UNKNOWN" bin.
Definition at line 27 of file libraryIdentification.h.
Option for what to do if a function with the same hash is found when adding a function.
COMBINE: Allow both hashes to exist REPLACE: Replace the old function with this new function. (Will eliminate ALL old functions with the same hash) NO_ADD: Do not add the function, leave the old functions in the database
Definition at line 30 of file FunctionIdDatabaseInterface.h.
| void LibraryIdentification::generateLibraryIdentificationDataBase | ( | const std::string & | databaseName, |
| const std::string & | libraryName, | ||
| const std::string & | libraryVersion, | ||
| const std::string & | libraryHash, | ||
| const Rose::BinaryAnalysis::Partitioner2::Partitioner & | partitioner, | ||
| enum DUPLICATE_OPTION | dupOption = COMBINE |
||
| ) |
generate Library Identification Database This function takes a binary project (presumeably a library) and hashes every function, in it.
It then inserts the library and functions into a new sqlite3 database. If the project was built with debug information, we should have a database that can later identify functions in stripped libraries.
| [in] | databaseName | Filename of the database to create/access |
| [in] | libraryName | Library names cannot be discovered from all library types, so pass in name. |
| [in] | libraryVersion | Library version, same problem |
| [in] | libraryHash | Unique hash identifing the libary. Partitioner can't generate it |
| [in] | partitioner | The main ROSE binary anlysis object, contains all functions, code, etc. |
| [in] | dupOption | tells what to do with duplicate functions |
| LibToFuncsMap LibraryIdentification::matchLibraryIdentificationDataBase | ( | const std::string & | databaseName, |
| const Rose::BinaryAnalysis::Partitioner2::Partitioner & | partitioner | ||
| ) |
match functions in project to Library Identification Database This is a function to simplify matching functions in a binary project to library functions in the database.
It will attempt to match every function defined in the project to a library function.
It returns a LibToFuncsMap that contains every function defined in the project in the following form: Library->set(Function). Functions that could not be matched in the database are found in the "UNKNOWN" library.
| [in] | databaseName | Filename of the database to create/access |
| [in] | partitioner | Binary partitioner has the functions to write or find |
| void LibraryIdentification::insertFunctionToMap | ( | LibToFuncsMap & | libToFuncsMap, |
| const LibraryInfo & | libraryInfo, | ||
| const FunctionInfo & | functionInfo | ||
| ) |
Private helper function for adding idents to the libToFuncsMap.
| [in,out] | libToFuncsMap | The map to insert to |
| [in] | libraryInfo | This libraryInfo to insert as key |
| [in] | functionInfo | The functionInfo to insert as value |
1.8.10