ROSE 0.11.145.357
Thunk.h
1#ifndef ROSE_BinaryAnalysis_Partitioner2_Thunk_H
2#define ROSE_BinaryAnalysis_Partitioner2_Thunk_H
3#include <featureTests.h>
4#ifdef ROSE_ENABLE_BINARY_ANALYSIS
5
6#include <Rose/BinaryAnalysis/Partitioner2/BasicTypes.h>
7#include <Sawyer/SharedObject.h>
8
9class SgAsmInstruction;
10
11namespace Rose {
12namespace BinaryAnalysis {
13namespace Partitioner2 {
14
16// Individual thunk predicates
18
23struct ThunkDetection {
24 size_t nInsns;
25 std::string name;
28 ThunkDetection()
29 : nInsns(0) {}
30
32 ThunkDetection(size_t nInsns, const std::string &name)
33 : nInsns(nInsns), name(name) {}
34
35 // C++03 safe bool conversion since we don't have explicit operator bool.
36private:
37 typedef void(ThunkDetection::*unspecified_bool)() const;
38 void this_type_does_not_support_comparisons() const {}
39public:
40 operator unspecified_bool() const {
41 return nInsns ? &ThunkDetection::this_type_does_not_support_comparisons : 0;
42 }
43};
44
48ThunkDetection isX86JmpImmThunk(const PartitionerConstPtr&, const std::vector<SgAsmInstruction*>&);
49
53ThunkDetection isX86JmpMemThunk(const PartitionerConstPtr&, const std::vector<SgAsmInstruction*>&);
54
58ThunkDetection isX86LeaJmpThunk(const PartitionerConstPtr&, const std::vector<SgAsmInstruction*>&);
59
63ThunkDetection isX86MovJmpThunk(const PartitionerConstPtr&, const std::vector<SgAsmInstruction*>&);
64
68ThunkDetection isX86AddJmpThunk(const PartitionerConstPtr&, const std::vector<SgAsmInstruction*>&);
69
70
72// Collective thunk predicates
74
81typedef ThunkDetection(*ThunkPredicate)(const PartitionerConstPtr&, const std::vector<SgAsmInstruction*>&);
82
84class ThunkPredicates: public Sawyer::SharedObject {
85public:
86 typedef Sawyer::SharedPointer<ThunkPredicates> Ptr;
87
88private:
90 std::vector<ThunkPredicate> predicates_;
91
92protected:
93 // use 'instance' instead
94 ThunkPredicates() {}
95
96public:
98 static Ptr instance() {
99 return Ptr(new ThunkPredicates);
100 }
101
105 static Ptr allThunks();
106
111 static Ptr functionMatcherThunks();
112
116 const std::vector<ThunkPredicate>& predicates() const { return predicates_; }
117 std::vector<ThunkPredicate>& predicates() { return predicates_; }
126 ThunkDetection isThunk(const PartitionerConstPtr&, const std::vector<SgAsmInstruction*>&) const;
127};
128
130// Thunk utilities
132
136void splitThunkFunctions(const PartitionerPtr&, const ThunkPredicates::Ptr&);
137
138} // namespace
139} // namespace
140} // namespace
141
142#endif
143#endif
Rose::BinaryAnalysis::Partitioner2::ThunkPredicates::predicates
std::vector< ThunkPredicate > & predicates()
Property: The list of predicates that will test for thunks.
Definition Thunk.h:117
Rose::BinaryAnalysis::Partitioner2::ThunkPredicates::functionMatcherThunks
static Ptr functionMatcherThunks()
Construct collective predicate for matching thunks to create functions.
Rose::BinaryAnalysis::Partitioner2::ThunkPredicates::allThunks
static Ptr allThunks()
Construct collective predicate with all built-in predicates.
Rose::BinaryAnalysis::Partitioner2::ThunkPredicates::instance
static Ptr instance()
Allocating constructor.
Definition Thunk.h:98
Rose::BinaryAnalysis::Partitioner2::ThunkPredicates::predicates
const std::vector< ThunkPredicate > & predicates() const
Property: The list of predicates that will test for thunks.
Definition Thunk.h:116
Rose::BinaryAnalysis::Partitioner2::ThunkPredicates::isThunk
ThunkDetection isThunk(const PartitionerConstPtr &, const std::vector< SgAsmInstruction * > &) const
Test whether instructions begin with a thunk.
Sawyer::SharedObject
Base class for reference counted objects.
Definition SharedObject.h:64
SgAsmInstruction
Base class for machine instructions.
Definition binaryInstruction.C:44827
Rose::BinaryAnalysis::Partitioner2::isX86JmpMemThunk
ThunkDetection isX86JmpMemThunk(const PartitionerConstPtr &, const std::vector< SgAsmInstruction * > &)
Test whether x86 instruction begin with "jmp [ADDRESS]".
Rose::BinaryAnalysis::Partitioner2::splitThunkFunctions
void splitThunkFunctions(const PartitionerPtr &, const ThunkPredicates::Ptr &)
Split thunks off from start of functions.
Rose::BinaryAnalysis::Partitioner2::isX86MovJmpThunk
ThunkDetection isX86MovJmpThunk(const PartitionerConstPtr &, const std::vector< SgAsmInstruction * > &)
Test whether x86 instructions begin with "mov R, [ADDR]; jmp R".
Rose::BinaryAnalysis::Partitioner2::isX86JmpImmThunk
ThunkDetection isX86JmpImmThunk(const PartitionerConstPtr &, const std::vector< SgAsmInstruction * > &)
Test whether x86 instructions begin with "jmp ADDRESS".
Rose::BinaryAnalysis::Partitioner2::ThunkPredicate
ThunkDetection(* ThunkPredicate)(const PartitionerConstPtr &, const std::vector< SgAsmInstruction * > &)
Function signature for finding thunks.
Definition Thunk.h:81
Rose::BinaryAnalysis::Partitioner2::isX86LeaJmpThunk
ThunkDetection isX86LeaJmpThunk(const PartitionerConstPtr &, const std::vector< SgAsmInstruction * > &)
Test whether x86 instructions begin with an LEA JMP pair.
Rose::BinaryAnalysis::Partitioner2::isX86AddJmpThunk
ThunkDetection isX86AddJmpThunk(const PartitionerConstPtr &, const std::vector< SgAsmInstruction * > &)
Test whether x86 instructions begin with "add R, C; jmp ADDR".
Rose
The ROSE library.
Definition BinaryTutorial.dox:3
Rose::BinaryAnalysis::Partitioner2::ThunkDetection
Return type for thunk detectors.
Definition Thunk.h:23
Rose::BinaryAnalysis::Partitioner2::ThunkDetection::nInsns
size_t nInsns
Number of instructions that are part of the thunk.
Definition Thunk.h:24
Rose::BinaryAnalysis::Partitioner2::ThunkDetection::ThunkDetection
ThunkDetection()
Constructor for detecting no thunk.
Definition Thunk.h:28
Rose::BinaryAnalysis::Partitioner2::ThunkDetection::name
std::string name
Name of the pattern that matched the instructions.
Definition Thunk.h:25
Rose::BinaryAnalysis::Partitioner2::ThunkDetection::ThunkDetection
ThunkDetection(size_t nInsns, const std::string &name)
Constructor for a detected thunk.
Definition Thunk.h:32
Generated on Mon Nov 3 2025 05:39:38 for ROSE by doxygen 1.9.8