ROSE  0.9.11.56
Classes | Typedefs | Enumerations | Functions | Variables
LibraryIdentification Namespace Reference

Description

LibraryIdentification.

This namespace encapsulates function for FLIRT ( Fast Library Identification and Recognition Technology) like functionality for ROSE binary analysis.

This namespace encapsulates function for FLIRT ( Fast Library Identification and Recognition Technology) like functionality for ROSE binary analysis. Currently only uses the Fowler-Noll-Vo HasherFnv class in Combinatorics.h. We should add options for others.

This namespace encapsulates library for FLIRT ( Fast Library Identification and Recognition Technology) like libraryality for ROSE binary analysis. Currently only uses the Fowler-Noll-Vo HasherFnv class in Combinatorics.h. We should add options for others.

Classes

class  FunctionIdDatabaseInterface
 Creates and holds the handle for the sqlite database used for storing and matching libraries and functions, FLIRT style. More...
 
class  FunctionInfo
 class FunctionInfo Combines all the information to uniquely identify a single function in one object. More...
 
class  LibraryInfo
 

Typedefs

typedef std::map< LibraryInfo, std::set< FunctionInfo > > LibToFuncsMap
 typedef libToFuncMap This is used as the type to list which functions are found in which libraries from matchLibraryIdentificationDataBase. More...
 

Enumerations

enum  DUPLICATE_OPTION {
  UNKNOWN,
  COMBINE,
  REPLACE,
  NO_ADD
}
 Option for what to do if a function with the same hash is found when adding a function. More...
 

Functions

enum DUPLICATE_OPTION duplicateOptionFromString (std::string option)
 
void generateLibraryIdentificationDataBase (const std::string &databaseName, const std::string &libraryName, const std::string &libraryVersion, const std::string &libraryHash, const Rose::BinaryAnalysis::Partitioner2::Partitioner &partitioner, enum DUPLICATE_OPTION dupOption=COMBINE)
 generate Library Identification Database This function takes a binary project (presumeably a library) and hashes every function, in it. More...
 
LibToFuncsMap matchLibraryIdentificationDataBase (const std::string &databaseName, const Rose::BinaryAnalysis::Partitioner2::Partitioner &partitioner)
 match functions in project to Library Identification Database This is a function to simplify matching functions in a binary project to library functions in the database. More...
 
void insertFunctionToMap (LibToFuncsMap &libToFuncsMap, const LibraryInfo &libraryInfo, const FunctionInfo &functionInfo)
 Private helper function for adding idents to the libToFuncsMap. More...
 

Variables

const std::string unknownLibraryName = "UNKNOWN"
 
const std::string multiLibraryName = "MULTIPLE_LIBS"
 

Typedef Documentation

typedef libToFuncMap This is used as the type to list which functions are found in which libraries from matchLibraryIdentificationDataBase.

The map is: libraryname -> set<functions matched in that library>

Functions that are not found in any library, will be placed in the "UNKNOWN" bin.

Definition at line 25 of file libraryIdentification.h.

Enumeration Type Documentation

Option for what to do if a function with the same hash is found when adding a function.

COMBINE: Allow both hashes to exist REPLACE: Replace the old function with this new function. (Will eliminate ALL old functions with the same hash) NO_ADD: Do not add the function, leave the old functions in the database

Definition at line 28 of file FunctionIdDatabaseInterface.h.

Function Documentation

void LibraryIdentification::generateLibraryIdentificationDataBase ( const std::string &  databaseName,
const std::string &  libraryName,
const std::string &  libraryVersion,
const std::string &  libraryHash,
const Rose::BinaryAnalysis::Partitioner2::Partitioner partitioner,
enum DUPLICATE_OPTION  dupOption = COMBINE 
)

generate Library Identification Database This function takes a binary project (presumeably a library) and hashes every function, in it.

It then inserts the library and functions into a new sqlite3 database. If the project was built with debug information, we should have a database that can later identify functions in stripped libraries.

Parameters
[in]databaseNameFilename of the database to create/access
[in]libraryNameLibrary names cannot be discovered from all library types, so pass in name.
[in]libraryVersionLibrary version, same problem
[in]libraryHashUnique hash identifing the libary. Partitioner can't generate it
[in]partitionerThe main ROSE binary anlysis object, contains all functions, code, etc.
[in]dupOptiontells what to do with duplicate functions
LibToFuncsMap LibraryIdentification::matchLibraryIdentificationDataBase ( const std::string &  databaseName,
const Rose::BinaryAnalysis::Partitioner2::Partitioner partitioner 
)

match functions in project to Library Identification Database This is a function to simplify matching functions in a binary project to library functions in the database.

It will attempt to match every function defined in the project to a library function.

It returns a LibToFuncsMap that contains every function defined in the project in the following form: Library->set(Function). Functions that could not be matched in the database are found in the "UNKNOWN" library.

Parameters
[in]databaseNameFilename of the database to create/access
[in]partitionerBinary partitioner has the functions to write or find
Returns
libToFuncsMap Libraries->set(Functions) unmatched functions under "UNKNOWN", multimatched functions returned in "MULTIPLE_LIBS"
void LibraryIdentification::insertFunctionToMap ( LibToFuncsMap libToFuncsMap,
const LibraryInfo libraryInfo,
const FunctionInfo functionInfo 
)

Private helper function for adding idents to the libToFuncsMap.

Parameters
[in,out]libToFuncsMapThe map to insert to
[in]libraryInfoThis libraryInfo to insert as key
[in]functionInfoThe functionInfo to insert as value