|
ROSE 0.11.145.283
|
Utilities for doing indirect control flow as part of partitioning.
Classes | |
| struct | State |
| Internal state for these analyses. More... | |
Functions | |
| void | initDiagnostics () |
| Sawyer::CommandLine::SwitchGroup | commandLineSwitches (Settings &) |
| Define command-line switches. | |
| bool | analyzeAllBlocks (const Settings &, const PartitionerPtr &) |
| Attempt to resolve indirect control flow using a variety of strategies. | |
| bool | reanalyzeSomeBlocks (const Settings &, const PartitionerPtr &) |
| Reanalyze all basic blocks that have indirect control flow. | |
Variables | |
| Sawyer::Message::Facility | mlog |
| Sawyer::CommandLine::SwitchGroup Rose::BinaryAnalysis::Partitioner2::IndirectControlFlow::commandLineSwitches | ( | Settings & | ) |
Define command-line switches.
Returns a switch group containing definitions for command-line switches related to indirect control flow recovery. The switches are bound to the specified settings so that when the command-line is parsed and its results are applied, those settings are adjusted.
| bool Rose::BinaryAnalysis::Partitioner2::IndirectControlFlow::analyzeAllBlocks | ( | const Settings & | , |
| const PartitionerPtr & | |||
| ) |
Attempt to resolve indirect control flow using a variety of strategies.
Scans through all discovered basic blocks in the CFG and processes each block that has a CFG edge pointing to an indeterminate address. It then uses various strategies to find concrete CFG successors and updates the successors for the basic block in question.
Some of the strategies use a dataflow analysis. The dataflow graph is constructed in two phases: first, starting at the basic block in question, the CFG edges are followed in reverse up to a certain distance without traversing function calls. This usually obtains the entry point(s) of the function containing the basic block in question. Second, starting at the dataflow vertices that have no incoming edges, a forward traversal inlines function calls to a specified depth, either bringing their definitions into the dataflow graph, or inserting a representative vertex for the call. The Settings argument controls some of the details for this process.
1.9.8