============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined cmdServerSigChild() MOV RDI,qword ptr [.bss:serverLocal[24]] MOV EAX,dword ptr [RDI] TEST EAX,EAX JZ LAB_0014d0c0 PUSH RBP MOV RBP,RSI PUSH RBX XOR EBX,EBX SUB RSP,0x8 JMP LAB_0014d08e ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_0014d080: MOV RDI,qword ptr [.bss:serverLocal[24]] ADD EBX,0x1 CMP dword ptr [RDI],EBX JBE LAB_0014d0b8 LAB_0014d08e: MOV ESI,EBX CALL lstGet ;undefined lstGet() MOV EDX,dword ptr [RBP + 0x10] CMP dword ptr [RAX],EDX JNZ LAB_0014d080 MOV RDI,qword ptr [.bss:serverLocal[24]] MOV ESI,EBX ADD EBX,0x1 CALL lstRemoveIdx ;undefined lstRemoveIdx() MOV RDI,qword ptr [.bss:serverLocal[24]] CMP dword ptr [RDI],EBX JA LAB_0014d08e LAB_0014d0b8: ADD RSP,0x8 POP RBX POP RBP RET ?? 90h LAB_0014d0c0: RET ?? 66h f Actual src: static void cmdServerSigChild(const int signalType, siginfo_t *signalInfo, void *context) { (void)signalType; (void)context; ASSERT(signalInfo->si_code == CLD_EXITED); // Find the process and remove it for (unsigned int processIdx = 0; processIdx < lstSize(serverLocal.processList); processIdx++) { if (*(int *)lstGet(serverLocal.processList, processIdx) == signalInfo->si_pid) lstRemoveIdx(serverLocal.processList, processIdx); } } Predicted src: void _init (const char *data) { int i; if (i == 0) { return; } } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined fileAddComplexValue() TEST ESI,ESI JZ LAB_001f4080 MOV RAX,qword ptr [.bss:column] ;=?? MOV RDX,qword ptr [.bss:rowbuf] ;=?? LEA RCX,[RAX + 0x2] MOVSD qword ptr [RDX + RAX*0x8],XMM0 MOV qword ptr [.bss:column],RCX ;=?? MOVSD qword ptr [RDX + RAX*0x8 + 0x8],XMM1 RET ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_001f4080: MOV ECX,0xf MOV EDX,0xf MOV EAX,0x2 LEA RSI,[.rodata:s__%.*e,%.*e_00712740] ;= "\t%.*e,%.*e\n" JMP sh_fprintf ;undefined sh_fprintf(undefined param... ?? 0Fh Actual src: static void fileAddComplexValue(FILE *fp, bool bin, IFcomplex value) { if (bin) { rowbuf[column++] = value.real; rowbuf[column++] = value.imag; } else { fprintf(fp, "\t%.*e,%.*e\n", DOUBLE_PRECISION, value.real, DOUBLE_PRECISION, value.imag); } } Predicted src: static void f(void) { int i; if (i == 0) return; } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined mp_rshd() TEST ESI,ESI JLE LAB_00191b00 PUSH RBP MOV RBP,RDI PUSH RBX SUB RSP,0x8 MOV R9D,dword ptr [RDI] CMP R9D,ESI JLE LAB_00191b08 MOV RDI,qword ptr [RDI + 0x10] MOV EBX,R9D MOVSXD RAX,ESI SUB EBX,ESI LEA R8,[RDI + RAX*0x8] TEST EBX,EBX JLE LAB_00191b18 MOVSXD RCX,EBX XOR EAX,EAX NOP LAB_00191ab0: MOV RDX,qword ptr [R8 + RAX*0x8] MOV qword ptr [RDI + RAX*0x8],RDX ADD RAX,0x1 CMP RCX,RAX JNZ LAB_00191ab0 LEA RDI,[RDI + RCX*0x8] CMP R9D,EBX JLE LAB_00191af0 MOV EAX,EBX LAB_00191acc: LEA EDX,[R9 + -0x1] SUB EDX,EAX ADD EAX,0x1 CMP R9D,EAX LEA RDX,[0x8 + RDX*0x8] MOV EAX,0x8 CMOVL RDX,RAX XOR ESI,ESI CALL .plt:::memset ;void * memset(void * __s, int __c, s... LAB_00191af0: MOV dword ptr [RBP],EBX ADD RSP,0x8 POP RBX POP RBP RET ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00191b00: RET ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00191b08: ADD RSP,0x8 POP RBX POP RBP JMP .plt:mp_zero ;undefined mp_zero() ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00191b18: XOR EAX,EAX JMP LAB_00191acc ?? 0Fh Actual src: void mp_rshd (mp_int * a, int b) { int x; /* if b <= 0 then ignore it */ if (b <= 0) { return; } /* if b > used then simply zero it and return */ if (a->used <= b) { mp_zero (a); return; } { mp_digit *bottom, *top; /* shift the digits down */ /* bottom */ bottom = a->dp; /* top [offset into digits] */ top = a->dp + b; /* this is implemented as a sliding window where * the window is b-digits long and digits from * the top of the window are copied to the bottom * * e.g. b-2 | b-1 | b0 | b1 | b2 |... | bb | ----> /\ | ----> \-------------------/ ----> */ for (x = 0; x < (a->used - b); x++) { *bottom++ = *top++; } /* zero the top digits */ for (; x < a->used; x++) { *bottom++ = 0; } } /* remove excess digits */ a->used -= b; } Predicted src: static void set_init (void) { int i; for (i = 0; i < 0; i++) { if (i) { } return; } } } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined view_finalize() PUSH RBP MOV RBP,RDI CALL .plt:gal_view_get_type ;undefined gal_view_get_type() MOV RDI,RBP MOV RSI,RAX CALL .plt:::g_type_instance_get_private ;undefined g_type_instance_get_private() MOV RDI,qword ptr [RAX] CALL .plt.got:::g_free ;undefined g_free() MOV RDI,qword ptr [.bss:gal_view_parent_class] ;=?? MOV ESI,0x50 CALL .plt:::g_type_check_class_cast ;undefined g_type_check_class_cast() MOV RDI,RBP POP RBP MOV RAX,qword ptr [RAX + 0x30] JMP RAX ?? 66h f Actual src: static void view_finalize (GObject *object) { GalViewPrivate *priv; priv = GAL_VIEW_GET_PRIVATE (object); g_free (priv->title); /* Chain up to parent's finalize() method. */ G_OBJECT_CLASS (gal_view_parent_class)->finalize (object); } Predicted src: static void g_init (GObject *object) { g_object_object (object); } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined razer_string_to_bool() ;local_20 undefined8 -20 ;local_1010 undefined8 -1010 ;local_1048 undefined8 -1048 PUSH RBP PUSH RBX SUB RSP,0x1000 OR qword ptr [RSP]=>local_1010,0x0 SUB RSP,0x38 OR qword ptr [RSP]=>local_1048,0x0 ADD RSP,0x1020 MOV RBP,RSI LEA RSI,[.rodata:DAT_0011926e] ;= 79h y MOV RBX,RDI CALL .plt:::strcasecmp ;int strcasecmp(char * __s1, char * _... TEST EAX,EAX JZ LAB_0010b250 LEA RSI,[.rodata:DAT_00119272] ;= 74h t MOV RDI,RBX CALL .plt:::strcasecmp ;int strcasecmp(char * __s1, char * _... TEST EAX,EAX JZ LAB_0010b250 LEA RSI,[.rodata:s_on_0011817d+5] ;= "on" MOV RDI,RBX CALL .plt:::strcasecmp ;int strcasecmp(char * __s1, char * _... TEST EAX,EAX JZ LAB_0010b250 LEA RSI,[.rodata:DAT_00119277] ;= 6Eh n MOV RDI,RBX CALL .plt:::strcasecmp ;int strcasecmp(char * __s1, char * _... TEST EAX,EAX JZ LAB_0010b260 LEA RSI,[.rodata:s_false_0011927a] ;= "false" MOV RDI,RBX CALL .plt:::strcasecmp ;int strcasecmp(char * __s1, char * _... TEST EAX,EAX JZ LAB_0010b260 LEA RSI,[.rodata:DAT_00119280] ;= 6Fh o MOV RDI,RBX CALL .plt:::strcasecmp ;int strcasecmp(char * __s1, char * _... TEST EAX,EAX JZ LAB_0010b260 XOR EDX,EDX LEA RSI=>local_20,[RSP + 0x8] MOV RDI,RBX CALL .plt:::strtol ;long strtol(char * __nptr, char * *... MOV RDX,qword ptr [RSP + local_20+0x28] CMP RBX,RDX JZ LAB_0010b26d CMP byte ptr [RDX],0x0 JNZ LAB_0010b26d TEST EAX,EAX SETNZ byte ptr [RBP] XOR EAX,EAX JMP LAB_0010b256 ?? 90h LAB_0010b250: MOV byte ptr [RBP],0x1 XOR EAX,EAX LAB_0010b256: ADD RSP,0x18 POP RBX POP RBP RET ?? 0Fh ?? 1Fh ?? 00h LAB_0010b260: MOV byte ptr [RBP],0x0 ADD RSP,0x18 XOR EAX,EAX POP RBX POP RBP RET LAB_0010b26d: MOV EAX,0xffffffea JMP LAB_0010b256 ?? 66h f Actual src: int razer_string_to_bool(const char *string, bool *b) { int i; if (strcasecmp(string, "yes") == 0 || strcasecmp(string, "true") == 0 || strcasecmp(string, "on") == 0) { *b = 1; return 0; } if (strcasecmp(string, "no") == 0 || strcasecmp(string, "false") == 0 || strcasecmp(string, "off") == 0) { *b = 0; return 0; } if (!razer_string_to_int(string, &i)) { *b =!!i; return 0; } return -EINVAL; } Predicted src: static void set_init (void) { if (i == 0) { return; } return; } }