============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined exec_generic() ;local_40 undefined8 -40 ;local_140 undefined8 -140 ;local_148 undefined8 -148 ;local_150 undefined8 -150 ;local_154 undefined4 -154 PUSH R15 LEA RCX,[.data:games] MOV R15D,0x1 PUSH R14 PUSH R13 MOV R13,RDI PUSH R12 PUSH RBP LEA RBP,[.rodata:delim] ;= 000A092000h PUSH RBX SUB RSP,0x128 MOV dword ptr [RSP + local_154+0x158],ESI LEA R12=>local_148,[RSP + 0x10] MOV RAX,qword ptr FS:[0x28] MOV qword ptr [RSP + local_40+0x158],RAX MOV RAX,qword ptr [RDI] MOV EAX,dword ptr [RAX + 0x5c] MOV qword ptr [RSP + local_150+0x158],RAX IMUL RAX,RAX,0x138 MOV RDI,qword ptr [RCX + RAX*0x1 + offset.data:games[192] &0xff] CALL strdup_strip ;undefined strdup_strip() MOV RSI=>.rodata:delim,RBP ;= 000A092000h MOV RDI,RAX MOV R14,RAX CALL .plt:::strtok ;char * strtok(char * __s, char * __d... MOV qword ptr [RSP + local_148+0x158],RAX NOP dword ptr [RAX] LAB_00145bf8: MOV RSI=>.rodata:delim,RBP ;= 000A092000h XOR EDI,EDI MOVSXD RBX,R15D CALL .plt:::strtok ;char * strtok(char * __s, char * __d... MOV qword ptr [R12 + R15*0x8]=>local_140,RAX ADD R15,0x1 TEST RAX,RAX JNZ LAB_00145bf8 MOV RDX,qword ptr [R13 + 0x8] MOV EAX,EBX TEST RDX,RDX JZ LAB_00145c25 MOV qword ptr [RSP + RBX*0x8 + local_140+0x150],RDX ADD EAX,0x1 LAB_00145c25: CDQE LEA RBX,[.data:games] MOV EDI,dword ptr [RSP + local_154+0x158] MOV RDX,R12 MOV qword ptr [RSP + RAX*0x8 + local_140+0x150],0x0 MOV RCX,qword ptr [R13] IMUL RAX,qword ptr [RSP + local_150+0x158],0x138 MOV RSI,qword ptr [RBX + RAX*0x1 + offset.data:games[208] &0xff] CALL client_launch_exec ;undefined client_launch_exec() MOV RDI,R14 MOV R12D,EAX CALL .plt.got:::g_free ;undefined g_free() MOV RAX,qword ptr [RSP + local_40+0x158] SUB RAX,qword ptr FS:[0x28] JNZ LAB_00145c8b ADD RSP,0x128 MOV EAX,R12D POP RBX POP RBP POP R12 POP R13 POP R14 POP R15 RET LAB_00145c8b: CALL .plt:::__stack_chk_fail ;undefined __stack_chk_fail() ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined ottd_exec() ;local_40 undefined8 -40 ;local_140 undefined8 -140 ;local_148 undefined8 -148 ;local_150 undefined8 -150 ;local_154 undefined4 -154 PUSH R15 Actual src: static int exec_generic (const struct condef *con, int forkit) { char *argv[32]; int argi = 0; char *cmd; struct game *g = &games[con->s->type]; int retval; cmd = strdup_strip (g->cmd); argv[argi++] = strtok (cmd, delim); while ((argv[argi] = strtok (NULL, delim))!= NULL) argi++; if (con->server) { argv[argi++] = con->server; } argv[argi] = NULL; retval = client_launch_exec (forkit, g->real_dir, argv, con->s); g_free (cmd); return retval; } Predicted src: static void g_data (gpointer data, gpointer data) { struct data_data *data = data; if (data->data) data->data = data; data->data = data; data->data = data; data->data = data; data->data = data; } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined get_9p_stats_trans() ;local_20 undefined8 -20 ;local_a8 undefined1 -a8 ;local_f8 undefined1 -f8 ;local_100 undefined8 -100 PUSH R13 PUSH R12 PUSH RBP MOV RBP,RDI MOV RDI,RSI SUB RSP,0xf0 MOV RAX,qword ptr FS:[0x28] MOV qword ptr [RSP + local_20+0x108],RAX LEA RAX,[.rodata:DAT_00259fb7] ;= 4Fh O LEA R12=>local_f8,[RSP + 0x10] LEA R13=>local_a8,[RSP + 0x60] MOV RSI,R12 MOV qword ptr [RSP + local_100+0x108],RAX=>.rodata:DAT_00259fb7 ;= 4Fh O CALL .plt:::dbus_message_iter_init_append ;undefined dbus_message_iter_init_app... LEA RDX=>local_100,[RSP + 0x8] MOV RSI,R13 MOV RDI,RBP CALL arg_ipaddr ;undefined arg_ipaddr() TEST AL,AL JZ LAB_001559d0 MOV ESI,0x1 MOV RDI,R13 CALL get_gsh_client ;undefined get_gsh_client() MOV RBP,RAX TEST RAX,RAX JZ LAB_001559f0 CMP qword ptr [RAX + -0x20],0x0 JZ LAB_001559b8 MOV RDX=>.rodata:DAT_00259fb7,qword ptr [RSP + 0x8] ;= 4Fh O MOV ESI,0x1 MOV RDI,R12 CALL .plt:gsh_dbus_status_reply ;undefined gsh_dbus_status_reply() MOV RDI,qword ptr [RBP + -0x20] MOV RSI,R12 CALL server_dbus_9p_transstats ;undefined server_dbus_9p_transstats() LAB_00155987: MOV RDI,RBP CALL put_gsh_client ;undefined put_gsh_client() LAB_0015598f: MOV RAX,qword ptr [RSP + local_20+0x108] SUB RAX,qword ptr FS:[0x28] JNZ LAB_001559f9 ADD RSP,0xf0 MOV EAX,0x1 POP RBP POP R12 POP R13 RET ?? 0Fh ?? 1Fh ?? 40h @ ?? 00h LAB_001559b8: LEA RDX,[.rodata:s_Client_does_not_have_any_9p_acti_00248578] ;= "Client does not have any 9p activ... XOR ESI,ESI MOV RDI,R12 CALL .plt:gsh_dbus_status_reply ;undefined gsh_dbus_status_reply() JMP LAB_00155987 ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_001559d0: MOV RDX=>.rodata:DAT_00259fb7,qword ptr [RSP + 0x8] ;= 4Fh O TEST RDX,RDX JZ LAB_001559f0 LAB_001559da: XOR ESI,ESI MOV RDI,R12 CALL .plt:gsh_dbus_status_reply ;undefined gsh_dbus_status_reply() JMP LAB_0015598f ?? 66h f ?? 2Eh . ?? 0Fh ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_001559f0: LEA RDX,[.rodata:s_Client_IP_address_not_found_002482c7] ;= "Client IP address not found" JMP LAB_001559da LAB_001559f9: CALL .plt:::__stack_chk_fail ;undefined __stack_chk_fail() NOP Actual src: static bool get_9p_stats_trans(DBusMessageIter *args, DBusMessage *reply, DBusError *error) { struct gsh_client *client = NULL; struct server_stats *server_st = NULL; bool success = true; char *errormsg = "OK"; DBusMessageIter iter; dbus_message_iter_init_append(reply, &iter); client = lookup_client(args, &errormsg); if (client == NULL) { success = false; if (errormsg == NULL) errormsg = "Client IP address not found"; } else { server_st = container_of(client, struct server_stats, client); if (server_st->st._9p == NULL) { success = false; errormsg = "Client does not have any 9p activity"; } } gsh_dbus_status_reply(&iter, success, errormsg); if (success) server_dbus_9p_transstats(server_st->st._9p, &iter); if (client!= NULL) put_gsh_client(client); return true; } Predicted src: static void g_init (gpointer data, gpointer user_data) { g_return_if_fail (data!= NULL, NULL); g_return_if_fail (data!= NULL); g_return_if_fail (data!= NULL); g_return_if_fail (data!= NULL); g_return_if_fail (data!= NULL); g_return_if_fail (data!= NULL); g_if_fail (data!= NULL, NULL); } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined __glXDisp_VertexAttrib4Nubv() PUSH RBX MOV RBX,RDI LEA RDI,[.rodata:s_glVertexAttrib4Nubv_0030ab88] ;= "glVertexAttrib4Nubv" CALL __glGetProcAddress ;undefined __glGetProcAddress() MOV EDI,dword ptr [RBX] LEA RSI,[RBX + 0x4] POP RBX JMP RAX ?? 0Fh Actual src: void __glXDisp_VertexAttrib4Nubv(GLbyte * pc) { PFNGLVERTEXATTRIB4NUBVPROC VertexAttrib4Nubv = __glGetProcAddress("glVertexAttrib4Nubv"); VertexAttrib4Nubv(*(GLuint *) (pc + 0), (const GLubyte *) (pc + 4)); } Predicted src: static void get_data(const void *data) { (void)data; (void)data; (void)data; (void)data; (void)data; (void)data; } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* strcasestr_len(char const*, int, char const*) * ;************************************************************************************************************************************************************ ;undefined strcasestr_len(char * param_1, int param_2, char * param_3) ;param_1 char * RDI ;param_2 int ESI ;param_3 char * RDX PUSH R15 PUSH R14 MOV R14,param_1 MOV param_1,param_3 PUSH R13 MOV R13,param_3 PUSH R12 PUSH RBP MOVSXD RBP,param_2 PUSH RBX SUB RSP,0x8 CALL .plt:::strlen ;size_t strlen(char * __s) CMP RBP,RAX JL LAB_00135e08 MOV R15,RAX SUB RBP,RAX JS LAB_00135e08 XOR EBX,EBX JMP LAB_00135dd9 LAB_00135dd0: ADD RBX,0x1 CMP RBP,RBX JL LAB_00135e08 LAB_00135dd9: LEA R12,[R14 + RBX*0x1] MOV param_3,R15 MOV param_1,R13 MOV param_2,R12 CALL .plt:::g_ascii_strncasecmp ;undefined g_ascii_strncasecmp() TEST EAX,EAX JNZ LAB_00135dd0 LAB_00135def: ADD RSP,0x8 MOV RAX,R12 POP RBX POP RBP POP R12 POP R13 POP R14 POP R15 RET ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00135e08: XOR R12D,R12D JMP LAB_00135def ?? 0Fh Actual src: char *strcasestr_len(const char *haystack, int haystack_len, const char *needle) { gssize needle_len = (gssize)strlen(needle); int i; if (needle_len > haystack_len) return NULL; i = 0; while (i <= haystack_len - needle_len) { if (g_ascii_strncasecmp(needle, haystack + i, needle_len) == 0) return (char *)haystack + i; i++; } return NULL; } Predicted src: static void on_value (const char *name, const char *name, const char *name, const char *name) { const char *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name, *name); } } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined speechd_new() PUSH R12 XOR ECX,ECX XOR EDX,EDX LEA RSI,[.rodata:DAT_00102000] ;= 6Dh m PUSH RBP PUSH RBX MOV RBX,RDI LEA RDI,[.rodata:s_navit_00102005] ;= "navit" CALL .plt:::spd_open ;undefined spd_open() TEST RAX,RAX JZ LAB_001011d0 MOV EDI,0x8 MOV RBP,RAX CALL .plt:g_malloc ;undefined g_malloc() MOV R12,RAX TEST RAX,RAX JZ LAB_001011c3 MOVDQA XMM0,xmmword ptr [.data.rel.ro:speechd_meth] MOV qword ptr [RAX],RBP MOV ESI,0x1 MOV RDI,RBP MOVUPS xmmword ptr [RBX],XMM0 CALL .plt:::spd_set_punctuation ;undefined spd_set_punctuation() LAB_001011c3: MOV RAX,R12 POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_001011d0: XOR R12D,R12D POP RBX POP RBP MOV RAX,R12 POP R12 RET ?? 0Fh Actual src: static struct speech_priv *speechd_new(struct speech_methods *meth, struct attr **attrs, struct attr *attr) { struct speech_priv *this; SPDConnection *conn; conn = spd_open("navit","main",NULL,SPD_MODE_SINGLE); if (! conn) return NULL; this=g_new(struct speech_priv,1); if (this) { this->conn=conn; *meth=speechd_meth; spd_set_punctuation(conn, SPD_PUNCT_NONE); } return this; } Predicted src: static void set_init (GtkWidget *widget) { g_return_if_fail (widget!= NULL); g_object_set (G_OBJECT (widget), NULL); }