============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined md_cert_has_expired() SUB RSP,0x8 MOV RDI,qword ptr [RDI + 0x8] CALL .plt:::X509_getm_notAfter ;undefined X509_getm_notAfter() MOV RDI,RAX CALL .plt:::X509_cmp_current_time ;int X509_cmp_current_time(ASN1_TIME... TEST EAX,EAX SETLE AL ADD RSP,0x8 MOVZX EAX,AL RET ?? 66h f Actual src: int md_cert_has_expired(const md_cert_t *cert) { return (X509_cmp_current_time(X509_get_notAfter(cert->x509)) <= 0); } Predicted src: int X509_X509_get_X509_X509_get_X509_X509_X509_X509_X509(X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509_X509X509_X509_X509_X509_X509_X509_X509X509X509_X509_X509_X509X509_X509_X509X509X509_X509_X509X509X509_X509X509_X509X509X509X509X509X509X509X509X509X509_X509509X509509X509X509X509X509X509X509509X509X509X509X509X509X509X509509X509X509X509X509X509X509X509X509X509509X509X509509X509X509X509X509509X509509X509X509X509509X509X509X509X509X509X509X509X509X509509X509509X509X509X509X509X509509X509509X509509509X509509X509X509509X509509X509509509509X509509509X509509X509509509509X509X509509509X509509509509509509X50950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950950 ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined norm0() MOVSD XMM0,qword ptr [.rodata:DAT_00102008] DIVSD XMM0,qword ptr [RDI] MOVSD qword ptr [RSI],XMM0 TEST EDX,EDX JLE LAB_001013a6 MOVSXD RDX,EDX JMP LAB_00101394 ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00101390: MOVSD XMM0,qword ptr [RSI] LAB_00101394: MULSD XMM0,qword ptr [RDI + RDX*0x8] MOVSD qword ptr [RSI + RDX*0x8],XMM0 SUB RDX,0x1 TEST EDX,EDX JG LAB_00101390 LAB_001013a6: RET ?? 66h f Actual src: void norm0(double *x, double *y, int m) { y[0] = 1 / x[0]; for (; m >= 1; m--) y[m] = x[m] * y[0]; return; } Predicted src: static void set_double(double *x, double *x, double *y) { double *x = x[0]; double *x = x[1]; double *x = x[2]; } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* ONScripter::brCommand() * ;************************************************************************************************************************************************************ ;undefined brCommand(ONScripter * this) ;this ONScripter * RDI PUSH R12 MOV ESI,0x1 PUSH RBP PUSH RBX MOV RBX,this CALL ONScripter::enterTextDisplayMode ;undefined enterTextDisplayMode(ONScr... LEA this,[RBX + 0xcb8] CALL FontInfo::newLine ;undefined newLine(FontInfo * this) MOV RBX,qword ptr [RBX + 0xbf8] MOVSXD RDX,dword ptr [RBX + 0x1c] MOV this,dword ptr [RBX + 0x18] CMP EDX,this JGE LAB_00124540 MOV RBP,qword ptr [RBX + 0x10] LAB_00124523: LEA EAX,[RDX + 0x1] MOV dword ptr [RBX + 0x1c],EAX MOV EAX,0x2 MOV byte ptr [RBP + RDX*0x1],0xa POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00124540: ADD this,this MOVSXD this,this CALL .plt:::operator.new[] ;void * operator.new[](ulong param_1) MOV R12,qword ptr [RBX + 0x10] MOVSXD RDX,dword ptr [RBX + 0x18] MOV this,RAX MOV RBP,RAX MOV RSI,R12 CALL .plt:::memcpy ;void * memcpy(void * __dest, void *... MOV this,R12 CALL .plt:::operator.delete[] ;void operator.delete[](void * param_1) MOV qword ptr [RBX + 0x10],RBP MOVSXD RDX,dword ptr [RBX + 0x1c] SHL dword ptr [RBX + 0x18],1 JMP LAB_00124523 ?? 90h Actual src: int ONScripter::brCommand() { enterTextDisplayMode(); sentence_font.newLine(); current_page->add( 0x0a ); return RET_CONTINUE; } Predicted src: void CInfoInfo::reset() { if (m_p) { m_p[m_p] = 0; m_p[m_p] = 0; } } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined sge_generic_cal() PUSH R13 MOV ESI,0x1 PUSH R12 MOV R12,RDI XOR EDI,EDI SUB RSP,0x8 CALL rmon_condition ;undefined rmon_condition() TEST EAX,EAX JNZ LAB_00271be8 LAB_00271b9b: LEA RDI,[.data:CAL_Type] CALL lCreateElem ;undefined lCreateElem() TEST R12,R12 MOV ESI,0x2256a MOV R13,RAX LEA RAX,[.rodata:s_template_00282aed+6] ;= "template" CMOVZ R12,RAX MOV RDI,R13 MOV RDX,R12 CALL lSetString ;undefined lSetString() XOR EDI,EDI MOV ESI,0x1 CALL rmon_condition ;undefined rmon_condition() TEST EAX,EAX JNZ LAB_00271c08 LAB_00271bd8: ADD RSP,0x8 MOV RAX,R13 POP R12 POP R13 RET ?? 0Fh ?? 1Fh ?? 40h @ ?? 00h LAB_00271be8: CALL cl_thread_get_thread_config ;undefined cl_thread_get_thread_config() TEST RAX,RAX JZ LAB_00271c40 MOV RSI,qword ptr [RAX] LEA RDI,[.rodata:SGE_FUNC.1] ;= "sge_generic_cal" CALL rmon_menter ;undefined rmon_menter() JMP LAB_00271b9b ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00271c08: CALL cl_thread_get_thread_config ;undefined cl_thread_get_thread_config() TEST RAX,RAX JZ LAB_00271c58 MOV RCX,qword ptr [RAX] MOV EDX,0xa1f LEA RSI,[.rodata:s_../libs/sgeobj/sge_calendar.c_002a0a39] ;= "../libs/sgeobj/sge_calendar.c" LEA RDI,[.rodata:SGE_FUNC.1] ;= "sge_generic_cal" CALL rmon_mexit ;undefined rmon_mexit() ADD RSP,0x8 MOV RAX,R13 POP R12 POP R13 RET ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00271c40: XOR ESI,ESI LEA RDI,[.rodata:SGE_FUNC.1] ;= "sge_generic_cal" CALL rmon_menter ;undefined rmon_menter() JMP LAB_00271b9b ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00271c58: XOR ECX,ECX MOV EDX,0xa1f LEA RSI,[.rodata:s_../libs/sgeobj/sge_calendar.c_002a0a39] ;= "../libs/sgeobj/sge_calendar.c" LEA RDI,[.rodata:SGE_FUNC.1] ;= "sge_generic_cal" CALL rmon_mexit ;undefined rmon_mexit() JMP LAB_00271bd8 ?? 66h f Actual src: lListElem* sge_generic_cal(char *cal_name) { lListElem *calp; DENTER(TOP_LAYER, "sge_generic_cal"); calp = lCreateElem(CAL_Type); lSetString(calp, CAL_name, cal_name?cal_name:"template"); DRETURN(calp); } Predicted src: static void config_config_get_config (void) { config_config_t *config; config_config_config_t *config; config_config_config_t *config; config = (config_config_config_config_t *)config; config = (config_config_config_config_config_config_get_config (config, "config"); config = (config_config_config_config_config_config_config_config_get_config (config, "config"); config = (config_config_config_config_config_config_config_config_config_get_config (config, "config"); config = (config_config_config_config_config_config_config_config_config_config_config_config_config_config_config (config, "config"); config = (config_config_config_config_config_config_config_config_config_config_config_config_config_config_config_config_config_config (config, "config"); config_config_config_config_config_config_config_config_config_config_config_config_config_config_config (config, "config-config"); config_config_config_config_config_config_config_config_config_config_config_config_config_config_config_config (config, "config", "config-config", "config-config", "config", "config", "config-config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config", "config" ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined _proxy__wrap_new_hamlib_port_post_write_date() PUSH RBP MOV ESI,0x1 MOV RBP,RDI CALL .plt:lua_type ;undefined lua_type() CMP EAX,0x5 JNZ LAB_001243a6 XOR EDX,EDX LEA RSI,[_wrap_new_hamlib_port_post_write_date] MOV RDI,RBP CALL .plt:lua_pushcclosure ;undefined lua_pushcclosure() MOV ESI,0xffffffff MOV RDI,RBP CALL .plt:lua_type ;undefined lua_type() TEST EAX,EAX JZ LAB_001243c5 MOV ESI,0x1 MOV RDI,RBP CALL .plt:lua_replace ;undefined lua_replace() MOV RDI,RBP CALL .plt:lua_gettop ;undefined lua_gettop() MOV RDI,RBP XOR R8D,R8D XOR ECX,ECX LEA ESI,[RAX + -0x1] MOV EDX,0x1 CALL .plt:lua_callk ;undefined lua_callk() MOV EAX,0x1 POP RBP RET LAB_001243a6: LEA RCX,[.rodata:__PRETTY_FUNCTION__.54] ;= "_proxy__wrap_new_hamlib_port_post... MOV EDX,0x5576 LEA RSI,[.rodata:s_hamliblua_wrap.c_001d2000] ;= "hamliblua_wrap.c" LEA RDI,[.rodata:s_lua_istable(L,1)_001d2096] ;= "lua_istable(L,1)" CALL .plt:::__assert_fail ;void __assert_fail(char * __assertio... LAB_001243c5: LEA RCX,[.rodata:__PRETTY_FUNCTION__.54] ;= "_proxy__wrap_new_hamlib_port_post... MOV EDX,0x5578 LEA RSI,[.rodata:s_hamliblua_wrap.c_001d2000] ;= "hamliblua_wrap.c" LEA RDI,[.rodata:s_!lua_isnil(L,-1)_001d20a7] ;= "!lua_isnil(L,-1)" CALL .plt:::__assert_fail ;void __assert_fail(char * __assertio... NOP dword ptr CS:[RAX + RAX*0x1] Actual src: static int _proxy__wrap_new_hamlib_port_post_write_date(lua_State *L) { assert(lua_istable(L,1)); lua_pushcfunction(L,_wrap_new_hamlib_port_post_write_date); assert(!lua_isnil(L,-1)); lua_replace(L,1); /* replace our table with real constructor */ lua_call(L,lua_gettop(L)-1,1); return 1; } Predicted src: static int lua_lua_lua_lua_lua_lua_lua_lua (lua_State *L) { lua_lua_lua_lua_lua_lua_lua_State *L; lua_lua_lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua(L, 1); lua_lua_lua_lua_lua_lua_lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua, 1); lua_lua_lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua, 1); lua_lua_lua_lua_lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua); lua(lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua_lua