============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined soup_message_get_priority() PUSH RBX MOV RBX,RDI CALL .plt:soup_message_get_type ;undefined soup_message_get_type() TEST RBX,RBX JZ LAB_00146720 MOV RSI,RAX MOV RAX,qword ptr [RBX] TEST RAX,RAX JZ LAB_001466fe CMP qword ptr [RAX],RSI JZ LAB_0014670a LAB_001466fe: MOV RDI,RBX CALL .plt:::g_type_check_instance_is_a ;undefined g_type_check_instance_is_a() TEST EAX,EAX JZ LAB_00146720 LAB_0014670a: MOVSXD RAX,dword ptr [.bss:SoupMessage_private_offset] ;=?? MOV EAX,dword ptr [RBX + RAX*0x1 + 0x98] POP RBX RET ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00146720: LEA RDX,[.rodata:s_SOUP_IS_MESSAGE_(msg)_00173fcf] ;= "SOUP_IS_MESSAGE (msg)" LEA RSI,[.rodata:__func__.0] ;= "soup_message_get_priority" LEA RDI,[.rodata:s_libsoup_00173a36] ;= "libsoup" CALL .plt:::g_return_if_fail_warning ;undefined g_return_if_fail_warning() MOV EAX,0x2 POP RBX RET ?? 66h f Actual src: SoupMessagePriority soup_message_get_priority (SoupMessage *msg) { SoupMessagePrivate *priv; g_return_val_if_fail (SOUP_IS_MESSAGE (msg), SOUP_MESSAGE_PRIORITY_NORMAL); priv = soup_message_get_instance_private (msg); return priv->priority; } Predicted src: guint message_get_message (AsMessage *message) { AsMessagePrivate *priv = GET_PRIVATE (message); g_return_val_if_fail (IS_MESSAGE (message), 0); return priv->message; } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined ltks_rsp() SUB RSP,0x8 TEST DIL,DIL JZ LAB_001105b8 MOVZX ESI,DIL LEA RDX,[.rodata:s__00131096] ;= "" CMP DIL,0x15 JA LAB_00110598 MOVSXD RAX,ESI LEA RDX,[.data.rel.ro:mgmt_status] MOV RDX=>.data.rel.ro:mgmt_status,qword ptr [RDX + RAX*0x8] LAB_00110598: LEA RDI,[.rodata:DAT_00133660] ;= 01h XOR EAX,EAX CALL bt_shell_printf ;undefined bt_shell_printf(undefined... XOR EDI,EDI ADD RSP,0x8 JMP bt_shell_noninteractive_quit ;undefined bt_shell_noninteractive_qu... ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_001105b8: LEA RDI,[.rodata:s_Long_term_keys_successfully_load_001336a0] ;= "Long term keys successfully loade... XOR EAX,EAX CALL bt_shell_printf ;undefined bt_shell_printf(undefined... XOR EDI,EDI ADD RSP,0x8 JMP bt_shell_noninteractive_quit ;undefined bt_shell_noninteractive_qu... ?? 66h f Actual src: static void ltks_rsp(uint8_t status, uint16_t len, const void *param, void *user_data) { if (status!= 0) error("Load keys failed with status 0x%02x (%s)", status, mgmt_errstr(status)); else print("Long term keys successfully loaded"); bt_shell_noninteractive_quit(EXIT_SUCCESS); } Predicted src: static void status_status_cb (int argc, char **argv) { if (argc!= 2) { if (argc!= 2) printf ("status_status_status_cb\n"); else printf ("status_status_status_cb\n"); else printf ("status_status_status_cb\n"); else printf ("status_status_status_cb\n"); } else { printf ("status_status_status_cb\n"); printf ("status_status_status_cb\n"); } } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined gdm_dbus_chooser_skeleton_init() PUSH RBX MOV RBX,RDI MOVSXD RDI,dword ptr [.bss:GdmDBusChooserSkeleton_private_offset] ADD RDI,RBX MOV qword ptr [RBX + 0x20],RDI ADD RDI,0x20 CALL .plt:::g_mutex_init ;undefined g_mutex_init() MOV RBX,qword ptr [RBX + 0x20] CALL .plt:::g_main_context_ref_thread_default ;undefined g_main_context_ref_thread_... MOV qword ptr [RBX + 0x18],RAX POP RBX RET ?? 66h f Actual src: static void gdm_dbus_chooser_skeleton_init (GdmDBusChooserSkeleton *skeleton) { #if GLIB_VERSION_MAX_ALLOWED >= GLIB_VERSION_2_38 skeleton->priv = gdm_dbus_chooser_skeleton_get_instance_private (skeleton); #else skeleton->priv = G_TYPE_INSTANCE_GET_PRIVATE (skeleton, GDM_DBUS_TYPE_CHOOSER_SKELETON, GdmDBusChooserSkeletonPrivate); #endif g_mutex_init (&skeleton->priv->lock); skeleton->priv->context = g_main_context_ref_thread_default (); } Predicted src: static void phosh_dbus_manager_skeleton_init (GObject *skeleton) { #if GLIB_VERSION_MAX_ALLOWED >= GLIB_VERSION_2_38 skeleton->priv = G_TYPE_INSTANCE_GET_PRIVATE (skeleton, GdmSkeletonPrivate); #else skeleton->priv = G_TYPE_INSTANCE_GET_PRIVATE (skeleton, GdmSkeletonPrivate); #endif g_mutex_init (&skeleton->priv->lock); skeleton->priv->context = g_main_context_ref_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread_thread ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* RGWGetBucketPolicyStatus_ObjStore_S3::send_response() * ;************************************************************************************************************************************************************ ;undefined send_response(RGWGetBucketPolicyStatus_ObjStore_S3 * this) ;this RGWGetBucke... RDI PUSH RBX MOV ESI,dword ptr [this + 0x70] MOV RBX,this TEST ESI,ESI JNZ LAB_00902160 LAB_0090209f: MOV this,qword ptr [RBX + 0x8] CALL dump_errno ;undefined dump_errno(req_state * par... MOV this,qword ptr [RBX + 0x8] XOR R9D,R9D XOR R8D,R8D MOV RCX,-0x1 LEA RDX,[.rodata:s_application/xml_00be3a9c] ;= "application/xml" MOV RSI,RBX CALL end_header ;undefined end_header(req_state * par... MOV this,qword ptr [RBX + 0x8] CALL dump_start ;undefined dump_start(req_state * par... MOV RAX,qword ptr [RBX + 0x8] LEA RCX,[.rodata:s_http://s3.amazonaws.com/doc/2006_00bba808] ;= "http://s3.amazonaws.com/doc/2006-... MOV ESI,0xc LEA RDX,[.rodata:s_PolicyStatus_00c1d571+12] ;= "PolicyStatus" MOV this,qword ptr [RAX + 0x28] MOV RAX,qword ptr [this] CALL qword ptr [RAX + 0x58] MOV RAX,qword ptr [RBX + 0x8] MOVZX ECX,byte ptr [RBX + 0x74] MOV this,qword ptr [RAX + 0x28] MOV R9,qword ptr [this] MOV RAX,qword ptr [R9 + 0x88] CMP RAX,qword ptr [->ceph::Formatter::dump_bool] ;= 004e9af0 JNZ LAB_00902170 TEST CL,CL LEA RAX,[.rodata:s_false_00b9dbb7] ;= "false" LEA R8,[.rodata:DAT_00ba59e0] ;= 74h MOV ESI,0x8 CMOVZ R8,RAX LEA RCX,[.rodata:s_%s_00c380b4+25] ;= "%s" LEA RDX,[.rodata:s_IsPublic_00bfb2e5] ;= "IsPublic" XOR EAX,EAX CALL qword ptr [R9 + 0xb0] LAB_00902141: MOV RAX,qword ptr [RBX + 0x8] MOV this,qword ptr [RAX + 0x28] MOV RAX,qword ptr [this] CALL qword ptr [RAX + 0x60] MOV this,qword ptr [RBX + 0x8] POP RBX MOV RSI,qword ptr [this + 0x28] JMP rgw_flush_formatter_and_reset ;undefined rgw_flush_formatter_and_re... ?? 0Fh ?? 1Fh ?? 00h LAB_00902160: MOV this,qword ptr [this + 0x8] CALL set_req_state_err ;undefined set_req_state_err(req_stat... JMP LAB_0090209f ?? 66h f ?? 90h LAB_00902170: MOV ESI,0x8 LEA RDX,[.rodata:s_IsPublic_00bfb2e5] ;= "IsPublic" CALL RAX JMP LAB_00902141 ;************************************************************************************************************************************************************ ;*boost::date_time::date::TEMPNAMEPLACEHOLDERVALUE(boost::gr...* ;************************************************************************************************************************************************************ ;undefined operator-(date * this, date * param_1) ;this dateformatter->open_object_section_in_ns("PolicyStatus", XMLNS_AWS_S3); // https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETPolicyStatus.html // mentions TRUE and FALSE, but boto/aws official clients seem to want lower // case which is returned by AWS as well; so let's be bug to bug compatible // with the API s->formatter->dump_bool("IsPublic", isPublic); s->formatter->close_section(); rgw_flush_formatter_and_reset(s, s->formatter); } Predicted src: void on_time_t::on_time_start() { if (m_time_t_time) m_time_t_time = m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time->m_time-> ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined AICast_TravEntityForName() PUSH R12 PUSH RBP MOV RBP,RSI PUSH RBX TEST RDI,RDI JZ LAB_00126120 LEA RAX,[.bss:g_entities] ;=?? LEA R12,[RDI + 0x670] LAB_001260ae: MOVSXD RBX,dword ptr [.bss:aicast_maxclients] ;=?? IMUL RBX,RBX,0x670 ADD RBX,RAX CMP R12,RBX JNC LAB_0012610c LAB_001260c4: MOV EAX,dword ptr [R12 + 0x2b0] TEST EAX,EAX JZ LAB_00126100 CMP qword ptr [R12 + 0x2a8],0x0 JZ LAB_00126100 MOV RDI,qword ptr [R12 + 0x4d8] TEST RDI,RDI JZ LAB_00126100 MOV RSI,RBP CALL .plt:::strcmp ;int strcmp(char * __s1, char * __s2) TEST EAX,EAX JNZ LAB_00126100 MOV RAX,R12 POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 40h @ ?? 00h LAB_00126100: ADD R12,0x670 CMP R12,RBX JC LAB_001260c4 LAB_0012610c: XOR R12D,R12D POP RBX POP RBP MOV RAX,R12 POP R12 RET ?? 66h f ?? 0Fh ;? -> 00841f0f ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00126120: LEA RAX,[.bss:g_entities] ;=?? MOV R12,RAX JMP LAB_001260ae ?? 90h Actual src: gentity_t *AICast_TravEntityForName( gentity_t *startent, char *name ) { gentity_t *trav; if (!startent ) { trav = g_entities; } else { trav = startent + 1; } for ( ; trav < g_entities + aicast_maxclients; trav++ ) { if (!trav->inuse ) { continue; } if (!trav->client ) { continue; } if (!trav->aiName ) { continue; } if ( strcmp( trav->aiName, name ) ) { continue; } return trav; } return NULL; } Predicted src: const char *g_strcmp(const char *s) { if (!strcmp(s, s)) return NULL; if (!strcmp(s, s)) return NULL; return s; }