============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined Findjob_new() PUSH R12 MOV R12,RSI MOV ESI,0x1098 PUSH RBP MOV RBP,RDI MOV EDI,0x1 PUSH RBX CALL .plt:::calloc ;void * calloc(size_t __nmemb, size_t... MOV qword ptr [RBP],RAX TEST RAX,RAX JZ LAB_00124294 MOV qword ptr [RAX + 0x8],0x0 MOV RBX,RAX MOV RDI,R12 MOV qword ptr [RAX + 0x10],0x0 MOV RAX,0x100000000 MOV qword ptr [RBX + 0x18],RAX MOV qword ptr [RBX + 0x20],0x0 MOV dword ptr [RBX + 0x28],0x1 MOV qword ptr [RBX + 0x30],0x0 MOV qword ptr [RBX + 0x38],0x0 MOV qword ptr [RBX + 0x40],0x0 MOV dword ptr [RBX + 0x50],0x0 MOV qword ptr [RBX + 0x58],0x0 CALL .plt:::strdup ;char * strdup(char * __s) MOV qword ptr [RBX],RAX TEST RAX,RAX JZ LAB_00124280 MOV qword ptr [RBX + 0x60],0x0 XOR EDX,EDX LEA RDI,[RBX + 0x8] MOV R8D,0x2 MOV qword ptr [RBX + 0x68],0x0 LEA RCX,[.rodata:s_-find_001b5130+80] ;= "-find" MOV RSI,RBX MOV qword ptr [RBX + 0x70],0x0 MOV qword ptr [RBX + 0x78],0x0 MOV byte ptr [RBX + 0x84],0x0 MOV qword ptr [RBX + 0x1084],0x0 MOV qword ptr [RBX + 0x108c],0x0 CALL Exprnode_new ;undefined Exprnode_new() TEST EAX,EAX JLE LAB_00124280 MOV RAX,qword ptr [RBX + 0x8] MOV qword ptr [RBX + 0x10],RAX MOV EAX,0x1 LAB_00124276: POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00124280: MOV RDI,RBP XOR ESI,ESI CALL Findjob_destroy ;undefined Findjob_destroy() POP RBX MOV EAX,0xffffffff POP RBP POP R12 RET LAB_00124294: OR EAX,0xffffffff JMP LAB_00124276 ?? 0Fh Actual src: int Findjob_new(struct FindjoB **o, char *start_path, int flag) { struct FindjoB *m; int ret; m= *o= TSOB_FELD(struct FindjoB,1); if(m==NULL) return(-1); m->start_path= NULL; m->test_tree= NULL; m->cursor= NULL; m->invert= 0; m->use_shortcuts= 1; m->action= 0; /* print */ m->prune= 0; m->use_pattern= 1; m->target= NULL; /* a mere pointer, not managed memory */ m->text_2= NULL; /* a mere pointer, not managed memory */ m->user= 0; m->group= 0; m->type= 0; m->date= 0; m->start_path= strdup(start_path); if(m->start_path==NULL) goto failed; m->found_path= NULL; m->estim_upper_size= 0; m->estim_lower_size= 0; m->subjob= NULL; m->errmsg[0]= 0; m->errn= 0; m->match_count= 0; m->depth= 0; ret= Exprnode_new(&(m->test_tree), m, NULL, "-find", (m->use_shortcuts)<<1); if(ret<=0) goto failed; m->cursor= m->test_tree; return(1); failed:; Findjob_destroy(o, 0); return(-1); } Predicted src: int node_new(struct node *node, const char *name) { struct node *node; node = node_new(sizeof(struct node)); node->name = strdup(name); node->name = strdup(name); node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; node->name = NULL; return node; } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* ipv4_get_num_hosts(unsigned short, unsigned int*) * ;************************************************************************************************************************************************************ ;undefined ipv4_get_num_hosts(ushort param_1, uint * param_2) ;param_1 ushort DI ;param_2 uint * RSI PUSH RBX MOV EAX,0x2 MOV RBX,param_2 CMP param_1,0x1f JZ LAB_0012cecb MOV EAX,0x1 CMP param_1,0x20 JZ LAB_0012cecb MOV EAX,0xfffffffc TEST param_1,param_1 JZ LAB_0012cecb MOVZX param_1,param_1 MOV EAX,0x20 PXOR XMM1,XMM1 MOVSD XMM0,qword ptr [.rodata:DAT_0012e638] ;= 4000000000000000h SUB EAX,param_1 CVTSI2SD XMM1,EAX CALL .plt:::pow ;double pow(double __x, double __y) CVTTSD2SI RAX,XMM0 SUB EAX,0x2 LAB_0012cecb: MOV dword ptr [RBX],EAX XOR EAX,EAX POP RBX RET ?? 66h f Actual src: short int ipv4_get_num_hosts(unsigned short int pfxlen, unsigned int* num) { int hosts = 0; switch (pfxlen) { case 0: hosts = 0xFFFFFFFC; break; case 31: hosts = 2; break; case 32: hosts = 1; break; default: hosts = (unsigned int)pow(2, 32 - pfxlen) - 2; break; } *num = hosts; return 0; } Predicted src: int32_t get_num_num(unsigned int32_t *a, unsigned int32_t *b) { unsigned int32_t i; if (a == NULL) return -1; i = (unsigned int32_t)a[0]; i = (unsigned int32_t)a[1]; i = (unsigned int32_t)a[2]; i = (unsigned int32_t)a[3]; i = (unsigned int32_t)a[4]; i = (unsigned int32_t)a[5]; i = (unsigned int32_t)a[5]; return i; } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined L12add_form_to_node_list() ;local_20 undefined8 -20 PUSH R12 MOV R12,RDI PUSH RBP MOV RBP,RSI PUSH RBX SUB RSP,0x10 MOV RAX,qword ptr FS:[0x28] MOV qword ptr [RSP + local_20+0x28],RAX XOR EAX,EAX CALL .plt:::ecl_process_env ;undefined ecl_process_env() MOV RBX,RAX MOV RAX,RSP CMP qword ptr [RBX + 0x2e8],RAX JNC LAB_00129998 LAB_00129942: MOV RAX,qword ptr [.bss:VV] ;=?? MOV RDI,RBX MOV RSI,qword ptr [RAX + 0x218] CALL .plt:::ecl_function_dispatch ;undefined ecl_function_dispatch() MOV RSI,R12 MOV EDI,0x1 MOV R8,RAX XOR EAX,EAX CALL R8 MOV RSI,RBP MOV RDI,RAX CALL .plt:::ecl_cons ;undefined ecl_cons() MOV qword ptr [RBX + 0x8],0x1 MOV RDX,qword ptr [RSP + local_20+0x28] SUB RDX,qword ptr FS:[0x28] JNZ LAB_0012999f ADD RSP,0x10 POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 40h @ ?? 00h LAB_00129998: CALL .plt:::ecl_cs_overflow ;undefined ecl_cs_overflow() JMP LAB_00129942 LAB_0012999f: CALL .plt:::__stack_chk_fail ;undefined __stack_chk_fail() NOP dword ptr CS:[RAX + RAX*0x1] Actual src: static cl_object L12add_form_to_node_list(cl_object v1form, cl_object v2list) { cl_object T0; cl_object env0 = ECL_NIL; const cl_env_ptr cl_env_copy = ecl_process_env(); cl_object value0; ecl_cs_check(cl_env_copy,value0); { TTL: T0 = ecl_function_dispatch(cl_env_copy,VV[67])(1, v1form) /* C1FORM-PARENTS */; value0 = CONS(T0,v2list); cl_env_copy->nvalues = 1; return value0; } } Predicted src: static cl_object LC4__lambda6(cl_object v1stream, cl_object v2stream) { cl_object env0 = ECL_NIL; const cl_env_ptr cl_env_copy = ecl_process_env(); cl_object value0; ecl_cs_check(cl_env_copy,value0); { TTL: value0 = ecl_function_dispatch(cl_env_copy,VV[6]); value0 = ecl_function_dispatch(cl_env_copy,VV[6]); return value0; } } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined allocate_row() PUSH RBX MOV RAX,qword ptr [RDI] MOV RBX,RDI LEA RDI,[RAX + 0x10] CALL .plt:shash_count ;undefined shash_count() MOV R8,RAX MOV RAX,qword ptr [RBX] LEA RDX,[R8 + R8*0x2] MOV RAX,qword ptr [RAX + 0x38] SHL RAX,0x4 LEA RDI,[RAX + RDX*0x8 + 0x48] CALL .plt:xmalloc ;undefined xmalloc() LEA RDX,[RAX + 0x20] MOV qword ptr [RAX + 0x10],RBX MOV qword ptr [RAX + 0x20],RDX MOV qword ptr [RAX + 0x28],RDX LEA RDX,[RAX + 0x30] MOV qword ptr [RAX + 0x18],0x0 MOV qword ptr [RAX + 0x30],RDX MOV qword ptr [RAX + 0x38],RDX MOV qword ptr [RAX + 0x40],0x0 POP RBX RET ?? 66h f Actual src: static struct ovsdb_row * allocate_row(const struct ovsdb_table *table) { size_t n_fields = shash_count(&table->schema->columns); size_t n_indexes = table->schema->n_indexes; size_t row_size = (offsetof(struct ovsdb_row, fields) + sizeof(struct ovsdb_datum) * n_fields + sizeof(struct hmap_node) * n_indexes); struct ovsdb_row *row = xmalloc(row_size); row->table = CONST_CAST(struct ovsdb_table *, table); row->txn_row = NULL; ovs_list_init(&row->src_refs); ovs_list_init(&row->dst_refs); row->n_refs = 0; return row; } Predicted src: static struct ovsdb_row * row_row_count(struct ovsdb_row *row) { struct ovsdb_row *row = xmalloc(sizeof *row); row->row = xmalloc(sizeof *row->row); row->row = xmalloc(sizeof *row->row); row->count = 0; row->count = 0; row->count = 0; row->count = 0; row->count = 0; row->count = 0; row->count = 0; return row; } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined V_FillRect8() PUSH R14 MOVSXD RSI,ESI MOVSXD R14,ECX PUSH R13 PUSH R12 PUSH RBP LEA RBP,[.bss:screens] PUSH RBX MOVSXD RBX,EDI SHL RBX,0x5 LEA RAX,[RBP + RBX*0x1] IMUL EDX,dword ptr [RAX + 0x14]=>.bss:screens[20] MOVSXD RDX,EDX LEA RCX,[RDX + RSI*0x1] ADD RCX,qword ptr [RAX]=>.bss:screens TEST R8D,R8D JZ LAB_001f36cf LEA R12D,[R8 + -0x1] MOVZX R13D,R9B NOP dword ptr [RAX] LAB_001f36b0: MOV RDI,RCX MOV RDX,R14 MOV ESI,R13D CALL .plt:::memset ;void * memset(void * __s, int __c, s... MOV RCX,RAX MOVSXD RAX,dword ptr [RBP + RBX*0x1 + 0x14]=>.bss:screens[20] ADD RCX,RAX SUB R12D,0x1 JNC LAB_001f36b0 LAB_001f36cf: POP RBX POP RBP POP R12 POP R13 POP R14 RET ?? 0Fh Actual src: static void V_FillRect8(int scrn, int x, int y, int width, int height, byte colour) { byte* dest = screens[scrn].data + x + y*screens[scrn].byte_pitch; while (height--) { memset(dest, colour, width); dest += screens[scrn].byte_pitch; } } Predicted src: void s_s(int x, int y, int width, int height) { int i; for (i = 0; i < width; i++) s[i] = x[i]; }