============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined crashhandlerOptionsInitDisplay() ;local_1c undefined4 -1c PUSH R12 MOV EDI,0x1 MOV R12,RSI MOV ESI,0x1a8 PUSH RBP SUB RSP,0x18 CALL .plt:::calloc ;void * calloc(size_t __nmemb, size_t... TEST RAX,RAX JZ LAB_00102aa8 MOV RDI,R12 MOV RBP,RAX CALL .plt:allocateScreenPrivateIndex ;undefined allocateScreenPrivateIndex() MOV dword ptr [RBP],EAX TEST EAX,EAX JS LAB_00102a78 MOVSXD RDX,dword ptr [.bss:CrashhandlerOptionsDisplayPrivateIndex] ;=?? MOV RAX,qword ptr [R12 + 0x8] MOV RDI,R12 LEA RCX,[RBP + 0x8] MOV R8D,0x4 LEA RSI,[.bss:crashhandlerOptionsMetadata] ;=?? MOV qword ptr [RAX + RDX*0x8],RBP LEA RDX,[.data.rel.ro:crashhandlerOptionsDisplayOptionInfo] CALL .plt:compInitDisplayOptionsFromMetadata ;undefined compInitDisplayOptionsFrom... TEST EAX,EAX JZ LAB_00102a90 MOV EAX,0x1 LAB_00102a6d: ADD RSP,0x18 POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 00h LAB_00102a78: MOV RDI,RBP CALL .plt:::free ;void free(void * __ptr) ADD RSP,0x18 XOR EAX,EAX POP RBP POP R12 RET ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00102a90: MOV RDI,RBP MOV dword ptr [RSP + local_1c+0x28],EAX CALL .plt:::free ;void free(void * __ptr) MOV EAX,dword ptr [RSP + local_1c+0x28] ADD RSP,0x18 POP RBP POP R12 RET LAB_00102aa8: XOR EAX,EAX JMP LAB_00102a6d ?? 0Fh Actual src: static Bool crashhandlerOptionsInitDisplay (CompPlugin *p, CompDisplay *d) { CrashhandlerOptionsDisplay *od; od = calloc (1, sizeof(CrashhandlerOptionsDisplay)); if (!od) return FALSE; od->screenPrivateIndex = allocateScreenPrivateIndex(d); if (od->screenPrivateIndex < 0) { free(od); return FALSE; } d->base.privates[CrashhandlerOptionsDisplayPrivateIndex].ptr = od; if (!compInitDisplayOptionsFromMetadata (d, &crashhandlerOptionsMetadata, crashhandlerOptionsDisplayOptionInfo, od->opt, CrashhandlerDisplayOptionNum)) { free (od); return FALSE; } return TRUE; } Predicted src: static Bool freeOptionsFiniDisplayOptions (CompPlugin *p, CompDisplay *d) { int i; if (!od) return FALSE; if (!od->base.privates) return FALSE; for (i = 0; i < 2; i++) { freeDisplayPrivateIndex (od->base.privates[i]); free (od); return TRUE; } return TRUE; } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined gfal2_bring_online_poll_list() PUSH R14 MOV R14,RCX PUSH R13 MOV R13D,ESI MOV RSI,R8 PUSH R12 MOV R12,RDX PUSH RBP MOV RBP,RDI PUSH RBX MOV RBX,R8 CALL .plt:gfal2_start_scope_cancel ;undefined gfal2_start_scope_cancel() TEST EAX,EAX JS LAB_0011121e TEST R12,R12 JZ LAB_001111c8 CMP qword ptr [R12],0x0 JZ LAB_001111c8 TEST RBP,RBP JZ LAB_001111c8 MOV RDX,R12 MOV R8,RBX MOV RCX,R14 MOV ESI,R13D MOV RDI,RBP CALL .plt:gfal_plugin_bring_online_poll_listG ;undefined gfal_plugin_bring_online_p... MOV R12D,EAX JMP LAB_0011120a ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_001111c8: TEST R13D,R13D JLE LAB_00111204 LEA EAX,[R13 + -0x1] LEA R12,[.rodata:s_context_or/and_urls_are_incorrec_00117e00] ;= "context or/and urls are incorrect... LEA R13,[RBX + RAX*0x8 + 0x8] NOP dword ptr [RAX] LAB_001111e0: XOR EAX,EAX CALL .plt:gfal2_get_core_quark ;undefined gfal2_get_core_quark() MOV RDI,RBX MOV RCX=>.rodata:s_context_or/and_urls_are_incorrec_00117e00,R12 ;= "context or/and urls are incorrect... MOV EDX,0xe MOV ESI,EAX ADD RBX,0x8 XOR EAX,EAX CALL .plt:::g_set_error ;undefined g_set_error() CMP RBX,R13 JNZ LAB_001111e0 LAB_00111204: MOV R12D,0xffffffff LAB_0011120a: MOV RDI,RBP CALL .plt:gfal2_end_scope_cancel ;undefined gfal2_end_scope_cancel() LAB_00111212: POP RBX MOV EAX,R12D POP RBP POP R12 POP R13 POP R14 RET LAB_0011121e: MOV R12D,0xffffffff JMP LAB_00111212 ?? 66h f Actual src: int gfal2_bring_online_poll_list(gfal2_context_t context, int nbfiles, const char *const *urls, const char *token, GError **errors) { int res = -1; GFAL2_BEGIN_SCOPE_CANCEL(context, -1, errors); if (urls == NULL || *urls == NULL || context == NULL) { int i; for (i = 0; i < nbfiles; ++i) { g_set_error(&errors[i], gfal2_get_core_quark(), EFAULT, "context or/and urls are incorrect arguments"); } res = -1; } else { res = gfal_plugin_bring_online_poll_listG(context, nbfiles, urls, token, errors); } GFAL2_END_SCOPE_CANCEL(context); return res; } Predicted src: static gboolean plugin_start_start_func (gpointer user_data) { gpointer user_data; gpointer user_data; gpointer user_data; gpointer user_data; gpointer user_data; gpointer user_data; gpointer user_data; gpointer user_data; gpointer user_data; user_data = user_data; user_data = user_data; user_data = user_data; for (user_data = user_data; user_data!= NULL; user_data = user_data->next) { if (!plugin_set_start_context (plugin_get_context (plugin_get_context (plugin_get_context (plugin_get_context (plugin_get_context (plugin_get_context (plugin_get_context (plugin_get_context))); if (!plugin_set_start_context (plugin_get_context (plugin_get_context (plugin_get_context (plugin_get_context))) return FALSE; } return TRUE; } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined xdr_virNetMessageError() PUSH RBP MOV RBP,RDI PUSH RBX MOV RBX,RSI SUB RSP,0x8 CALL .plt.got:::xdr_int ;bool_t xdr_int(XDR * __xdrs, int * _... TEST EAX,EAX JNZ LAB_002d7370 LAB_002d7365: XOR EAX,EAX LAB_002d7367: ADD RSP,0x8 POP RBX POP RBP RET ?? 66h f ?? 90h LAB_002d7370: LEA RSI,[RBX + 0x4] MOV RDI,RBP CALL .plt.got:::xdr_int ;bool_t xdr_int(XDR * __xdrs, int * _... TEST EAX,EAX JZ LAB_002d7365 LEA RSI,[RBX + 0x8] MOV RDI,RBP CALL .plt:xdr_virNetMessageString ;undefined xdr_virNetMessageString() TEST EAX,EAX JZ LAB_002d7365 LEA RSI,[RBX + 0x10] MOV RDI,RBP CALL .plt.got:::xdr_int ;bool_t xdr_int(XDR * __xdrs, int * _... TEST EAX,EAX JZ LAB_002d7365 LEA RSI,[RBX + 0x18] MOV RDI,RBP CALL .plt:xdr_virNetMessageDomain ;undefined xdr_virNetMessageDomain() TEST EAX,EAX JZ LAB_002d7365 LEA RSI,[RBX + 0x20] MOV RDI,RBP CALL .plt:xdr_virNetMessageString ;undefined xdr_virNetMessageString() TEST EAX,EAX JZ LAB_002d7365 LEA RSI,[RBX + 0x28] MOV RDI,RBP CALL .plt:xdr_virNetMessageString ;undefined xdr_virNetMessageString() TEST EAX,EAX JZ LAB_002d7365 LEA RSI,[RBX + 0x30] MOV RDI,RBP CALL .plt:xdr_virNetMessageString ;undefined xdr_virNetMessageString() TEST EAX,EAX JZ LAB_002d7365 LEA RSI,[RBX + 0x38] MOV RDI,RBP CALL .plt.got:::xdr_int ;bool_t xdr_int(XDR * __xdrs, int * _... TEST EAX,EAX JZ LAB_002d7365 LEA RSI,[RBX + 0x3c] MOV RDI,RBP CALL .plt.got:::xdr_int ;bool_t xdr_int(XDR * __xdrs, int * _... TEST EAX,EAX JZ LAB_002d7365 LEA RSI,[RBX + 0x40] MOV RDI,RBP CALL .plt:xdr_virNetMessageNetwork ;undefined xdr_virNetMessageNetwork() TEST EAX,EAX SETNZ AL MOVZX EAX,AL JMP LAB_002d7367 ?? 66h f Actual src: bool_t xdr_virNetMessageError (XDR *xdrs, virNetMessageError *objp) { if (!xdr_int (xdrs, &objp->code)) return FALSE; if (!xdr_int (xdrs, &objp->domain)) return FALSE; if (!xdr_virNetMessageString (xdrs, &objp->message)) return FALSE; if (!xdr_int (xdrs, &objp->level)) return FALSE; if (!xdr_virNetMessageDomain (xdrs, &objp->dom)) return FALSE; if (!xdr_virNetMessageString (xdrs, &objp->str1)) return FALSE; if (!xdr_virNetMessageString (xdrs, &objp->str2)) return FALSE; if (!xdr_virNetMessageString (xdrs, &objp->str3)) return FALSE; if (!xdr_int (xdrs, &objp->int1)) return FALSE; if (!xdr_int (xdrs, &objp->int2)) return FALSE; if (!xdr_virNetMessageNetwork (xdrs, &objp->net)) return FALSE; return TRUE; } Predicted src: bool_t xdr_xdr_int (XDR *xdrs, xdr_int *objp) { register int32_t *buf; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int)) return FALSE; if (!xdr_int (xdrs, &objp->u_int (xdrs, &objp->u_int)) return FALSE); if (!xdr_int (xdrs, &objp->u_int) return FALSE; if (!xdr_int (xdrs, &objp->u_int (xdrs, &objp->u_int)) return FALSE); if (!xdr_int (xdrs, &objp->u_int (xdrs, &objp->u_int)) return FALSE); return FALSE; if (!xdr_int (xdrs, &objp->u_int (xdrs, &objp->u_int); if (!xdr_int (xdrs, &objp->u_int (xdrs, &objp->u_int)) return FALSE); if (!xdr_int (xdrs, &objp->u_u_int) return FALSE); if (!xdr_int (xdrs, &objp->u_int (xdrs, &objp->u_int (xdrs, &objp->u_u_int)) return FALSE); return FALSE); if (!xdr_int (xdrs, &objp->u_u_int (xdrs, &objp->u_u_int (xdrs, &objp->u_u_int); if (!xdr_int (xdrs, &objp->u_u_int)) return FALSE); return FALSE); if (!xdr_int (xdrs, &objp->u_u ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined main() SUB RSP,0x8 XOR EAX,EAX CALL unitTestTEXT ;undefined unitTestTEXT() MOV EDI,EAX CALL .plt:::exit ;void exit(int __status) NOP word ptr CS:[RAX + RAX*0x1] Actual src: int main(int argc, char **argv){ int error; error = unitTestTEXT(); // error += unitTestNetADT((TEXT *)"ab (cd) fr- (ag-)"); // { TEXT txt[10]; txt[0] = 0x25; txt[1] = 0xd8; txt[2] = 0xaa; txt[3] = 0xd8; txt[4] = 0xb1; txt[5] = 0x0; // printf("TXT is %s\n",txt); // } exit(error); } Predicted src: int main(int argc, char **argv) { exit(0); exit(1); } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined linphone_account_creator_set_password() ;local_2c undefined4 -2c PUSH R13 LEA R13,[.rodata:s_assistant_00433c4a] ;= "assistant" PUSH R12 PUSH RBP MOV RBP,RSI PUSH RBX MOV RBX,RDI SUB RSP,0x18 MOV RDI,qword ptr [RDI + 0x40] CALL .plt:linphone_core_get_config ;undefined linphone_core_get_config() MOV ECX,0xffffffff LEA RDX,[.rodata:s_password_min_length_00433c88] ;= "password_min_length" MOV RSI=>.rodata:s_assistant_00433c4a,R13 ;= "assistant" MOV RDI,RAX CALL .plt:linphone_config_get_int ;undefined linphone_config_get_int() MOV RDI,qword ptr [RBX + 0x40] MOVSXD R12,EAX CALL .plt:linphone_core_get_config ;undefined linphone_core_get_config() MOV ECX,0xffffffff LEA RDX,[.rodata:s_password_max_length_00433c9c] ;= "password_max_length" MOV RSI=>.rodata:s_assistant_00433c4a,R13 ;= "assistant" MOV RDI,RAX CALL .plt:linphone_config_get_int ;undefined linphone_config_get_int() TEST RBP,RBP JZ LAB_003aeee0 MOVSXD R13,EAX TEST R12D,R12D JLE LAB_003aee8c MOV RDI,RBP CALL .plt:::strlen ;size_t strlen(char * __s) MOV R8,RAX MOV EAX,0x1 CMP R8,R12 JC LAB_003aeed3 LAB_003aee8c: TEST R13D,R13D JLE LAB_003aeea6 MOV RDI,RBP CALL .plt:::strlen ;size_t strlen(char * __s) MOV R8,RAX MOV EAX,0x2 CMP R8,R13 JA LAB_003aeed3 LAB_003aeea6: MOV RDI,qword ptr [RBX + 0x88] TEST RDI,RDI JZ LAB_003aeec2 CALL .plt.got:::ortp_free ;undefined ortp_free() MOV qword ptr [RBX + 0x88],0x0 LAB_003aeec2: MOV RDI,RBP CALL .plt:::ortp_strdup ;undefined ortp_strdup() MOV qword ptr [RBX + 0x88],RAX XOR EAX,EAX LAB_003aeed3: ADD RSP,0x18 POP RBX POP RBP POP R12 POP R13 RET ?? 66h f ?? 90h LAB_003aeee0: MOV RDI,qword ptr [RBX + 0x88] MOV EAX,0x1 TEST RDI,RDI JZ LAB_003aeed3 MOV dword ptr [RSP + local_2c+0x38],EAX CALL .plt.got:::bctbx_free ;undefined bctbx_free() MOV EAX,dword ptr [RSP + local_2c+0x38] MOV qword ptr [RBX + 0x88],0x0 JMP LAB_003aeed3 ?? 0Fh Actual src: LinphoneAccountCreatorPasswordStatus linphone_account_creator_set_password(LinphoneAccountCreator *creator, const char *password) { int min_length = lp_config_get_int(linphone_core_get_config(creator->core), "assistant", "password_min_length", -1); int max_length = lp_config_get_int(linphone_core_get_config(creator->core), "assistant", "password_max_length", -1); if (!password) { resetField(&creator->password); return LinphoneAccountCreatorPasswordStatusTooShort; } if (min_length > 0 && strlen(password) < (size_t)min_length) { return LinphoneAccountCreatorPasswordStatusTooShort; } else if (max_length > 0 && strlen(password) > (size_t)max_length) { return LinphoneAccountCreatorPasswordStatusTooLong; } set_string(&creator->password, password, FALSE); return LinphoneAccountCreatorPasswordStatusOk; } Predicted src: int linphone_core_get_config_length(LinphoneCore *lc, const char *config) { if (config == NULL) { return -1; } if (config->priv->config == NULL) { return -1; } if (config->priv->config == NULL) { return -1; } if (config->priv->config == NULL) { return -1; } if (config->priv->config == NULL) { return -1; } if (config->priv->config == NULL) { return -1; } if (config->priv->config == NULL) { return -1; } if (config->priv->config == NULL) { return -1; } if (config->priv->config == NULL) { return -1; } return 0; }