============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined device_added() PUSH R13 MOV RDI,RSI PUSH R12 MOV R12,RDX PUSH RBP MOV RBP,RSI CALL .plt:::nm_device_get_iface ;undefined nm_device_get_iface() LEA RSI,[.rodata:s_%s:_device_created_0019389e] ;= "%s: device created\n" LEA RDI,[.rodata:s_NetworkManager_0018910e] ;= "NetworkManager" MOV R13,RAX CALL .plt:::g_dgettext ;undefined g_dgettext() MOV RSI,R13 MOV RDI,RAX XOR EAX,EAX CALL .plt:::g_print ;undefined g_print() MOV RCX,R12 MOV RDI,RBP XOR R9D,R9D ADD dword ptr [R12 + 0x38],0x1 XOR R8D,R8D LEA RDX,[device_state] LEA RSI,[.rodata:s_notify::state_0018b29c] ;= "notify::state" CALL .plt:::g_signal_connect_data ;undefined g_signal_connect_data() MOV RCX,R12 MOV RDI,RBP XOR R9D,R9D POP RBP XOR R8D,R8D POP R12 LEA RDX,[device_ac] LEA RSI,[.rodata:s_notify::active-connection_001938b2] ;= "notify::active-connection" POP R13 JMP .plt:::g_signal_connect_data ;undefined g_signal_connect_data() ?? 90h Actual src: static void device_added(NMClient *client, NMDevice *device, NmCli *nmc) { g_print(_("%s: device created\n"), nm_device_get_iface(device)); device_watch(nmc, NM_DEVICE(device)); } Predicted src: static void on_device_notify(GObject *object, GAsyncResult *result, gpointer user_data) { g_assert(NM_IS_DEVICE(user_data)); g_assert(NM_IS_DEVICE(user_data)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); g_assert(NM_IS_DEVICE(result)); return; } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined buf_read_ccmx() PUSH R12 MOV R12,RDI MOV RDI,RSI MOV RSI,RDX PUSH RBP PUSH RBX CALL new_cgatsFileMem ;undefined new_cgatsFileMem() TEST RAX,RAX JZ LAB_001d01d8 MOV RBP,RAX CALL new_cgats ;undefined new_cgats() MOV RBX,RAX TEST RAX,RAX JZ LAB_001d0210 LEA RSI,[.rodata:DAT_0028797f] ;= 43h C MOV RDI,RAX CALL qword ptr [RBX + 0x40] MOV RSI,RBP MOV RDI,RBX CALL qword ptr [RBX + 0x50] TEST EAX,EAX JNZ LAB_001d01a0 MOV RDI,RBP CALL qword ptr [RBP + 0x48] MOV RDI,R12 MOV RSI,RBX CALL read_ccmx_cgats ;undefined read_ccmx_cgats() MOV RDI,RBX MOV R12D,EAX CALL qword ptr [RBX + 0xd0] LAB_001d0196: MOV EAX,R12D POP RBX POP RBP POP R12 RET ?? 66h f ?? 90h LAB_001d01a0: LEA RSI,[RBX + 0xd8] LEA RDI,[R12 + 0xe4] MOV R12D,0x1 CALL .plt:::strcpy ;char * strcpy(char * __dest, char *... MOV RDI,RBX CALL qword ptr [RBX + 0xd0] MOV RDI,RBP CALL qword ptr [RBP + 0x48] MOV EAX,R12D POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_001d01d8: MOVDQA XMM0,xmmword ptr [.rodata:s_new_cgatsFileMemread_ccmx:_new_c_00287a5f+193] ;= "new_cgatsFileMemread_ccmx: new_cc... MOV RAX,0x64656c69616620 MOV qword ptr [R12 + 0xf4],RAX MOVUPS xmmword ptr [R12 + 0xe4],XMM0 MOV R12D,0x2 POP RBX POP RBP MOV EAX,R12D POP R12 RET ?? 0Fh ?? 1Fh ?? 80h ?? 00h ?? 00h ?? 00h ?? 00h LAB_001d0210: MOVDQA XMM0,xmmword ptr [.rodata:s_read_ccmx:_new_ccgatsFileMem_get_00287a5f+209] ;= "read_ccmx: new_ccgatsFileMem getc... MOV RDI,RBP MOV RCX,0x6620292873746167 MOV EAX,0x64 MOV qword ptr [R12 + 0xf4],RCX MOV dword ptr [R12 + 0xfc],0x656c6961 MOV word ptr [R12 + 0x100],AX MOVUPS xmmword ptr [R12 + 0xe4],XMM0 MOV R12D,0x2 CALL qword ptr [RBP + 0x48] JMP LAB_001d0196 ?? 66h f Actual src: static int buf_read_ccmx( ccmx *p, /* This */ unsigned char *buf, size_t len ) { int rv; cgatsFile *fp; cgats *icg; /* input cgats structure */ if ((fp = new_cgatsFileMem(buf, len)) == NULL) { strcpy(p->err, "new_cgatsFileMem failed"); return 2; } /* Open and look at the.ccmx file */ if ((icg = new_cgats()) == NULL) { /* Create a CGATS structure */ sprintf(p->err, "read_ccmx: new_cgats() failed"); fp->del(fp); return 2; } icg->add_other(icg, "CCMX"); /* our special type is Model Printer Profile */ if (icg->read(icg, fp)) { strcpy(p->err, icg->err); icg->del(icg); fp->del(fp); return 1; } fp->del(fp); if ((rv = read_ccmx_cgats(p, icg))!= 0) { icg->del(icg); /* Clean up */ return rv; } icg->del(icg); /* Clean up */ return 0; } Predicted src: static int read_read(char *name, char *buf, size_t len) { FILE *fp; FILE *fp; fp = (FILE *)calloc(1, sizeof(FILE)); if (fp == NULL) return 0; fp->data = (FILE *)calloc(1, sizeof(FILE)); fp->data = (char *)calloc(1, sizeof(FILE)); fp->data = (char *)calloc(1, sizeof(char)); fp->data = (char *)calloc(1, len); fp->data = (char *)calloc(1, len); fp->data = (char *)calloc(1, len); fp->data = (char *)calloc(1, len); fp->data = (char *)calloc(1, len); return 1; } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* ONScripter::brCommand() * ;************************************************************************************************************************************************************ ;undefined brCommand(ONScripter * this) ;this ONScripter * RDI PUSH R12 MOV ESI,0x1 PUSH RBP PUSH RBX MOV RBX,this CALL ONScripter::enterTextDisplayMode ;undefined enterTextDisplayMode(ONScr... LEA this,[RBX + 0xcb8] CALL FontInfo::newLine ;undefined newLine(FontInfo * this) MOV RBX,qword ptr [RBX + 0xbf8] MOVSXD RDX,dword ptr [RBX + 0x1c] MOV this,dword ptr [RBX + 0x18] CMP EDX,this JGE LAB_00124540 MOV RBP,qword ptr [RBX + 0x10] LAB_00124523: LEA EAX,[RDX + 0x1] MOV dword ptr [RBX + 0x1c],EAX MOV EAX,0x2 MOV byte ptr [RBP + RDX*0x1],0xa POP RBX POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00124540: ADD this,this MOVSXD this,this CALL .plt:::operator.new[] ;void * operator.new[](ulong param_1) MOV R12,qword ptr [RBX + 0x10] MOVSXD RDX,dword ptr [RBX + 0x18] MOV this,RAX MOV RBP,RAX MOV RSI,R12 CALL .plt:::memcpy ;void * memcpy(void * __dest, void *... MOV this,R12 CALL .plt:::operator.delete[] ;void operator.delete[](void * param_1) MOV qword ptr [RBX + 0x10],RBP MOVSXD RDX,dword ptr [RBX + 0x1c] SHL dword ptr [RBX + 0x18],1 JMP LAB_00124523 ?? 90h Actual src: int ONScripter::brCommand() { enterTextDisplayMode(); sentence_font.newLine(); current_page->add( 0x0a ); return RET_CONTINUE; } Predicted src: void TextCommand::text() { if (!m_text) { m_text = new char[m_text]; m_text = new char[m_text]; m_text = new char[m_text]; } else { m_text = new char[m_text]; m_text = new char[m_text]; m_text = new char[m_text]; m_text = new char[m_text]; m_text = new char[m_text]; m_text = new char[m_text]; } } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined stp_parameter_list_param() PUSH RBP MOV RBP,RDI PUSH RBX MOV RBX,RSI SUB RSP,0x8 CALL .plt:stp_list_get_length ;undefined stp_list_get_length() CDQE CMP RAX,RBX JBE LAB_00132548 MOV RDI,RBP MOV ESI,EBX CALL .plt:stp_list_get_item_by_index ;undefined stp_list_get_item_by_index() MOV RDI,RAX TEST RAX,RAX JZ LAB_00132548 ADD RSP,0x8 POP RBX POP RBP JMP .plt:stp_list_item_get_data ;undefined stp_list_item_get_data() ?? 0Fh ?? 1Fh ?? 00h LAB_00132548: ADD RSP,0x8 XOR EAX,EAX POP RBX POP RBP RET ?? 66h f Actual src: const stp_parameter_t * stp_parameter_list_param(stp_const_parameter_list_t list, size_t item) { const stp_list_t *ilist = (const stp_list_t *)list; stp_list_item_t *i = NULL; if (item >= stp_list_get_length(ilist)) return NULL; else { i = stp_list_get_item_by_index(ilist, item); if (i == NULL) return NULL; return (const stp_parameter_t *) stp_list_item_get_data(i); } } Predicted src: const char *list_item_get_by_name(const list_item_t *item, const char *name) { const list_item_t *item = list_item_get_by_name(item, name); if (!item) return NULL; return list_item_get_by_name(item, item->name); } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined polypolygon_print() AND EDI,0xffff JZ LAB_001444e4 PUSH R15 LEA R15,[.rodata:s__Polygon[%d]:_0016b860] ;= " Polygon[%d]: " PUSH R14 MOV R14D,EDI PUSH R13 XOR R13D,R13D PUSH R12 MOV R12,RSI PUSH RBP MOV RBP,RDX PUSH RBX SUB RSP,0x8 NOP dword ptr [RAX] LAB_00144490: XOR EAX,EAX MOV EDX,R13D MOV RSI=>.rodata:s__Polygon[%d]:_0016b860,R15 ;= " Polygon[%d]: " MOV EDI,0x1 CALL .plt:::__printf_chk ;undefined __printf_chk() CMP word ptr [R12],0x0 JZ LAB_001444c8 XOR EBX,EBX NOP dword ptr [RAX] LAB_001444b0: MOV EDI,dword ptr [RBP] ADD EBX,0x1 ADD RBP,0x4 CALL .plt:point16_print ;undefined point16_print() MOVZX EAX,word ptr [R12] CMP EAX,EBX JG LAB_001444b0 LAB_001444c8: ADD R13D,0x1 ADD R12,0x2 CMP R13D,R14D JNZ LAB_00144490 ADD RSP,0x8 POP RBX POP RBP POP R12 POP R13 POP R14 POP R15 RET LAB_001444e4: RET ?? 66h f Actual src: void polypolygon_print( uint16_t nPolys, const uint16_t *aPolyCounts, const char *Points ){ int i,j; U_POINT16 pt; for(i=0; i