============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined ProfilerGetCurrentState() MOV RSI,RDI MOV RDI,qword ptr [->CpuProfiler::instance_] ;= 00151640 JMP .plt:LAB_00117330 ?? 90h Actual src: void ProfilerGetCurrentState( ProfilerState* state) { CpuProfiler::instance_.GetCurrentState(state); } Predicted src: void QText QTextState_instance(QTextQTextStateH handle) { ((QTextQTextState *)handle)->instance(); } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined async_init() CMP qword ptr [RDI],0x0 JZ LAB_00140988 LEA RDI,[.rodata:s_Warning_calling_async_init_two_t_0014b438] ;= "Warning calling async_init two ti... JMP .plt:::puts ;int puts(char * __s) ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00140988: PUSH RBX MOV ESI,0x1 MOV RBX,RDI MOV EDI,0x38 CALL .plt:::calloc ;void * calloc(size_t __nmemb, size_t... MOV qword ptr [RBX],RAX TEST RAX,RAX JZ LAB_001409b6 MOV EDI,0x18 CALL .plt:::sysconf ;long sysconf(int __name) POP RBX MOV qword ptr [.bss:max_depth],RAX RET LAB_001409b6: LEA RDI,[.rodata:s_Malloc_failed_0014b2d8] ;= "Malloc failed" CALL .plt:::puts ;int puts(char * __s) MOV EDI,0xae CALL .plt:::exit ;void exit(int __status) NOP dword ptr [RAX] Actual src: void async_init(struct cache **gc,int fd,int flag) #else void async_init(gc,fd,flag) struct cache **gc; int fd; int flag; #endif { #ifdef VXFS if(flag) ioctl(fd,VX_SETCACHE,VX_DIRECT); #endif if(*gc) { printf("Warning calling async_init two times?\n"); return; } *gc=(struct cache *)malloc((size_t)sizeof(struct cache)); if(*gc == 0) { printf("Malloc failed\n"); exit(174); } bzero(*gc,sizeof(struct cache)); #if defined(__AIX__) || defined(SCO_Unixware_gcc) max_depth=500; #else max_depth=sysconf(_SC_AIO_MAX); #endif } Predicted src: void init_async_async_async(void **async_async) { if (async_async == NULL) async_async = calloc(1, sizeof(*async_async)); if (async_async == NULL) async_async = calloc(1, sizeof(*async_async)); if (async_async == NULL) async_async = calloc(1, sizeof(*async_async)); else async_async = calloc(1, sizeof(*async_async)); } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined ply_progress_bar_new() SUB RSP,0x8 MOV ESI,0x40 MOV EDI,0x1 CALL .plt:::calloc ;void * calloc(size_t __nmemb, size_t... MOV RDX,0x1000000ffffffff OR byte ptr [RAX + 0x38],0x1 MOV qword ptr [RAX + 0x28],RDX MOV qword ptr [RAX + 0x30],0x0 ADD RSP,0x8 RET ?? 66h f Actual src: ply_progress_bar_t * ply_progress_bar_new (void) { ply_progress_bar_t *progress_bar; progress_bar = calloc (1, sizeof(ply_progress_bar_t)); progress_bar->is_hidden = true; progress_bar->fg_color = 0xffffffff; /* Solid white */ progress_bar->bg_color = 0x01000000; /* Transparent */ progress_bar->fraction_done = 0.0; return progress_bar; } Predicted src: progress_progress_t *progress_progress_progress_new(void) { progress_progress_t *progress = (progress_progress_t *)calloc(1, sizeof(progress_progress_t)); progress->progress = NULL; progress->progress = NULL; progress->progress = NULL; returnprogress; } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined dhcp6_calc_mac() ;local_30 undefined8 -30 ;local_48 undefined1[16] -48 PUSH R13 PUSH R12 PUSH RBP PUSH RBX SUB RSP,0xc8 MOV RAX,qword ptr FS:[0x28] MOV qword ptr [RSP + local_30+0xe8],RAX XOR EAX,EAX CMP ECX,0x1 JNZ LAB_00112b80 LEA RAX,[R8 + 0x10] MOV RBX,RSI MOV RBP,R8 CMP RAX,RSI JA LAB_00112b80 MOV RSI,qword ptr [R9 + 0x28] MOV EDX,dword ptr [R9 + 0x30] MOV R13,RSP MOV R12,RDI MOV RDI,R13 CALL hmacmd5_init ;undefined hmacmd5_init() MOV EDX,EBX MOV RSI,R12 MOV RDI,R13 CALL md5_update ;undefined md5_update() LEA RSI=>local_48,[RSP + 0xa0] MOV RDI,R13 CALL hmacmd5_sign ;undefined hmacmd5_sign() XOR EAX,EAX MOVDQA XMM0,xmmword ptr [RSP + local_48[0]+0xe8] MOVUPS xmmword ptr [R12 + RBP*0x1],XMM0 LAB_00112b57: MOV RDX,qword ptr [RSP + local_30+0xe8] SUB RDX,qword ptr FS:[0x28] JNZ LAB_00112b87 ADD RSP,0xc8 POP RBX POP RBP POP R12 POP R13 RET ?? 0Fh ?? 1Fh ?? 84h ?? 00h ?? 00h ?? 00h ?? 00h ?? 00h LAB_00112b80: MOV EAX,0xffffffff JMP LAB_00112b57 LAB_00112b87: CALL .plt:::__stack_chk_fail ;undefined __stack_chk_fail() NOP dword ptr [RAX] Actual src: int dhcp6_calc_mac(buf, len, proto, alg, off, key) char *buf; size_t len, off; int proto, alg; struct keyinfo *key; { hmacmd5_t ctx; unsigned char digest[MD5_DIGESTLENGTH]; /* right now, we don't care about the protocol */ if (alg!= DHCP6_AUTHALG_HMACMD5) return (-1); if (off + MD5_DIGESTLENGTH > len) { /* * this should be assured by the caller, but check it here * for safety. */ return (-1); } hmacmd5_init(&ctx, key->secret, key->secretlen); hmacmd5_update(&ctx, buf, len); hmacmd5_sign(&ctx, digest); memcpy(buf + off, digest, MD5_DIGESTLENGTH); return (0); } Predicted src: int md5_md5_md5(md5_context context, const uint8_t *md5, const uint8_t *md5) { uint8_t *md5; uint8_t *md5; int i; md5 = md5; md5 = md5; md5 = md5; for (i = 0; i < 8; i++) { md5[i] = md5[i]; md5[i] = md5[i]; md5[i] = md5[i]; md5[i] = md5[i]; md5[i] = md5[i]; md5[i] = md5[i]; md5[i] = md5[i]; md5[i] = md5[i]; } return md5; } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined ProfilerGetCurrentState() MOV RSI,RDI MOV RDI,qword ptr [->CpuProfiler::instance_] ;= 00151640 JMP .plt:LAB_00117330 ?? 90h Actual src: void ProfilerGetCurrentState( ProfilerState* state) { CpuProfiler::instance_.GetCurrentState(state); } Predicted src: void State_instance(StateH handle) { ((State *)handle)->instance(); }