============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined _cffi_d_ncprogbar_destroy() JMP .plt:ncprogbar_destroy ?? 66h f Actual src: static void _cffi_d_ncprogbar_destroy(struct ncprogbar * x0) { ncprogbar_destroy(x0); } Predicted src: static void _cffi_d_ncplane_destroy(struct ncplane * x0) { ncplane_destroy(x0); } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined Dicache_remove() ;local_10 undefined8 -10 ;local_28 undefined4 -28 ;local_68 undefined8 -68 PUSH RBP LEA RDX,[Dicache_entry_cmp] SUB RSP,0x60 MOV RAX,qword ptr FS:[0x28] MOV qword ptr [RSP + local_10+0x68],RAX XOR EAX,EAX MOV qword ptr [RSP]=>local_68,RDI MOV RDI,qword ptr [.bss:CachedIMGs] MOV dword ptr [RSP + local_28+0x68],ESI MOV RSI,RSP CALL dList_find_sorted ;undefined dList_find_sorted() TEST RAX,RAX JZ LAB_0013e783 MOV RDI,qword ptr [.bss:CachedIMGs] MOV RBP,RAX MOV RSI,RAX CALL dList_remove ;undefined dList_remove() MOV RDI,qword ptr [RBP] MOV EAX,dword ptr [RBP + 0x28] SUB dword ptr [.bss:dicache_size_total],EAX CALL a_Url_free ;undefined a_Url_free() MOV RDI,qword ptr [RBP + 0x18] CALL dFree ;undefined dFree() MOV RDI,qword ptr [RBP + 0x30] CALL a_Bitvec_free ;undefined a_Bitvec_free() MOV RDI,qword ptr [RBP + 0x20] CALL a_Imgbuf_unref ;undefined a_Imgbuf_unref() MOV RAX,qword ptr [RBP + 0x48] TEST RAX,RAX JZ LAB_0013e77b MOV RSI,qword ptr [RBP + 0x50] MOV EDI,0x2 CALL RAX LAB_0013e77b: MOV RDI,RBP CALL dFree ;undefined dFree() LAB_0013e783: MOV RAX,qword ptr [RSP + local_10+0x68] SUB RAX,qword ptr FS:[0x28] JNZ LAB_0013e799 ADD RSP,0x60 POP RBP RET LAB_0013e799: CALL .plt:::__stack_chk_fail ;undefined __stack_chk_fail() NOP Actual src: static void Dicache_remove(const DilloUrl *Url, int version) { DICacheEntry e, *entry; _MSG("Dicache_remove url=%s\n", URL_STR(Url)); e.url = (DilloUrl*)Url; e.version = version; entry = dList_find_sorted(CachedIMGs, &e, Dicache_entry_cmp); dReturn_if (entry == NULL); _MSG("Dicache_remove Imgbuf=%p Decoder=%p DecoderData=%p\n", entry->v_imgbuf, entry->Decoder, entry->DecoderData); /* Eliminate this dicache entry */ dList_remove(CachedIMGs, entry); dicache_size_total -= entry->TotalSize; /* entry cleanup */ a_Url_free(entry->url); dFree(entry->cmap); a_Bitvec_free(entry->BitVec); a_Imgbuf_unref(entry->v_imgbuf); if (entry->Decoder) { entry->Decoder(CA_Abort, entry->DecoderData); } dFree(entry); } Predicted src: void find_entry(struct entry *entry) { struct entry *entry; struct entry *entry; struct entry *entry; entry = entry->entry; entry = entry->entry; entry->entry = entry->entry; if (entry->entry) { entry->entry = entry->entry; entry->entry = entry->entry; } else { entry->entry = entry->entry; entry->entry = entry->entry; } if (entry->entry) { entry->entry = entry->entry; entry->entry = entry->entry; } else { entry->entry = entry->entry; entry->entry = entry->entry; } entry_free(entry); } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined crashhandlerOptionsInitDisplay() ;local_1c undefined4 -1c PUSH R12 MOV EDI,0x1 MOV R12,RSI MOV ESI,0x1a8 PUSH RBP SUB RSP,0x18 CALL .plt:::calloc ;void * calloc(size_t __nmemb, size_t... TEST RAX,RAX JZ LAB_00102aa8 MOV RDI,R12 MOV RBP,RAX CALL .plt:allocateScreenPrivateIndex ;undefined allocateScreenPrivateIndex() MOV dword ptr [RBP],EAX TEST EAX,EAX JS LAB_00102a78 MOVSXD RDX,dword ptr [.bss:CrashhandlerOptionsDisplayPrivateIndex] ;=?? MOV RAX,qword ptr [R12 + 0x8] MOV RDI,R12 LEA RCX,[RBP + 0x8] MOV R8D,0x4 LEA RSI,[.bss:crashhandlerOptionsMetadata] ;=?? MOV qword ptr [RAX + RDX*0x8],RBP LEA RDX,[.data.rel.ro:crashhandlerOptionsDisplayOptionInfo] CALL .plt:compInitDisplayOptionsFromMetadata ;undefined compInitDisplayOptionsFrom... TEST EAX,EAX JZ LAB_00102a90 MOV EAX,0x1 LAB_00102a6d: ADD RSP,0x18 POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 00h LAB_00102a78: MOV RDI,RBP CALL .plt:::free ;void free(void * __ptr) ADD RSP,0x18 XOR EAX,EAX POP RBP POP R12 RET ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00102a90: MOV RDI,RBP MOV dword ptr [RSP + local_1c+0x28],EAX CALL .plt:::free ;void free(void * __ptr) MOV EAX,dword ptr [RSP + local_1c+0x28] ADD RSP,0x18 POP RBP POP R12 RET LAB_00102aa8: XOR EAX,EAX JMP LAB_00102a6d ?? 0Fh Actual src: static Bool crashhandlerOptionsInitDisplay (CompPlugin *p, CompDisplay *d) { CrashhandlerOptionsDisplay *od; od = calloc (1, sizeof(CrashhandlerOptionsDisplay)); if (!od) return FALSE; od->screenPrivateIndex = allocateScreenPrivateIndex(d); if (od->screenPrivateIndex < 0) { free(od); return FALSE; } d->base.privates[CrashhandlerOptionsDisplayPrivateIndex].ptr = od; if (!compInitDisplayOptionsFromMetadata (d, &crashhandlerOptionsMetadata, crashhandlerOptionsDisplayOptionInfo, od->opt, CrashhandlerDisplayOptionNum)) { free (od); return FALSE; } return TRUE; } Predicted src: static Bool freeScreenOptionsInitDisplay (CompPlugin *p, CompDisplay *d) { int i; if (!od) return FALSE; od->base.privates[od->screenPrivateIndex].ptr = NULL; if (!od->base.privates) { free (od); return FALSE; } od->base.privates[od->screenPrivateIndex].ptr = od; free (od); return TRUE; } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined COM_InitArgv() PUSH R15 PUSH R14 PUSH R13 MOV R13,RSI PUSH R12 MOV R12D,EDI PUSH RBP PUSH RBX SUB RSP,0x8 CMP EDI,0x32 JG LAB_00160ca8 MOV dword ptr [.bss:com_argc],EDI TEST EDI,EDI JLE LAB_00160c95 LAB_00160c43: XOR EBP,EBP LEA R14,[.bss:com_argv] LEA R15,[.rodata:DAT_00286e0d] JMP LAB_00160c77 ?? 0Fh ?? 1Fh ?? 00h LAB_00160c58: MOV RDI,RBX CALL .plt:::strlen ;size_t strlen(char * __s) CMP RAX,0x3ff CMOVA RBX,R15 MOV qword ptr [R14 + RBP*0x8]=>.bss:com_argv,RBX ADD RBP,0x1 CMP R12D,EBP JLE LAB_00160c95 LAB_00160c77: MOV RBX,qword ptr [R13 + RBP*0x8] TEST RBX,RBX JNZ LAB_00160c58 LEA RBX,[.rodata:DAT_00286e0d] MOV qword ptr [R14 + RBP*0x8]=>.bss:com_argv,RBX=>.rodata:DAT_00286e0d ADD RBP,0x1 CMP R12D,EBP JG LAB_00160c77 LAB_00160c95: ADD RSP,0x8 POP RBX POP RBP POP R12 POP R13 POP R14 POP R15 RET ?? 0Fh ?? 1Fh ?? 40h @ ?? 00h LAB_00160ca8: LEA RSI,[.rodata:s_argc_>_MAX_NUM_ARGVS_0028ed0d] ;= "argc > MAX_NUM_ARGVS" XOR EDI,EDI XOR EAX,EAX CALL Com_Error ;undefined Com_Error(undefined param_... MOV dword ptr [.bss:com_argc],R12D JMP LAB_00160c43 ?? 66h f Actual src: void COM_InitArgv (int argc, char **argv) { int i; if (argc > MAX_NUM_ARGVS) Com_Error (ERR_FATAL, "argc > MAX_NUM_ARGVS"); com_argc = argc; for (i=0 ; i= MAX_TOKEN_CHARS ) com_argv[i] = ""; else com_argv[i] = argv[i]; } } Predicted src: void S_Init(int argc, char **argv) { int i; for (i = 0; i < argc; i++) { if (argv[i] == NULL) { fprintf(stderr, "Error: %s\n", argv[i]); return; } } for (i = 0; i < argc; i++) { argv[i] = argv[i]; } } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined CPyDef_default___DefaultPlugin() PUSH R12 XOR ESI,ESI PUSH RBP MOV RBP,RDI SUB RSP,0x8 MOV RAX,qword ptr [->CPyType_default___DefaultPlugin] ;= 015dabc8 MOV RAX=>.bss:CPyType_default___DefaultPlugin,qword ptr [RAX] ;=?? MOV RDI,RAX CALL qword ptr [RAX + 0x130] TEST RAX,RAX JZ LAB_006a5967 MOV R12,RAX LEA RAX,[.bss:default___DefaultPlugin_vtable] ;=?? MOVDQA XMM0,xmmword ptr [.rodata:tuple_undefined_T2II] MOV RSI,RBP MOV qword ptr [R12 + 0x10],RAX=>.bss:default___DefaultPlugin_vtable ;=?? MOV RDI,R12 MOV qword ptr [R12 + 0x18],0x0 MOV qword ptr [R12 + 0x20],0x0 MOVUPS xmmword ptr [R12 + 0x28],XMM0 CALL CPyDef_plugin___Plugin_____init__ ;undefined CPyDef_plugin___Plugin____... CMP AL,0x2 JZ LAB_006a5960 ADD RSP,0x8 MOV RAX,R12 POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 00h LAB_006a5960: SUB qword ptr [R12],0x1 JZ LAB_006a5978 LAB_006a5967: XOR R12D,R12D ADD RSP,0x8 MOV RAX,R12 POP RBP POP R12 RET ?? 0Fh ?? 1Fh ?? 00h LAB_006a5978: MOV RDI,R12 CALL .plt:_Py_Dealloc ;undefined _Py_Dealloc() ?? EBh ?? E5h ?? 66h f Actual src: PyObject *CPyDef_default___DefaultPlugin(PyObject *cpy_r_options) { PyObject *self = default___DefaultPlugin_setup(CPyType_default___DefaultPlugin); if (self == NULL) return NULL; char res = CPyDef_plugin___Plugin_____init__(self, cpy_r_options); if (res == 2) { Py_DECREF(self); return NULL; } return self; } Predicted src: PyObject *CPyDef_nodes___Plugin_____init__(PyObject *cpy_r_self, PyObject *cpy_r_name) { PyObject *cpy_r_r0; PyObject *cpy_r_r1; PyObject *cpy_r_r2; CPyL0: ; cpy_r_r0 = CPyDef_nodes___Plugin_____init__(cpy_r_self, cpy_r_name); if (cpy_r_r0 == NULL) goto CPyL2; CPyL1: ; cpy_r_r1 = CPyDef_nodes___Plugin_____init__(cpy_r_self, cpy_r_name); if (cpy_r_r1 == NULL) goto CPyL2; CPyL2: ; cpy_r_r2 = CPyDef_nodes___Plugin_____init__(cpy_r_self, cpy_r_name); if (cpy_r_r2 == NULL) goto CPyL2; CPyL3: ; return cpy_r_r1; CPyL4: ; cpy_r_r2 = NULL; return cpy_r_r2; }