============================== Sample 1 ============================== ASM: ;************************************************************************************************************************************************************ ;* ipv4_get_num_hosts(unsigned short, unsigned int*) * ;************************************************************************************************************************************************************ ;undefined ipv4_get_num_hosts(ushort param_1, uint * param_2) ;param_1 ushort DI ;param_2 uint * RSI PUSH RBX MOV EAX,0x2 MOV RBX,param_2 CMP param_1,0x1f JZ LAB_0012cecb MOV EAX,0x1 CMP param_1,0x20 JZ LAB_0012cecb MOV EAX,0xfffffffc TEST param_1,param_1 JZ LAB_0012cecb MOVZX param_1,param_1 MOV EAX,0x20 PXOR XMM1,XMM1 MOVSD XMM0,qword ptr [.rodata:DAT_0012e638] ;= 4000000000000000h SUB EAX,param_1 CVTSI2SD XMM1,EAX CALL .plt:::pow ;double pow(double __x, double __y) CVTTSD2SI RAX,XMM0 SUB EAX,0x2 LAB_0012cecb: MOV dword ptr [RBX],EAX XOR EAX,EAX POP RBX RET ?? 66h f Actual src: short int ipv4_get_num_hosts(unsigned short int pfxlen, unsigned int* num) { int hosts = 0; switch (pfxlen) { case 0: hosts = 0xFFFFFFFC; break; case 31: hosts = 2; break; case 32: hosts = 1; break; default: hosts = (unsigned int)pow(2, 32 - pfxlen) - 2; break; } *num = hosts; return 0; } Predicted src: int32_t get_num_num(uint8_t *data, uint32_t *num) { if (data[0] == 0) return 0; *num = (uint8_t *)data[0]; return 1; } ============================== Sample 2 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined nl80211_update_dh_ie() PUSH R15 MOV R15,RCX PUSH R14 MOVZX R14D,DX PUSH R13 MOV R13,RDI PUSH R12 MOV R12,RSI PUSH RBP PUSH RBX MOV RBX,R8 SUB RSP,0x10 MOVZX ECX,byte ptr [RSI + 0x1] MOVZX EDX,byte ptr [RSI] MOV RBP,qword ptr [RDI] PUSH R14 MOV EDI,0x2 MOVZX EAX,byte ptr [RSI + 0x5] PUSH RAX MOVZX EAX,byte ptr [RSI + 0x4] PUSH RAX MOVZX R9D,byte ptr [RSI + 0x3] XOR EAX,EAX MOVZX R8D,byte ptr [RSI + 0x2] LEA RSI,[.rodata:s_nl80211:_Updating_DH_IE_peer:_%0_003a7ab8] ;= "nl80211: Updating DH IE peer: %02... CALL wpa_printf ;undefined wpa_printf(undefined param... MOV ESI,dword ptr [R13 + 0x10] MOV RDI,qword ptr [R13] XOR EDX,EDX ADD RSP,0x20 MOV ECX,0x87 CALL nl80211_ifindex_msg ;undefined nl80211_ifindex_msg() MOV R13,RAX TEST RAX,RAX JZ LAB_002f5ea8 MOV RCX,R12 MOV EDX,0x6 MOV ESI,0x6 MOV RDI,RAX CALL .plt:::nla_put ;undefined nla_put() TEST EAX,EAX JNZ LAB_002f5ea8 MOV EDX,R14D MOV ESI,0x48 MOV RDI,R13 CALL .plt:::nla_put_u16 ;undefined nla_put_u16() TEST EAX,EAX JNZ LAB_002f5ea8 TEST R15,R15 JZ LAB_002f5e45 MOV RCX,R15 MOV EDX,EBX MOV ESI,0x2a MOV RDI,R13 CALL .plt:::nla_put ;undefined nla_put() TEST EAX,EAX JNZ LAB_002f5ea8 LAB_002f5e45: MOV RDI,qword ptr [RBP] SUB RSP,0x8 MOV RDX,R13 XOR R9D,R9D XOR R8D,R8D XOR ECX,ECX MOV RSI,qword ptr [RDI + 0x40] PUSH 0x0 CALL send_and_recv ;undefined send_and_recv(undefined pa... MOV R12D,EAX POP RAX POP RDX TEST R12D,R12D JNZ LAB_002f5e80 LAB_002f5e6d: ADD RSP,0x8 MOV EAX,R12D POP RBX POP RBP POP R12 POP R13 POP R14 POP R15 RET ?? 90h LAB_002f5e80: MOV EDI,R12D NEG EDI CALL .plt:::strerror ;char * strerror(int __errnum) MOV EDX,R12D MOV EDI,0x2 LEA RSI,[.rodata:s_nl80211:_update_dh_ie_failed_err_003a7b00] ;= "nl80211: update_dh_ie failed err=... MOV RCX,RAX XOR EAX,EAX CALL wpa_printf ;undefined wpa_printf(undefined param... JMP LAB_002f5e6d ?? 0Fh ?? 1Fh ?? 00h LAB_002f5ea8: MOV RDI,R13 MOV R12D,0xffffff97 CALL .plt:::nlmsg_free ;undefined nlmsg_free() JMP LAB_002f5e6d ?? 0Fh Actual src: static int nl80211_update_dh_ie(void *priv, const u8 *peer_mac, u16 reason_code, const u8 *ie, size_t ie_len) { int ret; struct nl_msg *msg; struct i802_bss *bss = priv; struct wpa_driver_nl80211_data *drv = bss->drv; wpa_printf(MSG_DEBUG, "nl80211: Updating DH IE peer: " MACSTR " reason %u", MAC2STR(peer_mac), reason_code); if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_UPDATE_OWE_INFO)) || nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer_mac) || nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, reason_code) || (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie))) { nlmsg_free(msg); return -ENOBUFS; } ret = send_and_recv_msgs(drv, msg, NULL, NULL, NULL, NULL); if (ret) { wpa_printf(MSG_DEBUG, "nl80211: update_dh_ie failed err=%d (%s)", ret, strerror(-ret)); } return ret; } Predicted src: static int put_msg(struct rte_eth_dev *dev, struct rte_eth_dev *dev, struct rte_eth_dev *dev) { struct rte_eth_dev *dev = dev->data; struct rte_eth_dev *dev = dev->dev; struct rte_eth_dev *dev = dev->dev; int ret; ret = rte_put_msg(dev, dev->dev_id, dev->dev_id); if (ret!= 0) { return ret; } ret = rte_eth_put_msg(dev, dev->dev_id, dev->dev_id); if (ret!= 0) { return ret; } ret = rte_eth_put_msg(dev, dev->dev_id, dev->dev_id); if (ret!= 0) { free(dev); return ret; } return 0; } ============================== Sample 3 ============================== ASM: ;************************************************************************************************************************************************************ ;* otb::TestHelper::SetEpsilonBoundaryChecking(double) * ;************************************************************************************************************************************************************ ;undefined SetEpsilonBoundaryChecking(TestHelper * this, double param_1) ;this TestHelper * RDI ;param_1 double XMM0_Qa UCOMISD param_1,qword ptr [this + 0x50] JP LAB_001663f0 JNZ LAB_001663f0 RET ?? 66h f ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_001663f0: MOV RAX,qword ptr [this] MOVSD qword ptr [this + 0x50],param_1 JMP qword ptr [RAX + 0x88] ?? 66h f Actual src: itkSetMacro(EpsilonBoundaryChecking, double); Predicted src: void SetTest(double value) { if (value!= 0.0) { value = value; } else { value = value; } } } ============================== Sample 4 ============================== ASM: ;************************************************************************************************************************************************************ ;* FUNCTION * ;************************************************************************************************************************************************************ ;undefined sc_insert() ;local_30 undefined8 -30 ;local_38 undefined8 -38 PUSH R14 PUSH R13 MOV R13,RDI PUSH R12 XOR R12D,R12D PUSH RBP MOV RBP,RSI PUSH RBX SUB RSP,0x10 MOV RAX,qword ptr FS:[0x28] MOV qword ptr [RSP + local_30+0x38],RAX XOR EAX,EAX CALL .plt:::document_get_current ;undefined document_get_current() TEST RAX,RAX JZ LAB_001058fb MOV RBX,RAX MOV RAX,qword ptr [RAX + 0x28] MOV RDI,qword ptr [RAX + 0x8] CALL .plt:::sci_get_current_position ;undefined sci_get_current_position() MOV EDX,0x1 MOV RCX,RSP MOV RSI,RBP MOV R14D,EAX MOV R8D,0xffffffff MOV RDI,R13 XOR EAX,EAX CALL .plt:::gtk_tree_model_get ;undefined gtk_tree_model_get() MOV RDX,qword ptr [RSP]=>local_38 TEST RDX,RDX JZ LAB_001058fb CMP byte ptr [RDX],0x0 JNZ LAB_00105920 LAB_001058fb: MOV RAX,qword ptr [RSP + local_30+0x38] SUB RAX,qword ptr FS:[0x28] JNZ LAB_00105941 ADD RSP,0x10 MOV EAX,R12D POP RBX POP RBP POP R12 POP R13 POP R14 RET ?? 0Fh ?? 1Fh ?? 44h D ?? 00h ?? 00h LAB_00105920: MOV RAX,qword ptr [RBX + 0x28] MOV ESI,R14D MOV R12D,0x1 MOV RDI,qword ptr [RAX + 0x8] CALL .plt:::sci_insert_text ;undefined sci_insert_text() MOV RDI,qword ptr [RSP]=>local_38 CALL .plt:::g_free ;undefined g_free() JMP LAB_001058fb LAB_00105941: CALL .plt:::__stack_chk_fail ;undefined __stack_chk_fail() NOP word ptr CS:[RAX + RAX*0x1] Actual src: static gboolean sc_insert(GtkTreeModel *model, GtkTreeIter *iter) { GeanyDocument *doc = document_get_current(); gboolean result = FALSE; if (doc!= NULL) { gchar *str; gint pos = sci_get_current_position(doc->editor->sci); gtk_tree_model_get(model, iter, COLUMN_HTML_NAME, &str, -1); if (!EMPTY(str)) { sci_insert_text(doc->editor->sci, pos, str); g_free(str); result = TRUE; } } return result; } Predicted src: static gboolean update_selected (GtkTreeModel *model, GtkTreeIter *iter, gpointer user_data) { GtkTreeModel *model = user_data; GtkTreeModel *model; GtkTreeModel *model; GtkTreeIter iter; model = gtk_tree_model_get_iter (model, iter); if (model == NULL) return FALSE; model = gtk_tree_model_get_iter (model, iter); if (model == NULL) return FALSE; if (gtk_tree_model_get_iter (model, iter)) { g_free (model); return TRUE; } return TRUE; } ============================== Sample 5 ============================== ASM: ;************************************************************************************************************************************************************ ;* LAMMPS_NS::Modify::delete_fix(int) * ;************************************************************************************************************************************************************ ;undefined delete_fix(Modify * this, int param_1) ;this Modify * RDI ;param_1 int ESI PUSH R13 MOVSXD RAX,param_1 PUSH R12 LEA R13,[RAX*0x8] MOV R12,RAX PUSH RBP MOV RBP,this PUSH RBX SUB RSP,0x8 MOV RDX,qword ptr [this + 0x130] MOV this,qword ptr [RDX + RAX*0x8] TEST this,this JZ LAB_008fe0a1 MOV RAX,qword ptr [this] CALL qword ptr [RAX + 0x8] LAB_008fe0a1: MOV RAX,qword ptr [RBP + 0x30] MOV param_1,R12D LEA EBX,[R12 + 0x1] MOV this,qword ptr [RAX] CALL .plt:LAMMPS_NS::Atom::update_callback ;undefined update_callback(Atom * thi... MOV EAX,dword ptr [RBP + 0x124] CMP EBX,EAX JGE LAB_008fe105 MOV this,qword ptr [RBP + 0x130] SUB EAX,R12D MOVSXD RBX,EBX SUB EAX,0x2 LEA RDX,[0x8 + RAX*0x8] LEA param_1,[this + R13*0x1 + 0x8] ADD this,R13 CALL .plt:::memmove ;void * memmove(void * __dest, void *... MOV RDX,qword ptr [RBP + 0x138] NOP dword ptr [RAX + RAX*0x1] LAB_008fe0f0: MOV EAX,dword ptr [RDX + RBX*0x4] MOV dword ptr [RDX + RBX*0x4 + -0x4],EAX MOV EAX,dword ptr [RBP + 0x124] ADD RBX,0x1 CMP EAX,EBX JG LAB_008fe0f0 LAB_008fe105: SUB EAX,0x1 MOV dword ptr [RBP + 0x124],EAX ADD RSP,0x8 POP RBX POP RBP POP R12 POP R13 RET ?? 90h Actual src: void Modify::delete_fix(int ifix) { if (fix[ifix]) delete fix[ifix]; atom->update_callback(ifix); // move other Fixes and fmask down in list one slot for (int i = ifix+1; i < nfix; i++) fix[i-1] = fix[i]; for (int i = ifix+1; i < nfix; i++) fmask[i-1] = fmask[i]; nfix--; } Predicted src: void Fix::delete_callback(int n) { int i; for (i = 0; i < n; i++) { n[i]->delete_callback(n); n[i]->delete_callback(n); n[i]->delete_callback(n); } }