本文整理汇总了C++中RTN_Address函数的典型用法代码示例。如果您正苦于以下问题:C++ RTN_Address函数的具体用法?C++ RTN_Address怎么用?C++ RTN_Address使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了RTN_Address函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: ImgLoad
// Image load callback - inserts the probes.
void ImgLoad(IMG img, void *v)
{
// Called every time a new image is loaded
if ( (IMG_Name(img).find("libncurses.so") != string::npos) ||
(IMG_Name(img).find("LIBNCURSES.SO") != string::npos) ||
(IMG_Name(img).find("LIBNCURSES.so") != string::npos) )
{
RTN rtngetch = RTN_FindByName(img, "getch");
if (RTN_Valid(rtngetch) && RTN_IsSafeForProbedReplacement(rtngetch))
{
OutFile << CurrentTime() << "Inserting probe for getch at " << RTN_Address(rtngetch) << endl;
OutFile.flush();
AFUNPTR fptr = (RTN_ReplaceProbed(rtngetch, AFUNPTR(mygetch)));
fptrgetch = (int (*)())fptr;
}
RTN rtnmvgetch = RTN_FindByName(img, "mvgetch");
if (RTN_Valid(rtnmvgetch) && RTN_IsSafeForProbedReplacement(rtnmvgetch))
{
OutFile << CurrentTime() << "Inserting probe for mvgetch at " << RTN_Address(rtnmvgetch) << endl;
OutFile.flush();
AFUNPTR fptr = (RTN_ReplaceProbed(rtnmvgetch, AFUNPTR(mymvgetch)));
fptrmvgetch = (int (*)(int, int))fptr;
}
}
// finished instrumentation
}
开发者ID:EmilyBragg,项目名称:profiling-tool,代码行数:29,代码来源:tpss_lin_libncurses.cpp
示例2: ImageLoad
VOID ImageLoad(IMG img, VOID *v)
{
printf ("ImageLoad %s\n", IMG_Name(img).c_str());
for (SEC sec = IMG_SecHead(img); SEC_Valid(sec); sec = SEC_Next(sec))
{
for (RTN rtn = SEC_RtnHead(sec); RTN_Valid(rtn); rtn = RTN_Next(rtn))
{
if (strcmp(RTN_Name(rtn).c_str(), "_dl_debug_state") == 0)
{
printf (" RTN %s at %p\n", RTN_Name(rtn).c_str(), reinterpret_cast<void *>(RTN_Address(rtn)));
printf (" ** found _dl_debug_state\n");
dl_debug_state_Addr = RTN_Address(rtn);
justFoundDlDebugState = TRUE;
}
else if (justFoundDlDebugState)
{
printf (" RTN %s at %p\n", RTN_Name(rtn).c_str(), reinterpret_cast<void *>(RTN_Address(rtn)));
dl_debug_state_AddrEnd = RTN_Address(rtn);
justFoundDlDebugState = FALSE;
printf (" ** _dl_debug_state from %p to %p\n", reinterpret_cast<void *>(dl_debug_state_Addr), reinterpret_cast<void *>(dl_debug_state_AddrEnd));
}
}
}
}
开发者ID:alugupta,项目名称:resilient-systems,代码行数:25,代码来源:branch_target_addr.cpp
示例3: Image
VOID Image(IMG img, void *v)
{
RTN rtn = RTN_FindByName(img, "ReplacedXmmRegs");
if (RTN_Valid(rtn))
{
PROTO proto = PROTO_Allocate(PIN_PARG(int), CALLINGSTD_DEFAULT, "ReplacedXmmRegs", PIN_PARG_END());
RTN_ReplaceSignature(rtn, AFUNPTR(REPLACE_ReplacedXmmRegs),
IARG_PROTOTYPE, proto,
(KnobUseIargConstContext)?IARG_CONST_CONTEXT:IARG_CONTEXT,
IARG_THREAD_ID,
IARG_ORIG_FUNCPTR,
IARG_END);
PROTO_Free(proto);
printf ("TOOL found and replaced ReplacedXmmRegs\n");
fflush (stdout);
RTN rtn = RTN_FindByName(img, "ExecutedAtFunc");
if (RTN_Valid(rtn))
{
executeAtAddr = RTN_Address(rtn);
printf ("TOOL found ExecutedAtFunc for later PIN_ExecuteAt\n");
fflush (stdout);
}
rtn = RTN_FindByName(img, "DumpXmmRegsAtException");
if (RTN_Valid(rtn))
{
dumpXmmRegsAtExceptionAddr = RTN_Address(rtn);
printf ("TOOL found DumpXmmRegsAtException for later Exception\n");
fflush (stdout);
}
}
}
开发者ID:herjmoo,项目名称:research,代码行数:33,代码来源:set_fp_context_xmm_regs.cpp
示例4: traceBack
/*****************************************************************************
函 数 名 : traceBack
功能描述 : 回溯已经调用的函数栈,解析当前函数调用的信息
输入参数 : const char* cfuncName
ADDRINT funcAddr
ADDRINT funcBP
输出参数 : 无
返 回 值 :
调用函数 :
被调函数 :
修改历史 :
1.日 期 : 2012年5月16日
作 者 : @zhi
修改内容 : 新生成函数
*****************************************************************************/
VOID traceBack( ADDRINT funcCurSP, ADDRINT funcUpperBP )
{
if(g_backTraceFlg)
{
#if 1
string funcName;
std::stack<FuncItem>tmpFuncs;
ADDRINT tmpAddr;
ADDRINT funcAddr;
//待运行函数入栈,后面的插入直接是从该函数开始
//tmpFuncs.push(FuncItem(funcName, funcAddr, funcBP-1));
tmpAddr = *((ADDRINT *)funcCurSP);
funcName = RTN_FindNameByAddress(tmpAddr);
//获取不到函数名
if("" == funcName)
{
funcName = "[unknown]";
}
PIN_LockClient();
funcAddr = RTN_Address(RTN_FindByAddress(tmpAddr));
PIN_UnlockClient();
ADDRINT funcBP = funcUpperBP;
while(0 != funcBP)
{
tmpFuncs.push(FuncItem(funcName, funcAddr, funcBP));
tmpAddr = *((ADDRINT *)funcBP + 1);
funcName = RTN_FindNameByAddress(tmpAddr);
//获取不到函数名
if("" == funcName)
{
funcName = "[unknown]";
}
PIN_LockClient();
funcAddr = RTN_Address(RTN_FindByAddress(tmpAddr));
PIN_UnlockClient();
funcBP = *(ADDRINT*) funcBP;
}
#endif
#if 1
tmpAddr =0;
while(!tmpFuncs.empty())
{
funcPackage(tmpFuncs.top().funcName.c_str(),
tmpFuncs.top().funcAddr, tmpAddr);
tmpAddr = tmpFuncs.top().upperFuncBP;
tmpFuncs.pop();
}
#endif
g_backTraceFlg = false;
}
}
开发者ID:heould,项目名称:getProcessFuncCallRelation,代码行数:74,代码来源:getProcessFuncCallRelation.cpp
示例5: Image
VOID Image(IMG img, VOID *)
{
RTN rtn = RTN_FindByName(img, NAME("NotTraced"));
if (RTN_Valid(rtn))
AddrNotTraced = RTN_Address(rtn);
rtn = RTN_FindByName(img, NAME("IsTraced"));
if (RTN_Valid(rtn))
AddrIsTraced = RTN_Address(rtn);
}
开发者ID:alugupta,项目名称:resilient-systems,代码行数:10,代码来源:sigenable.cpp
示例6: ImageLoad
// Pin calls this function every time a new img is loaded
VOID ImageLoad(IMG img, VOID *v)
{
if (!IMG_IsMainExecutable(img))
return;
printf("%s loaded\n", IMG_Name(img).c_str());
fflush(stdout);
ADDRINT imageBase = IMG_LowAddress(img);
WINDOWS::PIMAGE_DATA_DIRECTORY pExpDir = GetExportDirectory(imageBase);
if ((pExpDir == 0) || (pExpDir->Size == 0))
{
// Failure: Executable image lacks export directory.
printf("ERROR: No export directory in executable image\n");
fflush(stdout);
exit(3);
}
ADDRINT exportBase = imageBase + pExpDir->VirtualAddress;
// First check that bytes in export directory range do not belong to a RTN
for (ADDRINT addr = exportBase; addr < exportBase + pExpDir->Size; ++addr)
{
if (RTN_FindByAddress(addr) != RTN_Invalid())
{
// Test failure. Byte in export directory belongs to a RTN.
printf("ERROR: Data from export directory included in RTN\n");
fflush(stdout);
exit(1);
}
}
// Second check RTN size. RTN range should not overlap with export directory range.
for (SEC sec = IMG_SecHead(img); sec != SEC_Invalid(); sec = SEC_Next(sec))
{
for (RTN rtn = SEC_RtnHead(sec); rtn != RTN_Invalid(); rtn = RTN_Next(rtn))
{
if (((RTN_Address(rtn) <= exportBase) && (RTN_Address(rtn) + RTN_Size(rtn) > exportBase)) ||
((RTN_Address(rtn) > exportBase) && (exportBase + pExpDir->Size > RTN_Address(rtn))))
{
// Test failure. RTN overlaps with export directory.
printf("ERROR: RTN overlaps with export directory\n");
fflush(stdout);
exit(2);
}
}
}
return;
}
开发者ID:alugupta,项目名称:resilient-systems,代码行数:50,代码来源:data_in_code_win.cpp
示例7: Image
static VOID Image(IMG img, VOID *v)
{
RTN rtn = RTN_FindByName(img, watch_rtn);
if (!RTN_Valid(rtn))
{
return;
}
printf("Instrumenting %s at %p\n", watch_rtn, reinterpret_cast<void *>(RTN_Address(rtn)));
RTN_Open(rtn);
INS ins = RTN_InsHeadOnly(rtn);
ASSERTX (INS_Valid(ins));
// version_reg is used to select the version, use the first
// argument of watch_rtn to set it
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(select_version),
IARG_FUNCARG_ENTRYPOINT_VALUE, 0,
IARG_REG_VALUE, version_reg,
IARG_RETURN_REGS, version_reg,
IARG_END);
// Note that the version instrumentation will occur before any
// instrumentation done on this ins from Trace or Instruction
// instrumentation time callbacks
INS_InsertVersionCase(ins, version_reg, 10, VERSION_1, IARG_END);
INS_InsertVersionCase(ins, version_reg, 20, VERSION_2, IARG_END);
RTN_Close(rtn);
}
开发者ID:FengXingYuXin,项目名称:SHMA,代码行数:26,代码来源:special_case_aoti.cpp
示例8: Routine
VOID Routine(RTN rtn, VOID *v)
{
RTN_Open(rtn);
RTN_NAME * rn = new RTN_NAME;
if (KnobOnly){
if(IMG_IsMainExecutable(SEC_Img(RTN_Sec(rtn))) \
/*&& std::strcmp(IMG_Name(SEC_Img(RTN_Sec(rtn))).c_str(),"/usr/lib/libSystem.B.dylib")!=0 \*/
|| std::strcmp(IMG_Name(SEC_Img(RTN_Sec(rtn))).c_str(),"/usr/lib/system/libsystem_malloc.dylib")==0)
{
funcList.push_back(RTN_Name(rtn));
cerr << "Getting "<< RTN_Name(rtn) <<endl ;
//RTN_Close(rtn);
//return ;
}
}
if(KnobOnly && find (funcList.begin(), funcList.end(), RTN_Name(rtn)) == funcList.end()){
cerr << "excluding : " << RTN_Name(rtn) ;
cerr << IMG_Name(SEC_Img(RTN_Sec(rtn))) << endl;
RTN_Close(rtn);
return;
}
// The RTN goes away when the image is unloaded, so save it now
// because we need it in the fin
rn->_name = RTN_Name(rtn);
rn->_image = IMG_Name(SEC_Img(RTN_Sec(rtn))).c_str();
rn->_address = RTN_Address(rtn);
//_address = RTN_Address(rtn);
// Insert a call at the entry point of a routine to increment the call count
RTN_InsertCall(rtn, IPOINT_BEFORE, (AFUNPTR)print, IARG_PTR, rn,IARG_FUNCARG_ENTRYPOINT_VALUE, 0, IARG_END);
RTN_InsertCall(rtn, IPOINT_AFTER, (AFUNPTR)ret,IARG_PTR,rn,IARG_FUNCRET_EXITPOINT_VALUE, IARG_END);
//INS_InsertCall(RTN_InsTail(rtn), IPOINT_BEFORE, (AFUNPTR)ret, IARG_END);
RTN_Close(rtn);
}
开发者ID:DickReverse,项目名称:tools,代码行数:35,代码来源:CallArgs.cpp
示例9: Ins
static VOID Ins(INS ins, VOID *v)
{
RTN rtn = INS_Rtn(ins);
if (!RTN_Valid(rtn) || RTN_Name(rtn) != watch_rtn)
{
return;
}
if (INS_Address(ins) == RTN_Address(rtn))
{
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "Ins instrumentation", IARG_CALL_ORDER, CALL_ORDER_FIRST+3, IARG_END);
printf("Ins Instrumenting %s\n", watch_rtn, reinterpret_cast<void *>(RTN_Address(rtn)));
}
}
开发者ID:alagenchev,项目名称:school_code,代码行数:16,代码来源:instrumentation_order4.cpp
示例10: Image
VOID Image(IMG img, VOID *v)
{
RTN mmapRtn = RTN_FindByName(img, FUNC_PREFIX "mmap");
if (RTN_Valid(mmapRtn))
{
RTN_Open(mmapRtn);
RTN_InsertCall(mmapRtn, IPOINT_BEFORE, AFUNPTR(MmapArgs), IARG_RETURN_IP, IARG_G_ARG0_CALLEE, IARG_G_ARG1_CALLEE, IARG_G_ARG2_CALLEE, IARG_G_ARG3_CALLEE, IARG_G_ARG4_CALLEE, IARG_G_ARG5_CALLEE, IARG_END);
RTN_Close(mmapRtn);
}
RTN foobarRtn = RTN_FindByName(img, FUNC_PREFIX "foobar");
if (RTN_Valid(foobarRtn))
{
foobarAddress = RTN_Address(foobarRtn);
RTN_Open(foobarRtn);
RTN_InsertCall(foobarRtn, IPOINT_BEFORE, AFUNPTR(FoobarArgs), IARG_G_ARG0_CALLEE, IARG_G_ARG1_CALLEE, IARG_END);
RTN_Close(foobarRtn);
}
RTN bazRtn = RTN_FindByName(img, FUNC_PREFIX "baz");
if (RTN_Valid(bazRtn))
{
RTN_Open(bazRtn);
RTN_InsertCall(bazRtn, IPOINT_BEFORE, AFUNPTR(BazArg), IARG_FUNCARG_ENTRYPOINT_REFERENCE, 0, IARG_FUNCARG_ENTRYPOINT_REFERENCE, 1, IARG_FUNCARG_ENTRYPOINT_REFERENCE, 2, IARG_END);
RTN_Close(bazRtn);
}
}
开发者ID:alugupta,项目名称:resilient-systems,代码行数:28,代码来源:callargs.cpp
示例11: Trace
static VOID Trace(TRACE trace, VOID *v)
{
RTN rtn = TRACE_Rtn(trace);
if (!RTN_Valid(rtn) || RTN_Name(rtn) != watch_rtn)
{
return;
}
if (TRACE_Address(trace) == RTN_Address(rtn))
{
// Pin does not support issuing an RTN_ReplaceSignature from the TRACE instrumentation callback
// This will cause Pin to terminate with an error
PROTO proto_watch_rtn
= PROTO_Allocate(PIN_PARG(void), CALLINGSTD_DEFAULT, "watch_rtn", PIN_PARG(int), PIN_PARG_END());
RTN_ReplaceSignature(rtn, AFUNPTR(WatchRtnReplacement),
IARG_PROTOTYPE, proto_watch_rtn,
IARG_CONST_CONTEXT,
IARG_THREAD_ID,
IARG_ORIG_FUNCPTR,
IARG_FUNCARG_ENTRYPOINT_VALUE, 0,
IARG_END);
}
开发者ID:alagenchev,项目名称:school_code,代码行数:25,代码来源:instrumentation_order21.cpp
示例12: rtn
/*****************************************************************************
函 数 名 : rtn
功能描述 : Pin calls this function every time a new rtn is executed
输入参数 : RTN rtn
VOID * v
输出参数 : 无
返 回 值 :
调用函数 :
被调函数 :
修改历史 :
1.日 期 : 2012年5月16日
作 者 : @zhi
修改内容 : 新生成函数
*****************************************************************************/
VOID rtn(RTN rtn, VOID * v)
{
//干掉系统的动态连接库, 即IMG为/lib/*
if(EXCEPT_SEC == IMG_Name(SEC_Img(RTN_Sec(rtn)))
.substr(0, EXCEPT_SEC.size()))
{
return;
}
RTN_Open(rtn);
if ( g_backTraceFlg )
{
//第一次进入,回溯已调用的函数(附加到进程模式)
//, 参数为待执行函数的函数名,函数起始地址,函数EBP(函数初始未压栈)
RTN_InsertCall(rtn, IPOINT_BEFORE,
(AFUNPTR)traceBack,
//IARG_PTR, RTN_Name(rtn).c_str(),
//IARG_ADDRINT, RTN_Address(rtn),
IARG_REG_VALUE, REG_STACK_PTR,
IARG_REG_VALUE, REG_EBP, IARG_END);
}
RTN_InsertCall(rtn, IPOINT_BEFORE,
(AFUNPTR)funcPackage,
IARG_PTR, RTN_Name(rtn).c_str(),
IARG_ADDRINT, RTN_Address(rtn),
IARG_REG_VALUE, REG_EBP,
//IARG_REG_VALUE, REG_STACK_PTR, IARG_END);
IARG_END);
RTN_Close(rtn);
}
开发者ID:heould,项目名称:getProcessFuncCallRelation,代码行数:47,代码来源:getProcessFuncCallRelation.cpp
示例13: Routine
// Pin calls this function every time a new rtn is executed
VOID Routine(RTN rtn, VOID *v)
{
// Allocate a counter for this routine
RTN_COUNT * rc = new RTN_COUNT;
// The RTN goes away when the image is unloaded, so save it now
// because we need it in the fini
rc->_name = RTN_Name(rtn);
rc->_image = StripPath(IMG_Name(SEC_Img(RTN_Sec(rtn))).c_str());
rc->_address = RTN_Address(rtn);
rc->_icount = 0;
rc->_rtnCount = 0;
// Add to list of routines
rc->_next = RtnList;
RtnList = rc;
RTN_Open(rtn);
// Insert a call at the entry point of a routine to increment the call count
RTN_InsertCall(rtn, IPOINT_BEFORE, (AFUNPTR)docount, IARG_PTR, &(rc->_rtnCount), IARG_END);
// For each instruction of the routine
for (INS ins = RTN_InsHead(rtn); INS_Valid(ins); ins = INS_Next(ins))
{
// Insert a call to docount to increment the instruction counter for this rtn
INS_InsertCall(ins, IPOINT_BEFORE, (AFUNPTR)docount, IARG_PTR, &(rc->_icount), IARG_END);
}
RTN_Close(rtn);
}
开发者ID:dcashman,项目名称:Coursework,代码行数:34,代码来源:proccount.cpp
示例14: Trace
static VOID Trace(TRACE trace, VOID *v)
{
RTN rtn = TRACE_Rtn(trace);
ADDRINT version = TRACE_Version(trace);
// If we are not in watch_rtn, switch back to base version
if (!RTN_Valid(rtn) || RTN_Name(rtn) != watch_rtn)
{
if (version != VERSION_BASE)
BBL_SetTargetVersion(TRACE_BblHead(trace), VERSION_BASE);
return;
}
if (TRACE_Address(trace) == RTN_Address(rtn)) {
INS ins = BBL_InsHead(TRACE_BblHead(trace));
if (version == VERSION_BASE)
{
// version_reg is used to select the version, use the first
// argument of watch_rtn to set it
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(select_version),
IARG_FUNCARG_ENTRYPOINT_VALUE, 0,
IARG_RETURN_REGS, version_reg,
IARG_END);
// IF we are in the base version, decide if we should go to the
// other versions
// Note that the version instrumentation will occur before any
// following instrumentation done on this ins
INS_InsertVersionCase(ins, version_reg, 10, VERSION_1, IARG_END);
INS_InsertVersionCase(ins, version_reg, 20, VERSION_2, IARG_END);
printf ("Instrumentation at %p\n", reinterpret_cast<void *>(INS_Address(ins)));
}
}
INS ins = BBL_InsHead(TRACE_BblHead(trace));
for (BBL bbl = TRACE_BblHead(trace); BBL_Valid(bbl); bbl = BBL_Next(bbl))
{
// Instrumentation depends on version
// These instrumentations occur after the preceeding version instrumentation
// (i.e. the instrumentation inserted by the above INS_InsertVersionCase calls
switch(version) {
case VERSION_BASE:
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "version base", IARG_END);
break;
case VERSION_1:
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "version 1", IARG_END);
break;
case VERSION_2:
INS_InsertCall(ins, IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "version 2", IARG_END);
break;
default:
assert(0);
break;
}
}
}
开发者ID:EmilyBragg,项目名称:profiling-tool,代码行数:58,代码来源:special_case1.cpp
示例15: DoReplacementFunc
void DoReplacementFunc( IMG img, char * funcName)
{
RTN rtnToReplace;
printf ("Image %s\n", IMG_Name(img).c_str());
for (SEC sec = IMG_SecHead(img); SEC_Valid(sec); sec = SEC_Next(sec))
{
for (RTN rtn = SEC_RtnHead(sec); RTN_Valid(rtn); rtn = RTN_Next(rtn))
{
printf (" Rtn: %s %s\n", RTN_Name(rtn).c_str(), funcName);
if (strstr( RTN_Name(rtn).c_str(), funcName))
{
//printf (" found\n");
foundFunc = true;
rtnToReplace = rtn;
break;
}
}
if (foundFunc)
{
break;
}
}
if (!foundFunc)
{
return;
}
printf ( "Found %s %x\n", funcName, RTN_Address(rtnToReplace));
// commented out so that absence of pdb file will not cause failure
if (RTN_IsSafeForProbedReplacement(rtnToReplace))
{
printf ( "RTN_ReplaceSignatureProbed on %s\n", funcName);
foundFunc = true;
PROTO protoOfStdCallFunction1ToBeReplacedByPin
= PROTO_Allocate( PIN_PARG(void *),
CALLINGSTD_STDCALL,
"protoOfStdCallFunction1ToBeReplacedByPin",
PIN_PARG(char),
PIN_PARG(int),
PIN_PARG(char),
PIN_PARG(int),
PIN_PARG_END() );
RTN_ReplaceSignatureProbed(rtnToReplace, AFUNPTR(ReplacementFunc),
IARG_PROTOTYPE, protoOfStdCallFunction1ToBeReplacedByPin,
IARG_ORIG_FUNCPTR,
IARG_FUNCARG_ENTRYPOINT_VALUE, 0,
IARG_FUNCARG_ENTRYPOINT_VALUE, 1,
IARG_FUNCARG_ENTRYPOINT_VALUE, 2,
IARG_FUNCARG_ENTRYPOINT_VALUE, 3,
IARG_END);
PROTO_Free( protoOfStdCallFunction1ToBeReplacedByPin );
}
}
开发者ID:gungun1010,项目名称:hidden,代码行数:56,代码来源:probestdcall.cpp
示例16: imageLoadCallback
// - Get initial entropy
// - Get PE section data
// - Add filtered library
void imageLoadCallback(IMG img,void *){
Section item;
static int va_hooked = 0;
//get the initial entropy of the PE
//we have to consder only the main executable and avìvoid the libraries
if(IMG_IsMainExecutable(img)){
ProcInfo *proc_info = ProcInfo::getInstance();
//get the address of the first instruction
proc_info->setFirstINSaddress(IMG_Entry(img));
//get the program name
proc_info->setProcName(IMG_Name(img));
//get the initial entropy
MYINFO("----------------------------------------------");
float initial_entropy = proc_info->GetEntropy();
proc_info->setInitialEntropy(initial_entropy);
MYINFO("----------------------------------------------");
//retrieve the section of the PE
for( SEC sec= IMG_SecHead(img); SEC_Valid(sec); sec = SEC_Next(sec) ){
item.name = SEC_Name(sec);
item.begin = SEC_Address(sec);
item.end = item.begin + SEC_Size(sec);
proc_info->insertSection(item);
}
//DEBUG
proc_info->PrintSections();
}
//build the filtered libtrary list
FilterHandler *filterH = FilterHandler::getInstance();
ADDRINT startAddr = IMG_LowAddress(img);
ADDRINT endAddr = IMG_HighAddress(img);
const string name = IMG_Name(img);
if(!IMG_IsMainExecutable(img) && filterH->isKnownLibrary(name)){
/* searching for VirtualAlloc */
RTN rtn = RTN_FindByName( img, "VirtualAlloc");
if(rtn != RTN_Invalid()){
MYINFO("BECCATO LA VIRTUAL ALLOC\n");
ADDRINT va_address = RTN_Address(rtn);
MYINFO("Address of VirtualAlloc: %08x\n" , va_address);
RTN_Open(rtn);
RTN_InsertCall(rtn, IPOINT_AFTER, (AFUNPTR)VirtualAllocHook , IARG_G_ARG0_CALLEE , IARG_G_ARG1_CALLEE , IARG_G_RESULT0, IARG_END);
RTN_Close(rtn);
}
filterH->addLibrary(name,startAddr,endAddr);
}
}
开发者ID:YHVHvx,项目名称:pin_unpacking_antievasion,代码行数:57,代码来源:FindOEPPin.cpp
示例17: Trace
static VOID Trace(TRACE trace, VOID *v)
{
RTN rtn = TRACE_Rtn(trace);
if (!RTN_Valid(rtn) || RTN_Name(rtn) != watch_rtn)
{
return;
}
if (TRACE_Address(trace) == RTN_Address(rtn))
{
TRACE_InsertCall(trace, IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "Trace instrumentation", IARG_CALL_ORDER, CALL_ORDER_FIRST+2, IARG_END);
BBL_InsertCall(TRACE_BblHead(trace), IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "Trace_BBL instrumentation", IARG_CALL_ORDER, CALL_ORDER_FIRST+2, IARG_END);
INS_InsertCall(BBL_InsHead(TRACE_BblHead(trace)), IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "Trace_INS instrumentation", IARG_CALL_ORDER, CALL_ORDER_FIRST+2, IARG_END);
printf("Trace Instrumenting %s\n", watch_rtn, reinterpret_cast<void *>(RTN_Address(rtn)));
}
}
开发者ID:alagenchev,项目名称:school_code,代码行数:20,代码来源:instrumentation_order4.cpp
示例18: InstrumentRtn
static void InstrumentRtn(RTN rtn, VOID *)
{
ADDRINT a = RTN_Address(rtn);
IMG img = IMG_FindByAddress(a);
if (IMG_Valid(img) &&
IMG_IsMainExecutable(img)) {
RTN_Open(rtn);
RTN_InsertCall(rtn, IPOINT_BEFORE, AFUNPTR(FunctionHook), IARG_ADDRINT, a, IARG_END);
RTN_Close(rtn);
}
}
开发者ID:chubbymaggie,项目名称:DOP-StaticAssist,代码行数:12,代码来源:TraceFuncs.cpp
示例19: Rtn
static VOID Rtn(RTN rtn, VOID *v)
{
if (!RTN_Valid(rtn) || RTN_Name(rtn) != watch_rtn)
{
return;
}
printf("Rtn Instrumenting %s\n", watch_rtn, reinterpret_cast<void *>(RTN_Address(rtn)));
RTN_Open(rtn);
RTN_InsertCall(rtn, IPOINT_BEFORE, AFUNPTR(Emit),
IARG_PTR, "RTN instrumentation", IARG_CALL_ORDER, CALL_ORDER_FIRST+1, IARG_END);
RTN_Close(rtn);
}
开发者ID:alagenchev,项目名称:school_code,代码行数:13,代码来源:instrumentation_order4.cpp
示例20: I_ImageLoad
static void
I_ImageLoad(IMG img, void *v)
{
static bool main_rtn_instrumented = false;
if( !main_rtn_instrumented ) {
RTN rtn = RTN_FindByName(img, "main");
if( rtn == RTN_Invalid() ) {
rtn = RTN_FindByName(img, "__libc_start_main");
}
// Instrument main
if( rtn != RTN_Invalid() ) {
main_rtn_instrumented = true;
RTN_Open(rtn);
RTN_InsertCall(rtn, IPOINT_BEFORE,
(AFUNPTR)A_EnterMainImage,
IARG_INST_PTR,
IARG_ADDRINT, RTN_Address(rtn),
IARG_REG_VALUE, REG_STACK_PTR,
IARG_END);
RTN_Close(rtn);
}
}
for( SYM sym = IMG_RegsymHead(img); SYM_Valid(sym); sym = SYM_Next(sym) ) {
if( strstr(SYM_Name(sym).c_str(), "MAID_register_address" ) ) {
RTN rtn;
rtn = RTN_FindByName(img, SYM_Name(sym).c_str());
ASSERTX(RTN_Valid(rtn));
RTN_Open(rtn);
RTN_InsertCall(rtn, IPOINT_BEFORE,
(AFUNPTR)A_RegisterAddr,
IARG_G_ARG0_CALLEE,
IARG_END);
RTN_Close(rtn);
} else if( strstr(SYM_Name(sym).c_str(), "MAID_unregister_address" ) ) {
RTN rtn;
rtn = RTN_FindByName(img, SYM_Name(sym).c_str());
ASSERTX(RTN_Valid(rtn));
RTN_Open(rtn);
RTN_InsertCall(rtn, IPOINT_BEFORE,
(AFUNPTR)A_UnregisterAddr,
IARG_G_ARG0_CALLEE,
IARG_END);
RTN_Close(rtn);
}
}
}
开发者ID:gungun1010,项目名称:hidden,代码行数:50,代码来源:Maid.cpp
注:本文中的RTN_Address函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论