REV.NG调研

REV . NG: A Unified Binary Analysis Framework to Recover CFGs and Function Boundaries@2017

CFG: Control Flow Graph

function boundaries?

[A jump-target identification method for multi-architecturestatic binary translation](/home/xieby1/Zotero/storage/PCYM7WHA/Di Federico and Agosta - 2016 - A Jump-target Identification)@2016

文章写的乱七八糟的!!!!!!!!!!

  1. ABSTRACT

    疑惑:c里的switch是间接跳转(indirect jump)?条件跳转也算是间接跳转?

  2. INTRODUCTION

  3. PROBLEM STATEMENT

    1. Identifying code and basic blocks

    2. Challenges in jump target recovery

      cmp cl ,0 x53
ja 471aa8
lea rax ,[ rip +0 x3c9ca ]
mov rcx , PTR [ rax + rcx *4]
add rax , rcx
jmp rax

      上面是x86-64的switch汇编,语义为base+mem[base+4·cl], with cl ≤ 83

      switch语句编译出来的汇编怎么这么复杂?

  4. HARVESTING DATA AND CODE

    1. Global data harvesting

    2. Simple Expression Tracker

      语言不够清晰,完全看不明白

  5. THE OSR ANALYSIS

    1. OSR tracking

      原文提到

      We define $$x$$, together with its constraints, as a bounded value (BV). We also define offset shifted range (OSR) as an instance of the above expression.

      所以说OSR是BV的实例?那为什么既有OSR tracking又有BV tacking?

    2. BV tracking

    3. Load and store handling

    4. Integration with SET

    5. Formalization of the DFA

  6. EXPERIMENTAL RESULTS

    1. Functional testing Code coverage
    2. Basic block size

  7. RELATED WORKS

  8. CONCLUSIONS

2019.11.1
# REV.NG代码阅读

Clion环境配置

Clion里cmake报错Unable to find the requested Boost libraries.。报错时的调用栈

Call Stack (most recent call first):
  tests/Unit/UnitTests.cmake:10 (find_package)
  tests/Tests.cmake:41 (include)
  CMakeLists.txt:170 (include)

报错源码,即tests/Unit/UnitTests.cmake:10 (find_package)

find_package(Boost 1.63.0 REQUIRED COMPONENTS unit_test_framework)

查了cmake语法,知道了是缺boost这个package,可是我应该怎么装呢?

看报错的提示信息,

Unable to find the Boost header files. Please set BOOST_ROOT to the root directory containing Boost or BOOST_INCLUDEDIR to the directory containing Boost's headers.

所以应该是安装好Boost然后把路径设置环境变量(BOOST_ROOT或BOOST_INCLUDEDIR)咯?(可能cmake会到一些约定俗成的位置里去找,可能就不需要设置环境变量)

上网搜索,找到stack overflow的一片问答CMake is not able to find BOOST libraries

sudo apt install libboost-all-dev

然后再次在Clion里运行cmake就没问题了。

编译REVNG

按照revng/README.rst的提示,

mkdir build/
cd build/
cmake ..
make -j$(nproc) # 应该是number of proccessor的意思吧
make install

结果是却各种REV.NG内部的头文件,这就很奇怪了🤔。

用Clion里编译

Clion列出了很多CMake Application可以编译,这个可能是CMake提供的功能吧。

doc

提示我,

epstopdf: not found error: Problems running epstopdf. Check your TeX installation!

# 在终端里敲epstopdf,提示我安装texlive-font-utils
sudo apt install texlive texlive-font-utils # 不知道是否有必要装texlive,一起装了吧

新出现的文件夹revng/cmake-build-debug/html/里边似乎就是编译出来的文档!

主页(index.html)里有Licensing information这一项,我觉有必要有空的时候了解一下开源许可协议。目前随意找了找,