Giter Site home page Giter Site logo

Legend about angr-utils HOT 4 CLOSED

axt avatar axt commented on May 21, 2024
Legend

from angr-utils.

Comments (4)

axt avatar axt commented on May 21, 2024

Can you give more details what you exactly mean by legend?

What I'm currently planning is to have the ability to specify extra meta-data for the nodes and edges.

Here is an example of what I think of. In this sample the nodes contain the extra metadata HA and HF, while the edges display how many times that edge was executed. Of course these would be arbitrary, and supplied by the caller.

main_found_2

from angr-utils.

kevinkoo001 avatar kevinkoo001 commented on May 21, 2024

Oh, I should have told you more clearly. I meant the legend of the arrows. (i.e., colors)
As defined in your source, black means 'call', grey means 'ret' and so forth.
Some might take those colors for granted, but some might not like me. :)

from angr-utils.

axt avatar axt commented on May 21, 2024

I really don't know how to plot that onto a '.dot' graph, but will create a wiki page for them.

from angr-utils.

axt avatar axt commented on May 21, 2024

Since I can't put that on the output file, I write down the latest colorings here:

color description
black 'call' edge
gray 'ret' edge
gray, dashed 'fakeret' edge
blue unconditional jump
blue, dashed 'next' edges created by cfg normalization
green conditional edge, condition is true branch
red conditional jump, condition is false branch
yellow unknown edge (exception while evaluating, or not handled case)

Note:
Before 1ac8d7a :

The util generates the conditional red, green edges based on the VEX IR exit targets, and not by the original asm, this can be misleading when interpreting the colors.

For example, the conditional edges are reversed in VEX for this sample code:

0x0:    cmp si, 0x7f
0x4:    jg  0x1d

IRSB {
[...]
   11 | if (t5) { PUT(eip) = 0x6; Ijk_Boring }
   NEXT: PUT(eip) = 0x0000001d; Ijk_Boring
}

After 1ac8d7a :
Both colorings possible:

  • if printvex == True then its based on VEX exit targets
  • if printvex == False and printasm == True then its based on asm exit targets (works currently only for x86 codes)
  • you can create a custom visualization pipeline and use your own coloring

I will add these to the documentation some time in the future.

Also coloring will be configurable in the near future.

from angr-utils.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.