-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathcallgraph.py
90 lines (76 loc) · 2.15 KB
/
callgraph.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#import DFG_generator as dfg
import cfg_constructor as cfg
import networkx as nx
from idautils import *
from idaapi import *
from idc import *
import cPickle as pickle
import func as f
def callgraph_constructor(start_ea):
callgraph = nx.DiGraph()
funcs = f.get_func_bases(start_ea)
for func_name in funcs:
funcea = funcs[func_name]
ff = get_func(funcea)
start = ff.startEA
end = ff.endEA
callers = CodeRefsTo(funcea, 1)
inline_refs = CodeRefsFromInline(start, end)
for cller in callers:
cller_name = GetFunctionName(cller)
callgraph.add_edge(cller_name, func_name)
for cller in inline_refs:
if cller in funcs:
callgraph.add_edge(cller, func_name)
'''
else:
try:
x=int(cller,16)
if x > start_ea:
callgraph.add_edge(x, func_name)
except:
pass
'''
return callgraph
def CodeRefsFromInline(start, end):
cur = start
refs = []
while cur <= end:
opand2 = GetOpnd(cur, 1)
if 'offset' in opand2:
target = opand2.split(" ")[1]
refs.append(target)
cur = NextHead(cur)
return refs
def callgraph_featuring(funcea, callgraph):
feature_dic = {}
for func_name in callgraph:
pres = callgraph.predecessors(func_name)
sucs = callgraph.successors(func_name)
pre_f = filter(lambda x: 'sub' not in x, pres)
suc_f = filter(lambda x: 'sub' not in x, sucs)
if 'pre' not in feature_dic[func_name]:
feature_dic[func_name]['pre'] = pre_f
if 'suc' not in feature_dic[func_name]:
feature_dic[func_name]['suc'] = suc_f
return feature_dic
def similarity_comparision(callgraph, feature_dic):
sim_dic = {}
for node in callgraph:
sim_dic[node] = {}
for dnode in callgraph:
score = compute_score(node, dnode, feature_dic)
sim_dic[node][dnode] = score
return sim_dic
def compute_score(node, dnode, feature_dic):
f1 = feature_dic[node]
f2 = feature_dic[dnode]
if len(f1) > len(f2):
diff = set(f1).difference(f2)
else:
diff = set(f2).difference(f1)
return len(diff)
#def feature_assessing(feature):
# similarity_score = {}
if __name__=="__main__":
s = callgraph_constructor()