Exemple #1
0
  public int countIndirectBranches() {
    int res = 0;
    for (Map.Entry<AbsoluteAddress, Instruction> entry : assemblyMap.entrySet()) {
      Instruction instr = entry.getValue();

      if (instr instanceof BranchInstruction) {
        BranchInstruction branch = (BranchInstruction) instr;
        if (branch.isIndirect()) {
          // if branch target is not a memory operand pointing into a static data area of the binary
          // (imports)
          if (branch.getBranchDestination() instanceof MemoryOperand) {
            MemoryOperand memOp = (MemoryOperand) branch.getBranchDestination();
            // Import calls have only displacement
            if (memOp.getBase() == null && memOp.getIndex() == null) {
              AbsoluteAddress disp = new AbsoluteAddress(memOp.getDisplacement());
              // Check whether displacement points into import table
              ExecutableImage module = getModule(disp);
              if (module instanceof PEModule
                  && ((PEModule) module).getImportTable().containsKey(disp)) continue;
            }
          }
          res++;
          // logger.verbose(entry.getKey() + "\t" + getInstructionString(entry.getKey()));
        }
      }
    }
    return res;
  }
Exemple #2
0
  public LinkedList<BranchInstruction> getIndirectBranches() {
    LinkedList<BranchInstruction> indirectBranches = new LinkedList<BranchInstruction>();
    for (Map.Entry<AbsoluteAddress, Instruction> entry : assemblyMap.entrySet()) {
      Instruction instr = entry.getValue();

      if (instr instanceof BranchInstruction) {
        BranchInstruction branch = (BranchInstruction) instr;
        if (branch.isIndirect()) {
          indirectBranches.add(branch);
        }
      }
    }
    return indirectBranches;
  }