Add IDA function boundaries extraction scripts

73401675 · Andrea Gussoni · 0be1fd16 · 73401675 · 73401675
Commit 73401675 authored Dec 04, 2020 by Andrea Gussoni
--- a/scripting/ida-extraction-scripts/extract-all-function-boundaries.sh
+++ b/scripting/ida-extraction-scripts/extract-all-function-boundaries.sh
+#!/bin/bash
+
+if [ $# -eq 0 ]; then
+  echo "No arguments supplied"
+  exit 1
+fi
+
+arch=$1
+basepath=$(pwd)
+workdir=$basepath/workdir-$arch
+stripped_dir=$workdir/stripped
+json_dir=$workdir/ida-json
+
+if [ ! -d $json_dir ]; then
+  mkdir $json_dir;
+fi
+
+cd $stripped_dir
+
+for filename in *
+do
+  echo "IDA analysis: $filename"
+  $basepath/scripting/ida-extraction-scripts/extract-function-boundaries.sh $filename $json_dir/$filename.json.ida
+done;
--- a/scripting/ida-extraction-scripts/extract-function-boundaries.sh
+++ b/scripting/ida-extraction-scripts/extract-function-boundaries.sh
+#!/bin/bash
+
+set -e
+
+echo -n "$1"
+
+# Define and create folder for timing information
+timing_path="$(readlink -f $(pwd)/../timings/)"
+if [ ! -d $timing_path ]; then
+  mkdir $timing_path;
+fi
+
+script_path="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+# Define ida executable path
+ida_path="/home/andrea/paper/ida/"
+
+# The input file to decompile
+input="$1"
+
+# In principle, we would not want to analyze files with debug symbols.
+if [ "$(readelf -s $input | wc -l)" -gt 0 ]; then
+    echo "This file has symbols!"
+
+    # Unfortunately, this check is not always reliable. We want to avoid having
+    # debug symbols, not every symbol (as such function symbols) at all.
+    # exit 1
+fi
+
+# Select which version of IDA to use (32 vs 64 bit).
+if readelf -h "$input" | grep ELF64 > /dev/null; then
+    ida="$ida_path/idat64"
+    extension="i64"
+else
+    ida="$ida_path/idat"
+    extension="idb"
+fi
+
+# Make a copy of the input file.
+tmp_name="$input.tmp"
+
+# Prepare the name for the output file.
+export output="$(readlink -f $2)"
+
+# Make a copy of the input file.
+cp "$input" "$tmp_name"
+
+# Disassemble the file.
+sudo unshare -n sudo -u andrea /usr/bin/time --format="%S,%U,%e,%M" -o "$timing_path/$input.ida-boundaries-disassembly.time" "$ida" -B "$tmp_name"
+
+# Check that the IDA db file has been created.
+idb="$tmp_name.$extension"
+test -e "$idb"
+
+# Delete temp files still around
+rm -rf /tmp/ida
+
+# Decompile input file.
+sudo unshare -n sudo -u andrea /usr/bin/time --format="%S,%U,%e,%M" -o "$timing_path/$input.ida-boundaries-extraction.time" "$ida" -A -S"$script_path/ida-function-boundaries.py $2" "$idb"
+
+# Remove the temporary files.
+rm "$tmp_name.asm"
+rm "$idb"
+rm "$tmp_name"
+
+# Check that we produced the expected output file.
+test -s "$output"
+
+echo " OK"