Forums

I'm lead to believe that fancy disassemblers like IDA do some analysis of the jump and call addresses to decide which are functions and which are just for flow control. Emulicious tries to use anonymous labels sometimes which is nearly there same thing but I guess less heuristic and more based on locality.

On a large disassembly, it might be nice to figure out which labels are functions which get called from multiple places, which are called only once, and which are effectively internal to a larger piece of code. I was considering transforming the label set to a directed graph of callers and callees, and then seeing if some graph analysis could pull out clusters of related labels, for example.

Does something like this already exist, before I attempt to make something myself?

Maxim wrote

Does something like this already exist, before I attempt to make something myself?

I think a many disassemblers do that actually but one that comes to mind is yazd:

https://github.com/toptensoftware/yazd

Something more akin to ida is skoolkit but it may be too spectrum-centric.

Author	Message
Maxim Site Admin Joined: 19 Oct 1999 Posts: 14745 Location: London	Disassembly label analysis Posted: Fri Aug 04, 2017 6:52 am
	I'm lead to believe that fancy disassemblers like IDA do some analysis of the jump and call addresses to decide which are functions and which are just for flow control. Emulicious tries to use anonymous labels sometimes which is nearly there same thing but I guess less heuristic and more based on locality. On a large disassembly, it might be nice to figure out which labels are functions which get called from multiple places, which are called only once, and which are effectively internal to a larger piece of code. I was considering transforming the label set to a directed graph of callers and callees, and then seeing if some graph analysis could pull out clusters of related labels, for example. Does something like this already exist, before I attempt to make something myself?

Alcoholics Anonymous Joined: 17 Nov 2015 Posts: 97 Location: Canada	Posted: Fri Aug 04, 2017 2:28 pm
	Maxim wrote Does something like this already exist, before I attempt to make something myself? I think a many disassemblers do that actually but one that comes to mind is yazd: https://github.com/toptensoftware/yazd Something more akin to ida is skoolkit but it may be too spectrum-centric.

Forums

View topic - Disassembly label analysis