{"id":601,"date":"2020-12-18T20:24:12","date_gmt":"2020-12-18T19:24:12","guid":{"rendered":"http:\/\/kronotai.com\/wordpress\/?page_id=601"},"modified":"2022-09-12T23:10:28","modified_gmt":"2022-09-12T21:10:28","slug":"example","status":"publish","type":"page","link":"https:\/\/kronotai.com\/wordpress\/example\/","title":{"rendered":"Example"},"content":{"rendered":"

<\/p>\n\n\n

As an example I’m using the hexdump executable<\/a> from the REC<\/a> homepage. The program named hexdump reads the files from the command line and outputs the content in hex and ascii. A sample output looks like<\/p>\n\n\n\n

00000000: 7F 45 4C 46 01 01 01 00 00 00 00 00 00 00 00 00.ELF............|
00000010: 02 00 03 00 01 00 00 00 A0 85 04 08 34 00 00 00............4...|
00000020: 40 23 00 00 00 00 00 00 34 00 20 00 05 00 28 00@#......4. ...(.|
00000030: 19 00 16 00 06 00 00 00 34 00 00 00 34 80 04 08........4...4...|
00000040: 34 80 04 08 A0 00 00 00 A0 00 00 00 05 00 00 004...............|
00000050: 04 00 00 00 03 00 00 00 D4 00 00 00 D4 80 04 08................|
...<\/pre>\n\n\n\n
The original source code is the following:<\/p>\n\n\n\n
#include <stdio.h>\n#include <sys\/stat.h>\n\nvoid   dumpline(unsigned char *p, unsigned long offset, int cnt)\n{\n   char   buff[80];\n   int    c;\n   int    len;\n\n   sprintf(buff, \"%08lX:\", offset);\n   if(cnt > 16)\n       cnt = 16;\n   for(c = 0; c < cnt; ++c)\n       sprintf(buff + c * 3 + 9, \" %02lX\", p[c]);\n   while(c++ < 16)\n       strcat(buff, \"   \");\n   len = strlen(buff);\n   strcpy(buff + len, \"  |\");\n   for(c = 0; c < cnt; ++c)\n       buff[len + c] = (p[c] >= ' ' && p[c] <= 0x7e) ? p[c] : '.';\n   while(c < 16)\n       buff[len + c++] = ' ';\n   strcpy(buff + len + c, \"|\");\n   printf(\"%s\\n\", buff);\n}\n\nint    hexdump(char *fname)\n{\n   unsigned char  buff[16];\n   unsigned long  offset;\n   FILE      *fp;\n   struct stat    st;\n   int       cnt;\n\n   if(!stat(fname, &st)) {\n       perror(fname);\n       return(1);\n   }\n   if(!(fp = fopen(fname, \"rb\"))) {\n       perror(fname);\n       return(1);\n   }\n   offset = 0;\n   while(offset < st.st_size) {\n       cnt = fread(buff, 1, sizeof(buff), fp);\n       if(!cnt)\n      break;\n       dumpline(buff, offset, cnt);\n       offset += cnt;\n   }\n   fclose(fp);\n   return(0);\n   \n}\n\nint    main(int argc, char *argv[])\n{\n   int    i;\n   int    errs;\n\n   errs = 0;\n   for(i = 1; i < argc; ++i)\n       errs += hexdump(argv[i]);\n   return(errs);\n}\n<\/code><\/pre>\n\n\n\n
As you can see three user functions and some library calls. <\/p>\n\n\n\n
Using the current version of holdec the decompiled output looks like:<\/p>\n\n\n\n
\/\/ address: 08048660.0\n\/\/ full-signature: func(dumpline, return=[], parameter=[<ptr(int(unsigned, 1)),p,unknown>, <int(unsigned, 4),offset,unknown>, <int(undef, 4),cnt,unknown>], varargs=false)\nvoid dumpline(u1* p, u4 offset, d4 cnt)\n{\n  (void) sprintf(&buffer, \"%08lX:\", offset);\n  if(cnt > 16) {\n    (void) STORE(&cnt, 16);\n  }\n  reg_var1 = 0;\n  while(reg_var1 < cnt) {\n    (void) sprintf(&buffer + reg_var1 * 3 + 9, \" %02lX\", UNSIGNED_EXTEND(LOAD(p + reg_var1)));\n    reg_var1++;\n  }\n  while(1) {\n    reg_var1++;\n    if(reg_var1 + -1 > 15) {\n      break;\n    }\n    (void) strcat(&buffer, \"   \");\n  }\n  reg_f = strlen(&buffer);\n  (void) strcpy(&buffer + reg_f, \"  |\");\n  reg_var2 = 0;\n  while(reg_var2 < cnt) {\n    reg_l = LOAD(p + reg_f + reg_var2) < 32 || LOAD(p + reg_f + reg_var2) > 126 ? 46 : LOAD(p + reg_f + reg_var2);\n    (void) STORE(&buffer + reg_f + reg_var2, reg_l);\n    reg_var2 += reg_f + 1;\n  }\n  for(...) {\n    \/\/ state = PASSIVE_USED_IN_MULTIPLE_JUMPS\n    while(reg_var2 < 16) {\n      (void) STORE(&buffer + reg_f + reg_var2, 32);\n      reg_var2++;\n    }\n  }\n  (void) strcpy(&buffer + reg_f + reg_var2, \"|\");\n  (void) printf(\"%s\\n\", &buffer);\n}\n\n\/\/ address: 080487f0.0\n\/\/ full-signature: func(hexdump, return=[<int(undef, 4),null,unknown>], parameter=[<ptr(int(undef, 1)),fname,unknown>], varargs=false)\nd4 hexdump(d1* fname)\n{\n  reg_a = stat(fname, &stat_buffer);\n  if(reg_a == 0) {\n    (void) perror(fname);\n    reg_result = 1;\n  } else {\n    reg_c = fopen(fname, \"rb\");\n    if(reg_c == 0) {\n      (void) perror(fname);\n      reg_result = 1;\n    } else {\n      reg_var1 = 0;\n      while(reg_var1 < LOAD(&stat_buffer + 20)) {\n        reg_g = fread(&read_buffer, 1, 16, reg_c);\n        if(reg_g == 0) {\n          break;\n        }\n        (void) dumpline(&read_buffer, reg_var1, reg_g);\n        reg_var1 += reg_g;\n      }\n      (void) fclose(reg_c);\n      reg_result = 0;\n    }\n  }\n  return reg_result;\n}\n\n\/\/ address: 080488e0.0\n\/\/ full-signature: func(main, return=[<int(undef, 4),null,unknown>], parameter=[<int(undef, 4),argc,unknown>, <ptr(ptr(int(undef, 1))),argv,unknown>], varargs=false)\nd4 main(d4 argc, d1** argv)\n{\n  reg_result = 0;\n  reg_var1 = 1;\n  while(reg_var1 < argc) {\n    reg_e = hexdump(LOAD(argv + reg_var1 * 4));\n    reg_result += reg_e;\n    reg_var1++;\n  }\n  return reg_result;\n}\n<\/code><\/pre>\n\n\n\n
This is still work in progress since obviously some aspects are still open: <\/p>\n\n\n\n