1NAME=ao 10~bytes 2FILE=bins/pe/15004.file 3CMDS=ao 10~bytes 4EXPECT=<<EOF 5bytes: e8d8170000 6bytes: 8d642444 7bytes: 0f85a6300000 8bytes: 60 9bytes: e84f0d0000 10bytes: f6d0 11bytes: 8d81c6140e8f 12bytes: 50 13bytes: 891c24 14bytes: 9c 15EOF 16RUN 17 18NAME=hang-on-aa/-aac fix (#15004) 19FILE=bins/pe/15004.file 20CMDS=<<EOF 21e anal.vars.stackname=true 22aa 23e asm.var=false 24pdb 25EOF 26EXPECT=<<EOF 27/ 337: entry0 (int32_t arg_40h, int32_t arg_44h); 28| 0x006453a1 e8d8170000 call fcn.00646b7e 29| 0x006453a6 8d642444 lea esp, [arg_44h] 30| ,=< 0x006453aa 0f85a6300000 jne 0x648456 31EOF 32RUN 33 34NAME=aap 35FILE=bins/pe/NoREpls.exe 36CMDS=<<EOF 37aaa 38s 0x00401e80 39afi. 40aap 41afi. 42EOF 43EXPECT=<<EOF 44fcn.00401e80 45EOF 46RUN 47 48NAME=anal.pushret 49FILE=- 50CMDS=<<EOF 51e asm.arch=x86 52e asm.bits=64 53"wa push 10;ret;nop;nop;nop;nop;nop;nop;nop;ret" 54e anal.pushret=true 55af 56afi~size 57EOF 58EXPECT=<<EOF 59size: 11 60EOF 61RUN 62 63 64NAME=aac pe trampoline fcn name 32bit 65FILE=bins/pe/testx32.exe 66CMDS=<<EOF 67e anal.autoname=false 68aac 69pd 1 @ 0x004017f6 70EOF 71EXPECT=<<EOF 72| 0x004017f6 e8c5040000 call sub.KERNEL32.dll_IsProcessorFeaturePresent ; BOOL IsProcessorFeaturePresent(DWORD ProcessorFeature) 73EOF 74RUN 75 76NAME=a2f 8 bbs 4 ret and some jumps 77FILE=malloc://512 78CMDS=<<EOF 79e anal.hasnext=0 80e asm.arch=x86 81e asm.bits=32 82wx 85c0740585c07405c385c0eb01c385c07401c3b8efbeaddec3 83a2f 84afb 85EOF 86EXPECT=<<EOF 870x00000000 0x00000004 00:0000 4 j 0x00000009 f 0x00000004 880x00000004 0x00000008 00:0000 4 j 0x0000000d f 0x00000008 890x00000008 0x00000009 00:0000 1 900x00000009 0x0000000d 00:0000 4 j 0x0000000e 910x0000000d 0x0000000e 00:0000 1 920x0000000e 0x00000012 00:0000 4 j 0x00000013 f 0x00000012 930x00000012 0x00000013 00:0000 1 940x00000013 0x00000019 00:0000 6 95EOF 96RUN 97 98NAME=a2f 3bbs with entry in the middle of the function 99FILE=malloc://512 100CMDS=<<EOF 101e anal.hasnext=0 102e asm.arch=x86 103e asm.bits=32 104wx 31c031c983c10183c10285c975f231c931c040c3 105s 0xa 106a2f 107afb 108EOF 109EXPECT=<<EOF 1100x00000000 0x0000000a 00:0000 10 j 0x0000000a 1110x0000000a 0x0000000e 00:0000 4 j 0x00000000 f 0x0000000e 1120x0000000e 0x00000014 00:0000 6 113EOF 114RUN 115 116NAME=a2f 6 bbs with entry at the end of the function 117FILE=malloc://512 118CMDS=<<EOF 119e anal.hasnext=0 120e asm.arch=x86 121e asm.bits=32 122wx 31c083c00183e801750831c083e80183c00131c983c10183e90175e431d283ea0183c2017402ebd831c0c3 123s 0x26 124a2f 125afb 126EOF 127EXPECT=<<EOF 1280x00000000 0x0000000a 00:0000 10 j 0x00000012 f 0x0000000a 1290x0000000a 0x00000012 00:0000 8 j 0x00000012 1300x00000012 0x0000001c 00:0000 10 j 0x00000000 f 0x0000001c 1310x0000001c 0x00000026 00:0000 10 j 0x00000028 f 0x00000026 1320x00000026 0x00000028 00:0000 2 j 0x00000000 1330x00000028 0x0000002b 00:0000 3 134EOF 135RUN 136 137NAME=a2f cjmp 138FILE=malloc://0x5000 139CMDS=<<EOF 140e asm.arch = x86 141e anal.arch = x86 142e io.cache=true 143e asm.bits=32 144wx 31c0740140c3 145a2f 146afb 147EOF 148EXPECT=<<EOF 1490x00000000 0x00000004 00:0000 4 j 0x00000005 f 0x00000004 1500x00000004 0x00000005 00:0000 1 j 0x00000005 1510x00000005 0x00000006 00:0000 1 152EOF 153RUN 154 155NAME=aaa with axt 156FILE=bins/pe/keygen.exe 157CMDS=<<EOF 158aar 159axt 0x4bffb0 160EOF 161EXPECT=<<EOF 162(nofunc) 0x4bfe53 [DATA] mov edx, 0x4bffb0 163EOF 164RUN 165 166NAME=aaa with maxbbsz 167FILE=bins/pe/flare_notepad.ex 168CMDS=<<EOF 169e anal.bb.maxsize = 2048 170aaa 171pdf~?ret 172EOF 173EXPECT=<<EOF 1741 175EOF 176RUN 177 178NAME=cyclomatic 179FILE=bins/pe/rabin2.exe 180CMDS=<<EOF 181s 0x140002510;af;afi~complex[1] 182afb.@0x14000253e 183EOF 184EXPECT=<<EOF 18567 1860x14000253e 0x14000255e 00:0000 32 s 0x140002579 s 0x14000255e s 0x1400025e1 s 0x14000258c s 0x1400025a1 s 0x1400025b6 s 0x1400025c9 187EOF 188RUN 189 190NAME=lab1B 191FILE=bins/elf/lab1B 192BROKEN=1 193CMDS=<<EOF 194s 0x08048a8b 195af 196afb 197?e 198pdf 199EOF 200EXPECT=<<EOF 2010x08048a8b 0x08048a91 00:0000 6 j 0x08048bd5 f 0x08048a91 2020x08048a91 0x08048aa0 00:0000 15 2030x08048bd5 0x08048be4 00:0000 15 204 205/ (fcn) fcn.08048a8b 36 206| fcn.08048a8b (); 207| ; var int var_ch @ ebp-0xc 208| ,=< 0x08048a8b 0f8744010000 ja 0x8048bd5 209| | 0x08048a91 8b45f4 mov eax, dword [var_ch] 210| | 0x08048a94 c1e002 shl eax, 2 211| | 0x08048a97 05308d0408 add eax, 0x8048d30 212| | 0x08048a9c 8b00 mov eax, dword [eax] 213| | 0x08048a9e ffe0 jmp eax 214.. 215| ||||||`-> 0x08048bd5 e856fcffff call sym.imp.rand ; int rand(void) 216| |||||| 0x08048bda 890424 mov dword [esp], eax 217| |||||| 0x08048bdd e8d5fdffff call sym.decrypt 218| ``````--> 0x08048be2 c9 leave 219\ 0x08048be3 c3 ret 220EOF 221RUN 222 223NAME=bug-cjmp 224FILE=bins/mach0/bug-cjmp 225CMDS=<<EOF 226af 227afb 228EOF 229EXPECT=<<EOF 2300x100000f30 0x100000f4c 00:0000 28 j 0x100000f61 f 0x100000f4c 2310x100000f4c 0x100000f61 00:0000 21 j 0x100000f79 2320x100000f61 0x100000f70 00:0000 15 2330x100000f79 0x100000f82 00:0000 9 234EOF 235RUN 236 237NAME=bug-cjmp-ok 238FILE=bins/mach0/bug-cjmp-ok 239CMDS=<<EOF 240af 241afb 242EOF 243EXPECT=<<EOF 2440x100000f30 0x100000f4c 00:0000 28 j 0x100000f61 f 0x100000f4c 2450x100000f4c 0x100000f61 00:0000 21 j 0x100000f79 2460x100000f61 0x100000f79 00:0000 24 j 0x100000f79 2470x100000f79 0x100000f82 00:0000 9 248EOF 249RUN 250 251NAME=x86: fastcall argument analysis 252FILE=bins/elf/analysis/fast 253CMDS=aa ; s sym.fastcaslled ; afc fastcall ; afva ; pdf~arg,var 254EXPECT=<<EOF 255/ 59: sym.fastcaslled (int32_t arg1, int32_t arg2, int32_t arg_8h, int32_t arg_ch); 256| ; var int32_t var_20h @ ebp-0x20 257| ; var int32_t var_1ch @ ebp-0x1c 258| ; var int32_t var_10h @ ebp-0x10 259| ; var int32_t var_ch @ ebp-0xc 260| ; arg int32_t arg_8h @ ebp+0x8 261| ; arg int32_t arg_ch @ ebp+0xc 262| ; arg int32_t arg1 @ ecx 263| ; arg int32_t arg2 @ edx 264| 0x08048421 894de4 mov dword [var_1ch], ecx ; arg1 265| 0x08048424 8955e0 mov dword [var_20h], edx ; arg2 266| 0x08048427 8b55e4 mov edx, dword [var_1ch] 267| 0x0804842a 8b45e0 mov eax, dword [var_20h] 268| 0x0804842f 8945f4 mov dword [var_ch], eax 269| 0x08048432 8b45e0 mov eax, dword [var_20h] 270| 0x08048435 2b450c sub eax, dword [arg_ch] 271| 0x08048438 8945f0 mov dword [var_10h], eax 272| 0x0804843b ff7508 push dword [arg_8h] 273| 0x0804843e ff75f0 push dword [var_10h] 274| 0x08048441 ff75f4 push dword [var_ch] 275EOF 276RUN 277 278NAME=adf bug #16215 279FILE=- 280CMDS=adf 281EXPECT=<<EOF 282EOF 283RUN 284 285NAME=adf analysis on an obfuscated executable 286FILE=bins/pe/cmd_adf_sample0.exe 287BROKEN=1 288CMDS=<<EOF 289e asm.arch=x86 290e asm.bits=32 291e asm.os=linux 292e asm.lines.bb=false 293e asm.lines.out=false 294e asm.bytes=false 295e asm.indentspace=0 296e asm.jmphints=false 297e asm.xrefs=false 298e asm.functions=false 299e asm.fcncalls=false 300e asm.lines.fcn=false 301e scr.utf8=false 302e anal.jmp.after=false 303e anal.calls=false 304e anal.jmp.cref=false 305e anal.jmp.above=true 306e anal.jmp.ref=true 307e anal.split=true 308# HACK to avoid ASAN taking too long on travis.. this is broken anyway 309e anal.bb.maxsize=1K 310adf @ sym.testObf27.exe_VirtMe 311.adf @ sym.testObf27.exe_VirtMe 312adf @ 0x00560e67 313.adf @ 0x00560e67 314pd 4 @ 0x00560e67 315EOF 316EXPECT=<<EOF 3170x00560e67 push esi 3180x00560e68 jmp 0x560e7d 3190x00560e6d hex length=16 delta=0 3200x00560e6d 51e5 d61d 31ea ce05 063b d4d4 1b00 8596 Q...1....;...... 321 3220x00560e7d pop esi 323EOF 324RUN 325 326NAME=af anal.endsize 327FILE=bins/elf/echo-bin 328CMDS=<<EOF 329e anal.endsize=0 330aaa 331s 0x1144 332afi~name 333EOF 334EXPECT=<<EOF 335name: main 336EOF 337RUN 338 339NAME=af anal.endsize 340FILE=bins/elf/echo-bin 341CMDS=<<EOF 342e anal.endsize=1 343aaa 344s 0x1144 345afi~name 346EOF 347EXPECT=<<EOF 348name: main 349EOF 350RUN 351 352NAME=af 8 bbs 4 ret and some jumps 353FILE=malloc://512 354CMDS=<<EOF 355e anal.hasnext=0 356e asm.arch=x86 357e asm.bits=32 358wx 85c0740585c07405c385c0eb01c385c07401c3b8efbeaddec3 359af 360afb 361EOF 362EXPECT=<<EOF 3630x00000000 0x00000004 00:0000 4 j 0x00000009 f 0x00000004 3640x00000004 0x00000008 00:0000 4 j 0x0000000d f 0x00000008 3650x00000008 0x00000009 00:0000 1 3660x00000009 0x0000000d 00:0000 4 j 0x0000000e 3670x0000000d 0x0000000e 00:0000 1 3680x0000000e 0x00000012 00:0000 4 j 0x00000013 f 0x00000012 3690x00000012 0x00000013 00:0000 1 3700x00000013 0x00000019 00:0000 6 371EOF 372RUN 373 374NAME=af 3bbs with entry in the middle of the function 375FILE=malloc://512 376CMDS=<<EOF 377e anal.hasnext=0 378e asm.arch=x86 379e asm.bits=32 380wx 31c031c983c10183c10285c975f231c931c040c3 381s 0xa 382af 383afb 384EOF 385EXPECT=<<EOF 3860x00000000 0x0000000a 00:0000 10 j 0x0000000a 3870x0000000a 0x0000000e 00:0000 4 j 0x00000000 f 0x0000000e 3880x0000000e 0x00000014 00:0000 6 389EOF 390RUN 391 392NAME=af 6 bbs with entry at the end of the function 393FILE=malloc://512 394CMDS=<<EOF 395e anal.hasnext=0 396e asm.arch=x86 397e asm.bits=32 398wx 31c083c00183e801750831c083e80183c00131c983c10183e90175e431d283ea0183c2017402ebd831c0c3 399s 0x26 400af 401afb 402EOF 403EXPECT=<<EOF 4040x00000000 0x0000000a 00:0000 10 j 0x00000012 f 0x0000000a 4050x0000000a 0x00000012 00:0000 8 j 0x00000012 4060x00000012 0x0000001c 00:0000 10 j 0x00000000 f 0x0000001c 4070x0000001c 0x00000026 00:0000 10 j 0x00000028 f 0x00000026 4080x00000026 0x00000028 00:0000 2 j 0x00000000 4090x00000028 0x0000002b 00:0000 3 410EOF 411RUN 412 413NAME=af+afl on pe/test 414FILE=bins/pe/test.exe 415CMDS=<<EOF 416s 0x401000 417af 418afl 419EOF 420EXPECT=<<EOF 4210x00401000 1 59 main 4220x004010e4 4 148 fcn.004010e4 4230x004010c7 1 29 fcn.004010c7 4240x0040104a 4 109 fcn.0040104a 4250x0040103b 3 15 fcn.0040103b 4260x00401335 3 262 loc.00401335 4270x00404ad7 1 8 fcn.00404ad7 428EOF 429RUN 430 431NAME=anal.fcnprefix 432FILE=bins/pe/test.exe 433CMDS=<<EOF 434s 0x401000 435e anal.fcnprefix=root 436af 437afl 438EOF 439EXPECT=<<EOF 4400x00401000 1 59 main 4410x004010e4 4 148 root.004010e4 4420x004010c7 1 29 root.004010c7 4430x0040104a 4 109 root.0040104a 4440x0040103b 3 15 root.0040103b 4450x00401335 3 262 loc.00401335 4460x00404ad7 1 8 root.00404ad7 447EOF 448RUN 449 450NAME=syscall emu 451FILE=bins/elf/analysis/hello.raw 452CMDS=<<EOF 453e asm.arch=x86 454e asm.bits=32 455e asm.os=linux 456e asm.emu=true 457e asm.bytes=0 458e asm.cmt.col=20 459e asm.lines.bb=false 460pd 20~write,exit 461EOF 462EXPECT=<<EOF 463 0x00000014 int 0x80 ; 4 = write (1, "Hello, world!.", 14) 464 0x0000001b int 0x80 ; 1 = exit (1) 465EOF 466RUN 467 468NAME=Windows Function EMU printf 469FILE=bins/pe/standard.exe 470CMDS=<<EOF 471e asm.arch=x86 472e asm.bits=32 473e asm.os=windows 474e asm.emu=true 475e emu.write=true 476e asm.bytes=0 477e asm.cmt.col=20 478e asm.lines.bb=false 479aeim 480s 0x00402ade 481pd 4~printf 482EOF 483EXPECT=<<EOF 484 0x00402ae8 call dword [sym.imp.msvcrt.dll_printf] ; 0x402d48 ; esp=0x177ff8 ; eip=0x2d08 reloc.msvcrt.dll_printf 485 ; int printf(" - RT_MANIFEST resource located\n") 486EOF 487RUN 488 489NAME=af- bug 490FILE=- 491CMDS=af+ $$ foo; af- $$;afl~? 492EXPECT=<<EOF 4930 494EOF 495RUN 496 497NAME=anal.recont=true 498FILE=bins/pe/bcc1.ex 499CMDS=<<EOF 500e anal.recont=true 501af 502afb 503afb @ 0x401012 504afb @ 0x40dfd0 505EOF 506EXPECT=<<EOF 5070x00401000 0x00401002 00:0000 2 5080x00401012 0x00401059 00:0000 71 5090x0040dfd0 0x0040e075 00:0000 165 j 0x0040e0af f 0x0040e075 5100x0040e075 0x0040e094 00:0000 31 j 0x0040e0a8 5110x0040e094 0x0040e0a8 00:0000 20 j 0x0040e0a8 5120x0040e0a8 0x0040e0af 00:0000 7 j 0x0040e094 f 0x0040e0af 5130x0040e0af 0x0040e0c4 00:0000 21 j 0x0040e12b f 0x0040e0c4 5140x0040e0c4 0x0040e0cc 00:0000 8 j 0x0040e0cd 5150x0040e0cc 0x0040e0cd 00:0000 1 j 0x0040e0cd 5160x0040e0cd 0x0040e0d3 00:0000 6 j 0x0040e0cc f 0x0040e0d3 5170x0040e0d3 0x0040e0d7 00:0000 4 j 0x0040e0cc f 0x0040e0d7 5180x0040e0d7 0x0040e0dc 00:0000 5 j 0x0040e0e1 f 0x0040e0dc 5190x0040e0dc 0x0040e0e1 00:0000 5 j 0x0040e0e6 5200x0040e0e1 0x0040e0e5 00:0000 4 j 0x0040e0e6 5210x0040e0e5 0x0040e0e6 00:0000 1 j 0x0040e0e6 5220x0040e0e6 0x0040e0ec 00:0000 6 j 0x0040e0f4 f 0x0040e0ec 5230x0040e0ec 0x0040e0f0 00:0000 4 j 0x0040e0f4 f 0x0040e0f0 5240x0040e0f0 0x0040e0f4 00:0000 4 j 0x0040e0e5 f 0x0040e0f4 5250x0040e0f4 0x0040e0f9 00:0000 5 j 0x0040e0fd f 0x0040e0f9 5260x0040e0f9 0x0040e0fc 00:0000 3 j 0x0040e0fd 5270x0040e0fc 0x0040e0fd 00:0000 1 j 0x0040e0fd 5280x0040e0fd 0x0040e103 00:0000 6 j 0x0040e107 f 0x0040e103 5290x0040e103 0x0040e107 00:0000 4 j 0x0040e0fc f 0x0040e107 5300x0040e107 0x0040e10b 00:0000 4 j 0x0040e0fc f 0x0040e10b 5310x0040e10b 0x0040e12b 00:0000 32 j 0x0040e14c 5320x0040e12b 0x0040e14c 00:0000 33 j 0x0040e14c 5330x0040e14c 0x0040e153 00:0000 7 534EOF 535RUN 536 537NAME=afb twice 538FILE=bins/pe/bcc1.ex 539CMDS=<<EOF 540e anal.recont=true 541e anal.depth=100 542e anal.hasnext=true 543af @ 0x40dfd0 544af;afb;afb @ 0x40dfd0 545EOF 546EXPECT=<<EOF 5470x00401000 0x00401002 00:0000 2 j 0x00401012 5480x00401012 0x00401059 00:0000 71 j 0x0040dfd0 5490x0040dfd0 0x0040e075 00:0000 165 j 0x0040e0af f 0x0040e075 5500x0040e075 0x0040e094 00:0000 31 j 0x0040e0a8 5510x0040e094 0x0040e0a8 00:0000 20 j 0x0040e0a8 5520x0040e0a8 0x0040e0af 00:0000 7 j 0x0040e094 f 0x0040e0af 5530x0040e0af 0x0040e0c4 00:0000 21 j 0x0040e12b f 0x0040e0c4 5540x0040e0c4 0x0040e0cc 00:0000 8 j 0x0040e0cd 5550x0040e0cc 0x0040e0cd 00:0000 1 j 0x0040e0cd 5560x0040e0cd 0x0040e0d3 00:0000 6 j 0x0040e0cc f 0x0040e0d3 5570x0040e0d3 0x0040e0d7 00:0000 4 j 0x0040e0cc f 0x0040e0d7 5580x0040e0d7 0x0040e0dc 00:0000 5 j 0x0040e0e1 f 0x0040e0dc 5590x0040e0dc 0x0040e0e1 00:0000 5 j 0x0040e0e6 5600x0040e0e1 0x0040e0e5 00:0000 4 j 0x0040e0e6 5610x0040e0e5 0x0040e0e6 00:0000 1 j 0x0040e0e6 5620x0040e0e6 0x0040e0ec 00:0000 6 j 0x0040e0f4 f 0x0040e0ec 5630x0040e0ec 0x0040e0f0 00:0000 4 j 0x0040e0f4 f 0x0040e0f0 5640x0040e0f0 0x0040e0f4 00:0000 4 j 0x0040e0e5 f 0x0040e0f4 5650x0040e0f4 0x0040e0f9 00:0000 5 j 0x0040e0fd f 0x0040e0f9 5660x0040e0f9 0x0040e0fc 00:0000 3 j 0x0040e0fd 5670x0040e0fc 0x0040e0fd 00:0000 1 j 0x0040e0fd 5680x0040e0fd 0x0040e103 00:0000 6 j 0x0040e107 f 0x0040e103 5690x0040e103 0x0040e107 00:0000 4 j 0x0040e0fc f 0x0040e107 5700x0040e107 0x0040e10b 00:0000 4 j 0x0040e0fc f 0x0040e10b 5710x0040e10b 0x0040e12b 00:0000 32 j 0x0040e14c 5720x0040e12b 0x0040e14c 00:0000 33 j 0x0040e14c 5730x0040e14c 0x0040e153 00:0000 7 574EOF 575RUN 576 577NAME=./followbrokenfcnsrefs 578FILE=bins/pe/bdc1.ex 579CMDS=<<EOF 580e anal.brokenrefs=true 581af 582s 0x4068e8 583fd 584s 0x45a708 585fd 586s 0x45a720 587fd 588s 0x45a7a0 589fd 590s 0x4043d8 591fd 592EOF 593EXPECT=<<EOF 594fcn.004068e8 595fcn.0045a708 596fcn.0045a720 597fcn.0045a7a0 598fcn.004043d8 599EOF 600RUN 601 602NAME=function address from operand 603FILE=bins/pe/test.exe 604CMDS=<<EOF 605e anal.datarefs=true 606s 0x401820 607af 608s 0x401880 609fd 610EOF 611EXPECT=<<EOF 612fcn.00401880 613EOF 614RUN 615 616NAME=function address from data structure 617FILE=bins/pe/test.exe 618CMDS=<<EOF 619e anal.datarefs=true 620e anal.recont=true 621s 0x4039ba 622af 623s 0x401441 624fd 625EOF 626EXPECT=<<EOF 627fcn.00401441 628EOF 629RUN 630 631 632NAME=ensure jump within a function is added to the basic block 633FILE=bins/elf/echo 634CMDS=<<EOF 635aaa 636s 0xf34 637afb. 638EOF 639EXPECT=<<EOF 6400x00000f34 0x00000f4b 00:0000 23 j 0x00001144 641EOF 642RUN 643 644NAME=Main in disassembly 645FILE=bins/elf/analysis/ls2 646CMDS=<<EOF 647aa 648pi 1 @ 0x0040488d 649EOF 650EXPECT=<<EOF 651mov rdi, main 652EOF 653RUN 654 655NAME=Main in disassembly 656FILE=bins/elf/analysis/ls_main_bug 657CMDS=<<EOF 658aa 659afi @ main ~offset 660EOF 661EXPECT=<<EOF 662offset: 0x000038b0 663EOF 664RUN 665 666NAME=calc switch table 667FILE=bins/elf/calc.file 668CMDS=<<EOF 669af@0x8049203 670f~?switch 671EOF 672EXPECT=<<EOF 6737 674EOF 675RUN 676 677NAME=mac-ls switch count 678FILE=bins/mach0/mac-ls 679CMDS=<<EOF 680aaa 681f~?switch 682EOF 683EXPECT=<<EOF 6843 685EOF 686RUN 687 688NAME=mac-ls main switch 689FILE=bins/mach0/mac-ls 690CMDS=<<EOF 691s main;af 692f~switch 693f~?case 694EOF 695EXPECT=<<EOF 6960x1000011b5 1 switch.0x1000011b5 69773 698EOF 699RUN 700 701NAME=mac-ls switch count2 702FILE=bins/mach0/mac-ls 703CMDS=<<EOF 704aaa 705f~?case 706EOF 707EXPECT=<<EOF 70890 709EOF 710RUN 711 712NAME=mac-ls switch count3 713FILE=bins/pe/test.exe 714CMDS=<<EOF 715e anal.jmp.tbl=true 716s 0x402cb6 717af 718afb 719EOF 720EXPECT=<<EOF 7210x00402cb6 0x00402d2c 00:0000 118 j 0x00402d57 f 0x00402d2c 7220x00402d2c 0x00402d45 00:0000 25 j 0x00402d4f f 0x00402d45 7230x00402d45 0x00402d4f 00:0000 10 j 0x00402d4f 7240x00402d4f 0x00402d57 00:0000 8 j 0x0040388e 7250x00402d57 0x00402d5d 00:0000 6 j 0x00402dbb f 0x00402d5d 7260x00402d5d 0x00402d6e 00:0000 17 j 0x00402d89 f 0x00402d6e 7270x00402d6e 0x00402d73 00:0000 5 j 0x00402d89 f 0x00402d73 7280x00402d73 0x00402d89 00:0000 22 j 0x00402d8b 7290x00402d89 0x00402d8b 00:0000 2 j 0x00402d8b 7300x00402d8b 0x00402d91 00:0000 6 j 0x00402d2c f 0x00402d91 7310x00402d91 0x00402d96 00:0000 5 j 0x00402daf f 0x00402d96 7320x00402d96 0x00402d9b 00:0000 5 j 0x00402daf f 0x00402d9b 7330x00402d9b 0x00402daf 00:0000 20 j 0x00402db1 7340x00402daf 0x00402db1 00:0000 2 j 0x00402db1 7350x00402db1 0x00402dbb 00:0000 10 j 0x00402d2c f 0x00402dbb 7360x00402dbb 0x00402dc5 00:0000 10 j 0x00402d2c f 0x00402dc5 7370x00402dc5 0x00402de7 00:0000 34 j 0x00403875 f 0x00402de7 7380x00402de7 0x00402dfc 00:0000 21 j 0x00403875 f 0x00402dfc 7390x00402dfc 0x00402e03 00:0000 7 j 0x00402e12 f 0x00402e03 7400x00402e03 0x00402e12 00:0000 15 j 0x00402e14 7410x00402e12 0x00402e14 00:0000 2 j 0x00402e14 7420x00402e14 0x00402e30 00:0000 28 j 0x00403850 f 0x00402e30 7430x00402e30 0x00402e37 00:0000 7 s 0x00403038 s 0x00402e37 s 0x00402e67 s 0x00402ec5 s 0x00402f11 s 0x00402f1c s 0x00402f62 s 0x00403092 7440x00402e37 0x00402e67 00:0000 48 j 0x00403850 7450x00402e67 0x00402e6f 00:0000 8 j 0x00402eb9 f 0x00402e6f 7460x00402e6f 0x00402e74 00:0000 5 j 0x00402eaa f 0x00402e74 7470x00402e74 0x00402e79 00:0000 5 j 0x00402e9e f 0x00402e79 7480x00402e79 0x00402e7d 00:0000 4 j 0x00402e92 f 0x00402e7d 7490x00402e7d 0x00402e86 00:0000 9 j 0x00403850 f 0x00402e86 7500x00402e86 0x00402e92 00:0000 12 j 0x00403850 7510x00402e92 0x00402e9e 00:0000 12 j 0x00403850 7520x00402e9e 0x00402eaa 00:0000 12 j 0x00403850 7530x00402eaa 0x00402eb9 00:0000 15 j 0x00403850 7540x00402eb9 0x00402ec5 00:0000 12 j 0x00403850 7550x00402ec5 0x00402eca 00:0000 5 j 0x00402ef6 f 0x00402eca 7560x00402eca 0x00402ee4 00:0000 26 j 0x00403850 f 0x00402ee4 7570x00402ee4 0x00402ef6 00:0000 18 j 0x00403850 7580x00402ef6 0x00402f11 00:0000 27 j 0x00403850 7590x00402f11 0x00402f1c 00:0000 11 j 0x00403850 7600x00402f1c 0x00402f21 00:0000 5 j 0x00402f47 f 0x00402f21 7610x00402f21 0x00402f3b 00:0000 26 j 0x00403850 f 0x00402f3b 7620x00402f3b 0x00402f47 00:0000 12 j 0x00403850 7630x00402f47 0x00402f62 00:0000 27 j 0x00403850 7640x00402f62 0x00402f67 00:0000 5 j 0x00402fbc f 0x00402f67 7650x00402f67 0x00402f6c 00:0000 5 j 0x00402fb0 f 0x00402f6c 7660x00402f6c 0x00402f71 00:0000 5 j 0x00402f89 f 0x00402f71 7670x00402f71 0x00402f7a 00:0000 9 j 0x00403850 f 0x00402f7a 7680x00402f7a 0x00402f89 00:0000 15 j 0x00403850 7690x00402f89 0x00402f8e 00:0000 5 j 0x00402fa4 f 0x00402f8e 7700x00402f8e 0x00402fa4 00:0000 22 j 0x00403850 7710x00402fa4 0x00402fb0 00:0000 12 j 0x00403850 7720x00402fb0 0x00402fbc 00:0000 12 j 0x00403850 7730x00402fbc 0x00402fc2 00:0000 6 j 0x00402fe0 f 0x00402fc2 7740x00402fc2 0x00402fc8 00:0000 6 j 0x00402fe0 f 0x00402fc8 7750x00402fc8 0x00402fe0 00:0000 24 j 0x00403850 7760x00402fe0 0x00402fe4 00:0000 4 j 0x00403002 f 0x00402fe4 7770x00402fe4 0x00402fea 00:0000 6 j 0x00403002 f 0x00402fea 7780x00402fea 0x00403002 00:0000 24 j 0x00403850 7790x00403002 0x0040300a 00:0000 8 j 0x00403850 f 0x0040300a 7800x0040300a 0x00403012 00:0000 8 j 0x00403850 f 0x00403012 7810x00403012 0x0040301a 00:0000 8 j 0x00403850 f 0x0040301a 7820x0040301a 0x00403022 00:0000 8 j 0x00403850 f 0x00403022 7830x00403022 0x0040302a 00:0000 8 j 0x00403850 f 0x0040302a 7840x0040302a 0x00403032 00:0000 8 j 0x00403850 f 0x00403032 7850x00403032 0x00403038 00:0000 6 j 0x00403038 7860x00403038 0x0040305a 00:0000 34 j 0x0040307c f 0x0040305a 7870x0040305a 0x0040307c 00:0000 34 j 0x00402d2c f 0x0040307c 7880x0040307c 0x00403092 00:0000 22 j 0x00403850 7890x00403092 0x0040309e 00:0000 12 j 0x00403254 f 0x0040309e 7900x0040309e 0x004030a4 00:0000 6 j 0x004032fc f 0x004030a4 7910x004030a4 0x004030ad 00:0000 9 j 0x00403167 f 0x004030ad 7920x004030ad 0x004030af 00:0000 2 j 0x004030fb f 0x004030af 7930x004030af 0x004030b4 00:0000 5 j 0x004030c4 f 0x004030b4 7940x004030b4 0x004030b8 00:0000 4 j 0x004030dc f 0x004030b8 7950x004030b8 0x004030bc 00:0000 4 j 0x004030c4 f 0x004030bc 7960x004030bc 0x004030c4 00:0000 8 j 0x0040366f f 0x004030c4 7970x004030c4 0x004030dc 00:0000 24 j 0x00403332 7980x004030dc 0x004030ec 00:0000 16 j 0x0040318a f 0x004030ec 7990x004030ec 0x004030fb 00:0000 15 j 0x0040318a 8000x004030fb 0x00403107 00:0000 12 j 0x00403111 f 0x00403107 8010x00403107 0x00403111 00:0000 10 j 0x00403111 8020x00403111 0x0040311c 00:0000 11 j 0x00403121 f 0x0040311c 8030x0040311c 0x00403121 00:0000 5 j 0x00403121 8040x00403121 0x00403143 00:0000 34 j 0x00403641 f 0x00403143 8050x00403143 0x00403147 00:0000 4 j 0x00403152 f 0x00403147 8060x00403147 0x00403152 00:0000 11 j 0x00403152 8070x00403152 0x00403167 00:0000 21 j 0x00403633 8080x00403167 0x00403170 00:0000 9 j 0x00403492 f 0x00403170 8090x00403170 0x00403174 00:0000 4 j 0x004031f3 f 0x00403174 8100x00403174 0x0040317c 00:0000 8 j 0x00403332 f 0x0040317c 8110x0040317c 0x00403184 00:0000 8 j 0x0040366f f 0x00403184 8120x00403184 0x0040318a 00:0000 6 j 0x0040318a 8130x0040318a 0x0040319f 00:0000 21 j 0x004031cf f 0x0040319f 8140x0040319f 0x004031c3 00:0000 36 j 0x004031e2 f 0x004031c3 8150x004031c3 0x004031cf 00:0000 12 j 0x004031e2 8160x004031cf 0x004031e2 00:0000 19 j 0x004031e2 8170x004031e2 0x004031f3 00:0000 17 j 0x0040366f 8180x004031f3 0x00403202 00:0000 15 j 0x0040323d f 0x00403202 8190x00403202 0x00403209 00:0000 7 j 0x0040323d f 0x00403209 8200x00403209 0x0040321e 00:0000 21 j 0x00403232 f 0x0040321e 8210x0040321e 0x00403232 00:0000 20 j 0x00403669 8220x00403232 0x0040323d 00:0000 11 j 0x00403669 8230x0040323d 0x00403249 00:0000 12 j 0x00403249 8240x00403249 0x00403254 00:0000 11 j 0x00403669 8250x00403254 0x0040325d 00:0000 9 j 0x0040349a f 0x0040325d 8260x0040325d 0x00403263 00:0000 6 j 0x00403488 f 0x00403263 8270x00403263 0x0040326c 00:0000 9 j 0x0040366f f 0x0040326c 8280x0040326c 0x00403275 00:0000 9 j 0x0040332c f 0x00403275 8290x00403275 0x0040327a 00:0000 5 j 0x004032f6 f 0x0040327a 8300x0040327a 0x0040327f 00:0000 5 j 0x004032ad f 0x0040327f 8310x0040327f 0x00403288 00:0000 9 j 0x0040366f f 0x00403288 8320x00403288 0x004032a1 00:0000 25 j 0x0040330d f 0x004032a1 8330x004032a1 0x004032ad 00:0000 12 j 0x0040330d 8340x004032ad 0x004032ca 00:0000 29 j 0x00402d2c f 0x004032ca 8350x004032ca 0x004032d3 00:0000 9 j 0x004032df f 0x004032d3 8360x004032d3 0x004032df 00:0000 12 j 0x004032e7 8370x004032df 0x004032e7 00:0000 8 j 0x004032e7 8380x004032e7 0x004032f6 00:0000 15 j 0x00403834 8390x004032f6 0x004032fc 00:0000 6 j 0x004032fc 8400x004032fc 0x00403303 00:0000 7 j 0x00403303 8410x00403303 0x0040330d 00:0000 10 j 0x0040330d 8420x0040330d 0x0040331f 00:0000 18 j 0x004034ff f 0x0040331f 8430x0040331f 0x0040332c 00:0000 13 j 0x00403538 8440x0040332c 0x00403332 00:0000 6 j 0x00403332 8450x00403332 0x00403358 00:0000 38 j 0x00403364 f 0x00403358 8460x00403358 0x00403364 00:0000 12 j 0x004033ce 8470x00403364 0x00403366 00:0000 2 j 0x00403377 f 0x00403366 8480x00403366 0x0040336b 00:0000 5 j 0x004033ce f 0x0040336b 8490x0040336b 0x00403377 00:0000 12 j 0x004033ce 8500x00403377 0x0040337f 00:0000 8 j 0x00403385 f 0x0040337f 8510x0040337f 0x00403385 00:0000 6 j 0x00403385 8520x00403385 0x00403391 00:0000 12 j 0x004033ce f 0x00403391 8530x00403391 0x004033b4 00:0000 35 j 0x004033c4 f 0x004033b4 8540x004033b4 0x004033c4 00:0000 16 j 0x004033ce 8550x004033c4 0x004033ce 00:0000 10 j 0x004033ce 8560x004033ce 0x0040342e 00:0000 96 j 0x0040344b f 0x0040342e 8570x0040342e 0x00403437 00:0000 9 j 0x0040344b f 0x00403437 8580x00403437 0x0040344b 00:0000 20 j 0x0040344b 8590x0040344b 0x00403454 00:0000 9 j 0x0040346c f 0x00403454 8600x00403454 0x00403458 00:0000 4 j 0x0040346c f 0x00403458 8610x00403458 0x0040346c 00:0000 20 j 0x0040346c 8620x0040346c 0x00403471 00:0000 5 j 0x00403482 f 0x00403471 8630x00403471 0x00403482 00:0000 17 j 0x00403482 8640x00403482 0x00403488 00:0000 6 j 0x00403249 8650x00403488 0x00403492 00:0000 10 j 0x00403492 8660x00403492 0x0040349a 00:0000 8 j 0x004034c4 8670x0040349a 0x004034a3 00:0000 9 j 0x00403111 f 0x004034a3 8680x004034a3 0x004034ab 00:0000 8 j 0x00403303 f 0x004034ab 8690x004034ab 0x004034b4 00:0000 9 j 0x0040366f f 0x004034b4 8700x004034b4 0x004034c4 00:0000 16 j 0x004034c4 8710x004034c4 0x004034db 00:0000 23 j 0x0040330d f 0x004034db 8720x004034db 0x004034ff 00:0000 36 j 0x0040330d 8730x004034ff 0x0040350b 00:0000 12 j 0x0040331f f 0x0040350b 8740x0040350b 0x00403513 00:0000 8 j 0x0040352b f 0x00403513 8750x00403513 0x0040351e 00:0000 11 j 0x00403524 f 0x0040351e 8760x0040351e 0x00403524 00:0000 6 j 0x00403528 8770x00403524 0x00403528 00:0000 4 j 0x00403528 8780x00403528 0x0040352b 00:0000 3 j 0x0040353e 8790x0040352b 0x00403533 00:0000 8 j 0x00403536 f 0x00403533 8800x00403533 0x00403536 00:0000 3 j 0x00403538 8810x00403536 0x00403538 00:0000 2 j 0x00403538 8820x00403538 0x0040353e 00:0000 6 j 0x0040353e 8830x0040353e 0x00403543 00:0000 5 j 0x0040355d f 0x00403543 8840x00403543 0x00403547 00:0000 4 j 0x0040355d f 0x00403547 8850x00403547 0x00403549 00:0000 2 j 0x0040354d f 0x00403549 8860x00403549 0x0040354d 00:0000 4 j 0x0040355d f 0x0040354d 8870x0040354d 0x0040355d 00:0000 16 j 0x0040355d 8880x0040355d 0x0040356d 00:0000 16 j 0x0040356f f 0x0040356d 8890x0040356d 0x0040356f 00:0000 2 j 0x0040356f 8900x0040356f 0x00403577 00:0000 8 j 0x00403583 f 0x00403577 8910x00403577 0x00403583 00:0000 12 j 0x0040359d 8920x00403583 0x00403597 00:0000 20 j 0x0040359d f 0x00403597 8930x00403597 0x0040359d 00:0000 6 j 0x0040359d 8940x0040359d 0x004035a3 00:0000 6 j 0x004035a9 f 0x004035a3 8950x004035a3 0x004035a9 00:0000 6 j 0x004035a9 8960x004035a9 0x004035ac 00:0000 3 j 0x004035ac 8970x004035ac 0x004035bc 00:0000 16 j 0x004035c2 f 0x004035bc 8980x004035bc 0x004035c2 00:0000 6 j 0x004035ef f 0x004035c2 8990x004035c2 0x004035e4 00:0000 34 j 0x004035ea f 0x004035e4 9000x004035e4 0x004035ea 00:0000 6 j 0x004035ea 9010x004035ea 0x004035ef 00:0000 5 j 0x004035ac 9020x004035ef 0x0040360d 00:0000 30 j 0x0040366f f 0x0040360d 9030x0040360d 0x00403611 00:0000 4 j 0x00403618 f 0x00403611 9040x00403611 0x00403618 00:0000 7 j 0x0040366f f 0x00403618 9050x00403618 0x0040362a 00:0000 18 j 0x00403669 9060x0040362a 0x00403630 00:0000 6 j 0x00403637 f 0x00403630 9070x00403630 0x00403633 00:0000 3 j 0x00403633 9080x00403633 0x00403637 00:0000 4 j 0x0040362a f 0x00403637 9090x00403637 0x00403641 00:0000 10 j 0x00403669 9100x00403641 0x00403645 00:0000 4 j 0x00403650 f 0x00403645 9110x00403645 0x00403650 00:0000 11 j 0x00403650 9120x00403650 0x00403658 00:0000 8 j 0x0040365f 9130x00403658 0x0040365e 00:0000 6 j 0x00403663 f 0x0040365e 9140x0040365e 0x0040365f 00:0000 1 j 0x0040365f 9150x0040365f 0x00403663 00:0000 4 j 0x00403658 f 0x00403663 9160x00403663 0x00403669 00:0000 6 j 0x00403669 9170x00403669 0x0040366f 00:0000 6 j 0x0040366f 9180x0040366f 0x0040367c 00:0000 13 j 0x00403834 f 0x0040367c 9190x0040367c 0x00403687 00:0000 11 j 0x004036bc f 0x00403687 9200x00403687 0x0040368f 00:0000 8 j 0x00403698 f 0x0040368f 9210x0040368f 0x00403698 00:0000 9 j 0x004036b2 9220x00403698 0x0040369d 00:0000 5 j 0x004036a6 f 0x0040369d 9230x0040369d 0x004036a6 00:0000 9 j 0x004036b2 9240x004036a6 0x004036ab 00:0000 5 j 0x004036bc f 0x004036ab 9250x004036ab 0x004036b2 00:0000 7 j 0x004036b2 9260x004036b2 0x004036bc 00:0000 10 j 0x004036bc 9270x004036bc 0x004036d9 00:0000 29 j 0x004036fe f 0x004036d9 9280x004036d9 0x004036dd 00:0000 4 j 0x004036fa 9290x004036dd 0x004036fa 00:0000 29 j 0x004036fe f 0x004036fa 9300x004036fa 0x004036fe 00:0000 4 j 0x004036dd f 0x004036fe 9310x004036fe 0x0040372d 00:0000 47 j 0x0040375b f 0x0040372d 9320x0040372d 0x00403736 00:0000 9 j 0x0040375b f 0x00403736 9330x00403736 0x0040373e 00:0000 8 j 0x00403757 9340x0040373e 0x00403757 00:0000 25 j 0x0040375b f 0x00403757 9350x00403757 0x0040375b 00:0000 4 j 0x0040373e f 0x0040375b 9360x0040375b 0x0040376a 00:0000 15 j 0x004037df f 0x0040376a 9370x0040376a 0x0040376e 00:0000 4 j 0x004037df f 0x0040376e 9380x0040376e 0x0040377a 00:0000 12 j 0x0040377a 9390x0040377a 0x004037a0 00:0000 38 j 0x004037d6 f 0x004037a0 9400x004037a0 0x004037a8 00:0000 8 j 0x004037d6 f 0x004037a8 9410x004037a8 0x004037d4 00:0000 44 j 0x0040377a f 0x004037d4 9420x004037d4 0x004037d6 00:0000 2 j 0x004037f9 9430x004037d6 0x004037df 00:0000 9 j 0x004037f9 9440x004037df 0x004037f9 00:0000 26 j 0x004037f9 9450x004037f9 0x00403802 00:0000 9 j 0x00403834 f 0x00403802 9460x00403802 0x0040380b 00:0000 9 j 0x00403834 f 0x0040380b 9470x0040380b 0x00403813 00:0000 8 j 0x00403830 9480x00403813 0x00403830 00:0000 29 j 0x00403834 f 0x00403830 9490x00403830 0x00403834 00:0000 4 j 0x00403813 f 0x00403834 9500x00403834 0x0040383d 00:0000 9 j 0x00403850 f 0x0040383d 9510x0040383d 0x00403850 00:0000 19 j 0x00403850 9520x00403850 0x00403862 00:0000 18 j 0x00403875 f 0x00403862 9530x00403862 0x00403875 00:0000 19 j 0x00402de7 9540x00403875 0x0040387e 00:0000 9 j 0x00403888 f 0x0040387e 9550x0040387e 0x00403888 00:0000 10 j 0x00403888 9560x00403888 0x0040388e 00:0000 6 j 0x0040388e 9570x0040388e 0x0040389d 00:0000 15 958EOF 959RUN 960 961 962NAME=mac-ls switch count4 963FILE=bins/pe/ConsoleApplication1.exe 964CMDS=<<EOF 965e anal.jmp.tbl=true 966s 0x401090 967af 968afb 969EOF 970EXPECT=<<EOF 9710x00401090 0x004010d2 00:0000 66 j 0x004010e8 f 0x004010d2 9720x004010d2 0x004010e8 00:0000 22 9730x004010e8 0x00401103 00:0000 27 j 0x00401103 9740x00401103 0x0040110e 00:0000 11 j 0x0040116b f 0x0040110e 9750x0040110e 0x00401115 00:0000 7 j 0x0040114f f 0x00401115 9760x00401115 0x00401119 00:0000 4 j 0x00401123 f 0x00401119 9770x00401119 0x00401123 00:0000 10 j 0x00401123 9780x00401123 0x00401138 00:0000 21 j 0x00401103 f 0x00401138 9790x00401138 0x0040114f 00:0000 23 9800x0040114f 0x0040116b 00:0000 28 9810x0040116b 0x00401173 00:0000 8 j 0x004011e5 f 0x00401173 9820x00401173 0x00401182 00:0000 15 j 0x00401182 9830x00401182 0x0040118a 00:0000 8 j 0x004011c8 f 0x0040118a 9840x0040118a 0x00401191 00:0000 7 s 0x00401196 s 0x00401191 s 0x004011a6 s 0x004011c3 9850x00401191 0x00401196 00:0000 5 j 0x004011d8 9860x00401196 0x004011a6 00:0000 16 j 0x004011d8 9870x004011a6 0x004011ac 00:0000 6 j 0x004011b1 f 0x004011ac 9880x004011ac 0x004011b1 00:0000 5 j 0x004011d8 9890x004011b1 0x004011b5 00:0000 4 j 0x004011ba f 0x004011b5 9900x004011b5 0x004011ba 00:0000 5 j 0x004011d8 9910x004011ba 0x004011be 00:0000 4 j 0x004011d8 f 0x004011be 9920x004011be 0x004011c3 00:0000 5 j 0x004011d8 9930x004011c3 0x004011c8 00:0000 5 j 0x004011d8 9940x004011c8 0x004011d8 00:0000 16 j 0x004011d8 9950x004011d8 0x004011e2 00:0000 10 j 0x00401182 f 0x004011e2 9960x004011e2 0x004011e5 00:0000 3 j 0x004011e5 9970x004011e5 0x00401249 00:0000 100 998EOF 999RUN 1000 1001NAME=ls_amd64 all switches 1002FILE=bins/jmptbl/ls_amd64 1003CMDS=<<EOF 1004aaa 1005CC. @@ switch 1006EOF 1007EXPECT=<<EOF 1008switch table (275 cases) at 0x4140b0 1009switch table (121 cases) at 0x413cc0 1010switch table (5 cases) at 0x414088 1011switch table (11 cases) at 0x418e00 1012switch table (127 cases) at 0x418e58 1013switch table (123 cases) at 0x419318 1014switch table (123 cases) at 0x4196f0 1015switch table (10 cases) at 0x419dc0 1016switch table (54 cases) at 0x419e98 1017switch table (54 cases) at 0x41a048 1018switch table (54 cases) at 0x41a268 1019switch table (54 cases) at 0x41a418 1020EOF 1021RUN 1022 1023 1024 1025NAME=clang_3.8_32 switch/case flags 1026FILE=bins/jmptbl/test_clang_3.8_32.out 1027CMDS=<<EOF 1028aaa 1029f~switch 1030f~case. 1031EOF 1032EXPECT=<<EOF 10330x080483fd 1 switch.0x080483fd 10340x08048404 1 case.0x80483fd.1 10350x08048404 1 case.0x80483fd.2 10360x08048404 1 case.0x80483fd.3 10370x0804840d 1 case.0x80483fd.0 10380x08048416 1 case.0x80483fd.4 10390x0804841f 1 case.0x80483fd.5 10400x08048428 1 case.0x80483fd.6 10410x08048431 1 case.0x80483fd.7 10420x08048431 1 case.0x80483fd.9 10430x08048431 1 case.default.0x80483fd 10440x0804843a 1 case.0x80483fd.8 10450x08048443 1 case.0x80483fd.10 10460x0804844c 1 case.0x80483fd.11 10470x08048455 1 case.0x80483fd.12 1048EOF 1049RUN 1050 1051 1052NAME=clang_5.0_32 switch/case flags 1053FILE=bins/jmptbl/test_clang_5.0_32.out 1054CMDS=<<EOF 1055aaa 1056f~switch 1057f~case. 1058EOF 1059EXPECT=<<EOF 10600x080483fd 1 switch.0x080483fd 10610x08048404 1 case.0x80483fd.1 10620x08048404 1 case.0x80483fd.2 10630x08048404 1 case.0x80483fd.3 10640x0804840d 1 case.0x80483fd.0 10650x08048416 1 case.0x80483fd.4 10660x0804841f 1 case.0x80483fd.5 10670x08048428 1 case.0x80483fd.6 10680x08048431 1 case.0x80483fd.7 10690x08048431 1 case.0x80483fd.9 10700x08048431 1 case.default.0x80483fd 10710x0804843a 1 case.0x80483fd.8 10720x08048443 1 case.0x80483fd.10 10730x0804844c 1 case.0x80483fd.11 10740x08048455 1 case.0x80483fd.12 1075EOF 1076RUN 1077 1078 1079NAME=msvc_1900_32 switch/case flags 1080FILE=bins/jmptbl/test_msvc_1900_32.exe 1081CMDS=<<EOF 1082aaa 1083f~switch 1084f~case. 1085EOF 1086EXPECT=<<EOF 10870x0040100e 1 switch.0x0040100e 10880x0040be85 1 switch.0x0040be85 10890x0040beb5 1 switch.0x0040beb5 10900x0040bf68 1 switch.0x0040bf68 10910x00401015 1 case.0x40100e.0 10920x00401025 1 case.0x40100e.1 10930x00401025 1 case.0x40100e.2 10940x00401025 1 case.0x40100e.3 10950x00401035 1 case.0x40100e.4 10960x00401045 1 case.0x40100e.5 10970x00401055 1 case.0x40100e.6 10980x00401065 1 case.0x40100e.8 10990x00401075 1 case.0x40100e.10 11000x00401085 1 case.0x40100e.11 11010x00401095 1 case.0x40100e.12 11020x004010a5 1 case.0x40100e.7 11030x004010a5 1 case.0x40100e.9 11040x004010a5 1 case.default.0x40100e 11050x0040be7e 1 case.default.0x40be85 11060x0040bed4 1 case.0x40beb5.0 11070x0040bed4 1 case.0x40be85.0 11080x0040bedc 1 case.0x40beb5.1 11090x0040bedc 1 case.0x40be85.1 11100x0040bee8 1 case.0x40beb5.2 11110x0040bee8 1 case.0x40be85.2 11120x0040befc 1 case.0x40beb5.3 11130x0040befc 1 case.0x40be85.3 11140x0040bf80 1 case.0x40bf68.0 11150x0040bf88 1 case.0x40bf68.1 11160x0040bf98 1 case.0x40bf68.2 11170x0040bfac 1 case.0x40bf68.3 11180x0040c074 1 case.default.0x40bf68 11190x0040c15b 1 case.default.0x40beb5 1120EOF 1121RUN 1122 1123 1124NAME=msvc_1913_32 switch/case flags 1125FILE=bins/jmptbl/test_msvc_1913_32.exe 1126CMDS=<<EOF 1127aaa 1128f~switch 1129f~case. 1130EOF 1131EXPECT=<<EOF 11320x0040100e 1 switch.0x0040100e 11330x00402875 1 switch.0x00402875 11340x004028a5 1 switch.0x004028a5 11350x00402958 1 switch.0x00402958 11360x00401015 1 case.0x40100e.0 11370x00401026 1 case.0x40100e.1 11380x00401026 1 case.0x40100e.2 11390x00401026 1 case.0x40100e.3 11400x00401037 1 case.0x40100e.4 11410x00401048 1 case.0x40100e.5 11420x00401059 1 case.0x40100e.6 11430x0040106a 1 case.0x40100e.8 11440x0040107b 1 case.0x40100e.10 11450x0040108c 1 case.0x40100e.11 11460x0040109d 1 case.0x40100e.12 11470x004010ae 1 case.0x40100e.7 11480x004010ae 1 case.0x40100e.9 11490x004010ae 1 case.default.0x40100e 11500x0040286e 1 case.default.0x402875 11510x004028c4 1 case.0x4028a5.0 11520x004028c4 1 case.0x402875.0 11530x004028cc 1 case.0x4028a5.1 11540x004028cc 1 case.0x402875.1 11550x004028d8 1 case.0x4028a5.2 11560x004028d8 1 case.0x402875.2 11570x004028ec 1 case.0x4028a5.3 11580x004028ec 1 case.0x402875.3 11590x00402970 1 case.0x402958.0 11600x00402978 1 case.0x402958.1 11610x00402988 1 case.0x402958.2 11620x0040299c 1 case.0x402958.3 11630x00402a64 1 case.default.0x402958 11640x00402b4b 1 case.default.0x4028a5 1165EOF 1166RUN 1167 1168NAME=cmu_binary_bomb switch case detection 1169FILE=bins/jmptbl/cmu_binary_bomb 1170CMDS=<<EOF 1171aa 1172f~switch 1173f~case 1174EOF 1175EXPECT=<<EOF 11760x08048bd6 1 switch.0x08048bd6 11770x08048be0 1 case.0x8048bd6.0 11780x08048c00 1 case.0x8048bd6.1 11790x08048c16 1 case.0x8048bd6.2 11800x08048c28 1 case.0x8048bd6.3 11810x08048c40 1 case.0x8048bd6.4 11820x08048c52 1 case.0x8048bd6.5 11830x08048c64 1 case.0x8048bd6.6 11840x08048c76 1 case.0x8048bd6.7 11850x08048c88 1 case.default.0x8048bd6 1186EOF 1187RUN 1188 1189NAME=./nojmpabove 1190FILE=bins/pe/test.exe 1191CMDS=<<EOF 1192e anal.jmp.above=false 1193af 1194afb 1195EOF 1196EXPECT=<<EOF 11970x0040132b 0x00401335 00:0000 10 1198EOF 1199RUN 1200 1201 1202NAME=./searchstringrefs 1203FILE=bins/pe/test.exe 1204CMDS=<<EOF 1205e anal.refstr=true 1206s 0x401000 1207af 1208afx 1209EOF 1210EXPECT=<<EOF 1211d 0x00401006 -> 0x0040d004 mov eax, dword [0x40d004] 1212s 0x00401010 -> 0x0040b9a0 0x6c6c6568 hell @ str.hello_n ascii ('h') 1213C 0x00401015 -> 0x004010e4 call fcn.004010e4 1214d 0x0040101e -> 0x0040b9a8 push 0x40b9a8 1215C 0x00401023 -> 0x004010c7 call fcn.004010c7 1216C 0x00401032 -> 0x0040103b call fcn.0040103b 1217EOF 1218RUN 1219 1220NAME=16bit segment bounds - capstone 1221FILE=malloc://1024k 1222CMDS=<<EOF 1223e asm.arch=x86 1224e anal.arch=x86 1225e asm.bits=16 1226e anal.hasnext=0 1227wx e9c300 @ f000:ffaa 1228s f000:ffaa 1229pi 1 1230EOF 1231EXPECT=<<EOF 1232jmp 0xf0070 1233EOF 1234RUN 1235 1236NAME=16bit segment bounds 2 1237FILE=malloc://1024k 1238CMDS=<<EOF 1239e asm.arch=x86 1240e asm.bits=16 1241e io.va=1 1242wx e97ae7 @ f000:1911 1243s f000:1911 1244ao 1~jump 1245EOF 1246EXPECT=<<EOF 1247description: jump 1248jump: 0x000f008e 1249EOF 1250RUN 1251 1252NAME=sar on x86-32 1253FILE=- 1254CMDS=<<EOF 1255e asm.arch=x86 1256e asm.bits=32 1257e anal.hasnext=0 1258# testing mov eax, -4 sar 1259# 64bit code seems to fail 1260# wx 48c7c0fcffffff 48d1f8 48d1f8 48d1f8 48d1f8 48d1f8 48d1f8 1261wx b8fcffffff d1f8 d1f8 d1f8 d1f8 d1f8 d1f8 1262aes 1263dr?eax 1264aes 1265dr?eax 1266aes 1267dr?eax 1268aes 1269dr?eax 1270aes 1271dr?eax 1272EOF 1273EXPECT=<<EOF 12740xfffffffc 12750xfffffffe 12760xffffffff 12770xffffffff 12780xffffffff 1279EOF 1280RUN 1281 1282NAME=int 0x80 doesn t terminate a function 1283FILE=- 1284CMDS=<<EOF 1285e asm.arch=x86 1286e asm.bits=32 1287e anal.hasnext=0 1288wx 5589d8b900000000b885000000cd8089c35dc3 1289af 1290afi~size 1291EOF 1292EXPECT=<<EOF 1293size: 19 1294EOF 1295RUN 1296 1297NAME=mnemonic - repe/cmpsb 1298FILE=- 1299CMDS=<<EOF 1300e asm.arch=x86 1301e asm.bits=64 1302a8 f3a6~mnemonic[1] 1303EOF 1304EXPECT=<<EOF 1305cmpsb 1306EOF 1307RUN 1308 1309NAME=ao 4~bytes 1310FILE=- 1311CMDS=<<EOF 1312e asm.arch=x86 1313e asm.bits=32 1314e anal.hasnext=0 1315wx 554889e5415741564155 1316ao 3~bytes 1317EOF 1318EXPECT=<<EOF 1319bytes: 55 1320bytes: 48 1321bytes: 89e5 1322EOF 1323RUN 1324 1325NAME=af fwd-jmp 1326FILE=- 1327CMDS=<<EOF 1328e asm.arch=x86 1329e asm.bits=32 1330wx 558bec6800304000e86300000083c404eb0d6808304000e85400000083c4046814304000e84700000083c40433c05dc3 1331af 1332afb 1333EOF 1334EXPECT=<<EOF 13350x00000000 0x00000012 00:0000 18 j 0x0000001f 13360x0000001f 0x00000030 00:0000 17 1337EOF 1338RUN 1339 1340NAME=af fwd-jmp 2 1341FILE=bins/elf/license_1.out 1342CMDS=<<EOF 1343af @ main 1344afb @ main~? 1345EOF 1346EXPECT=<<EOF 13479 1348EOF 1349RUN 1350 1351NAME=./x86_32_cs 1352FILE=- 1353CMDS=<<EOF 1354e asm.arch=x86 1355e asm.bits=32 1356e anal.hasnext=0 1357b 0x4e 1358wx 743684c0741284d2b8010000007509f3c30f1f8000000000488b4e40488b07488b1648394f407f187c1e4889d64889c7e933e1ffff0f1f0084d274c60f1f4000b8ffffffffc36690b801000000c3 1359af 1360pif~? 1361afi $$~size[1] 1362EOF 1363EXPECT=<<EOF 136432 136578 1366EOF 1367RUN 1368 1369NAME=./x86_32_cs2 1370FILE=- 1371CMDS=<<EOF 1372e asm.arch=x86 1373e asm.bits=32 1374e anal.hasnext=0 1375b 0x4e 1376wx 743684c0741284d2b8010000007509f3c30f1f8000000000488b4e40488b07488b1648394f407f187c1e4889d64889c7e933e1ffff0f1f0084d274c60f1f4000b8ffffffffc36690b801000000c3 1377af 1378# count basic blocks 1379pdr~true? 1380EOF 1381EXPECT=<<EOF 13827 1383EOF 1384RUN 1385 1386NAME=./x86_32_cs3 1387FILE=- 1388CMDS=<<EOF 1389e asm.arch=x86 1390e asm.bits=32 1391e anal.hasnext=0 1392b 0x4e 1393wx 5589e583ec2083f8000f8507000000b800000000eb05b80100000083c4205dc3 1394af 1395# count basic blocks 1396pdr~true? 1397pdr~false? 1398EOF 1399EXPECT=<<EOF 14003 14011 1402EOF 1403RUN 1404 1405NAME=./x86_win 1406FILE=bins/pe/standard.exe 1407CMDS=<<EOF 1408aaa 1409afi @ fcn.00402b2d~name 1410EOF 1411EXPECT=<<EOF 1412name: fcn.00402b2d 1413EOF 1414RUN 1415 1416NAME=./x86_win2 1417FILE=bins/pe/ioli/w32/crackme0x00.exe 1418CMDS=<<EOF 1419aaa 1420pd 1 @ sym.imp.msvcrt.dll_strlen~?dword 1421EOF 1422EXPECT=<<EOF 14231 1424EOF 1425RUN 1426 1427NAME=./x86_win3 1428FILE=bins/pe/testx64.exe 1429CMDS=<<EOF 1430aaa 1431pd 1 @ sym.imp.VCRUNTIME140.dll_memset~?qword 1432EOF 1433EXPECT=<<EOF 14341 1435EOF 1436RUN 1437 1438NAME=./x86_win4 1439FILE=bins/pe/96workingsections.exe 1440CMDS=<<EOF 1441aaa 1442afb @ sym.imp.kernel32.dll_ExitProcess 1443EOF 1444EXPECT=<<EOF 1445EOF 1446RUN 1447 1448NAME=xref aar on op.val 1449FILE=bins/elf/analysis/ch2.bin 1450CMDS=<<EOF 1451af@main 1452aar 1453axt @ str.john 1454EOF 1455EXPECT=<<EOF 1456main 0x804831a [DATA] mov dword [var_ch], str.john 1457EOF 1458RUN 1459 1460NAME=resolve reloc symbols 1 1461FILE=bins/elf/libc.so.6 1462CMDS=<<EOF 1463s 0x0003a4af 1464pd 1 1465EOF 1466EXPECT=<<EOF 1467 0x0003a4af ff15f33a1800 call qword [reloc.free] ; [0x1bdfa8:8]=0 1468EOF 1469RUN 1470 1471NAME=resolve reloc symbols 2 1472FILE=bins/elf/libc.so.6 1473CMDS=ir~0x[3] 1474EXPECT=<<EOF 14750x001bf3c0 1476_res 14770x00023a90 14780x00023af0 14790x0016ba40 14800x0016bab0 14810x0016bae0 14820x0016bb40 14830x0016bda0 14840x0016bfa0 14850x0016bfd0 14860x0016c020 14870x0016c090 14880x00090c50 14890x0016c1c0 14900x0016c210 14910x0016c220 14920x0016c2a0 14930x000f74d0 14940x0016c2c0 14950x0016c380 14960x0016c3c0 14970x0011d0d0 14980x0016c3f0 14990x0016c490 15000x0016c460 15010x0016c510 15020x0012c520 15030x0016c530 15040x0016c560 15050x0016c590 15060x0016c5c0 15070x0016c5f0 15080x0016c6b0 15090x0007f800 15100x0007f310 15110x0004def0 15120x0007ec30 15130x0007ec40 15140x0007ffd0 15150x0007eca0 15160x0007ee20 15170x0007f390 15180x0007f010 15190x0007eee0 15200x0007f300 15210x0007f080 15220x00080140 15230x00080150 15240x00080120 15250x0007f300 15260x00080130 15270x00075210 15280x00059a60 15290x0007ec30 15300x0007ec40 15310x00075050 15320x00075380 15330x000758e0 15340x0007f390 15350x0007f010 15360x0007eee0 15370x0007f300 15380x000754f0 15390x00080140 15400x00080150 15410x00080120 15420x0007f300 15430x00080130 15440x0007d230 15450x0007dcb0 15460x0007d9f0 15470x0007ec40 15480x0007ffd0 15490x0007ce20 15500x0007ee20 15510x000713b0 15520x0007f010 15530x0007bab0 15540x0007b9b0 15550x00070700 15560x00071290 15570x000712c0 15580x00071310 15590x00071370 15600x00080130 15610x00080160 15620x00080170 15630x0007d230 15640x0007dcb0 15650x0007d9f0 15660x0007ec40 15670x0007ffd0 15680x0007ce20 15690x0007ee20 15700x0007c230 15710x0007f010 15720x0007bab0 15730x0007b9b0 15740x00070700 15750x0007ce00 15760x0007c830 15770x0007bf60 15780x000723f0 15790x0007c810 15800x00080160 15810x00080170 15820x00076130 15830x00074990 15840x00075cc0 15850x000752a0 15860x00076110 15870x00075380 15880x000758e0 15890x00076250 15900x0007f010 15910x0007eee0 15920x0007f300 15930x000754f0 15940x00080140 15950x00080150 15960x00080120 15970x0007f300 15980x00080130 15990x00080160 16000x00080170 16010x00076130 16020x00075d20 16030x00075cc0 16040x000752a0 16050x00076110 16060x00075380 16070x000758e0 16080x00076250 16090x0007f010 16100x0007eee0 16110x0007f300 16120x000754f0 16130x00080140 16140x00080150 16150x00080120 16160x0007f300 16170x00080130 16180x00080160 16190x00080170 16200x0007d230 16210x000778d0 16220x00077540 16230x000752a0 16240x00075050 16250x00077d30 16260x0007c9e0 16270x00076c90 16280x0007f010 16290x0007baf0 16300x00077b90 16310x00071aa0 16320x0007ce00 16330x0007c830 16340x0007bf60 16350x0007baa0 16360x0007c810 16370x00080160 16380x00080170 16390x0007d230 16400x000778d0 16410x00077580 16420x000752a0 16430x00075050 16440x00077d30 16450x0007c9e0 16460x00076c90 16470x0007f010 16480x0007baf0 16490x00077b90 16500x00071aa0 16510x0007ce00 16520x0007c830 16530x0007bf60 16540x0007bcc0 16550x0007c810 16560x00080160 16570x00080170 16580x0007d230 16590x000778d0 16600x00076640 16610x000752a0 16620x00075050 16630x00077d30 16640x0007c9e0 16650x00076c90 16660x0007f010 16670x0007bab0 16680x00077b90 16690x00071aa0 16700x0007ce00 16710x0007c830 16720x0007bf60 16730x0007baa0 16740x0007c810 16750x00080160 16760x00080170 16770x000786c0 16780x00075d20 16790x00075cc0 16800x000752a0 16810x00076110 16820x00075380 16830x000758e0 16840x00076250 16850x0007f010 16860x0007eee0 16870x00078660 16880x000754f0 16890x00080140 16900x00080150 16910x00080120 16920x0007f300 16930x00080130 16940x00080160 16950x00080170 16960x000792d0 16970x00080300 16980x000802a0 16990x0007ec40 17000x00080660 17010x0007eca0 17020x0007ee20 17030x000807d0 17040x0007f010 17050x0007eee0 17060x00079280 17070x0007f080 17080x00080140 17090x00080150 17100x00080120 17110x0007f300 17120x00080130 17130x00080160 17140x00080170 17150x00080680 17160x000799c0 17170x000802a0 17180x0007ec40 17190x00080660 17200x0007eca0 17210x0007ee20 17220x000807d0 17230x0007f010 17240x0007eee0 17250x0007f300 17260x0007f080 17270x00080140 17280x00080150 17290x00080120 17300x0007f300 17310x00080130 17320x00080160 17330x00080170 17340x00079bf0 17350x00079b20 17360x0007d230 17370x0007dcb0 17380x0007c170 17390x0007ec40 17400x0007ffd0 17410x0007ce20 17420x0007c1c0 17430x0007b940 17440x0007f010 17450x0007baf0 17460x0007b9b0 17470x00070700 17480x0007ce00 17490x0007c830 17500x0007bf60 17510x0007baa0 17520x0007c810 17530x00080160 17540x00080170 17550x0007d230 17560x0007dcb0 17570x0007cd70 17580x0007ec40 17590x0007ffd0 17600x0007ce20 17610x0007c8d0 17620x0007cc40 17630x0007f010 17640x0007baf0 17650x0007bf70 17660x00070700 17670x0007ce00 17680x0007c830 17690x0007bf60 17700x0007bcc0 17710x0007c810 17720x00080160 17730x00080170 17740x0007d230 17750x0007dcb0 17760x0007d9f0 17770x0007ec40 17780x0007ffd0 17790x0007ce20 17800x0007c9e0 17810x0007c230 17820x0007f010 17830x0007bab0 17840x0007b9b0 17850x00070700 17860x0007ce00 17870x0007c830 17880x0007bf60 17890x0007baa0 17900x0007c810 17910x00080160 17920x00080170 17930x00080680 17940x00080300 17950x000802a0 17960x0007ec40 17970x00080660 17980x0007eca0 17990x0007ee20 18000x000807d0 18010x0007f010 18020x0007eee0 18030x0007f300 18040x0007f080 18050x00080140 18060x00080150 18070x00080120 18080x0007f300 18090x00080130 18100x00080160 18110x00080170 18120x00080680 18130x0010aa10 18140x000802a0 18150x0007ec40 18160x00080660 18170x0007eca0 18180x0007ee20 18190x000807d0 18200x0007f010 18210x0007eee0 18220x0007f300 18230x0007f080 18240x00080140 18250x00080150 18260x00080120 18270x0007f300 18280x00080130 18290x00080160 18300x00080170 18310x001bb340 18320x0016d9e0 18330x0016d900 18340x0016d680 18350x0016db40 18360x0016d920 18370x0016d650 18380x0016d640 18390x0016d620 18400x0016d5e0 18410x0016d650 18420x0018c7c0 18430x0016d5a0 18440x00186007 18450x0016f2e0 18460x0016e8e0 18470x0016e2e0 18480x0016eee0 18490x0016dc20 18500x0016dc6a 18510x0016dc80 18520x00187ea8 18530x0016eae0 18540x0016e4e0 18550x00185ee7 18560x001858ec 18570x0018590a 18580x00185591 18590x001840be 18600x001841f6 18610x00183e10 18620x001841f8 18630x00185c3d 18640x001841fa 18650x0018c860 18660x0018cb0c 18670x0018c868 18680x0018c870 18690x0018c878 18700x0018c880 18710x0018c888 18720x0018c890 18730x0018c898 18740x0018c8a0 18750x00185ee7 18760x001858ec 18770x0018590a 18780x00185591 18790x001840be 18800x001841f6 18810x00183e10 18820x001841f8 18830x00185c3d 18840x001841fa 18850x00178080 18860x00175620 18870x001740e0 18880x0016f5e0 18890x0018cb64 18900x0016e2a0 18910x0016e240 18920x0016e1e0 18930x0016e180 18940x0016e120 18950x0016e0c0 18960x0016e060 18970x0016e000 18980x0016dfa0 18990x0016df40 19000x0016dee0 19010x0016de80 19020x0016dda0 19030x0016dce0 19040x00186007 19050x001841fc 19060x00184202 19070x0018431f 19080x0018431f 19090x00187ea8 19100x00186007 19110x0018431f 19120x0018431f 19130x0018431f 19140x0018431f 19150x0018431f 19160x0018431f 19170x0018431f 19180x00184208 19190x00184208 19200x00184208 19210x00184208 19220x00184208 19230x00184208 19240x00184208 19250x00184208 19260x00185cdd 19270x00184208 19280x00184208 19290x00184208 19300x00184208 19310x00184208 19320x00184208 19330x0018431f 19340x0018431f 19350x00184208 19360x00184208 19370x00184208 19380x00184208 19390x00184208 19400x00184208 19410x00184208 19420x00184208 19430x00184208 19440x00184208 19450x00184208 19460x00184208 19470x00184208 19480x00184208 19490x0018c7c8 19500x00187ea8 19510x00186007 19520x00185e71 19530x0018431f 19540x0018431f 19550x00187ea8 19560x00186007 19570x0018420a 19580x0018420e 19590x00184212 19600x00184216 19610x0018421a 19620x0018421e 19630x00184222 19640x00184226 19650x0018422d 19660x00184234 19670x0018423c 19680x00184246 19690x0018424f 19700x00184256 19710x0018425f 19720x00184263 19730x00184267 19740x0018426b 19750x0018426f 19760x00184273 19770x00184277 19780x0018427b 19790x0018427f 19800x00184283 19810x00184287 19820x0018428b 19830x0018428f 19840x00184297 19850x001842a0 19860x001842a6 19870x0018426f 19880x001842ac 19890x001842b1 19900x001842b6 19910x001842bd 19920x001842c7 19930x001842cf 19940x001842d8 19950x001842e1 19960x001842e4 19970x001842e7 19980x001842fc 19990x00184305 20000x0018430e 20010x0018431f 20020x0018431f 20030x0018431f 20040x0018431f 20050x0018431f 20060x0018431f 20070x0018431f 20080x0018c8a8 20090x0018c8b8 20100x0018c8c8 20110x0018c8d8 20120x0018c8e8 20130x0018c8f8 20140x0018c908 20150x0018c918 20160x0018c934 20170x0018cb90 20180x0018cbb0 20190x0018cbd8 20200x0018c950 20210x0018cc00 20220x0018c96c 20230x0018c97c 20240x0018c98c 20250x0018c99c 20260x0018c9ac 20270x0018c9bc 20280x0018c9cc 20290x0018c9dc 20300x0018c9ec 20310x0018c9fc 20320x0018ca0c 20330x0018ca1c 20340x0018cc28 20350x0018cc48 20360x0018ca2c 20370x0018ca44 20380x0018c9ac 20390x0018ca5c 20400x0018ca70 20410x0018ca84 20420x0018cc70 20430x0018cc98 20440x0018ccb8 20450x0018cce0 20460x0018caa0 20470x0018caac 20480x0018cd08 20490x0018cd60 20500x0018cd88 20510x0018cdb0 20520x0018cb8c 20530x0018cb8c 20540x0018cb8c 20550x0018cb8c 20560x0018cb8c 20570x0018431a 20580x0018431c 20590x0018431e 20600x00184320 20610x0018431e 20620x0018431f 20630x00184322 20640x0018cde0 20650x00187ea8 20660x0018428f 20670x00184297 20680x001842a0 20690x001842a6 20700x0018426f 20710x001842ac 20720x001842b1 20730x001842b6 20740x001842bd 20750x001842c7 20760x001842cf 20770x001842d8 20780x0018cc28 20790x0018cc48 20800x0018ca2c 20810x0018ca44 20820x0018c9ac 20830x0018ca5c 20840x0018ca70 20850x0018ca84 20860x0018cc70 20870x0018cc98 20880x0018ccb8 20890x0018cce0 20900x0018425f 20910x00184263 20920x00184267 20930x0018426b 20940x0018426f 20950x00184273 20960x00184277 20970x0018427b 20980x0018427f 20990x00184283 21000x00184287 21010x0018428b 21020x0018c96c 21030x0018c97c 21040x0018c98c 21050x0018c99c 21060x0018c9ac 21070x0018c9bc 21080x0018c9cc 21090x0018c9dc 21100x0018c9ec 21110x0018c9fc 21120x0018ca0c 21130x0018ca1c 21140x00186007 21150x00187ea8 21160x00186007 21170x0018433a 21180x0018431f 21190x0018431f 21200x0018431f 21210x0018431f 21220x0018431f 21230x00187ea8 21240x00186007 21250x00187e08 21260x0018431f 21270x0018431f 21280x0018431f 21290x0018431f 21300x0018431f 21310x0018431f 21320x0018431f 21330x0018431f 21340x0018431f 21350x0018431f 21360x00187ea8 21370x00186007 21380x00184349 21390x0018431f 21400x0018431f 21410x0018431f 21420x00187ea8 21430x00186007 21440x0018431e 21450x00187ea8 21460x00186007 21470x00184353 21480x00187e38 21490x00187e68 21500x0018436f 21510x0018437d 21520x0018438b 21530x00184399 21540x0018431f 21550x001843a7 21560x0018431f 21570x0018431f 21580x0018431f 21590x001843ab 21600x001843af 21610x001795a8 21620x00187ea8 21630x00186007 21640x00179a80 21650x00179660 21660x00187ea8 21670x0017a020 21680x0017a000 21690x0018456b 21700x001bc340 21710x00184570 21720x001bc360 21730x00184578 21740x001bc380 21750x0018457e 21760x001bc3a0 21770x0018431f 21780x00184751 21790x00184759 21800x00184771 21810x0018478b 21820x0018479b 21830x001847b3 21840x001847c6 21850x001847e0 21860x001847f7 21870x00184809 21880x0018481d 21890x00188610 21900x00184830 21910x00184847 21920x00184859 21930x00184865 21940x0018487b 21950x00184893 21960x0018489f 21970x001848b9 21980x001848c8 21990x001848d8 22000x001848e7 22010x001848f8 22020x00184916 22030x00188638 22040x0018492a 22050x00184939 22060x00184948 22070x00184960 22080x0018496d 22090x00184983 22100x00184992 22110x00188658 22120x0018499e 22130x001849bc 22140x001849d6 22150x001849e9 22160x001849fc 22170x00184a15 22180x00188680 22190x00184a29 22200x00184a44 22210x00184a57 22220x00184a73 22230x00184a8c 22240x00184a9b 22250x00184aa9 22260x00184ac2 22270x00184adf 22280x00184afa 22290x00184b09 22300x00184b1a 22310x00184b35 22320x00184b43 22330x00184b4c 22340x00184b61 22350x00184b6e 22360x00184b83 22370x00184b97 22380x00184ba9 22390x00184bb7 22400x00184bd0 22410x00184bee 22420x00184c04 22430x00184c15 22440x00184c2b 22450x00184c3b 22460x00184c49 22470x00184c65 22480x00184c74 22490x00184c87 22500x00184c9a 22510x001886a8 22520x00184ca6 22530x00184cc1 22540x00184cde 22550x001886d0 22560x001886f8 22570x00188720 22580x00188740 22590x00188770 22600x00188798 22610x001887d0 22620x00184cf5 22630x00184d08 22640x00188800 22650x00184d17 22660x00184d34 22670x00188820 22680x00184d45 22690x00184d5c 22700x00184d73 22710x00184d8d 22720x00184da5 22730x00188840 22740x00184dc3 22750x00188870 22760x00184dda 22770x00184dea 22780x00188890 22790x001888b8 22800x00184e01 22810x00184e1a 22820x001888e0 22830x00188908 22840x00188930 22850x00188960 22860x00184e34 22870x00184e49 22880x00184e5c 22890x00184e69 22900x00184e7a 22910x00184e98 22920x00184eb2 22930x00184ec4 22940x00184edd 22950x00184ef9 22960x00184f17 22970x00184f2c 22980x00184f3d 22990x00184f51 23000x00184f61 23010x00184f73 23020x00184f86 23030x00184fa1 23040x00184fb1 23050x00184fc6 23060x00184fe2 23070x00184fed 23080x00188988 23090x001889b0 23100x00185003 23110x0018500a 23120x00185014 23130x00185019 23140x0018502d 23150x00185043 23160x0018504b 23170x00185055 23180x0018506e 23190x00185075 23200x0018508b 23210x0018509e 23220x00184992 23230x001850b4 23240x001850c0 23250x001850cb 23260x001850d7 23270x001850e4 23280x001850ee 23290x001850ff 23300x00185107 23310x0018511b 23320x00185130 23330x00185145 23340x0018515d 23350x00185176 23360x0018518c 23370x001851a4 23380x001851b3 23390x001851c0 23400x001851ce 23410x001851de 23420x001851e2 23430x001851e6 23440x001851fe 23450x001851eb 23460x001851f0 23470x001851f5 23480x001851f9 23490x001851fd 23500x00185202 23510x00185207 23520x0018520c 23530x00185211 23540x00185250 23550x00185216 23560x0018521b 23570x00185222 23580x00185227 23590x0018522c 23600x00185231 23610x00185236 23620x0018523b 23630x00185240 23640x00185244 23650x00185249 23660x0018524e 23670x00185255 23680x0018525a 23690x00185260 23700x00185265 23710x00185269 23720x00078110 23730x00078020 23740x00077f20 23750x00077ed0 23760x00077f00 23770x00078220 23780x00077f10 23790x001bd940 23800x001bd8c0 23810x001bcd60 23820x00107900 23830x001843ba 23840x00186f22 23850x00186f14 23860x001bce00 23870x001074a0 23880x001843ba 23890x00186e98 23900x00186f2a 23910x00186f3e 23920x00186f44 23930x00186f5f 23940x00186f6c 23950x00186f71 23960x00186f86 23970x00186f8b 23980x0018ab28 23990x001874ea 24000x00187506 24010x00187513 24020x0018752c 24030x0018af20 24040x001c2a18 24050x001c2a10 24060x001c2a08 24070x001c2a00 24080x001c29f8 24090x001c29f0 24100x001c29e8 24110x001c29e0 24120x001c29d8 24130x001c29d0 24140x001c29c8 24150x001c29c0 24160x001c29b8 24170x001c29b0 24180x00120f10 24190x00120ee0 24200x00120f20 24210x00120f30 24220x00121010 24230x00121400 24240x00121380 24250x00121370 24260x001213b0 24270x001213a0 24280x00121390 24290x00122b60 24300x00122aa0 24310x00123580 24320x00123450 24330x001234c0 24340x00123510 24350x00123470 24360x00123460 24370x00124250 24380x001240a0 24390x00123f40 24400x00124110 24410x00123d10 24420x00123d80 24430x00123c00 24440x00123cf0 24450x001241b0 24460x00124030 24470x00127440 24480x00127260 24490x00127210 24500x00127230 24510x00127270 24520x001272d0 24530x00127fc0 24540x00127e20 24550x00023a70 24560x00023a70 24570x00023a70 24580x00127e70 24590x00128110 24600x001280e0 24610x00127e30 24620x001280a0 24630x00127e50 24640x00127e70 24650x001287f0 24660x00128900 24670x00128840 24680x00128b30 24690x00128800 24700x00128ff0 24710x00129000 24720x00129290 24730x00129160 24740x00129030 24750x00129f30 24760x00129da0 24770x00129d60 24780x00129d80 24790x00129db0 24800x00129e10 24810x0012a8c0 24820x0012a6f0 24830x0012a6b0 24840x0012a6d0 24850x0012a860 24860x0012a700 24870x0012d4e0 24880x0012d340 24890x00023a84 24900x00023a84 24910x00023a84 24920x0012d390 24930x0012d600 24940x0012d5d0 24950x0012d350 24960x0012d590 24970x0012d370 24980x0012d390 24990x0012dab0 25000x0012da00 25010x0012da10 25020x0012ddd0 25030x0012da30 25040x0012da50 25050x0012fbf0 25060x0012fbc0 25070x0012fc60 25080x0012fc20 25090x0012fae0 25100x0012faf0 25110x0012fb40 25120x0012fad0 25130x0012fb90 25140x0012fb60 25150x001301a0 25160x001300d0 25170x001302a0 25180x00130260 25190x00130240 25200x00130220 25210x00130060 25220x00130210 25230x00130130 25240x00130070 25250x00134b20 25260x00134b50 25270x00134ba0 25280x00134c00 25290x00134c70 25300x00134c60 25310x001353d0 25320x00135850 25330x00135cd0 25340x001355e0 25350x00135dc0 25360x00135a80 25370x001351c0 25380x00183f54 25390x00027220 25400x00183f64 25410x000275d0 25420x00183f7e 25430x00027a60 25440x00183f90 25450x00027e50 25460x00183fb2 25470x00028e60 25480x00183fc2 25490x00029a20 25500x00027200 25510x00183fe2 25520x0002a750 25530x00183ff2 25540x0002ace0 25550x00184013 25560x00028300 25570x00027200 25580x00184024 25590x00028620 25600x00184042 25610x0002b570 25620x00184059 25630x0002bb20 25640x00030010 25650x001bb3e0 25660x001bb920 25670x001bb9a0 25680x001bc220 25690x001bb760 25700x001bb6e0 25710x001bbee0 25720x001bbf40 25730x001bbfc0 25740x001bc080 25750x001bc100 25760x001bc160 25770x0016f3e0 25780x0016e4e0 25790x0016eae0 25800x00186007 25810x00186007 25820x00186007 25830x00186007 25840x00186007 25850x00186007 25860x00186007 25870x00186007 25880x00186007 25890x00186007 25900x00186007 25910x00186007 25920x00186007 25930x00183fe9 25940x00185835 25950x00028620 25960x00185835 25970x00183fe9 25980x00028300 25990x00027200 26000x001231c0 26010x00123220 26020x00123440 26030x00125b90 2604ifunc_8a6c0 2605ifunc_b79b0 2606ifunc_89770 2607ifunc_a46d0 2608ifunc_8aac0 2609ifunc_8a950 2610ifunc_8a990 2611ifunc_89b70 2612ifunc_8a620 2613ifunc_8aa70 2614ifunc_89740 2615ifunc_89250 2616ifunc_898b0 2617ifunc_a4d60 2618ifunc_a4d60 2619ifunc_89300 2620ifunc_a4ca0 2621ifunc_89340 2622ifunc_89770 2623ifunc_a46d0 2624ifunc_8a790 2625ifunc_89290 2626ifunc_897e0 2627ifunc_8a650 2628ifunc_8a830 2629ifunc_a4700 2630ifunc_a4ca0 2631ifunc_8c030 2632ifunc_b78c0 2633ifunc_89880 2634ifunc_89210 2635ifunc_8a9d0 2636ifunc_89840 2637ifunc_8a6c0 2638stderr 2639error_one_per_line 2640realloc 2641__morecore 2642__key_encryptsession_pk_LOCAL 2643ifunc_8c060 2644__libpthread_freeres 2645__progname_full 2646__ctype32_tolower 2647_rtld_global 2648__progname 2649argp_err_exit_status 2650mallwatch 2651__rcmd_errstr 2652__libc_enable_secure 2653_res_hconf 2654malloc 2655__tls_get_addr 2656getdate_err 2657svcauthdes_stats 2658__tzname 2659__timezone 2660ifunc_a4800 2661memalign 2662_dl_exception_create 2663_rtld_global_ro 2664__malloc_initialize_hook 2665ifunc_90b10 2666optarg 2667__ctype_tolower 2668__ctype_toupper 2669_IO_2_1_stderr_ 2670__tunable_get_val 2671__ctype_b 2672argp_program_version_hook 2673__after_morecore_hook 2674__environ 2675_IO_2_1_stdout_ 2676__ctype32_b 2677__curbrk 2678argp_program_version 2679ifunc_a5f90 2680ifunc_8ab70 2681__daylight 2682__memalign_hook 2683__malloc_hook 2684__free_hook 2685_nl_domain_bindings 2686_nl_msg_cat_cntr 2687ifunc_8aa20 2688_dl_find_dso_for_object 2689argp_program_bug_address 2690__key_decryptsession_pk_LOCAL 2691h_errlist 2692program_invocation_short_name 2693calloc 2694optind 2695_dl_starting_up 2696stdout 2697obstack_alloc_failed_handler 2698error_print_progname 2699optopt 2700_IO_funlockfile 2701obstack_exit_failure 2702loc1 2703error_message_count 2704__libdl_freeres 2705_IO_2_1_stdin_ 2706loc2 2707program_invocation_name 2708free 2709__fpu_control 2710re_syntax_options 2711stdin 2712__check_rhosts_file 2713opterr 2714__ctype32_toupper 2715__realloc_hook 2716_dl_argv 27170x00183fe9 27180x00183f44 27190x00183f54 27200x00183f44 27210x00183fe9 27220x00183f64 27230x00183fe9 27240x00183f74 27250x00183f7e 27260x00183f74 27270x00183fe9 27280x00183f90 27290x00183fe9 27300x00183fa2 27310x00183fb2 27320x00183fa2 27330x00183fe9 27340x00183fc2 27350x00183fd2 27360x00183fe9 27370x00183fe2 27380x00183fe9 27390x00183fd2 27400x00183ff2 27410x00184002 27420x00183fe9 27430x00184013 27440x00183fe9 27450x00184002 27460x00184024 27470x00184035 27480x00183fe9 27490x00184042 27500x00183fe9 27510x00184035 27520x00184059 27530x0016eae0 27540x0016e4e0 27550x0016eae0 27560x0016e4e0 27570x0016eee0 27580x0016f3e0 27590x00187f10 27600x001bfbe0 27610x001c0000 27620x001be030 27630x001be024 27640x001be024 27650x001be0a0 27660x001bc320 27670x001babc0 27680x001babc0 27690x001c0730 27700x001be940 27710x001bb100 27720x001babc0 27730x00085ed0 27740x000865a0 27750x00085bf0 27760x001beaa0 27770x000873e0 27780x000886a0 27790x001858cc 27800x001858cc 27810x0018431f 27820x0018431f 27830x001c1458 27840x001bd540 27850x0018b638 27860x001bb3e0 27870x001bb920 27880x001bb9a0 27890x001bc220 27900x001bb760 27910x001bb6e0 27920x001bbee0 27930x001bbf40 27940x001bbfc0 27950x001bc080 27960x001bc100 27970x001bc160 27980x0016f3e0 27990x0016e4e0 28000x0016eae0 28010x00186007 28020x00186007 28030x00186007 28040x00186007 28050x00186007 28060x00186007 28070x00186007 28080x00186007 28090x00186007 28100x00186007 28110x00186007 28120x00186007 28130x00186007 2814_IO_2_1_stderr_ 2815_IO_2_1_stdout_ 28160x001c0710 28170x001be5e0 28180x001bb100 2819_IO_2_1_stdin_ 28200x001c0720 28210x001be720 28220x001bb100 2823_IO_2_1_stderr_ 2824_IO_2_1_stdout_ 2825_IO_2_1_stdin_ 28260x00024480 2827EOF 2828RUN 2829 2830NAME=get function in, node before entry 2831FILE=bins/elf/fcn_in_test.elf 2832CMDS=e asm.lines=false;e asm.comments=false;af @ main; pdr @ 0x1180 2833EXPECT=<<EOF 2834;-- start2: 28350x00001180 31c0 xor eax, eax 28360x00001182 eb06 jmp loc.start 2837| ----------- true: 0x0000118a 283818: int main (int argc, char **argv, char **envp); 28390x00001184 31c0 xor eax, eax 28400x00001186 75f8 jne loc.start2 2841| ----------- true: 0x00001180 false: 0x00001188 28420x00001188 ebf6 jmp loc.start2 2843| ----------- true: 0x00001180 2844;-- start: 28450x0000118a 89c0 mov eax, eax 28460x0000118c 50 push eax 28470x0000118d 90 nop 28480x0000118e 90 nop 28490x0000118f 90 nop 28500x00001190 90 nop 28510x00001191 c3 ret 2852 2853EOF 2854RUN 2855 2856NAME=long basic blocks 2857FILE=bins/elf/analysis/movfuscator 2858BROKEN=1 2859CMDS=<<EOF 2860af 2861afb 2862EOF 2863EXPECT=<<EOF 28640x0804827c 0x0804c2fc 00:0000 16512 2865EOF 2866RUN 2867 2868NAME=arj x86 32 bits 2869FILE=malloc://0x100 2870CMDS=<<EOF 2871e asm.arch = x86 2872e anal.arch = x86 2873e asm.bits=32 2874arj 2875EOF 2876EXPECT=<<EOF 2877{"oeax":0,"eax":0,"ebx":0,"ecx":0,"edx":0,"esi":0,"edi":0,"esp":0,"ebp":0,"eip":0,"eflags":0} 2878EOF 2879RUN 2880 2881NAME=af x86-32.. 2882FILE=malloc://1024 2883CMDS=<<EOF 2884e anal.hasnext=0 2885e anal.eobjmp=false 2886e asm.arch=x86 2887e asm.bits=32 2888wx 6a00 4889e5 c3 2889af 2890afl~[2] 2891EOF 2892EXPECT=<<EOF 28936 2894EOF 2895RUN 2896 2897NAME=af x86-32 ujmp eobjmp=true 2898FILE=malloc://1024 2899CMDS=<<EOF 2900e anal.hasnext=0 2901e asm.arch=x86 2902e anal.eobjmp=true 2903e asm.bits=32 2904wx 6a00 4889e5 ff25f8120000 ff25f8120000ffe0c3 2905af 2906afl~[2] 2907EOF 2908EXPECT=<<EOF 290911 2910EOF 2911RUN 2912 2913NAME=af x86-32 ujmp eobjmp=false 2914FILE=malloc://1024 2915CMDS=<<EOF 2916e anal.hasnext=0 2917e asm.arch=x86 2918e anal.eobjmp=false 2919e asm.bits=32 2920wx 6a00 4889e5 ff25f8120000 ff25f8120000ffe0c3 2921af 2922afl~[2] 2923EOF 2924EXPECT=<<EOF 292511 2926EOF 2927RUN 2928 2929NAME=af bug 2930FILE=malloc://1024 2931CMDS=<<EOF 2932e anal.hasnext=0 2933e asm.arch=x86 2934e anal.eobjmp=false 2935e asm.bits=32 2936wx 6a004889e54883e4f0488b7d08488d751089fa83c201c1e2034801f24889d1eb044883c1084883390075f64883c108e8580f000089c7e81b390000c3554889e5 2937s +0x40 2938wx 488d4768488d7e684889c6c9e9013a0000554889e54883c6684883c768c9e9ef390000554889e5534889f1488b5660488b4760488b583048395a307f1d7c2248 2939s -0x40 2940af 2941b 0x80 2942pIf 2943EOF 2944EXPECT=<<EOF 2945push 0 2946dec eax 2947mov ebp, esp 2948dec eax 2949and esp, 0xfffffff0 2950dec eax 2951mov edi, dword [arg_8h] 2952dec eax 2953lea esi, [arg_10h] 2954mov edx, edi 2955add edx, 1 2956shl edx, 3 2957dec eax 2958add edx, esi 2959dec eax 2960mov ecx, edx 2961jmp 0x25 2962dec eax 2963add ecx, 8 2964dec eax 2965cmp dword [ecx], 0 2966jne 0x21 2967dec eax 2968add ecx, 8 2969call 0xf8c 2970mov edi, eax 2971call 0x3956 2972ret 2973EOF 2974RUN 2975 2976NAME=disasm bug 2977FILE=malloc://1024 2978CMDS=<<EOF 2979e anal.hasnext=0 2980e anal.eobjmp=false 2981e asm.arch=x86 2982e asm.bits=32 2983wx 6a004889e54883e4f0488b7d08488d751089fa83c201c1e2034801f24889d1eb044883c1084883390075f64883c108e8580f000089c7e81b390000c3554889e5 2984s+0x40 2985wx 488d4768488d7e684889c6c9e9013a0000554889e54883c6684883c768c9e9ef390000554889e5534889f1488b5660488b4760488b583048395a307f1d7c2248 2986s-0x40 2987b 0x100 2988af 2989pIf @0 2990EOF 2991EXPECT=<<EOF 2992push 0 2993dec eax 2994mov ebp, esp 2995dec eax 2996and esp, 0xfffffff0 2997dec eax 2998mov edi, dword [arg_8h] 2999dec eax 3000lea esi, [arg_10h] 3001mov edx, edi 3002add edx, 1 3003shl edx, 3 3004dec eax 3005add edx, esi 3006dec eax 3007mov ecx, edx 3008jmp 0x25 3009dec eax 3010add ecx, 8 3011dec eax 3012cmp dword [ecx], 0 3013jne 0x21 3014dec eax 3015add ecx, 8 3016call 0xf8c 3017mov edi, eax 3018call 0x3956 3019ret 3020EOF 3021RUN 3022 3023NAME=af afF 3024FILE=malloc://1024 3025CMDS=<<EOF 3026e anal.hasnext=0 3027e anal.eobjmp=false 3028e asm.arch=x86 3029e asm.bits=32 3030wx 6a004889e5c3 3031af test 3032afF 3033pd 1 @ test 3034EOF 3035EXPECT=<<EOF 3036/ (fcn) test 3037\ 0x00000000 (6 byte folded function) 3038EOF 3039RUN 3040 3041NAME=af afF graph 3042FILE=malloc://1024 3043CMDS=<<EOF 3044e anal.hasnext=0 3045e anal.eobjmp=false 3046e asm.arch=x86 3047e asm.bits=32 3048wx 6a004889e5c3 3049af test 3050afF 3051agf 3052EOF 3053EXPECT=<<EOF 3054[0x00000000]> # test (); 3055 --------------------------. 3056| 0x0 | 3057| / (fcn) test | 3058| (6 byte folded function) | 3059`--------------------------' 3060EOF 3061RUN 3062 3063NAME=ahc 3064FILE=malloc://16 3065CMDS=<<EOF 3066e asm.arch=x86 3067e asm.bits=32 3068wx ebfe 3069ahs 5 3070ahc 0x25 3071ahf 0x25 3072ao 1~jump,fail,size[1] 3073EOF 3074EXPECT=<<EOF 3075jump 30765 30770x00000025 30780x00000025 3079EOF 3080RUN 3081 3082NAME=ahi S 3083FILE=malloc://16 3084CMDS=<<EOF 3085e asm.arch=x86 3086e asm.bits=32 3087e asm.os=linux 3088wx b801000000 3089ahi S 3090pi 1 3091EOF 3092EXPECT=<<EOF 3093mov eax, exit() 3094EOF 3095RUN 3096 3097NAME=ao cjmp 3098FILE=- 3099CMDS=<<EOF 3100e asm.arch=x86 3101e asm.bits=32 3102wx 761b 3103ao~jump,fail,size 3104EOF 3105EXPECT=<<EOF 3106description: jump short if below or equal/not above (cf=1 or zf=1) 3107size: 2 3108jump: 0x0000001d 3109fail: 0x00000002 3110EOF 3111RUN 3112 3113NAME=aoj 31c0 3114FILE=- 3115CMDS=<<EOF 3116e asm.arch=x86 3117e asm.bits=32 3118wx 31c0 3119aoj~{} 3120EOF 3121EXPECT=<<EOF 3122[ 3123 { 3124 "opcode": "xor eax, eax", 3125 "disasm": "xor eax, eax", 3126 "pseudo": "eax = 0", 3127 "description": "logical exclusive or", 3128 "mnemonic": "xor", 3129 "mask": "ffff", 3130 "esil": "eax,eax,^=,$z,zf,:=,$p,pf,:=,31,$s,sf,:=,0,cf,:=,0,of,:=", 3131 "sign": false, 3132 "prefix": 0, 3133 "id": 334, 3134 "opex": { 3135 "operands": [ 3136 { 3137 "size": 4, 3138 "rw": 3, 3139 "type": "reg", 3140 "value": "eax" 3141 }, 3142 { 3143 "size": 4, 3144 "rw": 1, 3145 "type": "reg", 3146 "value": "eax" 3147 } 3148 ], 3149 "modrm": true 3150 }, 3151 "addr": 0, 3152 "bytes": "31c0", 3153 "size": 2, 3154 "type": "xor", 3155 "esilcost": 0, 3156 "scale": 0, 3157 "refptr": 0, 3158 "cycles": 1, 3159 "failcycles": 0, 3160 "delay": 0, 3161 "stackptr": 0, 3162 "family": "cpu" 3163 } 3164] 3165EOF 3166RUN 3167 3168NAME=aoj pushf 3169FILE=- 3170CMDS=<<EOF 3171e asm.arch=x86 3172e asm.bits=32 3173wx 669c 3174aoj~{} 3175EOF 3176EXPECT=<<EOF 3177[ 3178 { 3179 "opcode": "pushf", 3180 "disasm": "pushf", 3181 "pseudo": "pushf ", 3182 "description": "push flags register onto the stack", 3183 "mnemonic": "pushf", 3184 "mask": "ffff", 3185 "esil": "4,esp,-=,eflags,esp,=[4]", 3186 "sign": false, 3187 "prefix": 0, 3188 "id": 591, 3189 "opex": { 3190 "operands": [ 3191 { 3192 "size": 4, 3193 "rw": 1, 3194 "type": "reg", 3195 "value": "eflags" 3196 } 3197 ] 3198 }, 3199 "addr": 0, 3200 "bytes": "669c", 3201 "size": 2, 3202 "type": "upush", 3203 "esilcost": 12, 3204 "scale": 0, 3205 "refptr": 0, 3206 "cycles": 2, 3207 "failcycles": 0, 3208 "delay": 0, 3209 "stack": "inc", 3210 "stackptr": 4, 3211 "family": "cpu" 3212 } 3213] 3214EOF 3215RUN 3216 3217NAME=reflines offset 3218FILE=malloc://1023 3219CMDS=<<EOF 3220e asm.calls=false 3221e asm.bits=32 3222e asm.leahints=false 3223e asm.cpu=x86 3224e asm.arch=x86 3225e scr.utf8=true 3226e anal.vars.stackname=true 3227e asm.comments=false 3228e asm.bytes=false 3229wx 31c039d6724aeb72908db426000000008d7e0131d289e8f7f131d28944241c89f8f7f13944241c76678b93080200008b028b50143b5018736dc6020983c20189501489f031d201cef7f129d639f5762a8b8b8c05000085c975b683c6018b93080200008b028b50143b50187327c6022083c20139f589501477d68b44242c65330514000000753783c43c5b5e5f5dc39089feebc9c744240420000000890424e87cc9ffffeba6c744240409000000890424e86ac9ffff8b8b8c050000eb84e87d1001008db6000000008dbc270000000055575653e8f7f0ffff81c32b9d010083ec3c658b0d14000000894c242c31c98b6a0c8b720889e929f1c1e90285c9894c241c0f848100000039f50f84930000008b7a1801fdf7d721fd8b7a1089e9896a0c2b4a0489fd2b6a0439e97f718b7a0c31ed 3230aa > /dev/null 3231pd 38 3232EOF 3233EXPECT=<<EOF 3234┌ (fcn) fcn.00000000 1645 3235// void fcn.00000000 (int32_t arg_4h, int32_t arg_1ch, int32_t arg_2ch); 3236│ ; var int32_t var_30h @ esp+0x1c 3237│ ; var int32_t var_20h @ esp+0x2c 3238│ ; arg int32_t arg_4h @ esp+0x50 3239│ ; arg int32_t arg_1ch @ esp+0x68 3240│ ; arg int32_t arg_2ch @ esp+0x78 3241│ 0x00000000 xor eax, eax 3242│ 0x00000002 cmp esi, edx 3243│ ┌─< 0x00000004 jb 0x50 3244│ ┌──< 0x00000006 jmp 0x7a 3245 ││ 0x00000008 nop 3246 ││ 0x00000009 lea esi, [esi] 3247│ ┌───> 0x00000010 lea edi, [esi + 1] 3248│ ╎││ 0x00000013 xor edx, edx 3249│ ╎││ 0x00000015 mov eax, ebp 3250│ ╎││ 0x00000017 div ecx 3251│ ╎││ 0x00000019 xor edx, edx 3252│ ╎││ 0x0000001b mov dword [arg_1ch], eax 3253│ ╎││ 0x0000001f mov eax, edi 3254│ ╎││ 0x00000021 div ecx 3255│ ╎││ 0x00000023 cmp dword [arg_1ch], eax 3256│ ┌────< 0x00000027 jbe 0x90 3257│ │╎││ 0x00000029 mov edx, dword [ebx + 0x208] 3258│ │╎││ 0x0000002f mov eax, dword [edx] 3259│ │╎││ 0x00000031 mov edx, dword [eax + 0x14] 3260│ │╎││ 0x00000034 cmp edx, dword [eax + 0x18] 3261│ ┌─────< 0x00000037 jae 0xa6 3262│ ││╎││ 0x00000039 mov byte [edx], 9 3263│ ││╎││ 0x0000003c add edx, 1 3264│ ││╎││ 0x0000003f mov dword [eax + 0x14], edx 3265│ ││╎││ 0x00000042 mov eax, esi 3266│ ││╎││ 0x00000044 xor edx, edx 3267│ ││╎││ 0x00000046 add esi, ecx 3268│ ││╎││ 0x00000048 div ecx 3269│ ││╎││ 0x0000004a sub esi, edx 3270│ ││╎││ 0x0000004c cmp ebp, esi 3271│ ┌──────< 0x0000004e jbe 0x7a 3272│ │││╎│└─> 0x00000050 mov ecx, dword [ebx + 0x58c] 3273│ │││╎│ 0x00000056 test ecx, ecx 3274│ │││└───< 0x00000058 jne 0x10 3275│ │││ │ 0x0000005a add esi, 1 3276│ │││ │ 0x0000005d mov edx, dword [ebx + 0x208] 3277│ │││ │ 0x00000063 mov eax, dword [edx] 3278│ │││ │ 0x00000065 mov edx, dword [eax + 0x14] 3279EOF 3280RUN 3281 3282NAME=reflines offset (ascii) 3283FILE=malloc://1023 3284CMDS=<<EOF 3285e asm.calls=false 3286e asm.bits=32 3287e asm.leahints=false 3288e asm.cpu=x86 3289e anal.cpu=x86 3290e anal.vars.stackname=true 3291e asm.arch=x86 3292e asm.comments=false 3293e asm.bytes=false 3294wx 31c039d6724aeb72908db426000000008d7e0131d289e8f7f131d28944241c89f8f7f13944241c76678b93080200008b028b50143b5018736dc6020983c20189501489f031d201cef7f129d639f5762a8b8b8c05000085c975b683c6018b93080200008b028b50143b50187327c6022083c20139f589501477d68b44242c65330514000000753783c43c5b5e5f5dc39089feebc9c744240420000000890424e87cc9ffffeba6c744240409000000890424e86ac9ffff8b8b8c050000eb84e87d1001008db6000000008dbc270000000055575653e8f7f0ffff81c32b9d010083ec3c658b0d14000000894c242c31c98b6a0c8b720889e929f1c1e90285c9894c241c0f848100000039f50f84930000008b7a1801fdf7d721fd8b7a1089e9896a0c2b4a0489fd2b6a0439e97f718b7a0c31ed 3295aa >/dev/null 3296pd 38 3297EOF 3298EXPECT=<<EOF 3299/ (fcn) fcn.00000000 1645 3300// void fcn.00000000 (int32_t arg_4h, int32_t arg_1ch, int32_t arg_2ch); 3301| ; var int32_t var_30h @ esp+0x1c 3302| ; var int32_t var_20h @ esp+0x2c 3303| ; arg int32_t arg_4h @ esp+0x50 3304| ; arg int32_t arg_1ch @ esp+0x68 3305| ; arg int32_t arg_2ch @ esp+0x78 3306| 0x00000000 xor eax, eax 3307| 0x00000002 cmp esi, edx 3308| ,=< 0x00000004 jb 0x50 3309| ,==< 0x00000006 jmp 0x7a 3310 || 0x00000008 nop 3311 || 0x00000009 lea esi, [esi] 3312| .---> 0x00000010 lea edi, [esi + 1] 3313| :|| 0x00000013 xor edx, edx 3314| :|| 0x00000015 mov eax, ebp 3315| :|| 0x00000017 div ecx 3316| :|| 0x00000019 xor edx, edx 3317| :|| 0x0000001b mov dword [arg_1ch], eax 3318| :|| 0x0000001f mov eax, edi 3319| :|| 0x00000021 div ecx 3320| :|| 0x00000023 cmp dword [arg_1ch], eax 3321| ,====< 0x00000027 jbe 0x90 3322| |:|| 0x00000029 mov edx, dword [ebx + 0x208] 3323| |:|| 0x0000002f mov eax, dword [edx] 3324| |:|| 0x00000031 mov edx, dword [eax + 0x14] 3325| |:|| 0x00000034 cmp edx, dword [eax + 0x18] 3326| ,=====< 0x00000037 jae 0xa6 3327| ||:|| 0x00000039 mov byte [edx], 9 3328| ||:|| 0x0000003c add edx, 1 3329| ||:|| 0x0000003f mov dword [eax + 0x14], edx 3330| ||:|| 0x00000042 mov eax, esi 3331| ||:|| 0x00000044 xor edx, edx 3332| ||:|| 0x00000046 add esi, ecx 3333| ||:|| 0x00000048 div ecx 3334| ||:|| 0x0000004a sub esi, edx 3335| ||:|| 0x0000004c cmp ebp, esi 3336| ,======< 0x0000004e jbe 0x7a 3337| |||:|`-> 0x00000050 mov ecx, dword [ebx + 0x58c] 3338| |||:| 0x00000056 test ecx, ecx 3339| |||`===< 0x00000058 jne 0x10 3340| ||| | 0x0000005a add esi, 1 3341| ||| | 0x0000005d mov edx, dword [ebx + 0x208] 3342| ||| | 0x00000063 mov eax, dword [edx] 3343| ||| | 0x00000065 mov edx, dword [eax + 0x14] 3344EOF 3345RUN 3346 3347NAME=no string on jmp 3348FILE=malloc://8096 3349CMDS=<<EOF 3350e asm.arch=x86 3351e asm.bits=32 3352e emu.str=true 3353wa jmp 0x100 3354w hello @ 0x100 3355pd 1 3356EOF 3357EXPECT=<<EOF 3358 ,=< 0x00000000 e9fb000000 jmp 0x100 3359EOF 3360RUN 3361 3362NAME=afva for esp based vars 3363FILE=malloc://1024 3364CMDS=<<EOF 3365e asm.bits=32 3366e asm.arch = x86 3367e anal.arch = x86 3368e anal.vars.stackname=true 3369e asm.calls=false 3370wx 83ec108b44241899f77c241c8b44241401d08944240c8b44242099f77c24288b44240c01d0894424088b5424148b44240c8d0c028b44242c99f7f98b44240801d0894424048b54240c8b44240801c28b44240401d083c410c38d4c240483e4f0ff71fc5589e55183ec046a076a066a056a046a036a026a01e883ffffff83c41c83ec08506844850408e847feffff83c410b8000000008b4dfcc98d61fcc36690669066909055575653e887feffff81c3371b000083ec0c8b6c24208db30cffffffe8d3fdffff8d8308ffffff29c6c1fe0285f6742531ff8db60000000083ec04ff74242cff74242c55ff94bb08ffffff83c70183c41039f775e383c40c5b5e5f 3371e asm.bits=32 3372e asm.comments=false 3373aa 3374afva 3375pdf 3376EOF 3377EXPECT=<<EOF 3378/ (fcn) fcn.00000000 89 3379// void fcn.00000000 (int32_t arg_4h, int32_t arg_8h, int32_t arg_ch, int32_t arg_10h, int32_t arg_18h, int32_t arg_1ch); 3380| ; var int32_t var_ch @ esp+0x4 3381| ; var int32_t var_8h @ esp+0x8 3382| ; var int32_t var_4h @ esp+0xc 3383| ; arg int32_t arg_4h @ esp+0x14 3384| ; arg int32_t arg_8h @ esp+0x18 3385| ; arg int32_t arg_ch @ esp+0x1c 3386| ; arg int32_t arg_10h @ esp+0x20 3387| ; arg int32_t arg_18h @ esp+0x28 3388| ; arg int32_t arg_1ch @ esp+0x2c 3389| 0x00000000 83ec10 sub esp, 0x10 3390| 0x00000003 8b442418 mov eax, dword [arg_8h] 3391| 0x00000007 99 cdq 3392| 0x00000008 f77c241c idiv dword [arg_ch] 3393| 0x0000000c 8b442414 mov eax, dword [arg_4h] 3394| 0x00000010 01d0 add eax, edx 3395| 0x00000012 8944240c mov dword [var_4h], eax 3396| 0x00000016 8b442420 mov eax, dword [arg_10h] 3397| 0x0000001a 99 cdq 3398| 0x0000001b f77c2428 idiv dword [arg_18h] 3399| 0x0000001f 8b44240c mov eax, dword [var_4h] 3400| 0x00000023 01d0 add eax, edx 3401| 0x00000025 89442408 mov dword [var_8h], eax 3402| 0x00000029 8b542414 mov edx, dword [arg_4h] 3403| 0x0000002d 8b44240c mov eax, dword [var_4h] 3404| 0x00000031 8d0c02 lea ecx, [edx + eax] 3405| 0x00000034 8b44242c mov eax, dword [arg_1ch] 3406| 0x00000038 99 cdq 3407| 0x00000039 f7f9 idiv ecx 3408| 0x0000003b 8b442408 mov eax, dword [var_8h] 3409| 0x0000003f 01d0 add eax, edx 3410| 0x00000041 89442404 mov dword [var_ch], eax 3411| 0x00000045 8b54240c mov edx, dword [var_4h] 3412| 0x00000049 8b442408 mov eax, dword [var_8h] 3413| 0x0000004d 01c2 add edx, eax 3414| 0x0000004f 8b442404 mov eax, dword [var_ch] 3415| 0x00000053 01d0 add eax, edx 3416| 0x00000055 83c410 add esp, 0x10 3417\ 0x00000058 c3 ret 3418EOF 3419RUN 3420 3421NAME=af x86-32 3422FILE=malloc://16 3423CMDS=<<EOF 3424e asm.arch=x86 3425e asm.bits=32 3426wx 9090 3427ao 1~? 3428ao 1 3429p8 1 3430EOF 3431EXPECT=<<EOF 343217 3433address: 0x0 3434opcode: nop 3435esilcost: 0 3436disasm: nop 3437mnemonic: nop 3438description: no operation 3439mask: ff 3440prefix: 0 3441id: 494 3442bytes: 90 3443refptr: 0 3444size: 1 3445sign: false 3446type: nop 3447cycles: 1 3448esil: , 3449family: cpu 345090 3451EOF 3452RUN 3453 3454NAME=Fix #15315 - Honor RAnalOp.disp in `aar` and `ao` 3455FILE=bins/pe/honor_ranal_op_disp.exe 3456CMDS=<<EOF 3457aar 3458s 0x00402130 3459axt 3460EOF 3461EXPECT=<<EOF 3462(nofunc) 0x4010d1 [DATA] lea edx, [ebx*4 + 0x402130] 3463EOF 3464RUN 3465 3466NAME=Indirect jump table case detection 3467FILE=-- 3468CMDS=<<EOF 3469o malloc://0x500 0x401000 3470omf 1 rwx 3471s 0x401000 3472e asm.arch=x86 3473e asm.bits=32 3474wx 568b74240856ff15c02040004e83c40483fe270f87df0000000fb6863c114000ff24850c114000b8f820400050ff15b420400083c40433c05ec3b80021400050ff15b420400083c40433c05ec3b80821400050ff15b420400083c40433c05ec3b81021400050ff15b420400083c40433c05ec3b81821400050ff15b420400083c40433c05ec3b82021400050ff15b420400083c40433c05ec3b82821400050ff15b420400083c40433c05ec3b83021400050ff15b420400083c40433c05ec3b83821400050ff15b420400083c40433c05ec3b84021400050ff15b420400083c40433c05ec3b84821400050ff15b420400083c40433c05ec38b44240850ff15b420400083c40433c05ec36690271040003a1040004d104000e510400060104000731040008610400099104000d2104000bf104000ac104000f81040000001020b0b0b0b0b0b03020b040b05060b0b07080b0b0b0b0b0b0b0b0b090b0b0b0b0b0a0b0a0a0a 3475af 3476f~case 3477EOF 3478EXPECT=<<EOF 34790x00401027 1 case.0x401020.0 34800x0040103a 1 case.0x401020.1 34810x0040104d 1 case.0x401020.2 34820x0040104d 1 case.0x401020.10 34830x00401060 1 case.0x401020.12 34840x00401073 1 case.0x401020.14 34850x00401086 1 case.0x401020.15 34860x00401099 1 case.0x401020.18 34870x004010ac 1 case.0x401020.35 34880x004010ac 1 case.0x401020.37 34890x004010ac 1 case.0x401020.38 34900x004010ac 1 case.0x401020.39 34910x004010bf 1 case.0x401020.29 34920x004010d2 1 case.0x401020.19 34930x004010e5 1 case.0x401020.9 34940x004010f8 1 case.0x401020.3 34950x004010f8 1 case.0x401020.4 34960x004010f8 1 case.0x401020.5 34970x004010f8 1 case.0x401020.6 34980x004010f8 1 case.0x401020.7 34990x004010f8 1 case.0x401020.8 35000x004010f8 1 case.0x401020.11 35010x004010f8 1 case.0x401020.13 35020x004010f8 1 case.0x401020.16 35030x004010f8 1 case.0x401020.17 35040x004010f8 1 case.0x401020.20 35050x004010f8 1 case.0x401020.21 35060x004010f8 1 case.0x401020.22 35070x004010f8 1 case.0x401020.23 35080x004010f8 1 case.0x401020.24 35090x004010f8 1 case.0x401020.25 35100x004010f8 1 case.0x401020.26 35110x004010f8 1 case.0x401020.27 35120x004010f8 1 case.0x401020.28 35130x004010f8 1 case.0x401020.30 35140x004010f8 1 case.0x401020.31 35150x004010f8 1 case.0x401020.32 35160x004010f8 1 case.0x401020.33 35170x004010f8 1 case.0x401020.34 35180x004010f8 1 case.0x401020.36 35190x004010f8 1 case.default.0x401020 3520EOF 3521RUN 3522