angr.analyses.bindiff¶
- angr.analyses.bindiff.differing_constants(block_a, block_b)¶
Compares two basic blocks and finds all the constants that differ from the first block to the second.
- Parameters:
block_a – The first block to compare.
block_b – The second block to compare.
- Returns:
Returns a list of differing constants in the form of ConstantChange, which has the offset in the block and the respective constants.
- angr.analyses.bindiff.compare_statement_dict(statement_1, statement_2)¶
- class angr.analyses.bindiff.FunctionDiff¶
Bases:
objectThis class computes the a diff between two functions.
- __init__(function_a, function_b, bindiff=None)¶
- property probably_identical¶
Whether or not these two functions are identical.
- Type:
returns
- property identical_blocks¶
A list of block matches which appear to be identical
- Type:
returns
- property differing_blocks¶
A list of block matches which appear to differ
- Type:
returns
- property blocks_with_differing_constants¶
A list of block matches which appear to differ
- Type:
return
- property block_matches¶
- property unmatched_blocks¶
- static get_normalized_block(addr, function)¶
- Parameters:
addr – Where to start the normalized block.
function – A function containing the block address.
- Returns:
A normalized basic block.
- block_similarity(block_a, block_b)¶
- Parameters:
block_a – The first block address.
block_b – The second block address.
- Returns:
The similarity of the basic blocks, normalized for the base address of the block and function call addresses.
- blocks_probably_identical(block_a, block_b, check_constants=False)¶
- Parameters:
block_a – The first block address.
block_b – The second block address.
check_constants – Whether or not to require matching constants in blocks.
- Returns:
Whether or not the blocks appear to be identical.
- class angr.analyses.bindiff.BinDiff¶
Bases:
AnalysisThis class computes the a diff between two binaries represented by angr Projects
- __init__(other_project, cfg_a=None, cfg_b=None)¶
- Parameters:
other_project – The second project to diff
- functions_probably_identical(func_a_addr, func_b_addr, check_consts=False)¶
Compare two functions and return True if they appear identical.
- Parameters:
func_a_addr – The address of the first function (in the first binary).
func_b_addr – The address of the second function (in the second binary).
- Returns:
Whether or not the functions appear to be identical.
- property identical_functions¶
A list of function matches that appear to be identical
- Type:
returns
- property differing_functions¶
A list of function matches that appear to differ
- Type:
returns
- differing_functions_with_consts()¶
- Returns:
A list of function matches that appear to differ including just by constants
- property differing_blocks¶
A list of block matches that appear to differ
- Type:
returns
- property identical_blocks¶
return A list of all block matches that appear to be identical
- property blocks_with_differing_constants¶
A dict of block matches with differing constants to the tuple of constants
- Type:
return
- property unmatched_functions¶
- get_function_diff(function_addr_a, function_addr_b)¶
- Parameters:
function_addr_a – The address of the first function (in the first binary)
function_addr_b – The address of the second function (in the second binary)
- Returns:
the FunctionDiff of the two functions