[angr] identifying statically- and/or dynamically-linked library calls
hagrawal at appcomsci.com
Tue May 3 13:06:24 PDT 2016
How do I use angr to identify calls to statically- and/or dynamically
linked library functions in a binary? I want to find all Vex statements
that call functions such read, fread, getc, fgetc, scanf, etc., in a
binary, so I can use angr's VSA_DDG analysis to find all other
statements that directly or indirectly depend upon such calls.
IDA employs its FLIRT technology to identify statically linked library
functions. Is there an analogous technique in angr?
For dynamically linked library functions, binaries often contain thunk
"functions" that end with an indirect jump via an entry in a table
stored in the data segment. Is there a way in angr to identify such
calls and their target library functions?
More information about the angr