When hooking a function (e.g. sscanf(str, format, ...)) during tracing, used arguments (e.g. format / "%s %s") should be added to GdbTracer._accessed_regs or GdbTracer._accessed_mems.
When doing so, an analyst wouldn't have to manually add these in the YAML's states:entry:.
When hooking a function (e.g.
sscanf(str, format, ...)) during tracing, used arguments (e.g.format/"%s %s") should be added toGdbTracer._accessed_regsorGdbTracer._accessed_mems.When doing so, an analyst wouldn't have to manually add these in the YAML's
states:entry:.