The --init-mem option currently tells WP to initialize everything in the .rodata section for both the original and modified binaries. In some binaries, we might be interested in code that gets inlined into the .text section (e.g. constant pools on ARM/Thumb).
This PR changes the behavior to look at any segment without write permissions. Since this will include the executable segments, it can potentially cause a blowup in memory usage. To fix this, we cache the set of known code addresses by calling Disasm.Driver.explore on entry to the library/plugin.
Additionally, we can make the observation that when running a comparative analysis, it is likely that the two binaries will differ in terms of the contents of the executable code. Thus, any precondition which supposes that the initial memories are equivalent will lead to inconsistent assumptions when we use the --init-mem feature.
On a side note, if an OGRE file was provided, then Utils.init_mem should use that as the loader instead of the default loader (currently LLVM). This can save a lot on memory usage and running time.
The
--init-memoption currently tells WP to initialize everything in the.rodatasection for both the original and modified binaries. In some binaries, we might be interested in code that gets inlined into the.textsection (e.g. constant pools on ARM/Thumb).This PR changes the behavior to look at any segment without write permissions. Since this will include the executable segments, it can potentially cause a blowup in memory usage. To fix this, we cache the set of known code addresses by calling
Disasm.Driver.exploreon entry to the library/plugin.Additionally, we can make the observation that when running a comparative analysis, it is likely that the two binaries will differ in terms of the contents of the executable code. Thus, any precondition which supposes that the initial memories are equivalent will lead to inconsistent assumptions when we use the
--init-memfeature.On a side note, if an OGRE file was provided, then
Utils.init_memshould use that as the loader instead of the default loader (currently LLVM). This can save a lot on memory usage and running time.