search

google / bindiff

Quickly find differences and similarities in disassembled code
https://zynamics.com/bindiff.html
Apache License 2.0
2.25k stars 142 forks source link

I urgently need a professional to help me interpret this result. #56

Closed Jacky-LinPeng closed 3 weeks ago

Jacky-LinPeng commented 3 weeks ago

I am a novice. I have compared two mirrors, and the comparison results are as follows. How should I interpret this information?

Command-line comparison

bindiff aaa.BinExport bbb.BinExport

BinDiff 7 (@377901646, Jun  7 2021), (c)2004-2011 zynamics GmbH, (c)2011-2021 Google LLC.
Function 0000000100C7FA40 is excessively large: 4 basic blocks, 4 edges, 18192 instructions. Discarding.
Function 00AB2E50 is excessively large: 18 basic blocks, 22 edges, 11431 instructions. Discarding.
Function 00BF9B64 is excessively large: 267 basic blocks, 266 edges, 10072 instructions. Discarding.
Setup: 4.15s
primary:   aaa: 173329 functions, 844637 calls
secondary: bbb: 92618 functions, 556119 calls
Matching: 19.10s
matched: 83608 of 173329/92618 (primary/secondary, 170753/89954 non-library)
call graph MD index: primary   3740.46
                     secondary 1433.78
Similarity: 16.3976% (Confidence: 54.2144%)
Writing results: 0.59s

BinDiff comparison

Image

I sincerely hope that professionals can help me. In the upper half of the picture, what do 49.2%, 4.9%, and 45.9% represent? Which way is more recommended to view the results?

gemesa commented 3 weeks ago

In the upper half of the picture, what do 49.2%, 4.9%, and 45.9% represent?

https://www.youtube.com/watch?v=xpfvclDlPwU&t=575s