The code now supports load-time dynamically linked binaries in addition to statically linked binaries. Library functions called are detected and analysed, by examining the implementation of the library on the system where the analysis code is executed. The backtracking code has also been improved to support more situations (for example when the syscall ID is moved from a register to the 'eax' register).
The code now supports load-time dynamically linked binaries in addition to statically linked binaries. Library functions called are detected and analysed, by examining the implementation of the library on the system where the analysis code is executed. The backtracking code has also been improved to support more situations (for example when the syscall ID is moved from a register to the 'eax' register).