1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
|
graph: { title: "control flow graph of 'obj_func_linearize'"
layoutalgorithm: minbackward
display_edge_labels: yes
manhatten_edges: yes
layout_nearfactor: 0
xspace: 25
node.color: white
node.textcolor: black
edge.color: black
edge.arrowsize: 15
edge.thickness: 4
node: { title: "0x00001f7c"
label: "\fu address\fn \fuinstruction \fn
0x00001f7c push ebp
0x00001f7d mov ebp, esp
0x00001f7f sub esp, (8)0x00000048
0x00001f82 mov dword [ebp + (8)0xfffffffc], (32)0x00000000
0x00001f89 mov dword [ebp + (8)0xfffffff8], (32)0x00000000
0x00001f90 mov dword [ebp + (8)0xffffffec], (32)0x00000000
0x00001f97 mov dword [ebp + (8)0xffffffe8], (32)0xffffffff
0x00001f9e mov dword [ebp + (8)0xffffffe4], (32)0x00000000
0x00001fa5 mov dword [ebp + (8)0xfffffff4], (32)0x00000000
" }
node: { title: "0x00001fb4"
label: "\fu address\fn \fuinstruction \fn
0x00001fb4 jmp dword (8)0x00000037
" }
node: { title: "0x00001fed"
label: "\fu address\fn \fuinstruction \fn
0x00001fed mov dword [ebp + (8)0xfffffff4], (32)0x00000000
" }
node: { title: "0x00001ffc"
label: "\fu address\fn \fuinstruction \fn
0x00001ffc jmp dword (32)0x000000e2
" }
node: { title: "0x000020e3"
label: "\fu address\fn \fuinstruction \fn
0x000020e3 cmp dword [ebp + (8)0xffffffe8], (8)0xffffffff
0x000020e7 j(e,z) dword (32)0x000000b1
" }
node: { title: "0x000020ed"
label: "\fu address\fn \fuinstruction \fn
0x000020ed mov eax, dword [ebp + (8)0xffffffe8]
0x000020f0 lea edx, dword [eax*4 + (32)0x00000000]
0x000020f7 mov eax, dword [ebp + (8)0x0000000c]
0x000020fa mov ecx, dword [eax + edx]
0x000020fd mov eax, dword [ebp + (8)0xffffffe8]
0x00002100 lea edx, dword [eax*4 + (32)0x00000000]
0x00002107 mov eax, dword [ebp + (8)0x0000000c]
0x0000210a mov eax, dword [eax + edx]
0x0000210d mov edx, dword [eax + (8)0x00000004]
0x00002110 mov eax, dword [ecx + (8)0x00000008]
0x00002113 sub eax, edx
0x00002115 mov dword [ebp + (8)0xfffffff0], eax
0x00002118 mov eax, dword [ebp + (8)0xffffffe8]
0x0000211b lea edx, dword [eax*4 + (32)0x00000000]
0x00002122 mov eax, dword [ebp + (8)0x0000000c]
0x00002125 mov edx, dword [eax + edx]
0x00002128 mov eax, dword [ebp + (8)0xffffffec]
0x0000212b add eax, dword [ebp + (8)0x00000008]
0x0000212e mov dword [edx + (8)0x00000004], eax
0x00002131 mov eax, dword [ebp + (8)0xffffffe8]
0x00002134 lea edx, dword [eax*4 + (32)0x00000000]
0x0000213b mov eax, dword [ebp + (8)0x0000000c]
0x0000213e mov edx, dword [eax + edx]
0x00002141 mov eax, dword [ebp + (8)0xffffffec]
0x00002144 add eax, dword [ebp + (8)0x00000008]
0x00002147 add eax, dword [ebp + (8)0xfffffff0]
0x0000214a mov dword [edx + (8)0x00000008], eax
0x0000214d mov edx, dword [ebp + (8)0xfffffff0]
0x00002150 lea eax, dword [ebp + (8)0xfffffff8]
0x00002153 add dword [eax], edx
0x00002155 mov eax, dword [ebp + (8)0xfffffff8]
0x00002158 mov dword [esp + (8)0x00000004], eax
0x0000215c mov eax, dword [ebp + (8)0xfffffffc]
0x0000215f mov dword [esp], eax
0x00002162 call dword (32)0xfffffffc
" }
node: { title: "0x00002167"
label: "\fu address\fn \fuinstruction \fn
0x00002167 mov dword [ebp + (8)0xfffffffc], eax
0x0000216a mov eax, dword [ebp + (8)0xfffffff0]
0x0000216d mov dword [esp + (8)0x00000008], eax
0x00002171 mov eax, dword [ebp + (8)0xffffffe8]
0x00002174 lea edx, dword [eax*4 + (32)0x00000000]
0x0000217b mov eax, dword [ebp + (8)0x0000000c]
0x0000217e mov eax, dword [eax + edx]
0x00002181 mov eax, dword [eax + (8)0x00000018]
0x00002184 mov dword [esp + (8)0x00000004], eax
0x00002188 mov eax, dword [ebp + (8)0xffffffec]
0x0000218b add eax, dword [ebp + (8)0xfffffffc]
0x0000218e mov dword [esp], eax
0x00002191 call dword (32)0xfffffffc
" }
node: { title: "0x00002196"
label: "\fu address\fn \fuinstruction \fn
0x00002196 mov edx, dword [ebp + (8)0xfffffff0]
0x00002199 lea eax, dword [ebp + (8)0xffffffec]
0x0000219c add dword [eax], edx
" }
node: { title: "0x0000219e"
label: "\fu address\fn \fuinstruction \fn
0x0000219e nop
" }
node: { title: "0x00002298"
label: "\fu address\fn \fuinstruction \fn
0x00002298 mov edx, dword [ebp + (8)0x00000014]
0x0000229b mov eax, dword [ebp + (8)0xfffffffc]
0x0000229e mov dword [edx], eax
0x000022a0 mov edx, dword [ebp + (8)0x00000018]
0x000022a3 mov eax, dword [ebp + (8)0xfffffff8]
0x000022a6 mov dword [edx], eax
0x000022a8 leave
0x000022a9 ret
" }
graph: { title: "loop 0x080c5cb0" label: "level 0"status: clustered color: lightgreen
node: { title: "0x00001fac"
color: aquamarine vertical_order: 2
label: "\fu address\fn \fuinstruction \fn
0x00001fac mov eax, dword [ebp + (8)0xfffffff4]
0x00001faf cmp eax, dword [ebp + (8)0x00000010]
0x00001fb2 j(b,nae) dword (8)0x00000002
" }
node: { title: "0x00001fb6"
label: "\fu address\fn \fuinstruction \fn
0x00001fb6 mov eax, dword [ebp + (8)0xfffffff4]
0x00001fb9 lea edx, dword [eax*4 + (32)0x00000000]
0x00001fc0 mov eax, dword [ebp + (8)0x0000000c]
0x00001fc3 mov eax, dword [eax + edx]
0x00001fc6 mov dword [esp], eax
0x00001fc9 call dword (32)0xfffff92c
" }
node: { title: "0x00001fce"
label: "\fu address\fn \fuinstruction \fn
0x00001fce mov eax, dword [ebp + (8)0xfffffff4]
0x00001fd1 lea edx, dword [eax*4 + (32)0x00000000]
0x00001fd8 mov eax, dword [ebp + (8)0x0000000c]
0x00001fdb mov eax, dword [eax + edx]
0x00001fde mov dword [esp], eax
0x00001fe1 call dword (32)0xfffff995
" }
node: { title: "0x00001fe6"
label: "\fu address\fn \fuinstruction \fn
0x00001fe6 lea eax, dword [ebp + (8)0xfffffff4]
0x00001fe9 inc dword [eax]
0x00001feb jmp dword (8)0xffffffbf
" }
}
graph: { title: "loop 0x080c6310" label: "level 0"status: clustered color: lightgreen
node: { title: "0x00001ff4"
color: aquamarine vertical_order: 5
label: "\fu address\fn \fuinstruction \fn
0x00001ff4 mov eax, dword [ebp + (8)0xfffffff4]
0x00001ff7 cmp eax, dword [ebp + (8)0x00000010]
0x00001ffa j(b,nae) dword (8)0x00000005
" }
node: { title: "0x00002001"
label: "\fu address\fn \fuinstruction \fn
0x00002001 cmp dword [ebp + (8)0x0000001c], (8)0x00000000
0x00002005 j(e,z) dword (8)0x00000021
" }
node: { title: "0x00002007"
label: "\fu address\fn \fuinstruction \fn
0x00002007 mov eax, dword [ebp + (8)0xfffffff4]
0x0000200a lea edx, dword [eax*4 + (32)0x00000000]
0x00002011 mov eax, dword [ebp + (8)0x0000000c]
0x00002014 mov eax, dword [eax + edx]
0x00002017 cmp dword [eax + (8)0x00000020], (8)0x00000001
0x0000201b j(ne,nz) dword (8)0x0000000b
" }
node: { title: "0x0000201d"
label: "\fu address\fn \fuinstruction \fn
0x0000201d mov eax, dword [ebp + (8)0xfffffff4]
0x00002020 mov dword [ebp + (8)0xffffffe8], eax
0x00002023 jmp dword (32)0x000000b1
" }
node: { title: "0x000020d9"
label: "\fu address\fn \fuinstruction \fn
0x000020d9 lea eax, dword [ebp + (8)0xfffffff4]
0x000020dc inc dword [eax]
0x000020de jmp dword (32)0xffffff11
" }
node: { title: "0x00002028"
label: "\fu address\fn \fuinstruction \fn
0x00002028 mov eax, dword [ebp + (8)0xfffffff4]
0x0000202b lea edx, dword [eax*4 + (32)0x00000000]
0x00002032 mov eax, dword [ebp + (8)0x0000000c]
0x00002035 mov ecx, dword [eax + edx]
0x00002038 mov eax, dword [ebp + (8)0xfffffff4]
0x0000203b lea edx, dword [eax*4 + (32)0x00000000]
0x00002042 mov eax, dword [ebp + (8)0x0000000c]
0x00002045 mov eax, dword [eax + edx]
0x00002048 mov edx, dword [eax + (8)0x00000004]
0x0000204b mov eax, dword [ecx + (8)0x00000008]
0x0000204e sub eax, edx
0x00002050 mov dword [ebp + (8)0xfffffff0], eax
0x00002053 mov eax, dword [ebp + (8)0xfffffff4]
0x00002056 lea edx, dword [eax*4 + (32)0x00000000]
0x0000205d mov eax, dword [ebp + (8)0x0000000c]
0x00002060 mov edx, dword [eax + edx]
0x00002063 mov eax, dword [ebp + (8)0xffffffec]
0x00002066 add eax, dword [ebp + (8)0x00000008]
0x00002069 mov dword [edx + (8)0x00000004], eax
0x0000206c mov eax, dword [ebp + (8)0xfffffff4]
0x0000206f lea edx, dword [eax*4 + (32)0x00000000]
0x00002076 mov eax, dword [ebp + (8)0x0000000c]
0x00002079 mov edx, dword [eax + edx]
0x0000207c mov eax, dword [ebp + (8)0xffffffec]
0x0000207f add eax, dword [ebp + (8)0x00000008]
0x00002082 add eax, dword [ebp + (8)0xfffffff0]
0x00002085 mov dword [edx + (8)0x00000008], eax
0x00002088 mov edx, dword [ebp + (8)0xfffffff0]
0x0000208b lea eax, dword [ebp + (8)0xfffffff8]
0x0000208e add dword [eax], edx
0x00002090 mov eax, dword [ebp + (8)0xfffffff8]
0x00002093 mov dword [esp + (8)0x00000004], eax
0x00002097 mov eax, dword [ebp + (8)0xfffffffc]
0x0000209a mov dword [esp], eax
0x0000209d call dword (32)0xfffffffc
" }
node: { title: "0x000020a2"
label: "\fu address\fn \fuinstruction \fn
0x000020a2 mov dword [ebp + (8)0xfffffffc], eax
0x000020a5 mov eax, dword [ebp + (8)0xfffffff0]
0x000020a8 mov dword [esp + (8)0x00000008], eax
0x000020ac mov eax, dword [ebp + (8)0xfffffff4]
0x000020af lea edx, dword [eax*4 + (32)0x00000000]
0x000020b6 mov eax, dword [ebp + (8)0x0000000c]
0x000020b9 mov eax, dword [eax + edx]
0x000020bc mov eax, dword [eax + (8)0x00000018]
0x000020bf mov dword [esp + (8)0x00000004], eax
0x000020c3 mov eax, dword [ebp + (8)0xffffffec]
0x000020c6 add eax, dword [ebp + (8)0xfffffffc]
0x000020c9 mov dword [esp], eax
0x000020cc call dword (32)0xfffffffc
" }
node: { title: "0x000020d1"
label: "\fu address\fn \fuinstruction \fn
0x000020d1 mov edx, dword [ebp + (8)0xfffffff0]
0x000020d4 lea eax, dword [ebp + (8)0xffffffec]
0x000020d7 add dword [eax], edx
" }
}
graph: { title: "loop 0x080ca640" label: "level 0"status: clustered color: lightgreen
node: { title: "0x0000219f"
color: aquamarine vertical_order: 12
label: "\fu address\fn \fuinstruction \fn
0x0000219f mov dword [ebp + (8)0xffffffe4], (32)0x00000000
0x000021a6 mov dword [ebp + (8)0xfffffff4], (32)0x00000000
" }
node: { title: "0x000021bf"
label: "\fu address\fn \fuinstruction \fn
0x000021bf jmp dword (32)0x000000ca
" }
node: { title: "0x0000228e"
label: "\fu address\fn \fuinstruction \fn
0x0000228e cmp dword [ebp + (8)0xffffffe4], (8)0x00000001
0x00002292 j(e,z) dword (32)0xffffff07
" }
node: { title: "0x000021f8"
label: "\fu address\fn \fuinstruction \fn
0x000021f8 mov eax, dword [ebp + (8)0xffffffe0]
0x000021fb mov dword [esp + (8)0x0000000c], eax
0x000021ff mov eax, dword [ebp + (8)0xfffffff4]
0x00002202 lea edx, dword [eax*4 + (32)0x00000000]
0x00002209 mov eax, dword [ebp + (8)0x0000000c]
0x0000220c mov eax, dword [eax + edx]
0x0000220f mov eax, dword [eax + (8)0x00000008]
0x00002212 mov dword [esp + (8)0x00000008], eax
0x00002216 mov eax, dword [ebp + (8)0xfffffff4]
0x00002219 lea edx, dword [eax*4 + (32)0x00000000]
0x00002220 mov eax, dword [ebp + (8)0x0000000c]
0x00002223 mov eax, dword [eax + edx]
0x00002226 mov eax, dword [eax + (8)0x00000004]
0x00002229 mov dword [esp + (8)0x00000004], eax
0x0000222d mov dword [esp], (32)0x080785b8
0x00002234 call dword (32)0xfffffffc
" }
node: { title: "0x00002239"
label: "\fu address\fn \fuinstruction \fn
0x00002239 mov eax, dword [ebp + (8)0x00000010]
0x0000223c mov dword [esp + (8)0x00000018], eax
0x00002240 mov eax, dword [ebp + (8)0x0000000c]
0x00002243 mov dword [esp + (8)0x00000014], eax
0x00002247 mov eax, dword [ebp + (8)0xffffffe0]
0x0000224a mov dword [esp + (8)0x00000010], eax
0x0000224e mov eax, dword [ebp + (8)0xfffffff4]
0x00002251 lea edx, dword [eax*4 + (32)0x00000000]
0x00002258 mov eax, dword [ebp + (8)0x0000000c]
0x0000225b mov eax, dword [eax + edx]
0x0000225e mov dword [esp + (8)0x0000000c], eax
0x00002262 mov eax, dword [ebp + (8)0x00000008]
0x00002265 mov dword [esp + (8)0x00000008], eax
0x00002269 lea eax, dword [ebp + (8)0xfffffff8]
0x0000226c mov dword [esp + (8)0x00000004], eax
0x00002270 lea eax, dword [ebp + (8)0xfffffffc]
0x00002273 mov dword [esp], eax
0x00002276 call dword (32)0x0000002f
" }
node: { title: "0x0000227b"
label: "\fu address\fn \fuinstruction \fn
0x0000227b mov dword [ebp + (8)0xffffffe4], (32)0x00000001
0x00002282 jmp dword (8)0x0000000a
" }
graph: { title: "loop 0x080c6d18" label: "level 1"status: clustered color: lightyellow
node: { title: "0x000021ad"
color: aquamarine vertical_order: 14
label: "\fu address\fn \fuinstruction \fn
0x000021ad cmp dword [ebp + (8)0xffffffe4], (8)0x00000000
0x000021b1 j(ne,nz) dword (32)0x000000d7
" }
node: { title: "0x000021b7"
label: "\fu address\fn \fuinstruction \fn
0x000021b7 mov eax, dword [ebp + (8)0xfffffff4]
0x000021ba cmp eax, dword [ebp + (8)0x00000010]
0x000021bd j(b,nae) dword (8)0x00000005
" }
node: { title: "0x000021c4"
label: "\fu address\fn \fuinstruction \fn
0x000021c4 mov eax, dword [ebp + (8)0xfffffff4]
0x000021c7 lea edx, dword [eax*4 + (32)0x00000000]
0x000021ce mov eax, dword [ebp + (8)0x0000000c]
0x000021d1 mov eax, dword [eax + edx]
0x000021d4 mov dword [esp + (8)0x00000008], eax
0x000021d8 mov eax, dword [ebp + (8)0x00000008]
0x000021db mov dword [esp + (8)0x00000004], eax
0x000021df mov eax, dword [ebp + (8)0xfffffffc]
0x000021e2 mov dword [esp], eax
0x000021e5 call dword (32)0x0000030a
" }
node: { title: "0x000021ea"
label: "\fu address\fn \fuinstruction \fn
0x000021ea mov dword [ebp + (8)0xffffffe0], eax
0x000021ed cmp dword [ebp + (8)0xffffffe0], (8)0x00000000
0x000021f1 j(ne,nz) dword (8)0x00000005
" }
node: { title: "0x000021f3"
label: "\fu address\fn \fuinstruction \fn
0x000021f3 jmp dword (32)0x0000008c
" }
node: { title: "0x00002284"
label: "\fu address\fn \fuinstruction \fn
0x00002284 lea eax, dword [ebp + (8)0xfffffff4]
0x00002287 inc dword [eax]
0x00002289 jmp dword (32)0xffffff1f
" }
}
}
edge: { sourcename: "0x00001f7c" targetname: "0x00001fac"label: "pass" }
edge: { sourcename: "0x00001fac" targetname: "0x00001fb4"label: "false" color: darkred }
edge: { sourcename: "0x00001fac" targetname: "0x00001fb6"label: "true" color: darkgreen }
edge: { sourcename: "0x00001fb4" targetname: "0x00001fed"}
edge: { sourcename: "0x00001fed" targetname: "0x00001ff4"label: "pass" }
edge: { sourcename: "0x00001ff4" targetname: "0x00001ffc"label: "false" color: darkred }
edge: { sourcename: "0x00001ff4" targetname: "0x00002001"label: "true" color: darkgreen }
edge: { sourcename: "0x00001ffc" targetname: "0x000020e3"}
edge: { sourcename: "0x000020e3" targetname: "0x000020ed"label: "false" color: darkred }
edge: { sourcename: "0x000020e3" targetname: "0x0000219e"label: "true" color: darkgreen }
edge: { sourcename: "0x000020ed" targetname: "0x00002167"}
edge: { sourcename: "0x00002167" targetname: "0x00002196"}
edge: { sourcename: "0x00002196" targetname: "0x0000219e"label: "pass" }
edge: { sourcename: "0x0000219e" targetname: "0x0000219f"label: "pass" }
edge: { sourcename: "0x0000219f" targetname: "0x000021ad"label: "pass" }
edge: { sourcename: "0x000021ad" targetname: "0x000021b7"label: "false" color: darkred }
edge: { sourcename: "0x000021ad" targetname: "0x0000228e"label: "true" color: darkgreen }
edge: { sourcename: "0x000021b7" targetname: "0x000021bf"label: "false" color: darkred }
edge: { sourcename: "0x000021b7" targetname: "0x000021c4"label: "true" color: darkgreen }
edge: { sourcename: "0x000021bf" targetname: "0x0000228e"}
edge: { sourcename: "0x0000228e" targetname: "0x00002298"label: "false" color: darkred }
edge: { sourcename: "0x0000228e" targetname: "0x0000219f"label: "true" color: darkgreen }
edge: { sourcename: "0x000021c4" targetname: "0x000021ea"}
edge: { sourcename: "0x000021ea" targetname: "0x000021f3"label: "false" color: darkred }
edge: { sourcename: "0x000021ea" targetname: "0x000021f8"label: "true" color: darkgreen }
edge: { sourcename: "0x000021f3" targetname: "0x00002284"}
edge: { sourcename: "0x00002284" targetname: "0x000021ad"}
edge: { sourcename: "0x000021f8" targetname: "0x00002239"}
edge: { sourcename: "0x00002239" targetname: "0x0000227b"}
edge: { sourcename: "0x0000227b" targetname: "0x0000228e"}
edge: { sourcename: "0x00002001" targetname: "0x00002007"label: "false" color: darkred }
edge: { sourcename: "0x00002001" targetname: "0x00002028"label: "true" color: darkgreen }
edge: { sourcename: "0x00002007" targetname: "0x0000201d"label: "false" color: darkred }
edge: { sourcename: "0x00002007" targetname: "0x00002028"label: "true" color: darkgreen }
edge: { sourcename: "0x0000201d" targetname: "0x000020d9"}
edge: { sourcename: "0x000020d9" targetname: "0x00001ff4"}
edge: { sourcename: "0x00002028" targetname: "0x000020a2"}
edge: { sourcename: "0x000020a2" targetname: "0x000020d1"}
edge: { sourcename: "0x000020d1" targetname: "0x000020d9"label: "pass" }
edge: { sourcename: "0x00001fb6" targetname: "0x00001fce"}
edge: { sourcename: "0x00001fce" targetname: "0x00001fe6"}
edge: { sourcename: "0x00001fe6" targetname: "0x00001fac"}
}
|
