Reputation: 1193
How to generate CFG for non executable binary files
I want to generate a control-flow graph for non-executable binary files. The objective is to perform static analysis on the generated binary files of Linux kernel. Is there any tool which can do this? Tools I found by searching are only for executable files.
I use obj-dump to disassemble the binary to assembly. Currently, I perform the analysis on assembly basic blocks, but in this method, I cannot guarantee if all execution paths are covered.
Upvotes: 1
Views: 642
Answers (2)
Reputation: 85
Control-flow graphs represent the flow of control of a program; if a CFG makes sense for your binary files in any way, they are necessarily executable one way or another, given an entry point.
Once you have your entry point as an address or function symbol, you can feed it to your binary analysis tool/library/platform and extract your CFG. There are many free open-source solutions, such as angr, BAP...
Note, if you can get rid of the binary analysis requirement and integrate this to a compile chain, LLVM is a powerful tool for this task.
Upvotes: 0
Reputation: 86
GrammaTech CodeSonar can provide static analysis of binaries, or individual object files: https://www.grammatech.com/products/binary-analysis. This is a commercial tool.
Upvotes: 0
Related Questions
- Building complete control flow graph for Linux kernel binary
- Generate raw binary from C code in Linux
- generating CFG for whole source code with LLVM
- How do I produce plain binary from object files?
- How to use libelf to generate an ELF file for my own compiler?
- gcc feature: generate list of source files from binary
- Creating an executable file without a compiler
- How-to rewrite a binary file or modfiy its control flow graph
- Creating ELF binaries without using libelf or other libraries
- Compile a static file into an executable