Developers utilize this information in an attempt to improve the performance of their
programs. The basic idea is that performance can be visibly improved by making the
most commonly used portions of code very fast. Like coverage tools, profiling tools may
not be of tremendous use in locating vulnerabilities in software. Exploit developers care
little whether a particular program is fast or slow; they care simply whether the program
can be exploited.
Flow Analysis Tools
Flow analysis tools assist in understanding the flow of control or data within a program.
Flow analysis tools can be run against source code or binary code, and often generate
various types of graphs to assist in visualizing how the portions of a program interact.
IDA Pro offers control flow visualization through its graphing capabilities. The graphs
that IDA generates are depictions of all of the cross-referencing information that IDA
develops as it analyzes a binary. Figure 14-1 shows a function call tree generated by IDA
for a very simple program using IDA??™s Xrefs From (cross-references from) menu option.
In this case we see all of the functions referenced from a function named sub_804882F,
and the graph answers the question ???Where do we go from here???? To generate such a display,
IDA performs a recursive descent through all functions called by sub_804882F.
Pages:
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618