{"id":15426850,"url":"https://github.com/toshipiazza/drcfg","last_synced_at":"2025-04-19T16:04:22.614Z","repository":{"id":73021897,"uuid":"94275060","full_name":"toshipiazza/drcfg","owner":"toshipiazza","description":"Dynamic Control Flow Recovery","archived":false,"fork":false,"pushed_at":"2018-04-15T21:37:22.000Z","size":75,"stargazers_count":24,"open_issues_count":3,"forks_count":5,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-29T09:51:13.838Z","etag":null,"topics":["cfg","dynamorio"],"latest_commit_sha":null,"homepage":null,"language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/toshipiazza.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-06-14T01:31:58.000Z","updated_at":"2025-03-23T00:17:59.000Z","dependencies_parsed_at":null,"dependency_job_id":"4934b21a-d25e-451b-8b2d-c9c5bf3e4277","html_url":"https://github.com/toshipiazza/drcfg","commit_stats":{"total_commits":20,"total_committers":1,"mean_commits":20.0,"dds":0.0,"last_synced_commit":"cd5d19a19889c61a63b803e49f895ccf3bec1aad"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/toshipiazza%2Fdrcfg","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/toshipiazza%2Fdrcfg/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/toshipiazza%2Fdrcfg/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/toshipiazza%2Fdrcfg/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/toshipiazza","download_url":"https://codeload.github.com/toshipiazza/drcfg/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249220841,"owners_count":21232421,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cfg","dynamorio"],"created_at":"2024-10-01T17:58:10.747Z","updated_at":"2025-04-16T08:33:27.578Z","avatar_url":"https://github.com/toshipiazza.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"drcfg\n=====\n\nConstructs a CFG of the target program, without source. For motivation, see this [blog\npost](https://tpiazza.me/posts/2016-11-04-dynamorio_cfg.html). This plugin implements the\nfollowing:\n\n- intercepts conditional branch instructions (`cbr's`)\n- intercepts control transfer instructions (`cti's`)\n- dumps output in json format\n\n# Usage\n\n```\n$ drrun -c ./libcfg.so -- ../test/call.out\n{\n  \"branches\": [\n    \u003csnip\u003e\n    {\n      \"address\": 4194497,\n      \"targets\": [\n        4194500\n      ]\n    },\n    \u003csnip\u003e\n  ]\n}\n```\n\nOptions for `drcfg` are shown below:\n\n```\n -only_from_app       [ false]  Only count app, not lib, instructions\n -instrument_ret      [ false]  Count return instructions as control flow instructions\n -racy                [ false]  Perform racy hashtable insertion\n -no_cbr              [ false]  Don't count conditional branch instructions\n -no_cti              [ false]  Don't count control transfer instructions\n -output              [    \"\"]  Output results to file\n```\n\n# How to Build\n\n```\n$ mkdir -p build \u0026\u0026 cd build\n$ cmake .. -DDynamoRIO_DIR=\u003cpath/to/dr/cmake/\u003e\n$ make -j4\n```\n\n# TODO\n\nListed in relative order of importance\n\n- [x] Implement cache flushing as per `cbr.c`, to remove instrumentation once a branch has\n      or has not been taken. This will hopefully speed up applications considerably.\n- [x] Optionally intercept only branches in main module (i.e. `-only_from_app`)\n- [x] Dump json to a file\n- [ ] Optionally dump YAML\n- [x] Optionally instrument return cti's\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftoshipiazza%2Fdrcfg","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftoshipiazza%2Fdrcfg","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftoshipiazza%2Fdrcfg/lists"}