Studio:Working with "default" candidates

From STRIDE Wiki
Jump to: navigation, search

scl_ptr_flist() serves as a "shorthand" method of declaring a "default" candidate.

Note: When using scl_ptr_flist() to define candidates, the function pointer prototypes are defined internally within STRIDE, rather than by the user.

Example

// function pointer typedef
typedef void (*FPtr) (int, char);
void foo(FPtr *pFPtr);
void foo1(FPtr *pFPtr);
void foo2(FPtr *pFPtr);
void foo3(FPtr *pFPtr);

// candidate prototypes
void C1(int x, char y);
void C2(int x, char y);
void C3(int x, char y);

// capture candidate prototypes
#pragma scl_function(C1)
#pragma scl_function(C2)
#pragma scl_function(C3)

How to declare a "default" candidate using scl_ptr_flist()

There are several methods of declaring a "default" candidate using scl_ptr_flist(). Each method is explained below.

Method 1: Candidate list declaration using predefined function prototypes

#pragma scl_function(foo)
#pragma scl_ptr_flist(*foo.pFPtr, C1, C2, C3)

The candidates' (C1, C2, C3) prototypes are defined and captured, and proxies/stubs will be generated. In the parent function (the function that contains the function pointer PFptr) will use a for loop to search through the static table to bind the function pointer with the SMID or vice versa. The command and response payloads of the candidate functions (C1, C2, C3) can be captured via tracing.

Method 2: Candidate list declaration using shorthand method

#pragma scl_function(foo1)
#pragma scl_ptr_flist(*foo1.pFPtr, "cand1")

"Default" proxies/stubs will be generated for the name in quotes in scl_ptr_flist() "cand1" in the example above. The command and response payloads of the candidate functions (e.g., "cand1") can be captured via tracing.

Method 3: Candidate list declaration using combination of predefined functions and shorthand method

#pragma scl_function(foo2)
#pragma scl_ptr_flist(*foo2.pFPtr, "cand4", C2)

The candidate "cand4" is interpreted by STRIDE as follows:

void cand4(int p1, char p2);
#pragma scl_function(cand4)

"Default" proxies/stubs will be generated for the name in quotes in scl_ptr_flist() "cand4" in the example above. The command and response payloads of the candidate functions (e.g., "cand4") can be captured via tracing.

Method 4: "Default" candidate declaration

#pragma scl_function(foo3)
#pragma scl_ptr_flist(*foo3.pFPtr, "def_cand")

The candidate "def_cand" is interpreted by STRIDE as follows: 

void def_cand(int p1, char p2);
#pragma scl_function(def_cand)

A "default" proxy/stub will be generated for def_cand. The parent function will not use a for loop and the proxy will replace the existing function pointer in the table with the passed-in function pointer. The command and response payloads of any function prototype with the identical signature to def_cand can be captured via tracing.

Retrieved from "https://www.stridewiki.com/index.php?title=Studio:Working_with_%22default%22_candidates&oldid=10992"