00001 /* 00002 PeRdr - PE file disassembler 00003 Copyright (C) 1999-2003 Frediano Ziglio 00004 ----- 00005 00006 This program is free software; you can redistribute it and/or modify 00007 it under the terms of the GNU General Public License as published by 00008 the Free Software Foundation; either version 2 of the License, or 00009 (at your option) any later version. 00010 00011 This program is distributed in the hope that it will be useful, 00012 but WITHOUT ANY WARRANTY; without even the implied warranty of 00013 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00014 GNU General Public License for more details. 00015 00016 You should have received a copy of the GNU General Public License 00017 along with this program; if not, write to the Free Software 00018 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 00019 ----- 00020 00021 INFORMATION 00022 www: https://freddy77.tripod.com/perdr/ 00023 e-mail: freddy77@angelfire.com 00024 */ 00025 #ifndef FILE_HEURISTIC_H 00026 #define FILE_HEURISTIC_H 00027 00028 #include "codeglob.h" 00029 00030 class CodeParser; 00031 class THeuristicMotor 00032 { 00033 public: 00034 THeuristicMotor(const CodeParser& codeInfo); 00035 bool ProcessSecure(CodeParser& codeInfo) 00036 { return Process(2,ByteInfo::priSafeHeuristics,codeInfo); }; 00037 bool ProcessUnsecure(CodeParser& codeInfo) 00038 { return Process(1,ByteInfo::priHeuristics,codeInfo); }; 00039 protected: 00040 typedef std::list<vma_t> TAddress; 00041 typedef std::map < vma_t, TAddress, std::less<vma_t> > TConstCallCount; 00042 TConstCallCount constCallCount; 00043 TConstCallCount globalVarCount; 00044 TAddresses callApi; 00045 private: 00046 bool Process(unsigned minimun,enum ByteInfo::TPriority priority,CodeParser& codeInfo); 00047 }; 00048 00049 #endif // FILE_HEURISTIC_H
1.2.15