_start_heuristic
alexander-hanel opened this issue · 1 comments
Add 64bit of function prologue for detecting the start of a function. Review old blog post on function prologue and epilogue.
https://hooked-on-mnemonics.blogspot.com/2013/08/exploring-functions-with-undefinderpy.html
The _start_heuristic should be renamed to func_start_heuristic. This function will contains heuristics for finding the start and end of a function based off of arbitrary offset. An interesting question is to how to store the data and how will it be used? This will be a good starting place for the recursive disassembly of the whole program. The ability to do xrefs to a single address is one of the most valuable analysis tools.
One possible storage solution is to use a graph structure with each node/vertex containing an enum of bytes, mnemonic, size, address, operands and flags similar to IDA.