Export Functionality for Matched Functions in BinDiff
Closed this issue · 3 comments
Is your feature request related to a problem? Please describe.
Currently, when using BinDiff for binary file comparison, we can see the matched functions, but there's no convenient way to export this information for further analysis or processing. This leads to inefficiency when we need to perform additional operations on a large number of matched functions, especially when dealing with large projects or when we need to integrate the results with other tools.
Describe the solution you'd like
I would like BinDiff to add an export functionality that allows users to export all matched functions to a file. Specifically:
- Add an "Export Matched Functions" option in the BinDiff interface, which could be a button or a menu item.
- When this option is clicked, allow users to choose the export format (such as CSV, JSON, or XML) and the save location.
- The exported file should include key information for each matched function, such as function name, address, similarity score, etc.
- Ideally, users should be able to customize which fields they want to export.
This feature would greatly improve analysis efficiency and make it easier to integrate BinDiff results with other tools.
Describe alternatives you've considered
-
Manual copy and paste: Currently, it's possible to "export" data by manually copying information from the BinDiff interface and pasting it into a text editor, but this process is time-consuming and prone to errors.
-
Using screen capture tools: Screen capture tools could be used to capture BinDiff results, but this method is not precise and difficult to handle large amounts of data.
-
Developing third-party scripts: We've considered developing a script to read BinDiff output files and extract the required information, but this requires additional development work and may become obsolete with BinDiff version updates.
Additional context
This feature would be particularly helpful in the following scenarios:
- Version comparison of large software projects that require analysis of numerous matched functions.
- Security research, where BinDiff results need to be integrated with other vulnerability analysis tools.
- Automated workflows, where BinDiff results serve as input for other analysis steps.
If an API or command-line interface could be provided for this export functionality, it would be even more beneficial for integrating BinDiff into automated workflows.
Hi there! Yes, it should not be too hard to implement something like this.
The current workaround is this, though: .BinDiff files are SQLite databases, so you can access everything that is in there directly.
Example:
$ bindiff a.BinExport b.BinExport
...
$ sqlite3 a_vs_b.BinDiff
SQLite version 3.45.3 2024-04-15 13:34:05
Enter ".help" for usage hints.
sqlite> .tables
basicblock function metadata
basicblockalgorithm functionalgorithm
file instruction
sqlite> .schema function
CREATE TABLE function (id INT,address1 BIGINT,name1 TEXT,address2 BIGINT,name2 TEXT,similarity DOUBLE PRECISION,confidence DOUBLE PRECISION,flags INTEGER,algorithm SMALLINT,evaluate BOOLEAN,commentsported BOOLEAN,basicblocks INTEGER,edges INTEGER,instructions INTEGER,UNIQUE(address1, address2),PRIMARY KEY(id),FOREIGN KEY(algorithm) REFERENCES functionalgorithm(id));So if you JOIN the functionalgorithm table on algorithm, it should be straight forward to implement tooling to get what you want.
Let me know if this helps. I'll consider adding a JSON export in the next release - it is easy to do, after all.
Oh btw, PistonMiner's BD Viewer also looks at the SQLite database to implement a UI for Binary Ninja.
Any finally, we do accept patches/PRs, if you can sign the CLA :)
thanks~