stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9b58589ba01342d5df7ab3bbfd7370cc970cdd21
git.stella-ops.org/docs/features/unchecked/binaryindex/symbol-change-tracking-in-binary-diffs.md

2.2 KiB
Raw Blame History

Symbol Change Tracking in Binary Diffs (SymbolChangeTracer)

Module

BinaryIndex

Status

IMPLEMENTED

Description

Extends BinaryIndex DeltaSignature module to track which specific symbols changed between binary versions (not just whether they match). Adds change metadata to SymbolMatchResult and provides detailed CFG hash and instruction hash comparison for symbol-level binary change forensics.

Implementation Details

  • Modules: src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/
  • Key Classes:
    • SymbolChangeTracer (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/SymbolChangeTracer.cs) - traces symbol-level changes between binary versions with detailed CFG hash and instruction hash comparison
    • DeltaSignatureGenerator (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/DeltaSignatureGenerator.cs) - generates delta signatures capturing symbol change metadata
    • DeltaSignatureMatcher (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/DeltaSignatureMatcher.cs) - matches signatures with change tracking awareness
    • CfgExtractor (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/CfgExtractor.cs) - extracts CFG for hash comparison
    • IrDiffGenerator (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/IrDiff/IrDiffGenerator.cs) - generates IR-level diffs for detailed change analysis
  • Interfaces: ISymbolChangeTracer (src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.DeltaSig/ISymbolChangeTracer.cs)
  • Models: SymbolMatchResult with change metadata in Models.cs
  • Source: SPRINT_20260112_200_003_BINDEX_symbol_tracking.md

E2E Test Plan

  • Compare two binary versions with known symbol changes and verify SymbolChangeTracer identifies which symbols changed
  • Verify CFG hash comparison detects control flow changes in modified functions
  • Verify instruction hash comparison detects instruction-level changes
  • Verify SymbolMatchResult includes change metadata (added, removed, modified symbols)
  • Verify IR-level diff captures semantic changes beyond byte-level differences
  • Verify unchanged symbols are correctly identified as stable between versions