Executing REIL code going from one function to another

[schomatis]

Continuing the development of #4, with the CFG and CG created for the factorial_example.elf, the next step would be to execute REIL code between two functions (arbitrarily chosen for now), that would include the execution path between the first function (e.g., main) and all the calls that happen until the second function (e.g., malloc) is reached. No specific execution environment (i.e., register or memory values) is neither set nor looked for.

@cnheitman What would be the BARF API/code for that? (there is some commented code in the current example that go towards that direction)

[cnheitman]

I've just pushed a new script in the example folder that does something similar to what you are trying to do. First, it builds the callgraph of the binary. Then, it finds two function, main and find_of_interest, and checks if there is a path between them. Finally, it executes main until the starting address of the other function. In this case, you have to set up the parameters of main in order to execute it. You can find the script here.