Comments (5)
Also it doesn't print any errors if types that are probably unknown are used, like LPDIRECTDRAW in this case:
{
"dll": "DDRAW.DLL",
"export_name": "DirectDrawCreate",
"display_name": "DirectDrawCreate",
"convention": "stdcall",
"parameters": [
{
"name": "lpGUID",
"type": "GUID*",
"inout": "in"
},
{
"name": "lplpDD",
"type": "LPDIRECTDRAW*",
"inout": "out"
},
{
"name": "pUnkOuter",
"type": "IUnknown*",
"inout": "in"
}
],
"type": "HRESULT"
},
from pharos.
Because there can be a very large number of imports for each DLL, which can generate a large number of errors, we made the decision to only report the missing DLL where there is no data for the DLL. I think that once you've defined a single function for a given DLL, the remainder of the missing functions will be reported.
Right now the actual types aren't used by the Pharos system. We have some experimental type analysis code that is disabled by default due to performance issues that can conceptually use those types, and we hope to make better use of them in the future. In practice the parameters are just there right now to get a correct parameter count, and therefore a correct stack delta for the function.
from pharos.
I think that once you've defined a single function for a given DLL, the remainder of the missing functions will be reported.
Doesn't match what I experienced.
Right now the actual types aren't used by the Pharos system. We have some experimental type analysis code that is disabled by default due to performance issues that can conceptually use those types, and we hope to make better use of them in the future. In practice the parameters are just there right now to get a correct parameter count, and therefore a correct stack delta for the function.
Ha ok.
from pharos.
I've been looking though the ReportDictionary code in apidb.[cpp,h] that I wrote to handle this. I haven't found out what this might be via inspection, however. I'll do some testing a little later, but I think the warnings you want might be hidden at a lower level of logging. Please try with --log="APID(all)" to get all the gruesome details on what is actually being looked up and from where, under the hood.
from pharos.
Did the additional logging resolve this issue? Did the new release? If this problem still occurs, please attempt to provide a small test case that demonstrates the problem and we'll fix it. Internally we're agreed that it's supposed to have reported one error for the entire DLL when there's no data at all for that DLL, and report an error for each function individually where there is data for the DLL. The API database system is fairly complex and multi-layered, so it's possible that you've found something that we've just missed.
from pharos.
Related Issues (20)
- no need to create lies HOT 1
- ooprolog crash HOT 16
- Consistency checks failed in ooprolog. HOT 22
- Partition stuck at 94%, seems to not be using available memory HOT 14
- Partitioner stucks at 17 % and often gets killed HOT 4
- crash in partitioning: basic block does not contain instruction HOT 8
- Is there a method to exclude classes by name? HOT 29
- Add Support For Non-Standard Windows Based Executables. HOT 6
- Initial sanity check failed in ooprolog HOT 6
- Contribute to OOAnalyzer HOT 1
- Where can I find a plugin for Ghidra? HOT 1
- WSL: cannot see file mapped HOT 1
- Build error running make on CentOS 7 (error: constructor required before non-static data member) HOT 12
- Initial sanity checks failed: Contradictory information about constructor: factConstructor(0x4a347b) but reasonNOTConstructor(0x4a347b) HOT 2
- Unknown message: error(system_error(initialSanityChecks)) error from ooprolog HOT 24
- fn2yara segfaults HOT 2
- Duplicate IntegerOffsetSearcher code in funcs.cpp and fn2yara.cpp
- Concurrency problems in fn2hash and other tools HOT 15
- Segmentation fault (core dumped) HOT 6
- Broken link in documentation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pharos.