Comments (3)
sei-ccohen
commented on August 13, 2024
Interesting test case. I think the explanation of the behavior goes something like this... The function bar is not called from anywhere, so the partitioner must make some guesses to discover it. The "align 10h" at 0x40103F is probably actually some form of NOP instruction, although I've not actually confirmed this. Then when we come to the unknown "data block" beginning around 0x040102B(?), we attempt to make code, which succeeds in creating something vaguely "bar-like" but at the wrong address. We would get better results if bar() was actually called from somewhere. Arguably, if bar() is not called from anywhere, is there really a function there? Obviously there is, but it's also not too surprising that it's hard to find correctly. :-)
from pharos.
Trass3r
commented on August 13, 2024
Just a reduced test case, in the original code it's probably used. But may have been virtual functions.
from pharos.
sei-ccohen
commented on August 13, 2024
I was going to say "called or used in a virtual function table", but then I realized that the partitioner doesn't really know about virtual function tables, so the problem will persist when the only reference to the function is in a virtual table and it is not called directly elsewhere. :-( The fix for that problem is much more complicated, and involves freeing our framework from the idea that partitioning occurs before analysis, and shifting to a model where partitioning occurs during analysis. Sadly, that's not likely to happy any time soon...
from pharos.
Related Issues (20)
- no need to create lies HOT 1
- ooprolog crash HOT 16
- Consistency checks failed in ooprolog. HOT 22
- Partition stuck at 94%, seems to not be using available memory HOT 14
- Partitioner stucks at 17 % and often gets killed HOT 4
- crash in partitioning: basic block does not contain instruction HOT 8
- Is there a method to exclude classes by name? HOT 29
- Add Support For Non-Standard Windows Based Executables. HOT 6
- Initial sanity check failed in ooprolog HOT 6
- Contribute to OOAnalyzer HOT 1
- Where can I find a plugin for Ghidra? HOT 1
- WSL: cannot see file mapped HOT 1
- Build error running make on CentOS 7 (error: constructor required before non-static data member) HOT 12
- Initial sanity checks failed: Contradictory information about constructor: factConstructor(0x4a347b) but reasonNOTConstructor(0x4a347b) HOT 2
- Unknown message: error(system_error(initialSanityChecks)) error from ooprolog HOT 24
- fn2yara segfaults HOT 2
- Duplicate IntegerOffsetSearcher code in funcs.cpp and fn2yara.cpp
- Concurrency problems in fn2hash and other tools HOT 12
- Segmentation fault (core dumped) HOT 6
- Broken link in documentation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pharos.