development/ghidra
development/ghidra
1
0
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra synced 2024-10-03 00:44:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

GP-3582 Fix arm Branch/Return waffle if correct function boundaries not created and LR is detected as a constant

Browse source
This commit is contained in:
emteere 2023-07-05 14:18:55 -04:00
parent bec2bf704b
commit 5b393764c6
1 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Ghidra/Processors/ARM/src/main/java/ghidra/app/plugin/core/analysis/ArmAnalyzer.java
View file

@ -78,6 +78,7 @@ public class ArmAnalyzer extends ConstantPropagationAnalyzer {
public AddressSet flowConstants(final Program program, Address flowStart,
AddressSetView flowSet, final SymbolicPropogator symEval, final TaskMonitor monitor)
throws CancelledException {
// follow all flows building up context
// use context to fill out addresses on certain instructions
ConstantPropagationContextEvaluator eval =
@ -229,11 +230,16 @@ public class ArmAnalyzer extends ConstantPropagationAnalyzer {
@Override
public boolean evaluateReturn(Varnode retVN, VarnodeContext context, Instruction instruction) {
// check if a return is actually returning, or is branching with a constant PC
// if flow already overridden, don't override again
if (instruction.getFlowOverride() != FlowOverride.NONE) {
return false;
}
if (retVN != null && context.isConstant(retVN)) {
long offset = retVN.getOffset();
if (offset > 3 && offset != -1) {
// need to override the return to a branch
// need to override the return flow to a branch
instruction.setFlowOverride(FlowOverride.BRANCH);
}
}