Ref function support #4
Comments
|
Thanks, I'll take a look in the next days if I have a chance. But from my understanding of refs I think that it shouldn't be too difficult to implement some angr/binja-independent code to handle them. I would just throw a Yes, the binja plugin would have to keep a list of the functions needing a second pass and then apply the second pass, which is identical to the first pass but has the additional check for referenced functions. Throw in another platform-dependent callback like My code is not really much python aside from using some functional-style stuff (which isn't pythonic anyway) haha. Thanks for the test files, I will need them ;) |
TL;DR first: I have this working for my purposes but it won't fly with Binja as-is. I'm not sure how much time I'll have on this after this week so I wanted to share what I have so far and since r2 can talk to IDA pretty easily, I'm not sure if they'll actually get around to implementing this.
I've got an implementation that appears to work for me but won't do anything for you. I don't have Binary Ninja so I can't do any testing outside of my work on angr which is currently held up by a missing feature in CFG generation, which may not be implemented for a while.
Also, I'm afraid that this relies on REF functions always first being defined as Public functions in the SIG file, meaning they can be identified in the binary ahead of time, but I'm not sure that's always the case. And, with angr, I'm using your code as a module in my own plugin, which is where I do my checks for whether the function was already identified and re-generating the CFG based on the FLIRT signature's claim of what the function should look like; I'm guessing this will have to be done in nampa itself in order to work with Binja.
My Python is more of a pseudo-C so I didn't want to try ham-fisting this into your nice Pythonic implementation.
EDIT: My test binary, lib and signature is here.
The text was updated successfully, but these errors were encountered: