-
-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cross references are broken in rebased binaries #5905
Comments
i think @ret2libc fixed this, can you confirm? |
I'm honestly not sure I did... or when. But please re-test the reproducer :) |
nope, not fixed, actually addresses failed to relocate and triggered an issue in afta as well
|
is this bini relocatable? anyway, -B doesnt seems to work fine with strings, so the strings flags are not relocated at all
… On 18 Mar 2019, at 17:07, Ahmed Abd El Mawgood ***@***.***> wrote:
nope, not fixed, actually addresses failed to relocate and triggered an issue in afta as well
➜ Downloads r2 -B 0xfd0000 /bin/ls
[0x00fd5310]> aaa
[x] Analyze all flags starting with sym. and entry0 (aa)
[x] Analyze function calls (aac)
[x] Analyze len bytes of instructions for references (aar)
[x] Type matching analysis for all functions (aaft)
[x] Use -AA or aaaa to perform additional experimental analysis.
[0x00fd5310]> q
➜ Downloads r2 -B 0xfd0000 challenge1.exe
[0x00fd170d]> aaa
[x] Analyze all flags starting with sym. and entry0 (aa)
[x] Analyze function calls (aac)
[x] Analyze len bytes of instructions for references (aar)
[Stack isn't initialized.s for all functions (aaft)
Try running aei and aeim commands before aft for default stack initialization
Stack isn't initialized.
[.. bunch of failing to initialize stacks ...]
Try running aei and aeim commands before aft for default stack initialization
Stack isn't initialized.
[x] Type matching analysis for all functions (aaft)
[x] Use -AA or aaaa to perform additional experimental analysis.
[0x00fd170d]> iz~pass
001 0x0000bf98 0x0040d198 17 18 (.rdata) ascii Enter password:\r\n
003 0x0000bfb8 0x0040d1b8 16 17 (.rdata) ascii Wrong password\r\n
[0x00fd170d]> axt 0x0040d1b8
[0x00fd170d]> axt 0x00fdd198
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub <#5905 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AA3-lqdOgXlzO-glSDvzDzUevMmbjAe0ks5vX7nfgaJpZM4KNEpc>.
|
Will be fixed with #13753. Do you wanna work on it? or at least write some tests when its implemented? |
sure I can unit test it once it is implemented just mention me in the PR, right now I can't see a pr for it |
enotime for this rls |
can you provide a test? |
I have a trigger explained above ^ and the binary file as well |
cc @yossizap |
Will look into it |
@yossizap 12h left for the release. any update on this? |
Sorry, didn't have a ton of time. This is a PE specific issue. radare2/libr/bin/format/pe/pe.c Lines 341 to 348 in 35b05d8
It uses the baddr from the header instead of using the actual binaddr. Attempting to fix. |
thanks |
That was a separate issue that was misleading. Can't really find any other differences specific to PEs that deal with baddr. This will require more time, maybe I'll be able to find something tomorrow morning. Not an issue in debug rebase btw, just with this type of rebase. EDIT: Also, not an issue with other windows binaries. This seems to be specific to something in that binary. |
see the new rb command (needs to implement anal things) |
this is the used binary
challenge1.exe.zip
The text was updated successfully, but these errors were encountered: