Comments (6)
kamou
commented on July 23, 2024
main is the entrypoint in mach0 ?
from rz-ghidra.
radare
commented on July 23, 2024
yes
… On 21 Aug 2019, at 11:41, Ayman Khamouma (ak42) ***@***.***> wrote:
main is the entrypoint in mach0 ?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <#19>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAG75FVN227Y4GULRJ424GTQFUEWJANCNFSM4IOEDYWA>.
from rz-ghidra.
kamou
commented on July 23, 2024
the return issue seems related to ghidra:
I'll see if there's any way to automatically improve the result, but for now, I'll have a look at the parameters thing
from rz-ghidra.
radare
commented on July 23, 2024
several more basic problems on a hello world:
$ r2 a.out
[0x100000f60]> pdg
No function
[0x100000f60]> af
[0x100000f60]> pdg
// WARNING: [r2ghidra] Failed to match radare2 calling convention amd64 to Decompiler ProtoModel
// WARNING: [r2ghidra] Failed to find return address in ProtoModel
undefined8 main(void)
{
int32_t var_4h;
// [00] -r-x section size 35 named 0.__TEXT.__text
sym.imp.printf();
return 0;
}
[0x100000f60]> pdd
/* r2dec pseudo code output */
/* a.out @ 0x100000f60 */
#include <stdint.h>
int32_t main (void) {
int32_t var_4h;
/* [00] -r-x section size 35 named 0.__TEXT.__text */
al = 0;
eax = printf ("Hhello WOrld\n");
ecx = 0;
var_4h = eax;
eax = ecx;
return eax;
}
[0x100000f60]> cat ./hello.c
main() {
printf ("Hhello WOrld\n");
}
[0x100000f60]>
from rz-ghidra.
radare
commented on July 23, 2024
several more basic problems on a hello world:
$ r2 a.out
[0x100000f60]> pdg
No function
[0x100000f60]> af
[0x100000f60]> pdg
// WARNING: [r2ghidra] Failed to match radare2 calling convention amd64 to Decompiler ProtoModel
// WARNING: [r2ghidra] Failed to find return address in ProtoModel
undefined8 main(void)
{
int32_t var_4h;
// [00] -r-x section size 35 named 0.__TEXT.__text
sym.imp.printf();
return 0;
}
[0x100000f60]> pdd
/* r2dec pseudo code output */
/* a.out @ 0x100000f60 */
#include <stdint.h>
int32_t main (void) {
int32_t var_4h;
/* [00] -r-x section size 35 named 0.__TEXT.__text */
al = 0;
eax = printf ("Hhello WOrld\n");
ecx = 0;
var_4h = eax;
eax = ecx;
return eax;
}
[0x100000f60]> cat ./hello.c
main() {
printf ("Hhello WOrld\n");
}
[0x100000f60]>
from rz-ghidra.
XVilka
commented on July 23, 2024
Retested with the latest Rizin & Rz-ghidra (rizinorg/rizin@ead6016 and 0c9ab92 respectively) and it definitely was fixed:
[0x0000bfd6]> s main
[0x0000bfd6]> pdf
;-- main:
;-- _main:
;-- func.0000bfd7:
;-- pc:
;-- r15:
╭ entry0 ();
│ ; var int16_t var_14h @ stack - 0x14
│ ; var int16_t var_10h @ stack - 0x10
│ ; var int16_t var_ch @ stack - 0xc
│ ; var int16_t var_8h @ stack - 0x8
│ 0x0000bfd6 push {r7, lr}
│ 0x0000bfd8 mov r7, sp
│ 0x0000bfda sub sp, 0xc
│ 0x0000bfdc movs r0, 0
│ 0x0000bfde str r0, [var_ch]
│ 0x0000bfe0 movs r0, 1 ; int16_t arg1
│ 0x0000bfe2 movs r1, 2 ; int16_t arg2
│ 0x0000bfe4 movs r2, 3 ; int16_t arg3
│ 0x0000bfe6 movs r3, 4 ; int16_t arg4
│ 0x0000bfe8 movw sb, 5
│ 0x0000bfec str.w sb, [sp]
│ 0x0000bff0 movw sb, 6
│ 0x0000bff4 str.w sb, [var_10h]
│ 0x0000bff8 bl sym._calling ; sym._calling
│ 0x0000bffc add sp, 0xc
╰ 0x0000bffe pop {r7, pc}
[0x0000bfd6]> pdg
// WARNING: Variable defined which should be unmapped: var_14h
// WARNING: Variable defined which should be unmapped: var_10h
// WARNING: Variable defined which should be unmapped: var_8h
void entry0(void)
{
int16_t var_14h;
int16_t var_10h;
int16_t var_ch;
int16_t var_8h;
sym._calling(1, 2, 3, 4, 5, 6);
return;
}
[0x0000bfd6]> s sym.
sym._calling sym.__mh_execute_header sym.imp._calling sym.func.0000bfa3 sym._main
sym.func.0000bfd7
[0x0000bfd6]> s sym._calling
[0x0000bfa2]> pdg
int32_t sym._calling(int16_t arg1, int16_t arg2, int16_t arg3, int16_t arg4, int32_t placeholder_4, int16_t arg_4h)
{
undefined2 in_stack_00000006;
int16_t var_18h;
int16_t var_14h;
int16_t var_10h;
int16_t var_ch;
int16_t var_8h;
int16_t var_4h;
// [00] -r-x section size 94 named 0.__TEXT.__text
return (int32_t)arg1 + (int32_t)arg2 + (int32_t)arg3 + (int32_t)arg4 + placeholder_4 + _arg_4h;
}
[0x0000bfa2]> pdf
; UNKNOWN XREF from segment.TEXT @ +0xac
; CALL XREF from entry0 @ 0xbff8
;-- section.0.__TEXT.__text:
;-- func.0000bfa3:
╭ sym._calling (int16_t arg1, int16_t arg2, int16_t arg3, int16_t arg4, int16_t arg_4h);
│ ; arg int16_t arg1 @ r0
│ ; arg int16_t arg2 @ r1
│ ; arg int16_t arg3 @ r2
│ ; arg int16_t arg4 @ r3
│ ; var int16_t var_18h @ stack - 0x18
│ ; var int16_t var_14h @ stack - 0x14
│ ; var int16_t var_10h @ stack - 0x10
│ ; var int16_t var_ch @ stack - 0xc
│ ; var int16_t var_8h @ stack - 0x8
│ ; var int16_t var_4h @ stack - 0x4
│ ; arg int16_t arg_4h @ stack + 0x4
│ 0x0000bfa2 sub sp, 0x18 ; [00] -r-x section size 94 named 0.__TEXT.__text
│ 0x0000bfa4 ldr.w sb, [arg_4h]
│ 0x0000bfa8 ldr.w ip, [var_4h + 0x4]
│ 0x0000bfac str r0, [var_4h] ; arg1
│ 0x0000bfae str r1, [var_8h] ; arg2
│ 0x0000bfb0 str r2, [var_ch] ; arg3
│ 0x0000bfb2 str r3, [var_10h] ; arg4
│ 0x0000bfb4 ldr r0, [var_4h]
│ 0x0000bfb6 ldr r1, [var_8h]
│ 0x0000bfb8 add r0, r1
│ 0x0000bfba ldr r1, [var_ch]
│ 0x0000bfbc add r0, r1
│ 0x0000bfbe ldr r1, [var_10h]
│ 0x0000bfc0 add r0, r1
│ 0x0000bfc2 ldr r1, [var_4h + 0x4]
│ 0x0000bfc4 add r0, r1
│ 0x0000bfc6 ldr r1, [arg_4h]
│ 0x0000bfc8 add r0, r1
│ 0x0000bfca str.w ip, [var_14h]
│ 0x0000bfce str.w sb, [sp]
│ 0x0000bfd2 add sp, 0x18
╰ 0x0000bfd4 bx lr
[0x0000bfa2]>
from rz-ghidra.
Related Issues (20)
- Cutter plugin throws a CMake Error
- Caching decompiler output HOT 1
- Make less changes to the ghidra source code HOT 1
- AnnotateVariable() method doesn't find the correct reference offset for global variables HOT 5
- Ghidra Decompiler Error: Symbol method.public.Hello.void_say extends beyond the end of the address space
- Compilation errors while building Docker image
- install/usr/include/librz/rz_list.h:5:10: fatal error: ht_pp.h: No such file or directory #47 247.9 #include <ht_pp.h> #47 247.9 ^~~~~~~~~ HOT 3
- Bad function argument handling for arm thumb binaries
- Cutter plugin fails to build on macOS
- src/RizinUtils.h:14:48: error: 'RzListIter' {aka 'struct rz_list_iter_t'} has no member named 'n' HOT 4
- failed to build on gentoo HOT 1
- Support V850
- Failed to build with rizin 0.6.3 on MacOS HOT 2
- Fix `test/db/extras/ghidra typedef` test
- rz-ghidra didn't show variable stack size array
- QObject: No such file or directory
- Support XTensa
- Inconsistent Function signature between rizin and rz-ghidra
- Build fails with PugiXML 1.14 HOT 1
- PIC (mcu) architecture support HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rz-ghidra.