Binpang
Binpang
> I see. I guess it means if we follow the rule, we would get a sound result for data identification (i.e., w/o false negative but w/ false positive). I...
Hello, I agree that "cold functions" are not real functions. And most of these addresses are not marked as function entries by our toolchain as I know. In fact, most...
Hello, we run `angr` with `normalize=True` and `detect_tail_calls=True`. > I understand that angr splits basic blocks at function calls Yes, we merge the edges when comparing with angr to avoid...
Yeah, it happens when the executable binary is not PIE mode. When the executable binary and dynamic library want to share a global variable, they use the global variable that...
It's similar to `LiftEA` function. Sure, I'll submit a PR later.
for mcsema-disass: ``` mcsema-disass --disassembler ~/ida-7.2/idat64 --os linux --arch amd64 --output /tmp/test_qsort.cfg --binary ./test_qsort --entrypoint main --log_file /tmp/test_qsort.log ``` for mcsema-lift: ``` mcsema-lift-4.0 --os linux --arch amd64 --cfg /tmp/test_qsort.cfg --output...
No, it's not pie mode. I compile it with `--no-pie`. And I double checked it with `file`, it's `ELF 64-bit LSB executable`.
Thank you for your answer! It try to make reference at these two locations([link1](https://github.com/trailofbits/mcsema/blob/master/tools/mcsema_disass/ida7/segment.py#L246) and [link2](https://github.com/trailofbits/mcsema/blob/master/tools/mcsema_disass/ida7/segment.py#L255)) by using `make_xref` function. And in `make_xref`, it takes a check in [link3](https://github.com/trailofbits/mcsema/blob/master/tools/mcsema_disass/ida7/util.py#L527): `if...
Hello, thanks for your prompt reply. My source code has some mistakes which leads to could not reproduce this error. I update the source code and it is reproducible on...
Hello! It appears that you are experiencing a dependency issue on Ubuntu 22.04. Could you build the toolchain with docker? The step to building the docker image is [here](https://github.com/junxzm1990/x86-sok#docker).