Toshi Piazza
Toshi Piazza
Initial commit pulling in fully symbolic memory implementation from season-lab/memsight. Also updates reference implementation to python3 and to angr8. Toggles fully symbolic memory in angr via the FULLY_SYMBOLIC_MEMORY option.
Previously we would never record active successors post-step() to self._hierarchy; so, merges would never find a common ancestor to merge.
Blocking on https://github.com/Vector35/binaryninja-api/issues/1606 Right now, we undo control flow flattening by patching the binary and saving it to disk. Now that binja has a decompiler, it's worth updating the IL...
There appears to be several issues with --follow-fork. In no particular order: - Debugger loop sees multiple `CREATE_PROCESS_DEBUG_EVENT` debug events and the process handle gets overwritten - Debugger loop exits...
`RawSocketDesc` creates an AF_PACKET socket with libc::SOCK_RAW socket type in case of any medium https://github.com/smoltcp-rs/smoltcp/blob/fa7fd3c321b8a3bbe1a8a4ee2ee5dc1b63231d6b/src/phy/sys/raw_socket.rs#L21-L40 However, this doesn't work when Medium::Ip is passed to phy::RawSocket and to RawSocketDesc, since the...
See below ``` ca 4b 00 5a { J2_call assert_fail -- Flow Override: CALL_RETURN (CALL_TERMINATOR) ``` All instructions after the call are undefined. Also notice that the J2_call is not...
Previously we would emit pcode for instructions in the order they appear in the listing (order of increasing address). This assumption is incorrect for DUPLEX instructions. DUPLEX instructions appear in...
The plugin emits incorrect pcode for the following snippet: ``` { R3 = memw(R2+#0x0); memw(R2+#0x0) = #0x0 } ``` The store should occur _after_ the load, as written. The problem...
The current implementation of endloops has some issues. First, endloop01 has a subtle decompilation bug that doesn't seem to be an issue with pcode generation (see testHwLoop01). Also, the jumps...