From c0b8fe63c4858b1d18d18948a59677de7b550e5a Mon Sep 17 00:00:00 2001 From: Vasco Franco Date: Tue, 13 Oct 2020 13:45:13 +0100 Subject: [PATCH] Fixes a bug where the wrong function was retrieved Fixes a bug where the wrong function was retrieved, when there were overlapping functions that both contained the same address but where only one of them had an instruction starting at `addr` (i.e. the other one had `addr` is the middle of an instruction). --- __init__.py | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/__init__.py b/__init__.py index 4385151..6bac8ef 100644 --- a/__init__.py +++ b/__init__.py @@ -273,9 +273,21 @@ def collect_ils(bv, func): return lookup +def get_function_containing_instruction_at(bv, addr): + # Ensure that the `Function` returned contains an instruction starting at `addr` + # This is needed in the case of overlapping functions where instructions are not aligned + functions = bv.get_functions_containing(addr) # type: List[Function] + for func in functions: + instr_addrs = [instr_addr for _, instr_addr in func.instructions] + if addr in instr_addrs: + return func + + # Should never be reached + log_error("Found no function with instruction at address {:#x})".format(addr)) + + def graph_bnil(bv, addr): - blocks = bv.get_basic_blocks_at(addr) # type: List[BasicBlock] - function = blocks[0].function # type: Function + function = get_function_containing_instruction_at(bv, addr) # type: Function g = binaryninja.FlowGraph() (tokens,) = [ @@ -367,8 +379,7 @@ def match_condition(name, o): def match_bnil(bv, addr): - blocks = bv.get_basic_blocks_at(addr) # type: List[BasicBlock] - function = blocks[0].function # type: Function + function = get_function_containing_instruction_at(bv, addr) # type: Function lookup = collect_ils(bv, function)