New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dumping BIL of raw x86-code binary data doesn't work #801
Comments
The problem is that bap doesn't find any functions in that binary (because there are none). The use case of If you would like to disassemble small chunks of code, you can use
or, for BIL
If you really need to use
In any case, our disassembler used to default to the first available byte in case if no functions starts were provided, it looks like from this issue, that it is no longer true. I believe that's it is a sane default for such corner cases. @gitoleg, can you please restore this behavior? |
Thank you for the reply and examples! That makes sense now. |
fix BinaryAnalysisPlatform#801 This PR fixes a problem with a pure code: as there are not any functions in there, bap just doesn't output anything. So, what we do here is not about only those files, but about reconstruction at all: we consider all blocks in reconstructor that don't have input edges as functions starts. And it make sence, e.g. in case of libraries, where there is no guarantee that every function will be called by some other function from this library.
fixes BinaryAnalysisPlatform#801 This PR fixes a problem with a disassembling of pure code: as there are not any functions in there, bap just doesn't output anything. So, what we do here is not about only those files, but about reconstruction at all: we consider all blocks in reconstructor that don't have input edges as functions starts. And it make sence, e.g. in case of libraries: there is no guarantee that every function will be called by some other function from this library.
fixes #801 This PR fixes a problem with a disassembling of pure code: as there are not any functions in there, bap just doesn't output anything. So, what we do here is not about only those files, but about reconstruction at all: we consider all blocks in reconstructor that don't have input edges as functions starts. And it make sence, e.g. in case of libraries: there is no guarantee that every function will be called by some other function from this library.
Either I'm profoundly misunderstanding how to use
bap
, or it's not working as the documentation describes:The final
bap
command above exits without printing the bil for the bytecode assembled with nasm.To verify that
/tmp/test.asm
was assembled correctly with nasm:The text was updated successfully, but these errors were encountered: