[KernelCache] "Load Selected Image and Dependencies" crashes #7615
Description
Version and Platform (required):
- Binary Ninja Version: 5.2.8605-dev Ultimate, 20561124
- OS: macos
- OS Version: 26.0
- CPU Architecture: arm64
Bug Description:
Using Load Selected Image and Dependencies from the context menu of the image list in the KCTriage view results in a crash.
Steps To Reproduce:
- Load any kernel cache.
- Right-click on an image in the image list.
- Click "Load Selected Image and Dependencies".
Actual Behavior:
Null pointer dereference.
Additional Information:
This is a regression from stable.
The underlying issue here is KernelCacheController::GetImageDependencies failing to check the return value of BNKernelCacheControllerGetImageDependencies and using an uninitialized variable if BNKernelCacheControllerGetImageDependencies returns null. This appears to have existed since the code was written, but count was harmlessly being initialized to 0. A change in the build configuration around 5.2.8258 means that count is now getting a random non-zero value, causing a crash.
I'm not even clear what "Load Selected Image and Dependencies" is expected to do in the kernel cache view. It appears to use code copied from the shared cache view and looks for LC_LOAD_DYLIB to determine dependencies, but kernel caches do not contain LC_LOAD_DYLIB commands.