Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug in bin2llvmir Decoder #637

Closed
seviezhou opened this issue Sep 4, 2019 · 2 comments
Closed

Bug in bin2llvmir Decoder #637

seviezhou opened this issue Sep 4, 2019 · 2 comments
Labels
bug C-bin2llvmir

Comments

@seviezhou
Copy link
Contributor

I try to translate the following PE file:

pe-Windows-x86-cmd.zip

But in the decoder phase, the retdec just gets an error and exits:

屏幕快照 2019-09-04 19 57 03

The problem is in file src/bin2llvmir/optimizations/decoder/ir_modifications.cpp, function Decoder::canSplitFunctionOn, line 426 and line 445, two portions of code:

...
			auto up = fncStarts.upper_bound(bAddr);
			--up;
			Address bFnc = *up;

...
				auto up = fncStarts.upper_bound(pAddr);
				--up;
				Address pFnc = *up;

...

The problem here is, if up equals to fncStarts.begin(), the --up will crash, the possible fix is:

            auto up = fncStarts.upper_bound(bAddr);
            if (up == fncStarts.begin()) {
                return false;
            }
            --up;
            uint64_t bFnc = *up;

After this fix, the Decoder works well:

屏幕快照 2019-09-04 19 59 56
@xkubov
Copy link
Contributor

xkubov commented Sep 9, 2019
edited
Loading

Hi, thank you for the report. Indeed it looks like an issue as the boundaries are not checked in those parts of the code. If you want, you can open a pull request to fix this issue.

seviezhou added a commit to seviezhou/retdec that referenced this issue Sep 9, 2019
@seviezhou
Try to fix issue avast#637
c517d07 
Reference: avast#637
@seviezhou seviezhou mentioned this issue Sep 9, 2019
Merged
PeterMatula pushed a commit that referenced this issue Sep 10, 2019
@seviezhou @PeterMatula
Try to fix issue #637
517298b 
Reference: #637
PeterMatula added a commit that referenced this issue Sep 10, 2019
@PeterMatula
CHANGELOG.md: add entries for #637 and #641.
a894749
@PeterMatula
Copy link
Collaborator

  • Fixed by Try to fix issue #637 #641.
  • Added CHANGELOG.md entry in a894749.
  • Since this was not a decompilation quality bug, but a crash bug, I added the binary to the internal nightly tests suite that checks that RetDec does not crash.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug C-bin2llvmir
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@seviezhou @PeterMatula @xkubov