Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error: unknown variant LZCOUNT, expected one of COPY...... when running the test sample #458

Closed
SunnyYANGyaya opened this issue Apr 11, 2024 · 7 comments
Closed

Error: unknown variant LZCOUNT, expected one of COPY...... when running the test sample #458

SunnyYANGyaya opened this issue Apr 11, 2024 · 7 comments

Comments

@SunnyYANGyaya
Copy link

please help me i got a troble and i cannot fix it
Snipaste_2024-04-11_11-19-25
@Enkelmann
Copy link
Contributor

You will encounter this error message when you use older versions of the cwe_checker with newer versions of Ghidra. There are two possible solutions:

  • Switch to an older Ghidra version. Ghidra 10.2.3 does not generate the LZCOUNT P-Code operation and should be fine.
  • Switch to a newer cwe_checker version. Right now, you would have to switch to the master branch, because the current stable version of the cwe_checker, v0.8, does not support LZCOUNT.

Which one of the two solutions is better for you depends on your use-case.

@SunnyYANGyaya
Copy link
Author

Thank you. I'll try it when I get back in the evening

@SunnyYANGyaya
Copy link
Author

Snipaste_2024-04-11_19-36-23
thank you (@_@), i am a beginner, and the question may be a bit silly
i switch to a newer cwe_checker to 0.9 and everything looks normal.
and i also have a question (O.O)
What is the purpose of this JSON file?
I found an example myself and didn't need JSON, but testing the sample requires JSON to start ghidra.
Snipaste_2024-04-11_19-45-14
Snipaste_2024-04-11_19-46-40

@vobst
Copy link
Collaborator

vobst commented Apr 11, 2024

Concerning the last screenshot, could you maybe run the cwe_checker with the --verbose flag and post the output you get? (No need to take a screenshot if you can copy-paste the text.)

@SunnyYANGyaya
Copy link
Author

iot@research:~/install-file/cwe_checker-master/test/bare_metal_samples$ cwe_checker test_sample.bin --verbose
INFO Using log config file: jar:file:/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Framework/Generic/lib/Generic.jar!/generic.log4j.xml (LoggingInitialization)
INFO Using log file: /home/iot/.ghidra/.ghidra_10.3.2_PUBLIC/application.log (LoggingInitialization)
INFO Loading user preferences: /home/iot/.ghidra/.ghidra_10.3.2_PUBLIC/preferences (Preferences)
INFO Loading previous preferences: /home/iot/.ghidra/.ghidra_10.1_PUBLIC/preferences (Preferences)
INFO Searching for classes... (ClassSearcher)
INFO Class search complete (817 ms) (ClassSearcher)
INFO Initializing SSL Context (SSLContextInitializer)
INFO Initializing Random Number Generator... (SecureRandomFactory)
INFO Random Number Generator initialization complete: NativePRNGNonBlocking (SecureRandomFactory)
INFO Trust manager disabled, cacerts have not been set (ApplicationTrustManagerFactory)
INFO HEADLESS Script Paths:
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/8051/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/GnuDemangler/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/PIC/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/MicrosoftCodeAnalyzer/ghidra_scripts
/home/iot/.local/share/cwe_checker/ghidra/p_code_extractor
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/FileFormats/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/PDB/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/Python/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/FunctionID/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/VersionTracking/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/BytePatterns/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Debug/Debugger/ghidra_scripts
/home/iot/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/Base/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/SystemEmulation/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/DATA/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Features/Decompiler/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Debug/Debugger-agent-dbgmodel-traceloader/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Debug/Debugger-agent-frida/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/JVM/ghidra_scripts
/home/iot/install-file/ghidra_10.3.2_PUBLIC/Ghidra/Processors/Atmel/ghidra_scripts (HeadlessAnalyzer)
INFO HEADLESS: execution starts (HeadlessAnalyzer)
INFO Creating temporary project: /run/user/1000/cwe_checker/PcodeExtractor_test_sample.bin_1712838619697 (HeadlessAnalyzer)
INFO Creating project: /run/user/1000/cwe_checker/PcodeExtractor_test_sample.bin_1712838619697 (DefaultProject)
INFO REPORT: Processing input files: (HeadlessAnalyzer)
INFO project: /run/user/1000/cwe_checker/PcodeExtractor_test_sample.bin_1712838619697 (HeadlessAnalyzer)
INFO IMPORTING: /home/iot/install-file/cwe_checker-master/test/bare_metal_samples/test_sample.bin (HeadlessAnalyzer)
INFO No load spec found for import file: /home/iot/install-file/cwe_checker-master/test/bare_metal_samples/test_sample.bin (AutoImporter)
ERROR The AutoImporter could not successfully load /home/iot/install-file/cwe_checker-master/test/bare_metal_samples/test_sample.bin with the provided import parameters. Please ensure that any specified processor/cspec arguments are compatible with the loader that is used during import and try again. (HeadlessAnalyzer)
ERROR REPORT: Import failed for file: /home/iot/install-file/cwe_checker-master/test/bare_metal_samples/test_sample.bin (HeadlessAnalyzer)

openjdk version "17.0.7" 2023-04-18
OpenJDK Runtime Environment (build 17.0.7+7-Ubuntu-0ubuntu118.04)
OpenJDK 64-Bit Server VM (build 17.0.7+7-Ubuntu-0ubuntu118.04, mixed mode)

Ghidra plugin failed with exit code 0
Execution of Ghidra plugin failed.

@vobst
Copy link
Collaborator

vobst commented Apr 11, 2024
edited
Loading

Ah, thanks I see: To analyze a bare-metal firmware sample the cwe_checker requires some additional information about the target. This is what is contained in the Json file. You can have a look at the contents of bare_metal/stm32f407vg.json to get an idea which kind of information is required. In general you will have to figure out this information manually, e.g., from a SoCs datasheet. The error you get occurs because Ghidra can not properly analyze the binary file without this in information.

For ELF or PE files such information is not required as it can be inferred from the file headers. This is why mini_httpd worked.

@SunnyYANGyaya
Copy link
Author

Thank you so much ! (O.O) I am currently trying to understand this perfect code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Enkelmann @vobst @SunnyYANGyaya