New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Radare2 reports incorrect function size #59
Comments
I've checked with radare2 that the missing |
Extraction pass is part of the input dependency analyser @anahitH |
Reason is the wrong analysis of radare2. |
So far there seems to be no way to reliably find the size of a function. In my results I observed that the size seems to be incorrect only for the function Currently it looks like the only way to solve this problem is to not use |
Alright, let's keep this issue open until we find an adequate solution. |
I'm observing an error during patching that is a result of an "incorrect" analysis of radare2.
The error occurs from the IR below.
objdump
radare2 aa + afl
Observation:
Radare2 identifies sig_handler as size
217 (0xd9)
. However, this is too large and includes alarm_handler function. The patcher receives this size and computes a hash that spans both functions. If alarm_handler contains any other guard that needs to be patched before sig_handler, then this can result in an incorrect hash at runtime.Further, sig_handler contains
unreachable
, but noret
, thus also noret
instruction is present in the binary (possible reason why radare2 fails!).However, have a look at the function before extraction was applied. It contains
ret void
that is now missing insig_handler
and is instead only insig_handler0
.The text was updated successfully, but these errors were encountered: