Closed YinWinston closed 5 years ago
The only option in which self._lower_match_ctx
will be None
and/or self._upper_match_ctx
will be None
is in the case that the binary file will be marked as located
but with size of 0 function. It looks like the for loop preform no iterations and this is why the contexts won't get initialized.
I can better handle this error case on my side, however I still want to know why the binary file looks empty. Can you post the number of functions in each src file, and the len(self._bin_functions_ctx)
at the beginning of this function? Maybe the compilation of your configuration file contained errors / wasn't without optimizations
Thanks for the quick response, these are the function counts(extracted from the JSON config file) for each of the source files used:
ValueError: None is not in list
. The command I used to run karta_analyze_src.py is python karta_analyze_src.py libpython 2.7.0 C:/Users/wyin/Documents/libpython C:/Users/wyin/Documents/libpython/libpython2.7.a
. When I compiled the makefile for libgcrypt, I changed the CFLAGS from -g -O2 -fvisibility=hidden -fno-delete-null-pointer-checks -Wall
to -g -O0 -fno-inline-functions -fno-builtin -fno-delete-null-pointer-checks -Wall
and the CCASFLAGS from -g -O2
to -g -O2 fno-inline-functions -fno-builtin -fno-delete-null-pointer-checks
. I've attached the makefile and the JSON configuration file below. Are there any optimizations or issues with the way I'm making the JSON config file?Added a commit to better handle this edge case, including clearer logs so the relevant file will be shown too.
We had similar errors in the past when IDA's analysis wasn't perfect / missed a few functions. My suggestion is to check again if you can help IDA better detect all of the functions - even functions without xrefs should be marked as functions so Karta will work as intended. I recommend using Thumbs Up: https://karta.readthedocs.io/en/latest/Thumbs%20Up.html
Closing for now. If the fix didn't solve the issue, feel free to re-open the ticket.
So right now I'm trying to add support for identification of the library libgcrypt. This time, I created a new JSON configuration file from the non-inlined and compiled version of libgcrypt. When I run karta_matcher.py on a test case for this library, it is capable of identifying libgcrypt. However, when it reaches the point of
Linking the binary functions to their respective tentative files
, Karta throws this exception:Again, the identification script I'm using for libgcrypt is just a slightly edited version of the identification script for zlib. I'm running Karta on IDA Pro 7.3 Do you know what could be causing this error and what I can do to fix it?