search

ChrisTheCoolHut / Firmware_Slap

Discovering vulnerabilities in firmware through concolic analysis and function clustering.
GNU General Public License v3.0
468 stars 79 forks source link

Multiple Library locations / folders #19

Closed nstarke closed 5 years ago

nstarke commented 5 years ago

Is it possible to specify multiple LD_PATH / library locations (-L) for Discover_and_Dump.py ? If not, could you give me a brief rundown on where you would put that functionality so I can create a pull request to add this feature? Thank you!

ChrisTheCoolHut commented 5 years ago

In firmware_slap/function_analyzer.py the do_trace function accepts a string for ld_path. on line 200 it is passed as a string to angr.Project().

Behind the scenes it is checking to see if this object is a string or a list. You can pass ld_path here a list of paths to check instead of a string. So if you modify ld_path in function_analyzer (do_trace & trace_function) (and all dependents) to use a list instead you can have it specify multiple paths.

I would likely just turn args.ld_path into a list by splitting on : like ld-linux does, so the style is similar.

eg: -L /sysroot/lib:/sysroot/usr/lib

nstarke commented 5 years ago

I'll attempt to submit a PR tonight. Thanks!