search

NationalSecurityAgency / ghidra

Ghidra is a software reverse engineering (SRE) framework
https://www.nsa.gov/ghidra
Apache License 2.0
51.28k stars 5.84k forks source link

Variable split breaks original variable #4671

Open ubitux opened 2 years ago

ubitux commented 2 years ago

Describe the bug When using the variable split features, sometimes the original symbol gets lost.

To Reproduce Steps to reproduce the behavior:

  1. gunzip attached program, load it into Ghidra, with analysis
  2. Jump to 0x0101180 and mark it as int main(int argc, char **argv)
  3. Rename pcVar5 (1st assignment to *argv) into prog_name
  4. Jump to line 42 (decompiler view) and use "Split Out As New Variable" on prog_name
  5. Rename it to ret0
  6. Observe that prog_name is now named pcVar6

Expected behavior pcVar6 should preserve its prog_name value

Screenshots Screencap of the operation: https://user-images.githubusercontent.com/34467/196301533-3b296965-af7f-4aa3-b41c-83708f6f6124.mp4

Attachments secr3tfl4g.gz

Environment (please complete the following information):

ubitux commented 1 year ago

Note: still reproducible with 10.2.3