ryanmkurtz
commented
1 year ago There is not enough information here for us to be able to act on anything. We would need some screen shots of the difference and the binary attached to proceed.
Open b00tkitism opened 1 year ago
ryanmkurtz
commented
1 year ago There is not enough information here for us to be able to act on anything. We would need some screen shots of the difference and the binary attached to proceed.
b00tkitism
commented
1 year ago @ryanmkurtz I cannot attach the binary, because it's somehow private. But I'll share the screenshots.
b00tkitism
commented
1 year ago Ghidra:
IDA pro:
b00tkitism
commented
1 year ago Any thoughts on this ?
astrelsky
commented
1 year ago The poor decompilation is the result of user error because the type of m_pCoverEntity is probably not defined. However, if this information should have come from debug information then there may be a bug in that processing.
Describe the bug I analyzed a single function in both IDA and Ghidra, IDA can recognize pointer type of a variable, but Ghidra can't, both of them know that type exists.
To Reproduce unfortunately I don't know how you can reproduce this, I analyzed a malware
Expected behavior Ghidra should recognize pointer type and cast that value to that type
Environment (please complete the following information):