search

NationalSecurityAgency / ghidra

Ghidra is a software reverse engineering (SRE) framework
https://www.nsa.gov/ghidra
Apache License 2.0
50.55k stars 5.78k forks source link

Is coff support broken? #6836

Open bog-dan-ro opened 3 weeks ago

bog-dan-ro commented 3 weeks ago

I'm trying to decompile an old unix.gz kernel, but most of the symbols are not in the right position, most probably because the sections are not in the right positions...

Is the coff support broken or it needs some manual relocation of the sections?

ryanmkurtz commented 3 weeks ago

Some of my old COFF samples are looking fine, so it's not totally broken. There is likely something happening here that we haven't encountered before. I'll add it to my list.

zKBTuran commented 3 weeks ago

https://github.com/user-attachments/assets/748774a8-466c-4c1b-b2d4-cb0169fed823