search

Scags / IDA-Scripts

Some random IDA scripts I wrote
MIT License
57 stars 4 forks source link

[vtable-io] OverflowError: in method 'get_bytes', argument 2 of type 'unsigned int' #4

Closed sapphonie closed 11 months ago

sapphonie commented 11 months ago

IDA spew:

BinDiff 8 (@568181968, Sep 25 2023), (c)2004-2011 zynamics GmbH, (c)2011-2023 Google LLC.
BinExport 12 (@568181968, Sep 25 2023), (c)2004-2011 zynamics GmbH, (c)2011-2023 Google LLC.
[BinSync] 3.25.1 loaded!
Possible file format: ELF for Intel 386 (Shared object) (D:\IDA8.3\loaders\elf64.dll)

  bytes   pages size description
--------- ----- ---- --------------------------------------------
 80478208  9824 8192 allocating memory for b-tree...
 80478208  9824 8192 allocating memory for virtual array...
   262144    32 8192 allocating memory for name pointers...
-----------------------------------------------------------------
161218560            total memory allocated

Loading processor module D:\IDA8.3\procs\pc64.dll for metapc...Initializing processor module metapc...OK
Autoanalysis subsystem has been initialized.
Loading file 'D:\ida\tf2c\2.1.3\server.so' into database...
Detected file format: ELF for Intel 386 (Shared object)
Assuming __cdecl calling convention by default
  0. Creating a new segment  (00000000-0040FB5C) ... ... OK
  1. Creating a new segment  (00410000-00D3149C) ... ... OK
  2. Creating a new segment  (00D32000-00FFB2E5) ... ... OK
  3. Creating a new segment  (00FFD040-0123C824) ... ... OK
Assuming __cdecl calling convention by default
Type library 'gnulnx_x86' loaded. Applying types...
Types applied to 0 names.
  4. Creating a new segment  (00410000-00410020) ... ... OK
     Deleting segment        (00410020-00D3149C) ...
  4. Creating a new segment  (00410020-00D3149C) ... ... OK
  5. Creating a new segment  (00410020-0043A2E0) ... ... OK
     Deleting segment        (0043A2E0-00D3149C) ...
  5. Creating a new segment  (0043A2E0-00D3149C) ... ... OK
  6. Creating a new segment  (0043A2E0-0043A6C8) ... ... OK
     Deleting segment        (0043A6C8-00D3149C) ...
  6. Creating a new segment  (0043A6C8-00D3149C) ... ... OK
  7. Creating a new segment  (0043A6D0-00D31488) ... ... OK
  8. Creating a new segment  (00D31488-00D3149C) ... ... OK
     Deleting segment        (00D31488-00D3149C) ...
  8. Creating a new segment  (00D31488-00D3149C) ... ... OK
  9. Creating a new segment  (00D32000-00E26620) ... ... OK
     Deleting segment        (00E26620-00FFB2E5) ...
  9. Creating a new segment  (00E26620-00FFB2E5) ... ... OK
 10. Creating a new segment  (00E26620-00E6AA64) ... ... OK
     Deleting segment        (00E6AA64-00FFB2E5) ...
 10. Creating a new segment  (00E6AA64-00FFB2E5) ... ... OK
 11. Creating a new segment  (00E6AA64-00FE17B0) ... ... OK
     Deleting segment        (00FE17B0-00FFB2E5) ...
 11. Creating a new segment  (00FE17B0-00FFB2E5) ... ... OK
     Deleting segment        (00FE17B0-00FFB2E5) ...
 11. Creating a new segment  (00FE17B0-00FFB2E5) ... ... OK
 12. Creating a new segment  (00FFD040-00FFD9D0) ... ... OK
     Deleting segment        (00FFD9D0-0123C824) ...
 12. Creating a new segment  (00FFD9D0-0123C824) ... ... OK
 13. Creating a new segment  (00FFD9D0-00FFD9D4) ... ... OK
     Deleting segment        (00FFD9D4-0123C824) ...
 13. Creating a new segment  (00FFD9D4-0123C824) ... ... OK
 14. Creating a new segment  (00FFD9E0-010B02E8) ... ... OK
 15. Creating a new segment  (010B02E8-0123C824) ... ... OK
 16. Creating a new segment  (010B0418-010C1FF4) ... ... OK
 17. Creating a new segment  (010C1FF4-0123C824) ... ... OK
 18. Creating a new segment  (010C2000-01128C68) ... ... OK
 19. Creating a new segment  (01128C68-0123C824) ... ... OK
 20. Creating a new segment  (01128C80-0123C824) ... ... OK
 21. Creating a new segment  (0123C824-0123C825) ... ... OK
 22. Creating a new segment  (0123C830-0123CCC4) ... ... OK
 23. Creating a new segment  (0123CCC4-0123D20C) ... ... OK
Processing relocations...
DWARF: Looking for GNU DWARF file at "D:\ida\tf2c\2.1.3\server.so.dbg"... no.
DWARF: Looking for GNU DWARF file at "D:\ida\tf2c\2.1.3\.debug\server.so.dbg"... no.
Marking typical code sequences...
Flushing buffers, please wait...ok
File 'D:\ida\tf2c\2.1.3\server.so' has been successfully loaded into the database.
Hex-Rays Decompiler plugin has been loaded (v8.3.0.230608)
  The hotkeys are F5: decompile, Ctrl-F5: decompile all.

  Please check the Edit/Plugins menu for more information.
============================================================
GhIDA Decompiler v0.1
Andrea Marcelli <anmarcel@cisco.com>
Cisco Talos, June 2019
GhIDA Decompiler shortcut key is Ctrl-Alt-D
============================================================
GhIDA:: [!] pygments library is missing
pip2 install pygments
[GhidraDec info]   :    Ghidra Decompiler Plugin version 1.4 registered OK
[GhidraDec info]   :    Ghidra Decompiler Plugin version 1.4 loaded OK
Hex-rays version 8.3.0.230608 has been detected, gooMBA plugin ready to use
IDA is analysing the input file...
You may start to explore the input file right now.
---------------------------------------------------------------------------------------------
Python 3.11.5 (tags/v3.11.5:cce6ba9, Aug 24 2023, 14:38:34) [MSC v.1936 64 bit (AMD64)] 
IDAPython 64-bit v7.4.0 final (serial 0) (c) The IDAPython Team <idapython@googlegroups.com>
---------------------------------------------------------------------------------------------
Propagating type information...
Function argument information has been propagated
lumina: applied metadata to 106 functions.
The initial autoanalysis has been finished.
Traceback (most recent call last):
  File "D:/ida/IDA-Scripts/vtable_io.py", line 1206, in main
    read_vtables_linux()
  File "D:/ida/IDA-Scripts/vtable_io.py", line 485, in read_vtables_linux
    tinfo_vmi = getparse("_ZTVN10__cxxabiv121__vmi_class_type_infoE", parse_vmi_tinfo)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "D:/ida/IDA-Scripts/vtable_io.py", line 478, in getparse
    fn(tinfo, xreftinfos)
  File "D:/ida/IDA-Scripts/vtable_io.py", line 430, in parse_vmi_tinfo
    tinfo = get_class_from_ea(tinfotype, xref.frm)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "D:/ida/IDA-Scripts/vtable_io.py", line 337, in get_class_from_ea
    bytestr = idaapi.get_bytes(ea, ctypes.sizeof(classtype))
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "D:\IDA8.3\IDA Pro 8.3 (x86, x86_64)\python\3\ida_bytes.py", line 4322, in get_bytes
    return _ida_bytes.get_bytes(*args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^
OverflowError: in method 'get_bytes', argument 2 of type 'unsigned int'
Please file a bug report with supporting information at https://github.com/Scags/IDA-Scripts/issues
Scags commented 11 months ago

Fixed in latest commit, scripts should work with x86 bins in 64-bit IDA now