search

Vector35 / binaryninja-api

Public API, examples, documentation and issues for Binary Ninja
https://binary.ninja/
MIT License
838 stars 195 forks source link

Stack Cookie Code Should Be Able To Hidden In Decompiler #3290

Open op2786 opened 1 year ago

op2786 commented 1 year ago

If we reverse engineered a PE that have stack cookie protection, some functions have a code fragment that belongs to stack cookie protection like this in the beginning of the function:

18000168e      void var_248
18000168e      int64_t rax_1 = data_180023000 ^ &var_248

And of course there is another code fragment that calls to __security_check_cookie function at the bottom of the function.

I guess that code fragments making decompiler output a little bit dirty. Most of the time we don't care about that code fragment. It would be nice to have an option to hide them.

psifertex commented 1 year ago

This has been discussed and is absolutely on the plan for the current stable release. I think there's another issue tracking it but in the meantime I'll take this and if we find the other issue it's a duplicate of we'll clear it up later.