search

Vector35 / binaryninja-api

Public API, examples, documentation and issues for Binary Ninja
https://binary.ninja/
MIT License
900 stars 204 forks source link

binja enforce the usage of the return value, although it was discarded #4509

Closed nitrogar closed 1 year ago

nitrogar commented 1 year ago

Version and Platform (required):

Bug Description: while reversing windows x86 binary i noticed that, binja enforce the usage of return value as shown in the pictures below

binja_fail binja_fail_2 binja_fail3

eax was discarded but binja enforce it which corrupt the rest of the analysis.

Expected Behavior: after NOPing the function call, the analysis become correct as shown. binja_correct

Additional Information: Sorry i cant provide the binary ;)

xusheng6 commented 1 year ago

Related to https://github.com/Vector35/binaryninja-api/issues/4511.

The problem is BN thinks the function memcpy uses register ebp as its return value, which is wrong. Can you try unchekcing the ebp checkbox in the Cloberred Registers list in the Edit Function Properties dialog of the memcpy function?

nitrogar commented 1 year ago

thanks, after removing ebp from the clobbered registers the analysis was corrected.