Pointer text token in MLIL+ occasionally lose their '0x' prefix

Vector35 / binaryninja-api

Public API, examples, documentation and issues for Binary Ninja

https://binary.ninja/

MIT License

899 stars 203 forks source link

Pointer text token in MLIL+ occasionally lose their '0x' prefix #4517

Closed jonpalmisc closed 1 year ago

jonpalmisc commented 1 year ago

As you can see, the integer literals in HLIL on the left are missing the '0x' prefix that they have in the disassembly on the right.

Originally, I suspected that integer literals might be limited to 16 characters by the call to sprintf when formatting them, but that's not the case and you can see inside of the if statement in the screenshot that isn't the case.

Furthermore, it seems like changing the type of the ptr argument from void* causes the token inside of the call to swift_bridgeObjectRelease to render correctly, but not the other pictured tokens starting with d0.

xusheng6 commented 1 year ago

@jonpalmisc Could you please share a binary that reproduces this?

jonpalmisc commented 1 year ago

Here's the binary. Navigate to 1000071ac and set the type for _swift_bridgeObjectRelease to void _swift_bridgeObjectRelease(void *). You should then be able to observe the bug.

lockdownmoded.not.a.txt

jonpalmisc commented 1 year ago

You should also be able to observe this when changing the type of x0_15 (set in each switch case) to void *.

xusheng6 commented 1 year ago

Here's the binary. Navigate to 1000071ac and set the type for _swift_bridgeObjectRelease to void _swift_bridgeObjectRelease(void *). You should then be able to observe the bug.

lockdownmoded.not.a.txt

thx, I will have a look!

xusheng6 commented 1 year ago

I can reproduce this. This should be a relatively easy fix