search

Vector35 / binaryninja-api

Public API, examples, documentation and issues for Binary Ninja
https://binary.ninja/
MIT License
920 stars 207 forks source link

Deconflicted DebugInfo types have bad references #5060

Closed CouleeApps closed 8 months ago

CouleeApps commented 8 months ago

Version and Platform (required):

Bug Description: When loading a PDB, types whose name conflict with a type in the existing view have _DebugInfo appended to their name so they do not conflict. Unfortunately, when this happens, any references other types in the PDB make to that type are not updated to point to the updated name. This leads to _KPCR_DebugInfo referencing _KPRCB instead of _KPRCB_DebugInfo and structure members looking strange.

Steps To Reproduce:

  1. Open ntoskrnl.exe from a recent windows
  2. Find the type _KPCR_DebugInfo
  3. Observe it references _KPRCB and not _KPRCB_DebugInfo and has like 0x8eff bytes of extra padding at the end

Expected Behavior: I expected renamed types to be referenced correctly by other types from the pdb.

Screenshots:

image

Additional Information: Possibly due to the types already referencing the bv type before rename happens and thus the NTRs are broken already

plafosse commented 8 months ago

Fixed in 4.0. 4898 Unfortunately due to time constraints in 4.0 release I'm reverting the changes that were made for type deconfliction to fix this issue. I created this new issue to track the resolution: #5083