Improve vtable handling

Vector35 / binaryninja-api

Public API, examples, documentation and issues for Binary Ninja

https://binary.ninja/

MIT License

888 stars 198 forks source link

Improve vtable handling #5759

Open 0xFDFDFDFD opened 1 month ago

0xFDFDFDFD commented 1 month ago

Version and Platform (required):

Binary Ninja Version: 4.1.5747-dev Personal, 7558ffe9
OS: manjaro
CPU Architecture: x86_64

Bug Description: There are a few improvements which could be made to the handling of vtables.

If I double click a vtable member with only one outgoing data reference it should open the referenced function. Currently it opens the type window instead.
If I click on a vtable member function it should show its callers as code references. At the moment I have to go back to the vtable in the data section to the get the callers.

Steps To Reproduce:

Double click a member of a vtable.
Check xrefs on a member of a vtable

Expected Behavior:

It opens the referenced function
The cross reference view is populated with the callers of the function as code references.

Screenshots:

Double click issue:
Xrefs not propagated

Additional Information: Bndb and exe used. CppTestBinja.zip

emesare commented 1 month ago

This is the expected behavior, navigating to the only outgoing data var reference would hide the actual backing type of the function call from the user, imagine if you double clicked to a function and changed the function type and did not see it reflected in the aforementioned call-site.
I agree that the cross references should populate with the callers through a data var reference.

If you agree with 1 would adjusting this issue to read as "Populate xrefs of a function with callers through data var reference" be alright?

0xFDFDFDFD commented 1 month ago

Hi there thanks for the fast reply! I was playing around a bit to find out exactly what you mean. If I understand you correctly you are worried that the dat_var type is inconsistent with the function type referenced. Isn't that already case? I modified a vtable member and added an additional argument: Caller: call_site Vtable: vtable Called function: called_function

Shouldn't the data_ref type (when in a vtable) and the vtable function type be linked or synchronized anyway?

0xFDFDFDFD commented 1 month ago

Sorry i accidently closed the issue 😅

emesare commented 1 month ago

If I understand you correctly you are worried that the dat_var type is inconsistent with the function type referenced. Isn't that already case?

Sorry yes I made it sound like that wasn't the case, what I am worried will happen is a user will click through to the only referenced function and modify the function type there but not in the actual vtable type. I suppose if we did link the two function types I would be ok with this behavior.

The current behavior forces a user to recognize the distinction between the vtable and any referenced functions.

I don't feel to strongly one way or the other so if this is something people want it could be put behind an option which is disabled by default.

0xFDFDFDFD commented 1 month ago

That would be amazing 👍