search

Vector35 / binaryninja-api

Public API, examples, documentation and issues for Binary Ninja
https://binary.ninja/
MIT License
938 stars 213 forks source link

Rebasing during distraction will halt analysis or cause a crash #6110

Closed romanholidaypancakes closed 1 week ago

romanholidaypancakes commented 1 week ago

Version and Platform (required):

Bug Description: When using rebase to set the base address to 0 during analysis, the analysis will be paused. Even if you click reanalyze again, it will not work and sometimes it will crash.

crash stack

0:004> k
 # Child-SP          RetAddr               Call Site
00 00000053`7b5fe168 00007ffd`8c6265f9     ntdll!NtWaitForMultipleObjects+0x14
01 00000053`7b5fe170 00007ffd`8c6264fe     KERNELBASE!WaitForMultipleObjectsEx+0xe9
02 00000053`7b5fe450 00007ffd`8e6e2797     KERNELBASE!WaitForMultipleObjects+0xe
03 00000053`7b5fe490 00007ffd`8e6e21d6     kernel32!WerpReportFaultInternal+0x587
04 00000053`7b5fe5b0 00007ffd`8c730cfb     kernel32!WerpReportFault+0xbe
05 00000053`7b5fe5f0 00007ffd`8f1b987d     KERNELBASE!UnhandledExceptionFilter+0x3db
06 00000053`7b5fe710 00007ffd`8f19f6a7     ntdll!RtlUserThreadStart$filt$0+0xac
07 00000053`7b5fe750 00007ffd`8f1b51df     ntdll!_C_specific_handler+0x97
08 00000053`7b5fe7c0 00007ffd`8f12e866     ntdll!RtlpExecuteHandlerForException+0xf
09 00000053`7b5fe7f0 00007ffd`8f1b41ce     ntdll!RtlDispatchException+0x286
0a 00000053`7b5fef40 00007ff7`e83aebf4     ntdll!KiUserExceptionDispatch+0x2e
0b 00000053`7b5ff650 00007ff7`e8649500     binaryninja+0x152ebf4
0c 00000053`7b5ff690 00007ff7`e8646ba3     binaryninja+0x17c9500
0d 00000053`7b5ff6c0 00007ff7`e88cd144     binaryninja+0x17c6ba3
0e 00000053`7b5ff720 00007ff7`e8861a8c     binaryninja+0x1a4d144
0f 00000053`7b5ff8c0 00007ff7`e91140ce     binaryninja+0x19e1a8c
10 00000053`7b5ffa00 00007ff7`e8f557d3     binaryninja+0x22940ce
11 00000053`7b5ffa90 00007ff7`e8f501d1     binaryninja+0x20d57d3
12 00000053`7b5ffc10 00007ffd`8ca69333     binaryninja+0x20d01d1
13 00000053`7b5ffc40 00007ffd`8e68257d     ucrtbase!thread_start<unsigned int (__cdecl*)(void *),1>+0x93
14 00000053`7b5ffc70 00007ffd`8f16af28     kernel32!BaseThreadInitThunk+0x1d
15 00000053`7b5ffca0 00000000`00000000     ntdll!RtlUserThreadStart+0x28

Steps To Reproduce: Please provide all steps required to reproduce the behavior:

  1. Drag a binary into bj (I used a windows 32-bit dll) and then reset the base address during analysis
  2. analysis - rebase - 0 image Expected Behavior: Analyzes normally and no longer crashes

Screenshots/Video Recording: na Binary: na Additional Information: na

bpotchik commented 1 week ago

Fixed in 4.2.6408-dev.