search

Vector35 / binaryninja-api

Public API, examples, documentation and issues for Binary Ninja
https://binary.ninja/
MIT License
896 stars 200 forks source link

Thumb2 functions in ARM binaries #710

Closed resrever closed 7 years ago

resrever commented 7 years ago

In basicblock.py, BasicBlock.iter should use self.arch instead of self.view.arch since the basic block may be in a different architecture (e.g. thumb2).

Also, BinaryView.get_function_at only returns functions at an address if it happens to match the BinaryView.platform. If the binary is ARM and the function is thumb2, then BinaryView.get_function_at will return None. It might be cleaner to try to return the matching arch first and then fall back to returning the first alternative arch:

        if plat is None:
            plat = self.platform
        func = core.BNGetAnalysisFunction(self.handle, plat.handle, addr)
        if func is None: # New code 
               funcs = self.get_functions_at(addr)
               if funcs:
                       return funcs[0]
        if func is None:
            return None
        return function.Function(self, func)

My current workaround is to use BinaryView.get_functions_at(addr)[0].

joshwatson commented 7 years ago

The ordering of self.get_functions_at may not be guaranteed, depending on how it is implemented on the backend. I think it's better for get_function_at to only return a function for the default platform, and put the onus of checking for alternative platforms on the developer.

plafosse commented 7 years ago

Fixed the basic block iterator as of build 847.

As for the other issue I agree with josh, you should be passing the platform to get_funciton_at if need be or using the get_functions_at api.