search

airbus-seclab / bincat

Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection
1.66k stars 159 forks source link

Why c2newspeak always raise 'exception NpkParser.MenhirBasics.Error'? #105

Closed e3pem closed 2 years ago

e3pem commented 4 years ago

When I use bincat to analysis some binary(arm/x86) on IDA7.0, the c2newspeak raise an error exception NpkParser.MenhirBasics.Error.

Output window: 

INFO:bincat.gui:Launching the analyzer
INFO:bincat.plugin:Current analyzer path: c:\users\yl\appdata\local\temp\tmpevtypbbincat
INFO:bincat.plugin.npkgen:Generating TNPK file in c:\users\yl\appdata\local\temp\tmpb2n_gwbincat-generate-header
failed to add structure type 'stat': name is already used
ERROR:bincat.plugin.npkgen:Error encountered while running c2newspeak.
--- start of c2newspeak output ---
Fatal error: exception NpkParser.MenhirBasics.Error

--- end of c2newspeak output ---
Traceback (most recent call last):
  File "C:/Users/yl/AppData/Roaming/Hex-Rays/IDA Pro/plugins\idabincat\npkgen.py", line 135, in generate_tnpk
    "pre-processed.c"], stderr=subprocess.STDOUT)
  File "C:\python27-x64\Lib\subprocess.py", line 219, in check_output
    raise CalledProcessError(retcode, cmd, output=output)
CalledProcessError: Command '['c2newspeak', '--typed-npk', '-o', 'c:\\users\\yl\\appdata\\local\\temp\\tmpb2n_gwbincat-generate-header\\pre-processed.no', 'pre-processed.c']' returned non-zero exit status 2
...
trou commented 4 years ago

Sorry we didn't reply earlier, we'll investigate.

tonybounty commented 4 years ago

I have the same problem on Windows 10 1909, IDA PRO 7.4 191112, with python 3.7.6, gcc 9.3 (MSYS)

Note: I didn't found any release for python3, so I replaced all *.py from original asset (bincat-win64-bin-v1.1.zip) with those of Python3 repo branch.

------------------------------------------------------------------------------------------
Python 3.7.6 (tags/v3.7.6:43364a7ae0, Dec 19 2019, 00:42:30) [MSC v.1916 64 bit (AMD64)] 
IDAPython v7.4.0 final (serial 0) (c) The IDAPython Team <idapython@googlegroups.com>
------------------------------------------------------------------------------------------
Using FLIRT signature: Microsoft VisualC 14/net runtime
Using FLIRT signature: Microsoft VisualC universal runtime
Propagating type information...
Function argument information has been propagated
lumina: applied metadata to 0 functions.
The initial autoanalysis has been finished.
WARNING:bincat.gui.pluginoptions:IDAUSR not defined, using C:\Users\XXX\AppData\Roaming\Hex-Rays\IDA Pro
INFO:bincat.plugin:IDABinCAT ready.
INFO:bincat.gui:Launching the analyzer
WARNING:bincat.gui:This file format is not natively supported byBinCAT, you should probably remap the binary.
INFO:bincat.plugin:Current analyzer path: C:\Users\XXX\AppData\Local\Temp\tmprsyhargcbincat
__vc_attributes::event_receiverAttribute::type_e: failed to add constant native=0 (0x0)
__vc_attributes::event_receiverAttribute::type_e: failed to add constant com=1 (0x1)
__vc_attributes::event_receiverAttribute::type_e: failed to add constant managed=2 (0x2)
__vc_attributes::moduleAttribute::type_e: failed to add constant dll=1 (0x1)
__vc_attributes::moduleAttribute::type_e: failed to add constant exe=2 (0x2)
__vc_attributes::moduleAttribute::type_e: failed to add constant service=3 (0x3)
__vc_attributes::moduleAttribute::type_e: failed to add constant unspecified=4 (0x4)
__vc_attributes::moduleAttribute::type_e: failed to add constant EXE=2 (0x2)
__vc_attributes::moduleAttribute::type_e: failed to add constant SERVICE=3 (0x3)
DISPLAYCONFIG_SCANLINE_ORDERING: failed to add constant DISPLAYCONFIG_SCANLINE_ORDERING_UNSPECIFIED=0 (0x0)
DISPLAYCONFIG_SCANLINE_ORDERING: failed to add constant DISPLAYCONFIG_SCANLINE_ORDERING_PROGRESSIVE=1 (0x1)
DISPLAYCONFIG_SCANLINE_ORDERING: failed to add constant DISPLAYCONFIG_SCANLINE_ORDERING_INTERLACED=2 (0x2)
DISPLAYCONFIG_SCANLINE_ORDERING: failed to add constant DISPLAYCONFIG_SCANLINE_ORDERING_INTERLACED_UPPERFIELDFIRST=2 (0x2)
DISPLAYCONFIG_SCANLINE_ORDERING: failed to add constant DISPLAYCONFIG_SCANLINE_ORDERING_INTERLACED_LOWERFIELDFIRST=3 (0x3)
DISPLAYCONFIG_SCANLINE_ORDERING: failed to add constant DISPLAYCONFIG_SCANLINE_ORDERING_FORCE_UINT32=-1 (0xFFFFFFFFFFFFFFFF)
__vcrt_va_list_is_reference<__crt_locale_pointers *>::<unnamed_enum___the_value>: failed to add constant __the_value=0 (0x0)
__vcrt_va_list_is_reference<wchar_t const *>::<unnamed_enum___the_value>: failed to add constant __the_value=0 (0x0)
__vcrt_va_list_is_reference<wchar_t const * const>::<unnamed_enum___the_value>: failed to add constant __the_value=0 (0x0)
__vcrt_va_list_is_reference<__crt_locale_pointers * const>::<unnamed_enum___the_value>: failed to add constant __the_value=0 (0x0)
_IMAGE_SECTION_HEADER.Misc: could not convert typeinfo
ERROR:bincat.plugin.npkgen:Error encountered while running c2newspeak.
--- start of c2newspeak output ---
b'Fatal error: exception NpkParser.MenhirBasics.Error\r\n'
--- end of c2newspeak output ---
Traceback (most recent call last):
  File "C:/Users/XXX/AppData/Roaming/Hex-Rays/IDA Pro/plugins\idabincat\npkgen.py", line 136, in generate_tnpk
    "pre-processed.c"], stderr=subprocess.STDOUT)
  File "C:\Users\XXX\AppData\Local\Programs\Python\Python37\Lib\subprocess.py", line 411, in check_output
    **kwargs).stdout
  File "C:\Users\XXX\AppData\Local\Programs\Python\Python37\Lib\subprocess.py", line 512, in run
    output=stdout, stderr=stderr)
subprocess.CalledProcessError: Command '['c2newspeak', '--typed-npk', '-o', 'C:\\Users\\XXX\\AppData\\Local\\Temp\\tmpbzs1xhfrbincat-generate-header\\pre-processed.no', 'pre-processed.c']' returned non-zero exit status 2.
WARNING:bincat.plugin:Could not compile header file, types from IDB will not be used for type propagation
WARNING:bincat.plugin:.no file containing type data for the file being analyzed could not be generated, continuing. The ida-generated header could be invalid.
INFO:bincat.plugin:Analyzer: starting process
INFO:bincat.plugin:Analyzer started.
INFO:bincat.plugin:Analyzer process finished
ERROR:bincat.plugin:analyzer returned exit code=2
INFO:bincat.plugin:---- stdout ----------------
INFO:bincat.plugin:b'BinCAT v1.1-dirty\r\n'
INFO:bincat.plugin:---- stderr ----------------
INFO:bincat.plugin:b'EXCEPTION: Exceptions.Error("Syntax error near location (24, 9) of C:\\\\Users\\\\XXX\\\\AppData\\\\Local\\\\Temp\\\\tmprsyhargcbincat\\\\init.ini")\r\nCheck log file for details [C:\\Users\\XXX\\AppData\\Local\\Temp\\tmprsyhargcbincat\\analyzer.log]\r\n'
INFO:bincat.plugin:---- logfile ---------------
INFO:bincat.plugin:[INFO]  main: BinCAT version v1.1-dirty
INFO:bincat.plugin:[ABORT] main: Syntax error near location (24, 9) of C:\Users\XXX\AppData\Local\Temp\tmprsyhargcbincat\init.ini
INFO:bincat.plugin:Raised by primitive operation at file "utils/log.ml", line 157, characters 41-69
INFO:bincat.plugin:Called from file "main.ml", line 64, characters 8-105
INFO:bincat.plugin:Called from file "bincat.ml", line 42, characters 7-49
INFO:bincat.plugin:[EXCEPTION] main: Exception caught in main loop
INFO:bincat.plugin:Exceptions.Error("Syntax error near location (24, 9) of C:\\Users\\XXX\\AppData\\Local\\Temp\\tmprsyhargcbincat\\init.ini")
INFO:bincat.plugin:Raised at file "utils/log.ml", line 160, characters 4-32
INFO:bincat.plugin:Called from file "main.ml", line 64, characters 8-105
INFO:bincat.plugin:[STOP] nothing analyzed
INFO:bincat.plugin:====== end of logfile ======
ERROR:bincat.plugin:Could not parse result file
trou commented 2 years ago

The problem was that c2newspeak encountered a parsing error, but did not give any information about it. The output is now much clearer:

--- start of c2newspeak output ---
Fatal error: pre-processed.c:213#0: syntax error: unexpected token: __sighandler_t, rewrite your code