Fix eBPF exit instruction

angr / angr-platforms

A collection of extensions to angr to handle new platforms

http://angr.io/

BSD 2-Clause "Simplified" License

66 stars 37 forks source link

Open xxr0ss opened 7 months ago

xxr0ss commented 7 months ago

exit means "return" according to Jump instructions

code	value	src	description	notes
BPF_EXIT	0x9	0x0	return	BPF_JMP only

A BPF_EXIT within the program-local function will return to the caller.

xxr0ss commented 7 months ago

oh, I think I need to figure out the calculation of return address before this change