Kyle-Kyle
commented
7 months ago This is actually a bug. The stack_gsize parameter in ROP is for this purpose. But somehow it got another hardcoded value. Thank you for pointing it out.
Closed astewart-bah closed 7 months ago
Kyle-Kyle
commented
7 months ago This is actually a bug. The stack_gsize parameter in ROP is for this purpose. But somehow it got another hardcoded value. Thank you for pointing it out.
Kyle-Kyle
commented
7 months ago it is fixed in https://github.com/angr/angrop/pull/106
Description
It looks like angrop discards gadgets that have a stack shift > 0x100 bytes (MAX_PIVOT_BYTES).
In two recent projects, I have found it necessary to jump to a distant portion of the stack. While these gadgets may not be useful for angrop main purpose of automatically building ROP chains, these gadgets are still very valuable for manually selecting stack shifts.
Alternatives
No response
Additional context
No response