Closed realoriginal closed 1 year ago
Thanks! That's a good question.
Maybe that's because the type of the first operand of CallInst
is not Interger, making it can't pass the check at MBAObfuscation.cpp#L48.
I disabled obfuscation to CallInst
because I found there were some problems with it. I simply excluded CallInst
to make the pass work well. I agree that constant parameters of function calls need to be obfuscated as well. I will try to work it out.
I appreciate it !
If I figure it out, I will let you know.
Good Afternoon!
I have a particular use case that oddly MBAObfuscation doesn't fit - I'm working on seeing if I can add it myself, but figured I'd ask here for some insight in case its something I'm missing:
In cases where function calls accept integer parameters that are constant, like say the following function definition:
With a callee say executing
One would expect that either the variable substituion or MBA obfuscation would inherently obfuscate the
0x41424344
value - However, even with theisa<CallInst>(I)
enabled - IT oddly still misses it. Is there any particular reason for this?