not able to get function in new version of angr.

cq674350529 / deflat

use angr to deobfuscation

578 stars 113 forks source link

not able to get function in new version of angr. #12

Closed aynakeya closed 2 weeks ago

aynakeya commented 3 months ago

I'm currently using angr version 9.2.106 in my environment. I'm encountering an issue where the target_function is returning None when excuting the following code:

target_function = cfg.functions.get(start)

I found that this issue can be resolved by replacing the above code with:

target_function = cfg.kb.functions.get_by_addr(project.loader.main_object.mapped_base + start)

cq674350529 commented 3 months ago

Hi @aynakeya, thanks for your feedback. I did't try with the latest angr version. According to your description, it seemed that the binary you tested has PIE enabled. Of course, the angr api may has also changed.

I will update the code to take this into account. Thanks again.

aynakeya commented 3 months ago

thank you for your feedback. You were right; my binary does have PIE enabled. I didn’t realize it was a PIE-related problem at the time :(

Additionally, I forgot to mention another modification needed to make the program work with PIE. Without this modification, the prologue address will not match.

    if prologue_node is None or prologue_node.addr != (start + base_addr):
        print("Something must be wrong...")
        sys.exit(-1)