cq674350529
commented
3 years ago Thanks for your feedback. Can you provide your script and binary for me to reproduce easily?
Open huangshichao opened 3 years ago
cq674350529
commented
3 years ago Thanks for your feedback. Can you provide your script and binary for me to reproduce easily?
huangshichao
commented
3 years ago thanks for your reply. attachment .zip
all the function can be deflated except the trace function(which address is 0x4018B0). I guess "free function" may affect so that the out-degree-counting and brach-counting results wrong.
cq674350529
commented
3 years ago Hi, I had a quick look at it. For a temp fix, you can change the following line to: if supergraph.out_degree(node) == 0:.
The retn_node calls another two functions, which breaks the condition len(node.out_branches) == 0.
.text:0000000000401CC5
.text:0000000000401CC5 loc_401CC5:
.text:0000000000401CC5 mov rdi, offset aGameOver ; "game over"
.text:0000000000401CCF mov al, 0
.text:0000000000401CD1 call _printf
.text:0000000000401CD6 mov edi, 1 ; status
.text:0000000000401CDB mov [rbp+var_98], eax
.text:0000000000401CE1 call _exitI'll check it later why I added an additional condition, maybe for some corner cases.
huangshichao
commented
3 years ago Thanks a lot!
By reviewing IDA, the function actually ends here. Check the attached picture.
it is clear to see that this block has no branches or out degree.
I got these error when ruuning with deflat.py:"local variable 'retn_node' referenced before assignment". I check the script and find out when the function has no "return code"( no matching condition for if supergraph.out_degree(node) == 0 and len(node.out_branches) == 0), the function cannot work.