cblichmann
commented
8 years ago Confirmed, see attached text dump file sub_bug.txt, line 195:
004004FA sub rsp, b4 0This behavior is also in zynamics_binexport_8.
Closed grotrek closed 8 years ago
cblichmann
commented
8 years ago Confirmed, see attached text dump file sub_bug.txt, line 195:
004004FA sub rsp, b4 0This behavior is also in zynamics_binexport_8.
cblichmann
commented
8 years ago Fixed in 626e803. The code in ida/metapc.cc's HandleImmediate() relied on undefined behavior when undoing IDA's sign extension.
For example: There is instruction in IDA "sub rsp, 0F8h" with opcode "48 81 EC F8 00 00 00", but after export to Binnavi it converts to "sub qword rsp, 0h" example of idb file, source and binary attached: sub_bug.zip
This instruction is in function "test" with address 004004FA