Closed Amit-Oha closed 1 year ago
Hi! Thanks for the pull request, I will review it and launch the testing suite, see how it works with multiple different architectures and merge if everything goes ok. Thank you!
Thank you, looking forward for your feedback!
Hello, The git pull request is about fixing a problem with certain functions from a library not being recognized as matches even though they are almost identical. I have discovered that the logic of which of the instruction's bytes to preserve for "Hash Bytes" heuristic was incorrect, mainly due to an incorrect use of the
offb
member of theop_t
class - which gives the offset of the operand in the instruction, not its size. In addition, I propose to make the "Bytes Hash" heuristic more accurate by using another method to recognize instructions that require special handling: rather than relying solely on the operand's type, we can use theCodeRefsFrom
andDataRefsFrom
functions to recognize the relevant instructions. Additionally, I suggests a different handling for a sanity check failure on theget_bytes
call rather than skipping the entire iteration, as this call is only used for the "Bytes Hash" heuristic and the iteration for other heuristics can continue even if it fails.The changes made in the pull request are:
get_bytes
call.