search

pspdev / psp-ghidra-scripts

Scripts for use with the Ghidra Reverse Engineering Suite
Apache License 2.0
36 stars 6 forks source link

Analysis failed for Final Fantasy III (US) #11

Closed SylvieWrath closed 3 years ago

SylvieWrath commented 3 years ago

image TitleID: NPUH10125 Known to happen in Ghidra 10.0.2. Using kotcrab's allegrex plugin with a base image address of 08804000, i get two types of errors.

The first error happens when i run the script on the decrypted ROM with the Allegrex plugin.

The second error happens when i run the script after manually including the directory with "xmlreader.py" in the Script Manager's Directories.

John-K commented 3 years ago

I don't get this error, I'm using Windows 10 and the following: Ghidra 10.0.2 jdk-11.0.12+7 (64-bit, Windows) ghidra-allegrex 1.4 psp-ghidra-scripts master branch image

SylvieWrath commented 3 years ago

Did you set the Image Base offset to be 08804000?

John-K commented 3 years ago

Aha, I missed that part. I was able to reproduce when setting the Image Base offset to 08804000

Could not find .rodata.sceModuleInfo section, calculating its location from ELF Program Headers
Traceback (most recent call last):
  File "C:\Users\john\ghidra_scripts\psp-ghidra-scripts-master\SonyPSPResolveNIDs.py", line 369, in <module>
    main()
  File "C:\Users\john\ghidra_scripts\psp-ghidra-scripts-master\SonyPSPResolveNIDs.py", line 350, in main
    sceModuleInfo = findAndLoadModuleInfoStruct()
  File "C:\Users\john\ghidra_scripts\psp-ghidra-scripts-master\SonyPSPResolveNIDs.py", line 328, in findAndLoadModuleInfoStruct
    currentProgram.getListing().createData(sceModuleInfo_addr, sceModuleInfo_t)
    at ghidra.program.database.code.CodeManager.checkValidAddressRange(CodeManager.java:1937)
    at ghidra.program.database.code.CodeManager.createCodeUnit(CodeManager.java:2051)
    at ghidra.program.database.ListingDB.createData(ListingDB.java:422)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
ghidra.program.model.util.CodeUnitInsertionException: ghidra.program.model.util.CodeUnitInsertionException: Insufficent memory at address 001bd9e8 (length: 52 bytes)
SonyPSPResolveNIDs.py> Finished!

Looks like we aren't accounting for the base address properly in findAndLoadModuleInfoStruct - I'll investigate soon

John-K commented 3 years ago

@SylvieWrath can you check that the code I just pushed to master fixes the issue for you?

The issue was that I was querying the imageBase as specified in the ELF file, instead of the current imageBase of the loaded program in Ghidra.