search

rizinorg / rizin

UNIX-like reverse engineering framework and command-line toolset.
https://rizin.re
GNU Lesser General Public License v3.0
2.72k stars 363 forks source link

ESIL emulation failed when hit reloc functions #1197

Open Heersin opened 3 years ago

Heersin commented 3 years ago

Work environment

Questions Answers
OS/arch/bits (mandatory) Linux
File format of the file you reverse (mandatory) ELF
Architecture/bits of the file (mandatory) x86/64 etc.
rizin -v full output, not truncated (mandatory) rizin 0.2.0-git @ linux-x86-64, package: 0.2.0.1 (ret2libc) commit: c875be9afde5a6eed037249854b8a8759517263c, build: 2021-01-26__18:17:13

Expected behavior

emulate the strlen

Actual behavior

get stuck

Steps to reproduce the behavior

  1. Download the binary in the additional section below.
  2. open it with rizin : rizin count_len
  3. seek and analysis : s main, aa
  4. init the VM : aei aeim ...
  5. enter Visual Mode V and emulate with s

Additional Logs, screenshots, source code, configuration dump, ...

  1. the source 
    
#include <string.h>

int main() { char *test = "hello world"; int len = strlen(test); return 0; }


[count_len.bin.tar.gz](https://github.com/rizinorg/rizin/files/6608783/count_len.bin.tar.gz)

2. trace
- main function
![image](https://user-images.githubusercontent.com/56885667/121015894-1685f400-c7ce-11eb-9072-917bfb8bcaba.png)

- call sym.imp.strlen
![image](https://user-images.githubusercontent.com/56885667/121016012-3b7a6700-c7ce-11eb-8f94-3277702e0e31.png)

- then finally get lost
![image](https://user-images.githubusercontent.com/56885667/121016461-bc396300-c7ce-11eb-8c85-1184b8441017.png)
XVilka commented 10 months ago

Blocked until ESIL->RzIL conversion is complete https://github.com/rizinorg/rizin/issues/2080

XVilka commented 4 days ago

Should be fixed for RzIL once the conversion is complete during the 0.9.0 release cycle.