search

rizinorg / rizin

UNIX-like reverse engineering framework and command-line toolset.
https://rizin.re
GNU Lesser General Public License v3.0
2.66k stars 357 forks source link

RzType: allow to load sdb file also for functions of a particular language #2844

Open ret2libc opened 2 years ago

ret2libc commented 2 years ago

Is your feature request related to a problem? Please describe. See https://github.com/rizinorg/cutter/issues/2911#issuecomment-1195066507 . Some languages may have some functions that are no-return. We may want to provide definitions for those functions and load them only when the binary is detected for a particular language.

Describe the solution you'd like rz_type_db_init should load some pre-defined files also based on the language of the binary.

Describe alternatives you've considered An alternative could just be to have those functions duplicated in functions-linux, functions-macos, etc. and load them unconditionally, no matter whether the binary is of a particular language or not.

Additional context See https://github.com/rizinorg/cutter/issues/2911

CAFxX commented 2 years ago

rz_type_db_init should load some pre-defined files also based on the language of the binary.

Just a small note: a single binary can contain code compiled from different languages (even, as in the case of https://github.com/rizinorg/cutter/issues/2911, for Go), so the general solution would be to guess which language(s) were used to produce the binary and include the definitions for all of them.

At the same time, perfect is the enemy of good... so starting even just with the definitions for a single language may be good enough.

ret2libc commented 2 years ago

True.

The alternative I considered above is to just define these functions in the generic functions-linux.sdb, functions-macos.sdb, etc., however this solution has the problem that some functions might be wrongly analyzed in some cases (e.g. if a binary has a runtime.panicIndex function).

On the other hand, I am now thinking that these functions which are defined in functions-X.sdb do not have any indication of whether they are imported or not and where they are imported from (e.g. libc, libX, etc.).

Also, in the particular case of golang and other statically typed programs/languages, stuff like FLIRT might be better to identify these functions.

@wargio @XVilka @thestr4ng3r opinions?