eliott/ghidra
1
0
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra.git synced 2026-04-25 17:25:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

GP-6742 fix gccexception analyzer's absolute pointer calc logic

Browse Source 
Binaries imported with modified image base would have incorrect pointers
to code from CIE/FDE entries.
Side effects would cause invalid function entry points to be placed,
which could trigger other undesirable downstream behavior.

Found in github issue #9131
This commit is contained in:
dev747368
2026-04-23 13:40:44 +00:00
committed by Ryan Kurtz
parent 2d416f1071
commit caad51a604
2 changed files with 23 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Ghidra/Features/Base/src/main/java/ghidra/app/plugin/exceptionhandlers/gcc/AbstractDwarfEHDecoder.java
View File

@@ -4,9 +4,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*
* http://www.apache.org/licenses/LICENSE-2.0
*
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -263,7 +263,8 @@ abstract class AbstractDwarfEHDecoder implements DwarfEHDecoder {
switch (appMode) {
case DW_EH_PE_absptr:
// just pass this through
// adjust abs ptr for any changes to imagebase during import
val = context.getImageBaseAdjustment() + val;
break;
case DW_EH_PE_aligned:

45
Ghidra/Features/Base/src/main/java/ghidra/app/plugin/exceptionhandlers/gcc/DwarfDecodeContext.java
View File

@@ -4,9 +4,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*
* http://www.apache.org/licenses/LICENSE-2.0
*
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -15,10 +15,10 @@
*/
package ghidra.app.plugin.exceptionhandlers.gcc;
import ghidra.app.util.opinion.ElfLoader;
import ghidra.program.model.address.Address;
import ghidra.program.model.listing.Function;
import ghidra.program.model.listing.Program;
import ghidra.program.model.mem.MemBuffer;
import ghidra.program.model.mem.MemoryBlock;
/**
@@ -30,10 +30,10 @@ public class DwarfDecodeContext {
private final Address addr;
private final MemoryBlock ehBlock;
private final Address functionEntryPoint;
private final long imageBaseAdjustment;
private Object decodedValue;
private int encodedLength;
private MemBuffer buffer;
/**
* Constructs a Dwarf decode context.
@@ -95,31 +95,16 @@ public class DwarfDecodeContext {
this.addr = readAddr;
this.ehBlock = ehBlock;
this.functionEntryPoint = entryPoint;
this.imageBaseAdjustment = getImageBaseAdjustment(program);
}
/**
* Constructs a Dwarf decode context.
* @param buffer the memory buffer which provides the program and address of the encoded data
* @param length the length of the encoded data
*/
public DwarfDecodeContext(MemBuffer buffer, int length) {
this(buffer, length, null, null);
}
/**
* Constructs a Dwarf decode context.
* @param buf the memory buffer which provides the program and address of the encoded data
* @param length the length of the encoded data
* @param ehBlock the exception handling memory block
* @param entryPoint the function entry point
*/
public DwarfDecodeContext(MemBuffer buf, int length, MemoryBlock ehBlock, Address entryPoint) {
this.buffer = buf;
this.program = buffer.getMemory().getProgram();
this.addr = buffer.getAddress();
this.ehBlock = ehBlock;
this.functionEntryPoint = entryPoint;
private static long getImageBaseAdjustment(Program program) {
Long originalImageBase = ElfLoader.getElfOriginalImageBase(program);
if (originalImageBase != null) {
return program.getImageBase().getOffset() - originalImageBase;
}
return 0;
}
/**
@@ -180,4 +165,12 @@ public class DwarfDecodeContext {
public Address getFunctionEntryPoint() {
return functionEntryPoint;
}
/**
* {@return any adjustment needed to be applied to absolute addresses (because the program's
* base address was modified during import)}
*/
public long getImageBaseAdjustment() {
return imageBaseAdjustment;
}
}