Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Analysis not updated after patching bytes in the hex view or linear view #6272

Open
xusheng6 opened this issue Dec 23, 2024 · 1 comment
Open
Assignees
Labels
Component: Core Issue needs changes to the core Effort: Low Issue should take < 1 week Impact: Low Issue is a papercut or has a good, supported workaround Type: Bug Issue is a non-crashing bug with repro steps
Milestone

Comments

@xusheng6
Copy link
Member

  1. Open helloworld.zip
  2. Go to 0x11f0
  3. Switch to hex view
  4. Patch the bytes at 0x11f0 to 0xc3
  5. Switch back to linear view
  6. Notice the disassmelby of the instruciton is updated to ret, but the CFG of the function is not yet updated
    Screenshot 2024-12-23 at 1 23 14 PM
  7. Manually re-analyze the function, and notice the CFG is correctly updated:
    Screenshot 2024-12-23 at 1 24 10 PM

My suspect is we are not triggering a full analysis on the function (which will re-calculate the CFG)

@xusheng6 xusheng6 added this to the Gallifrey milestone Dec 23, 2024
@xusheng6 xusheng6 self-assigned this Dec 23, 2024
@xusheng6 xusheng6 added Type: Bug Issue is a non-crashing bug with repro steps Component: Core Issue needs changes to the core Impact: Low Issue is a papercut or has a good, supported workaround Effort: Low Issue should take < 1 week labels Dec 23, 2024
@xusheng6 xusheng6 changed the title Patching the bytes of a function does not trigger a full re-analysis of the function Analysis not updated after patching bytes in the hex view Dec 24, 2024
@xusheng6
Copy link
Member Author

xusheng6 commented Dec 24, 2024

I looked into this and realized that we are indeed properly marking the function as update required when the memory bytes change, but the analysis is never updated. I checked current_function.needs_update returns True after the patch

This also affects the linear view -- e.g., the analysis is NOT updated after pasting a few bytes

Note this does not affect instruction patching (e.g., by using the E and then edit the instruction text) -- apparently that code path updates the analysis properly

@xusheng6 xusheng6 changed the title Analysis not updated after patching bytes in the hex view Analysis not updated after patching bytes in the hex view or linear view Dec 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Component: Core Issue needs changes to the core Effort: Low Issue should take < 1 week Impact: Low Issue is a papercut or has a good, supported workaround Type: Bug Issue is a non-crashing bug with repro steps
Projects
None yet
Development

No branches or pull requests

1 participant