Radare2: Wrong analysis

Created on 25 Mar 2019  路  8Comments  路  Source: radareorg/radare2

reported by @oddcoder

aaa
s 0x4901
v 

Screenshot 2019-03-25 at 12 40 03

ls.oddcoder.zip

IMPORTANT RAnal bug

All 8 comments

i think the problem is taht the bb is owned by anotehr function so it considers its an external jump. the fix requires more time than -38minutes. moving to 3.5

This seems the commit that introduces the issue: a404c7706366689f089cd30ea9d6cd4bde2560f5

BTW, with the binary I have for testing, even IDA free (7.1) has the same exact issue :D

MUAHAH that's why i introduce bugs in r2 sometimes :P to spot the copycats!

What I found so far: it seems the problem is caused by a wrong jmptable size. The analysis to find out the size of the table is not very precise and it can confuse some immediate numbers for the size of the jmp table. This, in turn, makes the analysis analyze some mis-aligned instructions, breaking everything :/

i fixed it

maybe good to add a test

test added

Was this page helpful?
0 / 5 - 0 ratings