-
Notifications
You must be signed in to change notification settings - Fork 117
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Some mips64 binaries have ELFCLASS32 #76
Comments
As far as I can tell, those instructions are only valid in MIPS64. This is what VEX seems to expect, and this is what the MIPS instruction reference seems to tell me. |
Indeed when i try it with I've added a file where this happens.
Returns
I get:
|
This is...... horrifying. This binary is not in fact 32 bit but is 100% a mips64 binary. It's easy to tell this because all the addresses are 8-aligned instead of just 4-aligned, and it definitely expects the registers to be 8 bytes wide. Furthermore, The best solution I can come up with is modifying |
Right. I don't want to name names, but the filename gives some hints as to the origin of the file o_0. From what i gather, this is actually an "issue" in |
Probably. I took a look at what it would take to fix and it's very scary - the "architecture" of the binary is used in several places to load elfclass-sized pieces or data, often implicitly, via clemory.read_addr_at. The fix would probably be adding a separate field for the elf wordsize and changing all those references to use that, and then adding a clause near where we look into the elf flags to determine the ARM and PPC abi weirdnesses and add a special case for this kind of binary, such that we set the arch correctly. We might also have to patch the "compatibility" checks in a couple of places to make sure that it's not seeing the 64 bit arch and assuming this binary can't link with 32 bit binaries. |
(I have entirely too much stuff on my plate to do this patch myself, so this one is on your or any other contributor who wants to give it a shot) |
Another probably related error (comes from the same kind of weird files):
when trying to translate:
Bytes:
Arch: <Arch MIPS64 (BE)> Originated from: |
ok that one was weird. there were actually two bugs, one in pyvex, one in vex, intersecting very weirdly. The bug in pyvex was that we were claiming that our emulated mips cpu was baseline, which was causing MIPS to mark your |
This issue has been marked as |
irsb = pyvex.IRSB('\xdf\xbf\x00\x18\xdf\xbc\x00\x10\xdf\xb1\x00\x08\xdf\xb0\x00\x00', 0x5193c, archinfo.ArchMIPS32('Iend_BE'), opt_level=0)
gives:
The bytes should be:
(ODA confirms)
The text was updated successfully, but these errors were encountered: