Merge pull request #94 from binarly-io/bugfixes

fix issues missed during ida90 port and refactoring
binarly-io · Oct 7, 2024 · 55ff835 · 55ff835
2 parents 6fde36f + 73e8b8e
commit 55ff835
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 24 deletions.
diff --git a/efiXplorer/efi_analysis_arm.cc b/efiXplorer/efi_analysis_arm.cc
@@ -61,8 +61,9 @@ void efi_analysis::efi_analyser_arm_t::initial_analysis() {
     efi_hexrays::track_entry_params(get_func(ep), 0);
 #endif /* HEX_RAYS */
   }
+
   if (m_ftype == ffs_file_type_t::pei) {
-    // efi_utils::set_entry_arg_to_pei_svc();
+    efi_utils::set_entry_arg_to_pei_svc();
   }
 }
 

diff --git a/efiXplorer/efi_hexrays.cc b/efiXplorer/efi_hexrays.cc
@@ -89,7 +89,7 @@ xreflist_t efi_hexrays::xrefs_to_stack_var(ea_t func_addr, lvar_t &ll,
 }
 
 // utility function to set a Hex-Rays variable name
-bool efi_hexrays::set_lvar_name(qstring name, lvar_t lvar, ea_t func_addr) {
+bool efi_hexrays::set_lvar_name(qstring name, lvar_t &lvar, ea_t func_addr) {
   lvar_saved_info_t lsi;
   lvar_uservec_t lvuv;
 

diff --git a/efiXplorer/efi_hexrays.h b/efiXplorer/efi_hexrays.h
@@ -35,7 +35,7 @@ bool set_hexrays_var_info_and_handle_interfaces(ea_t func_addr, lvar_t &ll,
                                                 tinfo_t tif, std::string name);
 bool set_hexrays_var_info(ea_t func_addr, lvar_t &ll, tinfo_t tif,
                           std::string name);
-bool set_lvar_name(qstring name, lvar_t lvar, ea_t func_addr);
+bool set_lvar_name(qstring name, lvar_t &lvar, ea_t func_addr);
 bool track_entry_params(func_t *f, uint8_t depth);
 const char *expr_to_string(cexpr_t *e, qstring *out);
 json detect_vars(func_t *f);
@@ -777,18 +777,17 @@ class variables_detector_t : public ctree_visitor_t {
       return 0;
     }
 
-    if (e->y->op != cot_cast && e->y->op != cot_var) {
-      return 0;
-    }
-
     // extract variable type
     tinfo_t var_type;
     tinfo_t var_type_no_ptr;
-    if (e->y->op == cot_var) {
+    if (e->y->op == cot_memptr && e->y->x->op == cot_var) {
       var_type = e->y->type;
-    }
-    if (e->y->op == cot_cast) {
+    } else if (e->y->op == cot_var) {
+      var_type = e->y->type;
+    } else if (e->y->op == cot_cast) {
       var_type = e->y->x->type;
+    } else {
+      return 0;
     }
 
     if (var_type.is_ptr()) {
@@ -840,19 +839,10 @@ class variables_detector_t : public ctree_visitor_t {
     }
 
     if (local_var) {
-      var_ref_t var_ref;
-      if (e->y->op == cot_var) {
-        var_ref = e->y->v;
-      }
-      if (e->y->op == cot_cast) {
-        var_ref = e->y->x->v;
-      }
-
-      lvar_t &dest_var = var_ref.mba->vars[var_ref.idx];
-
       // set the Hex-Rays variable type
       auto name = efi_utils::type_to_name(type_name.c_str());
-      set_hexrays_var_info(m_func_ea, dest_var, var_type, name);
+      efi_utils::log("found %s at 0x%" PRIx64 " (function: 0x%" PRIx64 ")\n",
+                     name.c_str(), u64_addr(e->ea), u64_addr(m_func_ea));
     }
 
     return 0;

diff --git a/efiXplorer/efi_utils.cc b/efiXplorer/efi_utils.cc
@@ -299,6 +299,7 @@ ea_list_t efi_utils::get_xrefs_to_array(ea_t addr) {
 //--------------------------------------------------------------------------
 // wrapper for op_stroff function
 bool efi_utils::op_stroff(ea_t addr, std::string type) {
+#if IDA_SDK_VERSION >= 840
   tinfo_t tinfo;
   if (!tinfo.get_named_type(get_idati(), type.c_str())) {
     return false;
@@ -310,6 +311,9 @@ bool efi_utils::op_stroff(ea_t addr, std::string type) {
   if (tid == BADADDR) {
     return false;
   }
+#else
+  tid_t tid = get_struc_id(type.c_str());
+#endif
 
   insn_t insn;
   decode_insn(&insn, addr);

diff --git a/efiXplorer/efixplorer.cc b/efiXplorer/efixplorer.cc
@@ -98,14 +98,14 @@ bool idaapi run(size_t arg) {
     warning("%s: input file is UEFI firmware, analysis can be time consuming\n",
             g_plugin_name);
     if (get_machine_type() == AARCH64) {
-      efi_utils::log("[%s] analyse ARM64 modules\n");
+      efi_utils::log("analyse ARM64 modules\n");
       efi_analysis::efi_analyse_main_aarch64();
     } else {
-      efi_utils::log("[%s] analyse AMD64 modules\n", g_plugin_name);
+      efi_utils::log("analyse AMD64 modules\n");
       efi_analysis::efi_analyse_main_x86_64();
     }
   } else if (arch == arch_file_type_t::aarch64) {
-    efi_utils::log("[%s] input file is ARM 64-bit module\n");
+    efi_utils::log("input file is ARM 64-bit module\n");
     efi_analysis::efi_analyse_main_aarch64();
   }