Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2025-04-01 17:11:51 +00:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Added main detection for linux64 endbr64 (#11731)

Browse Source
This commit is contained in:
xarkes 2018-10-04 16:32:43 +02:00 committed by GitHub
parent 786feaa80b
commit 3b449d4fc3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
libr/bin/format/elf/elf.c
View File

@ -1823,15 +1823,21 @@ ut64 Elf_(r_bin_elf_get_main_offset)(ELFOBJ *bin) {
}
#endif
/* linux64 pie main -- probably buggy in some cases */
if (buf[29] == 0x48 && buf[30] == 0x8d) { // lea rdi, qword [rip-0x21c4]
ut8 *p = buf + 32;
int bo = 29; // Begin offset may vary depending on the entry prelude
if (buf[0] == 0xf3 && buf[1] == 0x0f && buf[2] == 0x1e && buf[3] == 0xfa) {
// Change begin offset if binary starts with 'endbr64'
bo = 33;
}
if (buf[bo] == 0x48 && buf[bo + 1] == 0x8d) { // lea rdi, qword [rip-0x21c4]
ut8 *p = buf + bo + 3;
st32 maindelta = (st32)r_read_le32 (p);
ut64 vmain = (ut64)(entry + 29 + maindelta) + 7;
ut64 vmain = (ut64)(entry + bo + maindelta) + 7;
ut64 ventry = Elf_(r_bin_elf_p2v) (bin, entry);
if (vmain>>16 == ventry>>16) {
return (ut64)vmain;
}
}
/* find sym.main if possible */
{
ut64 m = getmainsymbol (bin);