-
Notifications
You must be signed in to change notification settings - Fork 281
Bitfield resolution in MLIL/HLIL #7533
Copy link
Copy link
Open
Labels
Core: HLILIssue involves High Level ILIssue involves High Level ILCore: MLILIssue involves Medium Level ILIssue involves Medium Level ILEffort: HighIssues require > 1 month of workIssues require > 1 month of workImpact: MediumIssue is impactful with a bad, or no, workaroundIssue is impactful with a bad, or no, workaroundUI: LinearIssues with the Linear viewIssues with the Linear view
Description
Metadata
Metadata
Assignees
Labels
Core: HLILIssue involves High Level ILIssue involves High Level ILCore: MLILIssue involves Medium Level ILIssue involves Medium Level ILEffort: HighIssues require > 1 month of workIssues require > 1 month of workImpact: MediumIssue is impactful with a bad, or no, workaroundIssue is impactful with a bad, or no, workaroundUI: LinearIssues with the Linear viewIssues with the Linear view
What is the feature you'd like to have?
I would like to see resolved accesses to bitfields in HLIL, since we now can express them (bitfields) in our type system.
Is your feature request related to a problem?
Currently you must do math in your head to determine the accessed bitfield, for example:
The above is setting the first member
ato 1 and 4 respectively for each structure.Another, more annotated example:
MLIL listing:
Types:
Additional Information:
We also likely want to stop showing the first member being accessed, e.g.
ain the examples above, and show either no access (the structure itself is loaded into the register) or some anonymous access, so that users do not get confused as to what is really getting accessed.The above binary is available with:
echo nebula rises persistently