Light

toor-de-force / ghidrall Goto Github PK

View Code? Open in Web Editor NEW

This project forked from rizinorg/rz-ghidra

9.0 1.0 3.0 169.95 MB

Adaption of the r2ghidra-dec product to lift binaries to LLVM IR

License: GNU Lesser General Public License v3.0

CMake 12.80% C++ 15.74% C 2.95% Makefile 66.69% Python 1.79% Dockerfile 0.03% Shell 0.01%

ghidrall's Introduction

GHIDRALL

This is an adaption of the r2ghidra-dec project. It leverages the ghidra decompiler's internal datastructures to emit P-code at a higher level than low/high p-code.

Installing

Requires r2.

Same instructions from r2ghidra-dec.

First, make sure the submodule contained within this repository is fetched and up to date:

git submodule init
git submodule update

Then, the radare2 plugin can be built and installed as follows:

mkdir build && cd build
cmake -DCMAKE_INSTALL_PREFIX=~/.local ..
make
make install

Usage

Simply run the ghidrall.py script with your target binary as the input.

Running tests

cd ghidrall/tests mkdir build; cd build cmake .. cmake --build . cd ../.. python run-tests.py

This will compile all the test programs that are pre-instrumented with analysis, decompile, lift and verify them all for verification.

Docker

The following docker container incorporates Seahorn for testing and maintains older versions of modules for compatibility's sake:

https://hub.docker.com/repository/docker/toordeforce/ghidralltester

ghidrall's People

Contributors

Stargazers

Watchers

Forkers

mrkappen agurfinkel pk2708

ghidrall's Issues

Stack overflow error occurs with some binaries

I tried it with the following binary:
https://ece.uwaterloo.ca/~agurfink/secret.bin

Debug flags

Give Ghidrall debug flags to optionally emit intermediate files.

Expand test set

The following are good testsets to expand the support for:

https://samate.nist.gov/SARD/testsuite.php
https://github.com/trailofbits/cb-multios
https://github.com/llvm/llvm-test-suite

Ghidra mislabels some blocks

For example, in this CBRANCH op, the address 0x80511a1 is referred to but there is no block with that label:

CBRANCH

0x80511a1
code
1

register0x00000206
bool
1

Handle case where output varnode is also an input varnode (i.e. contains arg in name)

fix loop_even_odd_nongoal test

Missing test cases - Return one liner failing

The following test cases are commented out in run-tests.py: seq_call_five, seq_call_four, seq_call_one, seq_call_three, seq_call_two, inter_rv, condcall_two. They all have a common theme of having a function with a return 1-liner and the result not being present in the xml files emitted, so the lifting fails.

Implement BOOL_XOR, BOOL_AND, BOOL_OR functionality

No check if types are same when performing comparisons with IntType

fix by setting both operands to larger type

handle case where STORE op has non pointer targets

Function Variables as a stack-struct

As it stands R2 recovers arrays as individual arrays. We want to test 3 options:

Represent stack variables a single struct with variables within it.
Represent stack variables as a single memory allocation and byte addressable.
Represent stack variables as a single memory allocation and word addressable.

Registers allocated twice

Register types are sometimes allocated twice

Handle case where blocks with the same address label are found (causes failure in verfication)

Handle variable used before declared situation

The binary 3D_Image_Toolkit has this problem in the function 'sym.cgc_init_freelist'

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.