From 7664bd9d99b289a7573ec1254abc9127ccb8ec52 Mon Sep 17 00:00:00 2001 From: First Last <69217234+ieee802dot11ac@users.noreply.github.com> Date: Mon, 15 Jul 2024 16:54:32 -0700 Subject: [PATCH 1/2] Locate ProDG .bss sections (partial addressing of #62) --- src/analysis/cfa.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/analysis/cfa.rs b/src/analysis/cfa.rs index 04fbd04..349bcaf 100644 --- a/src/analysis/cfa.rs +++ b/src/analysis/cfa.rs @@ -597,12 +597,11 @@ pub fn locate_bss_memsets(obj: &mut ObjInfo) -> Result<Vec<(u32, u32)>> { StepResult::Branch(branches) => { for branch in branches { if branch.link { - // ProDG bug? Registers are supposed to start at r3 if let ( GprValue::Constant(addr), GprValue::Constant(value), GprValue::Constant(size), - ) = (vm.gpr_value(4), vm.gpr_value(5), vm.gpr_value(6)) + ) = (vm.gpr_value(3), vm.gpr_value(4), vm.gpr_value(5)) { if value == 0 && size > 0 { bss_sections.push((addr, size)); @@ -610,6 +609,9 @@ pub fn locate_bss_memsets(obj: &mut ObjInfo) -> Result<Vec<(u32, u32)>> { } } } + if bss_sections.len() >= 2 { + return Ok(ExecCbResult::End(())); + } Ok(ExecCbResult::Continue) } } From f8fcb68a9e950741a88d1d9a620a5fae955cc1df Mon Sep 17 00:00:00 2001 From: First Last <69217234+ieee802dot11ac@users.noreply.github.com> Date: Mon, 15 Jul 2024 17:17:39 -0700 Subject: [PATCH 2/2] Support both correct and incorrect memset calls --- src/analysis/cfa.rs | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/analysis/cfa.rs b/src/analysis/cfa.rs index 349bcaf..8f7f4f3 100644 --- a/src/analysis/cfa.rs +++ b/src/analysis/cfa.rs @@ -597,12 +597,18 @@ pub fn locate_bss_memsets(obj: &mut ObjInfo) -> Result<Vec<(u32, u32)>> { StepResult::Branch(branches) => { for branch in branches { if branch.link { + // Some ProDG crt0.s versions use the wrong registers, some don't if let ( GprValue::Constant(addr), GprValue::Constant(value), GprValue::Constant(size), - ) = (vm.gpr_value(3), vm.gpr_value(4), vm.gpr_value(5)) - { + ) = { + if vm.gpr_value(4) == GprValue::Constant(0) { + (vm.gpr_value(3), vm.gpr_value(4), vm.gpr_value(5)) + } else { + (vm.gpr_value(4), vm.gpr_value(5), vm.gpr_value(6)) + } + } { if value == 0 && size > 0 { bss_sections.push((addr, size)); }