-
Notifications
You must be signed in to change notification settings - Fork 227
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support setting a data variable to volatile to prevent the analysis from using its current value #6267
Comments
I am not sure to understand this issue, what is binja doing wrong/badly and what is the expected result? |
i think this line is not right.
|
Ah yeah, ok, sorry for my misunderstanding I got confused. Can you share the binary (you might need to zip it) ? |
If this helps, I think it's a Binder transaction (judging from the renaming in the IDA decomp) and that value 0x38004000000000 is being loaded from offset 0x30 in a buffer after a BR_TRANSACTION command (0x80407202). Looking at the Android source, it's probably reading from a binder_transaction_data structure, where offset 0x30 contains a union (either a pointer to more data or an inline buffer). Since this is following a pointer to transaction data, its does seem strange that binja would assume it returns a constant value The 0x38004 part in that big number might be some kind of type or enum that gets shifted into the final value, but yeah, without the binary it's hard to say why binja thinks this specific value would always be returned |
yes, give me a short time. |
Version and Platform (required):
Bug Description:
there is really no offensive for ninja, using ida is only for compareing code to check the difference
i buyed ninja, and i love ninja.
Here is the following code reversed by ida
we can compare the last lien of code reversed by ida and ninja.
Here is ninja reversed
ninja give the value to retrun.
it is 0x38004000000000
obvious it is not so confidential to say ninja is right.
the code is arm64 arch and we can check it as following
The text was updated successfully, but these errors were encountered: