binary-analysis

• /o?
• /w?
• /i?
• /f?
• /s?
• /O?
• /d?
• /F?
• a8?
• aF?
• afm?
• afu?
• afna?

Seeing PGO: UNKNOWN is not implemented yet! printed out when parsing the following assembly

global main
extern GetStdHandle
extern WriteFile

section .text
main:
    mov     rcx, 0fffffff5h
    call    GetStdHandle

    mov     rcx, rax
    mov     rdx, NtlpBuffer
    mov     r8, [NtnNBytesToWrite]
    mov     r9, NtlpNBytesWritten
    sub     rsp, 40
    mov     dword [rs

It's nice if testing doesn't produce unnecessary artifacts after running with success but keeps relevant info on fail for further inspection.

Pytest should have a nice way of creating fixtures that can post-process a test based on whether it failed or not https://docs.pytest.org/en/latest/example/simple.html#making-test-result-information-available-in-fixtures

If a test fails, then keep the

While the test_suite presented in #589 does work, it is still pretty simple and can be improved and enhanced.

• Add tests for gnutils and coreutils.
• Add necessary utilities so more complex programs can be compiled from sources.
• Integrate CMake, so one could write something like make validate and the subset of test that is deemed necessary (for example everything with min t

There are many instances of INSTR_CREATE macro documentation saying things like this:

* \param dc  The void * dcontext used to allocate memory for the instr_t.

That should have a # to link up the instr_t type.

Attempting to decode any of the attached files with goblin::elf::Elf::parse crashes the process. Memory allocator runs out of virtual memory and the process is aborted.

goblin-elf-oom-crashes.zip

Found via AFL.rs. Fuzzing harness: https://github.com/Shnatsel/goblin/blob/master/fuzz-afl/src/main.rs

I noticed you have a plugin for Ghidra, but it is not the only one FOSS tool available.
Radare2 is a highly-portable cross-platform reverse engineering framework and a toolkit without dependencies. It has support for analyzing binaries, disassembling code, debugging programs, attaching to remote GDB/LLDB, WinDbg servers, rich plugin system (see r2pm), an

Binary Ninja Version
2.4.2846

Describe the bug
If you create an architechture plugin and (accidentally) return the wrong types from get_instruction_text, Binary Ninja crashes with a segfault.

To Reproduce
Steps to reproduce the behavior:

1. Create a simple architecture plugin
2. Implement get_instruction_text like this:

def get_instruction_text(self, data: bytes, add