Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There seems to be no way to determine the base of a number when there are no analysis hints defined #752

Open
ret2libc opened this issue Mar 2, 2021 · 1 comment

Comments

@ret2libc
Copy link
Member

ret2libc commented Mar 2, 2021

Copied from radareorg/radare2#17727

Description

I'm trying to implement a hotkey to toggle the immediate base in Cutter. For the hotkey to always work correctly, I need to obtain the current immediate base for the selected instruction. However, there seems to be no way to get that information, unless an analysis hint was defined for that particular address earlier.
The only alternative I have considered is parsing the opcode, but I'm not sure if that's a good idea (radare supports many different instruction sets, syntaxes, and disassemblers). aoj/ao does not seem to be useful in this case either.

See rizinorg/cutter#2429 (comment) :

@ret2libc

I think there is no way currently to determine what is the base used for a number when no hint is defined yet. I see https://github.com/radareorg/radare2/blob/master/libr/parse/filter.c#L402 , which seems to mean that whatever is returned by the disassembler is shown to the user. Capstone seems to show the number as "decimal" if < 10 (by "decimal" i mean that it doesn't show 0x, but of course numbers < 10 are the same in hex and dec), but you probably can't assume that, as radare2 supports multiple disassemblers.

Expected behavior

[0x00003362]> pd1
│           0x00003362      mov     edx, 5 
[0x00003362]> ahj 0x00003362
[{"addr":13154,"immbase":10}] 
[0x00003362]> pd1 @ 0x00003a94
│           0x00003a94      lea     rax, [0x00007766] 
[0x00003a94]> ahj 0x00003a94
[{"addr":14996,"immbase":16}] 

(Or maybe a different command to get the default immediate base or other information that could be useful in this case)

Actual behavior

[0x00003362]> pd1
│           0x00003362      mov     edx, 5 
[0x00003362]> ahj 0x00003362
[] 
[0x00003362]> ahi 10 @ 0x00003362

[0x00003362]> ahj 0x00003362
[{"addr":13154,"immbase":10}] 
(...)

Related to

rizinorg/cutter#2429

@ret2libc
Copy link
Member Author

ret2libc commented Mar 2, 2021

@plaets I have copied the issue in Rizin repository as well, just FYI.

@stale stale bot added the stale label Sep 5, 2021
@ret2libc ret2libc removed the stale label Sep 6, 2021
@rizinorg rizinorg deleted a comment from stale bot Sep 6, 2021
@stale stale bot added the stale label Mar 11, 2022
@rizinorg rizinorg deleted a comment from stale bot Mar 14, 2022
@stale stale bot removed the stale label Mar 14, 2022
@stale stale bot added the stale label Sep 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants