Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Function calls missing args for functions with defined arguments on QNX PPC #6312

Open
mwales opened this issue Jan 13, 2025 · 1 comment
Open

Function calls missing args for functions with defined arguments on QNX PPC #6312

mwales opened this issue Jan 13, 2025 · 1 comment
Labels
Component: Platform Effort: Low Issue should take < 1 week File Format: ELF Impact: Medium Issue is impactful with a bad, or no, workaround State: Blocked (Issue) Issue is blocked on the resolution of another issue Type: Enhancement Issue is a small enhancement to existing functionality

Comments

@mwales
Copy link

mwales commented Jan 13, 2025

Version and Platform (required):

  • Binary Ninja Version: 4.2.6455-Stable
  • OS: Ubuntu
  • OS Version: 22.04.5
  • CPU Architecture: AMD64

Bug Description:

Looking at PPCBE QNX binaries, will often see a function call that has a
complete and correct signature in the .plt section. Occasionally in the
binary, calls to this function will not have the correct number of arguments.

libsnmp.so.1 from exhibits this problem several times in the snmp_open
function.

I often use the "Override Call Type..." feature to force binaj to show the
call with the correct number of arguments.

Also, the "Override Call Type..." GUI default signature is very vanilla. It
is always:

void calltarget()

Would be more helpful to start with the current function signature (that the
user is tyring to change), or the function signature of the target function.

Steps To Reproduce:

  1. Load PPCBE QNX binary.
  2. Goto the .plt section, and look for pretty standard libc functions
  3. Look at callrefs to function with known signatures and see that some have
    decompilation with missing params

Expected Behavior:

Expected function signature shown for function in .plt section to be the same
as the decompiler shows for calls to the function

Screenshots/Video Recording:
image

Binary:

Sent binary via slack posting

Additional Information:
@xusheng6 xusheng6 added the State: Awaiting Triage Issue is waiting for more in-depth triage from a developer label Jan 14, 2025
@fuzyll fuzyll removed the State: Awaiting Triage Issue is waiting for more in-depth triage from a developer label Jan 14, 2025
@fuzyll
Copy link
Contributor

fuzyll commented Jan 14, 2025
edited
Loading

Binary can be found internally with search term fleshy chewy jalapeno racing.

Customer has a short-term fix for their specific problem, but this issue requires a larger effort to have a long-term fix for this platform.

@fuzyll fuzyll added Type: Enhancement Issue is a small enhancement to existing functionality File Format: ELF Effort: Low Issue should take < 1 week Impact: Medium Issue is impactful with a bad, or no, workaround State: Blocked (Issue) Issue is blocked on the resolution of another issue Component: Platform labels Jan 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Component: Platform Effort: Low Issue should take < 1 week File Format: ELF Impact: Medium Issue is impactful with a bad, or no, workaround State: Blocked (Issue) Issue is blocked on the resolution of another issue Type: Enhancement Issue is a small enhancement to existing functionality
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fuzyll @mwales @galenbwill @xusheng6