Skip to content

Commit

Permalink
binja: fix crash when the IL of certain functions are not available. m…
Browse files Browse the repository at this point in the history
  • Loading branch information
xusheng6 committed Nov 21, 2024
1 parent a27083d commit c7d99d7
Show file tree
Hide file tree
Showing 4 changed files with 19 additions and 3 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
- IDA Pro: rename ida to idapro module for plugin and idalib in IDA 9.0 #2453 @mr-tz
- ghidra: fix saving of base address @mr-tz
- binja: support loading raw x86/x86_64 shellcode #2489 @xusheng6
- binja: fix crash when the IL of certain functions are not available. #2249 @xusheng6

### capa Explorer Web

Expand Down
6 changes: 5 additions & 1 deletion capa/features/extractors/binja/extractor.py
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,11 @@ def get_basic_blocks(self, fh: FunctionHandle) -> Iterator[BBHandle]:
f: binja.Function = fh.inner
# Set up a MLIL basic block dict look up to associate the disassembly basic block with its MLIL basic block
mlil_lookup = {}
for mlil_bb in f.mlil.basic_blocks:
mlil = f.mlil_if_available
if mlil is None:
return

for mlil_bb in mlil.basic_blocks:
mlil_lookup[mlil_bb.source_block.start] = mlil_bb

for bb in f.basic_blocks:
Expand Down
9 changes: 8 additions & 1 deletion capa/features/extractors/binja/function.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,14 @@ def extract_function_calls_to(fh: FunctionHandle):
# Everything that is a code reference to the current function is considered a caller, which actually includes
# many other references that are NOT a caller. For example, an instruction `push function_start` will also be
# considered a caller to the function
llil = caller.llil
llil = None
try:
# Temporary fix for https://github.com/Vector35/binaryninja-api/issues/6020. Since `.llil` can throw an
# exception rather than returning None
llil = caller.llil
except:
continue

if (llil is None) or llil.operation not in [
LowLevelILOperation.LLIL_CALL,
LowLevelILOperation.LLIL_CALL_STACK_ADJUST,
Expand Down
6 changes: 5 additions & 1 deletion capa/features/extractors/binja/insn.py
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,11 @@ def is_stub_function(bv: BinaryView, addr: int) -> Optional[int]:

call_count = 0
call_target = None
for il in func.llil.instructions:
llil = func.llil_if_available
if llil is None:
continue

for il in llil.instructions:
if il.operation in [
LowLevelILOperation.LLIL_CALL,
LowLevelILOperation.LLIL_CALL_STACK_ADJUST,
Expand Down

0 comments on commit c7d99d7

Please sign in to comment.