Ghidra address computation workaround (#43)

This PR fixes two minor bugs and adds a workaround for the address computation of Ghidra, which sometimes adds an offset and sometimes not. There seems to be no function in the Ghidra API that can be used to tell the plugin when this happens and when not.
fkie-cad · Nov 26, 2019 · 09f8398 · 09f8398
1 parent 86bf4b3
commit 09f8398
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 9 deletions.
diff --git a/ghidra_plugin/cwe_checker_ghidra_plugin.py b/ghidra_plugin/cwe_checker_ghidra_plugin.py
@@ -28,11 +28,11 @@ def comment_cwe_eol(ghidra_address, text):
 
 
 def comment_cwe_pre(ghidra_address, text):
-    old_comment = getPREComment(ghidra_address)
+    old_comment = getPreComment(ghidra_address)
     if old_comment is None:
-        setPREComment(ghidra_address, text)
+        setPreComment(ghidra_address, text)
     elif text not in old_comment:
-        setPREComment(ghidra_address, old_comment + '\n' + text)
+        setPreComment(ghidra_address, old_comment + '\n' + text)
 
 
 def get_cwe_checker_output():
@@ -43,8 +43,14 @@ def get_cwe_checker_output():
 
 def compute_ghidra_address(address_string):
     fixed_address_string = address_string.replace(':32u', '').replace(':64u', '')
-    address = int(fixed_address_string, 16)
-    return currentProgram.minAddress.add(address)
+    address_int = int(fixed_address_string, 16)
+    # Ghidra sometimes adds an offset to all addresses.
+    # Unfortunately, I havent't found a way to reliably detect this yet.
+    # Instead we detect the obvious case and hope that it works in most cases.
+    if address_int < currentProgram.getMinAddress().getOffset():
+        return currentProgram.getMinAddress().add(address_int)
+    else:
+        return currentProgram.getAddressFactory().getAddress(fixed_address_string)
 
 
 def main():
@@ -57,7 +63,7 @@ def main():
     for warning in warnings:
         if len(warning['addresses']) == 0:
             cwe_text =  '[' + warning['name'] + '] ' + warning['description']
-            ghidra_address = currentProgram.minAddress.add(0)
+            ghidra_address = currentProgram.getMinAddress().add(0)
             bookmark_cwe(ghidra_address, cwe_text)
             comment_cwe_pre(ghidra_address, cwe_text)
         else:

diff --git a/src/checkers/cwe_248.ml b/src/checkers/cwe_248.ml
@@ -9,9 +9,9 @@ let version = "0.1"
 let print_uncatched_exception block_tid ~tid_map =
   let address = (Address_translation.translate_tid_to_assembler_address_string block_tid tid_map) in
   let description = sprintf "(Possibly Uncaught Exception) (Exception thrown at %s)." address in
-  let cwe_warning = cwe_warning_factory name version description in
+  let cwe_warning = cwe_warning_factory name version description ~addresses:[address] in
   collect_cwe_warning cwe_warning
-                    
+
 (* Extract the name of a direct call, if the block contains a direct call. *)
 let extract_direct_call_symbol block =
   match Symbol_utils.extract_direct_call_tid_from_block block with

diff --git a/test/acceptance/test_file_output.py b/test/acceptance/test_file_output.py
@@ -7,7 +7,7 @@ class TestFileOutput(unittest.TestCase):
 
     def setUp(self):
         self.res_file = '/tmp/res.json'
-        self.cmd = 'bap test/artificial_samples/build/cwe_190_x64.out --pass=cwe-checker --cwe-checker-config=src/config.json --cwe-checker-json --cwe-checker-out=%s' % self.res_file
+        self.cmd = 'bap test/artificial_samples/build/cwe_190_x64_gcc.out --pass=cwe-checker --cwe-checker-config=src/config.json --cwe-checker-json --cwe-checker-out=%s' % self.res_file
 
     def test_can_output_file(self):
         if 'travis' in os.environ['USER']: