Toshi Piazza

Need to add tests. In particular I want to ensure the original code snippet is correct now ``` { R3 = memw(R2+#0x0); memw(R2+#0x0) = #0x0 } ``` And the "Slot...

Thanks for the PR! I wrote this a long time ago when I was first getting my feet wet with DynamoRIO, so I suspect that there are many improvements that...

Unchecking "Repair Flow Damage" under the "Non-Returning Functions - Discovered" analyzer seems like a temporary workaround 

Can you elaborate? Do you mean to insert assembly instrumentation that manipulates a `FILE *` structure directly, writing values directly into its buffered contents? Or emitting a clean call directly...

An aside to returning an opaque drtaint handle--does Umbra even handle multiple mappings? afaik it uses a single static page table on 32-bit, so I'd be surprised if it supported...

Expanding a bit on tainting PC; if we have something like `mov pc, r0`, PC should end up tainted with the current implementation. However, something like `blx r0` will not...

Some canonical taint propagation policies from the literature: - [x] Copy Propagation - [x] Arithmetic Propagation - [ ] Address Propagation It's not feasible to implement Control Propagation using only...

Yes, unfortunately `OP_strex` is a known issue for DynamoRIO and Valgrind alike. https://github.com/DynamoRIO/dynamorio/issues/1698 describes the problem well. There is no clear-cut solution, though the problem is sometimes ameliorated by just...

I've also hit this issue. And, emitting an PcodeOp.UNIMPLEMENTED also causes a decompiler crash

XREF https://github.com/NationalSecurityAgency/ghidra/commit/6c6d5f2f1bbddde1f12136e2b1ae5f9cbc5a9073 and https://github.com/NationalSecurityAgency/ghidra/issues/1830. There's no UI for this yet but to merge a var `a` into another var `b`: 1. make sure the types are the same in the...