ghidra
ghidra copied to clipboard
Published
20 hours ago •
NationalSecurityAgency
NationalSecurityAgency
`NullPointerException` whilst running `RecoverClassesFromRTTIScript`, later `CodeUnitInsertionException`
Describe the bug
Whilst running RecoverClassesFromRTTIScript I encounter a NullPointerException. Adding a null check resolves the first exception, however later I then see a CodeUnitInsertionException
To Reproduce Steps to reproduce the behavior:
- Load and auto-analyze
RCT3.exe - Run the
RecoverClassesFromRTTIScript.javascript - See error
Expected behavior
RecoverClassesFromRTTIScript.java completes without failure.
Attachments
The initial NPE is:
java.lang.reflect.InvocationTargetException
at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisWorkerCommand.applyTo(AutoAnalysisManager.java:1713)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisTaskWrapper.run(AutoAnalysisManager.java:688)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:788)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:667)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:632)
at ghidra.app.plugin.core.analysis.AnalysisBackgroundCommand.applyTo(AnalysisBackgroundCommand.java:58)
at ghidra.framework.plugintool.mgr.BackgroundCommandTask.run(BackgroundCommandTask.java:102)
at ghidra.framework.plugintool.mgr.ToolTaskManager.run(ToolTaskManager.java:319)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.NullPointerException
at classrecovery.RecoveredClass.updateClassMemberStructureUndefineds(RecoveredClass.java:609)
at classrecovery.RecoveredClassHelper.getStructureFromDecompilerPcode(RecoveredClassHelper.java:1174)
at classrecovery.RecoveredClassHelper.updateMapsAndClassMemberDataInfo(RecoveredClassHelper.java:1111)
at classrecovery.RecoveredClassHelper.gatherClassMemberDataInfoForFunction(RecoveredClassHelper.java:1051)
at classrecovery.RTTIClassRecoverer.figureOutClassDataMembers(RTTIClassRecoverer.java:279)
at classrecovery.RTTIWindowsClassRecoverer.createRecoveredClasses(RTTIWindowsClassRecoverer.java:176)
at RecoverClassesFromRTTIScript.run(RecoverClassesFromRTTIScript.java:275)
at ghidra.app.script.GhidraScript.executeNormal(GhidraScript.java:379)
at ghidra.app.script.GhidraScript$1.analysisWorkerCallback(GhidraScript.java:361)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisWorkerCommand.applyTo(AutoAnalysisManager.java:1707)
... 8 more
After adding a null check against component on line 609 I get to:
java.lang.reflect.InvocationTargetException
at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisWorkerCommand.applyTo(AutoAnalysisManager.java:1713)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisTaskWrapper.run(AutoAnalysisManager.java:688)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:788)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:667)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager.startAnalysis(AutoAnalysisManager.java:632)
at ghidra.app.plugin.core.analysis.AnalysisBackgroundCommand.applyTo(AnalysisBackgroundCommand.java:58)
at ghidra.framework.plugintool.mgr.BackgroundCommandTask.run(BackgroundCommandTask.java:102)
at ghidra.framework.plugintool.mgr.ToolTaskManager.run(ToolTaskManager.java:319)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: ghidra.program.model.util.CodeUnitInsertionException: Conflicting data exists at address 01061510 to 01061513
at ghidra.program.database.code.CodeManager.checkValidAddressRange(CodeManager.java:1970)
at ghidra.program.database.code.CodeManager.createCodeUnit(CodeManager.java:2055)
at ghidra.program.database.ListingDB.createData(ListingDB.java:422)
at ghidra.program.flatapi.FlatProgramAPI.createData(FlatProgramAPI.java:1658)
at classrecovery.RecoveredClassHelper.fillInAndApplyVftableStructAndNameVfunctions(RecoveredClassHelper.java:4798)
at classrecovery.RTTIWindowsClassRecoverer.processDataTypes(RTTIWindowsClassRecoverer.java:2240)
at classrecovery.RTTIWindowsClassRecoverer.createAndApplyClassStructures(RTTIWindowsClassRecoverer.java:2177)
at classrecovery.RTTIWindowsClassRecoverer.createRecoveredClasses(RTTIWindowsClassRecoverer.java:182)
at RecoverClassesFromRTTIScript.run(RecoverClassesFromRTTIScript.java:275)
at ghidra.app.script.GhidraScript.executeNormal(GhidraScript.java:379)
at ghidra.app.script.GhidraScript$1.analysisWorkerCallback(GhidraScript.java:361)
at ghidra.app.plugin.core.analysis.AutoAnalysisManager$AnalysisWorkerCommand.applyTo(AutoAnalysisManager.java:1707)
... 8 more
When this error occurs the listing shows:
Running the following in a script does clear the listing, so I'm not sure why the clearListing call at RecoveredClassHelper.java:4797 doesn't do the same:
((FlatProgramAPI)this).clearListing(((FlatProgramAPI)this).getAddressFactory().getAddress("0x01061510"));
Environment (please complete the following information):
- OS: Windows 11
- Java Version: 11.0.16.1
- Ghidra Version: 10.1.5
- Ghidra Origin: GitHub
I believe this is fixed in the latest code which will be released in the upcoming 10.2 release (or is available if you pull the latest and build your own). When it comes out would you verify whether it is fixed? Thanks!
