ghidra icon indicating copy to clipboard operation
ghidra copied to clipboard

Published 20 hours ago verified publisher icon NationalSecurityAgency

Ghidra Code Browser is Permanently Blank after `java.nio.BufferOverflowException` from Interrupting Python Interpreter

Open TheMatt2 opened this issue 2 years ago • 7 comments

Describe the bug On attempting to reset the Python Interpreter, a java.nio.BufferOverflowException. Now, the Code Browser window in Ghidra is completely blank. If I try to open the project I was working on, I get the message "Tool did not accept files: name_of_executable.exe"

Screenshots

image

Environment Memory: 6GB of RAM, with ~50% shown used in Task Manager Disk: Only 1GB of free disk space available

To Reproduce

  1. Open Python Console in Ghidra CodeBrowser
  2. Run the command:
while 1:
    _=raw_input()
  1. Press the red cross to interrupt the interpreter.
  2. Observer the following java.nio.BufferOverflowException error message:
java.nio.BufferOverflowException
	at java.base/java.nio.HeapByteBuffer.put(HeapByteBuffer.java:240)
	at org.python.core.io.BufferedWriter.write(BufferedWriter.java:41)
	at org.python.core.io.BinaryIOWrapper.write(BinaryIOWrapper.java:118)
	at org.python.core.io.TextIOWrapper.write(TextIOWrapper.java:260)
	at org.python.core.PyFile.file_write(PyFile.java:456)
	at org.python.core.PyFile.write(PyFile.java:460)
	at org.python.core.StdoutWrapper.printToFile(StdoutWrapper.java:117)
	at org.python.core.StdoutWrapper.print(StdoutWrapper.java:186)
	at org.python.core.StdoutWrapper.print(StdoutWrapper.java:264)
	at org.python.core.Py.displayException(Py.java:1390)
	at org.python.core.PySystemState.excepthook(PySystemState.java:1590)
	at org.python.core.PySystemStateFunctions.__call__(PySystemState.java:2003)
	at org.python.core.Py.printException(Py.java:1330)
	at org.python.core.Py.printException(Py.java:1273)
	at org.python.util.InteractiveInterpreter.showexception(InteractiveInterpreter.java:142)
	at org.python.util.InteractiveInterpreter.runcode(InteractiveInterpreter.java:135)
	at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpreter.java:115)
	at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpreter.java:62)
	at ghidra.python.GhidraPythonInterpreter.push(GhidraPythonInterpreter.java:181)
	at ghidra.python.PythonPluginExecutionThread.run(PythonPluginExecutionThread.java:80)

---------------------------------------------------
Build Date: 2022-Jul-26 1543 EDT
Ghidra Version: 10.1.5
Java Home: C:\Program Files\Eclipse Adoptium\jdk-11.0.16.101-hotspot
JVM Version: Eclipse Adoptium 11.0.16.1
OS: Windows 11 10.0 amd64
Workstation: Name of Computer
  1. Press the green arrows to reset the Python interperter.
  2. Observer another java.nio.BufferOverflowException error message:
java.nio.BufferOverflowException
	at java.base/java.nio.HeapByteBuffer.put(HeapByteBuffer.java:240)
	at org.python.core.io.BufferedWriter.write(BufferedWriter.java:41)
	at org.python.core.io.BinaryIOWrapper.write(BinaryIOWrapper.java:118)
	at org.python.core.io.TextIOWrapper.write(TextIOWrapper.java:260)
	at org.python.core.PyFile.file_write(PyFile.java:456)
	at org.python.core.PyFile.file_write(PyFile.java:450)
	at org.python.core.PyFile$file_write_exposer.__call__(Unknown Source)
	at org.python.core.PyObject.invoke(PyObject.java:3646)
	at ghidra.python.GhidraPythonInterpreter.printErr(GhidraPythonInterpreter.java:256)
	at ghidra.python.GhidraPythonInterpreter.interrupt(GhidraPythonInterpreter.java:324)
	at ghidra.python.PythonPlugin.interrupt(PythonPlugin.java:310)
	at ghidra.python.PythonPlugin.reset(PythonPlugin.java:320)
	at ghidra.python.PythonPlugin$2.actionPerformed(PythonPlugin.java:158)
	at docking.menu.ToolBarItemManager.lambda$actionPerformed$0(ToolBarItemManager.java:128)
	at java.desktop/java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:313)
	at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:770)
	at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:721)
	at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:715)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
	at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:740)
	at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
	at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
	at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
	at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
	at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
	at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)

---------------------------------------------------
Build Date: 2022-Jul-26 1543 EDT
Ghidra Version: 10.1.5
Java Home: C:\Program Files\Eclipse Adoptium\jdk-11.0.16.101-hotspot
JVM Version: Eclipse Adoptium 11.0.16.1
OS: Windows 11 10.0 amd64
Workstation: Name of Computer
  1. Close the CodeBrowser Window
  2. Observer a third java.nio.BufferOverflowException error message:
java.nio.BufferOverflowException
java.lang.RuntimeException: java.nio.BufferOverflowException
	at ghidra.framework.plugintool.Plugin.cleanup(Plugin.java:312)
	at ghidra.framework.plugintool.PluginManager.dispose(PluginManager.java:58)
	at ghidra.framework.plugintool.PluginTool.dispose(PluginTool.java:454)
	at ghidra.framework.plugintool.PluginTool.exit(PluginTool.java:435)
	at ghidra.framework.project.tool.GhidraTool.exit(GhidraTool.java:175)
	at ghidra.framework.plugintool.PluginTool.doClose(PluginTool.java:1093)
	at ghidra.framework.plugintool.PluginTool.close(PluginTool.java:1074)
	at docking.DockingWindowManager.close(DockingWindowManager.java:1113)
	at docking.RootNode$JFrameWindowWrapper$1.windowClosing(RootNode.java:727)
	at java.desktop/java.awt.AWTEventMulticaster.windowClosing(AWTEventMulticaster.java:357)
	at java.desktop/java.awt.Window.processWindowEvent(Window.java:2078)
	at java.desktop/javax.swing.JFrame.processWindowEvent(JFrame.java:298)
	at java.desktop/java.awt.Window.processEvent(Window.java:2037)
	at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:5011)
	at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2321)
	at java.desktop/java.awt.Window.dispatchEventImpl(Window.java:2772)
	at java.desktop/java.awt.Component.dispatchEvent(Component.java:4843)
	at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:772)
	at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:721)
	at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:715)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
	at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:95)
	at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:745)
	at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:743)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
	at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:742)
	at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
	at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
	at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
	at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
	at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
	at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)
Caused by: java.nio.BufferOverflowException
	at java.base/java.nio.HeapByteBuffer.put(HeapByteBuffer.java:240)
	at org.python.core.io.BufferedWriter.write(BufferedWriter.java:41)
	at org.python.core.io.BinaryIOWrapper.write(BinaryIOWrapper.java:118)
	at org.python.core.io.TextIOWrapper.write(TextIOWrapper.java:260)
	at org.python.core.PyFile.file_write(PyFile.java:456)
	at org.python.core.PyFile.file_write(PyFile.java:450)
	at org.python.core.PyFile$file_write_exposer.__call__(Unknown Source)
	at org.python.core.PyObject.invoke(PyObject.java:3646)
	at ghidra.python.GhidraPythonInterpreter.printErr(GhidraPythonInterpreter.java:256)
	at ghidra.python.GhidraPythonInterpreter.interrupt(GhidraPythonInterpreter.java:324)
	at ghidra.python.PythonPlugin.interrupt(PythonPlugin.java:310)
	at ghidra.python.PythonPlugin.dispose(PythonPlugin.java:280)
	at ghidra.framework.plugintool.Plugin.cleanup(Plugin.java:300)
	... 33 more

---------------------------------------------------
Build Date: 2022-Jul-26 1543 EDT
Ghidra Version: 10.1.5
Java Home: C:\Program Files\Eclipse Adoptium\jdk-11.0.16.101-hotspot
JVM Version: Eclipse Adoptium 11.0.16.1
OS: Windows 11 10.0 amd64
Workstation: Name of Computer

On restarting Ghidra, the Code Browser window was blank, as the screenshot above shows. A further exception was given:

Tool did not accept files: name_of_executable.exe
---------------------------------------------------
Build Date: 2022-Jul-26 1543 EDT
Ghidra Version: 10.1.5
Java Home: C:\Program Files\Eclipse Adoptium\jdk-11.0.16.101-hotspot
JVM Version: Eclipse Adoptium 11.0.16.1
OS: Windows 11 10.0 amd64
Workstation: Name of Computer

Additional context Ghidra on the computer appears to now be bricked. Opening the Debugger and Version Tracking window do showup correctly, but are not very useful as the Code Browser is broken.

TheMatt2 avatar Feb 01 '23 04:02 TheMatt2

I've run into this exact issue, also caused by interrupting the python console.

You can fix this two ways. In your current messed-up CodeBrowser tool, you can go into File | Configure..., and re-enable the plugins in the core category that got disabled, or in the main project window, Tools | Import Default Tools..., and choose the CodeBrowser to re-import. You will now have 2 green dragon heads in your "Tool Chest". The first one will be the one with the empty plugin list, and the second one will be the new one you just re-imported. Delete the first one. (This looses misc configuration items like window position, etc inside that tool)

dev747368 avatar Feb 01 '23 12:02 dev747368

It seems you are right. If I go to File | Configure... > Ghidra Core, the only plugin enabled is the Python plugin

image

TheMatt2 avatar Feb 01 '23 18:02 TheMatt2

I was able to restore the CodeBrowser using the second method you described. Thank you

TheMatt2 avatar Feb 01 '23 18:02 TheMatt2

Update description with steps to reproduce.

This is still an issue that needs to be fixed.

TheMatt2 avatar Feb 01 '23 18:02 TheMatt2

Update:

It seems interrupting the Python interpreter at all causes this issue.

The following snippet also causes the crash:

while True: pass

A simple sleep command, however, gets interrupt as one would expect.

import time
time.sleep(10)

TheMatt2 avatar Feb 01 '23 18:02 TheMatt2

Update:

In the current version of Ghidra, hitting the buffer overflow does not cause the project window to go blank.

However, running

while 1: pass

and then interrupting the interpreter will still cause a java.nio.BufferOverflowException:

java.nio.BufferOverflowException
	at java.base/java.nio.ByteBuffer.put(ByteBuffer.java:1018)
	at java.base/java.nio.HeapByteBuffer.put(HeapByteBuffer.java:250)
	at org.python.core.io.BufferedWriter.write(BufferedWriter.java:41)
	at org.python.core.io.BinaryIOWrapper.write(BinaryIOWrapper.java:118)
	at org.python.core.io.TextIOWrapper.write(TextIOWrapper.java:260)
	at org.python.core.PyFile.file_write(PyFile.java:456)
	at org.python.core.PyFile.write(PyFile.java:460)
	at org.python.core.StdoutWrapper.printToFile(StdoutWrapper.java:117)
	at org.python.core.StdoutWrapper.print(StdoutWrapper.java:186)
	at org.python.core.StdoutWrapper.print(StdoutWrapper.java:264)
	at org.python.core.Py.displayException(Py.java:1406)
	at org.python.core.PySystemState.excepthook(PySystemState.java:1598)
	at org.python.core.PySystemStateFunctions.__call__(PySystemState.java:1998)
	at org.python.core.Py.printException(Py.java:1346)
	at org.python.core.Py.printException(Py.java:1289)
	at org.python.util.InteractiveInterpreter.showexception(InteractiveInterpreter.java:142)
	at org.python.util.InteractiveInterpreter.runcode(InteractiveInterpreter.java:135)
	at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpreter.java:115)
	at org.python.util.InteractiveInterpreter.runsource(InteractiveInterpreter.java:62)
	at ghidra.python.GhidraPythonInterpreter.push(GhidraPythonInterpreter.java:181)
	at ghidra.python.PythonPluginExecutionThread.run(PythonPluginExecutionThread.java:75)

---------------------------------------------------
Build Date: 2023-May-10 1508 EDT
Ghidra Version: 10.3
Java Home: /Library/Java/JavaVirtualMachines/temurin-20.jdk/Contents/Home
JVM Version: Eclipse Adoptium 20.0.1
OS: Mac OS X 12.6.6 x86_64

TheMatt2 avatar Jun 10 '23 22:06 TheMatt2

If this is the first time the Python interpreter is being reset since Ghidra has restarted, an additional error can occur on resetting. This can occur instead of the above error, or along with it.

Ghidra python interpreter has already been cleaned up.
java.lang.IllegalStateException: Ghidra python interpreter has already been cleaned up.
	at ghidra.python.GhidraPythonInterpreter.push(GhidraPythonInterpreter.java:167)
	at ghidra.python.PythonPluginExecutionThread.run(PythonPluginExecutionThread.java:75)

---------------------------------------------------
Build Date: 2023-May-10 1508 EDT
Ghidra Version: 10.3
Java Home: /Library/Java/JavaVirtualMachines/temurin-20.jdk/Contents/Home
JVM Version: Eclipse Adoptium 20.0.1
OS: Mac OS X 12.6.6 x86_64

TheMatt2 avatar Jun 10 '23 23:06 TheMatt2