Vector35
BN does not propogate enum type from array member to constant values
Version and Platform (required):
- Binary Ninja Version: 3.6.4709-dev Personal, 715fcd79
- OS: windows
- OS Version: 11
- CPU Architecture: x86_64
Bug Description:
Initial analysis:
After fixing the array size, the initial enum name is lost:
Expected output: (I had to map each enum val to name manually)
Also, if it's possible to default select the last used enum in the Select Enum dialogue box it will be useful in similar scenarios.
I have created a simpler binary to reproduce this:
Looking at the expression type, it seems that we correctly deduce the type of arr[0] is the enum, we just fail to propagate that to the right side of the comparison
If I look at the MLIL, if explains:
>>> current_il_instruction
<MediumLevelILSetVarField: arr[0] = 1>
>>> current_il_instruction.dest
<var enum foobar arr[0x3]>
>>> current_il_instruction.dest.type
<type: immutable:ArrayTypeClass 'enum foobar[0x3]'>
So this issue a bit trickier than I have expected. While at HLIL we correctly deduce the type of arr[1] is an enum (see the screenshot above) and we should be able to just do the type propagation easily, we are actually only doing the type propagation at MLIL. And unfortunately, the MLIL instruction is a MediumLevelILSetVarField, which means the operand arr[1] does not even exists:
In the above screenshot, we are unable to show the expression type of the var_28[1] on the left side because, well, it is not an expression.
>>> current_il_instruction
<MediumLevelILSetVarField: var_28[1] = 1>
>>> current_il_instruction.operands
[<var enum foobar var_28[0x3]>, 4, <MediumLevelILConst: 1>]
Similarly we are also missing the opportunity if we have an structure assignment like foo.bar = 0x123, where bar is an enum.