binaryninja-api icon indicating copy to clipboard operation
binaryninja-api copied to clipboard

Published 20 hours ago verified publisher icon Vector35

aarch64 Big-Endian data mode doesn't handle relocations in big endian

Open CouleeApps opened this issue 9 months ago • 0 comments

Version and Platform (required):

  • Binary Ninja Version: 4.1.5213-dev
  • OS: macOS
  • OS Version: 14
  • CPU Architecture: M1

Bug Description: When opening an aarch64/big endian data mode file, while the lifter totally handles the big endian loads correctly, the relocations are written as little endian and appear backwards as a result.

Steps To Reproduce:

  1. Open this aarch64be file from dogbolt: fe62aea37a48c3836cdf5c8431ba155988f375f5cdac062f36d4e6da66ff3165.zip
  2. Navigate to 0x410df0
  3. Observe all the addresses are byte swapped
  4. Check the bytes in hex view (ELF) vs hex view (Raw) and see that the ELF bytes are swapped

Expected Behavior: I expected the relocations to be applied correctly.

Screenshots: image

Additional Information: Apparently aarch64be is totally a file format, it's only big endian for data accesses, not instructions. Very cursed.

CouleeApps avatar May 06 '24 06:05 CouleeApps