angr-platforms icon indicating copy to clipboard operation
angr-platforms copied to clipboard

Published 20 hours ago verified publisher icon angr

Fix eBPF exit instruction

Open xxr0ss opened this issue 11 months ago • 1 comments

exit means "return" according to Jump instructions

code value src description notes
BPF_EXIT 0x9 0x0 return BPF_JMP only

and Program-local functions

A BPF_EXIT within the program-local function will return to the caller.

xxr0ss avatar Mar 11 '24 12:03 xxr0ss

oh, I think I need to figure out the calculation of return address before this change

xxr0ss avatar Mar 11 '24 13:03 xxr0ss