cle icon indicating copy to clipboard operation
cle copied to clipboard

Published 20 hours ago verified publisher icon angr

find_symbol fails on Mach-O

Open cryslith opened this issue 5 years ago • 4 comments

Attempting to run find_symbol(string) on a Mach-O binary results in the error:

File "cle/loader.py", line 473, in find_symbol
    if sym.is_import:
AttributeError: 'list' object has no attribute 'is_import'

This is because the Mach-O implementation of get_symbol always returns a list rather than a single symbol as expected by load_symbol.

Pip version cle 8.19.4.5

cryslith avatar Jul 02 '19 10:07 cryslith

Because I am probably the only person around here that feels somewhat responsible for the Mach-O backend, I will be looking into this. The current get_symbol implementation obviously violates assumptions made by other parts of CLE(a strong case for type annotations and checking). The question is of the rest of CLE should be changed to handle binaries with duplicate symbol names (which is allowed in Mach-O) or the backend should be changed so it always returns one symbol, however that is chosen. Namespacing would be one option for the latter, but that might require changes to CLE again to support the concept of namespaces instead of just building them as a string. Other option would be that only an index is valid as an argument for get_symbol and a str requires an additional parameter to specify a namespace or accept a list as a result.

fmagin avatar Sep 18 '19 07:09 fmagin

This issue has been marked as stale because it has no recent activity. Please comment or add the pinned tag to prevent this issue from being closed.

github-actions[bot] avatar May 19 '22 02:05 github-actions[bot]

FWIW Ghidra's symbol API typically returns a list of symbols in many cases, even if requesting a symbol by name and Namespace. So I guess get_symbol in CLE returning a specific symbol doesn't generalize well. But Ghidra also has more different things it calls symbols. Can't really judge if this requires a deeper change in CLE or a workaround in the MachO loader

fmagin avatar May 20 '22 11:05 fmagin

FWIW Ghidra's symbol API typically returns a list of symbols in many cases, even if requesting a symbol by name and Namespace. So I guess get_symbol in CLE returning a specific symbol doesn't generalize well. But Ghidra also has more different things it calls symbols. Can't really judge if this requires a deeper change in CLE or a workaround in the MachO loader

in sym = so.get_symbol(thing) I saw the return value is a python list(code in here) ,but int this line if sym.is_import: , it is straightforward to use it instead of performing an iteration

p1ay8y3ar avatar Jul 09 '22 08:07 p1ay8y3ar

This issue has been marked as stale because it has no recent activity. Please comment or add the pinned tag to prevent this issue from being closed.

github-actions[bot] avatar Sep 08 '22 02:09 github-actions[bot]

This issue has been closed due to inactivity.

github-actions[bot] avatar Sep 16 '22 02:09 github-actions[bot]