dewolf icon indicating copy to clipboard operation
dewolf copied to clipboard

Published 20 hours ago verified publisher icon fkie-cad

Return value is a variable instead of 0

Open steffenenders opened this issue 3 years ago • 0 comments

Proposal

For this sample, the decompiler currently produces the following output:

int main(int argc, char ** argv, char ** envp) {
    int var_0;
    char var_1;
    void * i;
    void * var_3;
    var_0, var_1 = mmap(/* addr */ 0U, /* len */ 71U, /* prot */ 7, /* flags */ 34, /* fd */ -1, /* offset */ 0);
    if (var_0 == 0) {
        var_0 = 1;
    }
    else {
        for (i = 0x0; i < 71; i++) {
            var_3 = i + 0x804c020;
            *var_3 = *var_3 ^ 19;
        }
        memcpy(var_0, 0x804c020, 71U);
        var_0();
        var_0 = 0;
    }
    return var_0;
}

However, the original source code simply contains return 0. Also, the assembly looks like the following:

08049235  c745fc00000000     mov     dword [ebp-0x4 {var_8_1}], 0x0  ; here

0804923c  8b45fc             mov     eax, dword [ebp-0x4 {var_8_1}]  ; here
0804923f  83c428             add     esp, 0x28
08049242  5d                 pop     ebp {__saved_ebp}
08049243  c3                 retn     {__return_addr}

Maybe we can try to compact the code mov dword [ebp-0x4 {var_8_1}], 0x0 and mov eax, dword [ebp-0x4 {var_8_1}] to return 0 However, return varX is already present in Binary Ninjas MLIL. So I don't know if we can or want to fix this.

Approach

No response

steffenenders avatar Feb 18 '22 13:02 steffenenders