xiaoyinl
xiaoyinl
Currently gcc compiled Windows PE files are not demangled by the GNU demangler. This issue will be fixed after both #4514 and this PR are merged. Before: ...
Before:  After: 
The GCC's offset to code may not necessarily be 0x1000. This bug causes some GCC compiled binaries mistakenly identified as visual studio binaries. For example, this hello world exe ([helloworld.zip](https://github.com/NationalSecurityAgency/ghidra/files/9276100/helloworld.zip))...
IMAGE_DANS_SIGNATURE should be XOR'ed with the mask.
Valid values of `_IMAGE_DEBUG_DIRECTORY::Type` are between 0 and 20. Currently, `IMAGE_DEBUG_TYPE_EX_DLLCHARACTERISTICS (20)` is used when importing DLL files that have [/CETCOMPAT](https://docs.microsoft.com/en-us/cpp/build/reference/cetcompat?view=msvc-160) flag enabled. I think almost all Windows 11 system...
Jython 2.7.3b1 has been [released](https://search.maven.org/artifact/org.python/jython-standalone/2.7.3b1/jar). It fixes the binary hijacking vulnerability CVE-2019-17664 (#107, jython/jython#136).
The "Status" message on https://hstspreload.org/removal/ page is confusing, e.g. "Status: wikipedia.org is currently preloaded, but no longer meets the requirements. It may be at risk of removal." This message is...
**Describe the bug** This is what I did when the exception was thrown: open a Windows x86-64 PE file. Patch the instruction `CALL __security_check_cookie` (at 140002254 in the screenshot). Delete...
Currently if the Listing panel is not focused, One Shot analyzers are disabled. I wonder if this restriction is necessary. This part is one place that relies on Listing context,...
**Describe the bug** Ghidra can't parse the following C code: ``` void testFunc() { typedef int MYTESTFN(int); MYTESTFN* func = (MYTESTFN*)0; } ``` The error is: ``` Parse Errors: C...