Fix handling of variables with invalid ea (#100)

lifting-bits · Feb 11, 2021 · 561e2f3 · 561e2f3
1 parent 1ea7b64
commit 561e2f3
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 3 deletions.
diff --git a/lib/Analyze.cpp b/lib/Analyze.cpp
@@ -515,7 +515,13 @@ uint64_t XrefExprFolder::VisitSExt(llvm::Value *op, llvm::Type *type) {
 uint64_t XrefExprFolder::VisitTrunc(llvm::Value *op, llvm::Type *type) {
   auto ea = Visit(op);
   const auto dest_size = type->getPrimitiveSizeInBits();
-  CHECK_LT(dest_size, 64u);
+
+  // return ea if dest type is not trucated
+  if (dest_size == 64u) {
+    return ea;
+  }
+
+  CHECK_LE(dest_size, 64u);
   const auto mask = (1ull << dest_size) - 1ull;
   return (ea & mask);
 }

diff --git a/python/anvill/binja.py b/python/anvill/binja.py
@@ -131,8 +131,8 @@ def _collect_xrefs_from_inst(bv, inst, ref_eas, reftype=XrefType.XREF_NONE):
     if not isinstance(inst, bn.LowLevelILInstruction):
         return
 
-    assert not is_unimplemented(bv, inst)
-    assert not is_undef(bv, inst)
+    if is_unimplemented(bv, inst) or is_undef(bv, inst):
+        return
 
     if is_function_call(bv, inst) or is_jump(bv, inst):
         reftype = XrefType.XREF_CONTROL_FLOW
@@ -384,6 +384,10 @@ def visit(self, program, is_definition, add_refs_as_defs):
         # if the function is a declaration, then Anvill only needs to know its symbols and prototypes
         # if its a definition, then Anvill will perform analysis of the function and produce information for the func
         for ref_ea in ref_eas:
+            # If ref_ea is an invalid address
+            seg = program._bv.get_segment_at(ref_ea)
+            if seg is None:
+                continue
             program.try_add_referenced_entity(ref_ea, add_refs_as_defs)
 
     def _extract_types_mlil(
@@ -514,6 +518,11 @@ def get_variable_impl(self, address):
         """Given an address, return a `Variable` instance, or
         raise an `InvalidVariableException` exception."""
 
+        # raise exception if the variable has invalid address
+        seg = self._bv.get_segment_at(address)
+        if seg is None:
+            raise InvalidVariableException("Invalid variable address")
+
         arch = self._arch
         bn_var = self._bv.get_data_var_at(address)
         var_type = get_type(bn_var.type)