From ccd2cd37a5d367f9cebeadf0e0872b62c71dec02 Mon Sep 17 00:00:00 2001 From: KeybadeBlox Date: Fri, 13 Feb 2026 23:37:22 -0500 Subject: [PATCH] Defend against spurious references during mangling Ghidra sometimes identifies random numbers as pointers, which trips up our mangler script when it encounters them as they generally have no type information. We now use heuristics to ignore such references. --- decompile/objdiff.json | 2 +- ghidra/ghidra_scripts/MSVC7Mangle.java | 61 +++++++++++++++----------- 2 files changed, 37 insertions(+), 26 deletions(-) diff --git a/decompile/objdiff.json b/decompile/objdiff.json index b1ccc19..e75b006 100644 --- a/decompile/objdiff.json +++ b/decompile/objdiff.json @@ -44,4 +44,4 @@ } } ] -} +} \ No newline at end of file diff --git a/ghidra/ghidra_scripts/MSVC7Mangle.java b/ghidra/ghidra_scripts/MSVC7Mangle.java index 13e45b2..100165d 100644 --- a/ghidra/ghidra_scripts/MSVC7Mangle.java +++ b/ghidra/ghidra_scripts/MSVC7Mangle.java @@ -94,26 +94,12 @@ public class MSVC7Mangle extends GhidraScript{ mangle(s); + // Also mangle everything referenced inside functions + // if headless if ( isRunningHeadless() && s.getObject() instanceof Function f - ) { - // Also mangle everything referenced inside f - for ( - Instruction ins = getFirstInstruction(f); - ins != null && f.getBody().contains(ins.getAddress()); - ins = ins.getNext() - ) { - final Reference[] refs = ins.getReferencesFrom(); - for (int i = 0; i < refs.length; i++) { - final Symbol symbol = getSymbolAt(refs[i].getToAddress()); - if ( // Guard against spurious references to nonexisting things - symbol != null && - symbol.getObject() != null - ) mangle(symbol); - } - } - } + ) mangleRefs(f); } } @@ -136,7 +122,7 @@ public class MSVC7Mangle extends GhidraScript{ // Apply new name if (mangled != null) { s.setName(mangled, SourceType.USER_DEFINED); - makeGlobal(s); + s.setNamespace(currentProgram.getGlobalNamespace()); if (s.getObject() instanceof Function f) { // Also apply to target function if f is thunk @@ -144,7 +130,7 @@ public class MSVC7Mangle extends GhidraScript{ if (thunked != null) { final Symbol ts = thunked.getSymbol(); ts.setName(mangled, SourceType.USER_DEFINED); - makeGlobal(ts); + ts.setNamespace(currentProgram.getGlobalNamespace()); } } } @@ -594,11 +580,36 @@ public class MSVC7Mangle extends GhidraScript{ return (int)crc.getValue() ^ 0xFFFFFFFF; } - private static void makeGlobal(final Symbol s) throws Exception { - /* Move into the global namespace */ - // I cannot for the life of me find a more convenient way of - // doing this - while (!s.isGlobal()) s.setNamespace(s.getParentNamespace() - .getParentNamespace()); + private void mangleRefs(final Function f) throws Exception { + /* Mangle all symbols referenced in the body of a function */ + for ( + Instruction ins = getFirstInstruction(f); + ins != null && f.getBody().contains(ins.getAddress()); + ins = ins.getNext() + ) { + final Reference[] refs = ins.getReferencesFrom(); + for (int i = 0; i < refs.length; i++) { + final Symbol symbol = getSymbolAt(refs[i].getToAddress()); + + // Guard against spurious references to nonexisting things + if ( + symbol == null || + symbol.getObject() == null || + ( + symbol.getObject() instanceof Data d && + ( + d.getBaseDataType() instanceof Undefined || + d.getBaseDataType() instanceof DefaultDataType + ) && + refs[i].getSource() != SourceType.USER_DEFINED + ) + ) { + removeReference(refs[i]); + continue; + } + + mangle(symbol); + } + } } }