Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 07-06-2021, 11:18
WhoCares's Avatar
WhoCares WhoCares is offline
who cares
 
Join Date: Jan 2002
Location: Here
Posts: 409
Rept. Given: 10
Rept. Rcvd 16 Times in 14 Posts
Thanks Given: 41
Thanks Rcvd at 155 Times in 61 Posts
WhoCares Reputation: 17
IDA can't properly deal with RUST strings

RUST strings are not zero-terminated, so there is no delimiter for two strings which are in a consecutive memory region.

RUST compiler/linker puts many constant strings in the ".rodata" segment.

Currently IDA can't properly handle this. It needs to be updated, e.g. adding RUST compiler type(no stable ABI) and RUST string literal type. Or writing some plugins to do this.
__________________
AKA Solomon/blowfish.
Reply With Quote
The Following User Says Thank You to WhoCares For This Useful Post:
tonyweb (07-06-2021)
  #2  
Old 07-07-2021, 11:04
TQN TQN is online now
VIP
 
Join Date: Apr 2003
Location: Vietnam
Posts: 342
Rept. Given: 142
Rept. Rcvd 20 Times in 12 Posts
Thanks Given: 166
Thanks Rcvd at 129 Times in 42 Posts
TQN Reputation: 20
You can try with this Rust reversing helper
https://github.com/cha5126568/rust-reversing-helper
Reply With Quote
The Following User Says Thank You to TQN For This Useful Post:
tonyweb (07-07-2021)
  #3  
Old 07-08-2021, 00:28
WhoCares's Avatar
WhoCares WhoCares is offline
who cares
 
Join Date: Jan 2002
Location: Here
Posts: 409
Rept. Given: 10
Rept. Rcvd 16 Times in 14 Posts
Thanks Given: 41
Thanks Rcvd at 155 Times in 61 Posts
WhoCares Reputation: 17
thank u for the info.

This python script uses "idaapi.create_strlit(addr, len, get_inf_attr(INF_STRTYPE))" to create string literals.

get_inf_attr(INF_STRTYPE) returns the current string literal type.
But RUST string literal doesn't match any of the known string literal types of IDA.

The string length is hard-coded in a MOV instruction, usually moved to a register like ESI.

Quote:
Originally Posted by TQN View Post
You can try with this Rust reversing helper
https://github.com/cha5126568/rust-reversing-helper
__________________
AKA Solomon/blowfish.
Reply With Quote
The Following 2 Users Say Thank You to WhoCares For This Useful Post:
sh3dow (08-24-2021), tonyweb (07-08-2021)
  #4  
Old 07-08-2021, 10:46
TQN TQN is online now
VIP
 
Join Date: Apr 2003
Location: Vietnam
Posts: 342
Rept. Given: 142
Rept. Rcvd 20 Times in 12 Posts
Thanks Given: 166
Thanks Rcvd at 129 Times in 42 Posts
TQN Reputation: 20
Thanks WhoCares
IDA and create_strlit function can create a NON NULL Terminated string.
The len parameter in create_strlit function specifies the length of the string, not necessary to include NULL char
Best regards,
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Rust/WinRT Public Preview WhoCares General Discussion 2 05-05-2020 03:22
Don't get Olly to work properly squareD General Discussion 3 06-12-2006 01:31
IDA IDC-script: cannot shift right properly amitophia General Discussion 2 03-28-2004 18:26
How to deal with threads ? bcl25 General Discussion 4 03-29-2003 06:22


All times are GMT +8. The time now is 08:40.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )