handle VARIABLE varnode in GoFuncCallStrings

jamchamb · jamchamb · commit 255b8e5fc6e7 · 2024-03-05T15:11:29.000-05:00
diff --git a/ghidra_scripts/GoFuncCallStrings.java b/ghidra_scripts/GoFuncCallStrings.java
@@ -82,7 +82,9 @@ protected List<CandidateGroup> callParamsCheck(PcodeOpAST pcodeOpAST) {
                 addrCandidates.addAll(addrs.stream()
                         .map(addr -> new AddressCandidate(addr, 0xdeadbeef, pcodeOpAST))
                         .collect(Collectors.toList()));
-                continue;
+                constants.removeAll(addrs.stream()
+                        .map(addr -> addr.getOffset())
+                        .collect(Collectors.toList()));
             }
 
             List<Integer> lens = filterLengthConstants(constants);
diff --git a/src/main/java/ghostrings/PcodeUtil.java b/src/main/java/ghostrings/PcodeUtil.java
@@ -234,12 +234,12 @@ private static List<Long> getConstantInputs(FlatProgramAPI programAPI, Varnode v
             return results;
         }
 
+        PcodeOp def = varnode.getDef();
+
         if (varnode.isConstant()) {
             results.add(varnode.getOffset());
-        } else if (varnode.isRegister() && varnode.getDef() != null) {
+        } else if (varnode.isRegister() && def != null) {
             // Register may hold a constant
-            PcodeOp def = varnode.getDef();
-
             switch (def.getOpcode()) {
             case PcodeOp.LOAD:
                 // Check for LOAD op that loaded a constant into the register,
@@ -276,6 +276,10 @@ private static List<Long> getConstantInputs(FlatProgramAPI programAPI, Varnode v
                 }
                 break;
             }
+        } else if (def != null && def.getOpcode() == PcodeOp.PIECE) {
+            for (Varnode pieceInput: def.getInputs()) {
+                results.addAll(getConstantInputs(programAPI, pieceInput, depth + 1));
+            }
         }
 
         return results;

Original file line number	Diff line number	Diff line change
`@@ -234,12 +234,12 @@ private static List<Long> getConstantInputs(FlatProgramAPI programAPI, Varnode v`
`234`	`234`	`return results;`
`235`	`235`	`}`
`236`	`236`
	`237`	`+ PcodeOp def = varnode.getDef();`
	`238`	`+`
`237`	`239`	`if (varnode.isConstant()) {`
`238`	`240`	`results.add(varnode.getOffset());`
`239`		`- } else if (varnode.isRegister() && varnode.getDef() != null) {`
	`241`	`+ } else if (varnode.isRegister() && def != null) {`
`240`	`242`	`// Register may hold a constant`
`241`		`- PcodeOp def = varnode.getDef();`
`242`		`-`
`243`	`243`	`switch (def.getOpcode()) {`
`244`	`244`	`case PcodeOp.LOAD:`
`245`	`245`	`// Check for LOAD op that loaded a constant into the register,`
`@@ -276,6 +276,10 @@ private static List<Long> getConstantInputs(FlatProgramAPI programAPI, Varnode v`
`276`	`276`	`}`
`277`	`277`	`break;`
`278`	`278`	`}`
	`279`	`+ } else if (def != null && def.getOpcode() == PcodeOp.PIECE) {`
	`280`	`+ for (Varnode pieceInput: def.getInputs()) {`
	`281`	`+ results.addAll(getConstantInputs(programAPI, pieceInput, depth + 1));`
	`282`	`+ }`
`279`	`283`	`}`
`280`	`284`
`281`	`285`	`return results;`