Version and Platform (required):
- Binary Ninja Version: 5.4.9459-dev Personal (b2c37a6b)
- Edition: Non-Commercial
Bug Description:
Actually it's a semi-feature request semi-bug.
Currently when lifting syscalls on Darwin platforms, BN doesn't use CF as one of the return values of a syscall (on darwin platforms system calls return success status in CarryFlag, CF = 0 - success, fail otherwise), which leads to incorrect IL code being generated when the original code takes CF into account.
Here is example of such case:
IL uses cond:0 from earlier comparison instead of using syscalls result.
Steps To Reproduce:
Please provide all steps required to reproduce the behavior:
- Open sharedcache
- Navigate to some syscall wrapper (for example getpid)
Expected Behavior:
BN should clobber the CF and count it.
Binary:
I won't upload whole ios sharedcache, but you can check yourself with any of syscall wrappers there
Additional Information:
As @ glenns suggested me in slack, it can be workarounded via tweaking lifting of syscall instruction, but it is still a workaround and not as clean as it desired to be.
Version and Platform (required):
Bug Description:
Actually it's a semi-feature request semi-bug.
Currently when lifting syscalls on Darwin platforms, BN doesn't use CF as one of the return values of a syscall (on darwin platforms system calls return success status in CarryFlag, CF = 0 - success, fail otherwise), which leads to incorrect IL code being generated when the original code takes CF into account.
Here is example of such case:
IL uses
cond:0from earlier comparison instead of using syscalls result.Steps To Reproduce:
Please provide all steps required to reproduce the behavior:
Expected Behavior:
BN should clobber the CF and count it.
Binary:
I won't upload whole ios sharedcache, but you can check yourself with any of syscall wrappers there
Additional Information:
As @ glenns suggested me in slack, it can be workarounded via tweaking lifting of syscall instruction, but it is still a workaround and not as clean as it desired to be.