fixme

Author: tesuji

pwnlib/asm.py

@@ -388,7 +388,7 @@ def _bfdname():
         'sparc64' : 'elf64-sparc',
     }
 
-    name = bfdnames.get(arch, None)
+    name = bfdnames.get(arch)
     if not name:
         raise Exception("Cannot find bfd name for architecture %r" % arch)
     return name
@@ -409,7 +409,7 @@ def _bfdarch():
         'loongarch64': 'loongarch64'
     }
 
-    return convert.get(arch, None) or arch
+    return convert.get(arch, arch)
 
 def _run(cmd, stdin = None):
     log.debug('%s', subprocess.list2cmdline(cmd))

pwnlib/elf/elf.py

@@ -1175,8 +1175,9 @@ def libc_start_main_return(self):
         elif self.arch == 'aarch64':
             call_instructions = set([cs.CS_GRP_CALL])
         elif self.arch in ['mips', 'mips64']:
-            # FIXME: might need to fix upstream to include bal to CS_GRP_CALL
+            # FIXME: `bal` was not included in CS_GRP_CALL. This is fixed on capstone v6.alpha
             call_instructions = set([cs.CS_GRP_CALL, cs.CS_GRP_BRANCH_RELATIVE])
+            # call_instructions = set([cs.CS_GRP_CALL])
             # Account for the delay slot.
             call_return_offset = 2
         elif self.arch in ['i386', 'amd64', 'ia64']:
@@ -1190,12 +1191,12 @@ def libc_start_main_return(self):
         func = self.functions['__libc_start_main']
         code = self.read(func.address, func.size)
         dis = list(md.disasm(code, func.address))
-        print("dis:", dis)
+        # print("dis:", dis)
 
         exit_addr = self.symbols['exit']
 
         calls = [(i, x) for i, x in enumerate(dis) if call_instructions & set(x.groups)]
-        print("calls:", calls)
+        # print("calls:", calls)
 
         def find_ret_main_addr(caller_dis, calls):
             call_to_main = -1