GP-6742 fix gccexception analyzer's absolute pointer calc logic

Binaries imported with modified image base would have incorrect pointers to code from CIE/FDE entries. Side effects would cause invalid function entry points to be placed, which could trigger other undesirable downstream behavior. Found in github issue #9131
2026-06-02 10:27:09 +08:00 · 2026-04-23 13:40:44 +00:00
parent 5c58af215c
commit feea186610
2 changed files with 23 additions and 29 deletions
@@ -263,7 +263,8 @@ abstract class AbstractDwarfEHDecoder implements DwarfEHDecoder {

 		switch (appMode) {
 			case DW_EH_PE_absptr:
-				// just pass this through
+				// adjust abs ptr for any changes to imagebase during import
+				val = context.getImageBaseAdjustment() + val;
 				break;

 			case DW_EH_PE_aligned:
@@ -15,10 +15,10 @@
 */
 package ghidra.app.plugin.exceptionhandlers.gcc;

+import ghidra.app.util.opinion.ElfLoader;
 import ghidra.program.model.address.Address;
 import ghidra.program.model.listing.Function;
 import ghidra.program.model.listing.Program;
-import ghidra.program.model.mem.MemBuffer;
 import ghidra.program.model.mem.MemoryBlock;

 /**
@@ -30,10 +30,10 @@ public class DwarfDecodeContext {
 	private final Address addr;
 	private final MemoryBlock ehBlock;
 	private final Address functionEntryPoint;
+	private final long imageBaseAdjustment;

 	private Object decodedValue;
 	private int encodedLength;
-	private MemBuffer buffer;

 	/**
 	 * Constructs a Dwarf decode context.
@@ -95,31 +95,16 @@ public class DwarfDecodeContext {
 		this.addr = readAddr;
 		this.ehBlock = ehBlock;
 		this.functionEntryPoint = entryPoint;
+		this.imageBaseAdjustment = getImageBaseAdjustment(program);

 	}

-	/**
-	 * Constructs a Dwarf decode context.
-	 * @param buffer the memory buffer which provides the program and address of the encoded data 
-	 * @param length the length of the encoded data
-	 */
-	public DwarfDecodeContext(MemBuffer buffer, int length) {
-		this(buffer, length, null, null);
-	}
-
-	/**
-	 * Constructs a Dwarf decode context.
-	 * @param buf the memory buffer which provides the program and address of the encoded data 
-	 * @param length the length of the encoded data
-	 * @param ehBlock the exception handling memory block
-	 * @param entryPoint the function entry point
-	 */
-	public DwarfDecodeContext(MemBuffer buf, int length, MemoryBlock ehBlock, Address entryPoint) {
-		this.buffer = buf;
-		this.program = buffer.getMemory().getProgram();
-		this.addr = buffer.getAddress();
-		this.ehBlock = ehBlock;
-		this.functionEntryPoint = entryPoint;
+	private static long getImageBaseAdjustment(Program program) {
+		Long originalImageBase = ElfLoader.getElfOriginalImageBase(program);
+		if (originalImageBase != null) {
+			return program.getImageBase().getOffset() - originalImageBase;
+		}
+		return 0;
 	}

 	/**
@@ -180,4 +165,12 @@ public class DwarfDecodeContext {
 	public Address getFunctionEntryPoint() {
 		return functionEntryPoint;
 	}
+
+	/**
+	 * {@return any adjustment needed to be applied to absolute addresses (because the program's
+	 * base address was modified during import)}
+	 */
+	public long getImageBaseAdjustment() {
+		return imageBaseAdjustment;
+	}
 }