Giters

uxmal / reko

Reko is a binary decompiler.

Home Page:https://uxmal.github.io/reko

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

TypeAnalysis/ComplexExpressionRewiter do incorrect rewriting of fields of LARGE_INTEGER union

ptomin opened this issue · comments

commented

See https://github.com/ptomin/reko/blob/6fae491935dce345542de2be03aebbf278cc83a9/subjects/PE/x86/pySample/shingledPySample.reko/pySample_text.c#L444

The type of tLoc14 is LARGE_INTEGER union.

typedef union _LARGE_INTEGER {
  struct {
    DWORD LowPart;
    LONG  HighPart;
  } DUMMYSTRUCTNAME;
  struct {
    DWORD LowPart;
    LONG  HighPart;
  } u;
  LONGLONG QuadPart;
} LARGE_INTEGER;

The result should be

ui32 esi_n = esi_n ^ (tLoc14.HighPart ^ tLoc14.LowPart);

But was

ui32 esi_n = esi_n ^ (tLoc14.dw0004 ^ tLoc14);

It looks like later phase (TypeAnalysis/ComplexExpressionRewiter) can't transform correctly accesses to such unions.