Skip to content

Analysis creates stack variable of type int128_t for pushes instead of treating them as parameters to a function callΒ #6452

New issue
New issue
Open
Bug
Open
Analysis creates stack variable of type int128_t for pushes instead of treating them as parameters to a function call#6452
Bug
Labels
Component: CoreIssue needs changes to the coreEffort: MediumIssues require < 1 month of workImpact: LowIssue is a papercut or has a good, supported workaround
Milestone
Future
@xusheng6

Description

@xusheng6
xusheng6
opened on Feb 26, 2025

Image

In the screenshot, there is a call to ReadFile, but its parameters are not properly populated. I tracked down the cause and it seems that the analysis created the var_40_1 of type int128_t, which essentially treats the several pushes of the function parameters are an assignment to a stack variable. If I just the type of var_40_1 to a int32_t it will be fixed

archive.zip

passwd: infected

caution malware

Metadata

Metadata

Assignees

No one assigned

    Labels

    Component: CoreIssue needs changes to the coreEffort: MediumIssues require < 1 month of workImpact: LowIssue is a papercut or has a good, supported workaround

    Type

    Bug

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions