GP-649_emteere Relaxed valid code check and added .nep as a valid

emteere · ghidra1 · commit 6507dc965113 · 2021-02-10T18:21:21.000-05:00
section for vftable entries
diff --git a/Ghidra/Features/MicrosoftCodeAnalyzer/src/main/java/ghidra/app/cmd/data/rtti/RttiUtil.java b/Ghidra/Features/MicrosoftCodeAnalyzer/src/main/java/ghidra/app/cmd/data/rtti/RttiUtil.java
@@ -128,6 +128,7 @@ public static int getVfTableCount(Program program, Address vfTableBaseAddress) {
 
 		Memory memory = program.getMemory();
 		MemoryBlock textBlock = memory.getBlock(".text");
+		MemoryBlock nepBlock = memory.getBlock(".nep");
 		AddressSetView initializedAddresses = memory.getLoadedAndInitializedAddressSet();
 		PseudoDisassembler pseudoDisassembler = new PseudoDisassembler(program);
 
@@ -148,17 +149,24 @@ public static int getVfTableCount(Program program, Address vfTableBaseAddress) {
 			if (!initializedAddresses.contains(referencedAddress)) {
 				break; // Not pointing to initialized memory.
 			}
-			if ((textBlock != null) ? !textBlock.equals(memory.getBlock(referencedAddress))
-					: false) {
-				break; // Not pointing to text section.
+
+			// check in .text and .nep if either exists
+			if ( textBlock != null || nepBlock != null) {
+				MemoryBlock refedBlock = memory.getBlock(referencedAddress);
+				boolean inTextBlock = ((textBlock != null) && textBlock.equals(refedBlock));
+				boolean inNepBlock = ((nepBlock != null) && nepBlock.equals(refedBlock));
+				// if not in either labeled .text/.nep block, then bad vftable pointer
+				if (!(inTextBlock || inNepBlock)) {
+					break; // Not pointing to good section.
+				}
 			}
 			
 			// any references after the first one ends the table
 			if (tableSize > 0 && program.getReferenceManager().hasReferencesTo(currentVfPointerAddress)) {
 				break;
 			}
 			
-			if (!pseudoDisassembler.isValidSubroutine(referencedAddress, true)) {
+			if (!pseudoDisassembler.isValidSubroutine(referencedAddress, true, false)) {
 				break; // Not pointing to possible function.
 			}
 
diff --git a/Ghidra/Features/MicrosoftCodeAnalyzer/src/main/java/ghidra/app/cmd/data/rtti/VfTableModel.java b/Ghidra/Features/MicrosoftCodeAnalyzer/src/main/java/ghidra/app/cmd/data/rtti/VfTableModel.java
@@ -37,13 +37,14 @@
 public class VfTableModel extends AbstractCreateDataTypeModel {
 
 	public static final String DATA_TYPE_NAME = "vftable";
+	private static final int NO_LAST_COUNT = -1;
 
 	private DataType dataType;
 	private Rtti4Model rtti4Model;
 
 	private Program lastProgram;
 	private DataType lastDataType;
-	private int lastElementCount = -1;
+	private int lastElementCount = NO_LAST_COUNT;
 	private int elementCount = 0;
 
 	/**
@@ -126,7 +127,7 @@ public void validateModelSpecificInfo() throws InvalidDataTypeException {
 	 */
 	private DataType getDataType(Program program) {
 
-		if (program != lastProgram) {
+		if (program != lastProgram || lastElementCount == NO_LAST_COUNT) {
 			setIsDataTypeAlreadyBasedOnCount(true);
 
 			lastProgram = program;
