Note the hack used for normalize style analysis broke in 10.2

nccgroup · Nov 5, 2022 · 34d970a · 34d970a
1 parent a21a848
commit 34d970a
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -61,7 +61,7 @@ These can be found in the Golang category in the Script Manager.
 * `GoDynamicStringsSingle.java`
   * Performs the same analysis as `GoDynamicStrings.java`, but uses a single decompiler process. Use this if analyzing a large binary causes the parallel decompiler processes to exhaust system memory.
 * `GoDynamicStringsHigh.java`
-  * Experimental, uses P-Code output from the higher level "normalize" style analysis. Currently depends on a hack that turns off deadcode elimination in the decompiler (see <https://research.nccgroup.com/2022/05/20/earlyremoval-in-the-conservatory-with-the-wrench/>).
+  * Experimental, uses P-Code output from the higher level "normalize" style analysis. Currently depends on a hack that turns off deadcode elimination in the decompiler (see <https://research.nccgroup.com/2022/05/20/earlyremoval-in-the-conservatory-with-the-wrench/>). *This hack breaks in Ghidra 10.2.*
 * `GoKnownStrings.java`
   * Searches for standard unique strings and defines them. String data is loaded from `data/known_strings.json`.
 * `GoStringFiller.java`

diff --git a/ghidra_scripts/GoDynamicStringsHigh.java b/ghidra_scripts/GoDynamicStringsHigh.java
@@ -23,6 +23,8 @@
 //This version uses a hack combined with the "normalize" simplification
 //style to preserve nicer COPY operations in the PCode output,
 //which clearly indicate a constant value being copied to the stack.
+//
+//NOTE: The hack this script depends on breaks in Ghidra 10.2.
 //@author James Chambers <[email protected]>
 //@category Golang
 //@keybinding