Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fixes arguments in the call-return observation (#970)
* fixes arguments in the call-return observation When a call-return is filled in with the arguments we shouldn't re-evaluate any actuals that are not `Out`, as `In` (obviously) and `In Out` (not that obviously) argument actuals could be already overwritten. A deeper story. When the C language is detected and when we have a prototype for a function, we classify arguments that are passed by reference (i.e., those that are passed by a non-const referenced) as `In Out`. However, when a value is passed by reference the reference itself is passed by value. The fun fact, or why we didn't notice it before. There are two places where `call-return` observation is made, namely in the Primus Interpreter and in the Primus Lisp Interpreter. The latter was always doing the right thing - it was passing the input arguments, and appended the output (as this PR is doing now for the former). Since, our analyses were always focusing on external functions (such as malloc, strcpy, strlen, etc) which were handled by the Primus Lisp interpreter we never noticed anything fishy. Thanks @Isweet for finding this issue up. * updates testsuite * properly init bap-veri sub sub module
- Loading branch information