Topic: types for variables, flags, and function signatures

Question

Topic: types for variables, flags, and function signatures

Opened this issue 3 years ago · 0 comments

Types are more useful in the decompiler than in disassembly because the decompiler attempts to recover code as higher level as possible, that means that the result of the decompiler usually needs to be cleaned manually; In the case of ghidra, the process is to rename variables (there is also splitting a variable into two separate variables which is something specific to ghidra decompiler), to change variable types, change calling conventions, and change function signatures (ghidra supports automatically applying functions signatures from signature databases or type database), ghidra also has type deduction, an untyped variable automatically picks a type if assigned a value of a known type, this can be a function return value, or if a variable is passed as an argument in a call to a function with known parameter types.

radare does have a type system, but I would describe it as incomplete and incorrect, for instance, it doesn't do alignment, also it doesn't handle properly configuration specific sizes such as the size of a pointer. But is radare really pressed about types? Is the type feature in radare really used by people? I am thinking that ghidra plugin should have its own full featured type system because it makes a significant difference in ghidra while not that much in radare. I have experimented locally with the type system of radare, as well as exporting the variables that ghidra finds back to radare and I came to the conclusion of making ghidra plugin independent, especially that for the latter I found that ghidra has a special kind of variables that are neither a register variable nor a stack variable, they only exist in the intermediate representation so they can't be exported to radare, though ghidra does give them a type and a name. I concluded that mapping features of ghidra to radare one to one may not be feasible nor interesting. Also if ghidra specific code is in the plugin, it wouldn't be deleted from radare because it is "dead code that is not used in radare".