|
|
@@ -352,7 +352,7 @@ class VtableDisambiguator(angr.Analysis):
|
|
|
tblidx: int
|
|
|
possible_syms: set[Symbol]
|
|
|
|
|
|
- disambiguated_functions = set()
|
|
|
+ disambiguated_func_sigs = set()
|
|
|
function_list: list[VTableFunction] = []
|
|
|
vptr_lists = self.get_vfptrs_from_table(vt)
|
|
|
for table_index, vptrs in enumerate(vptr_lists):
|
|
|
@@ -384,9 +384,13 @@ class VtableDisambiguator(angr.Analysis):
|
|
|
# it's possible that the other function(s) is/are resolveable.
|
|
|
|
|
|
if matched_overload:
|
|
|
- # within a vtable we expect a non-extern symbol to resolvee exactly once,
|
|
|
- # so we can eliminate it from candidacy elsewhere
|
|
|
- disambiguated_functions.add(matched_overload)
|
|
|
+ # within a vtable we expect a non-extern method signature
|
|
|
+ # (name + params) to resolve exactly once, so as a result we can
|
|
|
+ # eliminate a function and its other class variants from candidacy
|
|
|
+ # elsewhere
|
|
|
+ disambiguated_func_sigs.add(
|
|
|
+ dh.extract_method_signature(demangler.parse(matched_overload.name))
|
|
|
+ )
|
|
|
function_list.append(VTableFunction(table_index, {matched_overload}))
|
|
|
continue
|
|
|
|
|
|
@@ -396,6 +400,12 @@ class VtableDisambiguator(angr.Analysis):
|
|
|
if len(vfn.possible_syms) == 1:
|
|
|
continue
|
|
|
|
|
|
+ disambiguated_functions = set(
|
|
|
+ x
|
|
|
+ for x in vfn.possible_syms
|
|
|
+ if dh.extract_method_signature(demangler.parse(x.name))
|
|
|
+ in disambiguated_func_sigs
|
|
|
+ )
|
|
|
remaining_syms = vfn.possible_syms - disambiguated_functions
|
|
|
if len(remaining_syms) == 1:
|
|
|
vfn.possible_syms = remaining_syms
|
