Trying to run unicorn-emulate with an ARM64 binary causes a syntax error #80
Description
- Did you use the latest version of GEF from
devbranch? - Is your bug specific to GEF (not GDB)? - Try to reproduce it running
gdb -nx - Did you search through the documentation first?
- Did you check issues (including
the closed ones) - and the PR?
Step 1: Describe your environment
- Operating System / Distribution: Arch linux
- Architecture: x64 (using aarch64-linux-gnu-gdb)
- GEF version: [2830670] (btw, the
versioncommand gives the hash for my dotfiles repo since I have that cloned in ~)
Step 2: Describe your problem
I tried to run unicorn-emulate with a program compiled for ARM64 but ran into a syntax error in a generated file.
For a minimal test case I used this program compiled with aarch64-linux-gnu-gcc.
int main(){ return 0; }I then ran aarch64-linux-gnu-gdb a.out followed by target sim, load, starti and emu.
Observed Results
Running emu gave me this error:
gef➤ emu
[+] Starting emulation: 0x0 → 0x4
[!] Command 'unicorn-emulate' failed to execute properly, reason: Command '[PosixPath('/usr/bin/python3'), '/tmp/gef-uc-4hoxcpjm.py']' returned non-zero exit status 1.
I then tried running the generated file outside gdb and got this error message:
% python3 /tmp/gef-uc-815xbo0q.py
File "/tmp/gef-uc-815xbo0q.py", line 18
cs = capstone.Cs(capstone.CS_ARCH_ARM64, capstone.0|capstone.CS_MODE_LITTLE_ENDIAN)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
SyntaxError: invalid syntax. Perhaps you forgot a comma?
I noticed that the 0 comes from gef_to_cs_arch returning "0" as the mode in the case of ARM64. Should this perhaps be "CS_MODE_ARM" instead.