Skip to content

Commit 4bb3016

Browse files
bdashbdash
committed
[ObjC] Propagate type information from calls to [super init]
Calls to `objc_msgSendSuper2` with a selector in the `init` family are detected and their arguments are analyzed to determine the receiver class. A call type adjustment is added to update the return type. This handles most calls to `[super init]` from Objective-C code as the compiler generates a straightforward code sequence for these calls. Some calls from Swift are handled, but the Swift compiler generates more varied code so additional work is needed for complete coverage.
1 parent 11c2e94 commit 4bb3016

File tree

8 files changed

+389
-10
lines changed

8 files changed

+389
-10
lines changed

Cargo.lock

Lines changed: 12 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

plugins/workflow_objc/Cargo.toml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,3 +14,4 @@ log = "0.4"
1414
dashmap = { version = "6.1", features = ["rayon"]}
1515
once_cell = "1.20"
1616
thiserror = "2.0"
17+
bstr = "1.12"

plugins/workflow_objc/src/activities/mod.rs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,3 @@
11
pub mod inline_stubs;
22
pub mod objc_msg_send_calls;
3+
pub mod super_init;

plugins/workflow_objc/src/activities/objc_msg_send_calls.rs

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ use binaryninja::{
1212
};
1313

1414
use crate::{
15+
error::ILLevel,
1516
metadata::{GlobalState, Selector},
1617
Error,
1718
};
@@ -31,11 +32,17 @@ pub fn process(ac: &AnalysisContext) -> Result<(), Error> {
3132

3233
let func_start = ac.function().start();
3334
let Some(llil) = (unsafe { ac.llil_function() }) else {
34-
return Err(Error::MissingLowLevelIL { func_start });
35+
return Err(Error::MissingIL {
36+
level: ILLevel::Low,
37+
func_start,
38+
});
3539
};
3640

3741
let Some(ssa) = llil.ssa_form() else {
38-
return Err(Error::MissingSsaForm { func_start });
42+
return Err(Error::MissingSsaForm {
43+
level: ILLevel::Low,
44+
func_start,
45+
});
3946
};
4047

4148
let func = ac.function();

plugins/workflow_objc/src/activities/objc_msg_send_calls/adjust_call_type.rs

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,9 +11,7 @@ use binaryninja::{
1111
};
1212

1313
use super::MessageSendType;
14-
use crate::{metadata::Selector, Error};
15-
16-
const HEURISTIC_CONFIDENCE: u8 = 192;
14+
use crate::{metadata::Selector, workflow::Confidence, Error};
1715

1816
fn named_type(bv: &BinaryView, name: &str) -> Option<Ref<Type>> {
1917
bv.type_by_name(name)
@@ -68,7 +66,7 @@ pub fn process_call(
6866
let func_type = Type::function(&return_type, params, false);
6967
func.set_auto_call_type_adjustment(
7068
insn.address(),
71-
Conf::new(func_type, HEURISTIC_CONFIDENCE).as_ref(),
69+
Conf::new(func_type, Confidence::ObjCMsgSend as u8).as_ref(),
7270
Some(arch),
7371
);
7472

0 commit comments

Comments
 (0)