added noreturn to runtimepanic, improved return types and fixed the slice type

Author: felberj

.gitignore

@@ -1,3 +1,4 @@
+.DS_Store
 .antProperties.xml
 .classpath
 .gradle/

README.md

@@ -5,6 +5,9 @@ Plugin to assist reversing Golang binaries with Ghidra.
 
 This is in a VERY early stage and for now only handles linux/x86_64 binaries.
 
+# Usage
+
+When importing, select the Language **x86:LE:64:golang:default**
 
 # Features
 

data/languages/golang1.12.cspec

@@ -69,7 +69,8 @@ felber: copied from Ghidra/Processors/x86/data/languages/x86-64-gcc.cspec
       </input>
       <output killedbycall="true">
   	  	<pentry minsize="1" maxsize="64" align="8">
-          <addr offset="-24" space="stack"/>
+  	  	<!-- TODO(felber) offset=0 is wrong, but I cannot seem to fix this -->
+          <addr offset="8" space="stack"/>
         </pentry>
       </output>
       <!-- <killedbycall>

src/main/java/gotools/GoReturntypeAnalyzer.java

@@ -106,32 +106,38 @@ private void detectReturnTypes(Program p, TaskMonitor m, MessageLog log, Functio
       return;
     }
     long numberOfArgs = totalArgReturnVals - numberOfRet;
-    if (f.getReturnType().getLength() != numberOfRet * pointerSize) {
+    if (f.getReturnType().getLength() != numberOfRet * pointerSize
+        || (numberOfRet != 0 && f.getReturn().getStackOffset() != minWrite)) {
+      f.setCustomVariableStorage(true);
       try {
         switch (numberOfRet) {
           case 0:
             f.setReturnType(DataType.VOID, SourceType.ANALYSIS);
             break;
           case 1:
-            f.setCustomVariableStorage(true);
             Undefined8DataType t = new Undefined8DataType();
-            f.setReturn(t, new VariableStorage(p, minWrite, t.getLength()), SourceType.ANALYSIS);
+            // The type is set to imported because otherwise we cannot overwrite it
+            f.setReturn(t, new VariableStorage(p, minWrite, t.getLength()), SourceType.IMPORTED);
             break;
           default:
-            f.setCustomVariableStorage(true);
             StructureDataType s =
                 new StructureDataType(String.format("ret_%d", f.getSymbol().getID()), 0);
             for (int i = 0; i < numberOfRet; i++) {
               s.add(new Undefined8DataType());
             }
-            f.setReturn(s, new VariableStorage(p, minWrite, s.getLength()), SourceType.ANALYSIS);
+            // The type is set to imported because otherwise we cannot overwrite it
+            f.setReturn(s, new VariableStorage(p, minWrite, s.getLength()), SourceType.IMPORTED);
             break;
         }
       } catch (InvalidInputException e) {
         log.appendException(e);
       }
     }
-    if (f.getParameterCount() != numberOfArgs) {
+    int paramenterLen = 0;
+    for (Parameter param : f.getParameters()) {
+      paramenterLen += param.getLength();
+    }
+    if (paramenterLen != numberOfArgs) {
       // Set the parameters
       Parameter[] params = f.getParameters();
       List<Variable> newParams = new Vector<>();

src/main/java/gotools/GoSpecialFunctionAnalyzer.java

@@ -0,0 +1,30 @@
+package gotools;
+
+import ghidra.app.services.AnalyzerType;
+import ghidra.app.util.importer.MessageLog;
+import ghidra.program.model.address.AddressSetView;
+import ghidra.program.model.listing.Function;
+import ghidra.program.model.listing.Program;
+import ghidra.program.model.symbol.Symbol;
+import ghidra.util.exception.CancelledException;
+import ghidra.util.task.TaskMonitor;
+
+public class GoSpecialFunctionAnalyzer extends AnalyzerBase {
+  public GoSpecialFunctionAnalyzer() {
+    super("Golang Special functions analyzer", "analyzes special functiosn in go",
+        AnalyzerType.FUNCTION_ANALYZER);
+  }
+
+  @Override
+  public boolean added(Program program, AddressSetView addressSetView, TaskMonitor taskMonitor,
+      MessageLog messageLog) throws CancelledException {
+    for (Symbol s : program.getSymbolTable().getSymbols("runtime.panicindex")) {
+      Function f = program.getFunctionManager().getFunctionAt(s.getAddress());
+      if (f == null) {
+        continue;
+      }
+      f.setNoReturn(true);
+    }
+    return false;
+  }
+}

src/main/java/gotools/GoTypesAnalyzer.java

@@ -9,7 +9,7 @@
 import ghidra.util.task.TaskMonitor;
 
 public class GoTypesAnalyzer extends AnalyzerBase {
-  GoTypesAnalyzer() {
+  public GoTypesAnalyzer() {
     super("Go Types Analyzer", "Analyzes Types like string and slices",
         AnalyzerType.FUNCTION_ANALYZER);
   }
@@ -19,13 +19,14 @@ public boolean added(Program program, AddressSetView addressSetView, TaskMonitor
       MessageLog messageLog) throws CancelledException {
     StructureDataType s = new StructureDataType("GoString", 0);
     s.add(new QWordDataType(), "len", null);
-    s.add(new PointerDataType(new CharDataType()), "str", null);
+    s.add(new Pointer64DataType(new CharDataType()), "str", null);
     program.getDataTypeManager().addDataType(s, DataTypeConflictHandler.KEEP_HANDLER);
 
     StructureDataType sl = new StructureDataType("GoSlice", 0);
+    sl.add(new PointerDataType(), 8, "data", null);
     sl.add(new QWordDataType(), "len", null);
     sl.add(new QWordDataType(), "cap", null);
-    sl.add(new PointerDataType());
+
     program.getDataTypeManager().addDataType(sl, DataTypeConflictHandler.KEEP_HANDLER);
     return false;
   }

testdata/.gitignore

@@ -0,0 +1 @@
+slices

testdata/Makefile

@@ -0,0 +1,2 @@
+slices:
+	GOOS=linux go build -gcflags '-N -l' slices.go

testdata/slices.go

@@ -0,0 +1,39 @@
+package main
+
+/*
+    undefined8	<RETURN>	Stack[0x20]:8
+1	/GoSlice    Unaligned
+Structure GoSlice {
+}
+Size = 24   Actual Alignment = 1
+	slice	Stack[0x8]:24
+*/
+func getLen(a []int) int {
+	return len(a)
+}
+
+func getFirst(a []int) int {
+	return a[0]
+}
+
+func get(a []int, x int) int {
+	return a[x]
+}
+
+func getCap(a []int) int {
+	return cap(a)
+}
+
+func createSlice() []int {
+	return []int{1, 2, 3, 4, 5, 6, 7}
+}
+
+func main() {
+	a := createSlice()
+	l := getLen(a)
+	f := getFirst(a)
+	e := get(a, 3)
+	c := getCap(a)
+
+	_ = l + f + e + c
+}