arbruijn · September 29, 2020 10:28
diff --git a/fix_indirect_stdcall.patch b/fix_indirect_stdcall.patch
 diff --git a/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc b/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc
 index b6fc42db8..45244b4da 100644
 --- a/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc
 +++ b/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc
 @@ -1206,8 +1206,16 @@ int4 ActionDeindirect::apply(Funcdata &data)
 	  if (!fc->isInputLocked()) {
 	    // We use isInputLocked as a test of whether the
 	    // function pointer prototype has been applied before
 +	    int extraPopWasUnknown = fc->getExtraPop() == ProtoModel::extrapop_unknown;
 	    fc->forceSet(data,*fp);
 	    count += 1;
 +	    if (extraPopWasUnknown && fc->getExtraPop() != ProtoModel::extrapop_unknown &&
 +	      !data.getOverride().hasProtoOverride()) {
 +	      FuncProto *newproto = new FuncProto();
 +	      newproto->copy(*fp);
 +	      data.getOverride().insertProtoOverride(op->getAddr(),newproto);
 +	      data.setRestartPending(true);
 +	    }
 	  }
 	}
 	// FIXME: If fc's input IS locked presumably this means
 diff --git a/Ghidra/Features/Decompiler/src/decompile/cpp/override.hh b/Ghidra/Features/Decompiler/src/decompile/cpp/override.hh
 index 2b7195d44..0de281d38 100644
 --- a/Ghidra/Features/Decompiler/src/decompile/cpp/override.hh
 +++ b/Ghidra/Features/Decompiler/src/decompile/cpp/override.hh
 @@ -79,6 +79,7 @@ public:
   void restoreXml(const Element *el,Architecture *glb);
   static string typeToString(uint4 tp);			///< Convert a flow override type to a string
   static uint4 stringToType(const string &nm);		///< Convert a string to a flow override type
 +  bool hasProtoOverride(void) const { return (!protoover.empty()); }	///< Are there any prototype overrides
 };
 
 #endif
	diff --git a/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc b/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc
	index b6fc42db8..45244b4da 100644
	--- a/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc
	+++ b/Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc
	@@ -1206,8 +1206,16 @@ int4 ActionDeindirect::apply(Funcdata &data)
	if (!fc->isInputLocked()) {
	// We use isInputLocked as a test of whether the
	// function pointer prototype has been applied before
	+ int extraPopWasUnknown = fc->getExtraPop() == ProtoModel::extrapop_unknown;
	fc->forceSet(data,*fp);
	count += 1;
	+ if (extraPopWasUnknown && fc->getExtraPop() != ProtoModel::extrapop_unknown &&
	+ !data.getOverride().hasProtoOverride()) {
	+ FuncProto *newproto = new FuncProto();
	+ newproto->copy(*fp);
	+ data.getOverride().insertProtoOverride(op->getAddr(),newproto);
	+ data.setRestartPending(true);
	+ }
	}
	}
	// FIXME: If fc's input IS locked presumably this means
	diff --git a/Ghidra/Features/Decompiler/src/decompile/cpp/override.hh b/Ghidra/Features/Decompiler/src/decompile/cpp/override.hh
	index 2b7195d44..0de281d38 100644
	--- a/Ghidra/Features/Decompiler/src/decompile/cpp/override.hh
	+++ b/Ghidra/Features/Decompiler/src/decompile/cpp/override.hh
	@@ -79,6 +79,7 @@ public:
	void restoreXml(const Element el,Architecture glb);
	static string typeToString(uint4 tp); ///< Convert a flow override type to a string
	static uint4 stringToType(const string &nm); ///< Convert a string to a flow override type
	+ bool hasProtoOverride(void) const { return (!protoover.empty()); } ///< Are there any prototype overrides
	};

	#endif