fix(core): address PR review follow-ups

Author: r0ny123

src/smda/common/SmdaBasicBlock.py

@@ -35,7 +35,7 @@ def getPicBlockHash(self):
             return self.picblockhash
         picblockhash_sequence = self.getPicBlockHashSequence()
         if picblockhash_sequence is not None:
-            self.picblockhash = struct.unpack("Q", hashlib.sha256(picblockhash_sequence).digest()[:8])[0]
+            self.picblockhash = struct.unpack("<Q", hashlib.sha256(picblockhash_sequence).digest()[:8])[0]
         return self.picblockhash
 
     def getPicBlockHashSequence(self):
@@ -66,7 +66,7 @@ def getOpcBlockHash(self):
             return self.opcblockhash
         opcblockhash_sequence = self.getOpcBlockHashSequence()
         if opcblockhash_sequence is not None:
-            self.opcblockhash = struct.unpack("Q", hashlib.sha256(opcblockhash_sequence).digest()[:8])[0]
+            self.opcblockhash = struct.unpack("<Q", hashlib.sha256(opcblockhash_sequence).digest()[:8])[0]
         return self.opcblockhash
 
     def getOpcBlockHashSequence(self):
@@ -105,4 +105,6 @@ def __int__(self):
         return self.offset
 
     def __str__(self):
+        if self.offset is None:
+            return f"0x????????: ({self.length:>4})"
         return f"0x{self.offset:08x}: ({self.length:>4})"

src/smda/common/SmdaFunction.py

@@ -144,7 +144,7 @@ def getPicHashAsLong(self):
         return self.pic_hash
 
     def getPicHashAsHex(self):
-        return struct.pack("Q", self.pic_hash).hex()
+        return struct.pack("<Q", self.pic_hash).hex()
 
     def getInstructions(self):
         for block in self.getBlocks():
@@ -186,7 +186,7 @@ def _calculateNestingDepth(self):
         return nesting_depth
 
     def getPicHash(self, binary_info):
-        return struct.unpack("Q", hashlib.sha256(self.getPicHashSequence(binary_info)).digest()[:8])[0]
+        return struct.unpack("<Q", hashlib.sha256(self.getPicHashSequence(binary_info)).digest()[:8])[0]
 
     def getPicHashSequence(self, binary_info):
         escaped_binary_seqs = []
@@ -203,7 +203,7 @@ def getPicHashSequence(self, binary_info):
         return bytes([ord(c) for c in "".join(escaped_binary_seqs)])
 
     def getOpcHash(self):
-        return struct.unpack("Q", hashlib.sha256(self.getOpcHashSequence()).digest()[:8])[0]
+        return struct.unpack("<Q", hashlib.sha256(self.getOpcHashSequence()).digest()[:8])[0]
 
     def getOpcHashSequence(self):
         escaped_binary_seqs = []

src/smda/common/labelprovider/CilSymbolProvider.py

@@ -34,6 +34,8 @@ def decodeSymbolName(self, value):
         return value.encode("utf-8").decode("utf-8")
 
     def update(self, binary_info):
+        self._addr_to_func_symbols = {}
+        self._func_symbol_to_addr = {}
         try:
             pe = dnfile.dnPE(data=binary_info.raw_data)
         except Exception as exc:

src/smda/common/labelprovider/ElfApiResolver.py

@@ -66,5 +66,7 @@ def getApi(self, to_addr, absolute_addr=None):
         May return None for the `dll` if it cannot be determined.
         When it can be determined for ELF files, the `dll` field should be interpreted as the API version rather than shared library name.
         For example: "GLIBC_2.2.5".
+        `absolute_addr` is part of the label-provider API but intentionally unused here:
+        ELF lookups are keyed by relocation slot address (`to_addr`) in `_api_map["lief"]`.
         """
         return self._api_map["lief"].get(to_addr, (None, None))

src/smda/intel/JumpTableAnalyzer.py

@@ -142,22 +142,21 @@ def _resolveExplicitTable(self, jump_instruction_address, state, jumptable_addre
         jumptable_size = jumptable_size if jumptable_size is not None else 0xFF
         jumptable_addresses = []
         bitness = self.disassembly.binary_info.bitness
-        entry_size = 4 if bitness == 32 else 8
+        if bitness == 32:
+            entry_size = 4
+            entry_format = "I"
+        elif bitness == 64:
+            entry_size = 8
+            entry_format = "Q"
+        else:
+            LOGGER.warning("Unsupported %s-bit jump table analysis", bitness)
+            return jumptable_addresses
         if self.disassembly.isAddrWithinMemoryImage(jumptable_address):
             for i in range(jumptable_size):
-                if bitness == 32:
-                    table_entry = struct.unpack(
-                        "I",
-                        self.disassembly.getBytes(jumptable_address + i * entry_size, entry_size),
-                    )[0]
-                elif bitness == 64:
-                    table_entry = struct.unpack(
-                        "Q",
-                        self.disassembly.getBytes(jumptable_address + i * entry_size, entry_size),
-                    )[0]
-                else:
-                    LOGGER.warning("Unsupported bitness for jump table analysis: %s", bitness)
-                    break
+                table_entry = struct.unpack(
+                    entry_format,
+                    self.disassembly.getBytes(jumptable_address + i * entry_size, entry_size),
+                )[0]
                 if not self.disassembly.isAddrWithinMemoryImage(table_entry):
                     break
                 state.addDataRef(

tests/testCommonModels.py

@@ -0,0 +1,31 @@
+import hashlib
+import struct
+import unittest
+
+from smda.common.SmdaBasicBlock import SmdaBasicBlock
+from smda.common.SmdaFunction import SmdaFunction
+
+
+class TestCommonModels(unittest.TestCase):
+    def test_empty_basic_block_string_is_safe(self):
+        self.assertEqual(str(SmdaBasicBlock([])), "0x????????: (   0)")
+
+    def test_function_hash_helpers_use_little_endian(self):
+        function = SmdaFunction()
+        function.pic_hash = 0x0102030405060708
+        function.getPicHashSequence = lambda binary_info: b"pic-sequence"
+        function.getOpcHashSequence = lambda: b"opc-sequence"
+
+        self.assertEqual(function.getPicHashAsHex(), struct.pack("<Q", function.pic_hash).hex())
+        self.assertEqual(
+            function.getPicHash(None),
+            struct.unpack("<Q", hashlib.sha256(b"pic-sequence").digest()[:8])[0],
+        )
+        self.assertEqual(
+            function.getOpcHash(),
+            struct.unpack("<Q", hashlib.sha256(b"opc-sequence").digest()[:8])[0],
+        )
+
+
+if __name__ == "__main__":
+    unittest.main()

tests/testFileFormatParsers.py

@@ -10,6 +10,7 @@
 
 from smda.cil.CilDisassembler import CilDisassembler
 from smda.common.BinaryInfo import BinaryInfo
+from smda.common.labelprovider.CilSymbolProvider import CilSymbolProvider
 from smda.common.labelprovider.ElfApiResolver import ElfApiResolver
 from smda.common.labelprovider.GoLabelProvider import GoSymbolProvider
 from smda.common.labelprovider.PeSymbolProvider import PeSymbolProvider
@@ -204,6 +205,18 @@ def test_elf_api_resolver_uses_relocation_slot_address(self):
         self.assertEqual(resolver.getApi(0x4018, absolute_addr=0x1000), ("GLIBC_2.2.5", "puts"))
         self.assertEqual(resolver.getApi(0x1000, absolute_addr=0x4018), (None, None))
 
+    def test_cil_symbol_provider_clears_symbols_before_parse(self):
+        provider = CilSymbolProvider(None)
+        provider._addr_to_func_symbols[0x1000] = "stale"
+        provider._func_symbol_to_addr["stale"] = 0x1000
+        binary_info = BinaryInfo(b"not a dotnet file")
+
+        with mock.patch("smda.common.labelprovider.CilSymbolProvider.dnfile.dnPE", side_effect=ValueError("bad pe")):
+            provider.update(binary_info)
+
+        self.assertEqual(provider.getFunctionSymbols(), {})
+        self.assertIsNone(provider.getAddress("stale"))
+
 
 if __name__ == "__main__":
     unittest.main()