From a user report:
Here is one sample that BN might having trouble to understand.
Binary Ninja 5.3:
9b02fe74 char const (*)[0x5] mcp_xorshift_prng_core()
9b02fe74 {
9b02fe74 int32_t r0 = sub_9b032194();
9b02fe90 char const (* result)[0x5] = 0xbec1b ^ r0 << 0xd ^ r0 >> 9;
9b02fe94 data_10000ac8 = result;
9b02fe96 return result;
9b02fe74 }IDA:
unsigned int sub_9B02FE74()
{
unsigned int v0; // r0
unsigned int result; // r0
v0 = sub_9B032194();
result = (dword_10000AC8 << 7) & 0x3F807F80 ^ ((unsigned int)dword_10000AC8 >> 8) & 0xF80FF ^ (v0 << 13) ^ (v0 >> 9);
dword_10000AC8 = result;
return result;
}Reference code:
static int _freertos_arc4random(void)
{
#if defined(CONFIG_PLATFORM_8721D)
int value = (int)Rand();
return value;
#else
u32 res = xTaskGetTickCount();
static unsigned long seed = 0xDEADB00B;
#if defined(CONFIG_PLATFORM_8711B)
if(random_seed){
seed = random_seed;
random_seed = 0;
}
#endif
seed = ((seed & 0x007F00FF) << 7) ^
((seed & 0x0F80FF00) >> 8) ^ // be sure to stir those low bits
(res << 13) ^ (res >> 9); // using the clock too!
return (int)seed;
#endif
}Version and Platform (required):
- Binary Ninja Version: 5.3.9434, f7cf98e7
- OS: macos
- OS Version: 15.7.5
- CPU Architecture: arm64
File: thermal ice switches helpfully
From a user report:
Here is one sample that BN might having trouble to understand.
Binary Ninja 5.3:
IDA:
Reference code:
Version and Platform (required):
File:
thermal ice switches helpfully