TransWikia.com

IDA basic block type fcb_cndret - what does it mean?

Reverse Engineering Asked by gogo_gorilla on July 30, 2021

IDA Pro’s idaapi.BasicBlock objects returned by idaapi.FlowChart() can be of the following types (see gdl.hpp in the SDK sources):

// flow chart block types
enum fc_block_type_t
{
  fcb_normal,    // normal block
  fcb_indjump,   // block ends with indirect jump
  fcb_ret,       // return block
  fcb_cndret,    // conditional return block
  fcb_noret,     // noreturn block
  fcb_enoret,    // external noreturn block (does not belong to the function)
  fcb_extern,    // external normal block
  fcb_error,     // block passes execution past the function end
};

I was able to find examples for all types except fcb_cndret. What does

conditional return block

mean? Could somebody give an example?

2 Answers

I don't know it either so I put together this small script in order to do some empirical analysis.

import idaapi
import idc
import idautils

for f in Functions():
    fc = idaapi.FlowChart(idaapi.get_func(f))
    for bb in fc:
        if bb.type == 3:
            print "%x type: %d" % (bb.startEA, bb.type)

print "Done"

I throw it to several x86 and x86_64 binaries without results.

So, it could be that:

  • This kind of block appears very rarely
  • It appears only in other architectures (I didn't have any ARM or MIPS in this computer to test, sorry)
  • The enum field is reserved for future use

Just my two cents.

Update

I tried it with an ARM binary and found a couple of them. Apparently these are blocks in which a conditional instruction modifies the PC register (see screenshot)

fcb_cndret basic blocks in ARM binary

Cheers

Correct answer by Carlos Garcia on July 30, 2021

Conditional returns are found in some instruction set architectures.

For example, the 8085 has instructions which will action a subroutine return if a status flag is set/clear:

RZ   ... return if Z flag set
RC   ... return if C flag set
RNZ  ... return if Z flag clear
...

Answered by e-Wolf on July 30, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP