Ghidra question:

foone@digipres.club

Ghidra question:

I'm working on one main binary and I'm needing to repeatedly import binary patches over it.
The problem is that the way ghidra lets you do this (that I know of) are to manually select each instruction and enter new assembly, or to go into the binary edit and change the bytes one by one.

Is there some easy way to import a binary patch that I'm missing?

foone@digipres.club

I think there's a way to import a whole new binary over the existing one you were reversing, so I guess I could patch it outside of ghidra and then do a full reimport, which hopefully shouldn't lose any of my labels and such

ben@mastodon.lubar.me

@foone if there's not, you know java...

foone@digipres.club

@ben yeah but I don't want to have to for this project if I can avoid it

foone@digipres.club

note: in theory it supports copy/paste out of the binary view. in reality, I don't think I've ever gotten it to successfully paste more than one byte, as it always says the size is wrong

foone@digipres.club

wait. paste and ctrl-v both fail, but ctrl-shift-v brings up an ARE YOU SURE? and then ignores the highlight and pastes it at the cursor?

what?!

foone@digipres.club

fuck me, it's just a completely confused error message:
it's saying "not enough space" because it can't find enough UNDEFINED BYTES. It's stopping you from writing over code.

motherfucker.

foone@digipres.club

I guess I could always write a python script. It does have that. Still, it seems like this sort of thing should be easier. Maybe this is an unusual need? I dunno. I'm patching a game as I go.

foone@digipres.club

to be clear, the clipboard-binary viewer thing does work, it's just tedious. You have to clear existing decompilation for the area you're writing to, then re-decompile it.

jens@social.finkhaeuser.de

@foone Never used ghidra, but you're describing the most basic hex editor functionality I can imagine.

foone@digipres.club

@jens yeah. it's really that it's not a hex editor, it just has some very basic hex editing abilities in it. and they're not good.

parzivalwolfram@infosec.exchange

@foone I actually already did that for the same exact reason. My solution is utter ass, but it is marginally faster to use than Ghidra is. https://github.com/ParzivalWolfram/RapidRelinker

foone@digipres.club

@parzivalwolfram oh cool! thanks, that looks helpful