Feature Request: PE File Support

[MrSynAckSter]

The documentation claims that the system only supports ELF binaries.

It would be very useful to me if the system supported PE files.

[Enkelmann]

I would also very much like better PE-support! :-)

For future reference some notes on the current state of PE support (at the time of this comment):

• There already exists experimental support for PE files. However, it is not well tested (e.g. most acceptance tests for PE files are disabled).
• There are known issues for PE files. See issue Proper handling of calling conventions for PE files #250. There is also a high likelihood of more issues with the analysis for PE files that I am not yet aware of.
• Because of the above, one has to assume that the cwe_checker analyses are not reliable on PE files.

Unfortunately, ELF files have priority for us right now and we do not have enough people working on the project to tackle better PE support at the same time. At some point we are going to work on this, but I cannot yet say when this will be. In the meantime I would be happy to help and mentor any outside contributors willing to work on the subject!

[MrSynAckSter]

That's awesome to know. I am currently trying to improve my static analysis skills. If you have any suggestions for contributing to the project, I'd be glad to help. I'll trying and bang my head against #250 and see if I can't understand how your system works.

[Enkelmann]

Feel free to ask many questions about the things you don't understand. :-) For #250 a possible starting point would be to look at the use cases of the Project::get_standard_calling_convention method and to figure out how these cases should be handled for PE files. Another starting point is to just take a simple example binary and trying to figure out what happens internally by using lots of debug printing.