Skip to content

Do not run Ghidra auto-analysis on import#473

Merged
whyitfor merged 4 commits into
redballoonsecurity:masterfrom
rbs-afflitto:bugfix/ghidra_analyze_on_import
Jun 7, 2024
Merged

Do not run Ghidra auto-analysis on import#473
whyitfor merged 4 commits into
redballoonsecurity:masterfrom
rbs-afflitto:bugfix/ghidra_analyze_on_import

Conversation

@rbs-afflitto
Copy link
Copy Markdown
Collaborator

@rbs-afflitto rbs-afflitto commented Jun 4, 2024
edited
Loading

One sentence summary of this PR (This should go in the CHANGELOG!)

  • Do not run Ghidra auto-analysis upon importing a program

Link to Related Issue(s)
N/A

Please describe the changes in your request.
This change adds -noanalysis to the import command in _do_ghidra_import in the GhidraProjectAnalyzer. Without this change, Ghidra analysis runs every time the GhidraProjectAnalyzer runs. This consumes a significant amount of time that is not necessary if using a pre-analyzed Ghidra project. By adding -noanalysis to the import command, the Ghidra analysis will run conditionally in _do_ghidra_analyze_and_serve, depending on if a pre-analyzed Ghidra project has been passed into the analyzer config.

Anyone you think should look at this, specifically?
@whyitfor @SamL98

@rbs-afflitto rbs-afflitto self-assigned this Jun 4, 2024
@rbs-jacob
Copy link
Copy Markdown
Member

rbs-jacob commented Jun 4, 2024

Do not run. Do not run. (I'm gonna run.)

@whyitfor whyitfor requested a review from paulnoalhyt June 5, 2024 11:05
whyitfor
whyitfor reviewed Jun 5, 2024
View reviewed changes
Comment thread disassemblers/ofrak_ghidra/CHANGELOG.md Outdated
@whyitfor whyitfor requested a review from SamL98 June 6, 2024 02:42
@SamL98
Copy link
Copy Markdown
Contributor

SamL98 commented Jun 6, 2024

Is the conditional analyzing performed by ghidra? i.e. the OFRAK user doesn't have to pass any new flags/call any new functions? If so, LGTM

whyitfor
whyitfor approved these changes Jun 7, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@whyitfor whyitfor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch!

@whyitfor whyitfor merged commit d8e22a9 into redballoonsecurity:master Jun 7, 2024
ANogin pushed a commit to ANogin/ofrak that referenced this pull request Aug 20, 2024
@rbs-afflitto @whyitfor
Do not run Ghidra auto-analysis on import (redballoonsecurity#473)
9f76ed3 
* Prevent Ghidra autoanalysis on import

* Update CHANGELOG.md

* Add link to PR in changelog

---------

Co-authored-by: Wyatt <53830972+whyitfor@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@whyitfor whyitfor whyitfor approved these changes

@paulnoalhyt paulnoalhyt Awaiting requested review from paulnoalhyt

+1 more reviewer

@SamL98 SamL98 SamL98 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@rbs-afflitto rbs-afflitto

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rbs-afflitto @rbs-jacob @SamL98 @whyitfor