Improve b2s or replace with custom code (unneded wide strings support)

binary2strings reads utf8 and wide strings (we don't expect or require the latter for Rust strings extraction).

In `rust-hello64.exe` we see
<img width="366" alt="2023-08-28_15-09-13_ida64" src="https://github.com/mandiant/flare-floss/assets/17606537/268829fe-fd3a-49a0-b607-cd5516859dd2">

Which parsed as wide string starting at offset 0x1400BD04F, b2s sees as:
<img width="173" alt="2023-08-28_15-11-07_pycharm64" src="https://github.com/mandiant/flare-floss/assets/17606537/a4e0aa87-39b6-4b6c-914f-d49daa7bed9d">

We then filter out the wide string and end up with ` args` in the final Rust strings output.

Bumping the min_string length to 6 also mitigates this, but we could then miss shorter strings.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Improve b2s or replace with custom code (unneded wide strings support) #867

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Improve b2s or replace with custom code (unneded wide strings support) #867

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions