Any std::string variable involved in JSON deserialization can potentially crash FakePDB #55
Description
Within FakePDB, many data types use std::string to store information fetched from IDA Pro.
Previously encountered instances are documented Here and Here.
Another example is the failure in fetching function names. In some cases, functions are not fully recognized by IDA Pro (e.g., functions executed via indirect or obfuscated jumps). Interestingly, IDA sometimes marks these as functions but does not assign them a name until they are opened in the disassembly window. In such cases, calling ida_funcs.get_func_name(0xDEEDBEEF) returns nothing, leading to a null value and a nlohmann exception.
To reproduce, compile a simple obfuscated jump table or dispatcher and attempt to export it via FakePDB.
One possible mitigation would be to check for null values while FakePDB’s Python script is generating the JSON file; avoiding crashes until a more robust solution is implemented.