GP-5863 Check for input intersection before creating unreferenced param

Ghidra/Features/Decompiler/src/decompile/cpp/coreaction.cc

@@ -4585,6 +4585,11 @@ int4 ActionInputPrototype::apply(Funcdata &data)
     for(int4 i=0;i<active.getNumTrials();++i) {
       ParamTrial &paramtrial(active.getTrial(i));
       if (paramtrial.isUnref() && paramtrial.isUsed()) {
+	if (data.hasInputIntersection(paramtrial.getSize(), paramtrial.getAddress())) {
+	  // There is something in the way of the unreferenced parameter, don't create it
+	  paramtrial.markNoUse();
+	}
+	else {
 	  vn = data.newVarnode(paramtrial.getSize(),paramtrial.getAddress());
 	  vn = data.setInputVarnode(vn);
 	  int4 slot = triallist.size();
@@ -4592,6 +4597,7 @@ int4 ActionInputPrototype::apply(Funcdata &data)
 	  paramtrial.setSlot(slot + 1);
 	}
       }
+    }
     if (data.isHighOn())
       data.getFuncProto().updateInputTypes(data,triallist,&active);
     else

Ghidra/Features/Decompiler/src/decompile/cpp/funcdata.hh

@@ -309,6 +309,13 @@ public:
   /// \return the matching Varnode or NULL
   Varnode *findCoveringInput(int4 s,const Address &loc) const { return vbank.findCoveringInput(s,loc); }
 
+  /// \brief Check if an input Varnode exists that overlaps the given range
+  ///
+  /// \param s is the size of the range in bytes
+  /// \param loc is the starting address of the given range
+  /// \return \b true if there is an input Varnode that overlaps the range
+  bool hasInputIntersection(int4 s,const Address &loc) const { return vbank.hasInputIntersection(s, loc); }
+
   /// \brief Find the input Varnode with the given size and storage address
   ///
   /// \param s is the size in bytes

Ghidra/Features/Decompiler/src/decompile/cpp/ruleaction.cc

@@ -1757,6 +1757,7 @@ int4 RuleAndCompare::applyOp(PcodeOp *op,Funcdata &data)
   switch(subop->code()) {
   case CPUI_SUBPIECE:
     basevn = subop->getIn(0);
+    if (basevn->getSize() > sizeof(uintb)) return 0;
     baseconst = andop->getIn(1)->getOffset();
     andconst  = baseconst << subop->getIn(1)->getOffset() * 8;
     break;

Ghidra/Features/Decompiler/src/decompile/cpp/varnode.cc

@@ -1530,6 +1530,29 @@ Varnode *VarnodeBank::findCoveringInput(int4 s,const Address &loc) const
   return (Varnode *)0;
 }
 
+/// \param s is the number of bytes in the given range
+/// \param loc is the starting address of the given range
+/// \return \b true if there is an input Varnode that overlaps the range
+bool VarnodeBank::hasInputIntersection(int4 s,const Address &loc) const
+
+{
+  VarnodeDefSet::const_iterator iter;
+  Varnode *vn;
+  iter = beginDef(Varnode::input,loc);
+  if (iter != def_tree.end()) {
+    vn = *iter;
+    if (vn->isInput() && vn->intersects(loc, s))
+      return true;
+  }
+  if (iter != def_tree.begin()) {
+    --iter;
+    vn = *iter;
+    if (vn->isInput() && vn->intersects(loc,s))
+      return true;
+  }
+  return false;
+}
+
 /// \brief Beginning of Varnodes in given address space sorted by location
 ///
 /// \param spaceid is the given address space

Ghidra/Features/Decompiler/src/decompile/cpp/varnode.hh

@@ -390,6 +390,7 @@ public:
   Varnode *findInput(int4 s,const Address &loc) const;		///< Find an input Varnode
   Varnode *findCoveredInput(int4 s,const Address &loc) const;	///< Find an input Varnode contained within this range
   Varnode *findCoveringInput(int4 s,const Address &loc) const;	///< Find an input Varnode covering a range
+  bool hasInputIntersection(int4 s,const Address &loc) const;	///< Check for input Varnode that overlaps the given range
   uint4 getCreateIndex(void) const { return create_index; }	///< Get the next creation index to be assigned
   VarnodeLocSet::const_iterator beginLoc(void) const { return loc_tree.begin(); }	///< Beginning of location list
   VarnodeLocSet::const_iterator endLoc(void) const { return loc_tree.end(); }		///< End of location list