def getBuiltinGlobalTypePython(self):
logger.debug('Getting GlobalType the Python way')
sym = idaapi.til_symbol_t()
if using_ida7api:
ret = idaapi.choose_named_type(sym, idaapi.get_idati(),
'Choose type to apply',
idaapi.NTF_SYMM, None)
else:
ret = idaapi.choose_named_type2(idaapi.cvar.idati,
'Choose type to apply',
idaapi.NTF_SYMM, None, sym)
if not ret:
logger.debug('User canceled. Bailing out')
return
tuple = idaapi.get_named_type(sym.til, sym.name, 0)
if tuple == None:
logger.debug('Could not find %s', sym.name)
return
tinfo = idaapi.tinfo_t()
tinfo.deserialize(sym.til, tuple[1], tuple[2])
return tinfo
def getBuiltinGlobalTypePython(self):
self.logger.debug('Getting GlobalType the Python way')
sym = idaapi.til_symbol_t()
ret = idaapi.choose_named_type2(idaapi.cvar.idati, 'Choose type to apply', idaapi.NTF_SYMM, None, sym)
if not ret:
self.logger.debug('User canceled. Bailing out')
return
tuple = idaapi.get_named_type(sym.til, sym.name, 0)
if tuple == None:
self.logger.debug('Could not find %s', sym.name)
return
tinfo = idaapi.tinfo_t()
tinfo.deserialize(sym.til, tuple[1], tuple[2])
return tinfo
def getBuiltinGlobalTypeCtypes(self):
self.logger.debug('Getting GlobalType the Ctypes way')
############################################################
# Several type-related functions aren't accessibly via IDAPython
# so have to do things with ctypes
idaname = "ida64" if idc.__EA64__ else "ida"
if sys.platform == "win32":
g_dll = ctypes.windll[idaname + ".wll"]
elif sys.platform == "linux2":
g_dll = ctypes.cdll["lib" + idaname + ".so"]
elif sys.platform == "darwin":
g_dll = ctypes.cdll["lib" + idaname + ".dylib"]
############################################################
# Specifying function types for a few IDA SDK functions to keep the
# pointer-to-pointer args clear.
get_named_type = g_dll.get_named_type
get_named_type.argtypes = [
ctypes.c_void_p, #const til_t *ti,
ctypes.c_char_p, #const char *name,
ctypes.c_int, #int ntf_flags,
ctypes.POINTER(ctypes.POINTER(
ctypes.c_ubyte)), #const type_t **type=NULL,
ctypes.POINTER(ctypes.POINTER(
ctypes.c_ubyte)), #const p_list **fields=NULL,
ctypes.POINTER(ctypes.POINTER(
ctypes.c_ubyte)), #const char **cmt=NULL,
ctypes.POINTER(ctypes.POINTER(
ctypes.c_ubyte)), #const p_list **fieldcmts=NULL,
ctypes.POINTER(ctypes.c_ulong), #sclass_t *sclass=NULL,
ctypes.POINTER(ctypes.c_ulong), #uint32 *value=NULL);
]
sym = idaapi.til_symbol_t()
#dang - no predicate func support via idapython :(
#idaapi.choose_named_type2(idaapi.cvar.idati, 'Choose type to apply', idaapi.NTF_SYMM, predFunc, sym)
ret = idaapi.choose_named_type2(idaapi.cvar.idati,
'Choose type to apply',
idaapi.NTF_SYMM, None, sym)
if not ret:
self.logger.debug('User canceled. Bailing out')
return
til = sym.til
funcname = sym.name
typ_type = ctypes.POINTER(ctypes.c_ubyte)()
typ_fields = ctypes.POINTER(ctypes.c_ubyte)()
typ_cmt = ctypes.POINTER(ctypes.c_ubyte)()
typ_fieldcmts = ctypes.POINTER(ctypes.c_ubyte)()
typ_sclass = ctypes.c_ulong()
value = ctypes.c_ulong()
ret = get_named_type(long(til.this), funcname, idaapi.NTF_SYMM,
ctypes.byref(typ_type), ctypes.byref(typ_fields),
ctypes.byref(typ_cmt),
ctypes.byref(typ_fieldcmts),
ctypes.byref(typ_sclass), ctypes.byref(value))
if ret == 0:
self.logger.debug('Could not find %s', funcname)
return
########################################
# the following isn't needed, as moved to tinfo_t usage
#if typ_type[0] != idaapi.BT_FUNC:
# #not positive that the first type value has to be BT_FUNC or not...
# # and whether it's important to only apply to funcs or not
# self.logger.debug('Found named type, but not a function: %s', funcname)
# return
#type_arr = ctypes.create_string_buffer(0x400)
#type_arr[0] = chr(idaapi.BT_PTR)
#manualTypeCopy(type_arr, 1, len(type_arr), typ_type)
#name_buffer = ctypes.create_string_buffer(0x400)
#print_type_to_one_line(
# name_buffer,
# len(name_buffer),
# long(til.this),
# typ_type,
# funcname,
# typ_cmt,
# typ_fields,
# typ_fieldcmts
#)
#self.logger.info('Found type: %s', name_buffer.value)
########################################
#this works as well, but it's deprecated
#self.logger.info('Trying to set type: %s', name_buffer.value)
#ret = g_dll.apply_callee_type(
# ctypes.c_uint(here),
# type_arr,
# typ_fields
#)
tinfo = idaapi.tinfo_t()
#self.logger.info('Trying to deserialize stuff')
#self.logger.info('Type of til: %s', type(til))
#self.logger.info('Type of typ_type: %s', type(typ_type))
ret = g_dll.deserialize_tinfo(long(tinfo.this), long(til.this),
ctypes.byref(typ_type),
ctypes.byref(typ_fields),
ctypes.byref(typ_fieldcmts))
return tinfo
def getBuiltinGlobalTypeCtypes(self):
self.logger.debug('Getting GlobalType the Ctypes way')
############################################################
# Several type-related functions aren't accessibly via IDAPython
# so have to do things with ctypes
idaname = "ida64" if idc.__EA64__ else "ida"
if sys.platform == "win32":
g_dll = ctypes.windll[idaname + ".wll"]
elif sys.platform == "linux2":
g_dll = ctypes.cdll["lib" + idaname + ".so"]
elif sys.platform == "darwin":
g_dll = ctypes.cdll["lib" + idaname + ".dylib"]
############################################################
# Specifying function types for a few IDA SDK functions to keep the
# pointer-to-pointer args clear.
get_named_type = g_dll.get_named_type
get_named_type.argtypes = [
ctypes.c_void_p, #const til_t *ti,
ctypes.c_char_p, #const char *name,
ctypes.c_int, #int ntf_flags,
ctypes.POINTER(ctypes.POINTER(ctypes.c_ubyte)), #const type_t **type=NULL,
ctypes.POINTER(ctypes.POINTER(ctypes.c_ubyte)), #const p_list **fields=NULL,
ctypes.POINTER(ctypes.POINTER(ctypes.c_ubyte)), #const char **cmt=NULL,
ctypes.POINTER(ctypes.POINTER(ctypes.c_ubyte)), #const p_list **fieldcmts=NULL,
ctypes.POINTER(ctypes.c_ulong), #sclass_t *sclass=NULL,
ctypes.POINTER(ctypes.c_ulong), #uint32 *value=NULL);
]
sym = idaapi.til_symbol_t()
#dang - no predicate func support via idapython :(
#idaapi.choose_named_type2(idaapi.cvar.idati, 'Choose type to apply', idaapi.NTF_SYMM, predFunc, sym)
ret = idaapi.choose_named_type2(idaapi.cvar.idati, 'Choose type to apply', idaapi.NTF_SYMM, None, sym)
if not ret:
self.logger.debug('User canceled. Bailing out')
return
til = sym.til
funcname = sym.name
typ_type = ctypes.POINTER(ctypes.c_ubyte)()
typ_fields = ctypes.POINTER(ctypes.c_ubyte)()
typ_cmt = ctypes.POINTER(ctypes.c_ubyte)()
typ_fieldcmts = ctypes.POINTER(ctypes.c_ubyte)()
typ_sclass = ctypes.c_ulong()
value = ctypes.c_ulong()
ret = get_named_type(
long(til.this),
funcname,
idaapi.NTF_SYMM,
ctypes.byref(typ_type),
ctypes.byref(typ_fields),
ctypes.byref(typ_cmt),
ctypes.byref(typ_fieldcmts),
ctypes.byref(typ_sclass),
ctypes.byref(value)
)
if ret == 0:
self.logger.debug('Could not find %s', funcname)
return
########################################
# the following isn't needed, as moved to tinfo_t usage
#if typ_type[0] != idaapi.BT_FUNC:
# #not positive that the first type value has to be BT_FUNC or not...
# # and whether it's important to only apply to funcs or not
# self.logger.debug('Found named type, but not a function: %s', funcname)
# return
#type_arr = ctypes.create_string_buffer(0x400)
#type_arr[0] = chr(idaapi.BT_PTR)
#manualTypeCopy(type_arr, 1, len(type_arr), typ_type)
#name_buffer = ctypes.create_string_buffer(0x400)
#print_type_to_one_line(
# name_buffer,
# len(name_buffer),
# long(til.this),
# typ_type,
# funcname,
# typ_cmt,
# typ_fields,
# typ_fieldcmts
#)
#self.logger.info('Found type: %s', name_buffer.value)
########################################
#this works as well, but it's deprecated
#self.logger.info('Trying to set type: %s', name_buffer.value)
#ret = g_dll.apply_callee_type(
# ctypes.c_uint(here),
# type_arr,
# typ_fields
#)
tinfo = idaapi.tinfo_t()
#self.logger.info('Trying to deserialize stuff')
#self.logger.info('Type of til: %s', type(til))
#self.logger.info('Type of typ_type: %s', type(typ_type))
ret = g_dll.deserialize_tinfo(
long(tinfo.this),
long(til.this),
ctypes.byref(typ_type),
ctypes.byref(typ_fields),
ctypes.byref(typ_fieldcmts)
)
return tinfo
def getBuiltinGlobalType(self):
sym = idaapi.til_symbol_t()
#dang - no predicate func support via idapython :(
#idaapi.choose_named_type2(idaapi.cvar.idati, 'Choose type to apply', idaapi.NTF_SYMM, predFunc, sym)
ret = idaapi.choose_named_type2(idaapi.cvar.idati, 'Choose type to apply', idaapi.NTF_SYMM, None, sym)
if not ret:
self.logger.debug('User canceled. Bailing out')
return
til = sym.til
funcname = sym.name
typ_type = ctypes.POINTER(ctypes.c_ubyte)()
typ_fields = ctypes.POINTER(ctypes.c_ubyte)()
typ_cmt = ctypes.POINTER(ctypes.c_ubyte)()
typ_fieldcmts = ctypes.POINTER(ctypes.c_ubyte)()
typ_sclass = ctypes.c_ulong()
value = ctypes.c_ulong()
ret = get_named_type(
long(til.this),
funcname,
idaapi.NTF_SYMM,
ctypes.byref(typ_type),
ctypes.byref(typ_fields),
ctypes.byref(typ_cmt),
ctypes.byref(typ_fieldcmts),
ctypes.byref(typ_sclass),
ctypes.byref(value)
)
if ret == 0:
self.logger.debug('Could not find %s', funcname)
return
########################################
# the following isn't needed, as moved to tinfo_t usage
#if typ_type[0] != idaapi.BT_FUNC:
# #not positive that the first type value has to be BT_FUNC or not...
# # and whether it's important to only apply to funcs or not
# self.logger.debug('Found named type, but not a function: %s', funcname)
# return
#type_arr = ctypes.create_string_buffer(0x400)
#type_arr[0] = chr(idaapi.BT_PTR)
#manualTypeCopy(type_arr, 1, len(type_arr), typ_type)
#name_buffer = ctypes.create_string_buffer(0x400)
#print_type_to_one_line(
# name_buffer,
# len(name_buffer),
# long(til.this),
# typ_type,
# funcname,
# typ_cmt,
# typ_fields,
# typ_fieldcmts
#)
#self.logger.info('Found type: %s', name_buffer.value)
########################################
#this works as well, but it's deprecated
#self.logger.info('Trying to set type: %s', name_buffer.value)
#ret = g_dll.apply_callee_type(
# ctypes.c_uint(here),
# type_arr,
# typ_fields
#)
tinfo = idaapi.tinfo_t()
#self.logger.info('Trying to deserialize stuff')
#self.logger.info('Type of til: %s', type(til))
#self.logger.info('Type of typ_type: %s', type(typ_type))
ret = g_dll.deserialize_tinfo(
long(tinfo.this),
long(til.this),
ctypes.byref(typ_type),
ctypes.byref(typ_fields),
ctypes.byref(typ_fieldcmts)
)
return tinfo
