def pointer_renamer(): renamed = 0 text_seg = get_text_seg() if text_seg is None: debug('Failed to get text segment') return renamed for addr in Functions(text_seg.startEA, text_seg.endEA): name = GetFunctionName(addr) # Look at data xrefs to the function - find the pointer that is located in .rodata data_ref = idaapi.get_first_dref_to(addr) while data_ref != BADADDR: if 'rodata' in idaapi.get_segm_name(data_ref): # Only rename things that are currently listed as an offset; eg. off_9120B0 if 'off_' in GetTrueName(data_ref): if MakeName(data_ref, ('%s_ptr' % name)): renamed += 1 else: error( 'error attempting to name pointer @ 0x%02x for %s' % (data_ref, name)) data_ref = idaapi.get_next_dref_to(addr, data_ref) return renamed
def kiwidog(address, end, search): magic = idaapi.find_binary(address, end, search, 0x0, SEARCH_DOWN) function = idaapi.get_func(idaapi.get_first_dref_to(magic)) idaapi.set_name(function.start_ea, '__stack_chk_fail', SN_NOCHECK | SN_NOWARN) function.flags |= FUNC_NORET idaapi.update_func(function)
def get_drefs(addr): rv = [] cur = idaapi.get_first_dref_to(addr) while cur != idaapi.BADADDR: rv.append(cur) cur = idaapi.get_next_dref_to(addr, cur) return rv
def parse_func_pointer(): renamed = 0 for segea in idautils.Segments(): for addr in idautils.Functions(segea, idc.SegEnd(segea)): #for addr in idautils.Functions(text_seg.startEA, text_seg.endEA): name = idc.GetFunctionName(addr) # Look at data xrefs to the function - find the pointer that is located in .rodata data_ref = idaapi.get_first_dref_to(addr) while data_ref != idc.BADADDR: if 'rodata' in idc.get_segm_name(data_ref): # Only rename things that are currently listed as an offset; eg. off_9120B0 if 'off_' in idc.GetTrueName(data_ref): if idc.MakeNameEx(data_ref, ('%s_ptr' % name), flags=idaapi.SN_FORCE): idaapi.autoWait() renamed += 1 else: common._error( 'Failed to name pointer @ 0x%02x for %s' % (data_ref, name)) data_ref = idaapi.get_next_dref_to(addr, data_ref) common._info("\nRename %d function pointers.\n" % renamed)
def populate(self): address = self.address while True: if Const.EA64: func_address = idaapi.get_64bit(address) else: func_address = idaapi.get_32bit(address) flags = idaapi.getFlags(func_address) # flags_t if idaapi.isCode(flags): self.virtual_functions.append(VirtualFunction(func_address, address - self.address)) address += Const.EA_SIZE else: break if idaapi.get_first_dref_to(address) != idaapi.BADADDR: break
def populate(self): address = self.address while True: ptr = helper.get_ptr(address) if helper.is_code_ea(ptr): self.virtual_functions.append( VirtualFunction(ptr, address - self.address)) elif helper.is_imported_ea(ptr): self.virtual_functions.append( ImportedVirtualFunction(ptr, address - self.address)) else: break address += const.EA_SIZE if idaapi.get_first_dref_to(address) != idaapi.BADADDR: break
def populate(self): address = self.address while True: if Const.EA64: func_address = idaapi.get_64bit(address) else: func_address = idaapi.get_32bit(address) if Helper.is_code_ea(func_address): self.virtual_functions.append(VirtualFunction(func_address, address - self.address)) elif Helper.is_imported_ea(func_address): self.virtual_functions.append(ImportedVirtualFunction(func_address, address - self.address)) else: break address += Const.EA_SIZE if idaapi.get_first_dref_to(address) != idaapi.BADADDR: break