def get_chunk_address(self):
addr_str = self.t_chunk_addr.text()
if sys.version_info < (3, 0):
addr_str = addr_str.encode("utf-8")
addr = idaapi.str2ea(addr_str)
if addr == idc.BADADDR:
return None
return addr
def resolve_expr(self, expr):
res = None
try:
expr = re.sub(r'[(|)]', '', expr)
res = int(expr, 16)
except ValueError:
segm = idaapi.get_segm_by_name(expr)
if segm:
res = segm.start_ea
else:
ea = idaapi.str2ea(expr)
if ea != idc.BADADDR:
res = ea
return res
def modify_value(self):
reg = self.get_selected_reg()
if not reg:
return
reg_val = idc.GetRegValue(reg)
b = idc.AskStr("0x%X" % reg_val, "Modify register value")
if b is not None:
try:
value = int(idaapi.str2ea(b))
idc.SetRegValue(value, reg)
self.reload_info()
if reg == dbg.registers.flags:
self.reload_flags_view()
except:
idaapi.warning("Invalid expression")
def modify_value(self):
ea = self.get_current_expr_ea()
if not ea or not idaapi.is_loaded(ea):
return
stack_val = 0
if idaapi.inf_is_64bit():
stack_val = ida_bytes.get_qword(ea)
else:
stack_val = ida_bytes.get_dword(ea)
b = idaapi.ask_str("0x%X" % stack_val, 0, "Modify value")
if b is not None:
try:
value = int(idaapi.str2ea(b))
if idaapi.inf_is_64bit():
idc.patch_qword(ea, value)
else:
idc.patch_dword(ea, value)
self.reload_info()
except:
idaapi.warning("Invalid expression")
def reload_info(self):
if not dbg.is_process_suspended():
return False
base_addr = None
if self.base_expr is None:
base_addr = idc.get_reg_value(dbg.registers.stack)
else:
base_addr = idaapi.str2ea(self.base_expr)
if base_addr == idc.BADADDR:
idaapi.warning("Invalid base expr: %s" % self.base_expr)
return False
if not idaapi.is_loaded(base_addr):
idaapi.warning("Memory address is not loaded: $#x" % base_addr)
return False
self.ClearLines()
dbg.set_thread_info()
try:
segm_end = idc.get_segm_end(base_addr)
n_entries = config.n_stack_entries or ((segm_end - base_addr) //
dbg.ptr_size)
for i in range(n_entries):
offset = i * dbg.ptr_size
ptr = base_addr + offset
if not idaapi.is_loaded(ptr):
break
value = dbg.get_ptr(ptr)
self.add_line("%02d:%04X %s" %
(i, offset, self.parse_value(ptr)))
except Exception as e:
idaapi.warning(str(e))
return False
return True
def jumpto_expr(expr):
ea = idaapi.str2ea(expr)
if ea == BADADDR:
return False
return idaapi.jumpto(ea)
def get_chunk_address(self):
addr = idaapi.str2ea(self.t_chunk_addr.text().encode("utf-8"))
if addr == idc.BADADDR:
return None
return addr
def try_parse_ida_ident(ident):
"""
Returns a tuple of (type, value):
(0, addr) -> a memory address
(1, offs) -> an EBP offset TODO: arch-independent?
(2, name) -> a register name
(3, val) -> a constant
(4, s) -> a string
(5, (arr, idx)) -> atoi of an array with constant index.
"""
ident = str(ident)
if len(ident) == 0:
return False
# match things like:
# atoi(some_global_var[3])
# 0x500[1] (also implicitely means to apply atoi)
if (ident.find("[") > 0 and ident[-1] == "]") or (ident[:5] == "atoi("
and ident[-2:] == "])"):
ident = ident.replace("atoi(", "").replace("])", "]")
idx = ident[ident.find("[") + 1:-1]
before_idx = ident[:ident.find("[")]
if idx.isdigit(): # if the index part consists of digits
res_val = idaapi.str2ea(before_idx)
if res_val != idaapi.BADADDR:
return (5, (res_val, int(idx)))
else:
return False
else:
return False
# match things like:
# "bla"
if len(ident) >= 2 and ident[0] == ident[-1] == '"':
return (4, ident[1:-1].decode('string_escape')
) # Decode hex (and other) escapes
# match thinfs like:
# [0x1337]
# [some_global_var]
if ident[0] == "[" and ident[-1] == "]":
# Try to parse memory address
res_val = idaapi.str2ea(ident[1:-1])
if res_val != idaapi.BADADDR:
return (0, res_val)
return False
# match things like:
# arg_4
# var_0
[t, res] = idaapi.get_name_value(idaapi.get_screen_ea(),
ident) # TODO: or 64?
if t == 3:
# Local variable (arg (pos) or var (neg): sp offset
res_val = ctypes.c_int32(res).value # TODO: 32 bitness
#return "[ebp{}{}]".format('+' if res_val >= 0 else '', res_val)
return (1, res_val)
# match things like:
# eax
# ebp
if idaapi.str2reg(ident) != -1:
return (2, ident)
# match things like:
# 0x1337
# some_global_var
res_val = idaapi.str2ea(ident)
if res_val != idaapi.BADADDR:
return (3, res_val)
# Failed
return False
