def get_single_comment(ea, is_func=False):
"""IDA has repeatable and regular comments. BN only has regular comments.
This function constructs a single comment from both repeatable and regular
comments
"""
regular_comment = ""
repeatable_comment = ""
if is_func:
regular_comment = idc.GetFunctionCmt(ea, 0)
repeatable_comment = idc.GetFunctionCmt(ea, 1)
else:
regular_comment = idc.Comment(ea)
repeatable_comment = idc.RptCmt(ea)
if regular_comment is None:
return repeatable_comment
elif repeatable_comment is None:
return regular_comment
elif repeatable_comment is None and regular_comment is None:
return None
else:
if len(regular_comment) == 0:
return repeatable_comment
if len(repeatable_comment) == 0:
return repeatable_comment
return regular_comment + "\n" + repeatable_comment
return None
def postprocess(self):
try:
if "MakeComment" in self.cmdname:
if idc.Comment(self.addr) is not None:
self.skel_conn.push_comment(self.addr,
idc.Comment(self.addr))
if idc.GetFunctionCmt(self.addr, 0) != "":
self.skel_conn.push_comment(
self.addr, idc.GetFunctionCmt((self.addr), 0))
elif "MakeRptCmt" in self.cmdname:
if idc.GetCommentEx(self.addr, 1) != "":
self.skel_conn.push_comment(
self.addr, idc.GetCommentEx(self.addr, 1))
if idc.GetFunctionCmt(self.addr, 1) != "":
self.skel_conn.push_comment(
self.addr, idc.GetFunctionCmt(self.addr, 1))
elif self.cmdname == "MakeFunction":
if idc.GetFunctionAttr(self.addr, 0) is not None:
pass
#push_change("idc.MakeFunction", shex(idc.GetFunctionAttr(
# self.addr, 0)), shex(idc.GetFunctionAttr(self.addr, 4)))
elif self.cmdname == "DeclareStructVar":
print "Fixme : declare Struct variable"
elif self.cmdname == "SetType":
newtype = idc.GetType(self.addr)
if newtype is None:
newtype = ""
else:
newtype = SkelUtils.prepare_parse_type(
newtype, self.addr)
self.skel_conn.push_type(int(self.addr), newtype)
# XXX IMPLEMENT
elif self.cmdname == "OpStructOffset":
print "Fixme, used when typing a struct member/stack var/data pointer to a struct offset "
except KeyError:
pass
return 0
def yacheck_comments(self):
eas = yaunit.load('comments')
i = 0
for offset in range(0, 3):
for fn_cmt, fn_rpt, cmt, rpt, post, ant in tests:
ea = eas[i]
logger.debug("checking at 0x%08X : %r, %r, %r, %r, %r, %r" %
(ea, fn_cmt, fn_rpt, cmt, rpt, post, ant))
i += 1
if fn_cmt != None:
self.assertEqual(idc.GetFunctionCmt(ea, False), fn_cmt)
if fn_rpt != None:
self.assertEqual(idc.GetFunctionCmt(ea, True), fn_rpt)
if cmt != None:
self.assertEqual(idc.GetCommentEx(ea, False), cmt)
if rpt != None:
self.assertEqual(idc.GetCommentEx(ea, True), rpt)
if post != None:
for j, txt in enumerate(post.split('\n')):
self.assertEqual(idc.LineB(ea, j), txt)
if ant != None:
for j, txt in enumerate(ant.split('\n')):
self.assertEqual(idc.LineA(ea, j), txt)
def linearize_comment(ea, function_comment=False):
regular_comment = ""
repeatable_comment = ""
if function_comment:
regular_comment = idc.GetFunctionCmt(ea, 0)
repeatable_comment = idc.GetFunctionCmt(ea, 1)
else:
regular_comment = idc.Comment(ea)
repeatable_comment = idc.RptCmt(ea)
if regular_comment is None and repeatable_comment is None:
return None
elif regular_comment is not None and repeatable_comment is None:
return regular_comment
elif repeatable_comment is not None and regular_comment is None:
return repeatable_comment
else:
if len(regular_comment) == 0:
return repeatable_comment
if len(repeatable_comment) == 0:
return repeatable_comment
return regular_comment + "\n" + repeatable_comment
return None
def fn_read(cls, address, key=None, repeatable=1):
address = idc.GetFunctionAttr(address, idc.FUNCATTR_START)
if address == idc.BADADDR:
raise ValueError("Address %x not in function"% address)
result = comment.toDict(idc.GetFunctionCmt(int(address), repeatable))
if '__name__' not in result:
result['__name__'] = idc.GetFunctionName(address)
if '__address__' not in result:
result['__address__'] = address
if key is not None:
return result[key]
return result
def get_func_info(ea):
'''
resolve the function comment
'''
global func_type_re
info = dict()
func_cmt = idc.GetFunctionCmt(ea, -1)
if func_cmt:
res = func_type_re.search(func_cmt)
info['class_name'] = res.group('clsname')
info['ret_type'] = res.group('ret')
info['func_name'] = res.group('fname')
info['fparam_type'] = res.group('fptype')
info['sparam_name'] = res.group('spname')
info['sparam_type'] = res.group('sptype')
return info
def postprocess(self):
global skel_conn
try:
if self.cmdname == "MakeComment":
if idc.GetCommentEx(self.addr, 0) is not None:
skel_conn.push_comment(self.addr,
idc.GetCommentEx((self.addr), 0))
elif idc.GetCommentEx(self.addr, 1) is not None:
skel_conn.push_comment(self.addr,
idc.GetCommentEx((self.addr), 1))
elif idc.GetFunctionCmt(self.addr, 0) != "":
skel_conn.push_comment(self.addr,
idc.GetCommentEx((self.addr), 0))
elif idc.GetFunctionCmt(self.addr, 1) != "":
skel_conn.push_comment(
self.addr,
idc.GetFunctionCmt(self.addr,
1).replace("\n", "\\n").replace(
"\"", "\\\""))
if self.cmdname == "MakeRptCmt":
if idc.GetCommentEx(self.addr, 0) is not None:
skel_conn.push_comment(
self.addr,
idc.GetCommentEx(self.addr,
0).replace("\n", "\\n").replace(
"\"", "\\\""))
elif idc.GetCommentEx(self.addr, 1) is not None:
skel_conn.push_comment(
self.addr,
idc.GetCommentEx(self.addr,
1).replace("\n", "\\n").replace(
"\"", "\\\""))
elif idc.GetFunctionCmt(self.addr, 0) != "":
skel_conn.push_comment(
self.addr,
idc.GetFunctionCmt(self.addr,
0).replace("\n", "\\n").replace(
"\"", "\\\""))
elif idc.GetFunctionCmt(self.addr, 1) != "":
skel_conn.push_comment(
self.addr,
idc.GetFunctionCmt(self.addr,
1).replace("\n", "\\n").replace(
"\"", "\\\""))
elif self.cmdname == "MakeName":
# idc.Jump(self.addr)
if (idc.GetFunctionAttr(self.addr, 0) == self.addr):
fname = GetFunctionName(self.addr)
if fname != "":
if not CheckDefaultValue(fname):
skel_conn.push_name(self.addr, fname)
else:
fname = idc.GetTrueName(self.addr)
if fname != "" and not CheckDefaultValue(fname):
skel_conn.push_name(
self.addr,
fname.replace("\n", "\\n").replace("\"", "\\\""))
else:
# ok, on regarde ce qui est pointe
if GetOpType(self.addr, 0) in [o_near, o_imm, o_mem]:
if GetOpType(self.addr,
1) in [o_near, o_imm, o_mem]:
print "[P] You must be on the top of function or at the global address to set the name in log file"
else:
add = idc.GetOperandValue(self.addr, 0)
fname = idc.GetTrueName(add)
if fname != "" and not CheckDefaultValue(
fname):
skel_conn.push_name(
add,
fname.replace("\n", "\\n").replace(
"\"", "\\\""))
else:
print "[P] You must be on the top of function or at the global address to set the name in log file"
elif GetOpType(self.addr, 1) in [o_near, o_imm, o_mem]:
add = idc.GetOperandValue(self.addr, 1)
fname = idc.GetTrueName(add)
if fname != "" and not CheckDefaultValue(fname):
skel_conn.push_name(
add,
fname.replace("\n",
"\\n").replace("\"", "\\\""))
else:
print "[P] You must be on the top of function or at the global address to set the name in log file"
elif self.cmdname == "MakeFunction":
if idc.GetFunctionAttr(self.addr, 0) is not None:
pass
#push_change("idc.MakeFunction", shex(idc.GetFunctionAttr(
# self.addr, 0)), shex(idc.GetFunctionAttr(self.addr, 4)))
elif self.cmdname == "DeclareStructVar":
print "Fixme : declare Struct variable"
elif self.cmdname == "AddStruct":
print "Fixme : adding structure"
elif self.cmdname == "SetType":
newtype = idc.GetType(self.addr)
if newtype is None:
newtype = ""
else:
newtype = prepare_parse_type(newtype, self.addr)
push_change("idc.SetType", shex(self.addr), newtype)
elif self.cmdname == "OpStructOffset":
print "Fixme, used when typing a struct member/stack var/data pointer to a struct offset "
except KeyError:
pass
return 0
def getComment(ea, repeatable=1):
return idc.GetFunctionCmt(int(ea), repeatable)
def get_comment(self, repeteable=True):
return idc.GetFunctionCmt(self.addr, repeteable)
def _extract_func_cmnt(self, repeatable):
function_cmt = idc.GetFunctionCmt(self._first_addr, repeatable)
return function_cmt