def has_bookmark(self, bookmark, addr):
for i in xrange(1, 1024):
ea = idc.GetMarkedPos(i)
self.assertNotEqual(ea, idaapi.BADADDR)
if ea != addr:
continue
self.assertEqual(idc.GetMarkComment(i), bookmark)
return True
return False
def marks():
'''returns all the known marked positions in an .idb'''
index = 1
while True:
ea = idc.GetMarkedPos(index)
if ea == 0xffffffff:
break
comment = idc.GetMarkComment(index)
yield ea, comment
index += 1
return
def delete_comment_at_ea(ea, comment_type):
logger.debug("Deleting comment at 0x%08X / %d" % (ea, comment_type))
if comment_type == ya.COMMENT_REPEATABLE:
idc.MakeRptCmt(ea, "")
# TODO: remove the test with "comment" (temporary fix because of cache incoherency)
elif comment_type == ya.COMMENT_NON_REPEATABLE or comment_type == "comment":
idc.MakeComm(ea, "")
elif comment_type == ya.COMMENT_ANTERIOR:
for i in xrange(0, idaapi.get_first_free_extra_cmtidx(ea, idaapi.E_PREV)):
idaapi.del_extra_cmt(ea, idaapi.E_PREV + i)
elif comment_type == ya.COMMENT_POSTERIOR:
for i in xrange(0, idaapi.get_first_free_extra_cmtidx(ea, idaapi.E_NEXT)):
idaapi.del_extra_cmt(ea, idaapi.E_NEXT + i)
elif comment_type == ya.COMMENT_BOOKMARK:
# parse marked position
for i in xrange(1, 1024):
if idc.GetMarkedPos(i) == idc.BADADDR:
break
elif idc.GetMarkedPos(i) == ea:
idc.MarkPosition(ea, 0, 0, 0, i, "")
def __init__(self, yatools, hash_provider, repo_manager, equipement=None, operating_system=None):
'''
Constructor
'''
self.equipement = equipement
self.os = operating_system
self.yatools = yatools
self.hash_provider = hash_provider
self.repo_manager = repo_manager
self.ida_model = YaToolIDAModel(self.yatools, self.hash_provider)
self.new_marked_pos = set()
# load marked pos
for i in xrange(1, 1024):
if idc.GetMarkedPos(i) == idc.BADADDR:
break
else:
self.new_marked_pos.add(idc.GetMarkedPos(i))
self.flush()
def _get_marked_gadgets(self):
rop_gadgets = {}
for i in range(1, 1024):
marked_pos = idc.GetMarkedPos(i)
if marked_pos != idc.BADADDR:
marked_comment = idc.GetMarkComment(i)
if marked_comment and marked_comment.lower().startswith("rop"):
rop_gadgets[marked_comment] = marked_pos
else:
break
return rop_gadgets
def save(self):
start_time = time.time()
ida_model = ya.MakeModelIncremental(self.hash_provider)
"""
TODO : improve cache re-generation
pb : we should not regenerate the whole cache everytime
pb : when we load strucmembers (from the cache) and they are
later deleted, we get stalled XML files (they are not referenced
in the parent struc/stackframe, which is good, but they still
exist)
*do not store objects here : store them in the memory exporter
*make 3 pass :
-delete deleted objects
-create updated objects
-create new objects
"""
logger.debug("YaToolIDAHooks.save()")
db = ya.MakeModel()
memory_exporter = db.visitor
if VALIDATE_EXPORTED_XML:
memory_exporter = ya.MakeMultiplexerDebugger(db.visitor)
memory_exporter.visit_start()
"""
First, find modified informations : marked positions, comments, ...
"""
# some marked comment may have been deleted
self.new_marked_pos = set()
for i in xrange(1, 1024):
if idc.GetMarkedPos(i) == idc.BADADDR:
break
else:
self.new_marked_pos.add(idc.GetMarkedPos(i))
# get remove marked comments
for removed_marked_pos in (self.marked_pos - self.new_marked_pos):
self.addresses_to_process.add(removed_marked_pos)
self.repo_manager.add_auto_comment(removed_marked_pos,
"Removed marked comment")
# process comments
for (ea, value) in self.comments_to_process.iteritems():
# do not save comments coming from function prototype
# if not idaapi.is_tilcmt(ea):
self.addresses_to_process.add(ea)
self.repo_manager.add_auto_comment(ea, value)
"""
Next, export strucs and enums
This will also delete unneeded files
"""
self.save_strucs(ida_model, memory_exporter)
self.save_enums(ida_model, memory_exporter)
"""
explore IDA yacoHooks for logged ea
"""
for ea in self.addresses_to_process:
ida_model.accept_ea(memory_exporter, ea)
for seg_ea_start, seg_ea_end in self.updated_segments:
ida_model.accept_segment(memory_exporter, seg_ea_start)
memory_exporter.visit_end()
"""
#before saving, we remove all cache (some files may have been deleted)
order = ("struc", "strucmember", "enum", "enum_member", "segment", "function",
"stackframe", "stackframe_member", "basic_block", "data", "code")
for obj_type in order:
current_dir = os.path.join(self.idb_directory, "cache", obj_type)
if not os.path.isdir(current_dir):
continue
for f in os.listdir(current_dir):
os.remove(os.path.join(current_dir, f))
"""
logger.debug("Exporting from memory to XML")
# now export to XML
xml_exporter = ya.MakeXmlExporter(
os.path.join(os.path.dirname(idc.GetIdbPath()), "cache"))
if VALIDATE_EXPORTED_XML_2:
db.model.accept(
ya.MakePathDebuggerVisitor("SaveXMLValidator",
ya.MakeExporterValidatorVisitor(),
False))
db.model.accept(xml_exporter)
end_time = time.time()
logger.debug("YaCo saved in %d seconds." % (end_time - start_time))
