def yatest_comments(self):
eas = []
for offset in range(0, 3):
for fn_cmt, fn_rpt, cmt, rpt, post, ant in tests:
ea = get_func_item(offset)
eas.append(ea)
logger.debug("setting at 0x%08X : %r, %r, %r, %r, %r, %r" %
(ea, fn_cmt, fn_rpt, cmt, rpt, post, ant))
if fn_cmt != None:
self.assertEqual(idc.SetFunctionCmt(ea, fn_cmt, False),
True)
if fn_rpt != None:
self.assertEqual(idc.SetFunctionCmt(ea, fn_rpt, True),
True)
if cmt != None:
self.assertEqual(idc.MakeComm(ea, cmt), True)
if rpt != None:
self.assertEqual(idc.MakeRptCmt(ea, rpt), True)
if post != None:
for i, txt in enumerate(post.split('\n')):
self.try_ext_lin(idc.ExtLinB, ea, i, txt)
if ant != None:
for i, txt in enumerate(ant.split('\n')):
self.try_ext_lin(idc.ExtLinA, ea, i, txt)
yaunit.save('comments', eas)
def refresh_comments(self):
if self.ea == idc.BADADDR:
return
comment = self.get_comment()
if comment:
idc.SetFunctionCmt(self.ea, comment, False)
def handle_found(addr, candidates):
"""Callback when @candidates have been found for a given address @addr.
Print and add an IDA comment at @addr
@addr: address of the function analyzed
@candidates: list of string of possible matched functions
"""
print "Found %s at %s" % (",".join(candidates), hex(addr))
idc.SetFunctionCmt(addr, "[Sibyl] %s?" % ",".join(candidates), False)
def unlink(self):
if self.owner and self in self.owner.methods:
self.owner.methods.remove(self)
self.owner = None
if self.ea != idc.BADADDR:
del database.get().known_methods[self.ea]
idc.MakeName(self.ea, '')
idc.SetFunctionCmt(self.ea, '', False)
def make_header_comment(self, object_version, address):
try:
repeatable_headercomment = self.sanitize_comment_to_ascii(
object_version.get_header_comment(True))
obj_type = object_version.get_type()
if obj_type == ya.OBJECT_TYPE_FUNCTION:
idc.SetFunctionCmt(address, repeatable_headercomment, 1)
elif obj_type == ya.OBJECT_TYPE_STRUCT:
struc_id = self.struc_ids[object_version.get_id()]
idc.SetStrucComment(struc_id, repeatable_headercomment, 1)
except KeyError:
pass
try:
nonrepeatable_headercomment = self.sanitize_comment_to_ascii(
object_version.get_header_comment(False))
obj_type = object_version.get_type()
if obj_type == ya.OBJECT_TYPE_FUNCTION:
idc.SetFunctionCmt(address, nonrepeatable_headercomment, 0)
elif obj_type == ya.OBJECT_TYPE_STRUCT:
struc_id = self.struc_ids[object_version.get_id()]
idc.SetStrucComment(struc_id, nonrepeatable_headercomment, 0)
except KeyError:
pass
def apply_snippet_to_disasm(self, _func_address, _snippet_info):
# set function name
snippet_name = _snippet_info[0]
while idc.MakeNameEx(_func_address, snippet_name,
idc.SN_NON_AUTO) == 0:
snippet_name = idc.AskStr(
'', ' function name is already used, try another one')
if snippet_name is None:
return (False)
# set function description
idc.SetFunctionCmt(_func_address, _snippet_info[1], 0)
# set comment(s)
comments = _snippet_info[4]
while comments:
comm_len = struct.unpack('>I', comments[:4])[0]
comments = comments[4:]
offset = struct.unpack('>I', comments[:4])[0]
comments = comments[4:]
idc.MakeComm(_func_address + offset, comments[:comm_len])
comments = comments[comm_len:]
return True
def annotate_vector_table(self, vtoffset=0x0000000000):
'''
Name the vector table entries according to docs:
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0552a/BABIFJFG.html
Vector tables can appear in mulitple places in device flash
Functions are not renamed because multiple vectors might point to a single function
Append the address of the VT entry to the name from self.annotations to keep unique names
'''
for annotation_index in range(len(self.annotations)):
entry_addr = vtoffset + 4 * annotation_index
entry_name = "%s_%08x" % (self.annotations[annotation_index],
entry_addr)
idc.MakeDword(entry_addr)
ida_name.set_name(entry_addr, entry_name, 0)
# get the bytes of the vt entry
dword = idc.Dword(entry_addr)
if dword != 0:
# print "ea %08x = 0x%08x" % (ea, dword)
idc.MakeCode(dword - 1)
idc.MakeFunction(dword - 1)
# TODO fix the offsets created here
# for thumb, they show to be off by a byte
# one of the end args controls stuff about this
idc.OpOffEx(entry_addr, 0, idaapi.REF_OFF32, -1, 0, 0)
instruction = idc.Word(dword - 1)
# functions like this are common
if instruction == 0xe7fe:
idc.SetFunctionCmt(dword - 1, 'Infinite Loop', 1)
def fn_empty(cls, address, repeatable=1):
idc.SetFunctionCmt(int(address), '', repeatable)
pass
def fn_write(cls, address, key, value, repeatable=1):
result = cls.fn_read(address, repeatable=repeatable)
result[key] = value
if '__address__' in result:
del(result['__address__'])
return idc.SetFunctionCmt(int(address), comment.toString(result).encode('ascii'), repeatable)
def setComment(ea, string, repeatable=1):
return idc.SetFunctionCmt(int(ea), string, repeatable)
def set_comment(self, comment, repeteable=True):
return idc.SetFunctionCmt(self.addr, comment, repeteable)
"nm -C {}".format(executable),
shell=True,
stdout=PIPE,
stderr=PIPE)
out_demangled, err = proc.communicate()
errcode = proc.returncode
if errcode != 0:
raise Exception("cannot get demangled symbols!")
symbols = {}
for nlist, dlist in zip(out.splitlines(), out_demangled.splitlines()):
a, t, name = nlist.split(" ")
ad, td, named = dlist.split(" ", 2)
if a != ad:
raise Exception("error processing %s/%s, %s != %s".format(
name, named, a, ad))
addr = int(a, 16)
if t in ["t", "T"]:
make_func(addr)
if name.lstrip("_") != named.lstrip("_"):
idc.SetFunctionCmt(addr, named, 0)
idc.MakeNameEx(addr, name, idc.SN_NOWARN)
if name.lstrip("_") != named.lstrip("_"):
idc.MakeComm(addr, named)
comment = "%s = 0" % (idc.GetOpnd(ea, 0))
idc.MakeComm(ea, comment)
# 利用idc.GetCommentEx(ea, repeatable)获取注释
# 0x1000014f8L xor r11d, r11d; r11d = 0
# r11d = 0
ea = here()
print hex(ea),idc.GetDisasm(ea)
print idc.GetCommentEx(ea, False)
# 利用idc.SetFunctionCmt(ea, cmt, repeatable)给函数添加注释 如果将函数的注释标记为可重复性的话,那么它会在任何调用该函数的地方增加注释
# 利用idc.GetFunctionCmt(ea, repeatable)获取函数的注释
ea = here()
print hex(ea),idc.GetDisasm(ea)
print idc.GetFunctionName(ea)
idc.SetFunctionCmt(ea, "Check out later", True)
# 利用idc.MakeName(ea, name)重命名函数或者地址 要重命令函数的话,ea一定要是函数的起始地址
ea = 0x1000039A4
print idc.GetFunctionName(ea)
print hex(ea),idc.GetDisasm(ea)
print idc.MakeName(ea, "wgetmainargs_wrap")
print idc.GetFunctionName(ea)
# 重命名操作数
#0x100003bc2L mov eax, cs:dword_100006170
#0x100006170L dd 0
#True
#0x100003bc2L mov eax, cs:BETA
ea = here()
print hex(ea), idc.GetDisasm(ea)
def __init__(self, first_addr):
for func_item in list(idautils.FuncItems(first_addr)):
idc.MakeComm(func_item, "")
idc.MakeRptCmt(func_item, "")
idc.SetFunctionCmt(first_addr, "", 0)
idc.SetFunctionCmt(first_addr, "", 1)
def _embed_func_cmnt(self, comment, repeatable):
idc.SetFunctionCmt(self._first_addr, comment, repeatable)
