def get_single_comment(ea, is_func=False): """IDA has repeatable and regular comments. BN only has regular comments. This function constructs a single comment from both repeatable and regular comments """ regular_comment = "" repeatable_comment = "" if is_func: regular_comment = idc.GetFunctionCmt(ea, 0) repeatable_comment = idc.GetFunctionCmt(ea, 1) else: regular_comment = idc.Comment(ea) repeatable_comment = idc.RptCmt(ea) if regular_comment is None: return repeatable_comment elif repeatable_comment is None: return regular_comment elif repeatable_comment is None and regular_comment is None: return None else: if len(regular_comment) == 0: return repeatable_comment if len(repeatable_comment) == 0: return repeatable_comment return regular_comment + "\n" + repeatable_comment return None
def postprocess(self): try: if "MakeComment" in self.cmdname: if idc.Comment(self.addr) is not None: self.skel_conn.push_comment(self.addr, idc.Comment(self.addr)) if idc.GetFunctionCmt(self.addr, 0) != "": self.skel_conn.push_comment( self.addr, idc.GetFunctionCmt((self.addr), 0)) elif "MakeRptCmt" in self.cmdname: if idc.GetCommentEx(self.addr, 1) != "": self.skel_conn.push_comment( self.addr, idc.GetCommentEx(self.addr, 1)) if idc.GetFunctionCmt(self.addr, 1) != "": self.skel_conn.push_comment( self.addr, idc.GetFunctionCmt(self.addr, 1)) elif self.cmdname == "MakeFunction": if idc.GetFunctionAttr(self.addr, 0) is not None: pass #push_change("idc.MakeFunction", shex(idc.GetFunctionAttr( # self.addr, 0)), shex(idc.GetFunctionAttr(self.addr, 4))) elif self.cmdname == "DeclareStructVar": print "Fixme : declare Struct variable" elif self.cmdname == "SetType": newtype = idc.GetType(self.addr) if newtype is None: newtype = "" else: newtype = SkelUtils.prepare_parse_type( newtype, self.addr) self.skel_conn.push_type(int(self.addr), newtype) # XXX IMPLEMENT elif self.cmdname == "OpStructOffset": print "Fixme, used when typing a struct member/stack var/data pointer to a struct offset " except KeyError: pass return 0
def yacheck_comments(self): eas = yaunit.load('comments') i = 0 for offset in range(0, 3): for fn_cmt, fn_rpt, cmt, rpt, post, ant in tests: ea = eas[i] logger.debug("checking at 0x%08X : %r, %r, %r, %r, %r, %r" % (ea, fn_cmt, fn_rpt, cmt, rpt, post, ant)) i += 1 if fn_cmt != None: self.assertEqual(idc.GetFunctionCmt(ea, False), fn_cmt) if fn_rpt != None: self.assertEqual(idc.GetFunctionCmt(ea, True), fn_rpt) if cmt != None: self.assertEqual(idc.GetCommentEx(ea, False), cmt) if rpt != None: self.assertEqual(idc.GetCommentEx(ea, True), rpt) if post != None: for j, txt in enumerate(post.split('\n')): self.assertEqual(idc.LineB(ea, j), txt) if ant != None: for j, txt in enumerate(ant.split('\n')): self.assertEqual(idc.LineA(ea, j), txt)
def linearize_comment(ea, function_comment=False): regular_comment = "" repeatable_comment = "" if function_comment: regular_comment = idc.GetFunctionCmt(ea, 0) repeatable_comment = idc.GetFunctionCmt(ea, 1) else: regular_comment = idc.Comment(ea) repeatable_comment = idc.RptCmt(ea) if regular_comment is None and repeatable_comment is None: return None elif regular_comment is not None and repeatable_comment is None: return regular_comment elif repeatable_comment is not None and regular_comment is None: return repeatable_comment else: if len(regular_comment) == 0: return repeatable_comment if len(repeatable_comment) == 0: return repeatable_comment return regular_comment + "\n" + repeatable_comment return None
def fn_read(cls, address, key=None, repeatable=1): address = idc.GetFunctionAttr(address, idc.FUNCATTR_START) if address == idc.BADADDR: raise ValueError("Address %x not in function"% address) result = comment.toDict(idc.GetFunctionCmt(int(address), repeatable)) if '__name__' not in result: result['__name__'] = idc.GetFunctionName(address) if '__address__' not in result: result['__address__'] = address if key is not None: return result[key] return result
def get_func_info(ea): ''' resolve the function comment ''' global func_type_re info = dict() func_cmt = idc.GetFunctionCmt(ea, -1) if func_cmt: res = func_type_re.search(func_cmt) info['class_name'] = res.group('clsname') info['ret_type'] = res.group('ret') info['func_name'] = res.group('fname') info['fparam_type'] = res.group('fptype') info['sparam_name'] = res.group('spname') info['sparam_type'] = res.group('sptype') return info
def postprocess(self): global skel_conn try: if self.cmdname == "MakeComment": if idc.GetCommentEx(self.addr, 0) is not None: skel_conn.push_comment(self.addr, idc.GetCommentEx((self.addr), 0)) elif idc.GetCommentEx(self.addr, 1) is not None: skel_conn.push_comment(self.addr, idc.GetCommentEx((self.addr), 1)) elif idc.GetFunctionCmt(self.addr, 0) != "": skel_conn.push_comment(self.addr, idc.GetCommentEx((self.addr), 0)) elif idc.GetFunctionCmt(self.addr, 1) != "": skel_conn.push_comment( self.addr, idc.GetFunctionCmt(self.addr, 1).replace("\n", "\\n").replace( "\"", "\\\"")) if self.cmdname == "MakeRptCmt": if idc.GetCommentEx(self.addr, 0) is not None: skel_conn.push_comment( self.addr, idc.GetCommentEx(self.addr, 0).replace("\n", "\\n").replace( "\"", "\\\"")) elif idc.GetCommentEx(self.addr, 1) is not None: skel_conn.push_comment( self.addr, idc.GetCommentEx(self.addr, 1).replace("\n", "\\n").replace( "\"", "\\\"")) elif idc.GetFunctionCmt(self.addr, 0) != "": skel_conn.push_comment( self.addr, idc.GetFunctionCmt(self.addr, 0).replace("\n", "\\n").replace( "\"", "\\\"")) elif idc.GetFunctionCmt(self.addr, 1) != "": skel_conn.push_comment( self.addr, idc.GetFunctionCmt(self.addr, 1).replace("\n", "\\n").replace( "\"", "\\\"")) elif self.cmdname == "MakeName": # idc.Jump(self.addr) if (idc.GetFunctionAttr(self.addr, 0) == self.addr): fname = GetFunctionName(self.addr) if fname != "": if not CheckDefaultValue(fname): skel_conn.push_name(self.addr, fname) else: fname = idc.GetTrueName(self.addr) if fname != "" and not CheckDefaultValue(fname): skel_conn.push_name( self.addr, fname.replace("\n", "\\n").replace("\"", "\\\"")) else: # ok, on regarde ce qui est pointe if GetOpType(self.addr, 0) in [o_near, o_imm, o_mem]: if GetOpType(self.addr, 1) in [o_near, o_imm, o_mem]: print "[P] You must be on the top of function or at the global address to set the name in log file" else: add = idc.GetOperandValue(self.addr, 0) fname = idc.GetTrueName(add) if fname != "" and not CheckDefaultValue( fname): skel_conn.push_name( add, fname.replace("\n", "\\n").replace( "\"", "\\\"")) else: print "[P] You must be on the top of function or at the global address to set the name in log file" elif GetOpType(self.addr, 1) in [o_near, o_imm, o_mem]: add = idc.GetOperandValue(self.addr, 1) fname = idc.GetTrueName(add) if fname != "" and not CheckDefaultValue(fname): skel_conn.push_name( add, fname.replace("\n", "\\n").replace("\"", "\\\"")) else: print "[P] You must be on the top of function or at the global address to set the name in log file" elif self.cmdname == "MakeFunction": if idc.GetFunctionAttr(self.addr, 0) is not None: pass #push_change("idc.MakeFunction", shex(idc.GetFunctionAttr( # self.addr, 0)), shex(idc.GetFunctionAttr(self.addr, 4))) elif self.cmdname == "DeclareStructVar": print "Fixme : declare Struct variable" elif self.cmdname == "AddStruct": print "Fixme : adding structure" elif self.cmdname == "SetType": newtype = idc.GetType(self.addr) if newtype is None: newtype = "" else: newtype = prepare_parse_type(newtype, self.addr) push_change("idc.SetType", shex(self.addr), newtype) elif self.cmdname == "OpStructOffset": print "Fixme, used when typing a struct member/stack var/data pointer to a struct offset " except KeyError: pass return 0
def getComment(ea, repeatable=1): return idc.GetFunctionCmt(int(ea), repeatable)
def get_comment(self, repeteable=True): return idc.GetFunctionCmt(self.addr, repeteable)
def _extract_func_cmnt(self, repeatable): function_cmt = idc.GetFunctionCmt(self._first_addr, repeatable) return function_cmt