def _translate_variable(self, var: Variable):
if var.start is None:
self.statistics['num_globals_unresolved'] += 1
self._log.debug(f'global variable "{var.name}" has no address')
return
else:
self.statistics['num_globals_resolved'] += 1
binja_type = self._construct_binja_type(var.type, as_specifier=True)
# Redefine or create the variable, as needed.
binja_var: bn.DataVariable = self._binary_view.get_data_var_at(
var.start)
if binja_var is None or binja_var.type != binja_type:
self._binary_view.define_user_data_var(var.start, binja_type)
binja_var: bn.DataVariable = self._binary_view.get_data_var_at(
var.start)
if binja_var is None:
self._log.error(
f'unable to define variable "{var.name}" at 0x{var.start:x}')
return
# Set the name of the symbol.
symbol: bn.Symbol = self._binary_view.get_symbol_at(var.start)
if symbol is None or symbol.short_name != var.name:
name = '::'.join(var.name) if isinstance(var.name,
tuple) else var.name
self._binary_view.define_user_symbol(
bn.Symbol(bn.SymbolType.DataSymbol, var.start, name))
def port_symbols(self, i):
if self.role == None:
return
entry = self.match_model.entries[i]
target_index = self.role
source_index = 1 if target_index == 0 else 0
source_name = entry["name{}".format(source_index + 1)]
target_address = entry["address{}".format(target_index + 1)]
old_sym = self.bv.get_symbol_at(target_address)
target_name = None
if old_sym:
target_name = old_sym.name
target_text = target_name if target_name else "<unnamed>"
if not source_name:
bn.log_warn("Port symbols: {} @ {:x} has no source name, skipping".format(target_text, target_address))
return
if old_sym and not old_sym.auto:
bn.log_warn("Port symbols: {} @ {:x} is already named, skipping".format(target_text, target_address))
return
bn.log_info("Port symbols: {} @ {:x} -> {}".format(target_text, target_address, source_name))
new_sym = bn.Symbol(bn.SymbolType.FunctionSymbol, target_address, source_name)
self.bv.define_user_symbol(new_sym)
def resolve_module_apis(view, function, module_name, api_hash_src,
api_hash_dst):
#Load dll
filename = os.path.join(DLLDIR, module_name)
if not os.path.exists(filename):
print "[!] ERROR Loading DLL"
image_pe = pefile.PE(filename)
api_hash = view.read(api_hash_src, 4)
api_hash = struct.unpack("<I", api_hash)[0]
while api_hash != 0xFFFF:
for exp in image_pe.DIRECTORY_ENTRY_EXPORT.symbols:
if not exp.name is None:
api_hash_cmp = create_api_hash(exp.name)
if api_hash == api_hash_cmp:
view.define_auto_symbol(
binaryninja.Symbol(binaryninja.FunctionSymbol,
api_hash_dst, exp.name))
api_hash_dst = api_hash_dst + 4
api_hash_src = api_hash_src + 4
api_hash = view.read(api_hash_src, 4)
api_hash = struct.unpack("<I", api_hash)[0]
def _translate_variable(self, var: Variable):
if not self._mapping.is_newer(var):
return False
self._version_table[var.uuid] = var.version
self._log.debug(
f'Translating variable ("{var.name}", {var.version}, {(var.addr if var.addr is not None else 0):x})'
)
if var.addr is None or var.type is None:
self.statistics['num_globals_unresolved'] += 1
if var.addr is None:
self._log.debug(f'Variable "{var.name}" has no address.')
if var.type is None:
self._log.debug(f'Variable "{var.name}" has no type.')
return
binja_type = self._construct_binja_type(var.type, as_specifier=True)
binja_var = self._binary_view.get_data_var_at(var.addr)
if binja_var is None or binja_var.type != binja_type:
self._binary_view.define_user_data_var(var.addr, binja_type)
binja_var = self._binary_view.get_data_var_at(var.addr)
if binja_var is None:
self._log.error(
f'Unable to define variable "{var.name}" at 0x{var.addr:x}')
return
symbol = self._binary_view.get_symbol_at(var.addr)
if symbol is None or symbol.short_name != var.name:
self._binary_view.define_user_symbol(
bn.Symbol(bn.SymbolType.DataSymbol, var.addr, str(var.name)))
self.statistics['num_globals_resolved'] += 1
def set_symbol(self, address, label):
if self.bv.is_valid_offset(address):
symbol = bn.Symbol(bn.SymbolType.ImportedDataSymbol, address,
label)
self.bv.define_user_symbol(symbol)
else:
self.log_error('Invalid address for symbol: {address}'.format(
address=address))
def _rename_symbol(self, symbol: bn.Symbol, new_name: str):
new_symbol = bn.Symbol(symbol.type, symbol.address, new_name, new_name,
symbol.raw_name)
self._binary_view.define_user_symbol(new_symbol)
def _translate_local_variable(self, var: LocalVariable,
binja_function: bn.Function,
locals: VariableSet):
num_resolved = 0
num_preexists = 0
for loc in var.locations:
# Resolve the location to a MLIL variable.
binja_var, preexists = locals.add(var.name, loc)
if binja_var is None:
continue
if preexists:
num_preexists += 1
continue
if isinstance(binja_var, bn.DataVariable):
# A static (local scope) variable.
binja_type = self._construct_binja_type(var.type,
as_specifier=True)
# Set the name of the symbol.
symbol: bn.Symbol = self._binary_view.get_symbol_at(
binja_var.address)
if symbol is None or symbol.short_name != var.name:
name = '::'.join(var.name) if isinstance(
var.name, tuple) else var.name
self._binary_view.define_user_symbol(
bn.Symbol(bn.SymbolType.DataSymbol, binja_var.address,
name))
num_resolved += 1
continue
num_resolved += 1
binja_type = self._construct_binja_type(var.type,
as_specifier=True)
# Coerce to a reference type, as needed
if (binja_var.source_type
== bn.VariableSourceType.RegisterVariableSourceType
and var.type.composite_type is not None
and var.type.byte_size is not None and
var.type.byte_size > self._binary_view.arch.address_size):
binja_type = bn.Type.pointer(
self._binary_view.arch,
binja_type,
ref_type=bn.ReferenceType.ReferenceReferenceType)
self._log.debug(
f'in {binja_function.symbol.short_name}, coercing to a reference: {binja_type}'
)
# Then set the name and type.
new_name = var.name if var.name is not None else binja_var.name
if binja_var.source_type == bn.VariableSourceType.StackVariableSourceType:
binja_function.create_user_stack_var(binja_var.storage,
binja_type, new_name)
else:
# self._log.debug(f'Creating user variable {binja_var} with name {new_name}')
binja_function.create_user_var(binja_var, binja_type, new_name)
binja_var.name = var.name
binja_var.type = binja_type
if num_resolved == 0:
issues = []
for loc in var.locations:
assert (loc.type == LocationType.STATIC_LOCAL)
if loc.begin != 0 and binja_function in self._binary_view.get_functions_containing(
loc.begin):
issues.append(loc)
if issues:
self.statistics['num_variables_unresolved'] += 1
self._log.debug(
f'In {binja_function.symbol.short_name}()@{binja_function.start:x}: unable to resolve variable ("{var.name}"), # of locations already assigned = {num_preexists}'
)
for loc in issues:
self._log.debug(
f' (0x{loc.begin:08x}, 0x{loc.end:08x}, {loc.expr})'
)
else:
if len(var.locations) > 0:
self.statistics['num_variables_other'] += 1
else:
self.statistics['num_variables_resolved'] += 1