def show_structures_allocated(self, context): self.allocated_structures = QtGui.QGraphicsItemGroup(scene=self.scene) def offset(vaddr): # FIXME return vaddr - context.heap.start for s in context.listStructures(): #offset, value, color = QtCore.Qt.green, scene=None, parent=None): self.allocated_structures.addToGroup(widgets.Structure(offset(s._vaddr), s, scene = self.scene, color = QtCore.Qt.blue) ) return
def makeReversedTypes(context, sizeCache): ''' Compare signatures for each size groups. Makes a chains out of similar structures. Changes the structure names for a single typename when possible. Changes the ctypes types of each pointer field.''' log.info( '[+] Build groups of similar instances, create a reversed type for each group.') for chains in buildStructureGroup(context, sizeCache): fixType(context, chains) log.info( '[+] For each instances, fix pointers fields to newly created types.') for s in context.listStructures(): s.reset() s.decodeFields() for f in s.getPointerFields(): addr = f._getValue(0) if addr in context.heap: try: ctypes_type = context.getStructureForOffset( addr).getCtype() # we have escapees, withouth a typed type... saved them from # exception except TypeError as e: ctypes_type = fixInstanceType( context, context.getStructureForOffset(addr), getname()) f.setCtype(ctypes.POINTER(ctypes_type)) f.setComment('pointer fixed') log.info('[+] For new reversed type, fix their definitive fields.') for revStructType in context.listReversedTypes(): revStructType.makeFields(context) # poitners not in the heap # for s in context.listStructures(): # for f in s.getPointerFields(): # if ctypes.is_void_pointer_type(f.getCtype()): # print s,'has a c_void_p field', f._getValue(0), # print context.getStructureForOffset( f._getValue(0) ) return context
def makeReversedTypes(context, sizeCache): ''' Compare signatures for each size groups. Makes a chains out of similar structures. Changes the structure names for a single typename when possible. Changes the ctypes types of each pointer field.''' log.info('[+] Build groups of similar instances, create a reversed type for each group.') for chains in buildStructureGroup(context, sizeCache): fixType(context, chains) log.info('[+] For each instances, fix pointers fields to newly created types.') import ctypes for s in context.listStructures(): s.reset() s.decodeFields() for f in s.getPointerFields(): addr = f._getValue(0) if addr in context.heap: try: ctypes_type = context.getStructureForOffset(addr).getCtype() except TypeError,e: # we have escapees, withouth a typed type... saved them from exception ctypes_type = fixInstanceType(context, context.getStructureForOffset(addr), getname()) f.setCtype( ctypes.POINTER(ctypes_type) ) f.setComment('pointer fixed')