def checkVtblStruct(self, descr):
if not descr.get('vtblid'):
descr['vtblnm'] = descr['name'] + 'Vtbl'
descr['vtblid'] = idc.AddStrucEx(-1, descr['vtblnm'], 0)
idc.AddStrucMember(descr['vtblid'], "queryi", 0, idc.FF_QWRD, -1,
8)
if not descr.get('id'):
descr['id'] = idc.AddStrucEx(-1, descr['name'], 0)
self.setStrucPntr(descr['id'], 0, 'vtbl', descr['vtblnm'] + '*')
return descr
def yatest_create_sub(self):
for offset, count in create_sub:
name = 'substruct_' + hhex(offset) + '_' + hhex(count)
sida = idc.AddStrucEx(-1, name + '_sub1', 0)
self.assertNotEqual(sida, -1)
sidb = idc.AddStrucEx(-1, name + '_sub2', 0)
self.assertNotEqual(sidb, -1)
for i in xrange(0, 16):
self.assertEqual(idc.AddStrucMember(sidb, 'sub_' + hhex(i), i, idaapi.FF_BYTE | idaapi.FF_DATA, -1, 1), 0)
self.assertEqual(idc.AddStrucMember(sida, 'sub_struc', offset, idaapi.FF_STRU | idaapi.FF_DATA, sidb, count * 16), 0)
def yatest_apply_struct(self):
addrs = []
# -1: struct, n: union
for k in range(-1, 4):
# find an integer operand in any function
addr = self.find_operand_addr()
addrs.append(addr)
# create struct
sid = idc.AddStrucEx(-1, 'apply_struct_%x' % (k + 1), 0)
self.assertNotEqual(sid, -1)
ftype = idaapi.FF_BYTE | idaapi.FF_DATA
# apply struct only
if k == -1:
# add struct fields
for x in xrange(0, 0x60):
self.assertEqual(
idc.AddStrucMember(sid, 'field_%x' % x, -1, ftype, -1,
1), 0)
path = idaapi.tid_array(1)
path[0] = sid
self.assertNotEqual(
self.custom_op_stroff(addr, path.cast(), 1),
idaapi.BADADDR)
continue
# create union
uid = idc.AddStrucEx(-1, 'apply_union_%x' % (k + 1), 1)
self.assertNotEqual(uid, -1)
for x in xrange(1, 0x10):
self.assertEqual(
idc.AddStrucMember(uid, 'union_%x' % x, -1, ftype, -1, 1),
0)
# add struct fields
for x in xrange(0, 0x60):
self.assertEqual(
idc.AddStrucMember(sid, 'field_%x' % x, -1,
idaapi.struflag(), uid, 1), 0)
# apply selected union field
fid = idc.GetMemberId(uid, k)
self.assertNotEqual(fid, -1)
path = idaapi.tid_array(2)
path[0] = sid
path[1] = fid
self.assertNotEqual(self.custom_op_stroff(addr, path.cast(), 2),
idaapi.BADADDR)
yaunit.save('apply_struct', addrs)
def create_struc_from_skeleton(name, skeleton, default_type=idaapi.FF_DWRD):
sorted_data_types = sorted(data_types.items(),
key=lambda x: x[1],
reverse=True)
sid = idc.GetStrucIdByName(name)
if sid != idaapi.BADADDR:
idc.DelStruc(sid)
idx = idc.AddStrucEx(idaapi.BADADDR, name, False)
i = 0
size = skeleton[-1][SKELETON_OFFSET] + data_types[skeleton[-1]
[SKELETON_TYPE]]
while i < size:
if i < skeleton[0][SKELETON_OFFSET]:
if i + data_types[default_type] <= skeleton[0][SKELETON_OFFSET]:
idc.AddStrucMember(idx, 'field_{0}'.format(hex(i)), i,
default_type | idaapi.FF_DATA, -1,
data_types[default_type])
i += data_types[default_type]
else:
for data_type in sorted_data_types:
if skeleton[0][SKELETON_OFFSET] - i >= data_type[1]:
idc.AddStrucMember(idx, 'field_{0}'.format(hex(i)), i,
data_type[0] | idaapi.FF_DATA, -1,
data_type[1])
i += data_type[1]
break
elif i == skeleton[0][SKELETON_OFFSET]:
idc.AddStrucMember(idx, skeleton[0][SKELETON_NAME],
skeleton[0][SKELETON_OFFSET],
skeleton[0][SKELETON_TYPE] | idaapi.FF_DATA, -1,
data_types[skeleton[0][SKELETON_TYPE]])
i += data_types[skeleton[0][SKELETON_TYPE]]
skeleton.pop(0)
else:
skeleton.pop(0)
def _find_or_create_struct():
name = "sce_module_info_t"
sid = idc.GetStrucIdByName(name)
if sid != idc.BADADDR:
return sid # already exists
sid = idc.AddStrucEx(-1, name, 0)
idc.AddStrucMember(sid, "modattribute", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "modversion", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "modname", -1, idc.FF_ASCI, -1, 27)
idc.AddStrucMember(sid, "type", -1, idc.FF_BYTE, -1, 1)
idc.AddStrucMember(sid, "gp_value", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "ent_top", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "ent_end", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "stub_top", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "stub_end", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "module_nid", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "field_38", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "field_3C", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "field_40", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "mod_start", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "mod_stop", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "exidx_start", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "exidx_end", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "extab_start", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "extab_end", -1, idc.FF_DWRD, -1, 4)
idc.Til2Idb(-1, name)
return sid
def _find_or_create_struct():
name = "sce_module_imports_t"
sid = idc.GetStrucIdByName(name)
if sid != idc.BADADDR:
return sid # already exists
sid = idc.AddStrucEx(-1, name, 0)
idc.AddStrucMember(sid, "size", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "version", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "flags", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "num_functions", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "num_vars", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "num_tls_vars", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "reserved1", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "lib_nid", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "lib_name", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "reserved2", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "func_nid_table", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "func_entry_table", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "var_nid_table", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "var_entry_table", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "tls_nid_table", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "tls_entry_table", -1, idc.FF_DWRD, -1, 4)
idc.Til2Idb(-1, name)
return sid
def test_create_struct_complex(self, in_stack):
ident, sida = self.get_function_sid(in_stack, local_size=complex_struc1_size)
self.assertNotEqual(sida, -1)
sidb = idc.AddStrucEx(0, 'create_struct_complex_sub_%d' % in_stack, 0)
self.assertNotEqual(sidb, -1)
self.create_complex(sida, sidb)
yaunit.save('create_struct_complex_%d' % in_stack, ident)
def createStruct(self, name):
sid = idc.GetStrucIdByName(name)
if sid != -1:
idc.DelStruc(sid)
sid = idc.AddStrucEx(-1, name, 0)
self.types_id['name'] = sid
return sid
def yatest_create_struct_in_stack_vars_with_renaming(self):
"""
test creation of struct from stack vars
used to find a bug (structure is correctly applied on var if renamed)
"""
# create structure
ident, sida = self.get_function_sid_without_del(
True, local_size=complex_struc3_size, count_from_first_var=True)
self.assertNotEqual(sida, -1)
sidb = idc.AddStrucEx(0, 'create_struct_in_stack_vars_with_renaming',
0)
self.assertNotEqual(sidb, -1)
size = self.create_complex2(sidb, complex_struc3)
self.assertEqual(complex_struc3_size, size)
# set first var prototype
offset = idc.GetFirstMember(sida)
member_id = idc.GetMemberId(sida, offset)
self.assertNotEqual(member_id, -1)
self.assertTrue(
idc.SetType(member_id,
"create_struct_in_stack_vars_with_renaming* x;"))
self.assertEqual("create_struct_in_stack_vars_with_renaming *",
idc.GetType(idc.GetMemberId(sida, offset)))
idc.SetMemberName(sida, offset, "var1")
yaunit.save("create_struct_in_stack_vars_with_renaming", sida)
yaunit.save("create_struct_in_stack_vars_with_renaming_offset", offset)
def yatest_create_struct(self):
for name, comment, repeatable in create_struct:
sid = idc.AddStrucEx(-1, name, 0)
self.assertNotEqual(sid, -1)
if comment is not None:
err = idc.SetStrucComment(sid, comment, repeatable)
self.assertNotEqual(err, 0)
def find_or_create_struct(name):
sid = idc.GetStrucIdByName(name)
if (sid == idc.BADADDR):
sid = idc.AddStrucEx(-1, name, 0)
add_struct_to_idb(name)
return sid
def yatest_set_field_prototype(self):
for field_type, name, prototype in set_field_prototype:
sid = idc.AddStrucEx(-1, name, 0)
self.assertNotEqual(sid, -1)
self.assertEqual(idc.AddStrucMember(sid, 'field', 0, field_type | idaapi.FF_DATA, -1, get_size(field_type, -1)), 0)
mid = idc.GetMemberId(sid, 0)
self.assertNotEqual(mid, -1)
self.assertTrue(idc.SetType(mid, prototype))
def build_types():
sid = idc.AddStrucEx(-1, "_vfunc", 0)
if sid != -1:
sptr = idaapi.get_struc(sid)
idaapi.set_struc_hidden(sptr, True)
for t in Types():
t.build_struct()
save_type_info()
def get_function_sid_without_del(self, in_stack, local_size=1, count_from_first_var=False):
if not in_stack:
return 'create_struct_complex', idc.AddStrucEx(0, 'create_struct_complex', 0)
ea = yaunit.get_next_function(lambda ea : yaunit.has_locals(ea, local_size, count_from_first_var))
frame = idaapi.get_frame(ea)
self.assertNotEqual(frame, None)
offset = idc.GetFirstMember(frame.id)
return ea, frame.id
def struct_create(name, union=False):
"""Create an IDA struct with the given name, returning the SID."""
# AddStrucEx is documented as returning -1 on failure, but in practice it seems to return
# BADADDR.
union = 1 if union else 0
sid = idc.AddStrucEx(-1, name, union)
if sid in (-1, idc.BADADDR):
return None
return sid
def yatest_create_struct_field(self):
for offset, count, field_type, string_type, comment, repeatable in create_field:
size = count * get_size(field_type, string_type)
name = get_name(field_type, string_type, offset, size)
sid = idc.AddStrucEx(0, 'struct_' + name, 0)
self.assertNotEqual(sid, -1)
err = idc.AddStrucMember(sid, 'field_' + name, offset, field_type | idaapi.FF_DATA, string_type, size)
self.assertEqual(err, 0)
if comment is not None:
self.assertNotEqual(idc.SetMemberComment(sid, offset, comment, repeatable), 0)
def get_function_sid(self, in_stack, local_size=1):
if not in_stack:
return 'create_struct_complex', idc.AddStrucEx(0, 'create_struct_complex', 0)
ea = yaunit.get_next_function(lambda ea : yaunit.has_locals(ea, local_size))
frame = idaapi.get_frame(ea)
self.assertNotEqual(frame, None)
offset = idc.GetFirstMember(frame.id)
while offset != idaapi.BADADDR:
idc.DelStrucMember(frame.id, offset)
offset = idc.GetFirstMember(frame.id)
return ea, frame.id
def yatest_reference_loop(self):
mids = []
for k in range(0, 2):
sid = idc.AddStrucEx(-1, 'refloop' + str(k), 0)
self.assertNotEqual(sid, -1)
self.assertEqual(idc.AddStrucMember(sid, 'refloop_field' + str(k), 0, idaapi.FF_DWRD, -1, 4), 0)
mid = idc.GetMemberId(sid, 0)
self.assertNotEqual(mid, -1)
mids.append(mid)
for k in range(0, 2):
self.assertTrue(idc.SetType(mids[k], 'refloop' + str(1 - k) + ' *'))
def find_or_create_struct(name):
sid = idc.GetStrucIdByName(name)
if sid == idc.BADADDR:
sid = idc.AddStrucEx(-1, name, 0)
print "added struct \"{0}\", id: {1}".format(name, sid)
else:
print "struct \"{0}\" already exists, id: ".format(name, sid)
add_struct_to_idb(name)
return sid
def create_struc(name, size, default_type=idaapi.FF_DWRD):
sid = idc.GetStrucIdByName(name)
if sid != idaapi.BADADDR:
idc.DelStruc(sid)
idx = idc.AddStrucEx(idaapi.BADADDR, name, False)
i = 0
while i < size:
idc.AddStrucMember(idx, 'field_{0}'.format(hex(i)), i,
default_type | idaapi.FF_DATA, -1,
data_types[default_type])
i += data_types[default_type]
def makeStructFromHits(self, count, startHitIdx, endHitIdx):
structName = 'sc%d' % count
self.logger.debug("Making struct %d:", count)
structId = idc.AddStrucEx(0xffffffff, structName, 0)
if structId == 0xffffffff:
raise ValueError("Struct %s already exists!" % structName)
subRange = self.hits[startHitIdx:endHitIdx]
for i in range(len(subRange)):
hit = subRange[i]
self.logger.debug("%02x: %08x: %08x %s" , i*self.PTR_SIZE, hit.ea, hit.symHash.hashVal, hit.symHash.symbolName)
idc.AddStrucMember(structId, str(hit.symHash.symbolName), i*self.PTR_SIZE, idc.FF_DATA|idc.FF_DWRD, -1, 4)
def create_vtable_struct(class_name, functions):
struct_name = 'VTABLE_' + class_name
sid = idc.GetStrucIdByName(struct_name)
if sid != BADADDR:
print("vtable already exists for " + class_name)
return False
sid = idc.AddStrucEx(-1, struct_name, 0)
# idc.Til2Idb(-1, struct_name)
offset = 0
for fn in functions:
func_name = fn[0]
func_name = func_name.replace('~', 'destr_')
func_type = fn[1]
ret = add_struc_member(sid, func_name, -1, idc.FF_QWORD, -1, 8)
# Ohhhh name name..
# i=0
if ret == -1:
print("error creating struct VTABLE: %s (%d) (%s)" %
(class_name, ret, func_name))
return False
if func_type != '':
if func_type.find("__cdecl(") > -1:
func_type = func_type.replace("__cdecl",
"(__cdecl *%s)" % func_name)
elif func_type.find("__stdcall(") > -1:
func_type = func_type.replace("__stdcall",
"(__stdcall *%s)" % func_name)
elif func_type.find("__fastcall(") > -1:
func_type = func_type.replace("__fastcall",
"(__fastcall *%s)" % func_name)
elif func_type.find("__thiscall(") > -1:
func_type = func_type.replace("__thiscall",
"(__thiscall *%s)" % func_name)
elif func_type.find("__usercall(") > -1:
func_type = func_type.replace("__usercall",
"(__usercall *%s)" % func_name)
elif func_type.find("__userpurge(") > -1:
func_type = func_type.replace("__userpurge",
"(__userpurge *%s)" % func_name)
SetType(GetMemberId(sid, offset), func_type)
# MakeComm(GetMemberId(sid, offset), func_name)
# "__int64 (__fastcall *)(ClassName *this)");
offset += 8
# print(fn)
return True
def new_struct(name, nb_field, field_size, is_union=False):
type_by_size = {
1: idc.FF_BYTE,
2: idc.FF_WORD,
4: idc.FF_DWRD,
8: idc.FF_QWRD
}
if field_size not in type_by_size:
raise ValueError("field size muste be {0}".format(list(type_by_size)))
sid = idc.AddStrucEx(-1, name, is_union)
if sid == -1: # handle if name is already taken ?
raise ValueError('bad name <{0}> for struct name'.format(name))
for i in range(nb_field):
idc.AddStrucMember(sid, 'field_{0}'.format(i), i * field_size,
idc.FF_DATA | type_by_size[field_size], -1,
field_size)
return sid
def build_struct(self):
''' Creates an IDA structure for this Type.
'''
if self.struct is not None:
return
for p in self.parents:
p.build_struct()
self.struct = idc.AddStrucEx(-1, self.name, 0)
if as_signed(self.struct, TARGET_ADDRESS_SIZE) == -1:
raise RuntimeError("Unable to make struct `{}`".format(self.name))
else:
#TODO: either come up with another way of showing this, or
# sync it with the actual function names
cmt = "constructors: "
for c in self.constructors():
cmt += "{}(0x{:02x}), ".format(idc.Name(c), c)
cmt = cmt.strip(", ")
idaapi.set_struc_cmt(self.struct, cmt, False)
if TARGET_ADDRESS_SIZE == 8:
mask = idc.FF_QWRD
else:
mask = idc.FF_DWRD
# Only bases get the magic _vptr member
if len(self.parents) == 0:
idc.AddStrucMember(self.struct, "_vptr", 0, idc.FF_DATA | mask, -1,
TARGET_ADDRESS_SIZE)
idc.SetType(idc.GetMemberId(self.struct, 0), "_vfunc**")
for i, parent in enumerate(self.parents):
try:
#TODO: for non-itanium ABI, this may not be available
# when RTTI is disabled
offset = self.tablegroup.tables[i].offset_to_top
except:
break
idc.AddStrucMember(self.struct, "parent_{}".format(i),
-offset, idc.FF_DATA, -1,
idc.GetStrucSize(parent.struct))
idc.SetType(idc.GetMemberId(self.struct, -offset), parent.name)
def makeStructFromHits(self, count, startHitIdx, endHitIdx):
structName = 'sc%d' % count
logger.debug("Making struct %d:", count)
if using_ida7api:
structId = idc.add_struc(0xffffffff, structName, 0)
else:
structId = idc.AddStrucEx(0xffffffff, structName, 0)
if structId == 0xffffffff:
raise ValueError("Struct %s already exists!" % structName)
subRange = self.hits[startHitIdx:endHitIdx]
for i in range(len(subRange)):
hit = subRange[i]
logger.debug("%02x: %08x: %08x %s" , i*self.ptrSize, hit.ea, hit.symHash.hashVal, hit.symHash.symbolName)
if using_ida7api:
idc.add_struc_member(structId, str(hit.symHash.symbolName), i*self.ptrSize, idc.FF_DATA|idc.FF_DWORD, -1, 4)
else:
idc.AddStrucMember(structId, str(hit.symHash.symbolName), i*self.ptrSize, idc.FF_DATA|idc.FF_DWRD, -1, 4)
def create_vtable_struct(class_name, functions):
struct_name = 'vtable_' + class_name
sid = idc.GetStrucIdByName(struct_name)
if sid != BADADDR:
print("vtable already exists for " + class_name)
return 0
sid = idc.AddStrucEx(-1, struct_name, 0)
idc.Til2Idb(-1, struct_name)
offset = 0
for fn in functions:
func_name = fn[0]
func_name = func_name.replace('~', 'destr_')
func_type = fn[1]
idc.AddStrucMember(sid, func_name, -1, idc.FF_QWRD, -1, 8)
if func_type != '':
if func_type.find("__cdecl(") > -1:
func_type = func_type.replace("__cdecl",
"(__cdecl *%s)" % func_name)
elif func_type.find("__stdcall(") > -1:
func_type = func_type.replace("__stdcall",
"(__stdcall *%s)" % func_name)
elif func_type.find("__fastcall(") > -1:
func_type = func_type.replace("__fastcall",
"(__fastcall *%s)" % func_name)
elif func_type.find("__thiscall(") > -1:
func_type = func_type.replace("__thiscall",
"(__thiscall *%s)" % func_name)
elif func_type.find("__usercall(") > -1:
func_type = func_type.replace("__usercall",
"(__usercall *%s)" % func_name)
elif func_type.find("__userpurge(") > -1:
func_type = func_type.replace("__userpurge",
"(__userpurge *%s)" % func_name)
SetType(GetMemberId(sid, offset), func_type)
# MakeComm(GetMemberId(sid, offset), func_name)
# "__int64 (__fastcall *)(ClassName *this)");
offset += 8
print(fn)
return 1
def make_struc(self, object_version, address):
name = object_version.get_name()
object_id = object_version.get_id()
size = object_version.get_size()
struc_id = idc.GetStrucIdByName(name)
if struc_id == idc.BADADDR:
try:
is_union = object_version.get_object_flags()
except KeyError:
is_union = 0
struc_id = idc.AddStrucEx(0, name, is_union)
# add a dummy field.
# This is necessary to avoid an error is idc.SetType(struc*) is used on another struc
# member
# TODO not for empty strucs
if is_union:
idc.AddStrucMember(struc_id, "yaco_filler", 0, idc.FF_BYTE, 0,
1)
else:
is_union = idc.IsUnion(struc_id)
# if(is_union):
# pass
# else:
# self.clear_struc_fields(struc_id, object_version['xrefs'], is_union)
if not is_union or is_union == 0:
self.clear_struc_fields(
struc_id, size,
object_version.get_xrefed_id_map().iterkeys(), False)
else:
self.union_ids.add(struc_id)
if DEBUG_EXPORTER:
logger.debug(
"adding struc id %s : '0x%.016X' (%s)" %
(self.hash_provider.hash_to_string(object_id), struc_id, name))
self.struc_ids[object_id] = struc_id
_yatools_ida_exporter.set_struct_id(object_id, struc_id)
self.hash_provider.put_hash_struc_or_enum(struc_id, object_id)
def _find_or_create_struct():
name = "sce_module_exports_t"
sid = idc.GetStrucIdByName(name)
if sid != idc.BADADDR:
return sid # already exists
sid = idc.AddStrucEx(-1, name, 0)
idc.AddStrucMember(sid, "size", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "lib_version", -1, idc.FF_BYTE, -1, 2)
idc.AddStrucMember(sid, "attribute", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "num_functions", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "num_vars", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "unk", -1, idc.FF_WORD, -1, 2)
idc.AddStrucMember(sid, "num_tls_vars", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "lib_nid", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "lib_name", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "nid_table", -1, idc.FF_DWRD, -1, 4)
idc.AddStrucMember(sid, "entry_table", -1, idc.FF_DWRD, -1, 4)
idc.Til2Idb(-1, name)
return sid
def yatest_create_struct_in_stack_vars(self):
"""
test creation of struct from stack vars
used to find a bug when creating struct for stack vars and naming vars
"""
# create structure
ident, sida = self.get_function_sid_without_del(True, local_size=complex_struc3_size, count_from_first_var=True)
self.assertNotEqual(sida, -1)
sidb = idc.AddStrucEx(0, 'create_struct_in_stack_vars', 0)
self.assertNotEqual(sidb, -1)
size = self.create_complex2(sidb, complex_struc3)
self.assertEqual(complex_struc3_size, size)
# set first var prototype
offset = idc.GetFirstMember(sida)
member_id = idc.GetMemberId(sida, offset)
self.assertNotEqual(member_id, -1)
self.assertTrue(idc.SetType(member_id, "create_struct_in_stack_vars* x;"))
self.assertEqual("create_struct_in_stack_vars *",
idc.GetType(idc.GetMemberId(sida, offset)))
yaunit.save("create_struct_in_stack_vars", sida)
yaunit.save("create_struct_in_stack_vars_offset", offset)
def makeStruct(strname=""):
'''
Función para crear la estructura de Gustavo en IDA con idc.
@param strname: nombre de la estructura
@return: 0-todo bien, -1-caca
'''
sid = idc.GetStrucIdByName(strname)
if sid == idc.BADADDR:
sid = idc.AddStrucEx(-1, strname, 0)
else:
print "[-] Error. Structure %s already exists." % strname
return -1
print idc.AddStrucMember(sid, "instructionType", -1, idc.FF_BYTE, -1, 1)
print idc.AddStrucMember(sid, "hashSha", -1, idc.FF_BYTE, -1, 20)
print idc.AddStrucMember(sid, "instructionSize", -1, idc.FF_BYTE, -1, 1)
print idc.AddStrucMember(sid, "branchHash", -1, idc.FF_BYTE, -1, 20)
print idc.AddStrucMember(sid, "nextHash", -1, idc.FF_BYTE, -1, 20)
print idc.AddStrucMember(sid, "salt", -1, idc.FF_DWRD, -1, 4)
return 0
