def export_user_variables(ct, f_ea): # heavily based on https://idapython.googlecode.com/svn-history/r380/trunk/examples/vds4.py class dump_lvar_info_t(idaapi.user_lvar_visitor_t): def __init__(self): idaapi.user_lvar_visitor_t.__init__(self) return def get_info_qty_for_saving(self): print "qty" return 0 def get_info_for_saving(self, lv): return False def handle_retrieved_info(self, lv): try: print "%x %x %x %x" % (lv.ll.get_regnum(), lv.ll.get_reg1(), lv.ll.get_reg2(), lv.ll.get_value()) print lv.ll.location print "Lvar defined at %x (%x)" % (lv.ll.defea, f_ea) print >>f, "Lvar defined at %x (%x)" % (lv.ll.defea, f_ea) if len(str(lv.name)): print " Name: %s" % (str(lv.name), ) print >>f, " Name: %s" % (str(lv.name), ) #if len(str(lv.type)): ##~ print_type_to_one_line(buf, sizeof(buf), idati, .c_str()); # print " Type: %s" % (str(lv.type), ) # print >>f, " Type: %s" % (str(lv.type), ) ##print lv.ll.is_reg_var() ##i = idaapi.lvars_t() ##print i.find_lvar(lv.ll.defea) #lvs = ct.get_lvars() #lv_new = lvs.find(lv.ll) #if lv_new.name == "foobar": # lv_new.clr_user_name() # lv_new.name = "bliblablub" ## this is changing the name, when hovering the mouse on it, this is visible ## however its not saved. why? #lv_new.set_user_name() # unfortunately the mapping is useless as this is not exported from cfunc_t #lm = idaapi.lvar_mapping_t() #idaapi.lvar_mapping_insert(ct.lvar_t, c) #Lvar defined at 400000f # Name: foobar # Type: <idaapi.tinfo_t; proxy of <Swig Object of type 'tinfo_t *' at 0xd5eef08> > #<idaapi.lvar_saved_info_t; proxy of <Swig Object of type 'lvar_saved_info_t *' at 0xd5eeba8> > #<idaapi.lvar_locator_t; proxy of <Swig Object of type 'lvar_locator_t *' at 0xd5eef08> > except: traceback.print_exc() return 0 def handle_retrieved_mapping(self, lm): return 0 def get_info_mapping_for_saving(self): return None dli = dump_lvar_info_t(); idaapi.restore_user_lvar_settings(ct.entry_ea, dli) f.close()
def _get_user_lvar_settings(ea): dct = {} lvinf = idaapi.lvar_uservec_t() if idaapi.restore_user_lvar_settings(lvinf, ea): dct['lvvec'] = [] for lv in lvinf.lvvec: dct['lvvec'].append(HexRaysHooks._get_lvar_saved_info(lv)) dct['sizes'] = list(lvinf.sizes) dct['lmaps'] = {} it = idaapi.lvar_mapping_begin(lvinf.lmaps) while it != idaapi.lvar_mapping_end(lvinf.lmaps): key = idaapi.lvar_mapping_first(it) key = HexRaysHooks._get_lvar_locator(key) val = idaapi.lvar_mapping_second(it) val = HexRaysHooks._get_lvar_locator(val) dct['lmaps'][key] = val it = idaapi.lvar_mapping_next(it) dct['stkoff_delta'] = lvinf.stkoff_delta dct['ulv_flags'] = lvinf.ulv_flags return dct
def run(): cfunc = idaapi.decompile(idaapi.get_screen_ea()) if not cfunc: print 'Please move the cursor into a function.' return entry_ea = cfunc.entry_ea print "Dump of user-defined information for function at %x" % (entry_ea, ) # Display user defined labels. labels = idaapi.restore_user_labels(entry_ea); if labels is not None: print "------- %u user defined labels" % (len(labels), ) for org_label, name in labels.iteritems(): print "Label %d: %s" % (org_label, str(name)) idaapi.user_labels_free(labels) # Display user defined comments cmts = idaapi.restore_user_cmts(entry_ea); if cmts is not None: print "------- %u user defined comments" % (len(cmts), ) for tl, cmt in cmts.iteritems(): print "Comment at %x, preciser %x:\n%s\n" % (tl.ea, tl.itp, str(cmt)) idaapi.user_cmts_free(cmts) # Display user defined citem iflags iflags = idaapi.restore_user_iflags(entry_ea) if iflags is not None: print "------- %u user defined citem iflags" % (len(iflags), ) for cl, t in iflags.iteritems(): print "%a(%d): %08X%s" % (cl.ea, cl.op, f, " CIT_COLLAPSED" if f & CIT_COLLAPSED else "") idaapi.user_iflags_free(iflags) # Display user defined number formats numforms = idaapi.restore_user_numforms(entry_ea) if numforms is not None: print "------- %u user defined number formats" % (len(numforms), ) for ol, nf in numforms.iteritems(): print "Number format at %a, operand %d: %s" % (ol.ea, ol.opnum, "negated " if (nf.props & NF_NEGATE) != 0 else "") if nf.isEnum(): print "enum %s (serial %d)" % (str(nf.type_name), nf.serial) elif nf.isChar(): print "char" elif nf.isStroff(): print "struct offset %s" % (str(nf.type_name), ) else: print "number base=%d" % (idaapi.getRadix(nf.flags, ol.opnum), ) idaapi.user_numforms_free(numforms) # Display user-defined local variable information # First defined the visitor class class dump_lvar_info_t(idaapi.user_lvar_visitor_t): def __init__(self): idaapi.user_lvar_visitor_t.__init__(self) self.displayed_header = False return def get_info_qty_for_saving(self): return 0 def get_info_for_saving(self, lv): return False def handle_retrieved_info(self, lv): try: if not self.displayed_header: self.displayed_header = True; print "------- User defined local variable information" print "Lvar defined at %x" % (lv.ll.defea, ) if len(str(lv.name)): print " Name: %s" % (str(lv.name), ) if len(str(lv.type)): #~ print_type_to_one_line(buf, sizeof(buf), idati, .c_str()); print " Type: %s" % (str(lv.type), ) if len(str(lv.cmt)): print " Comment: %s" % (str(lv.cmt), ) except: traceback.print_exc() return 0 def handle_retrieved_mapping(self, lm): return 0 def get_info_mapping_for_saving(self): return None # Now iterate over all user definitions dli = dump_lvar_info_t(); idaapi.restore_user_lvar_settings(entry_ea, dli) return
def run(): cfunc = idaapi.decompile(idaapi.get_screen_ea()) if not cfunc: print 'Please move the cursor into a function.' return entry_ea = cfunc.entry_ea print "Dump of user-defined information for function at %x" % (entry_ea, ) # Display user defined labels. labels = idaapi.restore_user_labels(entry_ea); if labels is not None: print "------- %u user defined labels" % (len(labels), ) for org_label, name in labels.iteritems(): print "Label %d: %s" % (org_label, str(name)) idaapi.user_labels_free(labels) # Display user defined comments cmts = idaapi.restore_user_cmts(entry_ea); if cmts is not None: print "------- %u user defined comments" % (len(cmts), ) for tl, cmt in cmts.iteritems(): print "Comment at %x, preciser %x:\n%s\n" % (tl.ea, tl.itp, str(cmt)) idaapi.user_cmts_free(cmts) # Display user defined citem iflags iflags = idaapi.restore_user_iflags(entry_ea) if iflags is not None: print "------- %u user defined citem iflags" % (len(iflags), ) for cl, t in iflags.iteritems(): print "%a(%d): %08X%s" % (cl.ea, cl.op, f, " CIT_COLLAPSED" if f & CIT_COLLAPSED else "") idaapi.user_iflags_free(iflags) # Display user defined number formats numforms = idaapi.restore_user_numforms(entry_ea) if numforms is not None: print "------- %u user defined number formats" % (len(numforms), ) for ol, nf in numforms.iteritems(): print "Number format at %a, operand %d: %s" % (ol.ea, ol.opnum, "negated " if (nf.props & NF_NEGATE) != 0 else "") if nf.is_enum(): print "enum %s (serial %d)" % (str(nf.type_name), nf.serial) elif nf.is_char(): print "char" elif nf.is_stroff(): print "struct offset %s" % (str(nf.type_name), ) else: print "number base=%d" % (idaapi.get_radix(nf.flags, ol.opnum), ) idaapi.user_numforms_free(numforms) # Display user-defined local variable information lvinf = idaapi.lvar_uservec_t() if idaapi.restore_user_lvar_settings(lvinf, entry_ea): print "------- User defined local variable information\n" for lv in lvinf.lvvec: print "Lvar defined at %x" % (lv.ll.defea, ) if len(str(lv.name)): print " Name: %s" % (str(lv.name), ) if len(str(lv.type)): #~ print_type_to_one_line(buf, sizeof(buf), idati, .c_str()); print " Type: %s" % (str(lv.type), ) if len(str(lv.cmt)): print " Comment: %s" % (str(lv.cmt), ) return
def run(): cfunc = idaapi.decompile(idaapi.get_screen_ea()) if not cfunc: print('Please move the cursor into a function.') return entry_ea = cfunc.entry_ea print("Dump of user-defined information for function at %x" % (entry_ea, )) # Display user defined labels. labels = idaapi.restore_user_labels(entry_ea); if labels is not None: print("------- %u user defined labels" % (len(labels), )) for org_label, name in labels.iteritems(): print("Label %d: %s" % (org_label, str(name))) idaapi.user_labels_free(labels) # Display user defined comments cmts = idaapi.restore_user_cmts(entry_ea); if cmts is not None: print("------- %u user defined comments" % (len(cmts), )) for tl, cmt in cmts.iteritems(): print("Comment at %x, preciser %x:\n%s\n" % (tl.ea, tl.itp, str(cmt))) idaapi.user_cmts_free(cmts) # Display user defined citem iflags iflags = idaapi.restore_user_iflags(entry_ea) if iflags is not None: print("------- %u user defined citem iflags" % (len(iflags), )) for cl, f in iflags.iteritems(): print("%x(%d): %08X%s" % (cl.ea, cl.op, f, " CIT_COLLAPSED" if f & idaapi.CIT_COLLAPSED else "")) idaapi.user_iflags_free(iflags) # Display user defined number formats numforms = idaapi.restore_user_numforms(entry_ea) if numforms is not None: print("------- %u user defined number formats" % (len(numforms), )) for ol, nf in numforms.iteritems(): print("Number format at %a, operand %d: %s" % (ol.ea, ol.opnum, "negated " if (nf.props & NF_NEGATE) != 0 else "")) if nf.is_enum(): print("enum %s (serial %d)" % (str(nf.type_name), nf.serial)) elif nf.is_char(): print("char") elif nf.is_stroff(): print("struct offset %s" % (str(nf.type_name), )) else: print("number base=%d" % (idaapi.get_radix(nf.flags, ol.opnum), )) idaapi.user_numforms_free(numforms) # Display user-defined local variable information lvinf = idaapi.lvar_uservec_t() if idaapi.restore_user_lvar_settings(lvinf, entry_ea): print("------- User defined local variable information\n") for lv in lvinf.lvvec: print("Lvar defined at %x" % (lv.ll.defea, )) if len(str(lv.name)): print(" Name: %s" % (str(lv.name), )) if len(str(lv.type)): #~ print_type_to_one_line(buf, sizeof(buf), idati, .c_str()); print(" Type: %s" % (str(lv.type), )) if len(str(lv.cmt)): print(" Comment: %s" % (str(lv.cmt), )) return