def xrefs_from(ea, only_one=False): fixup_ea = idc.GetFixupTgtOff(ea) seen = False has_one = only_one if not is_invalid_ea(fixup_ea): seen = only_one has_one = True yield fixup_ea if has_one and _stop_looking_for_xrefs(ea): return for target_ea in drefs_from(ea, only_one, check_fixup=False): if target_ea != fixup_ea: seen = only_one yield target_ea if seen: return for target_ea in crefs_from(ea, only_one, check_fixup=False): if target_ea != fixup_ea: seen = only_one yield target_ea if seen: return
def crefs_from(ea, only_one=False, check_fixup=True): flags = idc.GetFlags(ea) if not idc.isCode(flags): return fixup_ea = idc.BADADDR seen = False has_one = only_one if check_fixup: fixup_ea = idc.GetFixupTgtOff(ea) if not is_invalid_ea(fixup_ea) and is_code(fixup_ea): seen = only_one has_one = True yield fixup_ea if has_one and _stop_looking_for_xrefs(ea): return for target_ea in _xref_generator(ea, idaapi.get_first_cref_from, idaapi.get_next_cref_from): if target_ea != fixup_ea and not is_invalid_ea(target_ea): seen = only_one yield target_ea if seen: return if not seen and ea in _CREFS_FROM: for target_ea in _CREFS_FROM[ea]: seen = only_one yield target_ea if seen: return
def resolveRelocation(ea): rtype = idc.GetFixupTgtType(ea) if rtype == idc.FIXUP_OFF32: relocVal = readDword(ea) return relocVal elif rtype == -1: raise Exception("No relocation type at ea: {:x}".format(ea)) else: return idc.GetFixupTgtOff(ea)
def resolveRelocation(ea): rtype = idc.GetFixupTgtType(ea) if rtype == idc.FIXUP_OFF32: bytestr = readBytesSlowly(ea, ea+4); relocVal = struct.unpack("<L", bytestr)[0] return relocVal elif rtype == -1: raise Exception("No relocation type at ea: {:x}".format(ea)) else: return idc.GetFixupTgtOff(ea)
def handleJmpTable(I, inst, new_eas): si = idaapi.get_switch_info_ex(inst) jsize = si.get_jtable_element_size() jstart = si.jumps # only handle size 4 cases if jsize != 4: raise Exception("Jump table size not 4!") return DEBUG("\tJMPTable Start: {0:x}\n".format(jstart)) I.jump_table.zero_offset = 0 i = 0 je = idc.GetFixupTgtOff(jstart + i * jsize) while je != -1: I.jump_table.table_entries.append(je) if je not in RECOVERED_EAS: new_eas.add(je) DEBUG("\t\tAdding JMPTable {0}: {1:x}\n".format(i, je)) i += 1 je = idc.GetFixupTgtOff(jstart + i * jsize)
def resolveRelocation(ea): rtype = idc.GetFixupTgtType(ea) relocSize = -1 relocVal = -1 if getBitness() == 64: if rtype == -1: raise Exception("No relocation type at ea: {:x}".format(ea)) DEBUG("rtype : {0:x}, {1:x}, {2:x}\n".format(rtype, idc.GetFixupTgtOff(ea), idc.GetFixupTgtDispl(ea))) relocVal = idc.GetFixupTgtDispl(ea) + idc.GetFixupTgtOff(ea) else: if rtype == idc.FIXUP_OFF32: relocVal = readDword(ea) elif rtype == -1: raise Exception("No relocation type at ea: {:x}".format(ea)) else: relocVal = idc.GetFixupTgtOff(ea) relocSize = relocationSize(rtype) return relocVal, relocSize
def processRelocationsInData(M, D, start, end, new_eas, seg_offset): if start == 0: start = 1 i = idc.GetNextFixupEA(start - 1) while i < end and i != idc.BADADDR: pointsto = idc.GetFixupTgtOff(i) fn = getFunctionName(i) DEBUG("{0:x} Found reloc to: {1:x}\n".format(i, pointsto)) pf = idc.GetFlags(pointsto) DS = D.symbols.add() DS.base_address = i + seg_offset if idc.isCode(pf): DS.symbol_name = "sub_" + hex(pointsto) DEBUG("Code Ref!\n") if pointsto not in RECOVERED_EAS: new_eas.add(pointsto) elif idc.isData(pf): pointsto = handleDataRelocation(M, pointsto, new_eas) DS.symbol_name = "dta_" + hex(pointsto) DEBUG("Data Ref!\n") else: pointsto = handleDataRelocation(M, pointsto, new_eas) DS.symbol_name = "dta_" + hex(pointsto) DEBUG("UNKNOWN Ref, assuming data\n") i = idc.GetNextFixupEA(i)
def findRelocOffset(ea, size): for i in xrange(ea,ea+size): if idc.GetFixupTgtOff(i) != -1: return i-ea return -1