def save_to_stream(output_stream): mod = CFG_pb2.Module() num_subs, num_blocks, num_insts = 0, 0, 0 exclude_blocks = set() for sub in program.subroutines(): num_subs += 1 if program.Subroutine.VISIBILITY_IMPORTED == sub.visibility: exclude_blocks.update(sub.blocks) log.debug("Not serializing {} blocks".format(len(exclude_blocks))) referenced_blocks = set() for block in program.basic_blocks(): if block in exclude_blocks: continue if not len(block.instructions): referenced_blocks.add(block) continue num_blocks += 1 log.info("Serializing block {:08x}.".format(block.ea)) b = mod.blocks.add() b.address = block.ea b.is_addressable = block.address_is_taken for inst in block: i = b.instructions.add() i.address = inst.ea i.bytes = inst.bytes num_insts += 1 for block in referenced_blocks: mod.referenced_blocks.add(block.ea) for sub in program.subroutines(): if not sub.name: continue if program.Subroutine.VISIBILITY_INTERNAL == sub.visibility: continue nb = mod.named_blocks.add() nb.name = sub.name nb.address = sub.ea if program.Subroutine.VISIBILITY_IMPORTED == sub.visibility: nb.visibility = CFG_pb2.IMPORTED elif program.Subroutine.VISIBILITY_EXPORTED == sub.visibility: nb.visibility = CFG_pb2.EXPORTED log.info("Serializing {} subroutines".format(num_subs)) log.info("Serializing {} blocks".format(num_blocks)) log.info("Serializing {} instructions".format(num_insts)) output_stream.write(mod.SerializeToString())
def find_imported_subroutines(): """Find the address of all imported functions.""" # Collect addresses of imported code. imported_eas = set() num_imports = idaapi.get_import_module_qty() for i in xrange(num_imports): idaapi.enum_import_names(i, lambda ea, name, ord: imported_eas.add(ea)) # Mark IDA-identified stuff imported stuff as imported. for ea in imported_eas: if not program.has_subroutine(ea): log.error( "No subroutine associated with import {:08x}.".format(ea)) continue sub = program.get_subroutine(ea) sub.visibility = program.Subroutine.VISIBILITY_IMPORTED # Mark functions in code sections marked as external as being imported. for sub in program.subroutines(): if program.Subroutine.VISIBILITY_INTERNAL != sub.visibility: continue if has_segment_type(sub.ea, idc.SEG_XTRN): log.debug("Subroutine {:08x} is imported".format(sub.ea)) sub.visibility = program.Subroutine.VISIBILITY_IMPORTED if sub.name: log.info("Found imported subroutine {} at {:08x}".format( sub.name, sub.ea))
def find_imported_subroutines(): """Find the address of all imported functions.""" # Collect addresses of imported code. imported_eas = set() num_imports = idaapi.get_import_module_qty() for i in xrange(num_imports): idaapi.enum_import_names(i, lambda ea, name, ord: imported_eas.add(ea)) # Mark IDA-identified stuff imported stuff as imported. for ea in imported_eas: if not program.has_subroutine(ea): log.error("No subroutine associated with import {:08x}.".format(ea)) continue sub = program.get_subroutine(ea) sub.visibility = program.Subroutine.VISIBILITY_IMPORTED # Mark functions in code sections marked as external as being imported. for sub in program.subroutines(): if program.Subroutine.VISIBILITY_INTERNAL != sub.visibility: continue if has_segment_type(sub.ea, idc.SEG_XTRN): log.debug("Subroutine {:08x} is imported".format(sub.ea)) sub.visibility = program.Subroutine.VISIBILITY_IMPORTED if sub.name: log.info("Found imported subroutine {} at {:08x}".format( sub.name, sub.ea))
def save_to_stream(output_stream): mod = CFG_pb2.Module() num_subs, num_blocks, num_insts = 0, 0, 0 exclude_blocks = set() for sub in program.subroutines(): num_subs += 1 if program.Subroutine.VISIBILITY_IMPORTED == sub.visibility: exclude_blocks.update(sub.blocks) log.debug("Not serializing {} blocks".format(len(exclude_blocks))) referenced_blocks = set() addressed_blocks = set() for block in program.basic_blocks(): if block in exclude_blocks: continue if not len(block.instructions): referenced_blocks.add(block) log.error("Block {:08x} has no instructions.".format(block.ea)) continue num_blocks += 1 log.info("Serializing block {:08x}.".format(block.ea)) b = mod.blocks.add() b.address = block.ea if block.address_is_taken: addressed_blocks.add(block) for inst in block: i = b.instructions.add() i.address = inst.ea i.bytes = inst.bytes num_insts += 1 for block in addressed_blocks: mod.addressed_blocks.append(block.ea) for block in referenced_blocks: mod.referenced_blocks.append(block.ea) for sub in program.subroutines(): if not sub.name: continue if program.Subroutine.VISIBILITY_INTERNAL == sub.visibility: continue nb = mod.named_blocks.add() nb.name = sub.name nb.address = sub.ea if program.Subroutine.VISIBILITY_IMPORTED == sub.visibility: nb.visibility = CFG_pb2.IMPORTED elif program.Subroutine.VISIBILITY_EXPORTED == sub.visibility: nb.visibility = CFG_pb2.EXPORTED log.info("Serializing {} subroutines".format(num_subs)) log.info("Serializing {} blocks".format(num_blocks)) log.info("Serializing {} instructions".format(num_insts)) output_stream.write(mod.SerializeToString())