def replace_sym_const(ea, api):
for arg_n in api_list[api].keys():
# Calling Convention: cdecl, stdcall
push_cnt = 0
ea_search = ea
while push_cnt < arg_n:
ea_search = idc.prev_head(ea_search)
op = idc.print_insn_mnem(ea_search)
if op == "push":
push_cnt += 1
operand = idc.print_operand(ea_search, 0)
if operand.isdigit():
operand = int(idc.print_operand(ea_search, 0))
else:
continue
enum_name = api + "_" + str(arg_n)
const = api_list[api][arg_n][operand]
enum_id = ida_enum.get_enum(enum_name)
if enum_id == BADADDR:
# add new enum
enum_qty = ida_enum.get_enum_qty()
enum_id = ida_enum.add_enum(enum_qty, enum_name, 0)
symbolic_id = ida_enum.get_enum_member_by_name(const)
if symbolic_id == BADADDR:
# add new enum member
ida_enum.add_enum_member(enum_id, const, operand, 0xffffffff)
ida_bytes.op_enum(ea_search, 0, enum_id, 0)
def get_enum_const_name(enum_name, const_val):
enum = ida_enum.get_enum(enum_name)
if enum != BADADDR:
const = ida_enum.get_const(enum, const_val, 0, BADADDR)
if const != BADADDR:
return ida_enum.get_const_name(const)
return None
def __call__(self):
if self.op == "hex":
ida_bytes.op_hex(self.ea, self.n)
if self.op == "bin":
ida_bytes.op_bin(self.ea, self.n)
if self.op == "dec":
ida_bytes.op_dec(self.ea, self.n)
if self.op == "chr":
ida_bytes.op_chr(self.ea, self.n)
if self.op == "oct":
ida_bytes.op_oct(self.ea, self.n)
if self.op == "offset":
ida_idc.op_plain_offset(self.ea, self.n, 0)
if self.op == "enum":
id = ida_enum.get_enum(self.extra["ename"])
ida_bytes.op_enum(self.ea, self.n, id, self.extra["serial"])
if self.op == "struct":
path_len = len(self.extra["spath"])
path = ida_pro.tid_array(path_len)
for i in range(path_len):
sname = self.extra["spath"][i]
path[i] = ida_struct.get_struc_id(sname)
insn = ida_ua.insn_t()
ida_ua.decode_insn(insn, self.ea)
ida_bytes.op_stroff(insn, self.n, path.cast(), path_len,
self.extra["delta"])
if self.op == "stkvar":
ida_bytes.op_stkvar(self.ea, self.n)
def __call__(self):
if self.is_enum:
enum = ida_enum.get_enum(Event.encode(self.oldname))
ida_enum.set_enum_name(enum, Event.encode(self.newname))
else:
emem = ida_enum.get_enum_member_by_name(Event.encode(self.oldname))
ida_enum.set_enum_member_name(emem, Event.encode(self.newname))
def __call__(self):
if self.is_enum:
enum = ida_enum.get_enum(self.oldname)
ida_enum.set_enum_name(enum, self.newname)
else:
emem = ida_enum.get_enum_member_by_name(self.oldname)
ida_enum.set_enum_member_name(emem, self.newname)
def _on_optypechanged(self, ea, n, op, extra):
if op == 'hex':
ida_bytes.op_hex(ea, n)
if op == 'bin':
ida_bytes.op_bin(ea, n)
if op == 'dec':
ida_bytes.op_dec(ea, n)
if op == 'chr':
ida_bytes.op_chr(ea, n)
if op == 'oct':
ida_bytes.op_oct(ea, n)
if op == 'stkvar':
ida_bytes.op_stkvar(ea, n)
if op == 'enum':
enum_id = ida_enum.get_enum(str(extra['ename']))
ida_bytes.op_enum(ea, n, enum_id, extra['serial'])
if op == 'struct':
path_length = len(extra['spath'])
path = ida_pro.tid_array(path_length)
for i in range(path_length):
sname = str(extra['spath'][i])
path[i] = ida_struct.get_struc_id(sname)
insn = ida_ua.insn_t()
ida_ua.decode_insn(insn, ea)
ida_bytes.op_stroff(insn, n, path.cast(), path_length,
extra['delta'])
def __call__(self):
if self.op == 'hex':
ida_bytes.op_hex(self.ea, self.n)
if self.op == 'bin':
ida_bytes.op_bin(self.ea, self.n)
if self.op == 'dec':
ida_bytes.op_dec(self.ea, self.n)
if self.op == 'chr':
ida_bytes.op_chr(self.ea, self.n)
if self.op == 'oct':
ida_bytes.op_oct(self.ea, self.n)
if self.op == 'enum':
id = ida_enum.get_enum(Event.encode(self.extra['ename']))
ida_bytes.op_enum(self.ea, self.n, id, self.extra['serial'])
if self.op == 'struct':
path_len = len(self.extra['spath'])
path = ida_pro.tid_array(path_len)
for i in xrange(path_len):
sname = Event.encode(self.extra['spath'][i])
path[i] = ida_struct.get_struc_id(sname)
insn = ida_ua.insn_t()
ida_ua.decode_insn(insn, self.ea)
ida_bytes.op_stroff(insn, self.n, path.cast(), path_len,
self.extra['delta'])
if self.op == 'stkvar':
ida_bytes.op_stkvar(self.ea, self.n)
def enum(name) -> typing.Optional[Enum]:
_enum = ida_enum.get_enum(name)
if not _enum:
return None
enum_name = ida_enum.get_enum_name(_enum)
enum_members = get_enum_members(_enum)
return Enum(enum_name, enum_members)
def rename_constant(arg_ea, fct_name, arg_name, arg_enums):
""" Rename constants to values from standard enumerations. """
instruction = idc.print_insn_mnem(arg_ea)
if instruction == 'push':
op_num = 0
elif instruction == 'mov':
op_num = 1
else:
raise RenamingException('Constant: unhandled instruction ' +
instruction)
op_val = idc.get_operand_value(arg_ea, op_num)
# NULL
if op_val == 0:
targetid = ida_enum.get_enum_member_by_name('NULL_{}_{}'.format(arg_name, fct_name))
serial = 0
enumid = ida_enum.get_enum(NULL_ENUM_NAME)
constid = idc.get_enum_member(enumid, 0, serial, -1)
while constid != idaapi.BADADDR:
if constid == targetid:
idc.op_enum(arg_ea, op_num, enumid, serial)
return
serial = serial + 1
constid = idc.get_enum_member(enumid, 0, serial, -1)
# All other constants
op_type = idc.get_operand_type(arg_ea, op_num)
if op_type == idaapi.o_imm:
# only one choice
if len(arg_enums) == 1:
enumid = ida_enum.get_enum(arg_enums[0])
idc.op_enum(arg_ea, op_num, enumid, 0)
return
for enum in arg_enums:
enumid = ida_enum.get_enum(enum)
constid = get_constant_id(enumid, op_val)
if constid == idaapi.BADADDR:
# Not in this enum
continue
else:
# Found the right enum
idc.op_enum(arg_ea, op_num, enumid, 0)
return
def update_idb(self):
id = ida_enum.get_enum(self._name)
if idc.BADADDR == id:
id = ida_enum.add_enum(idc.BADADDR, self._name, idaapi.decflag())
keys = self._values.keys()
keys.sort()
for k in keys:
ida_enum.add_enum_member(id, self._values[k], k)
def local_types_changed(self):
print("local type changed")
return
changed_types = []
# self._plugin.logger.trace(self._plugin.core.local_type_map)
for i in range(1,
ida_typeinf.get_ordinal_qty(ida_typeinf.get_idati())):
t = ImportLocalType(i)
if t and t.name and ida_struct.get_struc_id(
t.name) == ida_idaapi.BADADDR and ida_enum.get_enum(
t.name) == ida_idaapi.BADADDR:
if i in self._plugin.core.local_type_map:
t_old = self._plugin.core.local_type_map[i]
if t_old and not t.isEqual(t_old):
changed_types.append((t_old.to_tuple(), t.to_tuple()))
elif t_old is None and i in self._plugin.core.delete_candidates:
if not self._plugin.core.delete_candidates[i].isEqual(
t):
changed_types.append(
(self._plugin.core.delete_candidates[i].
to_tuple(), t.to_tuple()))
del self._plugin.core.delete_candidates[i]
else:
changed_types.append((None, t.to_tuple()))
if t is None:
assert i in self._plugin.core.local_type_map
if i in self._plugin.core.local_type_map:
t_old = self._plugin.core.local_type_map[i]
if t_old != t:
self._plugin.core.delete_candidates[i] = t_old
elif i in self._plugin.core.delete_candidates:
# changed_types.append((self._plugin.core.delete_candidates[i],None))
del self._plugin.core.delete_candidates[i]
# t_old = self._plugin.core.local_type_map[i]
# changed_types.append((t_old,None))
# self._plugin.logger.trace(changed_types)
if fDebug:
pydevd_pycharm.settrace('localhost',
port=2233,
stdoutToServer=True,
stderrToServer=True,
suspend=False)
self._plugin.logger.trace("Changed_types: %s" % list(
map(
lambda x: (x[0][0] if x[0] else None, x[1][0]
if x[1] else None), changed_types)))
if len(changed_types) > 0:
self._send_packet(evt.LocalTypesChangedEvent(changed_types))
self._plugin.core.update_local_types_map()
return 0
def get(cls, name):
"""
Class method for getting a :class:`BipEnum` object from the name
of an existing enum.
:param str name: The name of the enum to get.
:raise ValueError: If the enum ``name`` does not exist.
:return: A :class:`BipEnum` object corresponding to the enum
identified by the name provided.
"""
eid = ida_enum.get_enum(name)
if eid == idc.BADADDR:
raise ValueError("Enum {} does not exist".format(name))
return cls(eid)
def set_enum(bs_enum: Enum):
_enum = ida_enum.get_enum(bs_enum.name)
if not _enum:
return False
ida_enum.del_enum(_enum)
enum_id = ida_enum.add_enum(ida_enum.get_enum_qty(), bs_enum.name, 0)
if enum_id is None:
l.warning(f"IDA failed to create a new enum with {bs_enum.name}")
return False
for member_name, value in bs_enum.members.items():
ida_enum.add_enum_member(enum_id, member_name, value)
return True
def create(cls, name):
"""
Class method allowing to create a new empty enum.
:param str name: The name of the enum to create. If this is
``None`` a default name ``enum_INT`` will be created by IDA.
:raise ValueError: If the enum ``name`` already exist.
:raise RuntimeError: If it was not possible to create the enum.
:return: A :class:`BipEnum` object corresponding to the newly
created enum.
"""
eid = ida_enum.get_enum(name)
if eid != idc.BADADDR:
raise ValueError("Enum {} already exist".format(name))
eid = ida_enum.add_enum(idc.BADADDR, name, 0)
if eid == idc.BADADDR:
raise RuntimeError("Unable to create enum {}".format(name))
return cls(eid)
def load(infos):
for info in infos:
enum_id = ida_enum.get_enum(info['name'])
if enum_id == BADADDR:
print('[IDA-Sync] Creating new enum %s.' % info['name'])
enum_id = ida_enum.add_enum(
info['idx'],
info['name'],
info['flag'],
)
else:
ida_enum.set_enum_idx(enum_id, info['idx'])
ida_enum.set_enum_flag(enum_id, info['flag'])
ida_enum.set_enum_width(enum_id, info['width'])
for member in info['members']:
ida_enum.add_enum_member(
enum_id, member['name'], member['value'])
def delete(arg):
"""
Static method allowing to delete an enum by its name or its id.
:parm arg: String representing the name of the enum or id (int)
representing the enum in IDA or a :class:`BipEnum` object (in
that case the object will not be valid after that).
:raise ValueError: If the argument is invalid.
"""
if isinstance(arg, (str, unicode)):
eid = ida_enum.get_enum(arg)
if eid == idc.BADADDR:
raise ValueError("Enum {} does not exist".format(arg))
elif isinstance(arg, (int, long)):
eid = arg
elif isinstance(arg, BipEnum):
eid = arg._eid
else:
raise ValueError("Invalid argument")
ida_enum.del_enum(eid)
def __call__(self):
ida_enum.del_enum(ida_enum.get_enum(Event.encode(self.ename)))
def implement(self):
enum_id = ida_enum.get_enum(str(self._id))
ida_enum.del_enum_member(enum_id, self._value, self._serial,
self._bmask)
def __call__(self):
enum = ida_enum.get_enum(self.ename)
ida_enum.add_enum_member(enum, self.name, self.value, self.bmask)
def __call__(self):
enum = ida_enum.get_enum(self.ename)
ida_enum.set_enum_bf(enum, self.bf_flag)
def __call__(self):
ida_enum.del_enum(ida_enum.get_enum(self.ename))
def implement(self):
id_of_enum = ida_enum.get_enum(str(self._id))
ida_enum.add_enum_member(id_of_enum, self._name, long(self._value))
def __call__(self):
enum = ida_enum.get_enum(Event.encode(self.ename))
ida_enum.add_enum_member(enum, Event.encode(self.name), self.value,
self.bmask)
def __call__(self):
enum = ida_enum.get_enum(Event.encode(self.ename))
ida_enum.set_enum_bf(enum, self.bf_flag)
def implement(self):
id_of_enum = ida_enum.get_enum(str(self._id))
ida_enum.del_enum(id_of_enum)
def __call__(self):
enum = ida_enum.get_enum(Event.encode(self.ename))
ida_enum.del_enum_member(enum, self.value, self.serial, self.bmask)
def implement(self): id_of_enum = ida_enum.get_enum(str(self._id)) ida_enum.set_enum_name(id_of_enum, self._value)