def _calc_displacement(self):
"""
Calculate the displacement offset of the operand's text.
e.g:
word ptr [rdi+rbx]
:return int: calculated value
"""
size = 8 if idc.__EA64__ else 4
insn = idaapi.insn_t()
idaapi.decode_insn(insn, self.ip)
op = insn.ops[self.idx]
offset = utils.signed(op.addr, utils.get_bits())
scale = utils.sib_scale(op)
base_reg = utils.x86_base_reg(insn, op)
indx_reg = utils.x86_index_reg(insn, op)
base_val = self._cpu_context.registers[utils.reg2str(base_reg, size)]
indx_val = self._cpu_context.registers[utils.reg2str(
indx_reg, size)] if indx_reg != -1 else 0
result = base_val + indx_val * scale + offset
logger.debug("calc_displacement :: Displacement {} -> {}".format(
self.text, result))
# Before returning, record the frame_id and stack_offset for this address.
# (This can become useful information for retrieving the original location of a variable)
frame_id = idc.get_frame_id(self.ip)
stack_var = ida_frame.get_stkvar(insn, op, offset)
if stack_var:
_, stack_offset = stack_var
self._cpu_context.stack_variables[result] = (frame_id,
stack_offset)
return result
def _calc_displacement(self):
"""
Calculate the displacement offset of the operand's text.
e.g:
word ptr [rdi+rbx]
:return int: calculated value
"""
addr = self.base + self.index * self.scale + self.offset
logger.debug(
"Calculating operand: %s -> 0x%X + 0x%X*0x%X %s 0x%X = 0x%X" %
(self.text, self.base, self.index, self.scale,
"-" if self.offset < 0 else "+", abs(self.offset), addr))
if addr < 0:
logger.debug("Address is negative, resorting to address of 0.")
addr = 0
# Before returning, record the stack variable that we have encountered.
# Ignore if base is 0, because that means we don't have enough information to designate this to a variable.
if self.base:
stack_var = ida_frame.get_stkvar(self._insn, self._op, self.offset)
if stack_var:
frame_id = idc.get_frame_id(self.ip)
member, stack_offset = stack_var
# If the offset in the member object is different than the given stack_offset
# then we are indexing into a variable.
# We need to adjust the address to be pointing to the base variable address.
var_addr = addr - (stack_offset - member.soff)
self._cpu_context.variables.add(var_addr,
frame_id=frame_id,
stack_offset=member.soff,
reference=self.ip)
return addr
def _calc_displacement(self):
"""
Calculate the displacement offset of the operand's text.
e.g:
word ptr [rdi+rbx]
:return int: calculated value
"""
addr = self.base + self.index * self.scale + self.offset
logger.debug(
"calc_displacement :: Displacement {} -> {} + {}*{} + {} = {}".
format(self.text, self.base, self.index, self.scale, self.offset,
addr))
if addr < 0:
logger.debug(
'calc_displacement :: Address is negative, resorting to address of 0.'
)
addr = 0
# Before returning, record the stack variable that we have encountered.
stack_var = ida_frame.get_stkvar(self._insn, self._op, self.offset)
if stack_var:
frame_id = idc.get_frame_id(self.ip)
member, stack_offset = stack_var
# If the offset in the member object is different than the given stack_offset
# then we are indexing into a variable.
# We need to adjust the address to be pointing to the base variable address.
var_addr = addr - (stack_offset - member.soff)
self._cpu_context.variables.add(var_addr,
frame_id=frame_id,
stack_offset=member.soff,
reference=self.ip)
return addr
def _record_stack_variable(self, addr):
"""
Record the stack variable encountered at the given address.
"""
# Ignore if base is 0, because that means we don't have enough information to designate this to a variable.
if self.base:
stack_var = ida_frame.get_stkvar(self._insn, self._op, self.offset)
if stack_var:
frame_id = idc.get_frame_id(self.ip)
member, stack_offset = stack_var
# If the offset in the member object is different than the given stack_offset
# then we are indexing into a variable.
# We need to adjust the address to be pointing to the base variable address.
var_addr = addr - (stack_offset - member.soff)
self._cpu_context.variables.add(var_addr,
frame_id=frame_id,
stack_offset=member.soff,
reference=self.ip)
def get_stkvar_name(inst_t, op_n):
operand = inst_t.ops[op_n]
if operand.addr > 2**31:
addr = -(2**32 - operand.addr)
else:
addr = operand.addr
var = ida_frame.get_stkvar(inst_t, operand, addr)
if not var:
log_file.write("<get_stkvar_name><get_stkvar> error: " +
hex(inst_t.ea) + "\n")
return None
var = var[0]
var_name = ida_struct.get_member_name(var.id)
if var_name:
return var_name
else:
# log_file.write("<get_stkvar_name><get_member_name> error: " + hex(inst_t.ea) + "\n")
# return "STKVAR"
return None