def __call__(self): mt = idaapi.opinfo_t() if idaapi.isStruct(self.flag): mt.tid = self.extra['id'] if idaapi.isOff0(self.flag) or idaapi.isOff1(self.flag): mt.ri = idaapi.refinfo_t(self.extra['flags'], self.extra['base'], self.extra['target'], self.extra['tdelta']) if idaapi.isASCII(self.flag): mt.strtype = self.extra['strtype'] sptr = idaapi.get_struc(self.sid) idaapi.add_struc_member(sptr, self.fieldname.encode('utf-8'), self.offset, self.flag, mt, self.nbytes)
def __call__(self): mt = idaapi.opinfo_t() if idaapi.isStruct(self.flag): mt.tid = self.extra['id'] if idaapi.isOff0(self.flag) or idaapi.isOff1(self.flag): mt.ri = idaapi.refinfo_t(self.extra['flags'], self.extra['base'], self.extra['target'], self.extra['tdelta']) if idaapi.isASCII(self.flag): mt.strtype = self.extra['strtype'] sptr = idaapi.get_struc(self.sid) idaapi.set_member_type(sptr, self.soff, self.flag, mt, self.eoff - self.soff)
def __init__(self, member, parent): ##These objects below can apparently be mutated by ua stuff. #self.src = member #self.src_parent = parent self.name = idaapi.get_member_name(member.id) self.flags = member.flag self.val = value.get_node_for_member(member, parent) self.eoff = member.eoff self.soff = member.soff self.decl = data.get_decl_for_member(member, parent) self.unit_size = data.get_member_unit_size(member, parent) self.struc_id = None if idaapi.isStruct(self.flags): self.struc_id = util.member_str_id(member, parent)
def struc_member_created(self, sptr, mptr): extra = {} sname = idaapi.get_struc_name(sptr.id) fieldname = idaapi.get_member_name2(mptr.id) offset = 0 if mptr.unimem() else mptr.soff flag = mptr.flag nbytes = mptr.eoff if mptr.unimem() else mptr.eoff - mptr.soff mt = idaapi.opinfo_t() is_not_data = idaapi.retrieve_member_info(mt, mptr) if is_not_data: if idaapi.isOff0(flag) or idaapi.isOff1(flag): extra['target'] = mt.ri.target extra['base'] = mt.ri.base extra['tdelta'] = mt.ri.tdelta extra['flags'] = mt.ri.flags self._send_event( StrucMemberCreatedEvent(sname, fieldname, offset, flag, nbytes, extra)) # Is it really possible to create an enum? elif idaapi.isEnum0(flag): extra['serial'] = mt.ec.serial self._send_event( StrucMemberCreatedEvent(sname, fieldname, offset, flag, nbytes, extra)) elif idaapi.isStruct(flag): extra['id'] = mt.tid self._send_event( StrucMemberCreatedEvent(sname, fieldname, offset, flag, nbytes, extra)) elif idaapi.isASCII(flag): extra['strtype'] = mt.strtype self._send_event( StrucMemberCreatedEvent(sname, fieldname, offset, flag, nbytes, extra)) else: self._send_event( StrucMemberCreatedEvent(sname, fieldname, offset, flag, nbytes, extra)) return 0
def visit_expr(self, expression): global Storage if expression.op == idaapi.cot_obj: for start, end, off, func in Storage: if expression.obj_ea >= start and expression.obj_ea <= end: if func and self.cfunc.entry_ea != func: return 0 parent = self.cfunc.body.find_parent_of(expression) if parent.op != idaapi.cot_idx: return 0 parent = self.cfunc.body.find_parent_of(parent) if parent.op != idaapi.cot_memref: return 0 target_ea = expression.obj_ea + off head_ea = idaapi.get_item_head(target_ea) if head_ea != target_ea and idaapi.isStruct(idaapi.getFlags(head_ea)): parent.cexpr.m = target_ea - head_ea expression.obj_ea = head_ea rc = self.recalc_parent_types() return 0 return 0
def get_prim_unit_size(flags): if idaapi.isByte(flags): return 1 elif idaapi.isWord(flags): return 2 elif idaapi.isDwrd(flags): return 4 elif idaapi.isQwrd(flags): return 8 elif idaapi.isOwrd(flags): return 16 elif idaapi.isTbyt(flags): return 10 elif idaapi.isFloat(flags): return 4 elif idaapi.isDouble(flags): return 8 #elif idaapi.isPackReal(flags): elif idaapi.isASCII(flags): return 1 elif idaapi.isStruct(flags): raise "Struct sent to get_prim_size"
def struc_member_changed(self, sptr, mptr): extra = {} soff = 0 if mptr.unimem() else mptr.soff flag = mptr.flag mt = idaapi.opinfo_t() is_not_data = idaapi.retrieve_member_info(mt, mptr) if is_not_data: if idaapi.isOff0(flag) or idaapi.isOff1(flag): extra['target'] = mt.ri.target extra['base'] = mt.ri.base extra['tdelta'] = mt.ri.tdelta extra['flags'] = mt.ri.flags self._send_event(StrucMemberChangedEvent(sptr.id, soff, mptr.eoff, flag, extra)) # Is it really possible to create an enum? elif idaapi.isEnum0(flag): extra['serial'] = mt.ec.serial self._send_event(StrucMemberChangedEvent(sptr.id, soff, mptr.eoff, flag, extra)) elif idaapi.isStruct(flag): extra['id'] = mt.tid self._send_event(StrucMemberChangedEvent(sptr.id, soff, mptr.eoff, flag, extra)) elif idaapi.isASCII(flag): extra['strtype'] = mt.strtype self._send_event(StrucMemberChangedEvent(sptr.id, soff, mptr.eoff, flag, extra)) else: self._send_event(StrucMemberChangedEvent(sptr.id, soff, mptr.eoff, flag, extra)) return 0
def get_decl_for_member(mem, struc): if idaapi.isStruct(mem.flag): return idaapi.get_struc_name(util.member_str_id(mem, struc)) else: return get_decl_for_prim(mem.flag)
def get_member_unit_size(mem, struc): if idaapi.isStruct(mem.flag): return idaapi.get_struc_size(util.member_str_id(mem, struc)) else: return get_prim_unit_size(mem.flag)
def member_str_id(mem, parent): if idaapi.isStruct(mem.flag): return idc.GetMemberStrId(parent.id, mem.soff) else: return None
def is_struct(self): return idaapi.isStruct(self.flags)
def get_node_for_member(mem, parent): if idaapi.isStruct(mem.flag): return unset_structure_node(idaapi.get_struc(util.member_str_id(mem, parent))) else: return unset_primitive_node()
def visit_expr(self, expression): global Storage self.nodes.append(expression) if expression.op == idaapi.cot_obj: for start, end, off, func in Storage: if expression.obj_ea >= start and expression.obj_ea <= end: if func and self.cfunc.entry_ea != func: return 0 target_ea = expression.obj_ea + off head_ea = idaapi.get_item_head(target_ea) if head_ea != target_ea and idaapi.isStruct(idaapi.getFlags(head_ea)): ref_parent = self.cfunc.body.find_parent_of(expression) if ref_parent.op == idaapi.cot_ref: parent = self.cfunc.body.find_parent_of(ref_parent) if parent.op == idaapi.cot_add: v = target_ea - head_ea num_node = idaapi.make_num(v) num_node.thisown = False num_node.n.thisown = False parent = parent.cexpr # parent.thisown = False tif = idaapi.tinfo_t() if not idaapi.get_tinfo(tif, head_ea): idaapi.guess_tinfo(tif, head_ea) if parent.x == ref_parent.cexpr: # ref_parent.thisown = False # ref_parent.cexpr.thisown = False ref_parent = parent.x # expression = ref_parent.x ref_new = idaapi.cexpr_t(ref_parent) ref_new.thisown = False # expression.thisown = False # expression_new.type.thisown = False # tif.thisown = False element_tif = tif.get_ptrarr_object() element_tif.create_ptr(element_tif) ref_new.type = element_tif ref_new.x.type = tif ref_new.x.obj_ea = head_ea expr_add = idaapi.cexpr_t(idaapi.cot_add, ref_new, num_node) expr_add.thisown = False # expr_add.type = element_tif ref_parent.cexpr.assign(expr_add) # parent.x.thisown = False # parent.x.swap(expr_add) # ref_parent1 = idaapi.cexpr_t(ref_parent.cexpr) # parent.x.swap(ref_parent1) elif parent.y == ref_parent.cexpr: ref_parent.thisown = False ref_parent.cexpr.thisown = False ref_parent = idaapi.cexpr_t(ref_parent.cexpr) expression.thisown = False expression = idaapi.cexpr_t(expression) ref_parent.x.replace_by(expression) expr_add = idaapi.cexpr_t(idaapi.cot_add, ref_parent, num_node) parent.y.thisown = False parent.y.replace_by(expr_add) else: print "F**K!" rc = self.recalc_parent_types() # parent = self.nodes[-2] # parent = self.nodes[-3] # parent = self.nodes[-4] return 0