def choose_til():
# type: () -> (idaapi.til_t, int, bool)
""" Creates a list of loaded libraries, asks user to take one of them and returns it with
information about max ordinal and whether it's local or imported library """
idati = idaapi.cvar.idati
list_type_library = [(idati, idati.name, idati.desc)]
for idx in xrange(idaapi.cvar.idati.nbases):
type_library = idaapi.cvar.idati.base(idx) # type: idaapi.til_t
list_type_library.append(
(type_library, type_library.name, type_library.desc))
library_chooser = forms.MyChoose(
list(map(lambda x: [x[1], x[2]], list_type_library)), "Select Library",
[["Library", 10 | idaapi.Choose2.CHCOL_PLAIN],
["Description", 30 | idaapi.Choose2.CHCOL_PLAIN]], 69)
library_num = library_chooser.Show(True)
if library_num != -1:
selected_library = list_type_library[library_num][
0] # type: idaapi.til_t
max_ordinal = idaapi.get_ordinal_qty(selected_library)
if max_ordinal == idaapi.BADORD:
_enable_library_ordinals(library_num - 1)
max_ordinal = idaapi.get_ordinal_qty(selected_library)
print "[DEBUG] Maximal ordinal of lib {0} = {1}".format(
selected_library.name, max_ordinal)
return selected_library, max_ordinal, library_num == 0
def import_type(library, name):
if library.name != idaapi.cvar.idati.name:
last_ordinal = idaapi.get_ordinal_qty(idaapi.cvar.idati)
type_id = idaapi.import_type(library, -1, name) # tid_t
if type_id != idaapi.BADNODE:
return last_ordinal
return None
def find_containing_structures(self, type_library):
"""
Given the type library creates a list of structures from this library, that contains this structure and
satisfy offset conditions.
:param type_library: idaapi.til_t
:returns: ordinal, offset, member_name, containing structure name
"""
min_offset = min(self.offsets)
min_offset = min_offset if min_offset < 0 else 0
max_offset = max(self.offsets)
max_offset = max_offset if max_offset > 0 else self.tinfo.get_size()
# TODO: Check if all offsets are legal
# Least acceptable size of the containing structure
min_struct_size = max_offset - min_offset
result = []
parent_tinfo = idaapi.tinfo_t()
target_tinfo = idaapi.tinfo_t()
if not target_tinfo.get_named_type(type_library, self.tinfo.dstr()):
print "[Warning] Such type doesn't exist in '{0}' library".format(type_library.name)
return result
for ordinal in xrange(1, idaapi.get_ordinal_qty(type_library)):
parent_tinfo.create_typedef(type_library, ordinal)
if parent_tinfo.get_size() >= min_struct_size:
for offset, name in find_deep_members(parent_tinfo, target_tinfo):
# print "[DEBUG] Found {0} at {1} in {2}".format(name, offset, parent_tinfo.dstr())
if offset + min_offset >= 0 and offset + max_offset <= parent_tinfo.get_size():
result.append((ordinal, offset, name, parent_tinfo.dstr()))
return result
def add_types(self):
local_type = idaapi.tinfo_t()
count = 0
for ordinal in range(1, idaapi.get_ordinal_qty(idaapi.cvar.idati)):
local_type.get_numbered_type(idaapi.cvar.idati, ordinal)
if self.analyze_type(local_type):
count += 1
return count
def get_tinfo(name):
idati = idaapi.get_idati()
ti = idaapi.tinfo_t()
for ordinal in range(1, idaapi.get_ordinal_qty(idati) + 1):
if ti.get_numbered_type(idati, ordinal) and ti.dstr() == name:
return ti
return None
def choose_til():
idati = idaapi.cvar.idati
list_type_library = [(idati, idati.name, idati.desc)]
for idx in xrange(idaapi.cvar.idati.nbases):
type_library = idaapi.cvar.idati.base(idx) # idaapi.til_t type
list_type_library.append((type_library, type_library.name, type_library.desc))
library_chooser = Forms.MyChoose(
list(map(lambda x: [x[1], x[2]], list_type_library)),
"Select Library",
[["Library", 10 | idaapi.Choose2.CHCOL_PLAIN], ["Description", 30 | idaapi.Choose2.CHCOL_PLAIN]],
69
)
library_num = library_chooser.Show(True)
if library_num != -1:
selected_library = list_type_library[library_num][0]
max_ordinal = idaapi.get_ordinal_qty(selected_library)
if max_ordinal == idaapi.BADORD:
TypeLibrary.enable_library_ordinals(library_num - 1)
max_ordinal = idaapi.get_ordinal_qty(selected_library)
print "[DEBUG] Maximal ordinal of lib {0} = {1}".format(selected_library.name, max_ordinal)
return selected_library, max_ordinal, library_num == 0
return None
def get_recognized_shape(self, start=0, stop=-1):
if not self.items:
return None
result = []
if stop != -1:
base = self.items[start].offset
enabled_items = [x for x in self.items[start:stop] if x.enabled]
else:
base = 0
enabled_items = [x for x in self.items if x.enabled]
offsets = set([x.offset for x in enabled_items])
if not enabled_items:
return
min_size = enabled_items[-1].offset + enabled_items[-1].size - base
tinfo = idaapi.tinfo_t()
for ordinal in range(1, idaapi.get_ordinal_qty(idaapi.cvar.idati)):
tinfo.get_numbered_type(idaapi.cvar.idati, ordinal)
if tinfo.is_udt() and tinfo.get_size() >= min_size:
is_found = False
for offset in offsets:
is_found = False
items = [x for x in enabled_items if x.offset == offset]
potential_members = helper.get_fields_at_offset(
tinfo, offset - base)
for item in items:
for potential_member in potential_members:
if item.type_equals_to(potential_member):
is_found = True
break
if is_found:
break
if not is_found:
break
if is_found:
result.append((ordinal, idaapi.tinfo_t(tinfo)))
chooser = MyChoose(
[[str(x), "0x{0:08X}".format(y.get_size()),
y.dstr()] for x, y in result], "Select Structure",
[["Ordinal", 5], ["Size", 10], ["Structure name", 50]])
idx = chooser.Show(modal=True)
if idx != -1:
return result[idx][1]
return None
def init(self):
idaapi.show_wait_box("Looking for classes...")
all_virtual_functions.clear()
all_virtual_tables.clear()
classes = []
for ordinal in range(1, idaapi.get_ordinal_qty(idaapi.cvar.idati)):
result = Class.create_class(ordinal)
if result:
classes.append(result)
for class_row, class_ in enumerate(classes):
class_item = TreeItem(class_, class_row, None)
for vtable_row, vtable in class_.vtables.items():
vtable_item = TreeItem(vtable, vtable_row, class_item)
vtable_item.children = [TreeItem(function, 0, vtable_item) for function in vtable.virtual_functions]
class_item.children.append(vtable_item)
self.tree_data.append(class_item)
idaapi.hide_wait_box()
def setupModelData(self, root):
idaapi.show_wait_box("Looking for classes...")
all_virtual_functions.clear()
all_virtual_tables.clear()
classes = []
for ordinal in range(1, idaapi.get_ordinal_qty(idaapi.cvar.idati)):
result = Class.create_class(ordinal)
if result:
classes.append(result)
for class_ in classes:
class_item = TreeItem(class_, root)
for vtable in class_.vtables.values():
vtable_item = TreeItem(vtable, class_item)
vtable_item.children = [TreeItem(function, vtable_item) for function in vtable.virtual_functions]
class_item.appendChild(vtable_item)
root.appendChild(class_item)
idaapi.hide_wait_box()
