def yatest_enums(self):
values = []
for flag in flags:
for prefix, enum_width, is_bitfield, num_fields in tests:
name = '%s_%x_%d_%x' % (prefix, enum_width, is_bitfield, flag)
ea = None
eid = idc.AddEnum(-1, name, flag)
self.assertNotEqual(eid, idaapi.BADADDR)
if enum_width != 0:
idc.SetEnumWidth(eid, enum_width)
if is_bitfield:
self.assertTrue(idc.SetEnumBf(eid, True))
idc.SetEnumCmt(eid, prefix + 'cmt', False)
idc.SetEnumCmt(eid, prefix + 'rpt', True)
for n in range(0, num_fields):
field = '%s_%d' % (name , n)
cid = None
if is_bitfield:
self.assertEqual(idc.AddConstEx(eid, field, 1 << n, 1 << n), 0)
else:
self.assertEqual(idc.AddConst(eid, field, n), 0)
if n == 0:
ea = get_ea()
self.assertNotEqual(idaapi.op_enum(ea, 1, eid, 0), idaapi.BADADDR)
cid = idc.GetConstByName(field)
self.assertTrue(idc.SetConstCmt(cid, field + 'cmt', False))
#self.assertTrue(idc.SetConstCmt(cid, field + 'rpt', True))
values.append((name, ea))
yaunit.save('enums', values)
def createenum(self, symbols):
"""
Given full symbols and addresses create an enum name with the library name (the string before !)
Some constants will fail due to weird characters in symbols used by MS. eg( `$)
symbols: (dict) A set of symbols and addresses that have been cleaned.
"""
enum_name = symbols.keys()[0].split('!')[0]
enum = idc.AddEnum(0, enum_name, idaapi.hexflag())
if enum == idaapi.BADADDR:
print "[!] Failed to create enum: %s\n" % enum_name
return
for symbol, address in symbols.iteritems():
# "ADVAPI32!RegCreateKeyExWStub": "0xffff8007be2f89f0"
org_symb = symbol
symbol = str(symbol.split('!')[1].encode('utf-8'))
symbol = symbol.strip()
symbol = 's_'+symbol
address = int(address,16)
ret = idc.AddConstEx(enum, symbol, address, -1)
if ret !=0:
print "[!] Failed to create constant for symbol %s - (%s). %s" % (org_symb,symbol,ENUM_ERRORS[ret])
continue
self.enums[address] = enum
print "[+] Finished adding enum %s\n" % enum_name
def ports_analisys(): ports_struc = idc.AddEnum(-1, "ports", (FF_WRD|FF_DATA)) idc.AddConstEx(ports_struc, "PCI_CONFIG_ADDRESS", PCI_CONFIG_ADDRESS, -1) idc.AddConstEx(ports_struc, "PCI_CONFIG_DATA", PCI_CONFIG_DATA, -1) for each in idaapi.find_binary(start, stop, "", 0, 0): # find_binary(ea_t startea, ea_t endea, char ubinstr, int radix, int sflag) -> ea_t idc.MakeCode(each)
def add_enums(function):
""" Add standard enums from parsed MSDN documentation for all imported
library calls and their arguments.
Arguments:
function -- function object
"""
enum_count = 0
for argument in function.arguments:
# Add standard enums
if not argument.enums:
g_logger.debug(' No standard constants available for %s' %
argument.name)
else:
for enum in argument.enums:
g_logger.debug(' Importing enum %s for argument %s' %
(enum, argument.name))
if idc.Til2Idb(-1, enum) != idaapi.BADADDR:
g_logger.debug(' ' + enum + ' ' + hex(idc.GetEnum(enum)) +
' added successfully')
enum_count = enum_count + 1
else:
g_logger.debug(' Could not add ' + enum)
if not argument.constants:
# No constants for this argument
continue
argument.name = argument.name.encode('utf-8')
function.name = function.name.encode('utf-8')
# Add constant descriptions
for constant in argument.constants:
constant.name = constant.name.encode('utf-8')
if constant.name == 'NULL':
# Create unique name, so we can add descriptive comment to it
constant.name = 'NULL_{}_{}'.format(argument.name,
function.name)
# Add custom enum for NULL values if it does not exist yet
enumid = idc.GetEnum(NULL_ENUM_NAME)
if enumid == idaapi.BADADDR:
enumid = idc.AddEnum(-1, NULL_ENUM_NAME, idaapi.hexflag())
idc.AddConstEx(enumid, constant.name, 0, -1)
constid = idc.GetConstByName(constant.name)
idc.SetConstCmt(constid, format_comment(constant.description),
False)
else:
constid = idc.GetConstByName(constant.name)
if constid:
if idc.SetConstCmt(constid,
format_comment(constant.description),
False):
g_logger.debug(' Description added for %s' %
constant.name)
else:
g_logger.debug(' No description added for %s' %
constant.name)
return enum_count
def createEnum(self, enum):
eid = idc.AddEnum(-1, enum[0], 0x1100000) #what is this flag?
idc.SetEnumBf(eid, 1)
val = 0
mask = 0x1f
idc.SetEnumWidth(eid, 1)
for i in enum[1]:
idc.AddConstEx(eid, i, val, mask)
val += 1
def import_data_dumps():
key_value_regex = re.compile(r"^\s*(?P<key>[^ =]+)\s*=\s*"
r"(?P<value>.+)\s*$", re.MULTILINE)
is_intel = True
is_amd = False
# dmesg parse
# CPU Vendor/Model
if is_intel:
# inteltool output parse
# GPIOBASE ; PMBASE ; MCHBAR ; EPBAR ; DMIBAR ; PCIEXBAR
try:
log = open(filename, encoding="utf8")
self.clear()
for match in key_value_regex.finditer(log.read()):
data = {}
data[match.group("key")] = int(match.group("value"))
return True
except (RuntimeError) as err:
print "import error"
return False
finally:
if log is not None:
log.close()
BASE_GPIO = data["GPIOBASE"]
BASE_PM = data["PMBASE"]
BASE_MCH = data["MCHBAR"]
BASE_EP = data["EPBAR"]
BASE_DMI = data["DMIBAR"]
BASE_PCIE = data["PCIEXBAR"]
# BASE_SMBUS = data["SMBUSBAR"]
bases_struc = idc.AddEnum(-1, "bases", (FF_DWRD|FF_DATA))
idc.AddConstEx(bases_struc, "BASE_GPIO", BASE_GPIO, -1)
idc.AddConstEx(bases_struc, "BASE_PM", BASE_PM, -1)
idc.AddConstEx(bases_struc, "BASE_MCH", BASE_MCH, -1)
idc.AddConstEx(bases_struc, "BASE_EP", BASE_EP, -1)
idc.AddConstEx(bases_struc, "BASE_DMI", BASE_DMI, -1)
idc.AddConstEx(bases_struc, "BASE_PCIE", BASE_PCIE, -1)
# idc.AddConstEx(bases_struc, "BASE_SMBUS", BASE_SMBUS, -1)
elif is_amd:
#other outputs parse
else
print "Error: Unknown CPU"
def __init__(self, name, canCreate=False):
if isinstance(name, (int, long)):
name = str(name)
self.name = name
self.id = idc.GetEnum(name)
self._vals = None
self._names = None
if self.id == idc.BADADDR:
try:
self.id = int(name)
self.name = idc.GetEnumName(self.id)
except Exception:
self.name = None
self.id = None
if not self.name:
if not canCreate:
raise Enum.EnumNotFoundError(name)
self.id = idc.AddEnum(idc.GetEnumQty(), name, 0)
def make_enum(self, object_version, address):
enum_name = object_version.get_name()
object_id = object_version.get_id()
# build flags
bitfield = False
flags = object_version.get_object_flags()
if flags & 0x1 == 0x1:
bitfield = True
flags = flags & ~0x1
try:
enum_width = object_version.get_size()
except KeyError:
enum_width = None
# check if enum already exists
enum_id = idc.GetEnum(enum_name)
enum_xrefs_ids = object_version.get_xrefed_ids()
logger.debug(
"%s:%d : Check here that enum_xrefs_ids is a set(YaToolObjectId) and correctly used"
% (__file__, inspect.currentframe().f_lineno))
if enum_id != idc.BADADDR:
# enum already exists, deleting all members
for (const_id, const_value,
bmask) in YaToolIDATools.enum_member_iterate_all(enum_id):
if bmask == idc.BADADDR:
bmask = -1
const_name = idc.GetConstName(const_id)
if (enum_name, const_name,
const_value) not in self.enum_member_ids:
idc.DelConstEx(enum_id, const_value, 0, bmask)
elif self.hash_provider.get_enum_member_id(
enum_id, enum_name, const_id, const_name,
const_value) not in enum_xrefs_ids:
logger.debug("deleting not found constant : %s/%s" %
(enum_name, const_name))
idc.DelConstEx(enum_id, const_value, 0, bmask)
"""
if the enum "bitfield" state has changed : change it!
We can't access the functions
"""
if idc.IsBitfield(enum_id) != bitfield:
idaapi.set_enum_bf(enum_id, bitfield)
else:
# create enum
# SetEnumFlag return "'module' object has no attribute 'set_enum_flag'".
enum_id = idc.AddEnum(address, enum_name, flags)
if enum_width is not None:
idc.SetEnumWidth(enum_id, enum_width)
if bitfield:
idc.SetEnumBf(enum_id, 1)
# process comment
try:
repeatable_headercomment = self.sanitize_comment_to_ascii(
object_version.get_header_comment(True))
idc.SetEnumCmt(enum_id, repeatable_headercomment, 1)
except KeyError:
pass
try:
nonrepeatable_headercomment = self.sanitize_comment_to_ascii(
object_version.get_header_comment(False))
idc.SetEnumCmt(enum_id, nonrepeatable_headercomment, 0)
except KeyError:
pass
self.enum_ids[object_id] = enum_id
self.hash_provider.put_hash_struc_or_enum(enum_id, object_id)
logger.debug("adding enum id %s : '0x%.016X'" %
(self.hash_provider.hash_to_string(object_id), enum_id))
def implement(self):
idc.AddEnum(self._id, self._name, 0)
