def _process_possible_stub(stub, make_thunk, next_stub):
"""Try to process a stub function."""
# First, make sure this is a stub format we recognize.
target = stub_target(stub)
if not target:
_log(0, 'Unrecognized stub format at {:#x}', stub)
return False
# Next, check if IDA sees this as a function chunk rather than a function, and correct it if
# reasonable.
if not idau.force_function(stub):
_log(1, 'Could not convert stub to function at {:#x}', stub)
return False
# Next, set the appropriate flags on the stub. Make the stub a thunk if that was requested.
flags = idc.GetFunctionFlags(stub)
if flags == -1:
_log(1, 'Could not get function flags for stub at {:#x}', stub)
return False
target_flags = idc.GetFunctionFlags(target)
if target_flags != -1 and target_flags & idc.FUNC_NORET:
flags |= idc.FUNC_NORET
if make_thunk:
flags |= idc.FUNC_THUNK
if idc.SetFunctionFlags(stub, flags | idc.FUNC_THUNK) == 0:
_log(1, 'Could not set function flags for stub at {:#x}', stub)
return False
# Next, ensure that IDA sees the target as a function, but continue anyway if that fails.
if not idau.force_function(target):
_log(1, 'Stub {:#x} has target {:#x} that is not a function', stub,
target)
# Finally symbolicate the stub.
if not _symbolicate_stub(stub, target, next_stub):
return False
return True
def cb_imp(self, imp, func, nid):
name = self.func_get_name("imp", imp.library_name, nid)
make_func(func, name)
idc.SetFunctionFlags(func, idc.GetFunctionFlags(func) | idaapi.FUNC_THUNK | idaapi.FUNC_LIB)
self.apply_proto(func, nid)
self.add_nid_cmt(func, "[Import LIB: 0x{:08X} ({}), NID: 0x{:08X}]".format(imp.library_nid, imp.library_name, nid))
def yatest_function_flags(self):
addrs = []
for i, k in enumerate(flag_types):
addr = yaunit.get_next_function()
flags = idc.GetFunctionFlags(addr)
self.assertNotEqual(flags, -1)
self.assertEqual(idc.SetFunctionFlags(addr, flags | k), 1)
addrs.append(addr)
yaunit.save('function_flags', addrs)
def make_function(self, object_version, address):
#
# call the architecture dependent plugin ###########
#
self.arch_plugin.make_function_prehook(object_version, address)
flags = object_version.get_object_flags()
size = object_version.get_size()
# create function if not already exist
current_flags = idc.GetFlags(address)
# if ea is func
func = idaapi.get_func(address)
if not idaapi.isFunc(current_flags) or (func is not None and
(func.startEA != address)):
logger.debug(
"MakeFunction at 0x%08X : flags=0x%08X, current_flags=0x%08X" %
(address, flags, current_flags))
if func is not None:
logger.debug(
" "
"func.startEA[0x%08X]!=address func.endEA[0x%08X]!=(address+size[0x%08X]) "
% (func.startEA, func.endEA, size))
if not idc.MakeFunction(address):
if not idc.isLoaded(address):
logger.error(
"Failed at idc.MakeFunction at 0x%08X : data not loaded"
% address)
else:
logger.error("Failed at idc.MakeFunction at 0x%08X" %
address)
self.clear_function(object_version, address)
if not idc.MakeFunction(address):
logger.error("Failed at idc.MakeFunction at 0x%08X" %
address)
# idc.MakeUnknown(address, size, DOUNK_SIMPLE)
if idc.AnalyzeArea(address, address + 1) != 1:
logger.error("[0x%08X] idc.AnalyzeArea failed" % address)
# if(idc.AnalyzeArea(address, address+size) != 1):
# logger.error("[0x%08X] idc.AnalyzeArea failed" % address)
# if(address == 0x0000000000411558):
# raise Exception()
if flags is not None:
idc.SetFunctionFlags(address, flags)
self.set_type(object_version, address)
#
# call the architecture dependent plugin ###########
#
self.arch_plugin.make_function_posthook(object_version, address)
def make_islands_xrefs_force_bl_call(ea, verbose=True):
""" makes all BL references to a branch islands as call """
segname = idc.SegName(ea)
if verbose:
print "[+] forcing bl call on: %s [0x%X]" % (segname, ea)
if "branch_islands" in segname:
idc.SetFunctionFlags(ea, idc.GetFunctionFlags(ea) & (0xffffffff - 1))
for x in idautils.XrefsTo(ea):
make_islands_xrefs_force_bl_call(x.frm)
return
idc.ArmForceBLCall(ea)
def rename(self, ea, name):
# Don't rely on the name in curfunc, as it could have already been renamed
curname = idc.Name(ea)
# Don't rename if the name is a special identifier, or if the ea has already been named
# TODO: What's a better way to check for reserved name prefixes?
if curname.startswith('sub_') and name.split('_')[0] not in set(['sub', 'loc', 'unk', 'dword', 'word', 'byte']):
# Don't rename if the name already exists in the IDB
if idc.LocByName(name) == idc.BADADDR:
if idc.MakeName(ea, name):
idc.SetFunctionFlags(ea, (idc.GetFunctionFlags(ea) | idc.FUNC_LIB))
#print "%s => %s" % (curname, name)
return 1
#else:
# print "WARNING: Attempted to rename '%s' => '%s', but '%s' already exists!" % (curname, name, name)
return 0
def cb_noret(self, _, func, nid):
if nid in NORETURN_NIDS:
make_func(func, None)
idc.SetFunctionFlags(
func,
idc.GetFunctionFlags(func) | idaapi.FUNC_NORET)
def SetFuncFlags(ea):
func_flags = idc.GetFunctionFlags(ea)
func_flags |= 0x84 # FUNC_THUNK|FUNC_LIB
idc.SetFunctionFlags(ea, func_flags)
def make_fn_non_library_fn(fn):
ea = idc.LocByName(fn)
idc.SetFunctionFlags(ea, idc.GetFunctionFlags(ea) & ~(idc.FUNC_LIB))
def setFunctionFlags(ea, flags):
return False if warnBad(ea) else idc.SetFunctionFlags(ea, flags) != 0
