def get_dangerous_functions(self):
"""
Gets a list of functions calling
dangerous ones
@returns: a *set* of func_addr's
"""
# TODO: use a centralized list for the dangerous functions?
# TODO: this whole process must be O(mfg).
bad_funcs = set([])
dangerous_funcs = ["wcsncpy", "strcpy", "_strcpy", "_strcpy_0",
"strncpy", "_strncpy", "_strncpy_0",
"memmove", "memcpy", "_memcpy", "_memcpy_0"]
# Loop from start to end within the current segment
for func_name in dangerous_funcs:
func_addr = LocByName(func_name)
if func_addr == BADADDR:
continue
# find all code references to the function
for ref in CodeRefsTo(func_addr, True):
func_addr = misc.function_boundaries(ref)[0]
bad_funcs.add(func_addr)
return bad_funcs
def _showAllFunctions(self):
"""
Populates the functions list.
From this it is possible to select endpoints to
create a ConnectGraph for example
"""
self._console_output("Displaying all known functions...")
current_ea, _ = misc.function_boundaries()
func_list = self.ba.get_all_functions()
if not func_list:
return
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "Name"))
self.table_label.setText("Functions in current binary")
self.table.clearContents()
self.table.setRowCount(0)
# Current table index
c_idx = 0
for idx, (f_ea, f_name) in enumerate(func_list):
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % f_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
name_item = QTableWidgetItem("%s" % f_name)
if f_ea == current_ea:
current_ea_item = addr_item
c_idx = idx
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, name_item)
# Conveniently scroll to the current EA
self.table.scrollToItem(
#current_ea_item,
self.table.item(c_idx, 0),
QtGui.QAbstractItemView.PositionAtTop
)
def _showAllFunctions(self):
"""
Populates the functions list.
From this it is possible to select endpoints to
create a ConnectGraph for example
"""
self._console_output("Displaying all known functions...")
current_ea, _ = misc.function_boundaries()
func_list = self.ba.get_all_functions()
if not func_list:
return
self.table.setColumnCount(2)
self.table.setHorizontalHeaderLabels(("Address", "Name"))
self.table_label.setText("Functions in current binary")
self.table.clearContents()
self.table.setRowCount(0)
# Current table index
c_idx = 0
for idx, (f_ea, f_name) in enumerate(func_list):
self.table.insertRow(idx)
addr_item = QTableWidgetItem("%08x" % f_ea)
addr_item.setFlags(addr_item.flags() ^ QtCore.Qt.ItemIsEditable)
name_item = QTableWidgetItem("%s" % f_name)
if f_ea == current_ea:
# current_ea_item = addr_item
c_idx = idx
self.table.setItem(idx, 0, addr_item)
self.table.setItem(idx, 1, name_item)
# Conveniently scroll to the current EA
self.table.scrollToItem(
# current_ea_item,
self.table.item(c_idx, 0),
QtGui.QAbstractItemView.PositionAtTop
)
def export_current_function(self):
"""
Exports the current function code, ascii hex encoded
This is useful to import into tools like miasm and alike
"""
# TODO: Reading one byte at a time must be EXTREMELY INEFFICIENT!!! o.O
begin, end = misc.function_boundaries()
try:
filename = AskFile(1, "function_bytes.txt", "File to save the code?")
code_s = ''.join(["%02x" % get_byte(x) for x in xrange(begin, end)])
with open(filename, 'w') as f:
f.write(code_s)
return True
except:
return False
def export_current_function(self):
"""
Exports the current function code, ascii hex encoded
This is useful to import into tools like miasm and alike
"""
# TODO: Reading one byte at a time must be EXTREMELY INEFFICIENT!!! o.O
begin, end = misc.function_boundaries()
try:
filename = AskFile(1, "function_bytes.txt",
"File to save the code?")
code_s = ''.join(
["%02x" % get_byte(x) for x in xrange(begin, end)])
with open(filename, 'w') as f:
f.write(code_s)
return True
except:
return False
def input_to_function(self, ea = None):
"""
Gets all functions calling IO (net & file) whose downgraph
is connected to the specified function
If none is specified, then use current function
@returns: a list of f_ea's (io callers)
"""
connected_input_list = []
if not ea:
# Called without arguments
# Use current function
ea = misc.function_boundaries()[0]
io_list = self.locate_file_io().keys() + self.locate_net_io().keys()
for caller_ea in io_list:
cg = self.get_connect_graph(caller_ea, ea)
if cg:
connected_input_list.append(caller_ea)
return connected_input_list
