def checkFunc(self, ea, **kwargs):
usage = kwargs.get('usage') or False
fn = idc.GetFunctionName(ea)
try:
func = idaapi.decompile(ea)
if not func:
return None
except Exception as e:
Logger.error("Error decompiling " + fn + ": " + str(e))
return None
vrs = []
for v in func.lvars:
t = v.type().dstr()
if self.stname in t:
vrs += [v.name + ("->" if '*' in t else '.') + self.fname]
#Logger.debug("Checking function %s %s", fn, str(vrs))
ret = []
for i, x in enumerate(str(func).split("\n")):
for y in vrs:
if y not in x:
continue
x = x.strip()
if not usage:
p = x.find(y)
if p != 0 or '=' not in x:
continue
ret += [{
'address': fn + " : " + str(i),
'code': x,
}]
return ret
def run(self, **kwargs):
obj = None
if self.what in self.REGS:
obj = [{
'name': self.what,
'res': self.what,
'val': idc.GetRegValue(self.what),
'type': kwargs.get('type')
}]
else:
if (self.what):
obj = self.findNamedVar(self.what.split('->'), **kwargs)
if not obj:
return None
obj = self.getVar(obj, **kwargs)
Logger.debug("explorering object %s", str(obj))
if obj:
self.exploreTypes(obj, **kwargs)
else:
Logger.error("Object not found")
return obj
def callback(self, event, *args):
try:
if event <= idaapi.hxe_print_func:
self.safe = False
if event == idaapi.hxe_switch_pseudocode:
self.safe = False
if event == idaapi.hxe_func_printed:
self.safe = True
if event == idaapi.hxe_text_ready:
self.safe = True
if event == idaapi.hxe_curpos:
self.lastObj = None
self.lastExpr = None
if not self.safe:
return 0
it = self.getItem(args[0])
if not it:
return 0
self.lastObj = it
self.lastExpr = self.lastObj if self.lastObj.is_expr(
) else None
except Exception as e:
Logger.error("HexraysPlugin Error: " + str(e))
return 0